How can I seamlessly change an App Registrations "Application ID URI" domain?
I have a published teams app which includes tabs. The tabs point at Domain A to authenticate the user using "microsoftTeams.authentication.authenticate" and "microsoftTeams.authentication.getAuthToken()". The teams manifest.json…
NPS Extension for Azure MFA failing to generate MFA prompt
Hi I am trying to setup a new NPS server with the NPS Extension for Azure MFA to control access to an RDS server on-prem. Authentication works fine when not using the NPS Extension. With the NPS Extension enabled, the user does not receive an MFA…
Problem with Exchange Server 2016 Hybrid Configuration (Teams Rooms Mailbox)
Good day, After setting up Exchange Hybrid (Classic Mode), the O365 mailboxes are not displayed in onPrem Exchange. Mails cannot be sent from onPrem to O365 either. In O365, the onPrem mailboxes are visible and mails can also be sent from O365 to…
Sync Entra with Google Admin
Hello, I am now doing some configuration with sync from Entra to Google Admin, just facing with some issues that for ex. i have some custom attributes on Google side how i can add the same custom attributes to Entra user and also to include this in…
How to delete tenant "Default Directory"
I am trying to delete (or exit) my only Organization. after pressing "Delete": The problem is, I don't have any Licenses or Subscriptions. Also, I am the only one in the Organization. What do I do? Help
How to add custom claims to the Access Token using custom user Attributes.
Good afternoon MS team, I am writing you because I am looking for information on how to add custom claims when the application is generating JWT token, but I can't add them to the AccessToken, but I can see them in the IDToken, . Questions: Can I…
Entra ID access
Not able to access Entra ID . I am the owner of account and have active student subscription
What role will I have when I migrate a subscription to a new Tenant/Directory?
Hi All, Starting in September 2024 Classic Admins will be removed. I am wondering what is going to happen when I do a migration (directory change) of a subscription from one tenant to another. Usually the user who does the "Change Directory"…
Moving users across on-prem
Please help!!!! We have 3 on-prem domains abc.com.au 123.com and cab.com. They all sync back to single azure ad tenancy and gets assigned same domain for their email address (cab.com). I am trying to move selected users from the first 2 domain to the…
Windows Active Directory setup in Azure
Hi, I plan to setup a Windows Active Directory (AD) using VMs (1 for PDC and 1 for BDC) in the Azure cloud environment and it should sync the AD in the on-prem via the established site-to-site IPsec VPN link. What are the pros and cons? Which is better…
Guest accounts from one company unable to sign-in
Hi All, For few years now every guest account in our tenant was signing in using their company email address. Two days ago something changed and guest users from one company, when trying to sign in to our tenant, get error that "Selected account…
Can you have two Entra IDs for two separate domains and a single tenant
We have a client that owns 2-3 domains under a single tenant. The parent company (companyA .com) and the child company (companyB.com) want to separate their Azure AD so companyB.com can be independent. They have 150 users in total all Azure AD joined. …
Enterprise applications: Microsoft Graph Command Line tools, How to restrict connection to Microsoft Graph and grant access to specific users
Hello team, I am trying to grant access to specific users to Microsoft Graph. the objective is to block public access in our tenant to Microsoft Graph. I tried using conditional access, however, in the apps to select, it doesn't show Microsoft…
Changing the SMTP address on the O365 side with ADSync enabled
Hello, we need to make changes to ADDS ProxyAddress to add an alias to a mail user in Office 365. The user is hosted in ADDS and synchronized with Entra via ADSync. However, it is very inconvenient to use the attribute editor in ADDS. But we cannot…
Prevent constant MFA requests for hybrid workforce
Hello, Most of our users are hybrid, working remotely via VPN and locally in office. Regardless of our 30-day MFA policy, our users are prompted for MFA every few days if they move locations between working at home and at the office. We are a non-profit…
The Exchange Reader Role as a built-in role in Entra
It would be nice if we can have new role Exchange Read Only or Reader role for creating custom reports. Right now I am using Global Reader for the app registration and service principle. That role works fine for the custom report. The custom role does…
Unable to access Entra ID
I am not able to access Entra ID. I am trying to access from my own student account and I am sure I am the owner of the account and currently have active student subscription.
Entra Cloud Sync - Group Writeback
Hi, could this feature be used as PAM solution for temporary Domain Admins group membership in AD DS (group synced from Entra to AD DS would be a member of Domain Admins group, empty by default, and admins would get a temporary membership in synced group…
Microsoft Entra Domain Services Blocking TCP Port 53 DNS
Hello, I am attempting to connect to my Microsoft Entra Domain by setting up an AWS AD Connector directory at AWS. Every time I attempt to create the AD Connector directory the process fails with the error message: : DNS unavailable (TCP port 53) for IP:…
Microsoft Teams integration automation
I want to add Microsoft Teams integration to my web app to create meeting links. I was able to do this by manually registering the application in the Microsoft Entra admin center and setting up keys and permissions. I'm looking for a way to simplify this…