Entra Agent ID Portal explained
The Entra Agent Registry is the source of authority for Agent IDs in the Microsoft Tenant. The Agent ID | Overview portal provides an overview of a...
Read Article →Microsoft Entra ID Security Posts
Discover the latest insights, best practices, and security research related to Microsoft Entra ID (formerly Azure AD).
Search Entra ID Posts
Filter Posts
Posts
Microsoft Entra Private Access BYOD: Access Internal Resources with Entra Registered Devices
Until now, access to internal resources through Microsoft Entra Private Access was limited to managed devices that were either Microsoft Entra join...
Read Article →Deactivating an Entra ID Application
This article explores how to deactivate applications (aka disable apps) in Entra ID. Everything is done through PowerShell and the Microsoft Graph ...
Read Article →How to find unattested device-bound passkeys in Entra ID
Check out this article via web browser: How to find unattested device-bound passkeys in Entra ID Attestation is an important topic in the context o...
Read Article →Modern Email Security Explained: From Sender Authentication to Transport Security
Sending an email securely requires more moving parts than most people expect, you don’t notice when it works. You really notice when it doesn’t! Em...
Read Article →How to Find and Remove Application Owners from Disabled Applications
Learn how to find application owners on applications which have been disabled and remove them to mitigate any risks. The post How to Find and Remov...
Read Article →Copilot Studio Agent Security lessons learned from the field
This blog continues from my previous blog about Entra Agent Identities demystified. The previous blog was theoretical while this blog is about prac...
Read Article →Intelligent Local Access in Microsoft Entra Global Secure Access
Intelligent Local Access (ILA) addresses a core limitation of Microsoft Entra Global Secure Access: ensuring that local network traffic is handled ...
Read Article →The hidden risk of using aka.ms shortURLs for Microsoft portals
Check out this article via web browser: The hidden risk of using aka.ms shortURLs for Microsoft portals We all love them: Microsoft’s short U...
Read Article →Jan’s resource catalog to learn all about agents
Check out this article via web browser: Jan’s resource catalog to learn all about agents I’ve been digging into agents lately, especial...
Read Article →Analyzing Workload Identity Activity Through Token-Based Hunting
This post introduces the MicrosoftCloudWorkloadActivity KQL function and shows how to hunt token-based activity of workload identities across Micro...
Read Article →Getting a first grip on Copilot Studio agents as an administrator
Introduction With the rise of AI Agents in organizations, I see at many customers AI Identities rapidly being created in Entra ID. One of the first...
Read Article →Autopilot Hybrid Join Failure: 80004005 and a Malformed ID Token
Hybrid Autopilot is already one of those enrollment flows where everything has to line up perfectly. Domain join has to happen at the right moment,...
Read Article →Enable Group Synchronisation for Microsoft Entra Cross-Tenant Sync
Learn how you can now enable group object synchronisation in Microsoft Entra Cross Tenant Sync. The post Enable Group Synchronisation for Microsoft...
Read Article →Least privilege for Temporary Access Pass creation
Check out this article via web browser: Least privilege for Temporary Access Pass creation Today, giving out Temporary Access Passes for Microsoft ...
Read Article →Agent Identity Security controls …
Agent Identity Security controls …From a Security perspective it is recommended to provide Security Controls for AI Agents as if they where humans ...
Read Article →Generate a Weekly Report of Role Assignments
This article explores how to use Entra ID audit records to create a weekly report about role assignment additions and deletions. After deciphering ...
Read Article →Entra ID — Agent Identity Security products explained
Disclaimer: all Agent Identity Security products are in Preview (subject to minor changes and in it’s early stage of development)In the previous bl...
Read Article →Linking Privileged Accounts to Identities in Microsoft Defender: Benefits & Use Cases
Linked Identities in Microsoft Defender unlock new opportunities for visibility and management of multiple accounts, including scenarios with separ...
Read Article →Synchronizing Security and Microsoft 365 Group Memberships
An article from 2018 uses the AzureAD and Exchange PowerShell modules to synchronize membership between a security and a Microsoft 365 group. The i...
Read Article →Some Microsoft Graph PowerShell SDK Cmdlets Lose Body Parameters
A change made for some Directory Graph APIs has flowed through to the Microsoft Graph PowerShell SDK and affected how the associated cmdlets work, ...
Read Article →Agent Identity demystified
This blog series aims to demystify Microsoft Entra Agent Identity Security.An agent is an application that attempts to achieve a goal by understand...
Read Article →Teams External Collaboration Administrator Role Arrives
A new Entra ID role is coming. The Teams External Collaboration administrator role allows users to manage external collaboration settings. Quite ho...
Read Article →Entra Join Shows No Password Prompt: The User Realm Issue
This blog is about an Entra Join failure that made no sense at all. No password prompt, no authentication errors, no event logs, just a silent loop...
Read Article →Yellowhat
Yellowhat has always been on my bucket list, and what an event is was! Speaking for 200+ on-site and 2000+ livestream attendees was really amazing!...
Read Article →Access Azure Virtual Desktop and Windows 365 Cloud PC from non-managed devices
Check out this article via web browser: Access Azure Virtual Desktop and Windows 365 Cloud PC from non-managed devices Many organizations use Azure...
Read Article →Forgotten Features Series, Part 3: The Metadata Revolution You’re Missing – Custom Security Attributes
As a Managed Service Provider (MSP), you manage dozens or hundreds of customers across multiple tenants, each with different service tiers, billing...
Read Article →Forgotten Features Series, Part 2: The Overlooked Control Layer – Administrative Units
Administrative Units in Microsoft Entra ID are one of those features that often fly under the radar – but they can be game-changing for organ...
Read Article →Microsoft Entra Access Reviews: Governance for User and Guest Access
In Microsoft Entra ID, user and guest access evolves incrementally over time, for example as a result of role changes, project assignments or tempo...
Read Article →Entra ID Rationalizes Session Revocation for User Accounts
Microsoft is rationalizing the options to revoke sessions for a user account in the Entra admin center by removing an old revoke MFA sessions butto...
Read Article →Useful search filters in Entra ID you might not know (yet)
Check out this article via web browser: Useful search filters in Entra ID you might not know (yet) I learn new stuff every day. And so do you by re...
Read Article →Configuring Time-based Conditional Access Policies
Learn how to use Microsoft Graph PowerShell to configure time-based Conditional Access policies in Microsoft Entra. The post Configuring Time-based...
Read Article →KQL Sources: 2026 Update
What started as a single blog in 2023 is now becoming a yearly tradition. Each year, the KQL community expands with new repositories and queries. T...
Read Article →A second look at Microsoft Entra Private Access for Active Directory domain controllers
🆕 This is the updated version of my blog about Entra Private Access for Active Directory for Domain Controllers. You can find the old version → her...
Read Article →How to Setup Conditional Access for Account Recovery
Secure Microsoft Entra Account Recovery with Conditional Access. Learn to configure this new feature using PowerShell and Verified ID. The post How...
Read Article →Microsoft adds new Microsoft 365 Support Engineer role to Entra
Microsoft have added a new Microsoft 365 Support Engineer role to Microsoft Entra, but what does it do and why has it been added. The post Microsof...
Read Article →Microsoft Resolves WAM Issues for Microsoft Graph PowerShell
The default login experience has been set to use WAM for Microsoft Graph PowerShell, supporting additional security measures. The post Microsoft Re...
Read Article →Using Global Secure Access in Cross-Tenant scenarios
One of the many announcements at Ignite (somewhat away from the AI hype) is the long-awaited B2B support for Global Secure Access. It combines Entr...
Read Article →How to enable passkeys for guest users in Entra ID
Check out this article via web browser: How to enable passkeys for guest users in Entra ID Passkeys like FIDO security keys, synced passkeys, and p...
Read Article →Microsoft Entra to Add Soft Delete Capability for Devices
A new soft delete capability is coming soon for devices, allowing admins to easily recover accidentally deleted objects. The post Microsoft Entra t...
Read Article →SignToolGUI 2.1.0.0 Released 🎉
Last Updated on December 16, 2025 by Michael Morten Sonne Introduction I’m happy to announce the release of… The post SignToolGUI 2.1.0.0 Rel...
Read Article →Discover and Restrict access to GenAI Apps in the Microsoft Security ecosystem
The GenAI (Generative Artificial Intelligence) Security Policy outlines the security controls needed to protect sensitive corporate assets.GenAI Ap...
Read Article →Microsoft Baseline Security Mode Rolls Out
Microsoft has released a set of security benchmark recommendations for Microsoft 365 tenants that it calls baseline security mode. The recommendati...
Read Article →Streamlining Employee Onboarding with Entitlement Management (Part 2)
In Part 2, we simulate HR-driven user provisioning with PowerShell, trigger onboarding workflows, and walk through the end-user experience of reque...
Read Article →Soft Delete in Microsoft Entra Conditional Access: Easily Restore Deleted Policies
Thanks to Soft Delete, a deleted policy in Microsoft Entra Conditional Access remains available for up to 30 days and can be fully restored during ...
Read Article →How to Disable or Deactivate Applications in Microsoft Entra
Learn how to disable or deactivate applications in Microsoft Entra so they cannot be used for authentication. The post How to Disable or Deactivate...
Read Article →Streamlining Employee Onboarding with Entitlement Management (Part 1)
Learn how Access Packages in Microsoft Entra ID can streamline employee onboarding. This post covers why Access Packages matter, how to structure d...
Read Article →Checking Where Tenant Users Go as Guests
After all the fuss about Teams users inviting people to chat via email, tenant administrators realize that knowing where users are active as guest ...
Read Article →Global Secure Access – Guest Access support with the Windows Client (B2B Guest)
Last Updated on December 10, 2025 by Michael Morten Sonne Introduction Big news is on the horizon for… The post Global Secure Access – Guest ...
Read Article →Journey to Passwordless Authentication Might Include Some Bumps
Microsoft recommends passwordless authentication to help secure Microsoft 365 tenants. The latest is synced passkeys, something that apparently lea...
Read Article →How to Enable Require Risk Remediation in Conditional Access
Learn how to use the Risk Remediation Conditional Access Grant Control to remediate risk for all authentication methods. The post How to Enable Req...
Read Article →The Hidden Steps Microsoft Forgot to Document: Securing Azure App Service Authentication Behind Front Door with Private Link
Today I want to walk through how to configure Azure App Service Authentication when your App Service sits behind Azure Front Door and is accessed t...
Read Article →Conditional Access bypasses
In Microsoft Entra, Conditional Access is, after the Authentication itself, the most crucial part of defense against attackers. It’s referenced as ...
Read Article →Microsoft 365: The Essential 10 Security Considerations
When we talk about Microsoft 365 security, we are talking about two things: The latter can be used to achieve the former, as well as other (non-Mic...
Read Article →Copilot Studio AI Agents Inventory Security Posture
In my previous blogpost we talked about Microsoft Copilot Studio, how AI Agents can be created as AI Assistants for specialized tasks like managing...
Read Article →Global Secure Access – Intelligent Local Access for Private Access
Last Updated on November 25, 2025 by Michael Morten Sonne Introduction As organizations increasingly adopt hybrid work models,… The post Glob...
Read Article →Store your Microsoft 365 passkeys in 1Password
Check out this article via web browser: Store your Microsoft 365 passkeys in 1Password Syncable passkeys in Microsoft 365 and Entra ID are here, so...
Read Article →What Is Baseline Security Mode and Should You Rely on It?
Explore the new Microsoft 365 Baseline Security Mode. Learn how to enforce secure baselines, run impact simulations, and see how controls compare t...
Read Article →How to Create an Agent Identity with Microsoft Graph PowerShell
Learn how to use Microsoft Graph PowerShell to create an Agent Identity in Microsoft Entra Agent ID from an Agent Blueprint. The post How to Create...
Read Article →How to Create an Agent Identity Blueprint With Graph Powershell
Learn how to create Agent Identity Blueprints and Blueprint Principals in Entra Agent ID using Microsoft Graph PowerShell. The post How to Create a...
Read Article →Entra ID Synced Passkeys and security considerations
Introduction At Ignite 2025, Microsoft announced Entra ID would be supporting Synced Passkeys for multiple credential providers. This means users c...
Read Article →What is Microsoft Entra Agent ID?
Learn about the new Agent ID (preview) functionality in Microsoft Entra as well as Agent Identities and Agent Blueprints. The post What is Microsof...
Read Article →Microsoft-Managed Risk Remediation
Entra ID Identity Protection [Entra ID P2 license] is a Microsoft Security product to automatically protect Entra ID users (in-scope) and non-human...
Read Article →Removing Inactive Entra ID User Accounts with PowerShell
The Entra ID Governance solution includes a workflow to detect and remove inactive user accounts. Sounds good, but the same can be done with PowerS...
Read Article →Monitoring Azure Access Elevation in Entra ID
Learn how to detect when a Global Admin silently elevates their access across all Azure subscriptions using Entra ID, Log Analytics, Azure Monitor,...
Read Article →The Hidden Microsoft Entra PIM URLs Microsoft Never Documented – Even When ‘Restrict Access to Microsoft Entra Admin Center’ Is Enabled
Last Updated on November 14, 2025 by Michael Morten Sonne Introduction Many organizations are tightening there security for… The post The Hid...
Read Article →How to Setup Synced Passkeys for Your iCloud Keychain
Learn how to opt into the public preview and setup synced Passkeys in Microsoft Entra allowing users to store Passkeys in their iCloud. The post Ho...
Read Article →New Entra Account Recovery Feature With Identity Verification
Learn about the new Account Recovery preview feature in Microsoft Entra that allows users to verify their identity during account recovery. The pos...
Read Article →A Brief History of Soft-Deleted Entra ID Groups
Entra ID has long supported soft-deleted Microsoft 365 Groups. Now support is available to list and restore soft-deleted security groups in both th...
Read Article →Teams Gains Ability to Start Chat with Email Address
A new Teams feature allows users to initiate chats with any email address. This caused some commotion in the security community, but it's not that ...
Read Article →Restore Deleted Cloud Security Groups in Microsoft Entra
Learn how to restore deleted cloud security groups in Microsoft Entra using the web portal and Microsoft Graph PowerShell. The post Restore Deleted...
Read Article →Version 1.5 of the Microsoft 365 User Password and Authentication Report
The Microsoft 365 User Passwords and Authentication report now includes the last used date for authentication methods (when available). The new dat...
Read Article →WatchTra: Automated Attribute Compliance for Microsoft Entra ID
In many Microsoft Entra ID environments, the quality of user attributes remains an often underestimated factor in security and governance. WatchTra...
Read Article →Secure access to Azure VM´s with Bastion and Phising Resistant MFA
This blog explains how Azure Bastion enables secure access to virtual machines without exposing public endpoints, leveraging hub-spoke architecture...
Read Article →Secure access to Azure VM´s with Bastion and Phising Resistant MFA
Long time no see. I’ve been quite busy and it’s been hard to find time to explore new things. This time, my curiosity got the best of me as my coll...
Read Article →Mastering Microsoft Entra Authentication Contexts - Part 4: Monitoring and Reporting with KQL & M365IdentityPosture
We’ve covered what Authentication Contexts are, why they matter, and how they help us strengthen access and data security in Microsoft 365. Now it’...
Read Article →How to Find Inactive Authentication Methods in Microsoft Entra
Learn how to find all inactive authentication methods registered to users in Microsoft Entra using Microsoft Graph PowerShell. The post How to Find...
Read Article →Conditional Access Cloud Apps: Why Your App Doesn’t Show Up and the Risks of Exclusions
In-depth exploration of why certain apps do not appear in the Conditional Access app picker in Microsoft Entra ID, the impact of public vs. confide...
Read Article →KB – Enable Single Sign On for Windows 365 Cloud PC
Check out this article via web browser: KB – Enable Single Sign On for Windows 365 Cloud PC This short tutorial explains how to enable Single...
Read Article →Dynamic Conditional Access policies using custom security attributes
Check out this article via web browser: Dynamic Conditional Access policies using custom security attributes Conditional Access policies can become...
Read Article →Disable Entra Connect Seamless SSO – Step-by-Step Guide
Seamless Single Sign-On (Seamless SSO) is an optional feature in Microsoft Entra Connect that enables domain-joined Windows devices on the internal...
Read Article →How to Find All Gallery Applications in Microsoft Entra
Learn to filter Microsoft Entra Enterprise Applications with Graph PowerShell. Find apps based on creation method, like first-party, third-party, o...
Read Article →Allowing Users to Add Enterprise Apps to Entra ID is a Bad Idea
Enterprise apps can come from a variety of sources. Most are Microsoft 1st party apps, and the rest are ISV apps. It's easy to add an app without r...
Read Article →HP OneAgent Update Broke Entra Trust on HP AI Devices
This blog reveals how a silent HP OneAgent update (version 1.2.50.9581) deleted the MS-Organization-Access certificate, causing devices to disconne...
Read Article →Updating the Entra ID Password Protection Policy with the Microsoft Graph PowerShell SDK
The Entra ID password protection policy contains settings that affect how tenants deal with passwords. Entra ID includes a default policy that does...
Read Article →Important Change Coming for Entra ID Passkeys in November 2025
Entra ID is about to introduce passkey profiles, a more granular approach to passkey settings. The change is good, but you might like to check the ...
Read Article →How to Hide Enterprise Apps from Entra with Non-privileged Access
Learn how a non-privileged owner can 'steal' an Access Token from the Entra admin centre to programmatically hide a Service Principal using the Mic...
