Azure AD: Change Management Simplified

Published Mar 01 2022 03:34 PM 27.5K Views
Microsoft

Hello Everyone, 

 

Rapid change is a growing reality in cloud services. In Azure AD alone, we are making hundreds of changes every year including new feature releases, changes to existing features, as well as deprecations and retirements. We’ve heard from our customers that managing these changes is becoming increasingly difficult so, starting today, we are simplifying change management for Azure AD.  

 

While we will continue to bring new capabilities to you throughout the year, feature deprecations and product retirement communications will be announced as part of bi-annual communication trains that will occur every March and September, with consistent end-of-support timelines (with some exceptions). With this new model, you’ll have predictable product and feature changes, making it easier to accelerate the adoption of newer and more secure technologies.  

 

Here’s the list of deprecation announcements that are part of the March 2022 train: 

 

  • We will not retire the Azure AD Graph API on June 30, 2022. Listening closely to your feedback about the challenges of migrating such a critical dependency, we’re delaying the retirement date through at least the end of this year. We’ll provide a retirement update mid-calendar year with information on additional tools to assist with your migration. For more information, see Migrate Azure AD Graph apps to Microsoft Graph - Microsoft Graph | Microsoft Docs. 
  • We will continue to retire the Azure AD Graph and MSOnline PowerShell licensing assignment APIs and PowerShell cmdlets on August 26, 2022. Please migrate your apps to access the license managements APIs from Microsoft Graph. For more information, visit Migrate your apps to access the license managements APIs from Microsoft Graph - Microsoft Tech Commu... 
  • We stated before that if you’re using the Azure AD PowerShell or MSOnline PowerShell modules to manage Azure AD, we encourage you to try the Microsoft Graph PowerShell SDK. The Microsoft Graph PowerShell SDK continues to be where all our current and future PowerShell investments are being made. In light of the announcement to not turn off the Azure AD Graph API on June 30th, our goal is to also provide guidance and tools for migrating existing scripts and PowerShell processes, reliant on the Azure AD Graph API and MSOnline module, to the Microsoft Graph PowerShell SDK. This is due to the planned deprecation of the two PowerShell modules (MSOL & AAD) after December 2022. Check out more information here and here. 
  • ADAL end of life is extended from June 30th to December 2022.  While ADAL apps may continue to work, no support or security fixes will be provided past end of life.  In addition, there are no planned ADAL releases planned prior to end of life for features or support for new platform versions. For more information, see Update your applications to use Microsoft Authentication Library and Microsoft Graph API - Microsoft... 
  • We have begun the legacy TLS 1.0 and 1.1 protocol deprecations for the pPublic cloud and will continue with a gradual roll out of the deprecation over the course of this year. For more information seEnable TLS 1.2 support as Azure AD TLS 1.0/1.1 is deprecated - Active Directory | Microsoft Docs 
  • We will begin retiring past versions of Azure AD Connect Sync 12 months from the date they are superseded by a newer version. To upgrade your Azure AD Connect Sync server, follow these steps: Azure AD Connect: Upgrade from an earlier version  
  • We will enable combined MFA and SSPR security information registration for all non-enabled tenants created before Aug 2020. More information on this experience can be found here: Combined registration for SSPR and Azure AD Multi-Factor Authentication - Azure Active Directory | M...
  • The Azure Key Vault Team is working on enforcing soft delete protection on all key vaults to ensure that customer secrets, keys, and certificates are protected from accidental deletion. Soft Delete is a feature that allows deleted key vaults and secrets stored inside key vault to remain recoverable for a period of up to 90 days and allows customers to restore deleted secrets in a self-serve process. All existing key vault resources will have soft delete automatically enabled by February 1, 2025. Enabling soft delete is a one-way operation. Once enabled, the feature cannot be disabled. Learn more here: Soft-delete will be enabled on all key vaults 

 

2022 Change Communication Timeline:

ChangeCommsTimeline.png

 

----------------------------------------------------------------------------------------------------------

 

Learn more about Microsoft identity: 

