Recent Discussions
Microsoft Entra Connect connecting always to old DC
We are planning on demoting old DC server. When doing checkups I noticed that Entra Connect keeps connecting to this specific DC we'ew planning to demote everytime it connect to Active Directory. So now I'm wondering does this need any additional configuration to keep sync working after DC Demote. I found out that there is option to "Only use preferred domain controllers" but I'm not sure if that's what I want do do. There were the red line is is the old DC to be demoted. "Only use preferred domain controllers" setting. If I enable this setting I got this kind of notice. I don't feel like this is the right way to do it so I canceled at this point.
Invite external user - error 'Primary SMTP address is an invalid value'
I'm using Entra Id to invite external users to my domain. Their email is of form: mailto:email address removed for privacy reasons Sending the invite generates the error: There is no error if I send an invitation to the same domain without the '+' sign, so I assume this is causing an issue with Entra Id. Is there a workaround for this?Restrict access to Microsoft Entra admin center
Hi, I know that setting this to Yes isn't considered a Security measure by Microsoft, but I really think that they need to rethink this and give a better warning Entra>Users>User Settings>Restrict access to Microsoft Entra admin center If this is left to, No, which is the default, then any user (Admin or Standard User) is able to access Entra, and for certain things this may be required, but it leaves a huge door open as well for the egress of data. For example, a Standard user can access Entra, select Users and or Devices from the left hand side and export a .csv file with all devices listed and or all Users in the estate listed with a lot of other information in this as well that is included in the exported file. Is there another way to allow users access to the portal to manage Groups or Apps that they are an Owner on (which is one of the reasons that I see for allowing any user to access the portal) but also to dramatically reduce the risk to the business for users also being able to see a lot of other information in Entra that we would not wish users to be able to see or indeed interact with, such as downloading a file of all Devices and Users in the estate.
Prefill Username for Authentication
Good morning, We have a landing page for two different tenants with different domains. For example, xyz.com and other.xyz.com. I want to create logic for a landing page where the user enters their name as mailto:email address removed for privacy reasons and is routed to the authentication for the appropriate tenant. That part is fairly trivial. The user is then presented with a dialog asking for their username and password by the EntraID IDP. Is there a way to prefill the username to eliminate the need to enter the password twice? Best regards, Scott
Recent Blogs
- Get ready for Microsoft Ignite by reading Alex's reflections on how to ride the wave of AI agent innovation instead of splashing around in the foam.Nov 10, 2025
- 3 MIN READSimplify hybrid complexity and strengthen your security posture by managing users and groups natively in the cloud.Nov 04, 2025