Read Article →A public bug report for Entra ID application policies
Check out this article via web browser: A public bug report for Entra ID application policies I’ve spent the last couple of nights trying out...
Read Article →Mastering Microsoft Entra Authentication Contexts - Part 3: Advanced Data Protection
With identities and access strengthened in part 2 , it’s time to turn our focus to real-world data protection with Authentication Contexts. One of ...
Read Article →A closer look at Entra Application policies to govern secrets and certificates
Check out this article via web browser: A closer look at Entra Application policies to govern secrets and certificates My latest post on this topic...
Read Article →Conditional Access Baseline October 2025 (v2025-10) Available on GitHub
Over the past years, I’ve been maintaining a Conditional Access baseline that organizations can use as a starting point when implementing or review...
Read Article →The My Sign-Ins Portal, Applications, and Conditional Access
A recent change has exposed the applications used by the My Sign-ins portal for use in conditional access policies. This article discusses the app-...
Read Article →Mastering Certificate Rotation in Entra ID
Recently I posted a blog about Entra ID Application Registration secret management, in which I explained how to rotate Application Registration sec...
Read Article →Windows Finally Translates Entra Group and Role SIDs to Real Names
This blog covers one of the most requested features ever: finally being able to automatically translate Entra group SIDs into readable names on the...
Read Article →Configuring Conditional Access for Guest Users: Allowing Only Office 365 and Essential Apps
Introduction Configuring Conditional Access (CA) for guest users can be challenging when you want to strictly limit access to Office 365 and a few ...
Read Article →MSRC Case: When Temporary Global Admin Rights Don’t Expire in Microsoft Entra PIM
A confirmed and fixed Microsoft Entra PIM flaw reported to MSRC - learn what happened, how it was fixed, and what admins should check.
Read Article →KB – Failed to verify domain name – Entra ID
Check out this article via web browser: KB – Failed to verify domain name – Entra ID This is a knowledge base item. Hope it will help y...
Read Article →Trigger Logic App on group membership changes in Entra ID
Check out this article via web browser: Trigger Logic App on group membership changes in Entra ID A couple of years ago, I stumbled upon a neat Log...
Read Article →Real-time protection for ‘AI Agents’
Microsoft Copilot Studio is a graphical, low-code/no‑code (LCNC) platform to build AI agents to support human tasks.Microsoft Copilot Studio — AI A...
Read Article →Conditional Access Essentials: Custom Security Attributes in Entra ID and Cross Tenant Scenarios
Learn how to use custom security attributes in Entra ID to target apps that don’t appear in Conditional Access. This step-by-step guide covers attr...
Read Article →Application Registration secrets: fire & forget!
Application Registrations are an amazing feature within Entra ID, allowing you to deploy a non-personal identity for a wide array of different use-...
Read Article →How to restore deleted Entra ID Conditional Access policies and Named Locations
Check out this article via web browser: How to restore deleted Entra ID Conditional Access policies and Named Locations Entra ID Conditional Access...
Read Article →Entra ID – Soft-delete & Restore for Conditional Access + New PowerShell Module
Last Updated on October 4, 2025 by Michael Morten Sonne Introduction Microsoft continues to improve Entra’s resilience features… The post Ent...
Read Article →Microsoft Introduces Restore Capability for Conditional Access Policies
New Graph APIs allow Entra administrators to restore a conditional access policy with a Graph request. This article explains how to list, restore, ...
Read Article →How to Convert a Synced User Source of Authority to Microsoft Entra
Learn how to convert the Source of Authority for a hybrid user from Active Directory to Microsoft Entra using PowerShell. The post How to Convert a...
Read Article →How to Restore Deleted Conditional Access Policies
Learn how to restore deleted Conditional Access policies in Microsoft Entra using Microsoft Graph PowerShell. The post How to Restore Deleted Condi...
Read Article →Mastering Microsoft Entra Authentication Contexts – Part 2: Real-World Access & Action Controls
In Part 1 of this mini-series, we explored the what, why, and how of Microsoft Entra Authentication Contexts, laying the foundation for what they a...
Read Article →How to Configure Lifecycle Workflows for Inactive Users
Learn how to configure Microsoft Entra Life Cycle workflows to alert on and clean-up inactive users in Microsoft Entra. The post How to Configure L...
Read Article →How to Configure Password Protection with Microsoft Graph
Learn how to configure password protection settings like banned password lists in Microsoft Entra using Microsoft Graph PowerShell. The post How to...
Read Article →Updating the User Password and Authentication Report
A change to a Graph beta API meant that some data used to create the user password and authentication report was no longer available. A script upda...
Read Article →Departmental Risk-Based Segmentation with Purview and Entra
Copyright © 2025 Microsoft Security - All Rights Reserved.
Read Article →No, your NHIs can’t use passwords either!
Check out this article via web browser: No, your NHIs can’t use passwords either! For human identities, going passwordless is becoming pretty...
Read Article →Should You Upgrade to Exchange SE or Remove Your Last Server
With Exchange 2019 support ending, should you upgrade to the Subscription Edition or remove your last server? This guide covers the costs, hybrid c...
Read Article →What’s the Best Way to Manage Guest Accounts?
Guest account management should be a part of every Microsoft 365 tenant administrator’s checklist, unless the tenant has no guests. That’s possible...
Read Article →Entra ID’s Keep Me Signed In Feature – Good or Bad?
The Entra ID Keep Me Signed In (KMSI) feature creates persistent authentication cookies to allow users to avoid sign-ins during browser sessions. I...
Read Article →Recommended Application Policies for Microsoft Entra Apps
Discover best practices for using Application Policies to block client secrets, restrict credential lifetimes, and enforce secure identifier URIs d...
Read Article →Entra ID – When Ideas Become Features: Reflections on Entra ID App Policies
Last Updated on September 17, 2025 by Michael Morten Sonne Introduction Microsoft has recently teaset App Management Policies… The post Entra...
Read Article →How to Actually Security Benchmark Your Microsoft 365 Tenant
Learn why understanding core principals of Microsoft 365 is important and how to properly assess the posture of your Microsoft 365 tenant. The post...
Read Article →Microsoft’s Effort to Develop a Broad People Platform
Microsoft 365 users see the profile card and might wonder where the information displayed on the card comes from. Entra ID is the obvious source, b...
Read Article →Improving passkey registration experiences
Passkey registration problems Passkeys in Microsoft Authenticator are fantastic, assuming you can get users logged in to the app successfully. Unfo...
Read Article →You shall not pass(key)! (updated)
Check out this article via web browser: You shall not pass(key)! (updated) For both modes, users who have previously registered a method that can b...
Read Article →Use EntraSort to Sort the Microsoft Entra Menu Alphabetically
How to automatically sort Microsoft Entra Menu items alphabetically using the EntraSort Chrome browser extension. The post Use EntraSort to Sort th...
Read Article →Collect Microsoft Entra Connect Sync Audit Events
Starting with version 2.4.129.0, Microsoft Entra Connect Sync introduces a new admin audit logging feature that is enabled by default. This capabil...
Read Article →How to Update Entra ID Apps to Run Teams Cmdlets
MC1134747 describes a new permissions requirement for Entra apps that run Teams PowerShell cmdlets. Fixing apps to meet the new requirement is easi...
Read Article →People Settings Appear in the Microsoft 365 Admin Center
The Org Settings section of the Microsoft 365 admin center has a new People Settings section where you can choose properties for the Microsoft 365 ...
Read Article →Entra Useless Insights Report
Entra Useless Insights Report Overview Yes. The name is snarky on purpose. With the drive to using phishing-resistant MFA something on the mind of ...
Read Article →Protect Security Info Registration with Microsoft Entra Conditional Access and Microsoft Entra ID Protection
Registration of security information such as the Microsoft Authenticator app, FIDO2 security keys or OATH tokens is a critical component of modern ...
Read Article →AiTM/ MFA phishing attacks in combination with “new” Microsoft protections (2025 edition)
Adversary-in-the-middle phishing attacks are still more common in use, in the last year and the start of 2025 there is still a more visible increas...
Read Article →What is Entra Docs Tracker?
Effortlessly track and document all changes to public Microsoft Entra documentation and stay ahead of this rapidly changing product. The post What ...
Read Article →Security Info Registration. Entra ID’s rabbit hole.
Check out this article via web browser: Security Info Registration. Entra ID’s rabbit hole. This blog post needs a brief introduction. Bear w...
Read Article →How to Delegate Access Package Approvals in My Access
Learn how to enable and use the new delegate approvals feature in Microsoft Entra to delegate access package request approvals. The post How to Del...
Read Article →Autopilot Enrollment Fails After Terms of Use Acceptance
This blog will be about a strange Autopilot failure we could reproduce again and again. Right after the Terms of Use was accepted, the device doesn...
Read Article →Find and Restore Deleted Cross-Tenant Access Policies
Learn how to list and restore soft-deleted cross-tenant access policies in Microsoft Entra ID using Microsoft Graph PowerShell. The post Find and R...
Read Article →Entra ID – Bulk User Download – Enhanced Experience
Last Updated on August 24, 2025 by Michael Morten Sonne Introduction The short announcement about Bulk User Download… The post Entra ID – Bul...
Read Article →Finding Seamless SSO usage
A brief history Seamless Single Sign On was first introduced in late 2016 and provided a way for users to authenticate to Entra ID (Azure AD at the...
Read Article →Configure Whether Requestors Can See Access Package Approver Details
See how to hide or show approver details in access packages with this new feature and easily configure it with our guide. The post Configure Whethe...
Read Article →Reporting Authentication Method Usage Data via the Graph
Three new Graph API resources provide easy access to Entra ID authentication method summary data. The information is helpful to understand the type...
Read Article →A first look at Microsoft Entra Private Access for Active Directory domain controllers
In many environments - often for historical reasons - there is no strict separation of client and server networks. And if there is a firewall betwe...
Read Article →Entra ID – Managed Identity Permission Manager: A Community-Driven Recap
Last Updated on August 18, 2025 by Michael Morten Sonne Introduction Managing permissions for Managed Identities in Azure/Entra… The post Ent...
Read Article →Mastering Microsoft Entra Authentication Contexts – Part 1: What They Are, Why They Matter, and How to Use Them
Over my last few posts, I’ve casually mentioned Authentication Context a few times, so I thought it was about time we gave the feature a proper spo...
Read Article →Detect threats using GraphAPIAuditEvents - Part 3
For a long time now, defenders had the ability to monitor behavior of human- and workload identities in Entra tenants not only through AuditLogs bu...
Read Article →Microsoft cancels access package visibility changes
Learn why Microsoft cancelled a planned change to Entra ID access package visibility after overwhelming community feedback. The post Microsoft canc...
Read Article →Unified RBAC in Microsoft Defender XDR: Simpler SecOps, fewer high‑priv roles
One portal, scoped permissions, less Entra privilege—Unified RBAC for safer, simpler SecOps.
Read Article →Conditional Access Essentials: Introduction, use cases, the art of possible
Discover how Microsoft Conditional Access protects your Microsoft 365, Entra, and Azure environments. Learn the essentials, explore real-world use ...
Read Article →How to Visualise Microsoft Entra MFA Sign-in Metrics with PowerShell
Use PowerShell and new Microsoft Graph APIs to visualise user MFA, SSPR, and password reset activity in your Microsoft 365 tenant. The post How to ...
Read Article →How to Enforce Macro Security by running only Excel macros signed with your own public-CA–issued code-signing certificate – stored in Azure Keyvault (HSM)
It may be tempting to click “Enable Macros” when you open a spreadsheet, but macros are executable programs. Without a ... Read more
Read Article →Best Practice for Configuring Privileged Identity Management in Microsoft Entra
Discover the best practices for configuring PIM in Microsoft Entra. This guide will help you implement a robust and secure Zero Trust model. The po...
Read Article →Microsoft to Roll out Automatic Registration for External Authentication Methods
Upcoming in September 2025: Microsoft is rolling out automatic registration for Entra ID External Authentication Methods (EAMs). Find out how this ...
Read Article →Microsoft Entra Connect: Migration to Application Based Authentication (ABA)
With the introduction of Application Based Authentication (ABA), Microsoft introduces modern authentication mechanisms to Microsoft Entra Connect. ...
Read Article →Blocking risky users with Passwordless Authentication methods
Learn why you must evolve your Conditional Access policies to properly manage risk for your passwordless users. The post Blocking risky users with ...
Read Article →How Microsoft Graph PowerShell SDK Access Tokens Work
If you use the Microsoft Graph PowerShell SDK, you don’t need to worry about obtaining an access token because SDK cmdlets include automatic token ...
Read Article →PIMActivation: The Ultimate Tool for Microsoft Entra PIM Bulk Role Activation
Getting annoyed or impatient when activating eligible roles in PIM — especially multiple roles at once? You’re not alone. Today, I’m...
Read Article →Dynamic approval in Entra ID access packages using custom extensions
Check out this article via web browser: Dynamic approval in Entra ID access packages using custom extensions Microsoft Entra ID Governance Entitlem...
Read Article →Entra ID Governance Levies Charges for Guest Accounts
A banner posted in the Entra admin center informs administrators that Entra ID governance features used by guest accounts incur charges from June 2...
Read Article →Important Changes to Conditional Access Policies for Azure DevOps Sign-ins
Learn how to update your Conditional Access policies to protect your environment in preparation for updates to the Azure DevOps service. The post I...
Read Article →Legacy MFA & SSPR are retiring -How to migrate MFA and SSPR settings to the Authentication methods policy
Learn how to migrate MFA and SSPR policy settings to the Authentication methods policy in Microsoft Entra before the legacy settings are retired. T...
Read Article →Entra ID Introduces Linkable Token Identifiers for Audit Events
Linkable token identifiers is a new Entra ID feature that adds a GUID to all the audit events for a session. The new identifiers make it easier to ...
Read Article →Microsoft Makes Token Protection Available for Entra ID P1 Licenses
Discover a huge win for security. Token Protection in Conditional Access is now included in Microsoft Entra P1, offering a powerful defence against...
Read Article →Changes Coming to Smoothen Edges in Microsoft Authenticator App
The Microsoft Authenticator app gets two important changes in September 2025 to make the app easier to use for average users. The current number ma...
Read Article →How to Find All Inactive Guests in Microsoft 365
Find inactive guests users in your Microsoft tenant using the Entra admin center or programmatically with Microsoft Graph PowerShell. The post How ...
Read Article →Conditional Access Gone Too Far: Navigating Zero Trust Edge Cases
When Conditional Access meets Zero Trust, even the best intentions can backfire. In this post, we explore a real-world edge case where strict polic...
Read Article →Managing PIM-enabled groups with Entra ID Governance Access Packages just got better!
Check out this article via web browser: Managing PIM-enabled groups with Entra ID Governance Access Packages just got better! Just a quick heads-up...
Read Article →Entra ID Governance Deep dive
The time has come to write a blog about Entra ID Governance. There are a lot of cool functionality that can help managing Users and their permissio...
Read Article →Entra ID Governance Deep dive
The time has come to write a blog about Entra ID Governance. There are a lot of cool functionality that can help managing Users and their permissio...
Read Article →In-Depth Series: Shadow IDs & Workload Security in Entra
Copyright © 2025 Microsoft Security - All Rights Reserved.
Read Article →Easier Configuration Promised for the Microsoft Authenticator App
The Microsoft Authenticator app is a secure authentication method for MFA. The app is getting an easier way for backup and recovery, which should m...
Read Article →Microsoft to remove personal account requirement for Microsoft Authenticator backup
In September, Microsoft are to remove the personal account requirement for backing up and restoring the Microsoft Authenticator App. The post Micro...
Read Article →Poor man’s IGA: Monitor and clean up stale guest accounts
Check out this article via web browser: Poor man’s IGA: Monitor and clean up stale guest accounts Today’s challenge Today, we are dealing with inac...
Read Article →How to Secure Redirect URIs in Microsoft Entra ID Applications
Learn how to find poorly configured Redirect URIs in Microsoft Entra Applications and why you should secure them. The post How to Secure Redirect U...
Read Article →Workload identities; from Attack to Defense with Microsoft Security
Workload identities in Microsoft Entra are non-human identities assigned to a software workload (e.g. application, service or script) to authentica...
Read Article →KB – We detected that this particular key type has been blocked by your organization
Check out this article via web browser: KB – We detected that this particular key type has been blocked by your organization This is a knowle...
Read Article →How to Ensure Microsoft Entra Licensing Compliance
Learn how to monitor for license compliance for Microsoft Entra and ensure you remain compliance with Microsoft licensing terms. The post How to En...
Read Article →Data Strategy Breakdown Series - Entra ID (5)
In this final installment of the Data Strategy Breakdown series, we dive into Entra ID and why securing your identity is crucial for a strong data ...
Read Article →Microsoft Defender Attack Simulation Training: Boosting Real-World Security Awareness
Phishing, malware, and social engineering remain among the most common entry points for cyberattacks. While technical safeguards play a crucial rol...
Read Article →Announcing Office 365 for IT Pros (2026 Edition)
Office 365 for IT Pros (2026 edition), the 12th in an eBook series going back to May 2015, is now available. Covering all the essential aspects of ...
Read Article →Configure Microsoft Entra Trusted Network Locations for Better Protection
Trusted locations are the foundation of location-based security policies and risk in Microsoft Entra, learn how they enhance the user experience. T...
Read Article →Token Protection Extends to Microsoft Graph PowerShell SDK Sessions
The conditional access policy condition for token protection now extends to Microsoft Graph PowerShell SDK interactive sessions. Any account within...
