AAD - Benoit's Corner

Azure – You can now use Privileged Identity Management from the Azure mobile application

Leave a Comment / Azure Active Directory, Microsoft Azure, Microsoft Entra / By Benoit HAMET / October 24, 2023 / AAD, Azure, Azure Active Directory, Azure AD, Azure Mobile App, Azure Mobile Application, Entra, Entra ID, Microsoft Azure, Privileged Access Management

You are probably aware of the Azure mobile application which allows you to do some management tasks – especially being alerted when some issue occurs – when on the go. Android https://play.google.com/store/apps/details?id=com.microsoft.azure&pli=1 Apple https://apps.apple.com/us/app/microsoft-azure/id1219013620?ls=1 You are also probably aware about the Privileged Identity Management (PIM) feature available with Entra ID/Azure AD P2 license, allowing you …

Azure – You can now use Privileged Identity Management from the Azure mobile application Read More »

Entra ID – New version of Azure AD Connect – 2.2.8.0

Leave a Comment / Azure Active Directory, Microsoft Entra / By Benoit HAMET / October 16, 2023 / AAD, AAD Connect, Azure Active Directory, Azure AD, Azure AD Connect, Entra, Entra ID, Microsoft Entra, Microsoft Entra ID

A new Azure AD Connect version – 2.2.8.0 – is now available https://www.microsoft.com/en-us/download/details.aspx?id=47594. This new version introduces 2 functional changes: The attribute onPremisesObjectIdentifier has been added to the default sync rules. This attribute is required by Microsoft Entra Cloud Sync’s Group Provisioning to AD feature. Minimum .NET runtime requirement has been increased to …

Entra ID – New version of Azure AD Connect – 2.2.8.0 Read More »

Entra ID – Automatically remediate user risk with on-premises password change (preview)

Leave a Comment / Azure Active Directory, Beta / Preview, Microsoft Entra / By Benoit HAMET / September 29, 2023 / AAD, Azure Active Directory, Azure AD, Entra, Entra ID, Identity Protection, Microsoft Entra, Microsoft Entra ID

It is becoming easier to manage user risk in hybrid environments with Entra ID Protection (formerly known as Azure AD Identity Protection). Indeed, user risk policy requires to change the password when the user is identified at risk. However, the change of password was not detected by Entra Protection signals when the change was performed …

Entra ID – Automatically remediate user risk with on-premises password change (preview) Read More »

Entra ID – You can now use Employee hire date in dynamic groups (preview)

Leave a Comment / Azure Active Directory, Beta / Preview / By Benoit HAMET / September 12, 2023 / AAD, Azure Active Directory, Azure AD, Entra, Entra ID, Microsoft Entra ID

As you probably already know, Microsoft has introduced some time ago the Employee hire date attribute in Microsoft Entra ID (formerly known as Azure AD). Well, good news as you can now use this attribute in dynamic group. The Employee hire date (employeeHireDate) is a string type. You can use either Greater Than or Equal …

Entra ID – You can now use Employee hire date in dynamic groups (preview) Read More »

Entra ID – It is now easier to identify privileged administration roles

Leave a Comment / Azure Active Directory, Microsoft Entra / By Benoit HAMET / August 31, 2023 / AAD, Admin Role, Administration Role, Azure Active Directory, Azure AD, Entra, Entra ID, Microsoft Entra, Microsoft Entra ID

Entra ID (aka Azure AD) now allows you to quickly identified privileged administration roles. While it is obvious for some roles (such as Global Administrator), some others may be more subject to your own understanding/interpretation of the role. To help you, Entra ID is now showing a privileged tag, which can also be used as …

Entra ID – It is now easier to identify privileged administration roles Read More »

Azure / Azure AD – Administrators can now reset user’s password from the Azure mobile app

Leave a Comment / Azure Active Directory, Microsoft Azure, Microsoft Entra / By Benoit HAMET / August 3, 2023 / AAD, Azure Active Directory, Azure AD, Azure Mobile App, Azure Mobile Application, Entra, Microsoft Entra

By now, Azure administrators should be aware about the Azure mobile application for Android or iOS. Few month ago, Microsoft has started to include access to your Azure AD tenant from the Azure mobile application (see https://t.co/ayBZHVODXx). Well, this access has been now improved as you can now reset user’s password from the application. NOTE …

Azure / Azure AD – Administrators can now reset user’s password from the Azure mobile app Read More »

Azure AD / Intune – Local Administrator Password Solution is now generally available

Leave a Comment / Azure Active Directory, Endpoint Configuration Manager, Microsoft Entra, Microsoft Intune / By Benoit HAMET / April 24, 2023 / AAD, Azure Active Directory, Azure AD, ECM, Endpoint Configuration Manager, Endpoint Protection, Intune, LAPS, Local Administrator Password Solution, Microsoft Intune

It has been a long awaited capability and has been in preview for quite some time. In preparation for its general availability, Local Administrator Password Solution (LAPS) has been included in Windows – both client and server – thanks to the April updates (see https://t.co/8fpzOY7f7x). Well, good news as LAPS is now generally available – …

Azure AD / Intune – Local Administrator Password Solution is now generally available Read More »

Azure AD – You can now publish multiple internal URLs with a single Application Proxy and validate backend SSL certificate

Leave a Comment / Azure Active Directory, Microsoft Entra / By Benoit HAMET / April 17, 2023 / AAD, AAD App Proxy, App Proxy, Application Proxy, Azure Active Directory, Azure Active Directory App Proxy, Azure AD, Azure AD App Proxy, Entra, Microsoft Entra

As you may know, you can publish internal web applications using Azure AD Application Proxy. Until now, when you had to publish multiple different internal URLs, you had to create one Application Proxy for each URL. Well, good news as now you can publish multiple internal web application using only one Application Proxy. The first …

Azure AD – You can now publish multiple internal URLs with a single Application Proxy and validate backend SSL certificate Read More »

Azure AD – Update your Conditional Access policies if you are using ‘require approved client app’ before March 2026

Leave a Comment / Azure Active Directory, Microsoft Entra, Security / By Benoit HAMET / April 14, 2023 / AAD, AAD Conditional Access, Azure Active Directory, Azure Active Directory Conditional Access, Azure AD, Azure AD Conditional Access, Conditional Access

If you are using the grant control ‘Require approved client app’ in your Conditional Access policies, you need to update and migrate to use the grant control ‘Require application protection policy’ before March 2026. At this date, the control ‘Require approved client app’ will no longer be enforced and will act as if it was …

Azure AD – Update your Conditional Access policies if you are using ‘require approved client app’ before March 2026 Read More »

Azure AD – You can use conditional access for PIM (preview)

Leave a Comment / Azure Active Directory, Beta / Preview, Microsoft Entra / By Benoit HAMET / April 11, 2023 / AAD, AAD Conditional Access, Azure Active Directory, Azure Active Directory Conditional Access, Azure AD, Azure AD Conditional Access, Conditional Access, Entra, Microsoft Entra

As you know with Azure AD (P1 or P2) you can protect access to your workloads using Conditional Access. Well, you can now also use Conditional Access when used with PIM (Privileged Identity Management) (in preview), or more specifically when protected actions are being used. The below protected actions are currently supported: Update basic properties …

Azure AD – You can use conditional access for PIM (preview) Read More »