GET /users throws InternalServerError with 200 status code and POST /users UnknownError with 405 status code
GET v1.0/users?$select=id,delet... throws…
Authenticator App - can't remove greyed out account
Hello all, I'm stuck in a strange loop using the MS Authenticator App. I'm one of the admins at my school and I've registered my phone via https://account.activedirectory.windowsazure.com/securityInfo using the MS Authenticator App. I wanted to…
How to authenticate two azure app services that has vue.js and nest.js deployed on them individually
We have two app services that hosts a vue.js front-end and a nest.js backend. The issue is that we want the nest.js backend to be secure with entraID and we did implement that, however, when the API is called, it asks the user to be logged in through…
Can you have two Entra IDs for two separate domains and a single tenant
We have a client that owns 2-3 domains under a single tenant. The parent company (companyA .com) and the child company (companyB.com) want to separate their Azure AD so companyB.com can be independent. They have 150 users in total all Azure AD joined. …
Exclude Windows Hello for Business for SSO of Global Protect
Dear PPL, I have implemented Entra ID SSO and SAML for our organization VPN Portal login. Now some ppl complaining that Windows Hello for Business they set up on their devices somehow allow them to connect GP VPN without giving MFA.... I was wondering…
Wrong SAML Claims for AppRoles
Hello, I am configuring the SAML claims for Enterprise Application in Azure. For the moment I have configured them like that: and I have tested connection to target app. Everything is fine and app can read custom_roles. Unfortunately additionally to…
How to restrict user access to a specific device
Is there a way to allow a specific user just to login on a given device ? Any other login tries should be blocked.
How can I seamlessly change an App Registrations "Application ID URI" domain?
I have a published teams app which includes tabs. The tabs point at Domain A to authenticate the user using "microsoftTeams.authentication.authenticate" and "microsoftTeams.authentication.getAuthToken()". The teams manifest.json…
Windows Active Directory setup in Azure
Hi, I plan to setup a Windows Active Directory (AD) using VMs (1 for PDC and 1 for BDC) in the Azure cloud environment and it should sync the AD in the on-prem via the established site-to-site IPsec VPN link. What are the pros and cons? Which is better…
I want to leave an organization that I can't login into anymore
I have 2 organizations / tenants attached to my MS work account, but I want to leave one of them. Unfortunately when I try to leave it from my Account I need to login some other account that I no longer can access. How can I leave this tenant?
Enterprise applications: Microsoft Graph Command Line tools, How to restrict connection to Microsoft Graph and grant access to specific users
Hello team, I am trying to grant access to specific users to Microsoft Graph. the objective is to block public access in our tenant to Microsoft Graph. I tried using conditional access, however, in the apps to select, it doesn't show Microsoft…
Exchange 2019 installation Failed hybrid environment
I have an on-prem exch 2016 hybrid (on server 2012 r2 standard). All mailboxes are on O365. I'm setting up a new exch 2019 (server 2019 standard) so I can then get rid of 2016. It gets stuck on Step 8/12 Mailbox service. The system mailboxes are all…
NPS Extension for Azure MFA failing to generate MFA prompt
Hi I am trying to setup a new NPS server with the NPS Extension for Azure MFA to control access to an RDS server on-prem. Authentication works fine when not using the NPS Extension. With the NPS Extension enabled, the user does not receive an MFA…
Problem with Exchange Server 2016 Hybrid Configuration (Teams Rooms Mailbox)
Good day, After setting up Exchange Hybrid (Classic Mode), the O365 mailboxes are not displayed in onPrem Exchange. Mails cannot be sent from onPrem to O365 either. In O365, the onPrem mailboxes are visible and mails can also be sent from O365 to…
Sync Entra with Google Admin
Hello, I am now doing some configuration with sync from Entra to Google Admin, just facing with some issues that for ex. i have some custom attributes on Google side how i can add the same custom attributes to Entra user and also to include this in…
How to delete tenant "Default Directory"
I am trying to delete (or exit) my only Organization. after pressing "Delete": The problem is, I don't have any Licenses or Subscriptions. Also, I am the only one in the Organization. What do I do? Help
How to add custom claims to the Access Token using custom user Attributes.
Good afternoon MS team, I am writing you because I am looking for information on how to add custom claims when the application is generating JWT token, but I can't add them to the AccessToken, but I can see them in the IDToken, . Questions: Can I…
Entra ID access
Not able to access Entra ID . I am the owner of account and have active student subscription
What role will I have when I migrate a subscription to a new Tenant/Directory?
Hi All, Starting in September 2024 Classic Admins will be removed. I am wondering what is going to happen when I do a migration (directory change) of a subscription from one tenant to another. Usually the user who does the "Change Directory"…
Moving users across on-prem
Please help!!!! We have 3 on-prem domains abc.com.au 123.com and cab.com. They all sync back to single azure ad tenancy and gets assigned same domain for their email address (cab.com). I am trying to move selected users from the first 2 domain to the…