Read Article →Why you should disable Seamless SSO in Microsoft Entra Connect
Learn why you should and how you can disable Seamless SSO in Microsoft Entra Connect to improve security in your environment. The post Why you shou...
Read Article →Configure Passkey Profiles for Group-Based Passkey Restrictions
Learn about the new Passkey Profiles features of Passkeys in Microsoft Entra to provide group-based Passkey flexibility. The post Configure Passkey...
Read Article →Microsoft to Block Users Granting Third-Party App Access to User Sites and Files
In July, Microsoft plans to introduce an app consent policy to stop users granting access to third-party apps to their files and sites. Letting use...
Read Article →Require admin consent for third-party apps accessing files and sites
Learn how to configure the require admin consent for third-party apps accessing files and sites and understand the impact to your business. The pos...
Read Article →Updating the Entra ID Custom Banned Password List with PowerShell
Microsoft 365 tenants with Entra P1 or P2 licenses can use a custom banned password list to stop people using specific terms in their passwords. Th...
Read Article →How to Block Ad-Hoc Email-Based Subscriptions
The old Set-MsolCompanySettings cmdlet is no more, so how can a Microsoft 365 tenant block email-based subscriptions? With the Graph, of course! Se...
Read Article →Poor man’s IGA: Generate Temporary Access Pass for joiners
Check out this article via web browser: Poor man’s IGA: Generate Temporary Access Pass for joiners Today’s challenge Today, we look at a join...
Read Article →Say Goodbye to Basic Authentication in Exchange Online: What You Need to Know
Prepare for the deprecation of Basic Authentication in Exchange Online by September 2025. Start detect legacy sign-ins (including ROPC) using Micro...
Read Article →SharePoint Online Dumps OTP Authentication for Sharing Links
After July 1, 2025, any sharing links generated with one-time passcodes (OTP) will stop working. Only links based on Entra ID B2B Collaboration wil...
Read Article →Microsoft Entra Restricted Management Administrative Units: Delegating Control Without Sacrificing Security
Today, I’ll take a closer look at Microsoft Entra Administrative Units (AUs) and Restricted Management Administrative Units (RMAUs)...
Read Article →How to Enable Token Binding With Microsoft Graph PowerShell
Learn how to enable Token Binding for securely connecting to Microsoft Graph PowerShell with Token Protection. The post How to Enable Token Binding...
Read Article →Poor man’s IGA: Revoke all refresh tokens for user
Check out this article via web browser: Poor man’s IGA: Revoke all refresh tokens for user Today’s challenge Today, we look at Microsof...
Read Article →In-Depth Series: Microsoft Entra Risky Users and Risky Sign-Ins
Copyright © 2025 Microsoft Security - All Rights Reserved.
Read Article →How to Tell if Entra Connect is Using Application-Based Authentication
Learn how to use PowerShell to verify the authentication method your Entra Connect configuration is using to connect to Entra. The post How to Tell...
Read Article →Entra ID – Entra Connect – Secure App & Certificate-Based Authentication is here! Plus: I built you a better way to manage it
Last Updated on August 1, 2025 by Michael Morten Sonne Introduction Yes finally, it’s here! No more need… The post Entra ID – Entra Con...
Read Article →Microsoft Launches Agent Management in the Entra Admin Center
The prospect of agents running amok in Microsoft 365 tenants lessened a tad with the introduction of Entra Agent ID. Tenants will be able to manage...
Read Article →Securing Microsoft Business Premium Part 05: Efficient Identity Management for External Users with Microsoft Entra
Managing external users is one of the most tedious—but also critical—challenges in a Microsoft Business Premium environment. With...
Read Article →Unlocking the Power of employeeHireDate in Entra ID Dynamic Groups
Check out this article via web browser: Unlocking the Power of employeeHireDate in Entra ID Dynamic Groups Disclaimer: The main structure of this b...
Read Article →Entra ID Admin Roles Report
Table of Contents Introduction Requirements Features How does it work? Interactive Authentication Client Secret Authentication Certificate Authenti...
Read Article →Export Conditional Access Policy Files With CA Policy Copier
Use the CA Policy Copier browser extension to conveniently copy and export Conditional Access policies to JSON. The post Export Conditional Access ...
Read Article →Entra ID – Managed Identity Permissions Manager – Performance Stats and Community Insights
Last Updated on May 13, 2025 by Michael Morten Sonne Introduction Here is a small update on my… The post Entra ID – Managed Identity Permissi...
Read Article →Use an OWA Mailbox Policy to Block Attachment Download for the New Outlook for Windows
The ConditionalAccessPolicy setting in an OWA mailbox policy can be configured to work with Entra ID conditional access so that OWA blocks access t...
Read Article →Eligible PIM Enabled Group Membership via Access Packages
How to create an Access Package that enables you to become eligible for a PIM enabled group in Microsoft Entra. The post Eligible PIM Enabled Group...
Read Article →Register Yubikeys on behalf of your users with YubiEnroll
Check out this article via web browser: Register Yubikeys on behalf of your users with YubiEnroll In an earlier post, I showed several ways to (bul...
Read Article →Use Custom Extensions for Access Package approval in Entra
You can now use custom extensions to enable an external system to determine the approver of an Access Package in Microsoft Entra. The post Use Cust...
Read Article →How to restrict Device Code Flow in Entra ID
Check out this article via web browser: How to restrict Device Code Flow in Entra ID For good reasons, device code flow in Entra ID is getting a lo...
Read Article →Find Least Privileged Roles for Delegated Graph API Permissions
Learn how to find least privileged Microsoft Entra roles for Microsoft Graph API delegated permissions to align with best practice. The post Find L...
Read Article →Go With the Flow: Mastering Microsoft Entra User Flows—Self-Service Sign-Up in a Workforce tenant
Managing new guest accounts can be a daunting task—especially when you’re dealing with high turnover, distributed teams, or unknown user...
Read Article →How to block the creation of Client Secrets on Entra applications
Learn how to prevent application owners in Microsoft Entra create new client secrets or certificates on their application. The post How to block th...
Read Article →An Account Blocked by MACE Credential Revocation is A Good Way to Start a Saturday Morning
The last thing you want on a Saturday morning is to find that Entra ID has blocked your account because of leaked credentials. Even though the acco...
Read Article →How to Report the Sponsors of Entra ID Guest Accounts
Entra ID populates the sponsor property for new guest accounts with details of the person who invites the guest to the tenant. It's data that can b...
Read Article →Entra ID to Disable Service Principal-Less Authentication
Microsoft will disable service principal-less authentication in March 2026. This step closes a hole that doesn't exist today but might in the futur...
Read Article →How to find non-privileged applications owners in Microsoft Entra
Use Microsoft Graph PowerShell to identify Entra applications that have owners who are not privileged users. The post How to find non-privileged ap...
Read Article →Entra Private Access and the future of the Entra App Proxy
Since the release of Entra Private Access, I have been getting more and more questions about the future of the Entra App Proxy. Will it still be ne...
Read Article →Bringing Artificial Intelligence to Entra ID Conditional Access
The Conditional Access Optimization Agent is one of 6 Security Copilot agents unveiled by Microsoft on March 24, 2025. The idea is that the agent c...
Read Article →Managing Restricted Groups with Access Packages
👮 Restricted Management Admin Units (RMAU) in #EntraIDHackers HATE This Hidden Entra ID Feature Most Admins Never Use@NathanMcNulty breaks it down ...
Read Article →Securing Microsoft Business Premium Part 04: Passwords Unlocked – Mastering Self-Service Password Reset and Password Protection
With authentication & authorization covered in the previous posts of the series, it's now time to dive into strengthening our password...
Read Article →QuickPIM a multi-role PIM activation extension for Google Chrome
Use the QuickPIM Google Chrome extension to select and activate multiple PIM roles in Microsoft Entra at the same time. The post QuickPIM a multi-r...
Read Article →Duplicate Mail User Objects Created for Guest Accounts
The February 2025 EX1015484 incident explains why mail user objects with duplicate SMTP addresses are created for guest accounts. That’s a problem ...
Read Article →Entra Chat with Merill Fernando
It was such an honor to join Merill Fernando on Entra Chat, and I hope to join him again in the future. Be sure to check out Entra Chat: https://en...
Read Article →New MiToken Graph PowerShell module for multi-tenant apps
Connect to multi-tenant apps using a managed identity using Microsoft Graph PowerShell with the MiToken PowerShell module. The post New MiToken Gra...
Read Article →Create a free Enterprise App Permissions report in Microsoft Entra
Quickly report on all Enterprise Application Permissions and Activity using this Free script in Microsoft Entra. The post Create a free Enterprise ...
Read Article →MDE Device Discovery - Improving the monitored network page
Introduction This blogpost is probably the first of a series that I will create in the coming months on Device Discovery. I regularly see organizat...
Read Article →Securing Microsoft Business Premium Part 03: Authorization Best Practices from Zero Trust to Complete Access Control
In Part 02 , we explored authentication , the process of verifying user identities—ensuring users are who they claim to be. Today we’ll...
Read Article →How to authenticate with Windows Hello for Business or FIDO security key in RDP session ?
This little guide will show how you can authenticate with Windows Hello for Business and FIDO2 security key in a ... Read more
Read Article →Future-Proofing Microsoft Entra Logs: Practical Azure Storage
Copyright © 2025 Microsoft Security - All Rights Reserved.
Read Article →Create a free interactive Entra Authentication methods report
Use this free Microsoft Graph PowerShell script to create an interactive authentication methods report for Entra users. The post Create a free inte...
Read Article →Evilginx loves Temporary Access Passes too
Check out this article via web browser: Evilginx loves Temporary Access Passes too Evilginx is known for capturing user cookies, even if they are s...
Read Article →God Mode with a Timer: Using Logic Apps to Restrict Elevated Access in Entra
In my last post I covered how to monitor the GOD Mode in Azure (Coined by the great John Savill ). While visibility and monitoring are...
Read Article →Things you should know before rolling out device-bound passkeys in Microsoft Authenticator App
Check out this article via web browser: Things you should know before rolling out device-bound passkeys in Microsoft Authenticator App As passkeys ...
Read Article →How to bulk provision QR code authentication in Microsoft Entra
Learn how to use Microsoft Graph PowerShell to bulk provision the QR Code method authentications for users. The post How to bulk provision QR code ...
Read Article →How to find over licensed privileged accounts in Microsoft Entra
Learn how to find over licensed accounts with privileged roles in Microsoft Entra using Microsoft Graph PowerShell. The post How to find over licen...
Read Article →Unlocking Microsoft Entra’s Elevated Access Logs: Better Security, Better Insights
Elevating access to manage Azure subscriptions is a valuable tool for administrators, particularly when dealing with unknown or orphaned...
Read Article →How to protect against Device Code Flow abuse (Storm-2372 attacks) and block the authentication flow
Since August 2024 there has been a sophisticated phishing campaign actively leveraging the device code authorization flow. Currently, there is a wi...
Read Article →How to Use Bulk User Operations in Entra Admin Center
A new preview option in the Entra admin center supports the ability to update multiple Entra ID accounts. You can update properties, add managers a...
Read Article →Conditional Access risk policies. Don’t get fooled!
Check out this article via web browser: Conditional Access risk policies. Don’t get fooled! Microsoft Entra ID Protection and Microsoft Entra...
Read Article →New bulk edit features for users in Microsoft Entra ID
Microsoft have released new bulk edit functionality in the Microsoft Entra admin center, check out how to use it and how it works. The post New bul...
Read Article →Use Protected Actions to Stop Attackers Hard-Deleting Entra ID Accounts
An article about the horrible devastation that an attacker can wreak inside a compromised Microsoft 365 tenant highlighted how protected actions ca...
Read Article →Securing Microsoft Business Premium Part 02: Your Authentication is Broken—Here’s How to Fix It
In the first part of this series, we laid the foundation for securing Microsoft Business Premium environments, covering the core security...
Read Article →Maester Framework Continues to Prosper
The Maester project continues to prosper with a bunch of new features added, including several in the DevOps space. Maester usually tests tenant se...
Read Article →🚀 Managed Identity Permission Manager v1.1.0.0 is here! 🚀
Last Updated on February 6, 2025 by Michael Morten Sonne Introduction I’m beyond excited to announce that the… The post 🚀 Managed Ident...
Read Article →Microsoft Introduces People Administrator Role
A new people administrator role is available in Entra ID. The new role allows holders to manage settings associated with people, like pronouns and ...
Read Article →How to register for QR code authentication in Microsoft 365
Learn how to register a QR code authentication in Microsoft 365 and enforce the policy via Conditional Access. The post How to register for QR code...
Read Article →Interpreting SignIn Audit Records for Service Principals
Entra ID retains audit log records for service principal signins for 30 days. The audit data can reveal some interesting insights such as the prese...
Read Article →Entra ID Introduces New Graph Permissions for User Accounts
A set of new granular Graph permissions for User account management is now available to handle common operations like changing account passwords or...
Read Article →Protect deletion of directory objects using Conditional Access
Microsoft adds protection for permanently delete objects, which can no longer be restored using Protected Actions in Microsoft Entra. The post Prot...
Read Article →Your Microsoft Entra Tenant Isn’t as Secure as You Think – Fix It with Protected Actions!
Protecting highly critical configurations in our Entra tenants has never been easier! Join me as we explore Protected Actions in...
Read Article →Find multi-tenant applications using weak authentication methods
Using Microsoft Graph PowerShell to filter the Entra sign-in logs to find multi-tenant applications using weak sign-in methods. The post Find multi...
Read Article →Microsoft Azure – Elevate Access to Resources with Entra ID Audit Logs – Now Available!
Last Updated on January 31, 2025 by Michael Morten Sonne Introduction During my time in IT, I’ve occasionally… The post Microsoft Azure – Ele...
Read Article →Microsoft announce new People administrator role in Microsoft Entra
Learn about the new People Administrator roles recently announced by Microsoft as a built-in Microsoft Entra role. The post Microsoft announce new ...
Read Article →The ShadowAdminPairs: A Deep Dive into Administrator Protection
Learn how the Administrator Protection feature in Windows 11 uses the ShadowAdminPairs key to map ENTRA user SIDs to local admins
Read Article →Comparing Web Filtering and Security: Microsoft Entra Internet Access (Global Secure Access) vs. Microsoft Defender for Endpoint (MDE)
Organizations face increasing challenges in securing internet traffic and enforcing web access policies in today’s hybrid work environment. Two key...
Read Article →Entra ID – New build-in audit feature in Entra Connect is finally here!
Last Updated on January 28, 2025 by Michael Morten Sonne Introduction What is Entra Connect Sync Connect your… The post Entra ID – New build-...
Read Article →Securing Microsoft Business Premium Part 01: The First Step to an Unbreakable Defense
Today kicks off a comprehensive blog series where I’ll delve into the security features of the Business Premium license SKU, offering...
Read Article →Microsoft accidentally allows users to update their own username
For a short while Microsoft allowed standard users in Microsoft Entra to change their own username. Learn how to remediate issues caused by this. T...
Read Article →Entra ID Allows People to Update their User Principal Names
Entra ID allows unprivileged users to update the user principal name for their accounts via the admin center or PowerShell. It seems silly because ...
Read Article →Managed Identity Permission Manager – v. 1.0.0.4 is out!
Last Updated on January 24, 2025 by Michael Morten Sonne Introduction I´m thrilled to announce the release of… The post Managed Identity Perm...
Read Article →Navigating New Authentication Methods: SMS for Password Reset, Not for MFA
With the introduction of a converged policy combining settings from the legacy MFA portal and SSPR configuration, separating the use of SMS for pas...
Read Article →How to Replace Group Owners When They Leave the Organization
Deleting an Entra ID user account can result in ownerless groups if the account being removed is the only group owner. Before deleting accounts, it...
Read Article →Mastering Plus Addressing in Microsoft: Simplify Email Management
Managing emails for unlicensed admin accounts? Juggling a shared mailbox flooded with notifications from services and clients? Today’s...
Read Article →Restore Microsoft 365 users with a new username using PowerShell
Learn how to use Microsoft Graph PowerShell to restore Microsoft Entra users and issue them a new username at the same time. The post Restore Micro...
Read Article →Final Days for the MSOnline and AzureAD PowerShell Modules
After many twists and turns since August 2021, the MSOnline module retirement will happen in April 2025. The AzureAD module will then retire in the...
Read Article →List all directory objects owned by a user in Entra with PowerShell
Learn how to use Microsoft Graph PowerShell to list all directory objects, such as apps and groups a user owns in Microsoft Entra. The post List al...
Read Article →Spying On Your ISVs Credential Choices
Spying On Your ISVs Credential Choices Overview Microsoft, and the general identity industry, has recommended that applications use certificates ov...
Read Article →The curious case of the missing Enterprise App
Troubleshooting a missing enterprise app issue in Entra ID during a zero-trust Conditional Access policy rollout with workaround solutions.
Read Article →All About the Office 365 for IT Pros GitHub Repository
The Office365ITPros GitHub repository holds over 300 PowerShell scripts showing how to interact with Microsoft 365 and Entra ID. Anyone can contrib...
Read Article →Enabling QR code sign-in for Microsoft Entra ID
Learn how to enable new preview QR code sign-in features using the Microsoft Graph API, which supports sign-factor sign in to Entra ID. The post En...
