Entra ID patch sending Add instead of Replace
i'm working on setting up scim provisioning. I got creates to work and now running into issues with updating users. Specifically some fields are sending Add instead of Replace for the values. In this example below, I sent the create request with an…
How do I change the username (first initial, last name) into an Azure AD username?
We use Lightspeed web filtering for our school. Our students have learned that if they log onto a new computer, one that does not have their Windows user profile in place yet, that they can do indiscriminate searches and not be filtered until Lightspeed…
Getting AADSTS501204 Malformed jwt error while logging into Microsoft apps. how to resolve this?
I have changed password for my company account. since then I am facing malformed jwt error when I try to login into Microsoft apps. I am able to login to microsoft apps through browser with new password but unable to login through installed apps. It is…
Global Secure Access bypass (Internet and web filtering)
Hi, I understand in Global Secure Access "365" I can use a Conditional Access Policy to block access to 365 if not from "All Compliant Network locations" to prevent a user from pausing the Client. But If I want to use Global Secure…
AADSTS90072 USER ACCOUNT FROM IDENTITY PROVIDER DOES NOT EXIST IN TENANT
AADSTS90072 USER ACCOUNT FROM IDENTITY PROVIDER DOES NOT EXIST IN TENANT
Salesforce Custom Profiles not visible after configuring SSO using Entra ID.
Hello, I configured SSO using Entra ID for Salesforce applications, everything is working perfectly except one thing. Profiles which was created by my team "Custom Profiles" that's not appearing on Entra ID portal against salesforce…
Add graph api permission to user account (Service account)
Hello Team, Could you please guide us on how to set graph api permissions to a user account on azure active directory. In every document we are finding to set graph api permissions on app registration/applications. So, Is there any way to set…
Intune policies not applying on end user PC's
Hello I just took over for one of our engineers who left the firm, he did our initial intune onboarding. I was asked to build out the rest of intune, I have 100 end points joined to entra id via work or school account with the intune MDM installed from…
How to skip OrchestrationStep related to MFA (ClaimsExchange) if current session is already active
We have a CombinedSignInAndSignup step that displays a login prompt if the session is not active. This step is followed by a ClaimsExchange, which handles phone SMS or call authentication. When there is an active session (whether ‘Keep me signed in’ is…
Seeking Tools or Scripts for Bulk Operations in Azure Key Vault
Hello, I am looking to utilize Azure Key Vault for storing our organization's secret data. Specifically, I need to perform bulk operations such as creating multiple key vaults, adding multiple secrets, and assigning permissions in an efficient manner. I…
Assigning contributor role for subscription to new user (with company email address) fails
I want to add a new team member to my Microsoft Azure Sponsorship subscription as a Contributor. On portal.azure.com, I clicked on Subscriptions Selected the Microsoft Azure Sponsorship Clicked Access control (IAM) By clicking on View My Access,…
'Connect-AzureAD' is not recognized as a name of a cmdlet
I'm following an online course on Azure and cannot figure out why this command won't run in the Cloud Shell. Can someone please help? Connect-AzureAD: The term 'Connect-AzureAD' is not recognized as a name of a cmdlet, function, script file, or…
Entra Connect cloudsync (entra ID -> AD sync)
Dear, I am trying to do cloud syncronization from Entra ID to Active Directory via entra website. However this is not working. In the opposite direction it does (AD -> entra ID). Does anyone have any idea how I can solve this? I can press the…
AADSTS700027: The certificate with identifier used to sign the client assertion is not registered on application.
Hi, I'm following the steps mentioned in https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-client-creds-grant-flow#second-case-access-token-request-with-a-certificate and…
Problème d'autorisation lors de la récupération de photos OneDrive personnel avec PowerShell et Microsoft Graph API
Bonjour, J'essaie d'extraire massivement des liens URL de photos situées dans mon OneDrive personnel à l'aide de PowerShell et de l'API Microsoft Graph. J'ai créé un compte Azure et une application appelée "PowerShell Graph API OneDrive…
In AVS Implementation related Queries
Hi Team, Need your expertise inputs on the below mentioned queries that are AVS integration with Active Directory / Azure AD (Customer wanted to know whether they need to create the users manually on AVS vCenter or can they integrate with On-Prem AD).…
Change mfa method option
I have used this document to create sign in with MFA method choice. https://github.com/azure-ad-b2c/samples/tree/master/policies/mfa-email-or-phone Once user selects the mfa method, I'm persisting it in extension_mfaByPhoneOrEmail attribute. When user…
SCIM validation tool (https://scimvalidator.microsoft.com) PATCH tests are failing because data is submitted in a different format
Hello, I'm working on implementing SCIM endpoints with Microsoft Entra ID, and am trying to use the validation tool at https://scimvalidator.microsoft.comto test the implementation. I noticed that all of the test cases which submit requests to the PATCH…
AD Connect Server behind NAT
dear All, We have parent entity "msg.local" which currently has the AD Connect Server deployed. We have Child entity "Det.local" which is having the user/computer object, We would like to sync the det.local objects via AD Connect…
how to configure conditional access countries for travellers
I have a conditional access rule blocking access to all countries except USA. I have a few travelers visiting other countries, but not all the same countries. How can I setup additional conditional access rules to allow access by specific travelers…