Azure Active Directory

  • Blog
  • Azure Active Directory


Enforce MFA for SharePoint Online Sites with Conditional Access Policies

Securing Confidential SharePoint Online Data SharePoint Online sites hold some very confidential information. Now that SharePoint Online supports sensitivity labels, you can protect individual documents with encryption to stop their contents leaking. Other features, like regarding newly uploaded documents sensitive by default to stop them being shared externally until Data Loss Prevention (DLP) processing completes,…

View Article

Azure Active Directory Premium P1 to be Part of Microsoft 365 Business

Cloud Discovery, Application Proxy, passwordless authentication, and more Azure Active Directory features coming to Microsoft 365 Business in April.

View Article

How to Enable Security Defaults in Azure Active Directory

Microsoft is gradually introducing multifactor authentication (MFA) for all organizational accounts in Azure Active Directory. In this article, I look at the new Security Defaults setting and how to enable it.

View Article

Identifying Obsolete Guest User Accounts in an Office 365 Tenant

Many Office 365 applications now create Azure Active Directory guest accounts. What’s the best way to discover if the accounts are active and in use? This PowerShell script uses the Office 365 audit log and message trace data to figure out what guest accounts are active and outputs a CSV file for your review and analysis. Like any other PowerShell script, it can be adapted to suit your purposes.

View Article

Join Windows 10 to Azure Active Directory During OOBE

Before you perform an AAD domain join, you should understand the difference between an AAD domain-joined device and one that is registered with AAD.

View Article

Azure Active Directory Basic Edition is Being Retired

AAD Basic edition is ‘going away’ because it is low volume and confuses customers.

View Article

Adding a Default Photo to Azure Active Directory Guest User Accounts

You can add photos to Azure Active Directory guest accounts and have Office 365 apps display those photos. But it’s a lot of work to track down suitable photos for individual guests. If you want to change the default two-initial icon displayed by Office 365, you can use PowerShell to update all guest accounts with a photo. Here’s how I handled the problem.

View Article

Microsoft Enables Longer Azure Active Directory Passwords

You can now protect your Azure Active Directory account with a 256-character password, including spaces. This news will bring much joy to Office 365 administrators and others who hated the previous 16-character limit, but please don’t rush into forcing users to change their passwords without taking the time to pause and consider how best to proceed. Longer passwords are good, but they should be only one part of a strategy to protect user accounts.

View Article

Microsoft Previews Azure Active Directory Entitlement Management

Microsoft launched the preview of Entitlement Management, a new part of their Azure Active Directory Identity Governance program. The idea is that you can manage access to resources via policy, which seems to be a good thing, especially in large organizations where objects like Office 365 Groups, SharePoint Sites, and Teams might just get a little out of hand. The preview is interesting, but like all previews, it needs some work to be ready for prime time.

View Article
Go to page