Read Article →Protecting your Break Glass accounts in Entra now that MFA gets enforced on more and more Admin portals
As Microsoft continues to enhance security across its platforms, Multi-Factor Authentication (MFA) is becoming mandatory for an increasing number o...
Read Article →Mastering Microsoft Azure RBAC & Entra ID Roles: Automated Role Assignment Reporting Across Your Tenant
As the season for audits approaches (though, let’s be honest, auditing should be an all-year-round endeavor), I’m excited to share a...
Read Article →Renewing Apple Enrollment Program, VPP Token, and MDM Push Certificate in Microsoft Intune and SCIM token in Entra.
Introduction Managing Apple devices in Microsoft Intune requires maintaining active integrations with Apple services. To ensure continued functiona...
Read Article →Microsoft Entra ID Governance: Show suggested access packages in My Access
Check out this article via web browser: Microsoft Entra ID Governance: Show suggested access packages in My Access Today’s post is about a ne...
Read Article →KQL Sources - 2025 Update
What started as a single blog is now becoming a yearly trend. More and more KQL related repositories are created, not only with a focus on security...
Read Article →How to use Managed Identities for multi-tenant app authentication
Learn how to use Managed Identities for multi-tenant app authentication when using Microsoft Graph PowerShell in Azure Automation. The post How to ...
Read Article →Managed Identity Permission Manager – v. 1.0.0.3 is out!
Last Updated on December 23, 2024 by Michael Morten Sonne Introduction I’m thrilled to announce the latest release… The post Managed Identity...
Read Article →Microsoft now allows connecting to Multi-tenant apps using Managed Identities
Learn how to connect to other tenants using Managed Identity federation on your app registration in Microsoft Entra. The post Microsoft now allows ...
Read Article →Microsoft Entra Identity Governance Fundamentals: Lifecycle workflows
Join me as I connect the dots from my previous posts on the fundamental Identity Governance features in Microsoft Entra with Lifecycle...
Read Article →Microsoft Entra Identity Governance Fundamentals: Access Packages
In this blog post, we’ll be covering the fundamentals of Access Packages in Microsoft Entra—it’s all about getting a solid understanding...
Read Article →How to receive Entra admin email notifications without a mailbox
Learn how to receive admin email notifications without a mailbox license using Plus addressing in Microsoft Entra. The post How to receive Entra ad...
Read Article →Use Requestor information in Entra ID Access Packages as input for Custom Extensions
Check out this article via web browser: Use Requestor information in Entra ID Access Packages as input for Custom Extensions In a previous blog pos...
Read Article →Request Temporary Access Pass on behalf of others via Entra ID Governance Access Package
Check out this article via web browser: Request Temporary Access Pass on behalf of others via Entra ID Governance Access Package While looking at t...
Read Article →Passkeys 101: How Microsoft Entra Simplifies Passwordless Authentication
Today, we’re exploring passkeys—what they are, how they work, and how Microsoft’s latest GA features make passwordless authentication...
Read Article →Proof of possession, Token Protection and Graph PowerShell, what’s next?
Learn about proof of possession and how it protects against access token replay attacks when using Microsoft Graph PowerShell. The post Proof of po...
Read Article →Use the Microsoft Graph to Report Service Principal Sign-In Activity
Service principal sign-in activity is a new insight available in the Entra admin center. As explained here, it's also possible to use PowerShell to...
Read Article →Selfservice for hardware (OATH) tokens in Entra ID.
Check out this article via web browser: Selfservice for hardware (OATH) tokens in Entra ID. One of the longest-running previews in Entra ID is the ...
Read Article →Manage PIM Role Assignments with the Microsoft Graph PowerShell SDK
This article describes how to create eligible and active PIM role assignment requests using cmdlets from the Microsoft Graph PowerShell SDK. Althou...
Read Article →Graph permission scopes and delegate access in Microsoft Entra
Learn how Graph permission scopes and Entra RBAC roles enable users access to resources in the delegated auth type scenario. The post Graph permiss...
Read Article →UAL = Unaligned Activity Logs
The unified audit log is a centralized repository for M365 user and admin activities. The activities originate from different applications, such as...
Read Article →Microsoft Recommends the UnifiedRoleDefinition Graph API for Role Assignment Automation
Microsoft recommends that developers move from the older DirectoryRoles Graph API and use the UnifiedRoleDefinition API instead. Changing APIs will...
Read Article →Entra ID Private Access with private integrated storage accounts
Introduction In the past couple of weeks, I worked on a project where I needed to provide access to a securely private integrated Azure Storage Acc...
Read Article →Restrict non-admin access to the Microsoft Entra portal with PowerShell
Learn how to restrict non-admin users access to the Microsoft Entra admin portal using Microsoft Graph PowerShell. The post Restrict non-admin acce...
Read Article →Managed Identity Permission Manager – v. 1.0.0.2 is out!
Last Updated on November 2, 2024 by Michael Morten Sonne Introduction I’m thrilled to announce the latest release… The post Managed Ide...
Read Article →Why Are Per-User MFA Settings Available in the Entra Admin Center?
A reader asked why the Entra admin center includes an option to manage per-user MFA settings for accounts. I don't know why Microsoft added this op...
Read Article →Enablement of Passkeys in Authenticator with no key restrictions
Microsoft to enable passkeys in the Microsoft Authenticator app without the need to implement key restrictions. The post Enablement of Passkeys in ...
Read Article →How to Restore the Service Plan for a Microsoft 365 Product License
Many articles describe how to disable a service plan for a product license assigned to a Microsoft 365 account, but few cover how to enable service...
Read Article →Entra ID Security Config Analyzer - Deep Dive into Configuration Assessment
A comprehensive analysis of security configuration assessment tools and methodologies for Microsoft Entra ID, including automated checks for condit...
Read Article →Conditional Access Policy Design Patterns for Zero Trust
Explore advanced design patterns for implementing Conditional Access policies in Microsoft Entra ID as part of a Zero Trust security strategy. Cove...
Read Article →Cyber back to school: Microsoft Token Theft Unveiled
Introduction I am thrilled to participate in the Cyber Back to School initiative hosted during cyber awareness month! This session is all about Pri...
Read Article →Managed Identity Permission Manager – A new tool is out to test – v. 1
Last Updated on October 25, 2024 by Michael Morten Sonne Introduction Introducing a new PowerShell tool for Managing… The post Managed Identi...
Read Article →Securing Workload Identities in Microsoft Entra ID
Best practices for securing workload identities including service principals and managed identities in Microsoft Entra ID. Discusses credential man...
Read Article →How to Set Directory Synchronization Features with the Graph
Directory synchronization features control how the Entra Connect tool works when synchronizing accounts from Active Directory to Entra ID. The curr...
Read Article →How to Force Users to Sign in Weekly
A recent question asked how to force users to reauthenticate at 7AM every Monday. The solution seems to revoke access for user accounts. This artic...
Read Article →Advanced Privileged Identity Management in Entra ID
Deep dive into Microsoft Entra Privileged Identity Management (PIM) covering just-in-time access, approval workflows, access reviews, and integrati...
Read Article →Entra ID Protection: Understanding and Implementing Risk-Based Policies
Comprehensive guide to Microsoft Entra ID Protection's risk detection capabilities, including sign-in risk and user risk policies, risk investigati...
Read Article →Microsoft Graph Doesn’t Support Custom Attributes for Groups
Container management labels are an effective way to ensure that groups, teams, and sites have the right settings. The Graph doesn't support custom ...
Read Article →Report license usage rights with Microsoft Graph PowerShell
Learn how to report assigned license and service plans for users in Microsoft 365 using Microsoft Graph PowerShell. The post Report license usage r...
Read Article →Securing External Identities in Microsoft Entra ID
Security considerations for external collaboration using Microsoft Entra External Identities (B2B). Covers guest user lifecycle management, cross-t...
Read Article →Hardening Entra ID
This is an update to a previous article I wrote on hardening Azure Active Directory. The idea of this update is to provide a table of default setti...
Read Article →How to automatically migrate to Authentication Methods policies
Learn how to automatically migrate to Authentication Methods policies in Microsoft Entra using the built in Wizard. The post How to automatically m...
Read Article →Adding a Custom Test to the Maester Tool
The Maester tool is a great way to get a security assessment for a Microsoft 365 tenant. Being able to create custom Maester tests makes it even be...
Read Article →Understanding Microsoft Entra Licensing With Multiple Tenants
Understand the one-person, one-license philosophy for when users need to be assigned Microsoft Entra licenses in multiple tenant scenarios. The pos...
Read Article →Azug @ Noest
At a recent community event, I presented a deep dive into various authentication flows in Entra Id, showcasing how to retrieve an ARC server from a...
Read Article →Register Yubikeys on behalf of your users with Microsoft Entra ID FIDO2 provisioning APIs
Check out this article via web browser: Register Yubikeys on behalf of your users with Microsoft Entra ID FIDO2 provisioning APIs Microsoft recentl...
Read Article →The New Entra ID Photo Update Settings Policy for User Profile Photos
A new Entra ID photo update settings policy aims to cure the mish-mash of existing settings controlling how user profile photos are updated in Micr...
Read Article →Deep Dive SSO in Entra Private Access
A few days ago, Microsoft announced that Global Secure Access is now generally available. Since I have been working with the product for some time ...
Read Article →Speaking at the Workplace Ninja Summit 2024
Next week it’s time again for the annual Workplace Ninja Summit in Lucerne, Switzerland. The summit will start on Monday September 16th till ...
Read Article →Deep Dive DNS in Entra Private Access
A few days ago, Microsoft announced that Global Secure Access is now generally available. Since I have been working with the product for some time ...
Read Article →Mastering the MFA Mandate: Considerations and Recommendations for a Smooth Transition
Prepare for Microsoft’s mandatory MFA with practical tips on securing accounts, migrating services, and optimizing Conditional Access.
Read Article →Speaking at the Cloud Identity Summit 2024 on Thursday September 5th
This Thursday, I will visit and speak at the Cloud Identity Summit in Cologne, Germany. The Cloud Identity Summit is organized by Thomas Naunheim, ...
Read Article →Detect Impact MFA Enforcement
You may have noticed that Microsoft will enforce MFA requirement per October 15, 2024 for Azure/Entra/Intune. If this is new ... Read more
Read Article →PnP PowerShell Changes Its Entra ID App
On August 21, 2024, news emerged that the PnP PowerShell module will transition from using a multi-tenant Entra ID app to a tenant-specific app. Th...
Read Article →Microsoft Defender for Identity – Expands support to servers with Microsoft Entra Connect
Last Updated on June 2, 2025 by Michael Morten Sonne Intoduction What is Microsoft Defender for Identity Microsoft… The post Microsoft Defend...
Read Article →Why Entra ID can Restore Some Types of Deleted Groups and Not Others
The ability to restore deleted groups only covers Microsoft 365 groups. That's an odd situation to be in given the different types of groups in Mic...
Read Article →Finding Non-Compliant Shared Mailboxes
Shared mailboxes have Entra ID accounts. No one needs to sign into the accounts because Exchange Online manages connections using mailbox permissio...
Read Article →You always trust your CSP - Cross Tenant MFA and GDAP
Entra ID Multifactor Authentication is on everyone’s mind, as Microsoft will enforce the usage of MFA for most of the Admin portals starting ...
Read Article →Best practice for emergency access accounts in Microsoft Entra
Follow best practice to configure your emergency access accounts in Microsoft Entra to ensure you always can access them securely. The post Best pr...
Read Article →Reporting Entra ID Administrative Role Assignments
A recent report highlighted the problem of on-premises accounts synchronized to Entra ID that receive administrative role assignments. This article...
Read Article →All you need to know about the mandatory multifactor authentication for Azure and other administration portals
Check out this article via web browser: All you need to know about the mandatory multifactor authentication for Azure and other administration port...
Read Article →Adding Graph API permissions to Managed Identities
Making a little note of this in Graph API so it's easy to find for using it - In this post, we will go over how to simply add a Graph API permissio...
Read Article →How to check your tenants Entra license plan with PowerShell
Learn how to check the license plan level of a Microsoft Entra tenant using the Microsoft Graph PowerShell SDK. The post How to check your tenants ...
Read Article →Microsoft 365 Admin Center to Take Over License Assignments
Microsoft is removing license assignments from the Entra admin center. From Sept 1, new license assignments are done in the Microsoft 365 admin cen...
Read Article →Microsoft to reduce permissions on Directory Synchronization Accounts
Microsoft are reducing the effective permissions on Directory Synchronization Accounts in Microsoft Entra, learn more about it now. The post Micros...
Read Article →Global Secure Access in Conditional Access
A few days ago, Microsoft announced that Global Secure Access is now generally available. Since I have been working with the product for some time ...
Read Article →MDM vs. MAM | Personal vs. Corporate
In our previous blog, we explored how to register devices with Entra and manage them, despite certain prerequisites for using Intune. In this blog,...
Read Article →Identify and prevent abuse of Managed Identities with Federated Credentials from unauthorized entities
In this article, I would like to point out options to identify, monitor and avoid persistent access on Managed Identities privileges by adding fede...
Read Article →Return a permanently deleted user’s sign-in info with Get-MgUser
Learn how to use the Get-MgUser cmdlet in Microsoft Graph PowerShell to return the ID and Sign-in information for deleted users. The post Return a ...
Read Article →Overview to Global Secure Access
A few days ago, Microsoft announced that Global Secure Access is now generally available. Since I have been working with the product for some time ...
Read Article →Finding Managers of Users with the Microsoft Graph PowerShell SDK
The task to find manager for Entra ID accounts seems simple until you find the bunch of utility accounts created by Exchange Online that should be ...
Read Article →Find all permissions assigned to all applications in Microsoft Entra
Use Microsoft Graph PowerShell to export a list of all permissions assigned to all application in Microsoft Entra. The post Find all permissions as...
Read Article →Phishing-resistant MFA basics
This blog explains the basics of phishing-resistant MFA (Multi Factor Authentication) and the single- and/or multi-tenant support options (which qu...
Read Article →Entra Suite License Explained
Copyright © 2025 Microsoft Security - All Rights Reserved.
Read Article →Entra ID – Global Secure Access – Now Generally Available!
Last Updated on December 18, 2024 by Michael Morten Sonne Introduction Yes – now its announce that the… The post Entra ID – Global Secu...
Read Article →Conditional Access Staged Rollout settings
A new status filter named 'Staged rollout' has appeared in the Conditional Access portal of Microsoft Entra recently, so what is it? The post Condi...
Read Article →The Right Way to Replace the Remove-SPOExternalUser Cmdlet
Microsoft says they will remove the Remove-SPOExternalUser cmdlet starting July 29. They recommend using Remove-AzureADUser as a replacement. It's ...
Read Article →How to filter users with Extension Attributes using Microsoft Graph
Learn how to use Extension Attributes in Microsoft Entra to filter users based on the extension property using Microsoft Graph. The post How to fil...
Read Article →Temporary exclusions for Conditional Access using PIM for Groups
Check out this article via web browser: Temporary exclusions for Conditional Access using PIM for Groups Conditional Access include and exclude gro...
Read Article →Introducing the Microsoft Entra Suite license
Find out about the new Microsoft Entra Suite licensing which includes step-up features from the Microsoft 365 E5 license, including verified ID, ID...
Read Article →Prevent Conditional Access bypass with Restricted Management Administrative Units in Entra ID
Check out this article via web browser: Prevent Conditional Access bypass with Restricted Management Administrative Units in Entra ID Bypassing Con...
Read Article →T1556.009 - Detect and prevent suspicious conditional access policy modifications
Introduction In April 2024, MITRE came with their new V15 version of ATT&CK. In this version a new sub-technique was introduced called ‘T...
Read Article →Adding Details of Authentication Methods to the Tenant Passwords and MFA Report
V1.2 of the User Passwords and MFA report includes the names of authentication methods registered for user accounts. V1.3 expands the amount of det...
Read Article →Microsoft Graph Command Line Tools to become verified in Entra
Microsoft have announced that the Microsoft Graph Command Line Tools application will soon become a verified application. The post Microsoft Graph ...
Read Article →How to find specific permissions assigned to applications in Entra
Learn how to find which applications in Microsoft Entra have specific permissions assigned using Microsoft Graph PowerShell. The post How to find s...
Read Article →How to disable per-user MFA using Microsoft Graph PowerShell
Learn how to use Microsoft Graph PowerShell to disable per-user MFA in Microsoft Entra to support migration to Conditional Access. The post How to ...
Read Article →Per-User MFA State Added to Tenant Passwords and MFA Report
A Microsoft Graph update makes per-user MFA state available for user accounts. Being able to access the data means that we can include it in the Us...
Read Article →Report per-user MFA status in Entra using Microsoft Graph PowerShell
Learn how to use Microsoft Graph PowerShell to view the per-user MFA state and method for users in Microsoft Entra. The post Report per-user MFA st...
Read Article →The Battle Of The Local Administrator And Autopilot Device Preparation
In this blog, I will discuss how I found out a specific entra setting was interfering, AKA breaking my Windows Autopilot device preparation deploym...
Read Article →Report Delegated Permission Assignments for Users and Apps
This article describes how to use the Microsoft Graph PowerShell SDK to report delegated permission assignments to user accounts and apps. Like in ...
Read Article →Entra ID – Global Secure Access Client – Assign users and groups to forwarding profiles
Last Updated on June 5, 2024 by Michael Morten Sonne Intoduction Finally, with the Global Secure Access traffic… The post Entra ID – Global S...
