Active Directory
A set of directory-based technologies included in Windows Server.
5,821 questions
4 answers
Password hash synchronization is not working
I am switching from ADFS authentication to Password Hash Synchronization. I have enable the PHS successfully on AAD Connect sync and it was successful. I have changed the authentication method to PHS. However, when I tried to login to M365 portal, I get…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(102.4, 76%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMA%3C/text%3E%3C/svg%3E)
1 answer
OAuth 2.0 refresh token and access token max length
I have created an App Registration in the Azure portal. What are the maximum token lengths for Access and Refresh tokens, when user login using app's clientid .
asked 2024-04-19T05:38:20.55+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 31%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDD%3C/text%3E%3C/svg%3E)
d d
20
Reputation points
answered 2024-04-19T11:55:21.2266667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(288, 10%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAP%3C/text%3E%3C/svg%3E)
Anand Prakash Yadav
5,445
Reputation points Microsoft Vendor
0 answers
Calling Azure function API from Sharepoint classic using Managed identity
We have created an Azure function API in Python which will be further called by SharePoint classic using javascript. We want to make it secure using managed identity. Right now we are providing them API key which we do not want to. Sharepoint is…
asked 2024-04-11T13:32:45.1333333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 57.99999999999999%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERK%3C/text%3E%3C/svg%3E)
Rajeev Kumar Dave
1
Reputation point
commented 2024-04-19T11:45:24.0633333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 20%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Shweta Mathur
27,141
Reputation points Microsoft Employee
1 answer
Getting the error "cannot establish a connection to the domain controller(is) associated to a forest named: contoso.com"
Hello, We reached our 10GB limit on our current ADConnect/SQL Express instance. We are working on moving the DB to a full SQL server. I stood up a new Entra connect server. While going through the wizard it gives me the error in the screenshot. The…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 91%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 45%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
1 answer
One of the answers was accepted by the question author.
Hi, at Entra, Identity External Identities User flows, email with password identity provider not available anymore, even it is included on documentation
Hi, at Entra, Identity External Identities User flows, email with password identity provider not available anymore, even it is included on documentation. At documentation, that provider shown as part of available ones…
asked 2024-04-05T14:28:50.84+00:00
Danfer Habed
25
Reputation points
accepted 2024-04-19T11:28:05.6666667+00:00
Danfer Habed
25
Reputation points
1 answer
AZUREADSSOACC Key Rollover no longer works using Hybrid Identity Administrator creds
Hi I use a PowerShell script in an Azure Hybrid Worker Runbook to automate the rollover of the Kerberos decryption key for the AZUREADSSOACC computer account. It uses a service account in Entra ID which is assigned the Hybrid Identity Administrator…
asked 2024-04-17T21:34:42.04+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(73.60000000000001, 89%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EB%3C/text%3E%3C/svg%3E)
Billy
0
Reputation points
answered 2024-04-19T11:18:20.21+00:00
Andy David - MVP
141K
Reputation points MVP
0 answers
Why when using redirect_uri as schema://app, my application does not show MFA but bypasses login successfully by default?
Why when using redirect_uri as schema://app, my application does not show MFA but bypasses login successfully by default? …
asked 2024-04-17T07:05:16.99+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 17%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHN%3C/text%3E%3C/svg%3E)
Hoàng Phúc
0
Reputation points
edited the question 2024-04-19T10:41:15.9633333+00:00
VenkateshDodda-MSFT
17,911
Reputation points Microsoft Employee
1 answer
OrganizationFromTenantGuidNotFound
Good morning, I decided to create a question regarding OrganizationFromTenantGuidNotFound since previous questions have a different implementation. I'm working with Ruby On Rails, and I implemented the code from this repository:…
asked 2024-04-18T14:48:35.5366667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(249.60000000000002, 57.00000000000001%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMA%3C/text%3E%3C/svg%3E)
Marco Antonio Vazquez Cruz
0
Reputation points
answered 2024-04-19T10:24:01.97+00:00
CarlZhao-MSFT
36,736
Reputation points
1 answer
I can not create a dynamic security group, the field membership type is disabled
Can not create a dynamic security group. The field 'Membership type' is disabled and therefore, can not select 'dynamic' value
asked 2024-04-10T13:30:23.5933333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(38.4, 75%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERC%3C/text%3E%3C/svg%3E)
Robert Casse
0
Reputation points
commented 2024-04-19T09:47:59.99+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(22.400000000000002, 28.999999999999996%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDM%3C/text%3E%3C/svg%3E)
Domooney-MSFT
2,391
Reputation points Microsoft Employee
0 answers
How to link the accounts to get all certificates in one place?
I want to connect my Personal account to my School/Work account in Microsoft Learn so i can access my certificates but when i'm trying to do so, it displays this: You can only have one personal account linked 21btrcl069@jainuniversity.ac.in is a…
asked 2024-04-19T09:34:22.0533333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 9%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENS%3C/text%3E%3C/svg%3E)
Naman Shrimal
0
Reputation points
asked 2024-04-19T09:34:22.0533333+00:00
Naman Shrimal
0
Reputation points
1 answer
Any impact to users PC when configured Entra hybird join?
