Home

Azure Active Directory

345 Conversations

Latest Activity

Custom List Message Item

We're excited to announce that the general availability rollout of the new Azure AD sign-in and “Keep me signed in” experiences has started! These experiences should reach all users globally by the end of the week. Users who go to our sign-in page will st

... Read More
2,128 Views
75 Replies

I have Office 365 MFA enabled. When the "Keep me signed in" experience rolled out in December I saw it. I clicked on Keep me signed in did not require authentication when

... Read More

We utilise WebDAV to map SharePoint Online drives for all of our 365 clients, and the new sign in has a  critical flaw. After the initial sign in using IE the option to s

... Read More
Hi, MS admin for years, new here. Just saw this, perhaps it can help us. Our call to Microsoft (before this change) had no immediate fix. Our 8k+ users to o365/SPO need a... Read More

Current set up

 

We have SharePoint Online site with auto acceleration enabled. Our Azure AD is federated with on-premise ADFS. We have seamless SSO working in IE where u

... Read More
Does anyone has issues with "Stay Signed-in" prompt that shows after successful authentication with ADFS? Our tenant is not presenting the prompt (as described here https://cloudblogs.microsoft.com/enterprisemobility/2017/09/19/fewer-login-prompts-the-new-keep-me-signed-in-experience-for-azure-ad-is-in-preview/... Read More

I’m happy to announce that we’ve made it faster and easier for your users to sign into all their Azure AD-connected applications. The My Apps portal is a convenient one-stop place for users to discover and launch their Azure AD-connected applications. Now

... Read More
114 Views
2 Replies
Great one!!

Great extension ! Thanks for sharing !

Hi there

 

Bit of a newbie question but what is the difference between using Azure AD and ADFS as a SAML identity provider?

 

We have on-premises AD and ADFS servers and a federation with Azure AD using AD Connect.

 

We want to integrate with a SaaS app that is

... Read More
13.6K Views
8 Replies

Hello Neil,

 

All of this feedback is fantastic. I would also like to add a few more things to think about. AD FS will authenticate your cloud or synchronized identities

... Read More

When deciding between the 2 technologies - If you will be using Conditional Access in Azure, and have applications that do not use modern authentication (Office 2010), yo

... Read More

Hi Neil,

 

In my opinion this is not a newby question. Its a question allot of IT admins are struggling with. 

 

Offcourse ADFS is a STS and AzureAD a IAM but this doesn't an

... Read More

Hi Neil,

 

According to me it depends:

 

1. Where is your identity currently (On prem or Cloud)

2. Is there any special requirement of application which queries other than jus

... Read More

 

One big difference I've seen, in terms of sso and saml is that ADFS has greater support for "claims language" than AAD.  AAD offers limited capabilities or whatever is p

... Read More

While investigating a 2008R2 server with low space on the system volume, I discovered over 65,000 .gz files in the directory c:\windows\temp\.  Most of the files were under 500B, with some as large as 4KB, and all were named similar to:

20170728T235422Z-2

... Read More
154 Views
2 Replies

Thanks Steve for reporting this. Since this post, a few customers have reported the behavior and the proper development teams have been informed. Manually deleting the fi

... Read More

Bumping as we see this same issue. First box I checked had 160k files in that folder from this service (which is otherwise great!)

Is it possible to use the Google Authenticator iOS app with Office 365 MFA instead of the Microsoft Authenticator app?

 

I tried adding to Google Authenticator with both QR code and manually but got failures each time.

1,887 Views
4 Replies

No, as it only supports Google's MFA, afaik.

I have an Azure Website built on Angular5 protected by Azure AD for authentication. The API layer is developed as Azure function app, also authenticated by Azure AD. Now , I want this website to be available to all users in my organisation and not allow a

... Read More
16 Views
0 Reply

Does anyone know how I could do a demo with Workday, Azure AD , AAD connect and AD to convince a client that this would help them with the lifecycle management of the accounts for new hires?

