register FIDO2 security key as sign in method without the need to install Microsoft Authenticator app
Hello, Here's briefly about policies across the tenant: Enabled FIDO2 security key as sign - in method for the user under. FIDO2 is the only enabled sign-in method for this user. Disabled Windows Hello for Business using Intune configuration…
AAD Custom Policies - Password change confirmation email
Context We have configured a journey where the user would be able to change his password if he wishes to do so. We use Sendgrid to have a custom email verification according to the documentation provided here :…
Azure B2C Custom Policy donot honor login prompt
I have B2C Custom Policy and it works great except only one issue. If I pass login prompt then it doesnot work and shows select account but If same code is used against standard userflow then it works without any issue
Necessary permissions to query /users/{user}/manager?
Hi there! I've got an Entra ID app with permissions on User.Read and User.Read.All, and want to fetch the supervisor (/users/{user}/manager) of a given user on command. I've got the OAuth2.0 workflow running and am receiving a valid tokens for the Entra…
Microsoft graph api to list custom role
Hi Team, Is there any API available to get the custom Azure active directory Role using Microsoft Graph API. ?
Improper permissions for Azure ad connect sync?
So we have our azure ad synced with our on prem. We have an issue where our sync agent service stops. We have had this multiple times. I noticed that the "Log On As" is listed as "ourdomain\adconnectuser" instead of NT Service\System …
Intune Devices showing as 'not active' in compliance settings regardless of clicking 'sync'
We have a hybrid set up, with Intune MDM. I just pulled a report for all non-compliant devices and wanted to make sure that they were set to compliant. We have a user with a non-hybrid device, but intune enrolled. Intune is saying it is 'inactive' even…
How to delete tenant "Default Directory"
I am trying to delete (or exit) my only Organization. after pressing "Delete": The problem is, I don't have any Licenses or Subscriptions. Also, I am the only one in the Organization. What do I do? Help
I changed my account to an internal account by accident on Azure
I was playing around with permission in Azure and ended up changing the main account to internal instead of external. I cannot access my account any more, and can't even create a request and a phone call to my regional office just told me me to create…
Integrating proprietary directory users with Microsoft Entra ID
Hi, our company has an Entra directory of users and a proprietary directory of 3rd party customers. In the case of the 3rd parties, we want to take advantage of Entra's capabilities. However, we've hit a roadblock as they have emails in multiple domains…
KeyChain Failed Mac for AzureVPN Client
Hi, I've been trying to set up the Azure VPN client for a customer but I'm being met with the following Error getKeyChainSecret: Failed to retrieve KeyChain secret. Status code -25300 16/04/2024 09:58:35 Warning removeClientAuthLoginCredentials: Failed…
Your organisation has deleted this device
Hi, one of our admins has deleted 200 AAD registered devices, that were registered on user initiative (add work or schoolaccount). As a result, these users can no longer access office.com. Error: Something went wrong Your organisation has…
How to give access to user-assigned managed identity on registered app on Azure?
I am trying to give access to a user-assigned managed identity to be able to create or delete secrets on a registered app on Azure. So far I have not been able to find a way to do so as registered application does not have any resource group.
I get the error: your account has been locked, when I try to access a file shared by Microsoft employe only.
Hello, I am a partner and suddenly I started to face this problem: I get a message saying "your account has been locked" every time I try to access a shared file or recorded meeting shared by any Microsoft employee. My account is not locked,…
Clarification on Azure Active Directory login event from Office 365
Hi, Following is one of the audit events pertaining to 'logon successful' in Office 365 environment which is authenticated by Azure AD. Just trying to understand what does "Login:reprocess" in the RequestType mean here ? What kind of login…
Microsoft Dynamic Membership Groups Bug with Re-enabling Users
Hello, We've encountered an issue with re-enabling users in Microsoft 365 (Entra ID). Our setup relies on Microsoft 365 Dynamic Membership groups for granting access to Teams and SharePoint. However, upon re-enabling a user, it incorrectly indicated that…
Release date for Microsoft Entra custom claims provider
Hi, Was just wondering when custom claims provider, which is currently in preview, was intended to be released? https://learn.microsoft.com/en-us/entra/identity-platform/custom-claims-provider-overview Thanks, Tim
How do I get My authentication Accounts
I got a new phone I signed into my Microsoft authentication account It brung up everything except for my authentications account I have all my passwords And I don't know how to get them What do I do
Do Bootstrap Services such as OCaaS Question
I understand that bootstrap services bypass conditional access policies to run uninterrupted. However, I am wondering when this service should be seen in the logs with a successful login. For example, if someone attempts to log in to Outlook mobile but…
In AzureB2C, Is it posible to apply conditional access policy in custom flow (IEF)
I have created a conditional access policy named "BlockAllNonSalesUser" using Azure B2C Portal. I can apply this policy on default user flow, the option is given in default user flow property. But we need this in custom flow (IEF) . Is it…