Upcoming Webinar
Cayosoft Shows How Forest Recovery Tech Addresses Survey Issues
Join this webinar and not only learn about what your peers are doing, but also learn about a new patent-pending modern approach to AD forest recovery from Cayosoft.
New episode!
The Scoop on Loop: The Latest Innovations Directly From Microsoft!
Darrell Webster speaks to Rebecca Keys, a Program Manager from the Microsoft Loop team.
Turn Data Protection into an MRR Growth Engine
Security for your customers, revenue for your MSP practice. Access key insights on how to scale your practice with SkyKick’s new eGuide.
MSP eGuide to Package, Sell and Deliver M365 Security Services
Based on input from our top-performing MSPs, SkyKick prepared the MSP Guide to help you navigate the security landscape.

Microsoft Blocks Unmanaged Azure AD Guest Accounts

Microsoft has released an update that blocks the use of unmanaged Azure AD accounts in organizations. The company has provided a set of tools to help IT admins find existing unmanaged accounts and reset their redemption status.

In 2016, Microsoft introduced a self-service sign-up feature that allowed external users to sign up as guest members in managed tenants based on their email domain. This capability made it easier for guest users to access resources without an Azure AD-based identity. At the same time, it created compliance issues for several customers.

“However, this sometimes means that users would create accounts in a tenant not managed by the IT department of their organization. This has several unintended consequences such as challenges with user lifecycle management, support costs due to password reset issues and information disclosure between users in the Azure Portal,” the company explained.

Starting this month, it’s no longer possible to create unmanaged Azure AD guest accounts. Microsoft has released some tools to help admins detect and clean up such accounts in their tenants. The unmanaged accounts will continue to work, but will be configured to use alternative sign-up methods such as Google federation or One-Time Passcode (OTP).

Microsoft Blocks Unmanaged Azure AD Guest Accounts

Microsoft releases Azure Multifactor Authentication (MFA) Server Migration Utility

Additionally, Microsoft has released a new Azure Multifactor Authentication (MFA) Server Migration Utility for enterprise customers. The service lets administrators migrate MFA settings for users from the on-premises Azure Server to Azure AD MFA. It enables them to complete the MFA process without re-enrolling users after switching to the Azure MFA service.

Microsoft says that staged migration lets organizations test the changes with select users without changing domain federation settings. Keep in mind that the staged rollout can target up to 500,000 users. You can learn more about the MFA Server Migration Utility on this support page.

by Rabia Noureen
Sep 6, 2022

Rabia comes from a solid IT background and has been writing professionally about Microsoft products and other technology for four years. Rabia has also written for OnMSFT.com as well as Windows Report. She is always up to date on the latest trends in...

Microsoft Entra ID App Registration and Enterprise App Security Explained

Oct 19, 2023
Apr 17, 2024
How to Properly Secure and Govern Microsoft Entra ID Apps

Oct 19, 2023
Apr 17, 2024
How to Use Microsoft 365 Dynamic Groups to Streamline Access Management

Jul 5, 2023
Jul 13, 2023

Take our survey

PETRI NEWSLETTERS

Join Petri Insider

Create a free account today to participate in forum conversations, comment on posts and more.