Unable to reset MFA for user account
I am having trouble resetting the MFA for a user account. I keep getting an error message that says "Delete operation failed. Try this command again or delete them one by one in the user authentication methods blade." Is it possible that this…
Do we require License for Internal user to read or View in share point online?
Do we require License for Internal user to read or View in share point online?
SSO login issue
Hello Team, I'm using SAML-based Single Sign-On (SSO) with 2FA enabled. Below are the SAML options I'm currently using: - `force_authn: false` - `auth_context: { comparison: 'exact', class_refs: ['urn:oasis:names:tc:SAML:1.0:am:password'] }` -…
Delete security groups from Microsoft 365 admin center which one synced from on-premise AD
In the past i synced all users and groups from my on-prem AD. I delete all of them yet however i found security groups whichone doesn't delete yet. I want to delete them now because i don't need them. I list of them with that command: …
Passwordless MFA Authentication
Hi, We are in the process to enforce users to setup their MFA (Most probably many already have it) but we need to use the preferred method wich is passwordless in Conditional Access. So I am testing on couple of accounts, yet am having issues and few…
SSO for Grafana with AzureAD Authentication Using Client Certificates Instead ClientID/ClientSecret
I'm trying to set up Grafana with SSO authentications- I have all the relevant endpoints to configure SSO and test it successfully but recently i was asked to not to use Client_ID/Client_Secret as shown below due to some security…
Conditional Access and Microsoft Authenticator Sign In
We're using conditional access policy to restrict access to 'Register security information' to trusted locations only. This policy blocks home users from signing into the Microsoft Authenticator. How are you handling this security recommendation?
Issue with synching AD users to Entra.
Hello - I have created two users in Microsoft 365 whose UPN and SMTP addresses match that of two user objects (UPN and ProxyAddress attributes) in my on-premises AD. The M365 users have the appropriate Entra licenses applied and appear in Azure AD with…
In Blazor Web App Server authentication Azure missing iss claims
Hello, I followed this guide to create a Blazor Web App (server) with azure athentication https://learn.microsoft.com/it-it/entra/identity-platform/tutorial-blazor-server and it works. here the authentication…
Azure AD B2C MFA saves phone number with incorrect format (without space)
Currently we trying to reset MFA in Azure B2C through Microsoft Graph API. The idea is to delete existing phone number in authentication methods, that at the next login user would be prompt for provide new one. We are using standard built-in user-flows…
What are the accepted types for claims in Microsoft Entra Verified ID
I can find on the documentation mentions of type like "String" or "image/jpg;base64url" but can't find a list of the accepted types. Can anyone help me ?
Logging into Azure portal with the usual credentials now results in "Limited or No Access"
TLDR: Can't seem to log in to Azure Portal with primary user account -- indicates Limited or No Access. Hello. In the course of troubleshooting some recurring billing problem, I have really messed up my account. Specifically, when I now log into…
Azure ADB2C callback url is giving bad request of redirect from OpenID connect
Hi, I have a single sign-on solution using Azure ADB2C. I use custom policies. We have different IDPs and one of them is Auth0. We are connecting to Auth0 using OpenID Connect, but looks like we are having an issue in redirection after user…
Users with MFA: Enabled, Disabled, Enforced
I manage a Azure AD Does anyone have a PowerShell script that can help me get all users from Azure Active directory with MFA: Enabled, Disabled, Enforced Thanks for the help.
How to delegate permissions to Service desk team for managing MFA in Azure Active Directory
How to delegate permissions to Service desk team for managing MFA in Azure Active Directory. just MFA reset (revoke and re-register) rights. please suggest
Entra ID Connect and Exchange Hybrid setting checkbox?
I am using Hybrid Azure AD and Entra ID with Password Hash Sync, all objects are synchronized using the Azure AD Connect software. There are 2x Exchange Server 2016 but both have no mailboxes on-premise only used for managing the AD attributes as I…
A user is excluded in conditional access policy but it is still applied
Hi all, I have a conditional access policy that requires MFA. Last week a user called and reported that instead of logging into offie 365 account they get "More information required Your organization needs more information to…
Weekly digest says new risky sign-ins detected, but nothing in risky sign-ins report
I received the usual Azure AD Identity Protection Weekly Digest email today, but this time it said that 7 new risky sign-ins were detected: If I click on the link, it takes me to the "Risky sign-ins" report in the Azure portal, set up…
Adding Entra ID authentication to a web app that utilizes Web PubSub in Azure
I'm trying to simply add Microsoft Entra ID for authentication to an Azure web app. I have a javascript chat-app using Web PubSub that worked perfectly using this…
on-behalf access chaining
We have frontend (React) with on-behalf / delegate permission given to middle layer (python) application. This we could get through various sample and have graph API called from middle layer python application. Some of on-behalf graph calls to be done in…