76 Views
1 Reply

+1 I am also interested to setup a demo Workday to AD provisioning lab using the Azure AD inbound provisioning Tutorial for Workday. Now I only need a demo tenant from Wo

... Read More

I am trying to get the Workday Writeback integration to work. It's part of the Workday Azure AD, on-premises directory tutorial found here: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-saas-workday-inbound-tutorial#configuring-user-provisioning-from-workday-to-active-directory

... Read More
54 Views
1 Reply
Hi Andreas, did you manage to get this working?

Hey,

 

is it posible to use by Connect-AzureAD the credentials from the Login user? 

Without open the window to fill in username and Password.

 

Regards

Stefan

35 Views
1 Reply

Not possible afaik. You should be able to skip some steps in federated scenarios or when using PTA. Or you can simply use the -Credentials parameter and pass the username

... Read More

Hallo,

 

when I use this powershell code

$User = Get-AzureADUser -Filter "userPrincipalName eq 'Mail'"

$User.country

 

I get as Output "GERMAY". How I have to change the code to get "DE" (2 letter ISO code) as output.

 

Thanks

Stefan

Read More
29 Views
1 Reply

The abbreviated ones represent the "c" attribute, but if I remember correctly that one is never surfaced in AAD/Graph. Instead, you can simply make your own mapping in ac

... Read More

This looks awesome - simplify licence management for Office 365, EMS, Dynamics 365 and more with the new group-based licensing preview in Azure AD:

 

Microsoft cloud services such as Office 365, Enterprise Mobility + Security, Dynamics CRM, and other simila

... Read More
3,262 Views
32 Replies

Hello, 

as I understand it is still in public preview. So my question, do you have a timeline when group-based license management will be GA? And how quick will it be avai

... Read More
Spoiler
 

Is it also possible to get an export from for example all the users with the E3 license?

Read More
So I have set up a few AD groups that we will use to apply the licenses.

I have also set up a powershell script set up that will clear membership of those groups and refre... Read More

Greetings all,

My question is specifically in regards to end user licensing in the Education Sector, which is needed to use Azure AD Group Based Licensing.

 

Going by Source

... Read More

So this is super exciting, tested it out, works amazingly.

Two questions:

(1) Even though it is considered "public preview", any reason that we should not consider taking a

... Read More

We've setup Azure Seamless SSO with password sync. We've created a few test computers, and user accounts. Outlook, Skype for Business (prompts for username but not password) IE, Edge work well, Chrome does not. Chrome always prompts for username and passw

... Read More
175 Views
1 Reply

Had the same & noticed that my Computer GPO had a setting for AuthNegotiateDelegateWhitelist and/or the AuthServerWhitelist (for an internal server)

It seems that this wa

... Read More

Hi - anyway to prevent an Azure AD cloud only user from changing their password - like you could do on-prem?

 

thanks

29 Views
1 Reply

Not that's not possible, might not help but you could change the expiry threshold to its maximum value 730 days:

 

Set the password expiration policy for your organization

... Read More

Hello,

I have a strange issue with the Outlook 2016 profile on my Windows 10.

After setting up directory synchronization, configure Azure AD Connect (12/12/2017 version - 1.1.654.0) and synchronize my account, Outlook 2016 prompts me "Your mailbox has bee

... Read More
144 Views
2 Replies

And Outlook connects to Office  365 mailbox instead of on-premise.

We have created 4 directories within our Azure AD environment.

I can see all 4 directories in the old Windows Azure portal. But I'm not able to see them when I press "Switch Directory" in the new Portal.

 

Check attached screenshot. In both portals I have

... Read More
91 Views
3 Replies

From this day on, you can't use the old portal anymore to manage your AAD.

So I just tried some in-private windows again. Without any luck.

 

Then I pressed the "Restore

... Read More
Best Response confirmed by Vasil Michev (MVP)

Hm, I have no problem here, try a Private session just in case. If it still doesn't work, open a support case.

Hi,

 

Is there a way to get the list of users already subscribed for the SSPR or the ones  that are still not joined to the service?

 

Regards.