Read Article →Understanding Primary Refresh Tokens in the Entra ID Sign-in logs
Learn about the different types of security tokens in Microsoft Entra and the Primary Refresh Token in the sign-in logs. The post Understanding Pri...
Read Article →Entra Private Access/GSA – Automatic Network Detection
This blog covers a custom script solution for Intune, that can be used to automatically detect, if the Entra Private ... Read more
Read Article →How to Manage Microsoft Entra sign-in logs with PowerShell
Learn how to use Microsoft Graph PowerShell to filter, find and manage the sign-in logs for Microsoft Entra. The post How to Manage Microsoft Entra...
Read Article →Entra ID Dynamic Groups – Direct reports of a manager
Check out this article via web browser: Entra ID Dynamic Groups – Direct reports of a manager Here’s a quick tip that I discovered only...
Read Article →Configure External Authentication Methods in Entra ID with Duo Security
Setup Cisco Duo as an External Authentication Method in Microsoft Entra ID and satisfy MFA requirements in Conditional Access. The post Configure E...
Read Article →Block Device Code Authentication Requests with Conditional Access
This article describes the process of blocking device code authentication requests against Entra ID with a preview feature for conditional access p...
Read Article →Thoughts on Copilot for Security’s Early Days
April 1, 2024, seen the release of Microsoft Copilot for Security to general availability (GA). It is a generative AI solution integrating with Def...
Read Article →Entra ID – Exploring the new feature: What’s New
Last Updated on May 10, 2024 by Michael Morten Sonne Introduction Let´s explore some of the new in… The post Entra ID – Exploring the new fea...
Read Article →Update Entra ID User Role Permissions to Secure Your Tenant
The user authorization policy defines user role permissions, or actions that non-admin users can take within an Entra ID tenant. The default settin...
Read Article →Microsoft Launches Support for Entra ID External Authentication Methods
In a May 2 announcement, Microsoft said that they have signed up 9 ISVs to add support for Entra ID authentication methods. The third-party methods...
Read Article →Setup External Authentication Methods in Microsoft Entra ID
Learn about External Authentication Methods in Microsoft Entra and how to setup new External Authentication methods for Entra ID. The post Setup Ex...
Read Article →Find all license-enabled groups in Microsoft Entra with PowerShell
Learn how to use Microsoft Graph PowerShell and filtering to find all license-enabled groups in Microsoft Entra. The post Find all license-enabled ...
Read Article →Microsoft Defender for Endpoint -Security Settings Management Internals 0x1
In this blog post we take a closer look at how Microsoft Defender for Endpoint Security Settings Management operates under the hood when managing W...
Read Article →Create client secrets during App Registration in Microsoft Entra
You can now create client secret during app registration in Microsoft Entra using Microsoft Graph PowerShell. The post Create client secrets during...
Read Article →MFA issues for Invited guest – Cause: Cross-Tenant Access due to Partner Relationship
This blog is about an issue, I experienced when I was invited as Guest to a tenant, where cross-tenant access ... Read more
Read Article →Conditional Access Policies - An In-depth Guide
Copyright © 2025 Microsoft Security - All Rights Reserved.
Read Article →How to Remove a Single Service Plan from User Accounts with PowerShell
Some years ago, I wrote a script to demonstrate how to remove service plans with PowerShell. This article describes some upgrades to make the scrip...
Read Article →Removing Licenses from Entra ID Accounts When a Replacement License Exists
License management is a core competence for Microsoft 365 tenant administrators. This article explains how to use PowerShell to remove licenses fro...
Read Article →Microsoft Graph Activity Logs Hit General Availability
April 11 saw the general availability of Microsoft Graph activity logs, a new set of data recording details of Graph API HTTP requests made in a te...
Read Article →List All Passkeys and AAGUIDs in Microsoft Entra with PowerShell
Use Microsoft Graph PowerShell to create a report of all Passkeys and their AADGUIDs current in use in your Tenant. The post List All Passkeys and ...
Read Article →Maester: Microsoft Security Test Automation Framework
The Maester tool is a community initiative to create a tool to help tenant administrators improve the security of their Entra ID tenants. It’s stil...
Read Article →Get started with passkeys in Microsoft 365
Check out this article via web browser: Get started with passkeys in Microsoft 365 It’s here! A long-awaited feature in Microsoft 365 is fina...
Read Article →Passkey Public Preview for Entra ID
With the release of the public preview for Passkey in Entra ID, I think, the broad adoption of passwordless and phishing resistant authentication a...
Read Article →Automated Microsoft 365 Security Posture Monitoring with Maester
Configure an automation Microsoft 365 Security Poster Monitoring solution using the Maester tool using Azure Automation. The post Automated Microso...
Read Article →How to enable Passkeys for the Microsoft Authenticator app
Learn how to enable Passkeys in the Microsoft Authenticator app for FIDO2 compliance authentication to Microsoft Entra. The post How to enable Pass...
Read Article →Use Certificate-Based Authentication in Entra with Cloud PKI
Learn how to configure Certificate-based authentication in Microsoft Entra using certificates issues from your Intune Cloud PKI. The post Use Certi...
Read Article →Update Branding With the Organizational Branding Administrator Role
Use the Organizational Branding Administrator role to update your organisations branding in Microsoft Entra. The post Update Branding With the Orga...
Read Article →Limit local administrators on Microsoft Entra joined devices
Prevent the global administrators in Microsoft Entra from being added to the local administrators group on Microsoft Entra joined devices. The post...
Read Article →Local Administrator, and Autopilot Settings, and Entra Settings! Oh, my!
In this blog, I will examine the new Entra local administrator settings, which prevent users from becoming local administrators on their devices du...
Read Article →All About Microsoft 365 Tenant Identifiers
Every Microsoft 365 tenant has a tenant identifier, a unique GUID that's used within the Entra ecosystem to identify a tenant and its objects. Much...
Read Article →The Intersection of Graph and Entra ID: Application Permissions and Roles
The Intersection of Graph and Entra ID: Application Permissions and Roles When you work someplace that develops software that interacts with Entra ...
Read Article →Demystifying Microsoft Entra Workload ID Licensing
Copyright © 2025 Microsoft Security - All Rights Reserved.
Read Article →How to Convert an Entra ID External Account to Internal
A new convert to internal user preview feature allows Entra ID administrators to convert external accounts to internal accounts. An option is avail...
Read Article →Microsoft Entra App Registration Exploitation
Copyright © 2025 Microsoft Security - All Rights Reserved.
Read Article →How to simulate risk in Microsoft Entra ID Protection
Check out this article via web browser: How to simulate risk in Microsoft Entra ID Protection Entra ID protection is an excellent feature amongst t...
Read Article →Convert External Users to Internal Users in Microsoft Entra
Learn how to converted guests to internal using in Microsoft Entra using the web portal or Microsoft Graph PowerShell. The post Convert External Us...
Read Article →How to a Find Microsoft 365 Tenant ID Without Tenant Access
Use these 3 methods to find the tenant ID of any Microsoft Entra tenant without access to the tenant. The post How to a Find Microsoft 365 Tenant I...
Read Article →Finding Devices Used for Multifactor Authentication
This article describes how to use sign-in data to identify unused Entra ID registered devices. It’s an imperfect solution because Entra ID doesn’t ...
Read Article →Setup cloud-based RADIUS for Entra Joined Devices using Cloud PKI
Learn how to setup RADIUS wireless network authentication in a completely cloud environment using Microsoft Entra, Cloud PKI and RADIUSaaS. The pos...
Read Article →Entra ID – Global Secure Access Client – Setup of the Microsoft 365 Profile – Part 3
Last Updated on March 23, 2024 by Michael Morten Sonne Intoduction In an era defined by the dynamic… The post Entra ID – Global Secure Access...
Read Article →Entra Private Access & Windows Hello for Business Kerberos Trust – Network Drive Fails for 10 min. after restart and user login
If you are using Entra Private Access (or other SSE solutions) – together with Windows Hello for Business Kerberos Trust, ... Read more
Read Article →Using WDAC to ingest missing MDE events and detect token stealing
Introduction In a previous blog post I talked about how adversaries can exploit SSO capabilities of Hybrid or fully Entra ID joined devices. I ment...
Read Article →Reporting Soft-Deleted Entra ID Objects
A Microsoft Technical Community article gave some interesting information about how to report soft-deleted Entra ID objects. We think we can improv...
Read Article →Speaking at the February 2024 Azure APE Meetup
Today (Tuesday February 27th) I have the pleasure to speak at the February 2024 Azure APE Meetup organized by the Azure Platform Engineering (APE) ...
Read Article →Microsoft Releases Entra ID License Utilization Insights
Microsoft has released the preview of the Entra ID usage insights for premium license consumption. This could be the harbinger of a more restricted...
Read Article →Protect the Device Code Authorisation Flow With Conditional Access
Learn how to protect the device code authorisation flow in Microsoft Entra using Conditional Access policies. The post Protect the Device Code Auth...
Read Article →Entra ID – Global Secure Access Client – Installation of the Agent on Windows – Part 2
Last Updated on February 22, 2024 by Michael Morten Sonne Intoduction In an era defined by the dynamic… The post Entra ID – Global Secure Acc...
Read Article →Microsoft 365 end-user notifications for changes in authentication methods
Check out this article via web browser: Microsoft 365 end-user notifications for changes in authentication methods When moving away from traditiona...
Read Article →Report Microsoft Entra License Utilisation with PowerShell
Learn how to report on Microsoft Entra Premium license utilisation using Microsoft Graph PowerShell to identify utilisation metrics. The post Repor...
Read Article →Entra ID – Global Secure Access Client – What it is about – Part 1
Last Updated on February 21, 2024 by Michael Morten Sonne Intoduction In an dynamic nature of work, where… The post Entra ID – Global Secure ...
Read Article →Logging Into the Future: Smart Strategies for Storing Microsoft Entra Logs in Azure
Explore storing Microsoft Entra logs via Azure Monitor, Storage Accounts, and Event Hubs, each offering unique benefits for IT security.
Read Article →Migrate Identity Protection Risk Policies to Conditional Access
Learn how to Migrate Identity Protection Risk policies in Microsoft Entra to Conditional Access Policies before they are retired. The post Migrate ...
Read Article →Checking Out Entra Identity Secure Score
If your Microsoft 365 tenant has Entra P2 licenses, you can use the Entra Identity Secure Score feature to measure your tenant against Microsoft be...
Read Article →Viewing changes to Conditional Access policies just became easier!
Check out this article via web browser: Viewing changes to Conditional Access policies just became easier! Today, a quick tip for all Entra admins ...
Read Article →Why MFA, Conditional Access, and Sensitivity Labels can Combine to Give Outlook a Problem
If conditional access policies impose MFA for all cloud apps, it gives external users a problem when they use Outlook desktop to read protected ema...
Read Article →Entra ID Protection – Common Microsoft 365 Security Mistakes Series
Signals from across Microsoft’s services and ecosystems inform Entra ID Protection to detect risk. The risk detections can alert administrato...
Read Article →Defender for Cloud – Permissions Management – New Features added to Cloud Infrastructure Entitlement Management (CIEM)
Last Updated on April 27, 2024 by Michael Morten Sonne Intoduction In the ever-evolving landscape of cloud-based infrastructures,… The post D...
Read Article →Register New Applications With Microsoft Graph PowerShell
Learn how to register new applications in Microsoft Entra and assign permissions using Microsoft Graph PowerShell. The post Register New Applicatio...
Read Article →Reporting App Permissions Used by Managed Identities
This article explains how to check Managed Identity permissions, or rather the set of consented Graph and other permissions held by the service pri...
Read Article →New MSIdentityTools Cmdlet to Report OAuth Permissions
The latest version of the MSIndentityTools PowerShell module includes the Export-MsIdAppConsentGrantReport cmdlet to generate a report of OAuth app...
Read Article →Anonymous IP address involving Apple iCloud Private Relay
Since a few weeks I recognized an uptick in Entra ID Protection alerts regarding “Anonymous IP address” detections. Normally this is a ...
Read Article →A Thread on Frosty Fiascos: Delving into the Microsoft Midnight Blizzard Hack
Check out this article via web browser: A Thread on Frosty Fiascos: Delving into the Microsoft Midnight Blizzard Hack This post is all about the ha...
Read Article →AitM detection with Sentinel via custom CSS
Introduction You are probably wondering, what has CSS to do with detecting AitM sites. In this blog post, we will go over how we can use a custom C...
Read Article →Pivot via OAuth applications across tenants and how to protect/detect with Microsoft technology? (Midnight blizzard)
Recently threat actors like Midnight Blizzard use the OAuth applications in tenants that they can misuse for malicious activity. Actors use comprom...
Read Article →Global Reader in Microsoft Entra to Allow Access to Teams Devices
The Global Administrator role in Microsoft Entra will soon enable administrators to access the Teams Devices section of the Teams admin center. The...
Read Article →Graph User.ReadBasic.All Application Permission Available
The Graph User.ReadBasic.All permission is now available for both delegated and application usage. Think before rushing to use the permission. Alth...
Read Article →Exchange Online Optimizes Online Address Book Lookups
Microsoft is changing the way that Exchange Online address book updates work to force users to use search rather than browsing through the GAL/OAB....
Read Article →How to Update Tenant Corporate Branding for the Entra ID Sign-in Screen with PowerShell
The ability to apply custom corporate branding for Entra Id screens has existed since 2020. You can update elements through the admin center or Pow...
Read Article →How to Use PowerShell to Retrieve Permissions for Entra ID Apps
Recent attacker activity made me think that access might have been gained through an OAuth app. Keeping an eye on app permissions is important. Fro...
Read Article →Speaking at the Cloud Guardians Unleashed event of the Microsoft Cloud and Client Management Community
Tomorrow (Thursday January 25th) I have the pleasure to speak at the Cloud Guardians Unleashed event organized by the Microsoft Cloud and Client Ma...
Read Article →Microsoft Defender for Identity – What is it, how to install it and setup requirements
Last Updated on September 26, 2024 by Michael Morten Sonne Intoduction What is Defender for Identity Microsoft Defender… The post Microsoft D...
Read Article →Microsoft Encourages More Performant Membership Rules for Dynamic Groups
MC705357 (9 Jan 2024) says that the dynamic group rule builder in the Entra ID and Intune admin centers no longer supports the contains and notCont...
Read Article →How to Report Expiring Credentials for Entra ID Apps
Entra ID registered apps can authenticate using app secrets and certificates. These credentials expire over time, so it’s good to review app creden...
Read Article →Report all Application Owners in Microsoft Entra with PowerShell
Learn how to report the owners of all applications in Microsoft Entra using Microsoft Graph PowerShell and export to CSV. The post Report all Appli...
Read Article →Entra ID – Stale Application Analysis with PowerShell
Last Updated on February 19, 2024 by Michael Morten Sonne Stale Application Analysis for Entra ID – some… The post Entra ID – Stale App...
Read Article →Connect to Microsoft Graph PowerShell Using Certificates with Azure Automation
Learn how to Connect to Microsoft Graph PowerShell using certificate based authentication in Microsoft Entra. The post Connect to Microsoft Graph P...
Read Article →Mastering Microsoft Graph PowerShell SDK Foibles
Entra ID supports user extension attributes but the same facility is unavailable for group objects. That seems strange, but it might be due to the ...
Read Article →Microsoft Entra Workload ID - Incident Response with Microsoft Sentinel Playbooks and Conditional Access
In the recent parts of the blog post series, we have gone through the various capabilities to detect threats and fine-tune incident enrichment of W...
Read Article →How to Report User-Consented Permissions on Applications in Microsoft Entra
Learn how to use Microsoft Graph PowerShell to generate a report of user permissions consented to applications in Microsoft Entra. The post How to ...
Read Article →Managing Passwords for Entra ID Accounts with PowerShell
Password profiles store the password settings for Entra ID user accounts. By updating the password profile, you can update an account's password an...
Read Article →Getting started with Microsoft Entra Private Access
Discover Microsoft Entra Private Access: advanced, secure remote access for corporate resources, surpassing traditional VPN limitations.
Read Article →Reporting Entra ID Admin Consent Requests
A question came in about how to report admin consent requests as viewed through the Entra ID admin center. PowerShell does the trick, once you know...
Read Article →Entra ID – Quota Limit – Learn to manage your usage to avoid maxing it out and extend it before it’s too late
Last Updated on February 19, 2024 by Michael Morten Sonne Intoduction The inability to create new users in… The post Entra ID – Quota Limit –...
Read Article →From hybrid / fully joined devices to Entra ID
Introduction Adversaries are more and more interested in the data and infrastructure that lives in Cloud environments like Azure and Microsoft 365 ...
Read Article →How to Configure Web Content Filtering with Global Secure Acess
Learn how to configure web filtering policies using the Global Secure Access, Internet Access profile in Microsoft Entra. The post How to Configure...
Read Article →Microsoft Entra Workload ID - Advanced Detections and Enrichment in Microsoft Sentinel
Collecting details of all workload identities in Microsoft Entra ID allows to build correlation and provide enrichment data for Security Operation ...
Read Article →Threat Actors Increase Misuse of OAuth Applications
OAuth apps are a big part of the extensibility picture for Microsoft 365 tenants. As such, they are targeted by attackers as a good way to gain acc...
Read Article →Entra ID Improves Registered App Security
The preview app instance property lock feature designed to improve the security of Entra ID registered apps is becoming the default for new apps. I...
Read Article →How to Create and Manage Access Reviews for Group Owners
Learn how to enable group owners to managed access reviews for guests in groups/teams that they are the own off. The post How to Create and Manage ...
