Staged rollout password hash sync
Hello I have enabled staged rollout for password hash sync. If i log into the O365 or azure portal using Chrome, everything works as expected, i get authenticated in Azure. However if using Firefox, i get redirected back to my onprem ADFS server,…
synched too many AD objects
We had a problem where the AD Sync connector was not synchronising any new AD objects past a certain date, and previously it was set up to only sync from a certain OU. I know little about Azure AD but was asked to troubleshoot, and guessed that the…
Setup Microsoft Azure SAML 2.0 into iOS application
I am trying to configure single sign-on feature of SAML 2.0 in my iOS application. I have successfully configured Auth2.0 using MSAL iOS SDK. Link: https://cocoapods.org/pods/MSAL I have also looked into docs also. LinkL:…
Staged rollout password hash sync
Hello all This feature is totally not working. What is interesting is it works fine in our dev tenant, but does not work in our production tenant . This is not a difficult task to setup, so i dont understand why this is not working in our production…
Legacy / Azure AD Graph API - App Permissions
Hi I'm wanting an azure ad application to have the directory.read.all permission scope so it can read the directory. What URL needs constructing to be able to do this? Need to be in the legacy graph api Cheers
Azure AD Certificate/Thumbprint Authenticate to Azure SQL
I have an Azure App Service which access Azure SQL. I have an AAD.AppReg with Certificate & Thumbprint I wanted to do Certificate Thumbprint based Authentication to the Azure SQL. How can I achieve same? Please advice.
Issues connecting to Azure AD DS
I am unable to connect to Azure AD DS from a local application, I am getting Error Code: 91 when tired connecting to Azure AD DS domain and when tried from local ldap client (ldp.exe) observing the below error ld =…
Invalid resource. The client has requested access to a resource which is not listed in the requested permissions in the client application
I created the OAuth app to perform sharepoint authentication, When a user, Non-Microsoft email id(example.com) is trying to authenticate on my app, then the user is getting "Invalid resource. The client has requested access to a resource which is…
Azure monitoring and alerting
What is everyone using for proper alerting and notification into a ticketing system as well as sms page out for oncall purposes. I work on a team that believes checking email continuously is a one all solution and trying to gauge what everyone is…
Implications of migrating On Prem Identities to Azure AD
One of my customers would like to know what are all the implications and what all precautions one needs to take before migrating all their identities to Azure and use Azure AD as the main AD. Any kind of documentation on this would be really helpful. …
Azure AD Connect not working after OS upgrade from 2016 to 2019
Hi, I have upgraded an Azure AD Connect Server, running in staging mode, to Server 2019 and now I get the following error messages: When I start Microsoft Azure Active Directory Connect Interface I get "Azure Active Directory Connect…
can't disable 2 factors authentication when login to azure or power bi
I am using azure function app in order to embed PBI reports on my website. I create a new user on azure. When i try to login with this user to azure portal or power bi in the login pop up i am being asked to better secure my account . I…
How to set custom claims to aad token using C# code
I have a webapi which generates aad token and I have written token generation logic in Get() method in webapi. I'm able generate aad jwt token from webapi get() method but, now I want to include some custom claims into the token. How can I set…
Revoke-AzureADUserAllRefreshToken not working for one account
Hello I can successfully run Revoke-AzureADUserAllRefreshToken -objectid <guid> for one particular account, and it works. However running the same command against a different account i get the below error. The account i am using to run the command…
Query exchange customattribute in an AAD group
I need to be able to somehow create a group in AAD that can query customattributes in exchange. it is for an fully online environment, so I don't have the tenant admin app available to query as appid in extensionproperty, what do I need to?
Azure AD DS upgrade ?
Hi, If we deploy Azure AD DS Standard, is it possible later to upgrade to the Enterprise or Premium SKU without destroying the service ? Thanks Nicolas
Bypassing Azure AD MFA by adding machine IP address in MFA Trusted IPs throws error
I have added my machine's IPv4 address in MFA Trusted IPs and added CAP. But, it is not recognized and throws error. PFA. How to bypass Azure AD MFA by adding machine IP address in MFA Trusted IPs?
Retrieve an access token for Graph using a B2C tenant and delegated privileges
Hi, I'm trying to retrieve a valid access token to get to the user's audit log. As of right now, I've tried to retrieve that information both from the Azure Active Directory Graph and Microsoft Graph. Certainly, using an application scope and a…
How to log in to Windows using Azure Active Directory with Remote Desktop from MacOS?
I tried to log in to the PC using Azure Active Directory using the Remote Desktop app of MacOS, but the message "Smart card inserted" is displayed even though there is no smart card. Is there any solution?
Unable to download Certificate from Vue.com/Microsoft
Hi, I have completed AZ-300 and AZ-400, But still not able to download certificates from Vue.com/Microsoft