On Prem AD to Azure AD Sync
Hi guys, i have recovered an On-Prem DC from backup that had AAD sync, however users who were created in the last 6 month are missing, but they do appear on the Azure AD. I have re-created the last 6 months users on the On-Prem AD, now i want to sync…
Hi, I need to migrate/move my Entra Domain Services to new Subscriptions.
Hello, I need to migrate/move my Entra Domain Services to new subscriptions. What could be the possible steps and also any documentations would be greatly appreciated. Thank you! Kind Regards, Majid.
Entra ID as SP for SAML SSO
Hello I am trying to set up Entra ID SSO using SAML. All the i can find is how to set it up as a Idp but i am using Entra ID as SP using SAML. Has anyone used EntraID as SP using SAML? Can you please help
Creating a naming convention for local user profile name when singing in with a M365 user
Hello, as far as I'm aware, the name used for the local user profile when logging in to an Entra ID joined device for the first time is the first 20 letters of the M365 display name with special characters and spaces removed. We would like to keep the…
Azure Data Studio: adding Entra ID user account fails with "Error: read ECONNRESET"
Hello, we are facing the situation in our organization that some users (on specific laptops) have problems to add their personal Entra ID user accounts (formally Azure Active Directory) in Azure Data Studio. We tried Code Grant authentication as well…
Can we add an On-premise AD Group as Owner of an Azure AD Group?
Can we add an On-premise AD Group as Owner of an Azure AD Group?
AD B2C Microsoft Graph to send verification code to email
Hi, I would like to know if there is possibility to send verification code to email using Microsoft graph. Basically, I want to do everything in MS Graph ie. signing up, signing in, send verification code, SMS, MFA and social media sign up and sign in.
ASP.NET Core web app with Microsoft SSO via Azure Microsoft Entra ID and not manage secrets - is it possible?
In the Azure Portal, I create a resource Microsoft Entra ID and then add an app registration. In the app registration I can specify redirect URIs for Microsoft logins (SSO) via "Authentication" for my .NET web app: Authentication button on side…
How to redirect external user sign in attempt to initial sign in page instead of error page?
Sign in with Microsoft added to our app through our Entra ID. It works only for our tenant users, which is okay. But when external accounts outside our tenant attempt to sign in, a Microsoft error page shows up with sensitive info of our tenant…
The client 'abc' with object id 'XXXXXXXXXXXXXXXXXX' does not have authorization to perform action 'Microsoft.Resources/subscriptions/resourceGroups/read' over scope '/subscriptions/'XXXXXXXXXXXXXXXXXX'/resourceGroups/XXXX-014-aks-rg' or the scope is in
I got into a situation where I need to access AKS cluster ,so I have added below required permission by adding myself to the group and given necessary permission but getting below error ERROR :The client 'abc' with object id 'XXXXXXXXXXXXXXXXXX' does not…
Changing Entra Domain Services SKU from Standard to Enterprise
I am attempting to upgrade the SKU for my Entra Domain Service from standard to enterprise. The documentation says that this change should take only a few minutes. After several hours (13) it is still stuck on saving SKU. Does anyone have any suggestions…
Received error while deploying Bicep. Error: "The role assignment request schedule is invalid. (InvalidRoleAssignmentRequestSchedule)"
Hi Team, I'm currently utilizing Bicep to enable Azure AD Privileged Identity Management (PIM) with a custom role. I've created an AD Group and assigned a Custom Role to it, which includes the following actions: "Microsoft.Authorization//read",…
How to access subscription after deleting all owner permissions
Hi, I accidentially deleted all Owner permissions for my MDN test subscription. Now I can no longer: Assign or list permissions in IAM Manage any resources Create a support ticket or buy paid support How can I get access to my subscription back?
How to diagnose "'AADB2C90289: We encountered an 'invalid_client' error connecting to the identity provider."
We have a Blazor application hosted in Azure which uses Microsoft Identity to authenticate the user. This has worked without incident for several years. As of last Friday night, any user trying to log into the system receives the following error after…
How do I send email from Linux machines to Microsoft 365 accounts with oauth2
I have been using app passwords successfully to authenticate users in Linux web applications and to send emails to users. A few days ago, this stopped working. SMTP Auth methods no longer work. My account settings show that Authenticated SMTP can access…
Azure B2C Session timeout is not working as expected on password reset page
I applied below session settings in password reset journey as well as default user journey. But the session is not getting expired if browser is let idle for more then 15 min (Even tried after 2 hours). Session is only getting timeout after refreshing…
Effects of turning off Security Defaults
We turned on Azure AD Security Defaults about a week ago but now need to turn it off and configure conditional access policies for MFA. About half of our accounts have registered for MFA authentication. Will our already registered accounts need to…
How to connect to Azure Storage account via OAuth2.0 from Azure APIM?
Step1: Created an application in Microsoft Entra ID under "App registrations". Step2: Recorded the following details: Client ID Client secret Access token URL Step3: For the Storage Account, added a role assignment and grant access to the…
UPN changing when adding external user to BI workspace
Hi all - I am company admin. I have an external user added with a guest account in our azure tenant. What is happening is when I search for the user in power BI workspace - to give them access - they appear with the correct syncronised UPN for example:…