Windows Hello for Business Entra ID Sync Issue
Hi all, Interesting issue we're running into while trying to deploy Windows Hello for Business. I've noticed in our Azure AD Synchronization Service Manager, during export from Entra to on-prem DC, the msDS-KeyCredentialLink attribute is not being…
windows logon with CBA
Hello, As we know, we can do windows device logon with "Certificate based authentication" Microsoft Entra users can authenticate using X.509 certificates on their smart cards directly against Microsoft Entra ID at Windows sign-in. To be…
Microsoft Container App Authentication
Hi, I am trying to setup authentication for an Azure Container App. I followed the documentation and have done the same for many other container apps and functions. It is setup with Microsoft for the provider and only for my tenant and I created a new…
App Proxy Across Servers
I'm using Azure/Entra ID Application Proxy with an on-prem Windows Server running IIS. It successfully routes traffic to our homepage (web01.local/home/), but I'm facing issues with navigation links to resources on different servers. For instance,…
Issue with Syncing the new "onmicrosoft.com" Fallback Domain as Alias in Azure AD Connect
Hello Team, I am experiencing an issue with Azure AD Connect in my hybrid environment. I have recently added a new onmicrosoft.com domain to my Microsoft 365 tenant and made Fallback domain. I want to add this domain as an email alias for my…
Error enabling SSO for Zendesk
Has anyone else been able to get SSO working with Zendesk and Entra/Azure? I've followed the instructions several times, but keep getting: Request Id: 2a544d1b-70be-4981-be0c-9a30d2886f00 Correlation Id: 7495218c-b173-4a11-a6a9-1ba4699e4e89 Timestamp:…
Why when using redirect_uri as schema://app, my application does not show MFA but bypasses login successfully by default?
Why when using redirect_uri as schema://app, my application does not show MFA but bypasses login successfully by default? …
OpenID Azure B2c The scope organisationid provided in the request is not supported
Getting error for receiving custom claim The scope organisationid provided in the request is not supported. added scope for organisationid in api permission, added it as custom claim, modified the manifest,
Your subscription offer, Access to Azure Active Directory, will be disabled on May 16, 2024
Hello! what does it mean? We currently have: Enter ID Free (Business Basic and Business STD) and Entra ID Plan 1 (Business Premium) We do not know what the following email message that we received refers to. **"**Access to Azure Active Directory…
Unable to Authenticate Azure file share with on-premises active directory users.
I have enabled ADDS authentication for my storage account. I did this by setting up an on-premise Active Directory on one of my Azure VMs and providing Storage File Data SMB Share Elevated Contributor access to the file share. Now, I am able to mount the…
Azure AD/Entra ID Access Package The model is invalid error
I get this error when creating an access package in Azure AD. I've created many access packages before with the same settings as the one I'm creating now but this one fails. Could this be a new bug?
Is a P1/P2 Entra ID license per user or per tenant?
I am reading various articles about Microsoft cloud security features. Many of them list having a Entra ID P1 / P2 license as a prerequisite. But I am unclear on exactly what that means. On the Azure portal, the "All Services > Licenses"…
Local Admin account forced to change password, after joined to Azure AD
After joining a device to Azure AD for the first time through a work or school account. Ive noticed that the local user account (who is an admin) is forced to restart their password at next sign in. I cant find anywhere in azure or intune that would be…
block Azure AD Registered in Azure AD
Hi, Is there a way to block personal devices for any corporate user try to register in Azure AD Only. We are not talking about Intune enrollment here, only way to block Azure AD Registered thanks SM
JDBC connection from on-prem App to Azure SQL DB using ActiveDirectoryIntegrated Auth not working
I am trying to connect an on-prem application (SonarQube) with an Azure managed SQL DB. The connection uses JDBC, and I am using JDBC v12.2.0. This works using a SQL User and password, but does not work with Authentication=ActiveDirectoryIntegrated. The…
AZUREADSSOACC Key Rollover no longer works using Hybrid Identity Administrator creds
Hi I use a PowerShell script in an Azure Hybrid Worker Runbook to automate the rollover of the Kerberos decryption key for the AZUREADSSOACC computer account. It uses a service account in Entra ID which is assigned the Hybrid Identity Administrator…
Azure App registration Client secret expiration
I'm using Azure AD B2C to handle the authentication in some Azure Functions. I've been using the client secret approach (as explain in the documentation) to configure the Azure App. However the client secret has a expiration date (maximum of 2 years,…
Mg Graph Sign-In logs showing data more than 30 days older
Hi folks, Hope you are doing well! I'm using a PowerShell script based on MG Graph module to get the last sign-in date of all users. PS script: Now as specified here Azure AD only stores Sign-ins data until 30 days in P2 license, but in the result of…
Authorization Issue with Azure App Configuration API
I'm encountering an authorization problem while attempting to perform actions on the Azure App Configuration API. The error message I'm receiving is: The client '5301c929-b34c-4022-a5a2-c3b5e4a29bdc' with object id '5301c929-b34c-4022-a5a2-c3b5e4a29bdc'…
Why does Cloud Sync Review and enable show Scoping filters set to All users?
I'm setting up Cloud Sync and set my Scoping filters to "Selected organizational units". The Distinguished name of my test organizational unit has been saved in the configuration, but when I go to Review and enable cloud sync it shows Object…