Microsoft is providing easier way to manage user accounts without the need of a support call to your helpdesk. With My Staff, you can delegate some level of user management tasks to a delegated authority, like a manager or team leaser. This will help end-users stuck accessing their applications because they forgot their credentials (don’t […]
Azure AD – Delegate user management with My Staff (preview) Read More »
As you know, Microsoft has embarked to a password-less journey by providing more secure authentication process with Windows Hello or FIDO2 security key. Well, the journey is continuing with a new way to authenticate with text messages. NOTE first, an important disclaimer as this is an early preview, there are some limitations: SMS-based authentication isn’t
Azure AD – You can now authenticate with text message (preview) Read More »
As you know you can create dynamic group membership in Azure Active Directory to automatically add/remove group members (either users or devices) based on rules. Sometime you may not be totally sure about the result and it is frustrating to have to wait before being able to validate it. Well, good news, you can now
Azure AD – You can now validate your dynamic group membership Read More »
You may already know this Azure AD feature, in preview for quite some time already, called Administrative Units (AUs). This feature allows you to create a container to store Azure resources which then can be used to delegate administrative tasks, during this preview period this can contain only users and groups and is only manageable
Azure AD – You can now manage the Azure AD Administrative Units using the portal Read More »
As you may be already aware, support for password less with FIDO2 keys has been in preview for quite some time already for Azure AD Joined devices and browser sign-ins (see https://t.co/6HfQaQrsuR). Well, good news as you can now also use FIDO2 keys to authenticate against Azure AD Hybrid joined device – aka Windows 10
Azure AD – Password less with FIDO2 now in preview for hybrid deployments Read More »
You may be well aware about the Azure Active Directory (Azure AD or AAD) Conditional Access features, and you should already have implemented some conditional access rules to improve your security posture. That said, when you have to setup a conditional access rule for Office 365 services access (Exchange Online, Teams, PowerApps…) it may be
Azure AD – A new conditional access App for Office 365 suite Read More »
The following issue occurred for one of my customers after enabling MFA for all users. The directory synchronization stopped working. The above situation may not occur often as usually you are excluding trusted locations (aka your corporate network public endpoints) from applying conditional policies – especially when enabling MFA – and your Azure AD Connect
In the way to limit the need and use of the global administrator role, 3 new administration roles have been made available: Groups administrator to delegate groups (Azure AD security groups, Office 365 Groups, Teams or Yammer) management, covering naming convention, expiration policy or even AAD security group restoration Office apps administrator allows you delegating
Azure AD / Office 365 – 3 new administration roles available Read More »
As there is more use of Azure AD application integration (either Enterprise Applications or Azure AD App Proxy), it is becoming more complicated for end-users to find their most important applications for their work. Well, good news, Azure AD Administrators can now create a ‘workspace’ grouping all related applications for their job or role. First
Azure AD – You can now customize the My Apps portal Read More »
As you already know Azure Active Directory Connect (AAD Connect) is the easiest and quickest way to provision identities in Azure AD, especially for large organization, while providing simple authentication method to cloud services (password hash sync, Seamless SSO…). That being said, you may find yourself in position you have to quickly provide cloud identities
