Microsoft Q&A

Azure Active Directory

12,642 questions

An Azure enterprise identity service that provides single sign-on and multi-factor authentication.

12,642 questions with Azure Active Directory-related tags

Sort by: Updated
1 answer One of the answers was accepted by the question author.

B2c: Override Custom AccountEnabled (Block Sign-In) behaviour

There is a possibility to Block Sign-In for AD users using Block Sign-In property in b2c. It is general solution to use "accountEnabled" property to manage it via Graph API. But it seems it doesn't work for external IDPs (Social (Google,…

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,642 questions
Azure Active Directory External Identities
Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
576 questions
asked 2023-01-30T14:29:40.11+00:00
Mikhail Delly 66 Reputation points
edited an answer 2023-02-02T02:29:57.24+00:00
Alfredo Revilla (MSFT) 15,656 Reputation points Microsoft Employee
2 answers

Azure B2C logs out but user can sign in without credentials again

Hi Team, Setup Overview I am using B2C custom policies for sign-in flow in react application using msal-react and msal-browser packages. The user is able to log in properly for the first time after entering credentials. Now when the user clicks…

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,642 questions
asked 2023-01-25T14:27:33.42+00:00
Kunal Dhawan 0 Reputation points
commented 2023-02-02T01:12:49.9333333+00:00
Kunal Dhawan 0 Reputation points
1 answer

Trust Domain

Hello, We can make trust domain or trust forest if using on-prem AD to make both AD can be communicate, can we do same trust in AAD?

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,642 questions
asked 2023-02-01T06:53:55.8233333+00:00
Handian Sudianto 1,206 Reputation points
commented 2023-02-02T01:05:46.82+00:00
Handian Sudianto 1,206 Reputation points
1 answer

Azure AAD DNS

Hello, Let say i have AAD with domain mydomain.com and we also have internal DNS server to query some internal apps with same domain (mydomain.com), what should i entry in the local DNS server so all workstation can join to domain in the azure?

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,642 questions
asked 2023-02-01T06:59:44.6633333+00:00
Handian Sudianto 1,206 Reputation points
commented 2023-02-02T01:03:19.8533333+00:00
Handian Sudianto 1,206 Reputation points
2 answers

Microsoft_AAD_IAM extension failed to load.

HI, Has signed up as a O365 developer and getting the error when trying to access AAD https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade Try on MS Edge in Normal and InPrivate browsing, same result. Has been going on since day 1…

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,642 questions
asked 2023-01-29T08:10:15.5733333+00:00
William Green 0 Reputation points
edited an answer 2023-02-02T00:41:24.1+00:00
Marilee Turscak-MSFT 20,516 Reputation points Microsoft Employee
0 answers

How to get guest users list from Azure AD

Hi I have multiple domains in my tenant. I want to get a list of guest users. Please see below example of account, what kind of guest users I want to get. rambo.jan_test.com#EXT#@abc.onmicrosoft.comm (This is UPN) I have number of accounts like this in…

Microsoft 365
Microsoft 365
Formerly Office 365, is a line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line.
145 questions
Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,642 questions
asked 2023-02-02T00:27:22.49+00:00
Anonymous
edited the question 2023-02-02T00:33:37.9+00:00
Anonymous
0 answers

How to get Microsoft Teams guest users

Hi I want to get a list of guest users who have access on microsoft teams. Please look snapshot. How to get these guest users by powershell. thanks

Azure Active Directory External Identities
Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,642 questions
Microsoft Teams
Microsoft Teams
A Microsoft customizable chat-based workspace.
5,318 questions
asked 2023-02-02T00:32:26.7833333+00:00
Anonymous
3 answers

Microsoft Azure AD SSO (OAuth2) with conditional access

Hello everyone, Has anyone here tried using Microsoft SSO with Conditional Access (Policy)? As soon as I enable the “Require device to be marked as compliant” option there, I can’t log anymore. Without this option i can login without problems. I want…

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,642 questions
Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
372 questions
Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
506 questions
asked 2023-01-29T02:48:53.8266667+00:00
peter 0 Reputation points
commented 2023-02-02T00:07:36.7666667+00:00
Alfredo Revilla (MSFT) 15,656 Reputation points Microsoft Employee
0 answers

How to fix redirect issue using msal in angular if using hash routing strategy ?

I am using Microsoft Azure AD to authenticate the user and redirect back to my angular application with response. Here in redirect url i am giving [http://localhost:4200/demo/#/abc] here abc is component where i want user to redirect after successful…

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,642 questions
asked 2023-01-28T13:25:50.9866667+00:00
Vishva Cipherhex 0 Reputation points
commented 2023-02-01T23:54:02.78+00:00
Marilee Turscak-MSFT 20,516 Reputation points Microsoft Employee
0 answers

Enabling Azure AD Authentication for VM RDP for External Users

I need the following requirement for Virtual Machin RDP login Must be able to use Azure AD to authenticate to Azure VM Must be able for internal users with same domain to authenticate Must be able to invite external users with different domains…

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,642 questions
Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
4,581 questions
asked 2023-01-27T07:41:03.58+00:00
Dileepa 1 Reputation point Microsoft MVP
commented 2023-02-01T23:45:53.18+00:00
Marilee Turscak-MSFT 20,516 Reputation points Microsoft Employee
0 answers

Azure AD is not logging out Identity provider of SAML configured Enterprise application.