Hello My company running a hybrid environment (on-prem AD and Azure). I would like to setup a conditional access policy that require users device compliant with Entra hybrid join. And will deploy Intune to Windows laptop later. I study the below…
asked 2024-04-15T06:34:00.9933333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 2%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJC%3C/text%3E%3C/svg%3E)
Jero Cheng
95
Reputation points
answered 2024-04-19T09:30:23.6333333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 78%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESG%3C/text%3E%3C/svg%3E)
Sandeep G-MSFT
14,241
Reputation points Microsoft Employee
1 answer
Cross Tenant Synchronisation - MemberType not working
So ive logged a support request for this but not had any response from support even after a week. I have Cross Tenant Synchronisation setup and it is working in that the users are being being synced and populated\provisioned in my directory, however, As…
asked 2024-04-18T07:31:52.89+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(163.2, 28.000000000000004%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAP%3C/text%3E%3C/svg%3E)
Adam Pratt (Global Admin)
0
Reputation points
edited a comment 2024-04-19T09:25:40.22+00:00
Adam Pratt (Global Admin)
0
Reputation points
1 answer
Thousands of sign-in errors in Entra ID
Hello, I have problem with sign ins into Windows Sign In. Infra: local AD synced into Entra ID Windows 10/11 hybrid joined devices only GPO managed, we don't have Intune yet Problem is that I see THOUSANDS of failed sign ins into Windows. Almost…
asked 2024-04-16T08:14:42.24+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(102.4, 82%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
adv_kd
60
Reputation points
commented 2024-04-19T09:19:54.2133333+00:00
Domooney-MSFT
2,391
Reputation points Microsoft Employee
2 answers
One of the answers was accepted by the question author.
Is it possible to create a User (Entra ID) for Tenant B from Tenant A?
Hello everyone, I have a situation as follows: I have 2 Tenants, Tenant A and Tenant B. User A belongs to Tenant A. After User A logs into Tenant A, they make a call to the Graph API to create/edit a user for Tenant B. I want to ask if the above…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(3.2, 68%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3E3%3C/text%3E%3C/svg%3E)
1 answer
Entra ID | Custom Claim Provider Token
Hello everyone, I am trying to set up a custom claim provider with the following instructions so that I can enrich the tokens for an app with additional information. Instructions:…
asked 2024-01-12T07:15:47.47+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 81%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFG%3C/text%3E%3C/svg%3E)
Florian Gruber
0
Reputation points
edited a comment 2024-04-19T08:36:55.6533333+00:00
Florian Gruber
0
Reputation points
2 answers
Can app registration limits also be removed on Azure B2C just like in Entra ID
I found the following documentation about Entra ID. https://learn.microsoft.com/en-us/entra/identity/role-based-access-control/quickstart-app-registration-limits I would like to know if this documentation: Also apply for Azure B2C Can this custom…
asked 2024-04-16T10:38:31.5666667+00:00
Ralph Jansen
81
Reputation points
commented 2024-04-19T08:14:41.8566667+00:00
Ralph Jansen
81
Reputation points
1 answer
Require app protection policy and Blocking Legacy Authentication
Hello, It is a little bit unclear the scenario of the policy deployment. In one of the articles, the recommendation is to Block the Legacy…
asked 2024-04-16T07:43:17.87+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(105.60000000000001, 53%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EO%3C/text%3E%3C/svg%3E)
Oscar
122
Reputation points
commented 2024-04-19T07:56:20.3633333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 30%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
Crystal-MSFT
42,631
Reputation points Microsoft Vendor
3 answers
One of the answers was accepted by the question author.
How to exclude Emergency access accounts from Security defaults
Hi, I want to ask about how can I exclude the emergency access accounts from require MFA? I enabled the Security defaults, so that's why all users including the emergency access accounts require MFA. I use Azure AD Free, so I can't create new…
asked 2021-07-23T10:12:36.83+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(240, 19%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
Septovan
51
Reputation points
answered 2024-04-19T07:46:35.2666667+00:00
Michal Ziemba
221
Reputation points
1 answer
One of the answers was accepted by the question author.
limit on number of "Federated credentials" for an app
When I tried to add a credential in an application in app registration in Microsoft Azure, I got the following error message: "Failed to add federated credential. Error detail: This configuration exceeds the global application object limit. Remove…
asked 2024-04-15T13:23:07.49+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(265.6, 37%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EWT%3C/text%3E%3C/svg%3E)
Wenjia Tang
20
Reputation points
commented 2024-04-19T07:37:33.1866667+00:00
Wenjia Tang
20
Reputation points
1 answer
Getting msal running on remix run
I've been having issues integrating msal, with my remix-run application. If someone has docs or a resource that could shed light on this dev scenario that would be great. But not my main question. Since I was having trouble with it for about two weeks,…
asked 2024-04-15T02:01:56.1933333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 37%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESZ%3C/text%3E%3C/svg%3E)
Skyler zanth
0
Reputation points
answered 2024-04-19T07:25:51.6466667+00:00
Shweta Mathur
27,141
Reputation points Microsoft Employee