Custom roles are not returned when i query a users memberof endpoint in graph api
Hi, I have used graph api users memberOf endpoint to get the roles assigned for a user . The response from the endpoint returns all the groups and roles that is assigned for that user , but the custom defined role is not returned . Is there any other way…
windows defender logs using logrthym
What is the best approach for our endpoint windows defender logs using SIEM logrthym? We also only want certain endpoints not the entire tenant.
How to delete a azure registered app?
I cannot delete my app registration: https://ms.portal.azure.com/#view/Microsoft_AAD_RegisteredApps/ApplicationMenuBlade/~/Overview/appId/21251890-0076-4133-8837-6dc2ce197a3e/isMSAApp~/false I tried click the delete button and an error popped up: Could…
Can't Entra ID Join Devices: "Something went wrong."
So we have Entra ID and Intune. I have a provisioning profile that works and successfully joins devices. However, when we try to join devices using the OOBE or Settings>Accounts >Access Work or School, we just get the message "Something went…
Adding Entra ID authentication to a web app that utilizes Web PubSub in Azure
I'm trying to simply add Microsoft Entra ID for authentication to an Azure web app. I have a javascript chat-app using Web PubSub that worked perfectly using this…
Microsoft Intune SSO function
I do not see any manual regarding enabling SSO (Single Sign On) for Microsoft Intune (Azure AD). I just could find for Apple Devices (MacOS, iOS, iPadOS). Could you send me a link or guide me so that I can enable SSO function for Intune for our Entra
Creating a user in a Microsoft Entra ID B2C tenant results in the user getting a 'Password Expired" on first login attempt
Hi, After the Microsoft Azure AD B2C service got upgraded to become Microsoft Entra ID, we cannot create new users successfully anymore. When creating a user in the 'Users' -> 'Create new external user' -> Filling in user configurations: 'Sign-in…
When and how is a refresh token extended?
Microsoft document says "Anytime the SSO session token is used within its validity period, the validity period is extended another 24 hours or 90…
Exchange hybrid with working cloud services
Hello, We consider to move from Exchange on premise to hybrid deployment. We also using Teams and soon we plan use Dynamic 365 so we have some AzureAD (EntraID) accounts. Many accounts from our local AD are "duplicated" (the same email, first,…
How to bypass the approval requirement and integrate with Microsoft365
I am trying to link my service with a Microsoft365 user. The client environment leaves user consent to the administrator. The administrator's consent has been given, but when a general user tries to link with Microsoft365 again, he has to request…
Authenticating Azure AD Function fails with "Could not load file or assembly 'System.IdentityModel.Tokens.Jwt, Version=6.29.0.0, The system cannot find the file specified."
History: I'm trying to write a compiled C# azure function that authenticates (and eventually authorizes) with Azure AD B2C This azure function will be protected by an Azure API Mgt. After a lot of fussing and cursing, I have a C# script azure function…
Windows 11 Enterprise computer is bricked after running Windows Configuration Designer provisioning package
Hi all, I am completely new to IT and system administration. I was experimenting with the configuration of a Windows computer that I upgraded to the Windows 11 Enterprise operating system. I attempted to use the Windows Configuration Designer to create a…
Azure AD B2C Signin Only that users who has gmail.com account or Any Specific Company domain and Only verified by organization (me)
we need to allow only signin from specific gmail user, and also we need to sign in from any company email id and password , we don't want to create any user account and allowed only some specific number of user can signin with gmail.com account…
Sign-in Frequency evaluation
Hello, With respect to Sign-in Frequency evaluation, is this flow-chart still valid after the advent of AUTHENTICATION-STRENGTH ??
Graph API - Filter Users on forceChangePasswordNextSignIn
I want to list users who have forceChangePasswordNextSignIn turned on. https://learn.microsoft.com/en-us/graph/aad-advanced-queries states that passwordProfile/forceChangePasswordNextSignIn is filterable, but if I run …
Azure Data Studio: adding Entra ID user account fails with "Error: read ECONNRESET"
Hello, we are facing the situation in our organization that some users (on specific laptops) have problems to add their personal Entra ID user accounts (formally Azure Active Directory) in Azure Data Studio. We tried Code Grant authentication as well…
Users with MFA: Enabled, Disabled, Enforced
I manage a Azure AD Does anyone have a PowerShell script that can help me get all users from Azure Active directory with MFA: Enabled, Disabled, Enforced Thanks for the help.
Where to find user's authentication type and registered MFA method in Office 365 logs
Hi there, We are sending all Office 365/Azure logs to our SIEM platform, and we would like to visualise the authentication type (single factor/multifactor) and registered MFA method (phone, email, authenticator app, etc) for each user. I am aware that…
NPS MFA issue, users not advancing to OTP screen after entering the credentials
Hello Guys, Would appreciate your help in resolving this issue, Thanks in advance. After entering user credentials at IdP, it is not moving to OTP step. Azure MFA with NPS configured. Verified, NPS service is running and certificate not expired. Getting…
I can't activate the trial of Microsoft Entra ID P2
I am studying the certification AZ-104, and I have created a free 30 days Azure account. I am trying to activate the Entra ID P2 free trial using the same email/ Microsoft account I got the free azure account and I'm getting the following errors.