Microsoft Entra External ID Sign In Frequency
We are using an external tenant to authenticate users of our mobile app. Currently there is no way for us to adjust the frequency of sign in. Right now it seems to be 12-24 hours. I looked into creating a condition access policy but the key section for…
Azure AD connect configuration fails on Windows Server 2022
I am trying to configure Azure AD connect on Windows 2022 Server. I configured Password-Hash-Sync. My local domain name is a subdomain name which I registered in Azure AD (like local.contoso.com). The configuration fails with the message "failure…
Setup Cloud Kerberos trust in Entra ID Domain Services
Good day, I am struggling with the Entra ID Domain Services. I would like to setup Cloud Kerberos Trust as described here. Unfortunately, this is not possible, as the permissions are missing in Entra Domain Services to modify in the default…
Adding directory claims to the ID token in Entra External ID
HI I want to include additional directory claims in the ID token of my Entra External ID instance. I have followed the instructions here: https://learn.microsoft.com/en-us/entra/external-id/customers/how-to-add-attributes-to-token I have added…
Change Subscription Owner, original account deleted
Hi, I need to change the Azure subscription owner, as the current owner is no longer with the organization. How can I add myself or another person as the new owner? I don't have access to change owner and role.
Some users not receive a b2c verification code email
We use Azure B2C to authenticate our Power Pages site. Some customers have reported that they are not receiving email verification codes to reset their passwords via the "Forgotten password" feature. We checked with them to see if the emails…
Authentication Issues using AAD Kerberos for Azure file shares
I have ran and re-ran through the prerequisites. "The Azure AD Kerberos functionality for hybrid identities is only available on the following operating systems: Windows 11 Enterprise single or multi-session. Windows 10 Enterprise single…
Can i setup an MFA on my laptop?
Hello: I would like to setup an MFA on my laptop. So whenever tries to RDP or SSH into it, they will be prompted with authentication. My laptop is entra-joined and i have setup an access policy but when i tried to rdp into it, it did not prompt me to do…
How to fix the issue, i'm getting this error- A configuration issue is preventing authentication - Original exception: AADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret'.
Hi Everyone, I got a production issue. The details of the issue are :- One or more errors occurred. (A configuration issue is preventing authentication - check the error message from the server for details. You can modify the configuration in the…
How can I apply a Conditional Access Policy to a Desktop application in Azure?
I am creating an Azure Enterprise ID app registration for both mobile and desktop platforms. I would like to apply a Conditional Access Policy (CAP) to this registration for the desktop app. However, the application is not available in the cloud app…
Entra Private Access - line of sight to internal Domain Controller
Hi, we have hybrid environment with most employees working remotely over VPN. Some users do not need VPN most of the time to work so their laptops/desktops obviously can not pull GPO changes and as such they can become non-compliant. Can Entra Private…
App Registration not showing as Cloud App on AAD Conditional Access
Hi All, I have question that have been asked by people way past but wondering if we have any solution now? I'm creating an app registration for Azure Entra ID using my admin account (specifically for Mobile and desktop platforms). I intend to apply an…
Getting "00000003-0000-0000-c000-000000000000" Audience in Access token which was expected to be "https://graph.microsoft.com"
I am encountering an issue while trying to acquire an access token using the SharePoint Online API. The expected audience for the token is 'https://graph.microsoft.com', but I am receiving token '00000003-0000-0000-c000-000000000000' instead. Request…
AADSTS7000215 error during refresh token request
We use oauth2-proxy and azure as an idp. oauth2-proxy uses AAD and v1 version api. User is able to login successfully and during token refresh it is not able to get the refresh token and the following error is thrown. AADSTS7000215: Invalid client secret…
azure login locked
I haven't been using Azure portal for a while, and recently when I try to open it, it shows the error "Your account has been locked. Contact your support person to unlock it, then try again." I don't know who is my support person. And how to…
Button to postpone 10/15/2024 MFA enforcement is greyed out
We are trying to apply for postponement of the 10/15/2024 MFA enforcement per the published instructions in the Microsoft blogs and bulletins. After elevating a global admin account per the instructions…
impossible de se connecter au Compte administrateur via Authentificator suite changement de téléphone
itre : Bonjour, je suis administrateur du compte professionnel Microsoft, je viens de changer de téléphone et je ne reçois plus mes demandes d'authentification sur authenticator. Message : Je suis complètement bloqué et je n'ai plus accès à aucune…
Clarification on FY25 Suspension of New App Onboarding to Entra Gallery
I am planning to submit my application to the Entra Gallery. While reviewing the Microsoft documentation on app gallery listings, I noticed a note stating that the onboarding of new applications is suspended for FY25. Could someone provide more details…
Merging my directory default account with org account
Hi everyone! 👋 I realized that I’ve accidentally created some applications under my personal Azure account instead of within our organization’s account (diagonai.onmicrosoft.com). Is there a way to migrate these apps/directories to the organization…
MFA for users using using SSO in Entra Extern IS
Hi,I have MS Entra External ID preview tenant created. I have set up SSO. I registered app and add a platform for SPA. I have also created Conditional Access policy. The issue I am running into is MFA. When user SSO and gives email and password, it is…