Software OATH tokens unavailable after migration from legacy authentication methods policies
When I used instructions from How to migrate MFA and SSPR policy settings to the Authentication methods policy for Microsoft Entra ID and set Migration status in Entra ID - Protection - Authentication methods | Policies to the "Complete"…
If the the output should be aasija for the test input as abhishek.asija, what should be the replacement pattern for below regexpattern: ^((?i)[a-z])((?i)[a-z]+)\.((?i)[a-z]+)$
If the output should be "aasija" for "abhishek.asija" as test input, the Regex pattern is defined as: ^((?i)[a-z])((?i)[a-z]+).((?i)[a-z]+)$ The breakdown of this pattern is: ^((?i)[a-z]): Captures the first letter of the first part…
How to setup multifactor authentication
I received this email (screenshot) saying that I must enable MFA by October 15. I get the impression that if I don't enable MFA, I will lose access to my Azure portal and resources. But I read the documentation links in the email and it is still very…
School has changed the domain name of the school email account. Can someone help me get access?
I have graduated University more than 6 months ago. Suddenly I got some invoices from Azure regarding storage etc. I had worked with my personal account on some Azure stuff, so I didn't look into to it that much. But couple of months ago I stopped using…
Entra ID / AAD Connect Setup
Hi all, Any help would be appreciated with this. I have recently migrated my AD instance to a new server and am trying to setup entraID again. However despite my best efforts whenever I go to set it up using the same details as before I get the attached…
How to effectively enable SSO and SLO across multiple websites?
Hello, We're experiencing an issue with Entra External ID where Single Sign-On (SSO) works across multiple applications, but Single Logout (SLO) does not function as expected. Scenario: We have multiple app registrations, each corresponding to a…
Apple Business Manager Synchronisation Fails with "SystemForCrossDomainIdentityManagementCredentialValidationFailure"
Good morning I've had a look through other questions but haven't been able to find an answer for this one. Late last year we started using Apple Business Manager to sync accounts from AzureAD as our MDM Solution. Setup went fine and has been without…
Use Azure External Identity User Flow to onboard external users as guests and add them to Azure AD Security groups in one sign up process
Hi there , we want to user External Identity User Flow for allowing collaborators outside or Azure tenant to be able to self sign up. We're planning to use the External Identity User Flow and would like users to to sign up and post sign up added to…
What is the difference between the "signIn()" and "acquireToken()" methods in MSAL?
Can someone explain the difference between the "signIn()" and "acquireToken()" methods in Microsoft Authentication Library (MSAL)? I am also curious about when to use "acquireTokenSilent()" versus "AcquireToken()"…
Issue with AAD login into Azure VM joined to a different directory [error: AADSTS293004]
We have this Azure VM with AAD login which is successfully accessible using clients not registered to any domain nor have work or school accounts associated with. In the RDP file we have this setting to enable login in, using Conditional Access Policies…
When adding new permissions to MultiTenant enterprise app, does it notify the tenant account admins to grant admin consent?
Looking to see if Entra pushes a notification to the tenant accounts that have the application as an enterprise application if that application updates their permissions. If not, is there a way to do this using Graph API?
When adding new permissions to MultiTenant enterprise app, does it notify the tenant account admins to grant admin consent?
Looking to see if Entra pushes a notification to the tenant accounts that have the application as an enterprise application if that application updates their permissions. If not, is there a way to do this using Graph API?
Account/Subcription Locked
Dear All, I created a VM which an unauthorized user did use. I suspect that unallowed software were installed on it. As a result all my machines are down and my account locked. I of course have the name of the user if it needed, but he most important…
Can't login to Azure Portal with personal account to set up MFA
Our company set up Azure using personal email, versus organization emails. Now, MFA is required, but I can't login to the portal with my personal email. I get the following error message. Unfortunately, our organization cannot assist us. How can I set…
How to recover my password if I can't access the authenticator to change my passoword?
Hi. So, my problem is: I have an email that's connected to the microsoft authenticator. I can't remember the password, and when I try to change it, it asks for 2 types of verification, and the other one is the verification through the authenticator but,…
Howto remove myself from a subscription
For the past decades I have been working in many Azure instances of customers. All of them granting me rights. Some of them removed me after finishing the projects, others did not. Some companies even do not exist any more. And the ones that still do…
Roles claim missing from the access token
Have registered an app for SSO to web app. Created App roles for the app. Assigned users to groups and assigned groups to the app roles. The access tokens of the authenticated users do not show the roles claim. There are no groups or roles claim in the…
Entra ID authentication with Windows servers
I have a Windows 2022 server from onsite storage for hosting applications and having issues getting Entra connect to work. Do I need to create a duplicate domain and join that to our existing domain? I 'prefer not' to set up a new domain, but rather use…
Setting Attribute in "Single sign on" > "Attributes & Claim" Using Microsoft Graph PowerShell
Hello, I am trying to build an Automation Platform for registering Enterprise Application and assigning Custom attributes (Manipulating the existing user attributes including Extended attributes) for SAML claim token ("Enterprise Application"…
No user other than Entra Domain user able to sign in using REACT MSAL library on VSO scopes
Hi, I am using an Application defined in Entra ID, which is valid for multi-Tenants and Microsoft accounts. Whenever I try to use scopes related to VSO I am not be able to use Microsoft Account ID or Live ID BUT when I remove ADO/VSO related scopes from…