Password hash synchronization is not working
I am switching from ADFS authentication to Password Hash Synchronization. I have enable the PHS successfully on AAD Connect sync and it was successful. I have changed the authentication method to PHS. However, when I tried to login to M365 portal, I get…
OAuth 2.0 refresh token and access token max length
I have created an App Registration in the Azure portal. What are the maximum token lengths for Access and Refresh tokens, when user login using app's clientid .
Calling Azure function API from Sharepoint classic using Managed identity
We have created an Azure function API in Python which will be further called by SharePoint classic using javascript. We want to make it secure using managed identity. Right now we are providing them API key which we do not want to. Sharepoint is…
Getting the error "cannot establish a connection to the domain controller(is) associated to a forest named: contoso.com"
Hello, We reached our 10GB limit on our current ADConnect/SQL Express instance. We are working on moving the DB to a full SQL server. I stood up a new Entra connect server. While going through the wizard it gives me the error in the screenshot. The…
Hi, at Entra, Identity External Identities User flows, email with password identity provider not available anymore, even it is included on documentation
Hi, at Entra, Identity External Identities User flows, email with password identity provider not available anymore, even it is included on documentation. At documentation, that provider shown as part of available ones…
AZUREADSSOACC Key Rollover no longer works using Hybrid Identity Administrator creds
Hi I use a PowerShell script in an Azure Hybrid Worker Runbook to automate the rollover of the Kerberos decryption key for the AZUREADSSOACC computer account. It uses a service account in Entra ID which is assigned the Hybrid Identity Administrator…
Why when using redirect_uri as schema://app, my application does not show MFA but bypasses login successfully by default?
Why when using redirect_uri as schema://app, my application does not show MFA but bypasses login successfully by default? …
OrganizationFromTenantGuidNotFound
Good morning, I decided to create a question regarding OrganizationFromTenantGuidNotFound since previous questions have a different implementation. I'm working with Ruby On Rails, and I implemented the code from this repository:…
I can not create a dynamic security group, the field membership type is disabled
Can not create a dynamic security group. The field 'Membership type' is disabled and therefore, can not select 'dynamic' value
How to link the accounts to get all certificates in one place?
I want to connect my Personal account to my School/Work account in Microsoft Learn so i can access my certificates but when i'm trying to do so, it displays this: You can only have one personal account linked 21btrcl069@jainuniversity.ac.in is a…
Any impact to users PC when configured Entra hybird join?
Hello My company running a hybrid environment (on-prem AD and Azure). I would like to setup a conditional access policy that require users device compliant with Entra hybrid join. And will deploy Intune to Windows laptop later. I study the below…
Cross Tenant Synchronisation - MemberType not working
So ive logged a support request for this but not had any response from support even after a week. I have Cross Tenant Synchronisation setup and it is working in that the users are being being synced and populated\provisioned in my directory, however, As…
Thousands of sign-in errors in Entra ID
Hello, I have problem with sign ins into Windows Sign In. Infra: local AD synced into Entra ID Windows 10/11 hybrid joined devices only GPO managed, we don't have Intune yet Problem is that I see THOUSANDS of failed sign ins into Windows. Almost…
Is it possible to create a User (Entra ID) for Tenant B from Tenant A?
Hello everyone, I have a situation as follows: I have 2 Tenants, Tenant A and Tenant B. User A belongs to Tenant A. After User A logs into Tenant A, they make a call to the Graph API to create/edit a user for Tenant B. I want to ask if the above…
Entra ID | Custom Claim Provider Token
Hello everyone, I am trying to set up a custom claim provider with the following instructions so that I can enrich the tokens for an app with additional information. Instructions:…
Can app registration limits also be removed on Azure B2C just like in Entra ID
I found the following documentation about Entra ID. https://learn.microsoft.com/en-us/entra/identity/role-based-access-control/quickstart-app-registration-limits I would like to know if this documentation: Also apply for Azure B2C Can this custom…
Require app protection policy and Blocking Legacy Authentication
Hello, It is a little bit unclear the scenario of the policy deployment. In one of the articles, the recommendation is to Block the Legacy…
How to exclude Emergency access accounts from Security defaults
Hi, I want to ask about how can I exclude the emergency access accounts from require MFA? I enabled the Security defaults, so that's why all users including the emergency access accounts require MFA. I use Azure AD Free, so I can't create new…
limit on number of "Federated credentials" for an app
When I tried to add a credential in an application in app registration in Microsoft Azure, I got the following error message: "Failed to add federated credential. Error detail: This configuration exceeds the global application object limit. Remove…
Getting msal running on remix run
I've been having issues integrating msal, with my remix-run application. If someone has docs or a resource that could shed light on this dev scenario that would be great. But not my main question. Since I was having trouble with it for about two weeks,…