Creating A Dynamic Group for InTune Enrolled Devices
Hello, I'd like to figure out the dynamic membership rules for a group I'm trying to create. I'd like the group to include only Windows 10 and 11 devices, no servers, and I'd like it to include only devices that are enrolled in InTune. Does anyone have a…
Can't create Quick Access configuration - Global Secure Access
When creating Quick Access configuration in Quick Access | Create Quick Access configuration I get: Network access settings Application operation failed. no further information is provided in the error. I do have a connector set up correctly and on in…
Why when using redirect_uri as schema://app, my application does not show MFA but bypasses login successfully by default?
Why when using redirect_uri as schema://app, my application does not show MFA but bypasses login successfully by default? …
Azure B2C SMS Cost
Hi Team, I have doubt for Azure B2C SMS Cost. If Example i have 1000 Users(All users are active) in B2C Local Account and configured SMS Based Authentication. If the users are login attempts 2 or 3 times per day. so, the sms attempts for 3000 time for…
Azure B2C for a Blazor WASM randomly stopped working?
Hey all sorry to be a burden but I am running out of options for this so I thought I would ask Over the Easter Break I taught myself how to implement Azure B2C in a Blazor WASM+Api environment for SPA (using .Net 7). I followed this tutorial for the…
Could I Hide "Choose an account to continue to b2clogin.com" in Azure B2C with Google sign IN?
Hi! I am working on a project with Azure B2C where we are using Google as Identity Provider, client says us that they want to hide (or change) the URL (b2clogin.com) who appears when you are going to sign up with Google: After a depth look in the Google…
How to let a group of users to access Salesforce Enterprise Application which is being configured for SSO using Microsoft Entra Id.
I'm a beginner at Microsoft Entra ID, but I have successfully configured SSO for Salesforce Application. Now I can make the Microsoft entity user to login Salesforce with the help of Microsoft account credentials instead of Salesforce…
Unable to enable password writeback Azure AD Connector - Error Offboarding: AccessDenied, Message: User does not have service onboarding permissions
Hey Team, I have been struggling with an issue and have not been able to find anything with my google foo that relates to this issue. I am unable to enabled password writeback within the Azure AD connector, the error that shows in the event log…
Entra ID - Enterprise Application SCIM - Manager Value is missing on some users
I have a problem that I'm not sure how to solve. We have an Enterprise application, but for some users, the manager value in the at SAAS app is empty, so if a manager is using the application, the manager will not see all of the employees. The…
Add eligible assignment for Azure resources in PIM
We have implemented PIM to assign Microsoft Entra roles and PIM is working normally. To extend PIM for Azure resources, I'm trying to add eligible assignment for Azure resources (Owner of a subscription) in PIM but hit an error message: Role assignment…
Function App error : No User Assigned or Delegated Managed Identity found for specified ClientId/ResourceId/PrincipalId.
I have followed this tutorial https://review.learn.microsoft.com/en-us/identity/microsoft-identity-platform/federated-identity-credentials?branch=main&tabs=dotnet#more-resources And added the user assigned managed identity as federated identity…
What is the best way to migrate an Offline Root CA to Azure?
I have an offline root CA in my on-premises environment. I also have an Issuing CA. I want to move this infrastructure to the cloud and have an IPSec tunnel connecting back to on-prem infrastructure. I plan to rebuild the Issuing CA in Azure rather than…
Hi, I need to migrate/move my Entra Domain Services to new Subscriptions.
Hello, I need to migrate/move my Entra Domain Services to new subscriptions. What could be the possible steps and also any documentations would be greatly appreciated. Thank you! Kind Regards, Majid.
Domain should match the passive sign in uri
I am trying to configure an external identity provider in Entra. When I try to do it I get the error "domain should match the passive sign in uri" I tried editing in the DNS of the domain exactly as its shown in the error: TXT…
Unable to receive the weekly digest for PIM
Right now we're using PIM with just-in-time access for the Global Admins. Before we received that PIM weekly digest every Sunday. What I want to confirm is if we need to have a Global Admin active when the weekly digest is sent or if there's a way to…
Azure Adb2c External IDP Authentication Browser Back Button Click redirects to External IDP Again
We have AD B2C Authentication with .NET 8 MVC Web Application. We configured Open Id Provider with Custom Policy in Adb2c. The authentication is working successfully. But the problem is, after the External IDP successful authentication, the provider…
The provided value for the input parameter 'redirect_uri' is not valid. Using Authentication/Authorization AAD
I'm using Authentication/Authorization from the App Service Settings. I already inputted my clientID which I created from App registration in Azure Active Directory and Issuer url as https://login.microsoft.com/Tenant_ID/v2.0 Under my App…
ERROR: The user, group or application does not have secrets get permission on key vault
Azure Pipeline throws the below error but I am unable to find the correct appid. Is there a way to back trace and figure out the correct "appid" using the "oid" printed? and what is oid (object id ?) ERROR: The user, group or…
FIDO2 NFC Security key vs Android phone
Hello, I have configured FIDO2 as the only sign-in method for my tenant. It is also enforced through CA policies as phishing resistant MFA. Our FIDO2 keys are NFC compatible. The NFC experience from an Iphone is similar to the browser and works great:…
Deploying Azure SQL API Connection for Logic App using ARM
I have successfully created an Azure SQL Connection and registered it in the Logic App. However, I would like to authorize the connection manually, similar to creating a connection to one of the O365 services. When I create the Azure SQL Connection and…