Document Intelligence Studio Label Data Key based authentication error
Hi, i have set up a storage account with a container. i have disabled key access and added my Entra id to the roles with storage data contributor and added the system assigned identity of document intelligence identity with storage reader role to storage…
How do I send email from Linux machines to Microsoft 365 accounts with oauth2
I have been using app passwords successfully to authenticate users in Linux web applications and to send emails to users. A few days ago, this stopped working. SMTP Auth methods no longer work. My account settings show that Authenticated SMTP can access…
AuthorizationPermissionMismatch error when accessing blob file with indirect permission in RBAC
Hi, I'm using BlobContainerClient for accessing blobs from code (C#) private async Task<BlobClient> GetBlobClientAsync(string blobName, string container, CancellationToken cancellationToken) { var containerClient = await…
Add eligible assignment for Azure resources in PIM
We have implemented PIM to assign Microsoft Entra roles and PIM is working normally. To extend PIM for Azure resources, I'm trying to add eligible assignment for Azure resources (Owner of a subscription) in PIM but hit an error message: Role assignment…
Rotating Kerberos key for Seamless SSO in multi-domain forest with Azure AD Connect
What is the correct procedure for rotating the Kerberos key used in Seamless SSO when configured in a forest with multiple domains and synced with multiple tenants through Azure AD Connect? The documentation recommends running the Update-AzureADSSOForest…
Is there a way to create an Azure alert on a security group?
Hi, Does anyone know if it is possible to create an Azure alert on security groups?
Moving hosted O365 email from GoDaddy to Microsoft with a standalone Azure tenant
Good afternoon! I am working with my customer to migrate their Office 365 Mailboxes, OneDrive, SharePoint, and Teams from GoDaddy directly to Microsoft. GoDaddy automates much of this with a high level migration overview of: Approval Creation of a new…
How to Authenticate Scan to email mailbox
Our organization is trying to have all mailboxes set up with MFA so we can turn of legacy. The issue is that we have scan-to-email function set up through a UserMailbox, so if we convert this to a SharedMailbox, users will no longer be able to use it for…
Sending Azure AAD provisioning logs to Splunk
How can we send user provisioning logs from azure Aad to Splunk for monitor.
User logout from all devices after change/forgot password is not working.
Hi, we are trying to logout user from all the devices after change/forgot password. We are using custom policy for it. We started with this documentation: https://github.com/azure-ad-b2c/samples/tree/master/policies/revoke-sso-sessions And using…
How to fix error "Account already exists" when signing in google users on a customer entra tenant?
Dear Microsoft support team, My name is Javier Ortega, and I am writing to seek assistance with: Authentication from .Net application to Entra tenant, with google users. Currently we have a group of users migrated to a customer (external) entra tenant.…
Azure Provisioning Log: Understanding "TargetObjectActionDisabled"
Hi there, I'm trying to find out what following SkipReason means. TargetObjectActionDisabled The log entry is as follows: Result: Skipped Description: User 'xxx' will be skipped. Skip Reason: The Add operation was not performed because the Add…
What are the benefits of the existing single forest AD Domain to convert or upgrade the AD Domain Controllers from FRS to DFSR?
What are the benefits of the existing single forest AD Domain to convert or upgrade the AD Domain Controllers from FRS to DFSR? https://learn.microsoft.com/en-us/windows-server/storage/dfs-replication/migrate-sysvol-to-dfsr FFL & DFL: Windows Server…
SecureMFA QR code is not working to register users
When our users access applications those requests are redirected to our ADFS server . Post Authentication as we have enabled MFA, our request is redirected to https://chart.googleapis.com to generate the QR code and with that users registered in their…
Fetching Azure AD details of Members when signing using Clerk
Hi, I am building an app using NextJS, Clerk for authentication, Prisma as ORM, postgres as DB. I want to sign in using Azure/Entra AD as I'm building an app for my company and I want to fetch the details of users when they sign in using clerk and how do…
After Security Defaults are enabled after 14 days, how long until users are prompted for MFA
Hi, We are were prompted during Microsoft SSO that the Security Defaults for our tenant will be enabled. As we are still prepping to roll out MFA for users, I am curious on how quickly the users will be prompted to register for MFA? Ideally, we…
How to fix a users identity from "mail" to "ExternalAzureAD"?
I invited 3 users to our tenant, 2 of the users have been assigned "ExternalAzureAD" while the other is showing "mail". This is causing blocks as that user also needs to have the identity of "ExternalAzureAD".
sign out and sign in to another Azure directory
Hi, I was a freelancer for a client and needed to create an additional directory (with the same email address as my original one). Now I don't work for the client anymore, deleted the directory at myaccount.microsoft.com and still every time I want to…
Request to Change Primary Domain
Hi there I used my hotmail to create azure subscription which is trustswz@hotmail.com. Now I have changed to our company email wenzhe@elefant.gg. However, the subscription is now under domain name #@trustswzhotmail.onmicrosoft.com can I change it to…
Workday/Entra ID - Soft delete users without the "Delete" action selected?
We currently have Workday to Entra ID user provisioning enabled with the "Create" and "Update" actions allowed and "Delete" is not enabled. I'm wondering if anyone is able to clarify whether the integration is able to soft…