Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,420 questions
1 answer
One of the answers was accepted by the question author.
Remove elevated access
Hi, I am to delete/remove users from the "User Access Adminstrator" role, as they were assigned to this role directly at the beginning of the prosject. Problem is that I am not able to remove them all. I can remove my self and one other…
asked 2020-10-29T12:34:17.953+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 43%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELR%3C/text%3E%3C/svg%3E)
Linda Renate Andersen
196
Reputation points
accepted 2020-11-02T17:11:14.75+00:00
Linda Renate Andersen
196
Reputation points
2 answers
Conditional Access Policy to restrict normal users from using Azure Active Directory PowerShell
Hello all, I'm looking for a solution(conditional access policy) or something else that will restrict normal users from accessing azure active directory power shell and execute msol (get-msolgroup) or azure ad cmdlet's. If someone has a solution…
asked 2020-10-05T14:57:42.413+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(268.8, 74%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAP%3C/text%3E%3C/svg%3E)
Aleksandar Pavlov
1
Reputation point
commented 2020-11-02T09:44:05.877+00:00
Aleksandar Pavlov
1
Reputation point
0 answers
Disable global MFA for a specific Application (client) ID that requires ROPC
My organization has configured the MFA for all applications (globally). Which is great as it improves overall security. But how can it be disabled only for an Application (client) which is legacy and requires Resource Owner Password Credentials (ROPC)…
asked 2020-10-29T16:07:32.153+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(32, 71%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELA%3C/text%3E%3C/svg%3E)
Luis Alves
1
Reputation point
commented 2020-11-02T07:14:59.467+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(172.8, 36%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
Martin1011
1
Reputation point
1 answer
I would pay cash money for a graphical UI on the portal/dashboard.
Once you get to 200+ resources, the dashboard is a complete disaster. Graphical UI! Make it look like a Windows desktop for all I care.
asked 2020-10-30T15:36:27.34+00:00
Black, Michael
1
Reputation point
answered 2020-10-30T21:25:58.077+00:00
JamesTran-MSFT
36,596
Reputation points Microsoft Employee
1 answer
Is this a business account?
Is my account a business account or a home account?
asked 2020-10-30T21:07:35.37+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 31%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMG%3C/text%3E%3C/svg%3E)
Max Glenn
1
Reputation point
answered 2020-10-30T21:10:54.6+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Anonymous
2 answers
Connect to SQL Server cross domain AD Group user
Our MS SQL Server is on another trusted domain (Trusted Domain T). We created a Universal Group within Domain A with users from different forest domains and added the AD group onto the SQL Server. When the user from Child Domain B tries to connect, they…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(176, 62%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
1 answer
One of the answers was accepted by the question author.
Is the synchronization of a Domain with Azure AD Bidirectional?
Please understand my question? I joined my domain (xxxxxxx.company) to my Azure AD Tenant (xxxing.email) synchronized and everything is correct. Users are synced from xxxxxx.company to xxxxxxxx.email. So far so good. I have users in…
asked 2020-10-30T00:16:20.927+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(243.2, 68%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EES%3C/text%3E%3C/svg%3E)
Esteban Strada Brenta
21
Reputation points
commented 2020-10-30T18:30:29.897+00:00
Esteban Strada Brenta
21
Reputation points
2 answers
Creating a user in Azure AD with custom user attribute using graph api SDK
I am creating a rest API that will create user with custom attribute into our Azure AD B2C tenant using graph SDK. Sample code below: var oUser = new Microsoft.Graph.User() { AccountEnabled = true, //True by default …
asked 2020-10-02T09:40:47.853+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(268.8, 14.000000000000002%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EE%3C/text%3E%3C/svg%3E)
emctradr
31
Reputation points
commented 2020-10-30T15:58:40.36+00:00
Alfredo Revilla - Upwork Top Talent | IAM SWE SWA
27,456
Reputation points
2 answers
One of the answers was accepted by the question author.
Security Question regarding AzureAD Applicatin Proxy for Internal NDES Services
Dear All, Hopefully I post this in the correct forum. I want to deploy certificates to our mobile devices managed by Intune / Endpoint Protection. For this I used these guides to Create an internal NDES Server Publish it with an…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 34%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EC%3C/text%3E%3C/svg%3E)
2 answers
Solution recommendation for separating contractors from MS365 Organization
Hello, from time to time my organization hires a temporary contractor to do specific task. I'd like to separate such person from my organization's resources - I mean files, distribution lists, Office 365 groups, shared mailboxes, conference rooms…
asked 2020-10-23T14:00:44.553+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(182.40000000000003, 52%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EB%3C/text%3E%3C/svg%3E)
BS
1
Reputation point
commented 2020-10-30T02:29:23.597+00:00
KyleXu-MSFT
26,256
Reputation points
0 answers
O365 Azure AD logging levels been changed?
