How to exclude Microsoft Office 365 Portal from the microsoft admin portals - conditional access
Hi all, I have a conditional access policy to block Microsoft admin portals to all users except specific users (it team) however users who want to download office apps to their devices are unable to as Microsoft Office 365 Portal is included is the…
Duplicate workflows and User in MS Entra ID governance
Hello everyone, i started working with Microsoft Entra ID and i did some workflows for the IT department, but i need to do some more workflows for other departments. Is there a way i can duplicate the workflows i created? And is there also a way to…
Derivation of AuthnInstant attribute value
I am using Microsoft Entra ID as IDP for my web app for SAML SSO. When I navigate to my application in Chrome the AuthnInstant is from 2 days ago, however for the same URL in Chrome incognito mode it AuthnInstant is current date-time and for Firefox it…
Locked out of directory I am an Owner of
Hello, A friend invited me to their Azure Entra ID as a guest user, and set me as a member of the admin group that has owner privileges. I was able to log in for 10 days, created resources (including an Azure Databricks cluster that no one can access…
Everyone locked out of tenant due to a faulty Conditional Access Policy
We have been locked out of our tenant for almost 2 weeks now due to a faulty Conditional Access policy. During this week, there have been several conversations with a number of Microsoft support technicians, none of which seemed to have an understanding…
I changed my account to an internal account by accident on Azure
I was playing around with permission in Azure and ended up changing the main account to internal instead of external. I cannot access my account any more, and can't even create a request and a phone call to my regional office just told me me to create…
I try to login by approving sign in request on the authenticatir app but no code is sent to it
I try to log into my work account, but the only way in is by verifying a code thats sent to my authenticator app. When I open the app there is no code that has been sent, so I cannot get onto my work email
Sync Entra with Google Admin
Hello, I am now doing some configuration with sync from Entra to Google Admin, just facing with some issues that for ex. i have some custom attributes on Google side how i can add the same custom attributes to Entra user and also to include this in…
Why is EAC and On-Prem AD showing different information?
Hi All, We have an issue whereby a users contact information, specifically their mobile number and job title isn't syncing properly between On-Prem AD as well as Exchange Admin Centre. We have removed the users personal mobile number from AD and…
Azure Provisioning Log: Understanding "TargetObjectActionDisabled"
Hi there, I'm trying to find out what following SkipReason means. TargetObjectActionDisabled The log entry is as follows: Result: Skipped Description: User 'xxx' will be skipped. Skip Reason: The Add operation was not performed because the Add…
What happens if you only have 10 users out of 50 who need to have their accounts protected by conditional access but you want all staff protected by MFA?
I have a client who has 10 Business Premium accounts and the rest of E1. They would like to have a Geofence set up using Conditional Access for just those 10 users but have MFA enabled for everyone. To use conditional access we need to disable…
Migration from pure Entra Cloud environment to hybrid on-prem AD x Entra environment
Hello Community, I have the problem that we want to switch from a pure Entra environment (with users, groups, etc.) to a hybrid model, in order to be able to use the advantages of on-prem AD - especially x802.1/user authentication in WiFi via…
How to connect to Azure Storage account via OAuth2.0 from Azure APIM?
Step1: Created an application in Microsoft Entra ID under "App registrations". Step2: Recorded the following details: Client ID Client secret Access token URL Step3: For the Storage Account, added a role assignment and grant access to the…
Edge SSO not working any more
Strangest thing is happening. We assign Edge (Stabile version) to our dedicated android devices with Azure AD. Yesterday version 124.0.2478.50 (247805005) of Edge AI Browser was starting to install on our devices and we ran in to a problem instantly. The…
Is it possible in Intune or Entra to audit if aovpn users successfully received a certifiate from Entra CA certificate authority.
We have set up a Always On VPN user tunnel policy in Intune. The users device goes to the Entra Conditional Access function and if it passes, they get a 1 hour certifiate from the MS VPN root CA, put into their User Cert folder. Is there a way to…
Elevated Access for Azure AD Users
Hey guys, I'm managing 100 Azure AD users who utilize corporate-owned laptops for signing in and performing tasks. All these users are configured as standard users. Therefore, when the IT team runs an application with elevated access or doing…
How to add users to power platform environment that have been already been added to a group in Azure AD?
Hi, I want to automate a process where the users that are added to a group in the Azure portal are automatically added to an environment in Power platform as well. Thanks in advance
How can I solve the issue and continue learning the Azure services?
The sandbox for this module is currently unavailable. We're working to resolve this as quickly as possible. In the meantime, you may be able to complete this module's exercises using your personal subscription, but charges may apply and you may have to…
Cannot enable Staged Rollout from Federation to PTA
We are currently federated to Entra ID with ADFS on premises. We are attempting to run the staged rollout feature with PTA and seamless sign on. Following this article: …
Will Azure Virtual Desktop use Microsoft Entra External ID for external-facing apps?
According to the AVD documentation, in order to offer apps or desktops running on AVD to external users or customers (cloud-only deployment), identities must be created and managed manually, and then the credentials are provided to the users. Since AVD…