OpenId Connect with response_mode of form-post
Hello, I am trying to learn more about the Open Id Connect protocol and have read through the documentation for it. However, I'm confused on one part of it. Specifically this step of it: Let's say we were using form-post for the response_mode query…
AzureAD CBA AADSTS2205013: Certificate Revocation List (CRL) download is currently in progress.
Hi, We have been on Azure Entra Cert based auth for awhile now without issues signing in, today currently users are getting this message when singing into apps or O365 sites pre periods up to 30mins. AADSTS2205013: Certificate Revocation List (CRL)…
Where can I find the complete list of all official GUID for all first-party Microsoft service principal?
Is there any way to create or generate a complete list of all official GUIDs for Microsoft Applications or services? So far I can only find it here:…
Cisco ISE Integration with Entra ID - can we use Free license?
Hi, do we need to use the Entra ID P1 license for integration with Cisco ISE, or is the Entra ID free license sufficient?…
MFA sms authentication for External users does not work
Hi, Our company would like to implement MFA for external B2B users. For simplicity, external users should only authenticate via sms. I found information that the authentication strength policy can only be applied to external users who authenticate with…
MS teams is blocked even though MS365 apps are excluded from Conditional access Policy
Hello all, We have a situation where we have created a Conditional access policy targeting mobile OSs, android, and iOS which blocks all the cloud apps. However, we have excluded M365 apps because of teams messages. still, it's getting blocked by the…
Azure AD B2C can't set cookie with cross domain.
I have a custom domain set and verified in the Microsoft Entra ID. I also have Azure Front Door Classic that will route the request to my azure b2c tenant. i.e: accounts.contoso.com/tenant.onmicrosoft.us/.../authorize -> Azure Front door Classic…
Entra ID with Cognito
I am trying to do the following: Set up AWS Cogntio with Azure OIDC as Federated sign-in identity in Azure, I have configured an app in Entra ID--> app registrations and I have picked Accounts in any organizational directory (Any Microsoft Entra…
Azure Ad connect installation error
Hi, I have encountered an error while install and configuring Azure AD connect in my server. Please find the attached error image and log file. Kindly provide a solution to configure. trace-20240924-112209.log
unable to connect Azure
Hi All I use the below syntax to connect to Azure Powershell, but today i am unable to connect to azure powershell. it prompts me to enter tenant and subscription number. I have 1500 subscriptions, how can i know the subscription number for my…
Bypass MFA for specific users or groups - NPS Extension for Azure MFA
We're utilizing NPS Extension for Azure MFA in our Highly available RDS Environment (Two RDGW Machines, Two NPS Machines (with extension installed), and Two connection broker machines)) We have a requirement to exclude service accounts from getting MFA…
Microsoft API timeouts for SSO requests from 3rd party website
HI MS community, Many of my team and clients are having issues logging into Broadcom/VMWare's VCO SDWAN orchestrators ,which use MS SSO services via login.microsoftonline.com. It times out more often than not. Broadcom are saying this is a known…
Global Secure Access Client ARM64 Support
Despite Microsoft touting the benefits of ARM and Copilot+ the GSA Client doesn't support ARM64 architecture. Is there a preview or a timeline for when the GSA Client will be available for Windows 11 ARM devices?
Entra ID and Windows tag school login error 80192EE7
Hi, I am trying to login to my son's school email account so he can login to his school homework website (FireFly). On Firefly it is not giving me the option to login with his school email and seems to default to the personal email registered on the…
OpenLDAP password hash synchronization with Azure AD
Hello everyone, I have a question about syncing account hashed passwords from OpenLDAP to Azure AD. Is it possible to do this using Azure AD Connect or Cloud Connect? Also, will the password writeback feature work in this scenario? Finally, if users are…
Upgrading azure-identity from 1.10.0 to 1.16.1 gives "DefaultAzureCredential failed to retrieve a token from the included credentials. "
We are trying to upgrade azure-identity from 1.10.0 to 1.16.1 which gives DefaultAzureCredential failed to retrieve a token from the included credentials. Attempted credentials: EnvironmentCredential: EnvironmentCredential authentication unavailable.…
Access has been blocked by CORS policy when redirecting to login.microsoft
Hello, I have a web app (javascript front-end with a .NET Core 6 Web API) and I am trying to add authentication via OpenId connect and my redirects to login.microsoft are blocked by a CORS, if I hit the refresh button on the browser the redirect to…
Windows Hello For Business through Cloud Kerberos Trust working inconsistently
We have an Azure AD Connect setup and have configured Windows Hello for Business with Cloud Kerberos trust. In initial testing with a half dozen users all but one have worked correctly. One specific user gets the following event on any computer we have…
How can I configure the AD FS federation service so that avatars of users synchronized with Azure AD Connect are displayed and Windows applications are automatically logged in?
Good day! Given: A server running Windows Server 2022 Datacenter, domain: chuc218.ru Is it necessary to: configure the AD Federation Service (AD FS) so that avatars of users synchronized with Azure AD Connect are displayed on client PCs running Windows…
Run as different user asks for email address instead of user name
Environment: I built an Azure Virtual Desktop host pool and joined the sessions host to Entra ID and Intune. The user accounts are on-prem AD accounts synced into Azure with AD Connect. Issue: On the desktop, Run as different user shows email address…