Home Office 365

Identity & Authentication

72 Conversations

Latest Activity

Custom List Message Item

Is anyone able to descibe the process that occurs during password changes on-premises and how they are synced to Office 365?

In particular a customer is looking to force a lot of their users to reset their AD accounts by ticking the "User must change passw

... Read More
31 Views
3 Replies

Afaik it ignores expired passwords, but using this tick is different. If this option (flag) is configured, the password is not synced as per: https://github.com/Microsoft/azure-docs/blob/master/articles/active-directory/connect/active-directory-aadconnectsync-troubleshoot-password-synchronization.md

Read More

I am running into issues with autheticating to O365 on Powershell and in this case my account has been enabled with MFA.
I already installed the preview from https://blogs.technet.microsoft.com/enterprisemobility/2015/10/20/azure-ad-powershell-public-preview-of-support-for-azure-mfa-new-device-management-commands/

... Read More
4,061 Views
15 Replies

Anyone have a clue as to how to use MFA login in an unattended powershell script?

 

I have MFA working fine with powershell interactively - The login and MFA dialogs come u

... Read More

Seems that Exchange Online ist MFA enabled now.

Have a look at this article:

"Connect to Exchange Online PowerShell using multi-factor authentication"

https://technet.microsoft.com/en-us/library/mt775114(v=exchg.160).aspx

Read More

We've been able to get our Office 365 Admin accounts with MFA enabled working with Powershell for Exchange Online, Skype for Business etc.....with some caveats:

  • This requi
... Read More

The PnP powershell cmdlets can be use with MFA to peform many actions in SPO, see https://github.com/OfficeDev/PnP-PowerShell and use the https://github.com/OfficeDev/PnP-PowerShell/blob/master/Documentation/ConnectSPOnline.md

... Read More

What we ended up doing, was configuring Conditional Access MFA on the O365 Exchange Endpoint to while not at work for our admin group.  This seems to have helped us from

... Read More

We have recently started looking at the security state of our O365 tenant with the Secure Score tool (https://securescore.office.com).  One of the suggestions to raise the score is to enable MFA for all Global Admin accounts.  However, the Azure AD sycn t

... Read More
51 Views
3 Replies
The AAD Connect Global Admins account is only required when you run the wizard. AAD Connect creates itself a service account that does not have Global Admins rights, rath... Read More
The Global Admin rights are only required to create the service account, they shouldn't be required after that.

Hi,

   When allowing connectivity into Office 365, is there a way to restrict access to a single a tenant? For the purposes of DLP I need to prevent internal machines logging onto any another email service including other 365 tenants, how could this be ach

... Read More
227 Views
9 Replies

There's no way to do this in O365, even if you have AD FS in place. You can probably use a similar solution to what's described in the article, with inspecting all traffi

... Read More

That`s something I have to deal with, too.

 

For me it is allowing access only to company devices. Intune doesn`t offer that.

 

Ben, for other Office 365 tenants you simple g

... Read More

I'm a network admin at a large non-profit. We are in the evaluation stage of rolling out Office 365 MDM. 

 

Fingerprint authentication on iOS devices is compatible with MDM. But I'm aware that at least Office 365 MDM breaks Android fingerprint authenticatio

... Read More
34 Views
0 Reply

Fixed issues:

Azure AD Connect sync 

    • Fixed an issue which causes Azure AD Connect wizard to fail if the display name of the Azure AD Connector does not contain the initial onmicrosoft.com domain assigned to the Azure AD tenant.
    • Fixed an issue which causes A
... Read More
92 Views
1 Reply

Thanks for the update @Vasil Michev. It is time for us to upgrade to the latest :)

Read More

Hi.

I am testing MFA on some admin users. I have given the MFA admins a EMS licens so whitelisting of IPs is supported.

 

So I have whitelisted our office IP, and when my admin go to https://outlook.office365.com, MFA is not active. Doing so outside the offi

... Read More
2,254 Views
19 Replies

Hi Jesper,

 

Not sure if this is still an issue for you, but we've been able to get this working for our Admins (note that for this to work the admin account needs to be cl

... Read More

I am glad you re-opened this discussion. MS security scores https://securescore.office.com/ recommendation is MFA and we cannot use for admins due to the Powershell issue

... Read More

I am glad you re-opened this discussion. MS security scores https://securescore.office.com/ recommendation is MFA and we cannot use for admins due to the Powershell issue

... Read More
Found a thread that indicates that it is not possible to administrate EXO with Powershell when admin is MFA enabled: https://techcommunity.microsoft.com/t5/Identity-Authentication/Authenticating-to-O365-using-Powershell-and-MFA/m-p/3954#M14 Read More
I am also interested in this response.

Currently Jesper my understanding is that Powershell administration with MFA turned on is not supported. Or at least wasn't supporte... Read More

Unable to connect Skype for business online PowerShell after enable multi factor authentication.

I am able to conenct Exchange Online through connect-EXOPSSession and connect-msolservice.

 

Anyone can help me

 

 

Read More
110 Views
4 Replies

Here's a very detailed post on disabling weak protocols and such for all the local components related to Office 365. I've seen some people already complain about issues after trying to do this, but forgot or didnt know to also configure the .NET part, so

... Read More
29 Views
0 Reply

I'm unable to login to Skype for Business on users with MFA turned on.  Is this a confirmed issue or am I missing a setting?

103 Views
6 Replies

Your tenant may need to be enabled for MFA with Skype for Business, it's not enabled by default.  When we did our MFA testing, we ran into problems with the mobile experi

... Read More

Hi folks, I'm running a quick 2-question poll on MFA usage for Office 365. If you can spare a minute to contribute your answers that would be very much appreciated.

 

https://www.surveymonkey.com/r/DPQDKHB

 

If I get a good response I'll share the results in

... Read More
40 Views
0 Reply

Hey all, I was wondering if someone could give me some advice: First, I'm still relatively new to ADFS. Outside of federating with Office 365 and establishing a handful of trusts with a few of our vendors, I still consider myself a beginner with ADFS.  In

... Read More
63 Views
0 Reply

Hi,

 

Does anyone know if there is an Admin audit log for AADConnect?

i'm looking for something that logs when an admin has, for example, made a change to the sync, such as adding or removing an OU from the sync scope, manually triggering an initial or delta

... Read More
69 Views
1 Reply

having done some testing, and some further googling the view i have come to is:

 

  • There are no separate AADConnect log files outside of event viewer
  • AADConnect only logs the
... Read More

Can you use the 'free' Office 365 MFA with ADFS - or do you have to use Azure MFA?

80 Views
5 Replies

You can. If you want the on-prem version though, you need to create a MFA provider in Azure.

Hi,

 

I have an interesting scenario and i'm not entirely sure on whether this will actually work or not, my current theory is not.

Also, apologies if this isnt the correct community for WAP discussion, couldnt see anywhere else appropriate

 

WAP and ADFS in D

... Read More
30 Views
0 Reply