Hi everyone I work for an MSSP and we're seeing a drastic drop in O365 Azure AD log levels across all customers. I can't find any further information on MS forums or the Azure AD patch notes page, so thought I'd ask here. Is anybody aware of the…
asked 2020-10-29T19:50:19.343+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 10%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDR%3C/text%3E%3C/svg%3E)
David Richards
1
Reputation point
commented 2020-10-30T01:23:30.44+00:00
David Richards
1
Reputation point
2 answers
One of the answers was accepted by the question author.
How can I merge my two MS Learn accounts?
I have a personal (@Anonymous .com) MS Learn account and another MS Learn account which is using my corporate email. How can I merge my two accounts?
asked 2020-10-29T22:36:11.407+00:00
Rex Cerbas
21
Reputation points
accepted 2020-10-29T22:54:01.61+00:00
Rex Cerbas
21
Reputation points
1 answer
Cisco Anyconnect : SAML Force select account during AAD login
Hello, We have switched from RSA to MFA for authentication on Cisco Anyconnect using Enterprise application and Azure AD SSO (https://video2.skills-academy.com/fr-fr/azure/active-directory/saas-apps/cisco-anyconnect ) we added conditional access to require…
asked 2020-10-29T12:35:50.733+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(3.2, 65%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EL%3C/text%3E%3C/svg%3E)
LoicM
1
Reputation point
answered 2020-10-29T19:56:23.803+00:00
James Hamil
24,386
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
API scopes and roles
Hi, When I register an application (Web api) and Expose the API (adding scopes). I see that we can add appRoles in the manifest. Is there a way to associate roles and scopes? Like to say an Admin role has Read and Write scopes and the Employee…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 84%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EB%3C/text%3E%3C/svg%3E)
1 answer
One of the answers was accepted by the question author.
App Registration and MS Graph API User.Read
Hi, When I register an application (web api) and when I go to the API Permissions section. I see that the MS Graph API User.Read is there by default. Is this necessary If I don't plan to access the Graph API? If it is necessary, what would be the…
1 answer
Azure AD - Custom Claims for onpremise application authentication.
HI Guys I trying to figureout how I can create the right claim ransformation to send to my onpremise application the value he expected. into the source attribute I choosed User.onpremisesamaccountname but my application expect domain\samaccoutname. …
asked 2020-10-29T11:30:31.113+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(73.60000000000001, 13%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EME%3C/text%3E%3C/svg%3E)
Mergirie, Emmanuel
1
Reputation point
answered 2020-10-29T17:02:25.917+00:00
Alfredo Revilla - Upwork Top Talent | IAM SWE SWA
27,456
Reputation points
1 answer
Get-AzureADUser : ProvisioningErrors how to export to “normal readable format
Hi, I know, that I can generate export of provisioning errors with command… $errors = (Get-MsolUser -UserPrincipalName "User1@Xdomain.com").Errors $errors | foreach-object {"`nService: "+…
asked 2020-10-29T14:59:44.883+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(105.60000000000001, 62%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMS%3C/text%3E%3C/svg%3E)
Mali Stane
91
Reputation points
answered 2020-10-29T16:56:07.997+00:00
Alfredo Revilla - Upwork Top Talent | IAM SWE SWA
27,456
Reputation points
0 answers
B2C - Cannot log out when using the Edge browser
During implementtion of the B2C logout process I used the Chrome browser and it was pretty much trouble free - I used the logout endpoint url as specified in the app registrations section in AAD B2C and added the post_logout_redirect_uri to the end of…
asked 2020-10-14T13:41:14.333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(262.40000000000003, 62%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENB%3C/text%3E%3C/svg%3E)
Neil B
21
Reputation points
commented 2020-10-29T16:38:59.673+00:00
Alfredo Revilla - Upwork Top Talent | IAM SWE SWA
27,456
Reputation points
0 answers
AD B2C ROPC JavaScript Token Retrieval
I have Azure AD B2C and a Blazor Server-side app with a Login page. I created a ROPC Custom Policy and tested with Postman and it retrieves the token with the claims correctly. But when I want to retrieve the token from the browser with JavaScript to the…
asked 2020-10-27T11:33:23.157+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 85%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGS%3C/text%3E%3C/svg%3E)
Guillem Soler Suetta
1
Reputation point
commented 2020-10-29T16:18:55.253+00:00
JamesTran-MSFT
36,596
Reputation points Microsoft Employee
2 answers
One of the answers was accepted by the question author.
Key Vault authentication
Hi, What is the best way of setting up authentication for key vault when you have the following? One Key Vault for each Subscription Dedicated resource group for each Key Vault Questions: Management plane - RBAC Should it be dedicated…
asked 2020-10-23T14:01:23.697+00:00
Linda Renate Andersen
196
Reputation points
accepted 2020-10-29T12:25:42.817+00:00
Linda Renate Andersen
196
Reputation points