Why has my long running 90 day inactive Guest Access Review suddenly start using non-interactive sign-in instead of interactive sign in timestamps?
Hello, I have been running the above mentioned access review for probably 2 years without major issues. Recently it seems that the reviews have switched to looking at non-interactive sign-ins as well as interactive sign ins. There is really two issues…
How do I change the username (first initial, last name) into an Azure AD username?
We use Lightspeed web filtering for our school. Our students have learned that if they log onto a new computer, one that does not have their Windows user profile in place yet, that they can do indiscriminate searches and not be filtered until Lightspeed…
Cannot get SSO to work in bot framework
I'm adding SSO for a multi-purpose bot. I followed the SSO example from microsoft to setup an initial POC. In my development environment I managed to make all SSO work and get the user token like this: var userTokenClient =…
Getting 403 error in Azure portal
Hello, In Azure portal, i keep getting this No access error when i click on Users or Roles or Active Directory. Would you pls help provide me a solution. thank you. Session ID e4ed5b41789043c2b74cd7e8a2908fba Resource ID Not available …
Folder permission with EntraID joined only.
I have a computer that is only EntraID joined and managed via intune. I would like to create a folder and assign permissions to it only for certain users. I can see AzureAD/username profiles created on the computer in profile management, but that is all…
Microsoft Entra Delegated Permissions - Allow user to modify only their own custom security attributes
My javascript client application needs to read/modify custom security attributes via the Graph API using delegated permissions. This works if I assign the "Attribute Assignment Administrator" and "Attribute Assignment Reader" role to…
How do I disable users of my web app from navigating back to the Azure portal after redirect from login?
I have a web app where we are using Azure Entra as the source of user identity. So the user is directed to SSO with Microsoft, where we keep their identity, on the way to starting a session in our app. Because of the way the routing is happening, they…
Entra ID patch sending Add instead of Replace
i'm working on setting up scim provisioning. I got creates to work and now running into issues with updating users. Specifically some fields are sending Add instead of Replace for the values. In this example below, I sent the create request with an…
Getting AADSTS501204 Malformed jwt error while logging into Microsoft apps. how to resolve this?
I have changed password for my company account. since then I am facing malformed jwt error when I try to login into Microsoft apps. I am able to login to microsoft apps through browser with new password but unable to login through installed apps. It is…
Global Secure Access bypass (Internet and web filtering)
Hi, I understand in Global Secure Access "365" I can use a Conditional Access Policy to block access to 365 if not from "All Compliant Network locations" to prevent a user from pausing the Client. But If I want to use Global Secure…
AADSTS90072 USER ACCOUNT FROM IDENTITY PROVIDER DOES NOT EXIST IN TENANT
AADSTS90072 USER ACCOUNT FROM IDENTITY PROVIDER DOES NOT EXIST IN TENANT
Salesforce Custom Profiles not visible after configuring SSO using Entra ID.
Hello, I configured SSO using Entra ID for Salesforce applications, everything is working perfectly except one thing. Profiles which was created by my team "Custom Profiles" that's not appearing on Entra ID portal against salesforce…
Add graph api permission to user account (Service account)
Hello Team, Could you please guide us on how to set graph api permissions to a user account on azure active directory. In every document we are finding to set graph api permissions on app registration/applications. So, Is there any way to set…
Intune policies not applying on end user PC's
Hello I just took over for one of our engineers who left the firm, he did our initial intune onboarding. I was asked to build out the rest of intune, I have 100 end points joined to entra id via work or school account with the intune MDM installed from…
How to skip OrchestrationStep related to MFA (ClaimsExchange) if current session is already active
We have a CombinedSignInAndSignup step that displays a login prompt if the session is not active. This step is followed by a ClaimsExchange, which handles phone SMS or call authentication. When there is an active session (whether ‘Keep me signed in’ is…
Seeking Tools or Scripts for Bulk Operations in Azure Key Vault
Hello, I am looking to utilize Azure Key Vault for storing our organization's secret data. Specifically, I need to perform bulk operations such as creating multiple key vaults, adding multiple secrets, and assigning permissions in an efficient manner. I…
Assigning contributor role for subscription to new user (with company email address) fails
I want to add a new team member to my Microsoft Azure Sponsorship subscription as a Contributor. On portal.azure.com, I clicked on Subscriptions Selected the Microsoft Azure Sponsorship Clicked Access control (IAM) By clicking on View My Access,…
'Connect-AzureAD' is not recognized as a name of a cmdlet
I'm following an online course on Azure and cannot figure out why this command won't run in the Cloud Shell. Can someone please help? Connect-AzureAD: The term 'Connect-AzureAD' is not recognized as a name of a cmdlet, function, script file, or…
Entra Connect cloudsync (entra ID -> AD sync)
Dear, I am trying to do cloud syncronization from Entra ID to Active Directory via entra website. However this is not working. In the opposite direction it does (AD -> entra ID). Does anyone have any idea how I can solve this? I can press the…