EntraID conditionnal access or PIM are licenced per account or per users?
Following this post: https://twitter.com/Alex_A_Simons/status/1466290109062385672 It seem that EntraID licensing is based on human and not user accounts. If my company have 100 users, and half of them have two accounts (one operation and one privileged) …
Is a P1/P2 Entra ID license per user or per tenant?
I am reading various articles about Microsoft cloud security features. Many of them list having a Entra ID P1 / P2 license as a prerequisite. But I am unclear on exactly what that means. On the Azure portal, the "All Services > Licenses"…
How to audit the creator of an Enterprise Application in Azure
Hy I'm trying to get the creator of an "Enterprise Application", as soon as someone is creating one by query below. AuditLogs | where Category =~ "ApplicationManagement" | where OperationName =~ "Add application" | mv-expand…
dynamic membership
Hi All,I have a SharePoint site, and the requirement is that members of this SharePoint site should be developers of a particular department. The job titles are Senior Developers, Senior Dev, etc. 'Dev' is the common word. This SharePoint site has four…
Unable to unistall Microsoft Entra Provisioning Agent Package - 0x80070643 Fatal Error 'Missing File'.
I am trying to deploy the API-Driven Provisioning for On-Prem and I tried to install the Microsoft Entra Provisioning Agent Package. The installation failed and it stated that there was a missing MSI package. When I tried to uninstall the files that…
I try to login by approving sign in request on the authenticatir app but no code is sent to it
I try to log into my work account, but the only way in is by verifying a code thats sent to my authenticator app. When I open the app there is no code that has been sent, so I cannot get onto my work email
I changed my account to an internal account by accident on Azure
I was playing around with permission in Azure and ended up changing the main account to internal instead of external. I cannot access my account any more, and can't even create a request and a phone call to my regional office just told me me to create…
How to extract an Active User Listing with identifier columns for "Groups/UserGroups" & "License Type"?
Hi Team, I've been going back and forth between the Admin and Entra Portals. I am trying to extract a comprehensive Active User listing for my organization with an indicator of the following: Full Name User Email Group/UserGroup Department License…
Truly passwordless break-glass account
Currently setting up a break glass account and I'm researching if there is a way to remove a password or the option to use one from an account in Entra Id, similar to what can be done with a consumer Microsoft account. This is in an effort to go…
Azure B2C Session timeout is not working as expected on password reset page
I applied below session settings in password reset journey as well as default user journey. But the session is not getting expired if browser is let idle for more then 15 min (Even tried after 2 hours). Session is only getting timeout after refreshing…
How do I remove an org linked to my account?
Hi, So I recently reopened my Azure account and I noticed that I am under some organization that I think I joined like years ago. Now, I wanted to remove/leave the organization (BTS INC) entirely on my whole microsoft account but I cannot find the way…
I get AADSTS50139 when logging into a desktop application
I am using Kusto desktop client. When it tries to log me in, it throws the following error. How to resolve this? Failed to connect to the cluster. Do you want to add this connection anyway? Connection attempt resulted with the following error: Kusto…
Fetching Azure AD details of Members when signing using Clerk
Hi, I am building an app using NextJS, Clerk for authentication, Prisma as ORM, postgres as DB. I want to sign in using Azure/Entra AD as I'm building an app for my company and I want to fetch the details of users when they sign in using clerk and how do…
SecureMFA QR code is not working to register users
When our users access applications those requests are redirected to our ADFS server . Post Authentication as we have enabled MFA, our request is redirected to https://chart.googleapis.com to generate the QR code and with that users registered in their…
Unable to upgrade to Entra ID P2 Tier from my Azure Free Account.
Hello There, I am currently studying for my AZ-104 exam. So I had a free Azure account registered with an email id, say user1@outlook.com. I was accessing it for a month until I wanted to create & manage tenants and explore Entra ID. Now, I…
Adb2c password reset custom policy -Reset password using username
Hi, I am working on Adb2c custom policies and am stuck in the password reset policy where I need to reset the password using a username instead of the email address. The below screenshot is for User flows where it is provided that we can create a reset…
How do we find the orphaned managed identities which are not assigned to any azure service
From a list of managed identities present in azure subscription for my account, how can I identify the managed identities which are created but does not have any roles or resources attached to it. I want to find the list of all the managed identities…
How to create a Teams meeting for all to join with their personal accounts?
In a personal Teams meeting, the login option isn't displayed. However, personal accounts face restrictions when attempting to join business Teams meetings via browser or desktop. Is there a workaround? Can the Graph API facilitate this process? And can…
Document Intelligence Studio Label Data Key based authentication error
Hi, i have set up a storage account with a container. i have disabled key access and added my Entra id to the roles with storage data contributor and added the system assigned identity of document intelligence identity with storage reader role to storage…
Directory Harvest Attck
Hi Everyone, we will soon be upgrading our Azure subscription to Security but right now we are getting thousands of SPAM emails can anyone please tell me if there is a way to create a conditional access policy in Entra to stop Directory Harvest…