Will IP changes trigger reauthentication for Microsoft Conditional Access MFA?
I am currently implementing Azure Conditional Access for a large group of users. Everything looks good, but we are getting complaints that people need to reauthenticate to often. We have configured the "Rememeber MFA" checkbox for 30 days. I…
Error trying to close account in viral directory and trying to delete directory entirely
Greetings I'm testing Azure B2B functionality with custom apps and want to delete a viral Azure AD that was configured as part of the sign in process. I am first trying to delete accounts out of it. The normal user "delete" button is greyed…
AppRegistrations - What is the meaning of the color in each appplication? What is the meaning of read?
Hi I would like to know if the colors have some meaning in the application. I don't know if red is an alert.. For instance...
Passwordless authentication - Azure AD joined shared workstations
Hello, I've read and watched a few videos on passwordless Azure AD authentication using FIDO2 keys and am wondering if can leverage this technology in my environment. I have several hundred shared workstations, and our users might use any one of…
ADCS (PKI) - Cert Services DCOM Access Group membership
We are having issues with an NDES service account not being able to connect to the CA over DCOM (RPC Server Unavailable). The behavior is as follows: If We add the service ID explicitly to the Certificate Services DCOM Access local group on the CA…
[MSDN Redirect] BUG: Azure AD Connect attempting to connect to SQL Instance using machine account instead of gMSA
Hi All, I couldn't find a Category and Forum specific to Azure AD Connect, so please feel free to move this post, if it is the wrong location. The issue is as described: Azure AD Connect is attempting to connect to its configured SQL Instance using…
Do we have any apis to know the lock state of the user and to know whether the user is blocked?
In the azure portal we were able to block the sign in AD user. Do we also have any scenario where the user gets locked? If yes is there any api that we can hit to know whether the user is locked or blocked. It would be very helpful if we can get any…
b2c forgotpassword userflow with SPA having '#' (hash) tag on return url
I have an angular app which shows the "sign in" link along with "forgot password". When I click the "forgot password", the following screen shows up with custom page. The problem is when I click "cancel" button ,…
Azure search multitenant login to Azure Active Directory
Is it possible to have a multitenant app that access via Azure Active Directory to azure search Services?
Calling Azure REST API from .Net Core native application by displaying the Azure Login Popup from C#
Is it possible to initiate the Azure Login Popup from a native windows application?
Users made from Azure AD cannot access Outlook
Hello. I have created Azure account and it comes with default Azure AD. I have administrative rights on myself but when I do create a new user, they are unable to access Outlook. I also got Global Admin access for my account. Help !
AzureAD connect SQL Connection failed
Azure AD Service is running, When we try to sync engine it shows SQL DB connection error. Telnet SQL port and ping are working fine between servers. Still we are not able to find the root cause Unable to store password hash synchronization cycle…
[MSDN Redirect] internal AD integration with azure ad
Hi Team, i dnt want sso , only requirement is my active directory user access my cloud application , with ad userid and password and when we using ad connector but got issue when we do sycn from local ad to azure ad my domain changed, can you…
[MSDN Redirect] Facebook Mutli user SSO
There is a Facebook account which has multiple pages added in that account's business manager with admin role. Now I can't give this account access to everyone but I want them to have access for different pages with different access (It is admin to my…
What causes Another Domain Service instance already exists for this tenant when deploying AADDS?
when trying to deploy azure domain services I get the following error: {"code":"DeploymentFailed","message":"At least one resource deployment operation failed. Please list deployment operations for details. Please see…
Azure AD Out-of-the-box Authentication, ID Token & Access Token
Hi Experts, I am using Azure AD Out-of-the-box Authentication. Login is successful. https://working-angular-webapi.azurewebsites.net/. Email: aadtester@jeanpaulvagmail.onmicrosoft.com Password: authentication1! ID Token also found through URL:…
[MSDN Redirect] Obtaining password in Graph API
Hi Team, I would like to know why we do not have any API exposed to obtain user current password in Graph API. Many suggested that it is less secure, but Why do we have the option of validating Current Password in windows login while changing…
[MSDN Redirect] Azure Application proxy for web api
Hi all, I have a case where there is a Web API on premises that requires Windows integrated authentication. I also have an Azure web application and Azure Web API. The azure web application authenticates users using Azure AD credentials. I need the…
Configurable token lifetimes in Azure Active Directory for my Web API
I need to create lifetime token for my WEB Api. I’ve used the following guide but the Policy doesn’t work. As I’ve noticed, for my Web Api the following OrganizationDefaultPolicyScenario works. I made it work by only using AzureADPolicy with setting…
Azure AD change synchronization account
Good morning, I have a problem with synchronization between our on-prem testing AD and Azure AD. We used password hash synchronization from our on-prem testing AD to our tenant in the past. Everything was working, but we wanted change PHS to ADFS. For…