Azure Active Directory

Key takeaways: Microsoft has announced API-driven provisioning support for Microsoft Entra ID (formerly Azure Active Directory). This new release allows businesses to seamlessly integrate their authoritative system of record with Azure AD provisioning, encompassing everything from HR and payroll apps to SQL tables and spreadsheets. The API-driven provisioning feature is designed to help organizations ensure…

Many Office 365 applications now create Azure Active Directory guest accounts. What’s the best way to discover if the accounts are active and in use? This PowerShell script uses the Office 365 audit log and message trace data to figure out what guest accounts are active and outputs a CSV file for your review and analysis. Like any other PowerShell script, it can be adapted to suit your purposes.

Key Takeaways: Microsoft has released a new update that enables IT admins to designate sponsors for Entra ID guest accounts. The feature launched in public preview in July, allowing organizations to appoint individuals or groups as sponsors for their guest accounts (via Office 365 for IT Pros). A sponsor is a “responsible individual” who tracks…

Key Takeaways: Microsoft Defender for Identity has added a cutting-edge addition to its toolkit – a new sensor now deployable on Active Directory Certificate Services (AD CS) servers. The sensor augments the existing capabilities, significantly enhancing the detection mechanisms for identifying questionable certificates within enterprise environments. Active Directory Certificate Services (AD CS) is a Windows…

Microsoft Entra ID will soon start delivering multifactor authentication (MFA) text messages through WhatsApp. The company announced on the Microsoft 365 Admin Center yesterday that this update will begin rolling out to customers in select markets next month. As of today, the Microsoft Entra ID Multifactor Authentication feature uses text messages to send one-time passcodes…

Microsoft announced yesterday a new update for its Microsoft Entra ID Protection service. This release brings a new dashboard, advanced detection capabilities, integration with Microsoft 365 Defender, and more. The Microsoft Entra ID Protection service leverages machine learning to detect, investigate, and remediate identity-based sign-in risks and unusual activities. It uses risk-based adaptive access policies…

Microsoft has released a public preview of a new continuous access evaluation (CAE) setting for the Entra ID Conditional Access service. The new feature enables IT admins to strictly enforce location policies for network access in enterprise environments. Continuous Access Evaluation is a mechanism that offers real-time evaluation of Conditional Access policies for certain apps….

Microsoft has announced the general availability of improved company branding functionality for enterprise customers. The new feature launched in preview last year, allowing organizations to customize the sign-in experiences of Microsoft Entra ID (Azure AD) and Microsoft 365 apps. “With enhanced company branding, you’ll be able to create a custom look and feel for the…

Configure MDM autoenrollment to solve Invalid_Client Azure AD join error message.

Devices hybrid joined to AAD are not joined to AAD. But instead, joined to ADDS and automatically registered with AAD.