Global Administrator locked out of AAD
Hello, Years ago, I created a "Azure Active Directory (self-service)" account to enable me to use PowerBI. It had the same email address as my personal Microsoft Account, which is the one I want to prevail. I was thinking to try to delete…
Application sign-ins in Azure AD
Hello, Azure AD has a place which stores sign-ins. MS Graph provides us with the opportunity to get this log via "auditLogs/signIns" endpoint. The documentation states that the log has both user and application sign-in activities stored…
Error to schedule examination
I would like to schedule my next MB-310 exam but when I try to enter in my dashboard I get this the error below. How can I fix it? I already took examinations with my account and it was all right.... Selected user account does not exist in tenant…
Graph API create groups and teams from SPFx webpart with elevated privileges
I have a SPFx webpart which is a form for users to submit requests which will run the group and teams provisioning code. The code works fine when the user is logged in as a 'Global Admin', but when a normal user with minimum permission levels uses…
OAuth 2.0 SAML bearer assertion flow
I am trying to use OAuth 2.0 SAML bearer assertion flow where I exchange SAML assertion for an access token however I am getting error "error":"invalid_request","error_description":"AADSTS50107: The requested…
About Combined security information registration
Dear Office365 Experts, We have Office365 environment and local AD. We use ADConnect for sync'ing objects to Office365. We use a third party tool for SSPR. But soon ago, Combined security information registration came and we think about using it.. …
Azure AD B2C custom verification code email localization content
Hi, I use custom policy to send a custom email verification code with sendgrid. It is ok to create an email template and pass custom value to manage the content of the email by using "InputParameter" of "ClaimsTransformation".…
How to detete an external AD user using MS Graph API
Dear all, We are trying to remove a guest user from AD using graph api. For that we use the following as describe from the documentation : https://graph.microsoft.com/v1.0/users/{userPrincipalName} If the user is a user with an AD domaine…
Power APPs: Invoke multiple API's with custom connector
I have API-1(api://aud1) and API-2(api://aud2) in Azure AD. In client application given permission for both API's. I have created one custom connector by using scope of API-1, Now I would like to call API-2 by passing different scope. In general we will…
Is AAD Password-less SMS authentication considered MFA? And Secure?
Last month Password-less AAD SMS Authentication was released to Public Preview. https://learn.microsoft.com/en-us/azure/active-directory/authentication/howto-authentication-sms-signin Is this considered MFA? MFA is typically considered at least…
azure certifaction
Hello, If I took the exam AZ 103 I will be azure administrator associate, or must take AZ 104?
authentication error on the registered app personnalisation
Hi everyone! I have some errors since yesterday on my Azure Active Directory Portal when I'm trying to go to some sections on the registered application settings : I don't have any subscriptions. I just follow the tutorial "Build Ruby…
Error with Set-ADSyncAADCompanyFeature in Azure AD Connect
Hello, When I try to enable "force password on next logon" in Azure AD Connect using Set-ADSyncAADCompanyFeature I get the attached error. I verified that the Connector name is right by using Get-ADSyncConnector | select…
AADconnect, do not sync unknown suffix to default domain in O365
take the following config On premise AD domain with a UPN suffix of AD.Local UPN suffix is added for AD.com Some users are set to use AD.com as their UPN suffix, others are left at AD.local O365 is configured with a verified doamin of AD.com…
Is there a way possible to federate with the external IDP's like okta or salesforce without metadata uri?
We've recently switched to B2C for implementing SSO and majority of our clients using external IDP's like Okta or Salesforce doesn't have metadata uri. Is there a way possible for external IDP federation without metadata uri?
Restore AD changes done by particular user done through poweshell script
We have an option to restore AD based on last sync for win server 2008 and above. can we Restore AD changes, group modification done by particular user and script and bring the state to previous value before the script was executed.
Azure AD joined devices do not show up in VM
Hello, I added a couple of computers to my organization's Azure AD and everything is fine but I don't see the computers in "AADDC Computers" nor in any OU in my VM. Can anyone help me figure out what could be the problem here?
Unable to sign in to Azure AD (SSO) protected ASP. net MVC app
I have developed a ASP.net MVC web app with Azure AD authentication (SSO) using OpenID token based authentication. I developed and tested in on local machine and I was able to login aswell as get User details using Graph API. But when I uploaded…
Connect Powershell to Azure AD failed
I am trying to connect Azure AD , I am running PowerShell in elevated type "connect-azuread" Since I have different global Admin id then my login credentials on windows 10 I enter GA account. I think this is related to user context but not…
Adding Guest user to Group using Graph API
Dear all, When I use graph API withinh POSTMAN in order to add a guest user to a group I process as follow : Add the /invitations endpoint to add my user ( I do not use email invitation) Then I can see from my AD users that it has been added…