Microsoft Intune SSO function
I do not see any manual regarding enabling SSO (Single Sign On) for Microsoft Intune (Azure AD). I just could find for Apple Devices (MacOS, iOS, iPadOS). Could you send me a link or guide me so that I can enable SSO function for Intune for our Entra
When and how is a refresh token extended?
Microsoft document says "Anytime the SSO session token is used within its validity period, the validity period is extended another 24 hours or 90…
Exchange hybrid with working cloud services
Hello, We consider to move from Exchange on premise to hybrid deployment. We also using Teams and soon we plan use Dynamic 365 so we have some AzureAD (EntraID) accounts. Many accounts from our local AD are "duplicated" (the same email, first,…
How to bypass the approval requirement and integrate with Microsoft365
I am trying to link my service with a Microsoft365 user. The client environment leaves user consent to the administrator. The administrator's consent has been given, but when a general user tries to link with Microsoft365 again, he has to request…
Authenticating Azure AD Function fails with "Could not load file or assembly 'System.IdentityModel.Tokens.Jwt, Version=6.29.0.0, The system cannot find the file specified."
History: I'm trying to write a compiled C# azure function that authenticates (and eventually authorizes) with Azure AD B2C This azure function will be protected by an Azure API Mgt. After a lot of fussing and cursing, I have a C# script azure function…
Windows 11 Enterprise computer is bricked after running Windows Configuration Designer provisioning package
Hi all, I am completely new to IT and system administration. I was experimenting with the configuration of a Windows computer that I upgraded to the Windows 11 Enterprise operating system. I attempted to use the Windows Configuration Designer to create a…
Azure AD B2C Signin Only that users who has gmail.com account or Any Specific Company domain and Only verified by organization (me)
we need to allow only signin from specific gmail user, and also we need to sign in from any company email id and password , we don't want to create any user account and allowed only some specific number of user can signin with gmail.com account…
Sign-in Frequency evaluation
Hello, With respect to Sign-in Frequency evaluation, is this flow-chart still valid after the advent of AUTHENTICATION-STRENGTH ??
Graph API - Filter Users on forceChangePasswordNextSignIn
I want to list users who have forceChangePasswordNextSignIn turned on. https://learn.microsoft.com/en-us/graph/aad-advanced-queries states that passwordProfile/forceChangePasswordNextSignIn is filterable, but if I run …
Azure Data Studio: adding Entra ID user account fails with "Error: read ECONNRESET"
Hello, we are facing the situation in our organization that some users (on specific laptops) have problems to add their personal Entra ID user accounts (formally Azure Active Directory) in Azure Data Studio. We tried Code Grant authentication as well…
Users with MFA: Enabled, Disabled, Enforced
I manage a Azure AD Does anyone have a PowerShell script that can help me get all users from Azure Active directory with MFA: Enabled, Disabled, Enforced Thanks for the help.
Dynamic user membership type
I am on a trial P2 license for Msc Entra. When creating a New Group, I am unable to assign a Dynamic user membership type. Why? This question is related to the following Learning Module
Where to find user's authentication type and registered MFA method in Office 365 logs
Hi there, We are sending all Office 365/Azure logs to our SIEM platform, and we would like to visualise the authentication type (single factor/multifactor) and registered MFA method (phone, email, authenticator app, etc) for each user. I am aware that…
NPS MFA issue, users not advancing to OTP screen after entering the credentials
Hello Guys, Would appreciate your help in resolving this issue, Thanks in advance. After entering user credentials at IdP, it is not moving to OTP step. Azure MFA with NPS configured. Verified, NPS service is running and certificate not expired. Getting…
I can't activate the trial of Microsoft Entra ID P2
I am studying the certification AZ-104, and I have created a free 30 days Azure account. I am trying to activate the Entra ID P2 free trial using the same email/ Microsoft account I got the free azure account and I'm getting the following errors.
Cannot create a new Azure AD B2C tenant
Last week, I create a new Azure AD B2C tenant to use with a new app we're developing. I was having problems with getting it to work properly (users could never login) so I deleted the new tenant so that I could start fresh. This morning, however, I am…
Customize Transient NameID in Micrsoft Entra
Hi, I need to migrate SAML app from different IDP to Entra ID. This SAML app is using NameID as Transient in IDCS. But in Entra, i dont see Transient Name ID. How do i create SAML app with Transient Name ID? I checked MS docs and it says Transient NameID…
Azure Active Directory integration with Radius NPS server on Windows server 2019 for 802.1x wireless connection?
Hi Support Team, I am writing this question to get a detailed answer for the same. Currently, I have completed the setup of the NPS (Radius) server on Windows Server 2019. Now I'm trying to do the integration with my Azure active directory, which means…
Can we control non-interactive sign-in logs in Azure AD
Hi folks, I have a quick question; can we control non-interactive sign-ins in Azure AD i.e. can we stop interactive/ non- interactive sign-ins for any account. Thanks in advance!
MFA for VMware is no longer working, possible Azure issue
Our SAML certificate in Azure for Single Sign on for VMware expired yesterday. We created a new certificate and set it to be Active, and then downloaded the metadata for that certificate and uploaded it to our UAG. Unfortunately, this did not work as…