I have configured an Identity Provider and SAML based Single Sign on with an Enterprise application. I have also configured a Sign out URL there. When azure AD gets logged out, it is not triggering logout call to the identity provider. Is there a way to…

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,642 questions
asked 2023-01-24T08:05:41.2266667+00:00
Nilotpal Mahadani 0 Reputation points
commented 2023-02-01T23:23:19.0766667+00:00
Marilee Turscak-MSFT 20,516 Reputation points Microsoft Employee
0 answers

Cant set Supported account types to Personal Microsoft account users

I can't set the Supported account types to Personal Microsoft account in the Authentication menu. There is a warning beneath: Due to temporary differences in supported functionality, we don't recommend enabling personal Microsoft accounts for an…

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,642 questions
asked 2023-02-01T18:38:19.4133333+00:00
Josh Sp 0 Reputation points
edited the question 2023-02-01T23:13:57.0133333+00:00
kobulloc-MSFT 13,006 Reputation points Microsoft Employee
2 answers One of the answers was accepted by the question author.

Azure Hybrid joind and compliant device

Hi, I want to join my devices as hybrid join. Currently, my devices are azure registered and domain joined. I aslo another issue for device compliant. Some of my device are showing non compliant status. Could anyone help me to solve this issue? Thank…

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,642 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
2,084 questions
asked 2023-01-26T23:33:01.05+00:00
Irin Sultana 126 Reputation points
accepted 2023-02-01T23:09:51.2366667+00:00
Irin Sultana 126 Reputation points
2 answers

New-AzureADServicePrincipal : Error occurred while executing NewServicePrincipal

I am following the steps to Install Export to Azure Data Lake add-in at [https://learn.microsoft.com/en-us/dynamics365/fin-ops-core/dev-itpro/data-entities/configure-export-data-lake as POC. I have an azure environment where I am the Global…

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,642 questions
asked 2023-01-25T00:17:13.7433333+00:00
Wayne Bartkowski 541 Reputation points
answered 2023-02-01T22:58:48.8966667+00:00
Marilee Turscak-MSFT 20,516 Reputation points Microsoft Employee
3 answers

Can we add multiple domains on Azure AD Connect even if the setup of the on-prem is a one-way trust relationship?

Currently the server's AD computer object in AD must be synced to Azure AD using Azure AD Connect before it can be managed in Intune. Can we add multiple domains on Azure AD Connect even if the setup of the on-prem is a one-way trust relationship?

Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
2,084 questions
Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,642 questions
asked 2023-02-01T15:54:07.76+00:00
Mark 0 Reputation points
answered 2023-02-01T22:50:58.6966667+00:00
BOURBITA Thameur 12,011 Reputation points Microsoft MVP
0 answers

Get VM powerstate through resource graph api

Hi, i'm trying to get the powerstate of a vm through the resource graph api inside of a logic apps workflow, but i dont know how can i authorize the http request. I understand that i can authenticate the request through a managed identity but i want to…

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,642 questions
Azure Logic Apps
Azure Logic Apps
An Azure service that automates the access and use of data across clouds without writing code.
1,814 questions
Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
1,082 questions
Azure Monitor
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
1,825 questions
asked 2023-02-01T22:39:54.2366667+00:00
1 answer

Azure user managed identity - How to search and find it in AAD?

I created a user managed identity called XYZ in 3 different subscriptions under that same tenant ID. The question is how to navigate Azure Active Directory to find this user managed identity XYZ? My search by "XYZ" returned NOTHING so I must…

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,642 questions
asked 2023-02-01T22:08:48.0166667+00:00
Nguyen, Hoa 206 Reputation points
answered 2023-02-01T22:19:17.2166667+00:00
Nguyen, Hoa 206 Reputation points
1 answer One of the answers was accepted by the question author.

Detailed Info on Customizing AD Connect Sync Rules

Where can I find a detailed video and documents that explain in detail about customizing AD Connect Synchronization rules?

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,642 questions
asked 2023-01-28T12:22:13.15+00:00
Deepal 201 Reputation points
commented 2023-02-01T22:18:33.5933333+00:00
Deepal 201 Reputation points
3 answers

How to change token expiration time in Azure portal - AAD

When I access my web app that is registered in Azure AD, it first sends my app to Microsoft login page and after successful login it returns an id token which is used to retrieve the data from backend server. The expiry time of token is approx. 30 mins…

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,642 questions
asked 2022-05-10T09:14:25.317+00:00
Sarah 151 Reputation points
commented 2023-02-01T22:01:13.77+00:00
James Bowen 0 Reputation points
0 answers

Change the default creation GUEST prefix "#EXT#"

Hello. When creating a user in Azure B2B - the user is created with the following format. User_gmail.com#EXT#@domain.onmicrosoft.com This is causing issues with our IDP. Can this be edited so when the user is created in Azure AD the #EXT# is changed as…

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,642 questions
asked 2023-02-01T21:59:10.2166667+00:00
Daniel Maier 1 Reputation point