Forum Widgets
Latest Discussions
Last chance: Give feedback on our blog
Hi folks, I need 17 more people who read the Microsoft Entra blog to take the reader survey! Can you help? It takes 10-15 minutes, is anonymous, and will impact the future of our communications to you. Thank you very much for your time and continued collaboration with us. Take the Microsoft Entra blog survey: https://forms.office.com/r/Qd6jWTjjWT Nichole Peterson Microsoft Entra Tell us what you think: The Microsoft Entra blog team wants to hear from you! | Microsoft Community HubSign-in Frequency Policy for Office / FLW's
Hi All I hope you are well. Anyway, I'm a bit confused with the Conditional Access Sign-in Frequency Session Control and MFA. Info here: https://learn.microsoft.com/en-us/entra/identity/authentication/concepts-azure-multi-factor-authentication-prompts-session-lifetime#recommended-settings So, what would be a good recommendation for: Office staff (M365 E3 license) Front Line Worker's (F3 license) And am I correct in saying that this includes MFA and that the default MFA period is 90 days Any help or advice on a good workable setting would be greatly appreciated. Stuart
How to exclude security group members using dynamic query
Hi, I'm trying to build a dynamic query for a security group and want to exclude members of a certain group in this. Example- Let's say there's a security group A and I'm building a new security group B and I want to exclude members of group A to be added to this group B. I'm struggling to find the right query for this. Any ideas?
Reset guest redemption status not possible after creating Multitenant Organization (MTO)
Hi all, we're on the path to creating a Multitenant Organization (MTO) for our global organization. We already have a relationship with one partner tenant which has B2B Collaboration and B2B Direct Connect set-up and is working well. We took the step of creating a Multitenant Organization in our 365 admin center and started testing with a sandbox tenant, which has since been removed. The issue we are having now, is that guest users which are not part of B2B Collaboration or an MTO cannot have their redemption status reset. I first found this wasn't possible from the error in a Power Automate workflow using Microsoft Graph, then confirmed I got the same error in Entra ID. The documentation for MTO was updated a few days ago and includes this, saying that as part of a multitenant organization, reset redemption for an already redeemed B2B user is currently disabled. But should this be the case for guest users not part of B2B Collaboration or Multitenant? Is this an error or expected behaviour, I wonder? Thanks!
Disable sign up option in user flow
Lance Tallman from this post https://learn.microsoft.com/en-us/answers/questions/1611622/external-identity-user-flows-disabling-sign-up-in references the following link: https://learn.microsoft.com/en-us/entra/external-id/customers/how-to-user-flow-sign-up-sign-in-customers#disable-sign-up-in-a-sign-up-and-sign-in-user-flow but that section of the KB has been removed from the published article You can find what he is referencing here in the waybackmachine https://web.archive.org/web/20240710182533/https://learn.microsoft.com/en-us/entra/external-id/customers/how-to-user-flow-sign-up-sign-in-customers Anupam Bishui also references the documentation https://learn.microsoft.com/en-us/answers/questions/2104224/error-disabling-sign-up-option-in-entra-external-i So I contacted support and Taveesack Reed, Support Engineer, went through the documentation and tested to see if this redacted documentation still works. Taveeksack confirmed that it does still work. Also, I will quote Taveesack verbatim: ----------------------------------- Regarding the public documentation for this feature, the escalation team has clarified that there are currently no plans to deprecate the existing workaround or setting. Furthermore, a hotfix was issued recently in December of last year to address a bug wherein disabling the Sign-Up flow would inadvertently present additional sign-in options, which is not the intended behavior, as noted in this accompanying documentation, the relevant information is towards the bottom. Entra External ID: Additional Sign-In options after disabling sign-up link - Microsoft Q&A Additionally, we were unable to obtain any additional information about why the "disable sign up flow" document is not accessible online. ----------------------------------- Please restore this documentation.Give feedback about the Microsoft Entra blog
Do you ever read the Microsoft Entra blog on Tech Community? I'd love to hear from you! Just ten minutes of your candid, anonymous feedback will help drive more relevant Microsoft Entra blog articles and help us meet your needs for information. Would you be so kind as to take my survey? https://aka.ms/entrablogsurvey As you can see in this screenshot, it's just six easy questions! Hope you'll consider taking the survey. Click here: https://aka.ms/entrablogsurvey Thank you, Nichole Microsoft Entra product marketing manager
Entra ID Connect Sync - Issue Updating the SQL 2019 Local DB
Hello, Does anyone know how to patch/update the SQL Server 2019 LocalDB utilised by Microsoft AD Connect / Entra Connect? We have identified vulnerabilities on the version of SQL 2019 LocalDB used by Microsoft Entra Connect. The trace file in C:\ProgramData\AADConnect shows the following version: Package=Microsoft SQL Server 2019 LocalDB , version=15.0.4138.2 (CU11) We are attempting to update this local database to version 15.0.4415.2 (CU30), using the following package: https://www.microsoft.com/en-us/download/details.aspx?id=100809 However, when we run the package it cannot identify the SQL Server 2019 LocalDB server instance. There is a message stating: "The version of SQL Server instance Shared Component does not match the version expected by the SQL Server update. The installed SQL Server product version is 11.4.7001.0, and the expected SQL Server version is 15.0.2000.5" The version it references is SQL Server 2012, however the logs show the database as SQL 2019 and the database instance name within the Entra Connect / AD Connect agent includes 2019. I have attempted leaving the service running, manually starting the database instance, running as admin, and running the package via command prompt targeting the instance. Any insight would be greatly appreciated. Many thanks.