Read Article →What is this Microsoft SSE solution that everyone is talking about?
On July 11th, Microsoft announced that Azure AD would be renamed to Microsoft Entra ID. Microsoft also announced two new security offerings called ...
Read Article →Entra ID Captures Timestamp for Last Successful Sign In for User Accounts
Entra ID captures the lastSuccessfulSignInDateTime property to record the last successful sign-in action against user accounts. The new property is...
Read Article →Exclude Breakglass Accounts from Conditional Access Policies with PowerShell
Conditional access policies control access to Entra ID connections. Policies should have exclusions for breakglass accounts, but sometimes this doe...
Read Article →What problem do passkeys solve?
Sometimes unlearning things is harder than learning As you might have read somewhere Microsoft is busy implementing support for passkeys in their p...
Read Article →How to Prevent Users From Accessing The Microsoft Entra Portal
Learn how to prevent users from accessing the Microsoft Entra Admin portal and understand the impact of restricting access. The post How to Prevent...
Read Article →Microsoft Entra Workload ID - Threat detection with Microsoft Defender XDR and Sentinel
Attack techniques has shown that service principals will be used for initial and persistent access to create a backdoor in Microsoft Entra ID. This...
Read Article →Prevent AiTM with Microsoft Entra Global Secure Access and Conditional Access
Check out this article via web browser: Prevent AiTM with Microsoft Entra Global Secure Access and Conditional Access Microsoft Entra Global Secure...
Read Article →Speaking at the European SharePoint Conference (ESPC) about Microsoft Entra ID Conditional Access
This week, the European SharePoint Conference (ESPC) is held between November 27 – 30 in Amsterdam the Netherlands. The event which will attr...
Read Article →Privileged Identity Management (PIM) – Common Microsoft 365 Security Mistakes Series
Entra ID’s P2 license (previously Azure AD Premium P2) unlocks the Privileged Identity Management (PIM). PIM is part of broader identity gove...
Read Article →A love story about Role Based Access Control for Applications in Exchange Online, Managed Identities, Entra ID Admin Units, and Graph API
Check out this article via web browser: A love story about Role Based Access Control for Applications in Exchange Online, Managed Identities, Entra...
Read Article →Customise or Disable Microsoft Managed Conditional Access Policies
Learn how to turn off Microsoft Managed Conditional Access policies in Microsoft Entra to prevent them from being created. The post Customise or Di...
Read Article →How to Change the Default MFA Method for Microsoft 365 Users
As an Microsoft 365 admin, you can use the Microsoft Entra admin portal to change a users default MFA method. The post How to Change the Default MF...
Read Article →Protect Microsoft 365 Break Glass Accounts with Azure Automation
Learn how to protect your Microsoft 365 Break Glass accounts and never get locked out of your organisations tenant with Azure Automation. The post ...
Read Article →Entra ID – Comming: Auto-rollout of basic Conditional Access policies to protect your tenant – is missing in so many tenants so finally!
Last Updated on February 19, 2024 by Michael Morten Sonne Intoduction Background Companies that do not implement Multi-Factor… The post Entra...
Read Article →Microsoft Global Secure Access: Empowering Secure and Seamless Connectivity
Boost security, speed, and access with Microsoft's Entra Internet for M365. A game-changer!
Read Article →Prepare for passkeys in Entra ID!
Check out this article via web browser: Prepare for passkeys in Entra ID! Only a few months until Microsoft Entra ID will support device-bound pass...
Read Article →How to create a Temporary Access Pass using Logic Apps
Check out this article via web browser: How to create a Temporary Access Pass using Logic Apps Now that more and more organizations are moving towa...
Read Article →How to Apply Conditional Access to PIM Activation in Microsoft Entra
Apply strong authentication methods through Conditional Access for PIM (Privileged Identity Management) role activation. The post How to Apply Cond...
Read Article →Allow Unlimited Snoozes for Microsoft Authenticator Registration
Learn how to modify the Microsoft Authenticator Registration Campaign settings to allow unlimited snoozes when prompted to register. The post Allow...
Read Article →Microsoft Entra MFA Fraud Deep Dive
Microsoft Entra MFA Fraud Deep Dive Tags: Entra, ITDR, MFA Published at: October 7, 2023 Summary: Recently, Microsoft released the new feature Repo...
Read Article →Conditional Access – Common Microsoft 365 Security Mistakes Series
Conditional Access (CA) is front and center of any attempt to secure Microsoft 365. If you’ve spent any time securing your tenant and Entra r...
Read Article →Allow On-Premise Password Change to Reset User Risk in Microsoft Entra
Learn how to enable the Allow On-Premise Password Change to Reset User Risk feature in Microsoft Entra to manage risky users. The post Allow On-Pre...
Read Article →How to Block User Access to BitLocker Keys in Microsoft Entra
Learn how to prevent users from accessing BitLocker keys for the devices they own in the Microsoft Entra portal. The post How to Block User Access ...
Read Article →How to Modify Security Defaults with Microsoft Graph PowerShell
Learn how to enable and disable security defaults in Microsoft Entra programmatically using Microsoft Graph PowerShell. The post How to Modify Secu...
Read Article →How to Restrict Guest User Invites in Microsoft Entra
Learn how to restrict who can invite guest users to your tenant in Microsoft Entra and using Microsoft Graph PowerShell. The post How to Restrict G...
Read Article →Speaking at the Workplace Ninja Summit, September 27-29 2023
Starting on Wednesday September 27, till Friday September 29 the Workplace Ninja Summit which is an in-person event will take place in Baden, Swits...
Read Article →Enforce FIDO2 PIN complexity with Microsoft Entra Conditional Access Authentication Strengths.
Check out this article via web browser: Enforce FIDO2 PIN complexity with Microsoft Entra Conditional Access Authentication Strengths. As you may o...
Read Article →How to Target Specific Tenants with Conditional Access
Learn how to target specific Microsoft Entra tenants in Multitenant organisations using Conditional Access policies. The post How to Target Specifi...
Read Article →How to Setup Multi-Tenant Organisation in Microsoft 365
Learn how to Setup Cross-Tenant Synchronisation in Microsoft Entra step by step to automatically provision B2B user access. The post How to Setup M...
Read Article →Dude, Where's My Audit Logs?
Dude, Where's My Audit Logs? Audit logs can provide all sorts of wonderful points of data. In the interest of identity security, we have historical...
Read Article →Speaking at the Cloud Identity Summit 2023, on September 7th 2023
On Thursday September 7th, the annual Cloud Identity Summit will take place as an in-person event in Koblenz Germany. This event is organized by Th...
Read Article →Microsoft Entra Workload ID - Lifecycle Management and Operational Monitoring
Workload identities should be covered by lifecycle management and processes to avoid identity risks such as over-privileged permissions but also in...
Read Article →Enabling Time-based Restrictions in Conditional Access
Learn how to apply Conditional Access policies based on the time of day and the day of the week by configuring time-based conditions. The post Enab...
Read Article →How to Revoke Application API Permissions with Microsoft Graph PowerShell
Learn how to revoke API permissions assigned to applications in Microsoft Entra using Microsoft Graph PowerShell. The post How to Revoke Applicatio...
Read Article →How to Setup User Risk Reports to Email in Microsoft Entra
Learn how to setup User Risk and Sign-in Risk reports in Microsoft Entra using the admin center and Microsoft Graph PowerShell. The post How to Set...
Read Article →Entra Registered Devices in Intune: What You Need to Know
This blog is an addition to my previous blog, which showed you the difference between Entra Registered devices and Entra Joined devices. In this bl...
Read Article →How to Apply Conditional Access to Protected Actions in Microsoft Entra
Learn how to configure Protected Actions in Microsoft Entra with an Authentication Context to protect with Conditional Access policies. The post Ho...
Read Article →Microsoft Entra Workload ID - Introduction and Delegated Permissions
Workload identities will be used by applications, services or cloud resources for authentication and accessing other services and resources. Especi...
Read Article →How to Setup Registration Campaigns for MFA in Microsoft Entra
Learn how to configure Registration Campaigns in Microsoft Entra to prompt users to configure the Authenticator app for MFA. The post How to Setup ...
Read Article →Under the Hood of: MDE Attach V2 / Security settings management
I will guide you through my MDE Attach V2 (Security Management) journey and explain which "service" delivers the Intune policies to your NOT AADJ (...
Read Article →Protect Your Privilege with PAW
Protect Your Privilege with PAW According to the Microsoft Digital Defense Report 2022, weak identity controls are listed as a top three contributi...
Read Article →How to Setup Microsoft Entra Internet Access
Learn how to setup Microsoft Entra Internet Access with Conditional Access to secure access to Microsoft 365 apps and services. The post How to Set...
Read Article →Manage user-preferred multi-factor authentication method in Microsoft Entra ID
Check out this article via web browser: Manage user-preferred multi-factor authentication method in Microsoft Entra ID This post is all about setti...
Read Article →How to Monitor for Application Admin Permission Consent in Microsoft Entra
Learn how to monitor for application admin permission consents in Azure AD using PowerShell and Azure Automation. The post How to Monitor for Appli...
Read Article →Azure AD – Why use Cloud-Only Administrative/normal accounts and how to protect them in Azure AD from on-premises attacks
Last Updated on June 2, 2025 by Michael Morten Sonne Intoduction Frist – sorry for the size og… The post Azure AD – Why use Cloud-Only ...
Read Article →Secure your Azure Management portal
Last Updated on June 25, 2023 by Michael Morten Sonne How secure your Azure Management Portal?. By default,… The post Secure your Azure Manag...
Read Article →Company branding and custom CSS in Azure Active Directory
Check out this article via web browser: Company branding and custom CSS in Azure Active Directory Company branding in Azure AD is a nice feature th...
Read Article →The nOAuth “flaw” is a symptom of industry antipatterns
The nOAuth “flaw” is a symptom of industry antipatterns If you haven’t followed the news recently, Descope released an article diving into how thei...
Read Article →Azure AD Application Activity Report Analysis
In the today’s digital age and use all over the world, maintaining the security of an organization has… The post Azure AD Application Activit...
Read Article →12 quick tips to secure your identities in Microsoft 365
Last Updated on March 14, 2024 by Michael Morten Sonne In the post here, I will share 10… The post 12 quick tips to secure your identities in...
Read Article →Running Evilginx 3.0 on Windows
Check out this article via web browser: Running Evilginx 3.0 on Windows In case you missed it: Evilginx 3 was recently launched to the public. This...
Read Article →Protection of privileged users and groups by Azure AD Restricted Management Administrative Units
Restricted Management Administrative Unit (RMAU) allows to protect objects from modification by Azure AD role members on directory-level scope. Man...
Read Article →Step-up authentication with Defender for Cloud Apps and Authentication Context
Check out this article via web browser: Step-up authentication with Defender for Cloud Apps and Authentication Context In this post, I will show yo...
Read Article →Send an email on a new Azure MFA method registration
Check out this article via web browser: Send an email on a new Azure MFA method registration I’ve done quite some Azure MFA projects over tim...
Read Article →Azure AD Admin and use of PIM Email forwarding for your admin accounts notifications
Last Updated on June 19, 2023 by Michael Morten Sonne Intoduction Seperate accounts in Azure AD for Administrative… The post Azure AD Admin a...
Read Article →Secure authentication method provisioning with Temporary Access Pass
Last Updated on March 14, 2024 by Michael Morten Sonne What is TAP? TAP is a time-limited passcode… The post Secure authentication meth...
Read Article →Break Glass account – and how to get notified when a Break Glass account is used
Last Updated on August 13, 2023 by Michael Morten Sonne Intoduction What is a Break Glass Account? Break… The post Break Glass account – and ...
Read Article →Report Suspicious Activity & Fraud Alert for Azure MFA
Check out this article via web browser: Report Suspicious Activity & Fraud Alert for Azure MFA A new feature popped up in Azure AD. Well, not ...
Read Article →Set up a free Microsoft Intune lab tenant with Microsoft 365 developer subscription
Last Updated on March 14, 2024 by Michael Morten Sonne Intro Do you want to get started learning… The post Set up a free Microsoft Intune lab...
Read Article →Microsoft 365: What is and how to set up “Idle session timeout”?
Last Updated on March 14, 2024 by Michael Morten Sonne Microsoft has finally implemented the feature “Idle session… The post Microsoft 365: W...
Read Article →Windows LAPS and management through Microsoft Intune
Last Updated on June 19, 2023 by Michael Morten Sonne What is Windows LAPS Exciting News! New Built-in LAPS… The post Windows LAPS and m...
Read Article →Self Service Password Reset write-back problem – error hr=80230818
Last Updated on March 14, 2024 by Michael Morten Sonne This is a knowledgebase item. Hope it helps… The post Self Service Password Reset writ...
Read Article →Securing your Azure/Microsoft 365 environment with Principle of Least Privilege and Azure PIM
Last Updated on July 9, 2023 by Michael Morten Sonne Secure your Azure environment with the power of… The post Securing your Azure/Microsoft ...
Read Article →Configure Azure AD Connect Health email notifications to continue to receive notifications when synchronization errors occur in Azure AD Connect
Why is this needed? Admins who are using Azure AD Connect are currently receiving email notifications when there… The post Configure Azure AD...
Read Article →AWS - Integrating PIM with Azure AD SSO for AWS Single-Account Access
Note This article was last updated on 01/30/2025 for readability and updated URLs
Read Article →AWS - Integrating PIM with Azure AD SSO for AWS IAM Identity Center
Note This article was last updated on 01/30/2025 for readability and updated URLs
Read Article →March 23rd, 2023: The Day Everyone Came From Uzbekistan
March 23rd, 2023: The Day Everyone Came From Uzbekistan According to Wikipedia, Toshkent (or Tashkent) is the largest city in, as well as the capit...
Read Article →Abuse and Detection of M365D Live Response for privilege escalation on Control Plane (Tier0) assets
Live Response in Microsoft 365 Defender can be used to execute PowerShell scripts on protected devices for advanced incident investigation. But it ...
Read Article →Authenticator Lite – Approve Azure MFA prompts with the Outlook app
Check out this article via web browser: Authenticator Lite – Approve Azure MFA prompts with the Outlook app Microsoft released a new feature ...
Read Article →Entra App Registrations and Enterprise Applications: The Definitive Guide
Entra App Registrations and Enterprise Applications: The Definitive Guide For those that must manage application integrations in Entra ID, it’s an ...
Read Article →System-preferred multifactor authentication in Azure AD. Don’t settle for less.
Check out this article via web browser: System-preferred multifactor authentication in Azure AD. Don’t settle for less. A new feature has pop...
Read Article →Azure AD Conditional Access authentication context now also available for Azure AD Privileged Identity Management
Microsoft has extended the capabilities of Azure AD authentication context to Azure AD Privileged Identity Management (PIM). By doing this we can t...
Read Article →Duplicate Azure Active Directory Conditional Access policies
Check out this article via web browser: Duplicate Azure Active Directory Conditional Access policies In this post, we look at managing Conditional ...
Read Article →The Importance Of Identity In Microsoft Certifications
The Importance Of Identity In Microsoft Certifications As I’ve taken Microsoft certification exams, or the exam renewals, I’ve noticed that Azure A...
Read Article →Don't Let DNS Be Your Azure AD Recovery Downfall
Don't Let DNS Be Your Azure AD Recovery Downfall In September of 2022, Joey Verlinden (@jvldn1) published an excellent article on his experience wi...
Read Article →Getting started with Azure AD cross-tenant synchronisation
Cross tenant sync is a feature I've been waiting to see for a while and with the announcement of cross tenant access settings, I knew it...
Read Article →Azure AD 101: Azure Subscription Relationship
Azure AD 101: Azure Subscription Relationship Whether you are dipping your toe or diving headfirst into Azure, one of the points of confusion is th...
Read Article →Break glass accounts and Azure AD Security Defaults
Check out this article via web browser: Break glass accounts and Azure AD Security Defaults Security Defaults is the best thing since sliced bread....
Read Article →Securing privileged user access with Azure AD Conditional Access and Identity Governance
Conditional Access and Entitlement Management plays an essential role to apply Zero Trust principles of “Verify explicitly“ and “Use least-privileg...
Read Article →SpAML: Spoofing Users In Azure AD With SAML Claims Transformations
SpAML: Spoofing Users In Azure AD With SAML Claims Transformations For those that believe SAML is dead, they should take a look at the Azure AD App...
Read Article →December 2022 update of the conditional access demystified whitepaper and workflow cheat sheet.
I’m proud to announce the December 2022 update of my Conditional Access demystified whitepaper. With this release, we have reached the fifth ...
Read Article →Conditional Access public preview functionality reviewed (22H2) – Part 3: Granular control for external user types
In the last couple of months, Microsoft released new functionality for Azure AD Conditional Access. All of this functionality is still in public pr...
Read Article →Conditional Access public preview functionality reviewed (22H2) – Part 2: Conditional Access filters for Apps and Workload Identities
In the last couple of months, Microsoft released new functionality for Azure AD Conditional Access. All of this functionality is still in public pr...
Read Article →Conditional Access public preview functionality reviewed (22H2) – Part 1: Authentication Strength
In the last couple of months, Microsoft released new functionality for Azure AD Conditional Access. All of this functionality is still in public pr...
Read Article →Goodbye legacy SSPR and MFA settings. Hello Authentication Methods Policies!
Check out this article via web browser: Goodbye legacy SSPR and MFA settings. Hello Authentication Methods Policies! I’ve got some exciting n...
