While trying to run the Az AD Connect wizard, error - unable to create the synchronization service account
While running the Azure AD Connect wizard, in the last step I repeatedly get an unexpected password prompt with the Azure AD sync account username prepopulated. Then I get an error "unable to create the synchronization service account for azure…
How to find out who truncate or delete my table in Azure SQL Database
Hello guys Please help me how to find out who truncate or delete my table in Azure SQL Database I've tried doing these things but none works for me. query results are empty SELECT [Transaction ID], Operation, Context, AllocUnitName FROM …
password expiration
I am attempting to roll out the SSPR feature (using AAD Connect) in our environment. Password writeback works (as in the user can initiate a password change from Office 365 by clicking Settings > Reset Password). However, newly created users that…
is it possible to install AAD Connect through powershell?
I have a server and I'm looking to see if I can install AAD Connect using powershell
List of all users in Azure DevOps Organization that have license from the Group Rule
In Azure DevOps, the users who are assigned license from the group rule and reside in Azure AD. How can we access their user entitlement information. What I want to access is the "lastAccessedDate". When I export the file for users, it only…
MFA Blocked Devices and Roles
We'd like to allow the helpdesk to check the Azure Active Directory > Security > MFA > Block/unblock users blade, but not allow them to make changes to blocked accounts. It is possible to to allow a user read only visibility through Azure AD? …
Login to unmanaged tenant
Hello everyone, here's the thing - as it turned out, we had two tenants in the company - one centrally managed (which I have access to) and one unmanaged. On the unmanaged one our company domain was assigned because our employees had registered with it…
Hacked email - sign-in logs older than 7 days
Hi, My wife's email account was compromised and it seems people have been logging in for at least 7 days using IMAP. I would like to know how long this has been going on. The question is: how do I get sign-in logs older than 7 days? I understand I…
Multi-tenant administration MFA problem
Hello, I'm currently managing multiple tenants. For example in one tenant my user is Azure AD synced and I'm applied MFA and using it. If I invite my current tenant1 user to tenant2 I'm am as guest user. If I enable CA (MFA) in tenant2 I need to…
deployed pass through authentication in test environment
After deploying pass through authentication in test environment, users are unable to authenticate to cloud apps using their password,
SharePoint Online and SharePoint server Single Sign On (SSO)
Hi, I have a simple question regarding SSO between SharePoint Online and SharePoint server 2013. What is the best way to achieve this goal? As the user first will login to the SharePoint online then they must go to the SharePoint on-premises to…
Why can't an existing group be assigned 'role assignable' in this new platform?
Why can't an existing group be assigned 'role assignable'? Why do we have to remove and recreate all our groups to be able to assign them a role?
AD Connect and single password for work PC's and email
Hello. I'm an IT Admin at a school. We have all PC's connected to our local domain, but we wanted to be able to sign-in in the PC's wih our Microsoft 365 Accounts. We have E3 license and we need that type of login for windows to be properly…
I need to post the SAML request through postman with username and password for login Kindly share how i can do through postman and get single sign on login for other apps.
Kindly provide the screen shot of post man https://login.microsoftonline.com/-----/saml2
Conditional Access fails for users who use MS edge but works for users who uses Chrome
We have a conditional access policy for MFA which we put exemption for Hybrid join devices or device marked as compliant... Basically if the users use their work machine that is hybrid join, the should not be prompted for MFA for this one application. …
Bulk Create Azure AD object to allow login with personal email address and secured with MFA/2FA?
Hi All, I need to know which Azure object I need to create to allow 1000+ users from .CSV file below: First Name, Last Name, Email, PhoneNumber These are my criteria: Login: using their own email address (not from my accepted email…
How to call REST API only during Signup inside Azure AD B2C Custom Policy( Social and Local Accounts)
Hi All, We want to call Rest API inside Azure B2C custom policies(SignUpandSignIn) during Local Account or Social Account SingUp only and skip during SignIn. Could you please let me which claims can I use in Pre-Condition in Orchestration Step to…
Azure AD Connect only work with on-prem domain controller?
Does Azure AD connect only apply to on-prem domain controllers and not cloud based domain controllers? I currently have Active Directory Domain Services on a VM and I'm looking to sync up the users to our Azure Active Directory.
azure ad Continuous access evaluation
Hello, Continuous access evaluation can be enforced by Relying Party by two ways: critical event and location-based conditional-policy I have some confusion with respect to the latter. We know that , Relying parties can synchronize key policy…
[Powershell] AzureAD LicencePlan SKU to variable
Hello Everyone I try to get a output of a Powershell script into a variable but with no luck. Here the script who is based on this article:…