TLS 1.0, 1.1 deprecation. Is login.microsoftonline.com affected?
According to this announcement in a few weeks TLS 1.0, 1.1 are going to be disabled for: Azure AD Connect Azure AD PowerShell Azure AD Application Proxy connectors PTA agents Legacy browsers Applications that are integrated…
Get access to Azure Blob storage and Key Vault from Azure ad B2C account
I made an App in Azure to get access to storage blob and key vault. I used Azure AD tenant(with AD users). All I need from that App is: Upload file to Blob Download file from Blob Delete file from Blob Generate SAS Get value…
Enterprise Applications - Admin Consent Requests
We recently had a pentest done and one of the recomendations was to turn on "Users can request admin consent to apps they are unable to consent to" which has resulted in "Admin Consent Requests" to start coming in. When reviewing…
Azure AD DS authenticates users over LDAPS without MFA, even MFA is enabled and enforced
Azure AD DS authenticates users over LDAPS without MFA, even MFA is enabled and enforces. I enabled LDAPS on Azure AD DS, and then enabled MFA for all the users. Every user needs to provide a second Factor while logging in to portal.azure.com, but…
Lost access to Azure directories when signing in to microsoft account
I have an azure account with three associated directories. Today, for the first time since starting the azure account, I signed in to my regular microsoft account, and signed up for Power Automate. Now, when accessing my azure account, two of the three…
For Azure AD, endpoint returning error message when trying to update device for Operating System field as "windows"
Hello Team, Wnen I am trying to update operating system field for device with value "Windows" then enpoint is also returning error message saying "Operating System category cannot be changed" . But I am able to update with other…
AzureAD/O365 Tenant Consolidation Query
Hello We currently have 3 Office365/AzureAD tenants through acquisitions. In order to allow collaboration in the interim, we have been leveraging Guest Accounts (e.g. Master Tenant A adds users from Tenant B/C as Guests, to access enterprise apps…
How to get an MVC web app to talk to private API using Azure AD OpenIdConnect?
So my issue is that I am trying to get an existing ASP.NET 4.6.1 MVC Web Application to authenticate using Azure Active Directory on our existing tenant. While I have already got the OpenIdConnect to work using tutorial's associated with this sample code…
Priority for App Roles
I have created a SAML Enterprise App which is using SCIM provisioning. I have user groups where I am assigning an app role. I want to add users to one group that would define their primary role and other groups that are functional where there would be…
Azure AAD login is giving 302 Invalid Token Retry
We have two application proxy A (external url: https://a.appproxy.com) and B( https://b.appproxy.com), both under the Azure AD SSO Preauth. User can login to both of them individually in two different browser sessions where they get prompted for azure ad…
Automated powershell scripts modern authentication
Hello all We have many powershell scripts that authenticate to O365 and Azure using an onprem service account. When Microsoft starts forcing modern auth, how do we configure are scripts to authenticate ?
Admin Sync Failing - How to insure cloud app info isn't lost?
I am setting up AAD Connector to an existing Office E3 Subscription. Almost all users have been sorted and are syncing properly. The admin accounts are not, which is to be expected. I can't find the exact steps I need to take to ensure that cloud app…
J'ai un message d'erreur : Votre synchronisation des identités depuis un emplacement local est incorrecte
J'ai regardé sur : Microsoft 365 centre d’administration\Paramètres\Erreur de synchronisation : Cette page est vide Microsoft 365 centre d’administration\Etat d'intégrité\Etat de la synchronisation d'annuaires : Directory sync est sur ON;…
Trying to verify my business account though the athenticator app
I got a new iPhone and I am trying to sign on to my business email, but I have the authenticator app. And I can't sign in on the app because I need he code from the app that I can't sign on to. How do I sign on to the app to sign in to my email?
gMSA for Defender for Identity setup for one way trust domain
We have DomainA and DomainB. They are one way trust relationship (DomainB trust DomainA). DomainA\gMSA account is using for Defender for Identity in Domain A. To configure Defender for Identity in DomainB in the same DFI portal, can we use…
Synch on-prem AD with more than 1 Azure AD
We have a situation where we have multiple Azure AD tenants and multiple on-prem ADs. There is one main Azure AD tenant where we want to have all users synched from all on-prem ADs. We want to give all those users permissions in SharePoint that is…
Create recuring Online Meetings with a single API request
According to the Documentation here: https://learn.microsoft.com/en-us/graph/api/application-post-onlinemeetings?view=graph-rest-1.0&tabs=http it seems that it allows to create only a single Meeting with each request. Does anyone know if…
Azure AD B2C, Conditional Access bug - Not blcking users if they use "Forgot your Password"
Hi, There seems to be a giant bug when using Conditional Access to block out users. In my case, I am using Conditional Access to block out all Users except a few admin users. Everything works as expected, only the admin users can enter the site,…
Azure AD B2C Portal Login Failure
The use case I have is: As a user in Azure AD I want to be able to log in from my main tenant/subscription to my Azure AD B2C tenant/subscription and administer it. So far I have followed the suggested steps: Registered an application in…
Clarifications on Azure AD Graph Endpoints post June 2022
Hi, There is a confusion over whether Azure AD Graph endpoint will still send us response post June 2022. Endpoint examples: https://graph.windows.net/${tenantId}/users?api-version=1.6 …