Azure AD 17 - Benoit's Corner

Azure AD – You can now secure SSPR and MFA registration using conditional access

Leave a Comment / Azure Active Directory, Security / Benoit HAMET / May 17, 2019 / AAD, Azure Active Directory, Azure AD, Conditional Access, MFA, Multi Factor Authentication, Self Service Password Reset, SSPR

You may already know this is a best practice to get your users registered for Azure Multi Factor Authentication (MFA) and Self Service Password Reset (SSPR). That said, the registration requires your end-user to provide sensitive information (phone number, external email address…) to help the system to properly identify them during the registration process – […]

Azure AD – You can now secure SSPR and MFA registration using conditional access Read More »

Office 365 / Azure AD – The limitation of the 16-characters password is now removed

Leave a Comment / Azure Active Directory, Office 365 / Benoit HAMET / May 15, 2019 / AAD, Azure Active Directory, Azure AD, O365, Office 365, Password

Until today, when you were setting up a cloud password on Office 365 or Azure Active Directory (AAD), you were not able to use more than 16 characters. NOTE this limitation did apply to synchronized password. Now, this limitation has been removed; you can set your password by using up to 256 characters, with a

Office 365 / Azure AD – The limitation of the 16-characters password is now removed Read More »

Azure AD – You can easily and automatically manage access to groups, applications and SharePoint sites for your users (internal and external)

Leave a Comment / Azure Active Directory, Beta / Preview / Benoit HAMET / May 1, 2019 / AAD, Azure, Azure Active Directory, Azure AD, Governance, Identity, Identity and Access Management, Identity Governance, Identity Management

As part of the identity and access control management on Azure AD, you can now use Azure AD Entitlement (also known as Azure AD Identity Governance) (in preview) to easily and automatically manage access to your groups or applications by your users, both internal (corporate) or external (guest). By using Azure AD Entitlement, you can

Azure AD – You can easily and automatically manage access to groups, applications and SharePoint sites for your users (internal and external) Read More »

Azure AD – New Session control settings available in preview for Conditional Access

Leave a Comment / Azure Active Directory / Benoit HAMET / April 29, 2019 / AAD, AAD Conditional Access, Azure, Azure Active Directory, Azure Active Directory Conditional Access, Azure AD, Azure AD Conditional Access, Conditional Access, Persistent Browser Session, Sign-In Frequency

2 new settings have been introduced for the Session Control in Azure AD Conditional Access: Sign-in frequency: defines the time period before a user is asked to sign-in again when attempting to access a resource. This means that if the security posture of the authentication session has not changed, users will be asked to re-authenticate

Azure AD – New Session control settings available in preview for Conditional Access Read More »

Azure AD – You can now use group claims in SAML and OIDC/Oauth token

Leave a Comment / Azure Active Directory / Benoit HAMET / April 29, 2019 / AAD, AAD Application, Azure, Azure Active Directory, Azure Active Directory Application, Azure AD, Azure AD Application

When publishing application using Active Directory Federation Services (AD FS) or other identity provider, you often use group membership as claim is a user’s token. Until now, this was not possible to use group membership as claim in Azure AD Application; now you can To start using group membership claim for your Azure AD Application,

Azure AD – You can now use group claims in SAML and OIDC/Oauth token Read More »

Azure AD – You can now use Directory Roles when configuring Conditional Access

Leave a Comment / Azure Active Directory, Beta / Preview, Microsoft Intune, Security / Benoit HAMET / April 26, 2019 / AAD, Azure Active Directory, Azure AD, Conditional Access, Directory Roles

As you know, Azure AD Conditional Access allows you to define conditions to allow or block access to Azure/Office 365 resource (https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview). When configuring such conditional access, you define to which set of users/groups this apply (or not – aka exclude). Now, you can apply the conditional access policy by using the Directory Roles to

Azure AD – You can now use Directory Roles when configuring Conditional Access Read More »

Office 365 / Azure AD – New administration roles available

Leave a Comment / Azure Active Directory, Office 365 / Benoit HAMET / April 11, 2019 / AAD, Admin Role, Administration Role, Azure Active Directory, Azure AD, O365, Office 365

As Office 365 and Azure AD are evolving, the need for more granular administration role is more and more important. 2 new administration roles have been introduced to reduce the need for more elevated privileges: Information Protection Administrator: to grant all Azure Information Protection (AIP) administration aspects without granting global administrator permission. This covers Azure

Office 365 / Azure AD – New administration roles available Read More »

Azure AD – Azure AD Password Protection is now GA

Leave a Comment / Azure Active Directory, Security / Benoit HAMET / April 3, 2019 / AAD, AAD Password Protection, Azure, Azure Active Directory, Azure AD, Azure AD Password, Azure AD Password Protection, Password Protection

You may already know that for quite some time there has been a new Azure security feature in preview called Azure AD Password Protection to help protect you against password based attacks and restrict the usage of bad/too well known password (see https://t.co/PnWZiWbWic) Well, the feature is now generally available. If you have been using

Azure AD – Azure AD Password Protection is now GA Read More »

Azure AD Connect – A new version is coming

Leave a Comment / Azure Active Directory, Office 365 / Benoit HAMET / March 28, 2019 / AAD, AAD Connect, Azure, Azure AD, Azure AD Connect, Directory Sync, Directory Synchronization, O365, Office 365

A new version (1.3.90.0) of the directory synchronization (Azure AD Connect) tool for Office 365 / Azure AD is going to be release soon (https://go.microsoft.com/fwlink/?LinkId=615771) This new version of Azure AD Connect is not only resolving few issues (SQL reconnect logic for ADSync service, issue where installation of Azure AD PowerShell on a server could

Azure AD Connect – A new version is coming Read More »

Azure – Azure Storage support for Azure AD access based now GA

Leave a Comment / Azure Active Directory, Microsoft Azure, Security / Benoit HAMET / March 26, 2019 / AAD, Azure, Azure Active Directory, Azure AD, Azure Storage, Queues, Storage Blobs

It has been in preview for quite some time, now the time has come and Azure Storage support for Azure Active Directory (AAD) access based in now generally available for Azure Storage Blobs and Queues. You can then take advantage of the advanced access control from Azure AD, like multi-factor authentication or conditional access. You

Azure – Azure Storage support for Azure AD access based now GA Read More »