160 Views
6 Replies

There are many reports available for that type of info, see https://docs.microsoft.com/en-us/azure/active-directory/active-directory-passwords-reporting.

The SSPR Funnel i

... Read More

Hi All,

We have Azure AD joined machines, coniditional access and with Windows hello enabled, all our applications work with AAD Proxy single signon.

 

Currently outlook (office365) is our biggest problems, when you launch outlook for the first time (and als

... Read More
395 Views
6 Replies

We are experiencing the same problem in one of our tenants. We have a similar setup as described in a couple of the posts here.

 

We are currently working with Microsoft

... Read More

Hi Tom,

 

Do you have Modern Authentication enabled in Exchange Online for your tenant? Also, are you running the Click 2 Run version of Office?

I've read up on how to enable this synchronization. But I haven't seen what attribute is recommended in the onprem AD to sync with PreferredDataLocation in Azure AD.

 

Anyone that has done this have a recommendataion?

 

thanks

Read More
426 Views
5 Replies

Chosing the attribute is up to you, as there is no "matching" on-premises attribute. The example in the article uses the "c" attribute, which is the the country/region re

... Read More

Can someone help me with this scenario;

We are planning to move from on premise AD to Azure AD.

All colleagues have an Office 365 E3 account and will have added their Office 365 account to their device for Single Sign On and device registration.

What are

... Read More
96 Views
2 Replies

Richard,

Firstly Azure AD is not the same as your on-premise AD. Microsoft offers Azure AD Domain Services to manage Azure AD and allows you to be able to join Azure VMs

... Read More
From looking at your post I would setup an Intune environment with the settings and policies you want for your Windows 10 devices. Setup conditional access so you can re... Read More

Hi folks,

 

Have a quick question regarding a first time sync of Azure AD Connect.

We're preparing a move to Exchange online, and part of that will be the synchronization of our on-premise AD accounts to Azure AD & 365.

 

Currently a number of staff in the

... Read More
101 Views
6 Replies

I think it will work (no sync errors) as long as local UPN matches primary email address in Exchange Online. 

But: 
You have to be aware that your local AD will now be the

... Read More

I have created a live demo on Azure MFA at You Tube, you may please watch it at,

https://www.youtube.com/watch?v=dA8N0gh-GCk&t=27s

 

It is a 40 minute video, demoing Azure MFA solution, it covers,

  • Multi-Factor Authentication  for Exchange Online
  • Azure B2
... Read More
52 Views
0 Reply

I have created a live demo at You Tube on Azure AD Domain Services, you may please watch it at,

https://www.youtube.com/watch?v=jpT1MxEkEzI&t=189s

 

This is a 43 minute Video demoing and Explaining Azure AD Domain Services. I have seen some confusion arou

... Read More
58 Views
0 Reply

Hello Team,

We would like to integrate 3 rd party applications with Azure AD and provide SSO for the Azure AD user. The application is not exist in Microsoft Azure AD gallery nor i am developing & also it is not an on premise application. It is an applica

... Read More
67 Views
1 Reply
Hi!

Do you know if the application supports claims based authentication at all?

If it does, you could federate with Azure AD instead of integrate.

Main difference is that th... Read More

Hi,

 

We have recently enforced Exchange Online (EXO) conditional Access to Outlook 2016 clients on Windows Machines ( that use Modern Authentication) to allow access  only to Azure AD Joined devices.

 

After this change, a few users have reported issues in c

... Read More
950 Views
6 Replies

Same issue here since a few weeks, double checked our ADFS and actually the Device Registration works. The problems seems to be caused by the User State:

+---------------

... Read More

You probably have stored credentials under Cred manager that Outlook reuses. Try removing them, see what happens.

After extensive reading I became just a bit more confused and can't answer the question...

 

Live environment has Windows Server AD on-premises with Azure AD Connect and all mailboxes in the Office 365. What we are trying to achive is completely get rid of

... Read More
4,580 Views
7 Replies

Azure AD is not a replacement for "traditional" AD, and neither is Azure AD DS. It's way too limiting IMO, but I'm definitely not an expert on the subject, so dont take m

... Read More