When publishing application using Active Directory Federation Services (AD FS) or other identity provider, you often use group membership as claim is a user’s token. Until now, this was not possible to use group membership as claim in Azure AD Application; now you can To start using group membership claim for your Azure AD Application, […]
Azure AD – You can now use group claims in SAML and OIDC/Oauth token Read More »
As you know, Azure AD Conditional Access allows you to define conditions to allow or block access to Azure/Office 365 resource (https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview). When configuring such conditional access, you define to which set of users/groups this apply (or not – aka exclude). Now, you can apply the conditional access policy by using the Directory Roles to
Azure AD – You can now use Directory Roles when configuring Conditional Access Read More »
As Office 365 and Azure AD are evolving, the need for more granular administration role is more and more important. 2 new administration roles have been introduced to reduce the need for more elevated privileges: Information Protection Administrator: to grant all Azure Information Protection (AIP) administration aspects without granting global administrator permission. This covers Azure
Office 365 / Azure AD – New administration roles available Read More »
You may already know that for quite some time there has been a new Azure security feature in preview called Azure AD Password Protection to help protect you against password based attacks and restrict the usage of bad/too well known password (see https://t.co/PnWZiWbWic) Well, the feature is now generally available. If you have been using
Azure AD – Azure AD Password Protection is now GA Read More »
A new version (1.3.90.0) of the directory synchronization (Azure AD Connect) tool for Office 365 / Azure AD is going to be release soon (https://go.microsoft.com/fwlink/?LinkId=615771) This new version of Azure AD Connect is not only resolving few issues (SQL reconnect logic for ADSync service, issue where installation of Azure AD PowerShell on a server could
Azure AD Connect – A new version is coming Read More »
It has been in preview for quite some time, now the time has come and Azure Storage support for Azure Active Directory (AAD) access based in now generally available for Azure Storage Blobs and Queues. You can then take advantage of the advanced access control from Azure AD, like multi-factor authentication or conditional access. You
Azure – Azure Storage support for Azure AD access based now GA Read More »
The long awaited and requested Azure Active Directory (AAD) administrator role is now available in preview: Authentication Administrators. The Authentication Administrators role can manage authentication process for end-user, like manage multi-factor authentication (MFA) requirements for end-users (from activating to revoke the ‘remembering device’). You can manage Authentication Administrators role membership from your Azure AD (either
Azure AD – New administration role available in preview: Authentication Administrators Read More »
Azure Active Directory (Azure AD) is making things easier to collaborate with external users (guest) by supporting email one-time password. This new capability (in preview) allows external users (guests) to sign in and authenticate against your Azure AD using a one time password (OTP) send by email when they do not have already a Microsoft
Azure – Azure AD B2B now supports one time password (preview) Read More »
As you may already know you can use Workday to automatically manage user account provisioning/termination with Azure AD (and/or Active Directory). Well this integration is getting stronger and simpler as the solution is now reaching the general availability state with some interesting updates: The new Provisioning Agent with built-in support for high availability and failover
Azure – Workday integration with Azure AD is getting stronger Read More »
Following the availability of the new SCCM Current Branch build (1810), it is now possible to use the built-in SCCM task sequence to use Autopilot when deploying OS. To use it, you need to create an SCCM package which will contains the Autopilot settings and use the SCCM tasks sequence (this is not available for
SCCM – Use Autopilot when deploying OS Read More »
