Creating separate Azure AD domain to separate Guest users from the main Azure AD domain?
Hi All, I wonder if anyone here can give some clarification about creating a subdomain in Azure AD. I have the need to create Azure AD Subdomain (Partner.Domain.com or Partner.domain.onmicrosoft.com) from my parent Azure AD tenant. Domain.Com…
Replicate the azure id and default time to sync.
Hello All, Please let me know how to synchronize local active Directory newly created object with Azure active directory. New ad object: John.dave@rayn .contoso.com Requirement: Need kb article with screenshots Need to sync johns…
M365 group modification
Hello All, Greetings! Previously we had a number of new M365 groups created. I have tried adding them to a security role in Analysis Services but I get an error saying: Failed to save modifications to the server. Error returned: 'The user or…
Duplicated device identities in Azure AD
Hello Experts, Have seen the duplicated device identities for some of the devices in Azure AD. the scenario is that devices are initially in Azure AD Registered state. After configuring Hybrid Azure AD Join some devices are showing as Azure AD…
Resource Restriction User Group
Hello, I am wanting to create a user group in Azure that I can add users to which will restrict the deployment of specific resources. I am mainly interested in restricting deployment of Public IP Address resources but there may be others I would like…
Sign-in to workstation hybrid azure ad joined using WHfB
Hello everyone, Currently, our organization deploy Windows Hello for Business using Key Trust Model. When end-user brings workstation (already provisioning WHfB using PIN) go out office (doesn't connect to Domain Controller), but that end-user can…
Static Web App Custom authentication: issue with accent/special char in name of a user
Hello, I use the custom authorization with a Static Web App, as describe in: https://learn.microsoft.com/en-us/azure/static-web-apps/authentication-custom?tabs=aad …
Service Principal vs Service Principal Name Acronym
Can anyone settle a debate for me please ... Obviously Azure AD Service Princpal & AD Service Principal Name are very differnt things. The acrynym for Service Principal Name being SPN ... But whats the 'offical' acronym for an Azure AD Service…
Cannot Provision User for Azure AD Cloud Sync
I've been able to follow all instructions and wizards, successfully, but am stuck on this part. Users have existed in local AD for a couple years, but separate from office.com accounts/users. Now I want to sync/match the local AD users with the Azure…
Domain login and device management
Hello, We wish to introduce domain logins to our company computers. Could someone guide me where to begin as Microsoft documentation is very confusing. What services do I need to look in? The requirements we need: Employees login to their…
Unable to create Conditional access using Continuous Access Evaluation as session
Hi i am trying to create conditional access policy using Continuous Access Evaluation as a session, but unable to create... having free subscription trial account in active state and Azure AD Premium 2 license, not sure why it is not getting…
Sign-in with new guest user returns AADSTS90036: An unexpected, non-retryable error stemming from the directory service has occurred
I'm facing this error now with a new external guest user that I created, while previously created or internal users work. Is this still a bug or a configuration issue? The message certainly does not help. curl…
Your Microsoft 365 E5 Developer (without Windows and Audio Conferencing) Trial expired.
My Developer license has expired, please help That the error i get, Your Microsoft 365 E5 Developer (without Windows and Audio Conferencing) Trial expired. it expired on the 25th March. it is meant to renew itself but is yet to.
SAML 2.0 End point Azure
Basically i need to bypass the microsoft login screen. Instead i will use my own login username and password screen. I am able to get the access token. How i will use that access token to login automatic to that third party SSO application. Thanks …
Error: Invalid tenant id provided while connecting node JS to AAD.
I am trying to connect my node js to SQL Server via ActiveDirectoryPassword authentication mechanism and I am using 'Tedious' for that. Below is my code sample: var Connection = require('tedious').Connection; const config = { …
OAuth 2: how to set simple OAuth Connection between an internal App and Azure AD
What is the most straightforward way to configure OAuth 2 for Enterprise app built internally. We don't need multi-tenant or scopes. We just need internal AD users to log into the system using OAuth 2 and OIDC. We've tried multiple options when creating…
Unable to set multi teant with Azure AD SAML Toolkit
I'm trying to update authentication with multi tenant and got the error like image below. I have trying to set Azure AD SAML Toolkit to connect with AWS Cognito, This image is the setup SAML in Azure.
Updating Azure AD Attributes for multiple users
I'd like to update our users' Azure AD attributes in bulk. For now, we just need to update the following: Job Title, Department, Company Name, and Manager attributes. I set the CSV file with the following headers: userPrincpalName; JobTitle;…
ADF SQL Managed Instance (SHIR) Service Principal Authentication - Inline vs Credential(Preview) - Test Connection Oddity
Notable Scenario here that has different behavior switching settings back and forth that is reproducible: - SQL Managed Instance Linked Service - AAD Service Principal Authentication (using certificate stored in keyvault as credential) - Self Hosted…
CALs for Active Directory in Azure (IaaS)
Hello. I am currently in the process of building a domain controller (Active Directory) VM in Azure (IaaS). And next is to set up one AADC in Azure and sync the users to Azure AD. I understand it is unusual but that is the requirement. We have a…