Read Article →Automated Lifecycle Workflows for Privileged Identities with Azure AD Identity Governance
Microsoft has been released a feature to automate on- and off-boarding tasks for Azure AD accounts. Lifecycle workflows offers built-in workflow te...
Read Article →Synchronize attributes for Lifecycle workflows – Azure AD Connect Sync
Check out this article via web browser: Synchronize attributes for Lifecycle workflows – Azure AD Connect Sync Azure AD Lifecycle Workflows c...
Read Article →CISA SCuBA: Diving Into The Azure AD Baseline
CISA SCuBA: Diving Into The Azure AD Baseline CISA recently released baseline guidance for cloud application security, dubbed SCuBA, or Secure Clou...
Read Article →VM Contributor To Domain Admin In 60 Seconds
VM Contributor To Domain Admin In 60 Seconds When Microsoft revamped the privileged access model in the late fall of 2020, it was received with mix...
Read Article →How to keep track of changes on Microsoft Docs & Learn?
Check out this article via web browser: How to keep track of changes on Microsoft Docs & Learn? When working with cloud services like Microsof...
Read Article →Setting up Azure MFA for VPN and Remote Desktop Gateway
This article will go into detail on how to configure Azure MFA for access to on-premises VPN and RD Gateway.
Read Article →The road to Microsoft MVP and beyond
Check out this article via web browser: The road to Microsoft MVP and beyond Today, a slightly different post. I think it’s time to step away...
Read Article →Automate issuing Temporary Access Pass for joiners with LifeCycle Workflows
Check out this article via web browser: Automate issuing Temporary Access Pass for joiners with LifeCycle Workflows On September 30th, 2022, Pim Ja...
Read Article →Speaking about Conditional Access at Experts Live Netherlands 2022 on September 30 in Den Bosch
Besides helping organizing Experts Live NL 2022 in my role as speaker manager together with Erik Loef, I’m also happy to announce that I will...
Read Article →How to mitigate MFA fatigue and learn from the Uber breach for additional protection
Hackers are more frequently using social engineering attacks to gain access to corporate credentials and breach large networks. With the rise of mo...
Read Article →Take control of your guests with the External Identities Policy
Check out this article via web browser: Take control of your guests with the External Identities Policy Today we take a look at the brand new Exter...
Read Article →Tips for preventing against new modern identity attacks (AiTM, MFA Fatigue, PRT, OAuth)
Identity attacks are currently changing and focussing on new techniques. In the past years, many organizations protected accounts with MFA/ FIDO2 a...
Read Article →Speaking about Conditional Access at the Workplace Ninja Summit 2022 on September 12th in Luzern Switzerland
After speaking virtually on the Workplace Ninja Summit 2020 and Workplace Ninja Summit 2021, I’m really proud to announce that I will also sp...
Read Article →Block users from viewing their BitLocker keys
Check out this article via web browser: Block users from viewing their BitLocker keys This post is mainly focused on a new tenant setting, where yo...
Read Article →How to set up Evilginx to phish Office 365 credentials
Check out this article via web browser: How to set up Evilginx to phish Office 365 credentials Update: Evilginx 3 is here! This post is based on Ev...
Read Article →The TenantID from Toronto
After reading a question on Reddit about how Intune knows which device belongs to which organization, I decided to write a dedicated blog post abou...
Read Article →OOBEAADV10: Return of the 502 Autopilot Error
After all of the Autopilot issues and AAD sign-in errors in March 2022, I need to explain this OOBEAADV10 error a little bit better. 1. Introductio...
Read Article →How to deal with orphaned objects in Azure AD (Connect)
Check out this article via web browser: How to deal with orphaned objects in Azure AD (Connect) We have done hybrid identity for a couple of years ...
Read Article →Night of the Autopilot of the Dawn of the Temporary Access Pass of the MFA of the Return of the RebootRequired of the WUFB of the Attack of the Evil, Mutant, Hellbound, Flesh-Eating SSO Zombified Living Conditional Access, Part 2: In Azure 2-D
After a nice talk with Yannick Van Landeghem, who made me aware of a “possible” security gap when using a Temporary Access Pass (TAP), I decided to...
Read Article →Use a FIDO2 security key as Azure MFA verification method
Check out this article via web browser: Use a FIDO2 security key as Azure MFA verification method This news seems to be kept under the radar a litt...
Read Article →Get alerts on Azure resource assignments made outside PIM
Check out this article via web browser: Get alerts on Azure resource assignments made outside PIM Microsoft released a new public preview where adm...
Read Article →Troubleshooting Intune MDM Device enrollment errors.
Troubleshooting Windows Device Enrollment errors can be a pain! In this post, we will guide you through resolving issues that may arise when enroll...
Read Article →Retirement of superseded Microsoft Entra Connect Connect Sync versions
Last Updated on January 4, 2024 by Michael Morten Sonne Intoduction As part of its ongoing enhancements and… The post Retirement of supersede...
Read Article →Dynamic Administrative Units using on-prem Organizational Units
Check out this article via web browser: Dynamic Administrative Units using on-prem Organizational Units Gone are the days that I could start a work...
Read Article →Get started with Azure AD B2B direct connect
Check out this article via web browser: Get started with Azure AD B2B direct connect We all love seamless collaboration, right? Well, here’s ...
Read Article →KB – Reset cross-tenant access policies back to the system default.
Check out this article via web browser: KB – Reset cross-tenant access policies back to the system default. This is a knowledgebase item. Hop...
Read Article →Azure AD - Integrating Azure AD logs with Azure Monitor
Note This article was last updated on 01/26/2025 for readability and updated URLs
Read Article →Multi-stage approval for privileged roles using Azure AD Identity Governance
Check out this article via web browser: Multi-stage approval for privileged roles using Azure AD Identity Governance Privileged Identity Management...
Read Article →The 41-Year-Old Hardware Hash Who Knocked Up Autopilot and Felt Superbad About It
In this blog, I will be talking about a sudden “HardwareMismatchDetected” I got when I was trying to enroll my Windows 10/11 device with Autopilot ...
Read Article →KB – mobile phone number not in sync Azure AD Connect
Check out this article via web browser: KB – mobile phone number not in sync Azure AD Connect This is a knowledgebase item. Hope it helps you...
Read Article →Download Intune PowerShell scripts with Graph Explorer
Check out this article via web browser: Download Intune PowerShell scripts with Graph Explorer This quick post will show an easy method to fetch yo...
Read Article →10 tips to secure your identities in Microsoft 365
Check out this article via web browser: 10 tips to secure your identities in Microsoft 365 I was recently invited by the Dutch Virtual Desktop User...
Read Article →Get started with multi-stage access reviews in Azure AD
Check out this article via web browser: Get started with multi-stage access reviews in Azure AD Access reviews, part of the Azure AD Identity Gover...
Read Article →Access reviews for Azure AD directory roles
Check out this article via web browser: Access reviews for Azure AD directory roles This blog post is for all those organizations out there with st...
Read Article →Azure AD Connect: Escape to Proxy Addresses
This blog will be about some stuff you need to beware of when you are setting up Azure AD Connect. It’s a topic I haven’t written a lot about but [...
Read Article →Setting up Apple Business Manager for use with Azure Active Directory
Apple Business Manager is a service provided by Apple which helps to deploy Apple devices and apps in your organization. By leveraging Apple Busine...
Read Article →Protect against AzureAD OAuth Consent phishing attempts (Illicit consent attack)
In the last couple of months, there is a large increase visible in consent phishing emails (illicit consent attacks). Microsoft threat analysts are...
Read Article →Microsoft 365 self-service using Power Apps
Check out this article via web browser: Microsoft 365 self-service using Power Apps This article was originally posted on the Microsoft 365 PnP Blo...
Read Article →Act on group membership changes in Azure Active Directory
Check out this article via web browser: Act on group membership changes in Azure Active Directory Did you ever want to act on a change in group mem...
Read Article →Speaking about Conditional Access at the M365 Chicago Virtual Event on January 14th, 2022
On Friday, January 14, 2022 I will be speaking at the M365 Chicago Virtual event. You can attend the event for free, by signing up via the Eventbri...
Read Article →Exploring Microsoft 365’s NOBELIUM Defence Capabilities
I recently read through an excellent article by Mandiant, which recently split with FireEye, on their findings and analysis of the continued action...
Read Article →Onboard FIDO2 keys using Temporary Access Pass in Azure AD
Check out this article via web browser: Onboard FIDO2 keys using Temporary Access Pass in Azure AD One of the requirements to use FIDO2 security ke...
Read Article →Use Registration campaign to promote Microsoft Authenticator App
Check out this article via web browser: Use Registration campaign to promote Microsoft Authenticator App With all the new improvements to the Micro...
Read Article →Conditional Access announcements from Ignite November 2021 reviewed
During the Microsoft Ignite conference in November 2021 Microsoft made several announcements related to Azure AD conditional access. You can read t...
Read Article →Azure AD Conditional Access sign-in troubleshooting tip: Flag sign-in errors for review
If you have Conditional Access configured and active within your Azure AD environment, there might be some scenario’s where users are not abl...
Read Article →Continuous Access Evaluation configuration is now part of Conditional Access
While browsing through the options in my Conditional Access policies I noticed a new session related to Continuous Access Evaluation (CAE). Time fo...
Read Article →Announcing #WPNinjasNL Meetup #1, Thursday November 4th – Microsoft Ignite edition
For next week, Thursday November 4th, we are proud to announce that we are hosting our first on-premised event again. The event will be held in the...
Read Article →Enable Location Information and Code Match for Azure MFA
Check out this article via web browser: Enable Location Information and Code Match for Azure MFA Update 26-11-2021 As this feature is now in public...
Read Article →Create Role Assignable Groups based on existing groups
Check out this article via web browser: Create Role Assignable Groups based on existing groups Today’s post is about Role Assignable Groups. ...
Read Article →10 productivity tips for M365 administrators
Check out this article via web browser: 10 productivity tips for M365 administrators I have worked with Microsoft 365 over the past few years, and ...
Read Article →October 2021 update of the conditional access demystified whitepaper and workflow cheat sheet
I’m proud to announce the October 2021 update of my Conditional Access demystified whitepaper. With this release, we have reached the fourth ...
Read Article →Speaking about Conditional Access at the Centric Craft webinar on Wednesday October 13, 2021
On Wednesday October 13, I will be speaking at the free online webinar hosted by Centric Craft. Craft is a community initiative from the company Ce...
Read Article →Control Azure AD Conditional Access policy behavior during an Azure AD outage
In December last year, Microsoft announced that per April 1, 2021 they updated their service level agreement(SLA) for Azure AD user authentication ...
Read Article →Customize the MFA registration policy in Azure AD Identity Protection
Check out this article via web browser: Customize the MFA registration policy in Azure AD Identity Protection Disclaimer: this is a proof of concep...
Read Article →Using Mozilla Firefox as a browser when using Azure AD Conditional Access on your Modern Workplace
Starting with Firefox version 91, Mozilla is now supporting Single sign-on support (SSO) and device-based Conditional Access as announced by Micros...
Read Article →Role Assignable Groups and Privileged Identity Management.
Check out this article via web browser: Role Assignable Groups and Privileged Identity Management. I have used this feature from the very beginning...
Read Article →Preventing account breaches leveraging SIM swapping techniques by nudging your users to start using the Microsoft authenticator app
The last couple of years, Microsoft has been pushing the usage of Multi Factor Authentication for logins to their Cloud Services. MFA, which requir...
Read Article →OneDrive client sign-in issues due to Conditional Access policies in Azure AD tenant where you are a guest user
Today I experienced an interesting issue, for which I thought it was interesting sharing how I figured out what was going on. The issue/challenge T...
Read Article →How to build a PowerApp – Temporary Access Pass Manager – Part 1
Check out this article via web browser: How to build a PowerApp – Temporary Access Pass Manager – Part 1 Part 1 – Introduction an...
Read Article →How to build a PowerApp – Temporary Access Pass Manager – Part 2
Check out this article via web browser: How to build a PowerApp – Temporary Access Pass Manager – Part 2 Part 2: App registration and G...
Read Article →How to build a PowerApp – Temporary Access Pass Manager – Part 3
Check out this article via web browser: How to build a PowerApp – Temporary Access Pass Manager – Part 3 Part 3: Graph API and Graph Explorer...
Read Article →How to build a PowerApp – Temporary Access Pass Manager – Part 4
Check out this article via web browser: How to build a PowerApp – Temporary Access Pass Manager – Part 4 Part 4: Build a custom connector bas...
Read Article →How to build a PowerApp – Temporary Access Pass Manager – Part 5
Check out this article via web browser: How to build a PowerApp – Temporary Access Pass Manager – Part 5 Part 5: Create an app in PowerApps u...
Read Article →(Bonus) How to build a PowerApp – Temporary Access Pass Manager – Part 6
Check out this article via web browser: (Bonus) How to build a PowerApp – Temporary Access Pass Manager – Part 6 (Bonus) Part 6: Integr...
Read Article →Getting everyone enrolled for Azure MFA and SSPR. How hard can it be?
Check out this article via web browser: Getting everyone enrolled for Azure MFA and SSPR. How hard can it be? I’ve done quite some Azure MFA ...
Read Article →My session about Conditional Access at the Microsoft 365 Security & Compliance User Group on June 30, 2021
On Wednesday June 30, I spoke at the monthly user group meeting of the Microsoft 365 Security & Compliance user group. The Microsoft 365 Securi...
Read Article →A first look at Azure AD Conditional Access authentication context
During Microsoft Ignite in March this year, Microsoft announced several new upcoming functionalities for Azure Active Directory. One of the announc...
Read Article →Change billing model for Azure AD guest users
Check out this article via web browser: Change billing model for Azure AD guest users Back in 2020, Microsoft announced a change in the pricing mod...
Read Article →Speaking about Conditional Access at the Microsoft 365 Security & Compliance User Group on June 30, 2021
On Wednesday June 30, I will be speaking at the monthly user group meeting of the Microsoft 365 Security & Compliance user group. The Microsoft...
Read Article →Our session about Modern Authentication at the May 2021 meetup of the Microsoft Cloud and Client Management Community #MC2MC
Yesterday, on Thursday May 27, Erik Loef and I delivered a session at the May virtual event of the Microsoft Cloud and Client Management Community....
Read Article →A first look at using Filters for devices as conditions in Azure AD Conditional Access policies
Earlier this month I wrote an article about using filtering in assignments for apps, compliance policies and configuration profiles in Microsoft En...
Read Article →Three Considerations for Azure Information Protection Deployments
Azure Information Protection (AIP) – more accurately exposed to Microsoft 365 now as sensitivity labels – is close to the top of my fav...
Read Article →Troubleshooting Hybrid Azure AD Intune Automatic Enrollment
As I have blogged about a lot, there are a bunch of hoops to be jumped through and prerequisites to be met for a successful hybrid Azure AD join an...
Read Article →Using Conditional Access to provide more granularity when registering or joining devices
This month Microsoft released a new “User Action” for Conditional Access in public preview. The new user action called “Register ...
Read Article →Require MFA for Azure AD domain join and Device Registration
Check out this article via web browser: Require MFA for Azure AD domain join and Device Registration Today we take a look at a new feature in Azure...
Read Article →Conditional Access: Skip MFA for Company Devices on the Company Network
A common Conditional Access policy is to add trusted locations as an exception to multi-factor authorisation requirements. The logic goes, if you a...
Read Article →Announcing #WPNinjasNL Tuesdays Webinar #22, Tuesday March 30, featuring Dirk-jan Mollema, security researcher at Fox-IT
For next week, Tuesday, March 30 we are proud to announce that Dirk-jan Mollema, one of the core researchers of Active Directory and Azure AD at Fo...
Read Article →Azure Active Directory Connect – Cloud Sync
Check out this article via web browser: Azure Active Directory Connect – Cloud Sync When organizations want to extend Active Directory to Azu...
Read Article →My presentations at the Workplace Ninja User Group Switzerland 2103 virtual meetup
On Friday, the 19th of March, I spoke at the 2103 virtual meetup of the Workplace Ninja User Group Switzerland. During this event which lasts a who...
Read Article →Have you already started your journey towards Passwordless authentication on your Modern Workplace?
One of the main Identity related topics during Microsoft Ignite March 2021 edition was passwordless. Microsoft announced at the event that password...
Read Article →Review guest access across Microsoft 365 groups (teams)
Check out this article via web browser: Review guest access across Microsoft 365 groups (teams) In a previous blog post I wrote about Azure AD Acce...
Read Article →Azure Active Directory Temporary Access Pass
Check out this article via web browser: Azure Active Directory Temporary Access Pass This blog post is all about the new Temporary Access Pass in A...
Read Article →My presentation about Conditional Access at the Workplace Ninja User Group Netherlands
Yesterday, on Thursday February 16, I presented at the 19th Workplace Ninja User Group Netherlands Tuesdays Webinar. My session, titled “Azur...
Read Article →February 2021 update of the Azure AD Conditional Access demystified whitepaper and workflow cheat sheet.
I’m proud to announce the February 2021 update of my Conditional Access demystified whitepaper. With this release, we have reached the third ...
Read Article →Privileged Identity Management Discovery and insights
Check out this article via web browser: Privileged Identity Management Discovery and insights Privileged Identity Management (PIM) in Azure Active ...
Read Article →My presentation about Conditional Access at the Nordic Virtual Summit 2021
Today, on Thursday February 11, I presented for at the second day of the Nordic Virtual Summit 2021 event. The event was very well organized by sev...
