Permissions Error on Microsoft Forms Linked on Page “Feedback on Microsoft Q&A”
There is a permissions error with one of the links on the page titled “Feedback on Microsoft Q&A” on Microsoft Learn. The link in the paragraph “If you see any text on the site not translated correctly, send an issue for our localization team by…
How to troubleshoot 'Bad Request' error when using 'startswith' to filter groups in Microsoft Graph API?
I'm using the following endpoint to query the Microsoft Graph API, tracking changes by delta and filter groups by displayName using…
SCIM validation tool (https://scimvalidator.microsoft.com) PATCH tests are failing because data is submitted in a different format
Hello, I'm working on implementing SCIM endpoints with Microsoft Entra ID, and am trying to use the validation tool at https://scimvalidator.microsoft.comto test the implementation. I noticed that all of the test cases which submit requests to the PATCH…
How to administer Windows 11 Enterprise computer to allow local user sign-in via MS 365 credentials?
Hi all, I work for a small non-profit organization and am entirely new to IT and system administration. I am beta-testing computer configuration on a Windows machine that I have upgraded to the Windows 11 Enterprise operating system. I have created MS…
Azure SSO with AWS has some issues
we built Azure integration with AWS console by creating new app inside the enterprise application in azure and we started assigning users to this newly created enterprise application. We noticed that very few users were synced to AWS and then stopped…
Passwordless MFA Authentication
Hi, We are in the process to enforce users to setup their MFA (Most probably many already have it) but we need to use the preferred method wich is passwordless in Conditional Access. So I am testing on couple of accounts, yet am having issues and few…
Adding an Azure User to Windows 11
I'm on a Windows 11 Pro PC trying to add a new user. In family and Other Users, I tried to add the user under "other users" but since this is an Office 365 user and not a Microsoft user, I cannot add the user here. Trying something different,…
Export Active AD users
Hello. I need to export a list of active AD users in Azure and include users who are showing Cloud Only in our 365 environment. At one point users were added on Prem in AD but others were added in 365 so we have Hybrid users and Cloud only users. I am…
302 Error when trying to naviagte through app proxy service
hi there, I am trying to access a json that is sat behind an app proxy. i want to do this via power automate If i do the initial request directly to the api, i get a 302 error redirecting me to login. which then terminates the flow. I updated the…
Creating a naming convention for local user profile name when singing in with a M365 user
Hello, as far as I'm aware, the name used for the local user profile when logging in to an Entra ID joined device for the first time is the first 20 letters of the M365 display name with special characters and spaces removed. We would like to keep the…
Add non Global Admin to see all OATH tokens
We are currently onboarding a new IT admin. We have successfully given the Authentication Admin role to the new IT employee, however, when we attempt to see the hardware MFA tokens that are in preview the admin cannot see any of the OATH tokens that are…
Automation to assign AD groups to an enterprise Application based on prefix
can we create a rule in user/group assignments in enterprise app based on prefix or formulae to automatically add groups/user to an Azure application
Received error while deploying Bicep. Error: "The role assignment request schedule is invalid. (InvalidRoleAssignmentRequestSchedule)"
Hi Team, I'm currently utilizing Bicep to enable Azure AD Privileged Identity Management (PIM) with a custom role. I've created an AD Group and assigned a Custom Role to it, which includes the following actions: "Microsoft.Authorization//read",…
Restrict External Access To Enterprise Applications connected via App Proxy
Hi there - I am looking for a way to restrict external access to an Enterprise Application connected via an App proxy. The connector sits in our internal network on an Azure Windows Server (let's call it VM1), but we have a shared folder (on a separate…
What IF "Not Enough Information"
Hi, We are having problem using the What-IF tool to review CA policies, both the old and the new V2 version (graph based). Often we get the response saying "not enough information" about authentication scenarios, under "Policies that will…
SSO for Grafana with AzureAD Authentication Using Client Certificates Instead ClientID/ClientSecret
I'm trying to set up Grafana with SSO authentications- I have all the relevant endpoints to configure SSO and test it successfully but recently i was asked to not to use Client_ID/Client_Secret as shown below due to some security…
Create policy option is not enabled
subscribed microsoft entra identity goverance and linked it with azure subsciption also added proper roles but still the create policy option is not enabled.
Secondary DC in Azure
Hello, I have a client with one main location and several branch locations connected together through SDWAN. The client is: decentralized, with no central identity service in place. has several on-prem apps that need to remain there has several…
Obtaining details for creating an Azure subscription using Rest API and Terraform
Hello! I have been trying to create an Azure subscription using Rest API and Terraform but I am not sure what the following parameters mean: billingAccountName, billingProfileName, invoiceSectionName. Could someone point me in the right direction on how…
Seeing an AADSTS700016 error when signing-in to my Azure app after converting it to multi-tenant
We have a need in my company tenant to convert some already existing apps to multi-tenant In Azure/Entra ID. Most of these enterprise apps have SSO setup and working. As you know, in order to convert these apps, we need to change their Application ID URI…