Entra Enterprise Applications Users and Groups - adding roles
When adding a role to a user or group in the Enterprise Application the role is not saved, the user or group is saved but clicking edit assignment for the user or group shows "none selected" under roles. Selecting a role and then saving…
How to remove an unknown tenant?
My Azure account and applications are not affiliated with a company, just my own. I somehow managed to get an active directory attached to my login that shows up in the "switch directory" option (and also "Manage tenants") that's from…
Can we authenticate Translator service with Microsoft Entra ID
Hi Team, Currently we are using translator text endpoint and key for accessing the azure translator service. We wanted to change this method to RBAC to increase the security. We have referred the below document and in the steps it has mentioned…
Why doesn't app registration federated credentials support wildcards for branch entity type?
According to this, Azure doesn't support pattern matching for the branch entity type when adding a federated credential to an app registration. Why is this the case and will this be supported in the future. As mentioned by this, I could just use an…
This domainhas been previously configured on xxx using
Trying to add my domain name to Microsoft Entra and getting this message So I guess at some time in the past someone at least started setting up but never actually used it or at least not that anyone will admit to. So how do I gain control of the name…
Can i change the company branding based on the domain?
Hello On Our Microsoft 365 tenant we have changed the login page to match our main company brand. This is visible if i go for example to login.microsoftonlie.com/?whr=main-company.domain We have some Brand called diffrendly, with individual…
When trying to use BeginAttachDetachDataDisks(Using GO SDK), I'm getting the following error: The subscription is not enabled for using the attach detach data disks API. I have the attachDisk & detachDisk permission added for the subscription.
When trying to use BeginAttachDetachDataDisks, I'm getting the following error: "The subscription is not enabled for using the attach detach data disks API". I have the attachDisk & detachDisk permission added for the subscription. I'm able…
SAML-based SSO for a Ruby application.
Hi there, First of all, let me point out I'm totally new to the things below so, please, forgive me if it may feel silly. I'm trying to develop a SAML-based SSO for a Ruby application. In my Azure Active Directory admin center, I have…
Adding Entra ID authentication to a web app that utilizes Web PubSub in Azure
I'm trying to simply add Microsoft Entra ID for authentication to an Azure web app. I have a javascript chat-app using Web PubSub that worked perfectly using this…
Changing Entra Domain Services SKU from Standard to Enterprise
I am attempting to upgrade the SKU for my Entra Domain Service from standard to enterprise. The documentation says that this change should take only a few minutes. After several hours (13) it is still stuck on saving SKU. Does anyone have any suggestions…
Correct way to convert 365 tenant from AAD Connect Sync to cloud-only
Hi, about a year ago, one of my customers has enabled AAD Connect Sync to synchronize all users, security groups from their existing on-premise Active Directory to a freshly setup Microsoft 365 tenant. This past year all applications and services have…
ASP.NET Core web app with Microsoft SSO via Azure Microsoft Entra ID and not manage secrets - is it possible?
In the Azure Portal, I create a resource Microsoft Entra ID and then add an app registration. In the app registration I can specify redirect URIs for Microsoft logins (SSO) via "Authentication" for my .NET web app: Authentication button on side…
Using Cloud sync with and Exchange Hybrid environment, changes after writeback are not visible.
According to the article about Exchange Writeback using cloud sync: "This scenario is now supported in cloud sync. Cloud sync detects the Exchange on-premises schema attributes and then "writes back" the exchange on-line attributes to…
How do we find the orphaned managed identities which are not assigned to any azure service
From a list of managed identities present in azure subscription for my account, how can I identify the managed identities which are created but does not have any roles or resources attached to it. I want to find the list of all the managed identities…
Authenticator App Being Forced
Last week I was made aware of this message some accounts were receiving upon login. We have MFA enabled for majority of accounts, but there are some that are not enrolled for various reasons. Now, even though MFA is disabled for the account, this message…
Adb2c password reset custom policy -Reset password using username
Hi, I am working on Adb2c custom policies and am stuck in the password reset policy where I need to reset the password using a username instead of the email address. The below screenshot is for User flows where it is provided that we can create a reset…
Azure users signing in non-interactive to BING app from CH
Hi. Azure signing logs show that we have a user signing in non-interactive from a Chinese IP address that belongs to a middle School in China. In a region the user had visited 4 weeks before. I see a lot of these sign-ins for various users in other…
How can we perform azure devops migration from one tenant to another ( not using third party tool , using Microsoft tool ) .
Our organization is trying to move from one tenant to another and for that we are trying to adopt the best practice. ( in Azure devops known as ADO ) Have googled few of the tools which were third party , but going to stay with the Microsoft tool , if…
Powershell Script to temporarily activate PIM with MFA?
Hello Everyone I am trying to write a script that temporarily activated a PIM Role to my account...the issue is, that my account is secured with MFA, so this does not work: $roleDisplayName = "License Administrator" $roleDefinitionID =…
i can't enable device from azure portal
I was disabled all my device in device section because i wanna kick some one away my account. But my device was disconnected too and i try to enable with admin account but enable button is hide. So what can i do now?