Read Article →First look at Access Reviews for guests in all Teams and Microsoft 365 Groups
In January, Microsoft announced that they released a public preview allowing entitled customers to create Azure AD access reviews for guest users a...
Read Article →Number matching with Microsoft Authenticator App in Azure MFA
Check out this article via web browser: Number matching with Microsoft Authenticator App in Azure MFA Number matching and passwordless phone sign-i...
Read Article →Turn Existing Azure AD Devices into Windows Autopilot Devices
To provision Windows 10 PCs using Autopilot and Intune, they must first be registered as Windows Autopilot devices in the Device Directory Service,...
Read Article →Speaking at the Nordic Virtual Summit 2021 about Conditional Access
On Wednesday 10 and Thursday 11 February, several communities (A joint venture by #SGUCSE #SCUGDK #SCUGFI #MMUGNO and #MSEndpointMgr) in the Nordic...
Read Article →Enabling Self Service Password Reset (SSPR) for your Modern Workplace users
On modern workplaces we use authentication techniques provided by Windows Hello for Business, like biometric and PIN. Due to this, user don’t...
Read Article →Understanding Modern vs. Legacy Authentication in Microsoft 365
Since October 2019, Microsoft has enabled Security Defaults by default in new Microsoft 365 tenants. Security Defaults are a group of best-practice...
Read Article →Announcing #WPNinjasNL Tuesdays Webinar #1, January 19, 2021 featuring Adnan Hendricks
For Today, January 19th we are proud to announce that our own Adnan Hendricks, Microsoft Azure MVP will host a session about: Azure AD Identity Pro...
Read Article →Self Service in Microsoft 365
Check out this article via web browser: Self Service in Microsoft 365 One of the great things about Azure Active Directory is the capability of sel...
Read Article →Store BitLocker Recovery Keys in Azure AD for Devices Already Encrypted
As you move from on-premises or third-party infrastructure to Microsoft 365 and Azure AD, you will want to keep those BitLocker recovery keys safe....
Read Article →Enrich Microsoft 365 profile card with extensions and custom attributes
Check out this article via web browser: Enrich Microsoft 365 profile card with extensions and custom attributes Microsoft 365 is equipped with a ve...
Read Article →Speaking about Conditional Access at the Workplace Ninja Usergroup München on Thursday January 21st 2021
On Thursday, January 21st 2021 I’m honored to announce that I will be speaking at the Workplace Ninja Usergroup München meetup. The Workplace...
Read Article →Azure Active Directory Identity Governance – Azure AD Entitlement Management
Check out this article via web browser: Azure Active Directory Identity Governance – Azure AD Entitlement Management In this series, we take a look...
Read Article →Azure Active Directory Identity Governance – Privileged Identity Management
Check out this article via web browser: Azure Active Directory Identity Governance – Privileged Identity Management In this series, we take a look ...
Read Article →Defining more granularity for your Conditional Access App Enforced Restrictions using Sensitivity Labels
In June this year I wrote an article about: Limit Access to Outlook Web Access, SharePoint Online and OneDrive using Conditional Access App Enforce...
Read Article →Designing and building your Microsoft Endpoint Manager/Intune environment for Operations
In my work as a modern workplace consultant, I see a lot of Microsoft Endpoint Manager/Intune environments. Many of these environments have been bu...
Read Article →Azure Active Directory Identity Governance – Access Reviews
Check out this article via web browser: Azure Active Directory Identity Governance – Access Reviews In this series, we take a look at Azure A...
Read Article →Conditional Access demystified: My recommended default set of policies
In August last year, I published eight articles in a series on Conditional Access, and later once finished I decided to bundle those articles in a ...
Read Article →Understanding and governing reauthentication settings in Azure Active Directory
Governing when users receive authentication prompts when authenticating to Azure Active Directory (Azure AD) is depending on more than one setting,...
Read Article →Announcing #WMUG_NL Tuesdays Webinar 13 on October 27th featuring Erik Loef and Kenneth van Surksum
For Tuesday, October 27th we are proud to announce that Erik Loef, CTO and Microsoft MVP at Proxsys, and Kenneth van Surksum, Modern Workplace cons...
Read Article →License on-demand with Power Automate and Azure AD
Check out this article via web browser: License on-demand with Power Automate and Azure AD Most organizations are using group-based licensing in Az...
Read Article →Azure AD Continuous access evaluation (CAE), a first look
In April 2020 Alex Weinert, Director of Identity Security at Microsoft announced that Microsoft was working on moving towards real time policy and ...
Read Article →Announcing #WMUG_NL Tuesdays Webinar 12 featuring Thijs Lecomte
Due to the COVID-19 crisis, we (the Windows Management User Group Netherlands) were forced to move our activities to virtual events, which we call ...
Read Article →Block outdated operating systems with Cloud App Security
Check out this article via web browser: Block outdated operating systems with Cloud App Security It is not unlikely that some of your users still u...
Read Article →Azure MFA authentication method analysis. Share the results with Power Automate!
Check out this article via web browser: Azure MFA authentication method analysis. Share the results with Power Automate! You might have seen the sa...
Read Article →The Difference Between Cloud App Security Discovery (CAD), Office 365 Cloud App Security (OCAS), and Microsoft Cloud App Security (MCAS)
Microsoft Cloud App Security (MCAS), Redmond’s cloud app security broker (CASB) offering, is a powerful tool for investigating and pro-active...
Read Article →Microsoft Secure Score Series – 15 – Do not expire passwords
Check out this article via web browser: Microsoft Secure Score Series – 15 – Do not expire passwords Research has found that when periodic password...
Read Article →Assigning groups to Azure AD roles and Privileged access groups, a first look!
On August 13th 2020, Alex Simons (Microsoft Identity PM) announced that assigning groups to Azure AD roles in now in public preview. This feature i...
Read Article →Getting Started with Azure AD Identity Governance – Part 3: Privileged Identity Management (PIM)
This blog is the last in a small series on Azure AD Premium P2’s Identity Governance toolkit. Part 1: Entitlement Management Part 2: Access R...
Read Article →Bulk dismiss risky users with Power Automate or Logic Apps
Check out this article via web browser: Bulk dismiss risky users with Power Automate or Logic Apps Update 08-10-2020: Microsoft released an officia...
Read Article →Getting Started with Azure AD Identity Governance – Part 2: Access Reviews
This blog is the second in a small series on Azure AD Premium P2’s Identity Governance toolkit. Part 1: Entitlement Management Part 2: Access...
Read Article →Prepopulate phone methods for MFA and SSPR using Graph API
Check out this article via web browser: Prepopulate phone methods for MFA and SSPR using Graph API Part 1 – Graph API What is the number one ...
Read Article →Prepopulate phone methods using a Custom Connector in Power Automate
Check out this article via web browser: Prepopulate phone methods using a Custom Connector in Power Automate Part 2 – Automation In the previ...
Read Article →Getting Started with Azure AD Identity Governance – Part 1: Entitlement Management
This blog is the first in a small series on Azure AD Premium P2’s Identity Governance toolkit. Part 1: Entitlement Management (this post) Par...
Read Article →Close the gap. Azure AD Identity Protection & Conditional Access.
Check out this article via web browser: Close the gap. Azure AD Identity Protection & Conditional Access. This blog is about Azure AD Identity...
Read Article →Use Power Automate as your Conditional Access Police Department
Check out this article via web browser: Use Power Automate as your Conditional Access Police Department Last week, I was working on a new blog for ...
Read Article →Microsoft Secure Score Series – 14 – Designate more than one global admin
Check out this article via web browser: Microsoft Secure Score Series – 14 – Designate more than one global admin Designate more than one global ad...
Read Article →Use Power Automate or Logic Apps to keep an eye on your licenses
Check out this article via web browser: Use Power Automate or Logic Apps to keep an eye on your licenses I guess we’ve all been there; you ra...
Read Article →Limit Access to Outlook Web Access, SharePoint Online and OneDrive using Conditional Access App Enforced Restrictions
One of the scenario’s we can build with Conditional Access, is the scenario where we restrict access inside the web application itself. By do...
Read Article →A first look at Administrative Units and My Staff in Azure Active Directory
Check out this article via web browser: A first look at Administrative Units and My Staff in Azure Active Directory Recently, Microsoft introduced ...
Read Article →Microsoft Secure Score Series – 12 – Turn on customer lockbox feature
Check out this article via web browser: Microsoft Secure Score Series – 12 – Turn on customer lockbox feature Turning on the customer lockbox featu...
Read Article →Microsoft Secure Score Series – 11 – Turn on user risk policy
Check out this article via web browser: Microsoft Secure Score Series – 11 – Turn on user risk policy With the user risk policy turned on, Azure AD...
Read Article →Sign In to Azure AD Using Google with Azure AD External Identities
External Identities is a new public preview feature of Azure AD which allows external users to authenticate with a non-Microsoft account such as th...
Read Article →Microsoft Secure Score Series – 10 – Discover trends in shadow IT application usage
Check out this article via web browser: Microsoft Secure Score Series – 10 – Discover trends in shadow IT application usage Add a data source in au...
Read Article →Microsoft Secure Score Series – 09 – Do not allow users to grant consent to unmanaged applications
Check out this article via web browser: Microsoft Secure Score Series – 09 – Do not allow users to grant consent to unmanaged applications Tighten ...
Read Article →Hybrid Azure AD Join + Intune Enrollment – Prerequisites Checklist and Process Flow
I’m a simple person, and sometimes it just helps to have a checklist to refer to when you’re troubleshooting rather than navigating the...
Read Article →May 2020 update of the Conditional Access Demystified Whitepaper, Workflow cheat sheet, Implementation workflow and Documentation spreadsheet
In August last year, I published eight articles in a series on Conditional Access, and later when finished I decided to bundle those articles in a ...
Read Article →Some welcome additions to the Admin consent workflow in Azure AD
Update October 7 2020: This functionality is now GA, see Publisher verification and app consent policies are now generally available In February th...
Read Article →Sure, keep me signed in! And don’t prompt for MFA!
Check out this article via web browser: Sure, keep me signed in! And don’t prompt for MFA! Today a short blog about MFA prompts, session life...
Read Article →Register Domain-Joined Computers as Devices – The Redundant and Broken Hybrid Azure AD Join GPO
The group policy object Register domain-joined computers as devices, or Automatically workplace join client computers in older templates, was previ...
Read Article →Going passwordless with the FEITIAN Fingerprint card
Check out this article via web browser: Going passwordless with the FEITIAN Fingerprint card A quick word upfront. I'm not a salesperson. I'm inter...
Read Article →Use Graph API data in Power BI using Logic Apps
Check out this article via web browser: Use Graph API data in Power BI using Logic Apps Some things in the modern connected world seem so common th...
Read Article →What admins should know about the combined registration portal for Azure MFA and Self Service Password Reset
Check out this article via web browser: What admins should know about the combined registration portal for Azure MFA and Self Service Password Rese...
Read Article →Microsoft Secure Score Series – 08 – Use Cloud App Security to detect anomalous behavior
Check out this article via web browser: Microsoft Secure Score Series – 08 – Use Cloud App Security to detect anomalous behavior Cloud App Security...
Read Article →How to keep an eye on your Teams with Log Analytics and Azure Monitor?
Check out this article via web browser: How to keep an eye on your Teams with Log Analytics and Azure Monitor? In my previous blog post, I wrote ab...
Read Article →Microsoft Secure Score Series – 07 – Turn on sign-in risk policy
Check out this article via web browser: Microsoft Secure Score Series – 07 – Turn on sign-in risk policy Turning on the sign-in risk policy ensures...
Read Article →Microsoft Secure Score Series – 06 – Enable policy to block legacy authentication
Check out this article via web browser: Microsoft Secure Score Series – 06 – Enable policy to block legacy authentication Today, most compromising ...
Read Article →Azure AD Identity Protection deep dive
One of the advantages of Microsoft having many customers using its services is that Microsoft can leverage data from those customers and apply some...
Read Article →Use Power Automate for your custom “dynamic” groups
Check out this article via web browser: Use Power Automate for your custom “dynamic” groups Azure AD Dynamic Groups Dynamic groups in A...
Read Article →Microsoft Secure Score Series – 05 – Enable self-service password reset
Check out this article via web browser: Microsoft Secure Score Series – 05 – Enable self-service password reset With self-service password reset in...
Read Article →Microsoft Secure Score Series – 04 – Ensure all users can complete multi-factor authentication for secure access
Check out this article via web browser: Microsoft Secure Score Series – 04 – Ensure all users can complete multi-factor authentication for secure a...
Read Article →Lessons learned while implementing Azure AD Privileged Identity Management (PIM)
Lessons learned while implementing Azure AD Privileged Identity Management (PIM) The post Lessons learned while implementing Azure AD Privileged Id...
Read Article →Microsoft Secure Score Series – 03 – Enable Password Hash Sync if hybrid
Check out this article via web browser: Microsoft Secure Score Series – 03 – Enable Password Hash Sync if hybrid Password hash synchronization is o...
Read Article →How to publish on-premises applications and protect them with MFA
Check out this article via web browser: How to publish on-premises applications and protect them with MFA Using Azure Application Proxy you can pub...
Read Article →Microsoft Secure Score Series – 02 – Require MFA for administrative roles
Check out this article via web browser: Microsoft Secure Score Series – 02 – Require MFA for administrative roles Require MFA for administrative ro...
Read Article →License requirements for administering Microsoft 365 services
Microsoft licensing is tough and vague but something we must deal with while implementing our solutions. I’m also aware that some of the feat...
Read Article →Microsoft is going to disable basic/legacy authentication for Exchange Online. What does that actually mean and does that impact me?
Update: On September 23, 2021, the Exchange Team announced that effective October 1st, 2022 basic authentication, regardless of usage will be perma...
Read Article →Azure AD tenant branding; size does matter!
Check out this article via web browser: Azure AD tenant branding; size does matter! Earlier today, I read this article from Alex Simons about the c...
Read Article →Require trusted location for MFA and SSPR registration
Check out this article via web browser: Require trusted location for MFA and SSPR registration This article shows how you can block MFA and SSPR re...
Read Article →Challenges while managing administrative privileges on your Azure AD joined Windows 10 devices
By default, on Windows 10 devices which are Azure AD joined, the user performing the join is added to the Local Administrator group. Besides the us...
Read Article →Did you already modify your Azure AD consent defaults settings? Here is why you should
As you may know, it’s possible for your users to sign-in to SaaS based applications using their Azure AD account. By doing this, a Single Sig...
Read Article →Microsoft deprecates Conditional Access baseline policies in favour of Security Defaults, here is what you need to know and do
Last week, Microsoft announced that the Azure AD conditional access baseline policies will not make it out of their current preview status. The fun...
Read Article →Prerequisites and Planning for Centrally Deploying Office 365 Outlook Add-Ins
Deploying Outlook add-ins (“apps”) for your O365 tenant is an intuitive experience via AppSource. As a Global Administrator, click GET ...
Read Article →Intune: Choosing whether to assign to User or Device Groups
One of the disadvantages of being an experienced consultant in IT is the fact that once in a while you need to re-learn. With re-learn I mean that ...
Read Article →Report-only mode, and some more handy reporting functionality for Conditional Access and Azure AD
During its annual Microsoft Ignite 2019 conference this week, Microsoft announced a new feature for Conditional Access called Report-Only mode in p...
Read Article →Extending Conditional Access to Microsoft Cloud App Security using Conditional Access App Control
In my blog article series on Conditional Access Demystied I mentioned that Conditional Access can be used to route sessions toward Microsoft Cloud ...
Read Article →Ask yourself if you still really need ADFS
In Q1 2017 Microsoft released the Pass Through Authentication (PTA) functionality as part of Azure AD connect. With the release of Azure Active Dir...
Read Article →Conditional Access demystified, part 8: Resources and further references
Now available: May 2020 update of the Conditional Access Demystified Whitepaper, Workflow cheat sheet, Implementation workflow and Documentation sp...
Read Article →Conditional Access demystified, part 6: Troubleshooting Conditional Access
Now available: May 2020 update of the Conditional Access Demystified Whitepaper, Workflow cheat sheet, Implementation workflow and Documentation sp...
Read Article →Conditional Access demystified, part 7: Modifying Conditional Access to suit your special needs
Now available: May 2020 update of the Conditional Access Demystified Whitepaper, Workflow cheat sheet, Implementation workflow and Documentation sp...
Read Article →Conditional Access demystified, part 4: Designing a Conditional Access strategy
Now available: May 2020 update of the Conditional Access Demystified Whitepaper, Workflow cheat sheet, Implementation workflow and Documentation sp...
Read Article →Conditional Access demystified, part 5: Implementing Conditional Access
Now available: May 2020 update of the Conditional Access Demystified Whitepaper, Workflow cheat sheet, Implementation workflow and Documentation sp...
Read Article →Conditional Access demystified, part 2: What is Conditional Access?
Now available: May 2020 update of the Conditional Access Demystified Whitepaper, Workflow cheat sheet, Implementation workflow and Documentation sp...
Read Article →Conditional Access demystified, part 3: How does Conditional Access work?
Now available: May 2020 update of the Conditional Access Demystified Whitepaper, Workflow cheat sheet, Implementation workflow and Documentation sp...
Read Article →Conditional Access demystified, part 1: Introduction
Now available: May 2020 update of the Conditional Access Demystified Whitepaper, Workflow cheat sheet, Implementation workflow and Documentation sp...
Read Article →