Conditional Access Policy Name Location
Hello, I have conditional access policy to allowing some users only can access from Indonesia only. This policy is working from long time ago. Now i have one user complain that he not able to access to the M365 from their home. I can see in the log the…
Microsft Graph Error: ClientSecretCredential authentication failed: AADSTS9002331: Application 'xxxxx' is configured for use by Microsoft Account users only. Please use the /consumers endpoint to serve this request.
I need to send emails from a desktop application. I have read a lot of threads about this matter and using the codes shared all over internet to send email using microsoft graph with no luck. I'm using my personal outlook account to be used within the…
Installing Entra Connect on Windows Server Core
Is it possible to deploy and install Entra Connect on a Windows Server Core version?
problem accessing tables
We had return tables and directories, but now when we log in it gives the error AADSTS7000112. Here are additional details: Request Id: 5da0c86f-65d4-4b0f-9021-056947946c00 Correlation Id: df5e67a1-4082-7000-243d-cd5f13b6dc9f Timestamp:…
Maximum number of secrets reached
First question/post, so I apologize if not in the correct category. I'm using Microsoft Entra (within the admin center). I'm attempting to add credentials to a new Enterprise Application (Users and Groups -> Update Credentials) but I'm getting this…
How to prevent Group Owners from deleting a group
I have a group in Entra for managing users who do not have MFA. in this group I added our service desk membes (they have Helpdesk Admin roles in Azure) as owners to be able to add/remove members but one of them accidentally deleted that group. how do I…
How to disable consent on behalf of organization
My application needs to subscribe to a number of other user presences. Therefore I request a permission Presence.Read.All When admin accesses the authorize endpoint in the UI I see a checkbox Consent on behalf of your organization. So I have questions…
command is not recognized.
i have installed the below powershell modules.I am getting error when i execute Get-AzADSubscribedSku command please guide me. Install-Module -Name Az -AllowClobber -Force Install-Module -Name "AzureAD" Import-Module AzureAD
Change the language settings for Entra ID and Microsoft 365 service for all users?
Hi, Is it possible to change the language region for all users and devices in Entra ID tenant? For Domain AD, it can be via GPO, but for Entra ID (Azure) and it's for all Microsoft 365 services like OneDrive, SharePoint, Office suite, and other…
Login with Employee ID
Hello, We are using the SAP Cloud Identity Service and the SAP Cloud Identity Provisioning Service. We provision users from Entra ID to SAP IAS, and then the users are provisioned to cloud applications. The users that are provisioned from Entra ID are…
How can I include an email claim in an Open ID token for the managed account in Entra ID?
I registered a multi-tenant application in my own tenant of Microsoft Entra ID. I configured email and openid as API Permissions. I tried the device code grant flow with this application. I specified email and openid as scope in the v2.0/devicecode…
Azure AD: how to update user's ImmutableId without AzureAD module nor MSOnline module
I am AD and Azure AD Administrator. I want to sync an existing Azure AD account with a newly created on-premises AD account in an environment where: OnPremisesImmutableId is empty for all Azure AD accounts. Azure AD Connect currently uses objectGUID for…
Azure Files identity-based authentication over SMB using Microsoft Entra Domain Services authentication for cloud-only identities
Hello, I'm looking for some advice on this hypothetical scenario. Suppose I have a cloud-only identity which is a security group in Microsoft Entra named Group1. I have a Azure Files fileshare named share1. I want to be able to grant Group1 Azure RBAC…
Step-by-Step Guide for Implementing Enterprise Policy as Code (EPAC) using Terraform for ISO 27001 Compliance
Hello Community, I'm working on implementing Enterprise Policy as Code (EPAC) using Terraform for regulatory compliance with ISO 27001 in an Azure environment. This is my first time working with EPAC, and I am new to the concept of policy implementation…
Microsoft Entra SAML-based SSO gives error AADSTS7500525: "There was an XML error in the SAML message at line" ... but ONLY for unassigned users
We're using Microsoft Entra SAML-based Single Sign-On (SSO) to sign in to Zendesk. A subset of our organization's users is authorized to access Zendesk, and those users have been properly assigned as such within Entra. SSO works properly whenever any of…
Subscription can't be found
Message:AADSTS50011: The redirect URI 'https://signup.azure.com/api/user/logout' specified in the request does not match the redirect URIs configured for the application '8e0e8db5-b713-4e91-98e6-470fed0aa4c2'. Make sure the redirect URI sent in the…
I have two application configured with FRONT CHANNEL LOGOUT but AzureB2C does not seem to be triggering Single Sign Out
I have two applications configured in AzureB2C A Web Application (ASP.NET Web Forms application) - APP 1 A SPA Application (Angular client side) - APP 2 For both applications I have enabled the front channel logout URL . When I login into APP 1 and…
The Copilot iOS app fails against Conditional Access
Copilot iOS fails against conditional access with a failure reason of : Application does not meet the conditional access approved app requirements. Application used is not an approved application for conditional access. User needs to use one of the apps…
Implementing Azure AD B2C with Local Identity and SSO for Third-Party Access
Hi, We want to set up Azure AD B2C with local identity support and enable Single Sign-On (SSO) using custom policies for the following scenario: A user logs into my website using the B2C sign-in/sign-up policy via an iframe (this is functioning…
Moving data from Azure Virtual machine to Storage account within same subscription
Hi! Currently we are using the build system on the Virtual machine running on linux in azure and send the data ( full folders into ) storage account in the same subscription via mounted storage with smb module, but sometimes we run into issues with slot…