Error syncing cloud user with on prem user
I have an active user setup but is cloud sync, not on prem sync I am trying to sync that on prem user with that cloud sync user but get 2 errors Error 1 Error 2
Issue with Hybrid Azure AD Joined devices that switch /unjoin from Hybride Azure AD Joined to Unjoin at logon when the device is on a non enterprise network ( from home without VPN)
Hello, We came across a strange behaviour since few weeks with Hybrid Azure AD Joined devices that connecting from a non enterprise network ( from home without VPN) For no visible reason, we have some computers that lose Hybride Azure AD Joined…
Null attribute values in SAML response from B2C
We use an external provider who use SAML for SSO, and we got this all hooked up and working with B2C months ago. In response to their SAML request we pass over a few custom attributes and if those values match the data they hold the user is successfully…
MSAL: Acquire access token without throttling
Hi, I am currently working on an azure function to delete the power automate flows for the SharePoint sites that have completed the approval workflow. As part of this, I am generating the bearer/access token using MSAL as shown below - I am calling the…
AZURE AD - Problem with logging off from Enterprise application - SAML
Hello Collegues During our implementation of SSO SAML integration aith Azure platform - we are facing some strange Azure logoff behavior: For some Enterprise Applications, it is working very good, so log in and log out by SAML is working as desired. …
logs are not parsing in the right format
Trying to parse logs from azure to Qradar tool. But according to IBM QRadar team event format for the azure logs are incorrect. The event payload should contain the operationName or category and action_name parameters but I can't see these parameters in…
Multiple devices in one intune licens with diffreent setup config
Hello in my firm we have a couple of devices on the branches. We have 1 intune license for each branch with a intune configuration ( selected programs and rules that shall be installed on a blank PC when they log in with their Microsoft account mail ) …
While trying to run the Az AD Connect wizard, error - unable to create the synchronization service account
While running the Azure AD Connect wizard, in the last step I repeatedly get an unexpected password prompt with the Azure AD sync account username prepopulated. Then I get an error "unable to create the synchronization service account for azure…
How to find out who truncate or delete my table in Azure SQL Database
Hello guys Please help me how to find out who truncate or delete my table in Azure SQL Database I've tried doing these things but none works for me. query results are empty SELECT [Transaction ID], Operation, Context, AllocUnitName FROM …
password expiration
I am attempting to roll out the SSPR feature (using AAD Connect) in our environment. Password writeback works (as in the user can initiate a password change from Office 365 by clicking Settings > Reset Password). However, newly created users that…
is it possible to install AAD Connect through powershell?
I have a server and I'm looking to see if I can install AAD Connect using powershell
List of all users in Azure DevOps Organization that have license from the Group Rule
In Azure DevOps, the users who are assigned license from the group rule and reside in Azure AD. How can we access their user entitlement information. What I want to access is the "lastAccessedDate". When I export the file for users, it only…
MFA Blocked Devices and Roles
We'd like to allow the helpdesk to check the Azure Active Directory > Security > MFA > Block/unblock users blade, but not allow them to make changes to blocked accounts. It is possible to to allow a user read only visibility through Azure AD? …
Login to unmanaged tenant
Hello everyone, here's the thing - as it turned out, we had two tenants in the company - one centrally managed (which I have access to) and one unmanaged. On the unmanaged one our company domain was assigned because our employees had registered with it…
Hacked email - sign-in logs older than 7 days
Hi, My wife's email account was compromised and it seems people have been logging in for at least 7 days using IMAP. I would like to know how long this has been going on. The question is: how do I get sign-in logs older than 7 days? I understand I…
Multi-tenant administration MFA problem
Hello, I'm currently managing multiple tenants. For example in one tenant my user is Azure AD synced and I'm applied MFA and using it. If I invite my current tenant1 user to tenant2 I'm am as guest user. If I enable CA (MFA) in tenant2 I need to…
deployed pass through authentication in test environment
After deploying pass through authentication in test environment, users are unable to authenticate to cloud apps using their password,
SharePoint Online and SharePoint server Single Sign On (SSO)
Hi, I have a simple question regarding SSO between SharePoint Online and SharePoint server 2013. What is the best way to achieve this goal? As the user first will login to the SharePoint online then they must go to the SharePoint on-premises to…
Why can't an existing group be assigned 'role assignable' in this new platform?
Why can't an existing group be assigned 'role assignable'? Why do we have to remove and recreate all our groups to be able to assign them a role?
AD Connect and single password for work PC's and email
Hello. I'm an IT Admin at a school. We have all PC's connected to our local domain, but we wanted to be able to sign-in in the PC's wih our Microsoft 365 Accounts. We have E3 license and we need that type of login for windows to be properly…