Azure and Entra ID
Erorr Entra ID { "sessionId": "cbb209cb23dc4317b80b952cea59fa49", "errors": [ { "errorMessage": "interaction_required: AADSTS16000: User account '{EUII Hidden}' from identity…
Link Audit logs to Groups or Role or Privilege
I am wondering how can I link the audit logs from Azure AD to Role, Group or Privilege? The logs just have the action and the category. Is there a way by which I can understand using what Role or Group privilege this action was taken?
Is it possible to use conditional access policy with specific logged on Windows user?
Hello, Is it possible to use currently logged user as a signal inside Conditional Access policy evaluation? Scenario is below. Computer is joined to Entra ID and managed by Intune Computer has both Entra ID user configured and local user Is it…
SSO login error
Hi all, I'm configuring SSO from Google Workspace to Entra ID following the documentation below and I'm receiving an error: Error message: AADSTS5000811: Unable to verify token signature. The signing key identifier does not match any valid registered…
Azure users signing in non-interactive to BING app from CH
Hi. Azure signing logs show that we have a user signing in non-interactive from a Chinese IP address that belongs to a middle School in China. In a region the user had visited 4 weeks before. I see a lot of these sign-ins for various users in other…
Edge SSO not working any more
Strangest thing is happening. We assign Edge (Stabile version) to our dedicated android devices with Azure AD. Yesterday version 124.0.2478.50 (247805005) of Edge AI Browser was starting to install on our devices and we ran in to a problem instantly. The…
Workday/Entra ID - Soft delete users without the "Delete" action selected?
We currently have Workday to Entra ID user provisioning enabled with the "Create" and "Update" actions allowed and "Delete" is not enabled. I'm wondering if anyone is able to clarify whether the integration is able to soft…
Setting up Workday/Entra ID integration to handle leave of absence without deleting user
We currently have Workday provisioning users to Entra ID, however there's been an ask to have employee accounts disabled while they're on leave. The integration is set to have the "Create" and "Update" options allowed but not…
cross-tenent application security concern
There is an cross tenant application, which used by customer tenant A and customer tenant B, both A and B grant permission to the Application to their own resources RA, RB. Does It possible tenant A be able access resource RB by the Application? In…
AAD Custom Policies - Password change confirmation email
Context We have configured a journey where the user would be able to change his password if he wishes to do so. We use Sendgrid to have a custom email verification according to the documentation provided here :…
Call me is blocked for almost 24 hours after more than 10 attempts to specific number
This issue is observed in mobile applications when multiple attempts of call-me (MFA) are performed (roughly 10) to the specific number after sometimes that particular number is locked out for roughly (24 hours), there is no error message displayed on…
How to fix error "Account already exists" when signing in google users on a customer entra tenant?
Dear Microsoft support team, My name is Javier Ortega, and I am writing to seek assistance with: Authentication from .Net application to Entra tenant, with google users. Currently we have a group of users migrated to a customer (external) entra tenant.…
Upgrade "Access to Azure Active Directory" subscriptions request via email
Hoping for some help (as a MS Partner) received the following email "Your subscription offer, Access to Azure Active Directory, will be disabled on May xx, 2024..." "If you currently have active resources in your Access to Azure Active…
How do I remove an org linked to my account?
Hi, So I recently reopened my Azure account and I noticed that I am under some organization that I think I joined like years ago. Now, I wanted to remove/leave the organization (BTS INC) entirely on my whole microsoft account but I cannot find the way…
How to let a group of users to access Salesforce Enterprise Application which is being configured for SSO using Microsoft Entra Id.
I'm a beginner at Microsoft Entra ID, but I have successfully configured SSO for Salesforce Application. Now I can make the Microsoft entity user to login Salesforce with the help of Microsoft account credentials instead of Salesforce…
Azure Provisioning Log: Understanding "TargetObjectActionDisabled"
Hi there, I'm trying to find out what following SkipReason means. TargetObjectActionDisabled The log entry is as follows: Result: Skipped Description: User 'xxx' will be skipped. Skip Reason: The Add operation was not performed because the Add…
Locked out of directory I am an Owner of
Hello, A friend invited me to their Azure Entra ID as a guest user, and set me as a member of the admin group that has owner privileges. I was able to log in for 10 days, created resources (including an Azure Databricks cluster that no one can access…
SecureMFA QR code is not working to register users
When our users access applications those requests are redirected to our ADFS server . Post Authentication as we have enabled MFA, our request is redirected to https://chart.googleapis.com to generate the QR code and with that users registered in their…
Dynamically pass the B2C sign-in policy in .NET 8
I am developing the web application using .NET 8 with Asp.NET MVC and using Azure B2C tenant for Authentication. And it will be hosted in the Azure App services that configured with two domain urls. Based on the requested Urls, I wanted to pass the…