Azure Active Directory - Benoit's Corner

Azure AD – You can now set an Azure AD Application Proxy app in maintenance mode

If you use Microsoft Cloud services, you know that identity and access control is managed by Azure AD. Azure AD which comes with a feature called Azure AD Application Proxy to allow you publishing internal applications without configuring your firewall and can integrate with Azure AD for authentication and access control (see https://learn.microsoft.com/en-us/azure/active-directory/app-proxy/application-proxy/ to know …

Azure AD – You can now set an Azure AD Application Proxy app in maintenance mode Read More »

Intune – Enable self-service password reset on Windows login screen new option

Leave a Comment / Azure Active Directory, Endpoint Configuration Manager, Microsoft Intune / By Benoit HAMET / January 16, 2023 January 16, 2023 / AAD, Azure Active Directory, Azure AD, ECM, Endpoint Configuration Manager, Intune, Self Service Password Reset, SSPR

As you are now probably aware, Intune administrators were able to enable self-service password reset (SSPR) on the Windows login screen for quite some time This enablement required to create a custom Intune device configuration profile, as documented here https://blog.hametbenoit.info/2017/11/06/azure-ad-allow-end-users-to-reset-password-or-pin-from-the-login-screen/. Well, as Intune has been evolving quite quickly and some time you may miss updates, …

Intune – Enable self-service password reset on Windows login screen new option Read More »

Azure AD – You can now restrict tenant creation to administrators (preview)

Leave a Comment / Azure Active Directory, Beta / Preview / By Benoit HAMET / December 16, 2022 December 20, 2022 / AAD, Azure Active Directory, Azure AD

As you probably know, users may have the ability to create new tenant using the Manage tenant option from the Azure AD (https://aad.portal.azure.com/) or Entra () portal When creating a new tenant, the user becomes automatically a global administrator for this new tenant and this new tenant does not inherit your organization settings or …

Azure AD – You can now restrict tenant creation to administrators (preview) Read More »

Azure – The Azure Active Directory section on the Azure mobile application has been updated

Leave a Comment / Azure Active Directory, Microsoft Azure / By Benoit HAMET / December 9, 2022 December 9, 2022 / AAD, Azure, Azure Active Directory, Azure AD, Azure Mobile App, Azure Mobile Application, Microsoft Azure

Earlier in September, the Azure mobile application (Azure Companion application) has been updated to introduce an initial access to Azure Active Directory (Azure AD) (see https://t.co/ayBZHVODXx). Well, the application has been updated again to provide additional capabilities to manage Azure AD. You can now: Manage your users in Azure AD with access to the user …

Azure – The Azure Active Directory section on the Azure mobile application has been updated Read More »

Azure AD – Access to Azure AD from O365 administration portal going to redirect to Entra

Leave a Comment / Azure Active Directory, Microsoft Entra / By Benoit HAMET / December 6, 2022 December 6, 2022 / AAD, Azure Active Directory, Azure AD, Entra, Microsoft Entra

With the introduction earlier in July of Microsoft Entra to centralize all identity and access management capabilities, starting December 2022 access to Azure AD from the Office 365 administration portal will redirect to the Entra portal (https://entra.microsoft.com). The rollout of this redirection is expected to be completed by March 2023. Off course you can still …

Azure AD – Access to Azure AD from O365 administration portal going to redirect to Entra Read More »

Azure AD – Use Machine Learning in Azure AD Access Review (preview)

Leave a Comment / Azure Active Directory, Beta / Preview, Microsoft Entra / By Benoit HAMET / December 2, 2022 December 2, 2022 / AAD, Azure Active Directory, Azure AD, Entra, Microsoft Entra

If you have Azure AD P2 license (either standalone or bundle with an Office 365 or EMS subscription), you know you can use the Access Review feature to help you manage access to your resources to only user which still need it. Access Review involve some level of human intervention to either approve or review …

Azure AD – Use Machine Learning in Azure AD Access Review (preview) Read More »

Azure AD – You can now customize the favicon, header and footer

Leave a Comment / Azure Active Directory, Microsoft Entra / By Benoit HAMET / November 24, 2022 November 24, 2022 / AAD, Azure Active Directory, Azure AD, Company Branding, Entra, Microsoft Entra

As you know, you have at least Azure AD P1 license, you can configure your company branding to use custom background and logo. That said, even with company branding implemented, there is still settings (favicon or header/footer) using generic Microsoft resources. Well, the company branding feature has been updated to now allow you to …

Azure AD – You can now customize the favicon, header and footer Read More »

Azure AD – Authenticator number matching will be enabled for all users

Leave a Comment / Azure Active Directory, Security / By Benoit HAMET / November 21, 2022 November 24, 2022 / AAD, Azure Active Directory, Azure AD, Entra, MFA, Microsoft Entra, Multi Factor Authentication

As you know, Azure AD allows you to request multi-factor authentication (MFA) using the Azure AD MFA and Microsoft Authenticator application. Since its introduction Azure AD MFA has been continuously improved. Latest improvement was to request a number matching during the MFA process to avoid accidental approval and fight against MFA fatigue …

Azure AD – Authenticator number matching will be enabled for all users Read More »

Azure AD – A new version of Azure AD Connect – 2.1.20 – is now available fixing synchronization issue for employeeLeaveDateTime

Leave a Comment / Azure Active Directory, Microsoft Entra / By Benoit HAMET / November 14, 2022 November 14, 2022 / AAD, AAD Connect, Azure Active Directory, Azure Active Directory Connect, Azure AD, Azure AD Connect, Entra, Microsoft Entra

As you are may be aware, Microsoft has released an updated version of Azure AD Connect to support the employeeLeaveDateTime attribute (see https://t.co/dzZs8LWyHb). Well, there has been a bug where the new employeeLeaveDateTime attribute was not syncing correctly. If you have been already implemented it using the AAD Connect version 2.1.19, you need …

Azure AD – A new version of Azure AD Connect – 2.1.20 – is now available fixing synchronization issue for employeeLeaveDateTime Read More »

Azure AD – A new version of Azure AD Connect is available with support for employeeLeaveDateTime

Leave a Comment / Azure Active Directory, Microsoft Entra / By Benoit HAMET / November 4, 2022 November 14, 2022 / AAD, AAD Connect, Azure Active Directory, Azure Active Directory Connect, Azure AD, Azure AD Connect, Entra, Microsoft Entra

UPDATED a newer version (2.1.20) is now available to fix synchronization issue for employeeLeaveDateTime (see https://t.co/PQqgAu2m3X) Back in July 2021, Microsoft has introduce a new attribute (employeeHireDate) to help manage users’ lifecycle (see https://learn.microsoft.com/en-us/graph/api/resources/identitygovernance-lifecycleworkflows-overview?view=graph-rest-beta). Well, the new version of Azure AD Connect (2.1.19 – available for download here https://www.microsoft.com/download/details.aspx?id=47594) is now adding the …

Azure AD – A new version of Azure AD Connect is available with support for employeeLeaveDateTime Read More »