Azure Active Directory 16 - Benoit's Corner

Azure – Azure MFA will now be enabled by default and free

As just announced at the Microsoft Ignite 2019 Conference, Azure Multi Factor Authentication (Azure MFA) will now be enabled by default for all new Azure AD (and Office 365 or Dynamics as they rely on Azure AD) tenant and will be also free for existing customers with the Microsoft Authenticator app (available on Android https://play.google.com/store/apps/details?id=com.azure.authenticator […]

Azure – Azure MFA will now be enabled by default and free Read More »

Azure AD – You can now ‘live try’ Conditional Access

Leave a Comment / Azure Active Directory, Security / Benoit HAMET / November 5, 2019 / AAD, AAD Conditional Access, Azure Active Directory, Azure Active Directory Conditional Access, Azure AD, Azure AD Conditional Access, Conditional Access

As you already know, Azure AD Conditional Access policies are one important component helping you securing access to your resources. Implementing Conditional Access policies is sometimes a little bit complicated as it may impact the ability of your users to access those resources. Well, good news, you can now enable a Report Only option when

Azure AD – You can now ‘live try’ Conditional Access Read More »

Azure AD Connect / ADFS – You can now stage your migration from AD FS (preview)

Leave a Comment / Active Directory Federation Services / ADFS, Azure Active Directory, Beta / Preview, Office 365 / Benoit HAMET / October 31, 2019 / AAD, AAD Connect, Active Director Federation Service, AD FS, Azure Active Directory, Azure Active Directory Connect, Azure AD, Azure AD Connect, O365, Office 365, Staged rollout

When you are moving to cloud services (in this case Office 365 and/or Azure Active Directory/Azure), it is important that the authentication process is working seamlessly when you are moving away from federated authentication services (AD FS, Okta…) to cloud authentication. This means you need to be able to test and validate the process. Until

Azure AD Connect / ADFS – You can now stage your migration from AD FS (preview) Read More »

Azure AD – You can now enable default security settings for Azure AD

Leave a Comment / Azure Active Directory / Benoit HAMET / October 23, 2019 / AAD, Azure Active Directory, Azure AD, Default Security

DISCLAIMER it needs to be carefully review before implementing as it will enforce the security configuration. Microsoft has release an option to simply and automatically enabled a default security configuration on Azure AD; this includes: Enforcement of MFA for privileged accounts – all administrator types account), All users are required to be registered for MFA

Azure AD – You can now enable default security settings for Azure AD Read More »

Azure AD – Users can now review their sign-in activities by themselves

Leave a Comment / Azure Active Directory, Security / Benoit HAMET / October 18, 2019 / AAD, AAD My Account, Azure Active Directory, Azure Active Directory My Account, Azure AD, Azure AD My Account, My Account, Sign-In, Sign-In Activities, Sign-In Activity

This is a capability which has been there for quite long time for Microsoft Account (https://account.live.com/Activity?mkt=en-US&refd=account.microsoft.com&refp=security&fref=security.cards.review-activity&uaid=9e64b34b59604f468d1cb65aa1d973b9), the ability to review sign-in activities. Well, this is now available for corporate account (Azure AD, Office 365). To let you end-users review their sign-in activities, let them go to https://mysignins.microsoft.com/ – or https://myprofile.microsoft.com and check the My Sign-ins

Azure AD – Users can now review their sign-in activities by themselves Read More »

Azure AD Connect – You can now synchronize your password policy and force the password change at next logon (preview)

2 Comments / Azure Active Directory, Beta / Preview, Office 365 / Benoit HAMET / October 9, 2019 / AAD, AAD Connect, Azure Active Directory, Azure Active Directory Connect, Azure AD, Azure AD Connect, Cloud Password Policy, Force password change, Force password change at logon, Password Policy

As you know, you have been able to synchronize your user’s passwords with Azure AD Connect for quite some time now thanks to the password hash synchronization feature. However, there has been a small gap there: you were not able to get the “User must change password at next logon” attribute value synchronized to request

Azure AD Connect – You can now synchronize your password policy and force the password change at next logon (preview) Read More »

Azure AD – You can now perform bulk actions on users and groups from the portal (preview)

Leave a Comment / Azure Active Directory, Beta / Preview / Benoit HAMET / October 8, 2019 / AAD, Azure Active Directory, Azure AD, Bulk, Bulk Group Management, Bulk User Management, Group Management, User Management

You may already have quite few scripts at your disposal to perform bulk actions on cloud user accounts and/or groups on Azure Active Directory (AAD). Well, maintaining (or using) these scripts is no longer a requirement as the Azure AD portal has been updated to allow you bulk actions on user accounts/groups. Bulk actions are

Azure AD – You can now perform bulk actions on users and groups from the portal (preview) Read More »

Azure AD / Office 365 – New Global Reader built-in role is coming

Leave a Comment / Azure Active Directory, Office 365 / Benoit HAMET / October 3, 2019 / AAD, Admin Role, Administration Role, Azure Active Directory, Azure AD, O365, Office 365

It has been a long awaited capability: being able to give a complete read-access only to Azure AD/Office 365 administration. Well good news, a read-only administrative access role is coming – called Global Reader. The deployment will start on September 24 and scheduled to be completed by October. It worth noting that few limitations will

Azure AD / Office 365 – New Global Reader built-in role is coming Read More »

Azure AD – A new major version of Azure AD Connect has been released

Leave a Comment / Azure Active Directory, Office 365 / Benoit HAMET / September 30, 2019 / AAD, AAD Connect, Azure Active Directory, Azure Active Directory Connect, Azure AD Connect, Directory Synchronization, DirSync

UPDATE Oct 8th, 2019 it has been reported that some issues with Self-Service Password Reset (SSPR) and Hybrid Azure AD join have been reported. Microsoft has recommended to post-pone upgrading to the 1.4.18.0 version until root cause has been identified and solved. Regarding the SSPR, a new version has been already released for auto-upgrade only

Azure AD – A new major version of Azure AD Connect has been released Read More »

Azure AD – You can now create your own custom administration roles

Leave a Comment / Azure Active Directory, Beta / Preview / Benoit HAMET / August 5, 2019 / AAD, Admin Role, Administration Role, Azure Active Directory, Azure AD, Roles

As you may already know, you can grant administrative access to Azure Active Directory (AAD) and associated resources using built-in administration role. Well, this is going one step further as an update has been deployed on Azure Active Directory which let you create your own custom administration role. During the preview, this capability is available

Azure AD – You can now create your own custom administration roles Read More »