Azure Active Directory - Benoit's Corner

Azure AD / Intune – Local Administrator Password Solution is now generally available

Leave a Comment / Azure Active Directory, Endpoint Configuration Manager, Microsoft Entra, Microsoft Intune / By Benoit HAMET / April 24, 2023 / AAD, Azure Active Directory, Azure AD, ECM, Endpoint Configuration Manager, Endpoint Protection, Intune, LAPS, Local Administrator Password Solution, Microsoft Intune

It has been a long awaited capability and has been in preview for quite some time. In preparation for its general availability, Local Administrator Password Solution (LAPS) has been included in Windows – both client and server – thanks to the April updates (see https://t.co/8fpzOY7f7x). Well, good news as LAPS is now generally available – …

Azure AD / Intune – Local Administrator Password Solution is now generally available Read More »

Azure AD – You can now publish multiple internal URLs with a single Application Proxy and validate backend SSL certificate

Leave a Comment / Azure Active Directory, Microsoft Entra / By Benoit HAMET / April 17, 2023 / AAD, AAD App Proxy, App Proxy, Application Proxy, Azure Active Directory, Azure Active Directory App Proxy, Azure AD, Azure AD App Proxy, Entra, Microsoft Entra

As you may know, you can publish internal web applications using Azure AD Application Proxy. Until now, when you had to publish multiple different internal URLs, you had to create one Application Proxy for each URL. Well, good news as now you can publish multiple internal web application using only one Application Proxy. The first …

Azure AD – You can now publish multiple internal URLs with a single Application Proxy and validate backend SSL certificate Read More »

Azure AD – Update your Conditional Access policies if you are using ‘require approved client app’ before March 2026

Leave a Comment / Azure Active Directory, Microsoft Entra, Security / By Benoit HAMET / April 14, 2023 / AAD, AAD Conditional Access, Azure Active Directory, Azure Active Directory Conditional Access, Azure AD, Azure AD Conditional Access, Conditional Access

If you are using the grant control ‘Require approved client app’ in your Conditional Access policies, you need to update and migrate to use the grant control ‘Require application protection policy’ before March 2026. At this date, the control ‘Require approved client app’ will no longer be enforced and will act as if it was …

Azure AD – Update your Conditional Access policies if you are using ‘require approved client app’ before March 2026 Read More »

Azure AD – You can use conditional access for PIM (preview)

Leave a Comment / Azure Active Directory, Beta / Preview, Microsoft Entra / By Benoit HAMET / April 11, 2023 / AAD, AAD Conditional Access, Azure Active Directory, Azure Active Directory Conditional Access, Azure AD, Azure AD Conditional Access, Conditional Access, Entra, Microsoft Entra

As you know with Azure AD (P1 or P2) you can protect access to your workloads using Conditional Access. Well, you can now also use Conditional Access when used with PIM (Privileged Identity Management) (in preview), or more specifically when protected actions are being used. The below protected actions are currently supported: Update basic properties …

Azure AD – You can use conditional access for PIM (preview) Read More »

Azure AD – New authentication method – Authenticator Lite (preview)

Leave a Comment / Azure Active Directory, Beta / Preview / By Benoit HAMET / March 24, 2023 / AAD, Authentication Methods, Azure Active Directory, Azure AD, Entra, MFA, Multi Factor Authentication

A new authentication method called Authenticator Lite is available in preview. Authenticator Lite allows end-users to perform multifactor authentication without the Microsoft Authenticator app. Some end-users may be reluctant to install corporate applications on their mobile device or in some country/region there is a legal requirement for employers to provide corporate mobile phone if corporate …

Azure AD – New authentication method – Authenticator Lite (preview) Read More »

Azure AD – You can now use Token Protection with Conditional Access (preview)

Leave a Comment / Azure Active Directory, Beta / Preview / By Benoit HAMET / March 15, 2023 / AAD, AAD Conditional Access, Azure Active Directory, Azure Active Directory Conditional Access, Azure AD, Azure AD Conditional Access, Conditional Access

You know that you can use Azure AD Conditional Access to secure access to your resource by enforcing MFA, device compliance… Well, Azure AD Conditional Access has been updated to allow you use Token Protection. Token Protection attempts to reduce attacks using token theft by ensuring a token is usable only from the intended device. …

Azure AD – You can now use Token Protection with Conditional Access (preview) Read More »

Azure AD – New recommendations for applications (preview)

Leave a Comment / Azure Active Directory, Beta / Preview / By Benoit HAMET / March 15, 2023 / AAD, Azure Active Directory, Azure AD

About a year ago, Microsoft has introduced Azure AD recommendations to help you improve your Azure AD security posture (see https://t.co/92sR2y0bR4). Well, these recommendations have been updated to introduce recommendations for Azure AD applications. While the first recommendations apply to all Azure AD license, these new recommendations for applications require Azure AD P2. The available …

Azure AD – New recommendations for applications (preview) Read More »

Azure AD – You easily get Azure AD error code meaning

Leave a Comment / Azure Active Directory / By Benoit HAMET / March 1, 2023 / AAD, Azure Active Directory, Azure AD

Have you ever try to figure out what the error code from Azure AD is meaning? While Microsoft has been trying to provide meaningful information when the error occurs, sometime it is more complicated and not easy to find answer. Well, good new, you can use this Microsoft site https://login.microsoftonline.com/error – you will notice this …

Azure AD – You easily get Azure AD error code meaning Read More »

Azure AD – You can now enable suspicious activities reporting (preview)

Leave a Comment / Azure Active Directory, Beta / Preview / By Benoit HAMET / February 24, 2023 / AAD, Azure Active Directory, Azure AD, MFA, Multi Factor Authentication

If you have been using the on-premises Azure MFA server (which by the way is going to be fully deprecated – https://azure.microsoft.com/en-us/updates/azure-multifactor-authentication-server-will-be-deprecated-30-september-2024/) you already know that end-users were able to report suspicious activities. Well, this was a missing feature on Azure AD MFA which is now becoming available. First you need to enable it (this …

Azure AD – You can now enable suspicious activities reporting (preview) Read More »

Azure AD – You can now set an Azure AD Application Proxy app in maintenance mode

Leave a Comment / Azure Active Directory / By Benoit HAMET / January 24, 2023 / AAD, AAD App Proxy, App Proxy, Azure Active Directory, Azure Active Directory App Proxy, Azure AD, Azure AD App Proxy

If you use Microsoft Cloud services, you know that identity and access control is managed by Azure AD. Azure AD which comes with a feature called Azure AD Application Proxy to allow you publishing internal applications without configuring your firewall and can integrate with Azure AD for authentication and access control (see https://learn.microsoft.com/en-us/azure/active-directory/app-proxy/application-proxy/ to know …

Azure AD – You can now set an Azure AD Application Proxy app in maintenance mode Read More »