15 Comments
%3CLINGO-SUB%20id%3D%22lingo-sub-2967456%22%20slang%3D%22en-US%22%3EAzure%20AD%3A%20Change%20Management%20Simplified%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2967456%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%20data-contrast%3D%22auto%22%3EHello%20Everyone%2C%3C%2FSPAN%3E%3CSPAN%20data-ccp-props%3D%22%7B%26quot%3B201341983%26quot%3B%3A0%2C%26quot%3B335559739%26quot%3B%3A160%2C%26quot%3B335559740%26quot%3B%3A257%7D%22%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%20data-contrast%3D%22auto%22%3ERapid%20change%20is%20a%20growing%20reality%20in%20cloud%20services.%20In%20Azure%20AD%20alone%2C%20we%20are%20making%20hundreds%20of%20changes%20every%20year%20including%20new%20feature%20releases%2C%20changes%20to%20existing%20features%2C%20as%20well%20as%20deprecations%20and%20retirements.%20We%E2%80%99ve%20heard%20from%20our%20customers%20that%20managing%20these%20changes%20is%20becoming%20increasingly%20difficult%20so%2C%20starting%20today%2C%20we%20are%20simplifying%20change%20management%20for%20Azure%20AD.%20%3C%2FSPAN%3E%3CSPAN%20data-ccp-props%3D%22%7B%26quot%3B201341983%26quot%3B%3A0%2C%26quot%3B335559739%26quot%3B%3A160%2C%26quot%3B335559740%26quot%3B%3A257%7D%22%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%20data-contrast%3D%22auto%22%3EWhile%20we%20will%20continue%20to%20bring%20new%20capabilities%20to%20you%20throughout%20the%20year%2C%20feature%20deprecations%20and%20product%20retirement%20communications%20will%20be%20announced%20as%20part%20of%20bi-annual%20communication%20trains%20that%20will%20occur%20every%20March%20and%20September%2C%20with%20consistent%20end%3C%2FSPAN%3E%3CSPAN%3E-%3C%2FSPAN%3E%3CSPAN%20data-contrast%3D%22auto%22%3Eof%3C%2FSPAN%3E%3CSPAN%3E-%3C%2FSPAN%3E%3CSPAN%20data-contrast%3D%22auto%22%3Esupport%20timelines%20(with%20some%20exceptions).%20With%20this%20new%20model%2C%20you%E2%80%99ll%20have%20predictable%20product%20and%20feature%20changes%2C%20making%20it%20easier%3C%2FSPAN%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CSPAN%20data-contrast%3D%22auto%22%3Eto%20accelerate%20the%20adoption%20of%20newer%20and%20more%20secure%20technologies.%20%3C%2FSPAN%3E%3CSPAN%20data-ccp-props%3D%22%7B%26quot%3B201341983%26quot%3B%3A0%2C%26quot%3B335559739%26quot%3B%3A160%2C%26quot%3B335559740%26quot%3B%3A257%7D%22%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%20data-contrast%3D%22auto%22%3EHere%E2%80%99s%20the%20list%20of%20deprecation%20announcements%20that%20are%3C%2FSPAN%3E%20%3CSPAN%20data-contrast%3D%22auto%22%3Epart%20of%20the%20March%202022%20train%3A%3C%2FSPAN%3E%3CSPAN%20data-ccp-props%3D%22%7B%26quot%3B201341983%26quot%3B%3A0%2C%26quot%3B335559739%26quot%3B%3A160%2C%26quot%3B335559740%26quot%3B%3A257%7D%22%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%20data-leveltext%3D%22%C2%B7%22%20data-font%3D%22Symbol%22%20data-listid%3D%224%22%20aria-setsize%3D%22-1%22%20data-aria-posinset%3D%221%22%20data-aria-level%3D%221%22%3E%3CSPAN%20data-contrast%3D%22auto%22%3EWe%20will%20%3C%2FSPAN%3E%3CSTRONG%3E%3CSPAN%20data-contrast%3D%22auto%22%3Enot%3C%2FSPAN%3E%3C%2FSTRONG%3E%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fazure-active-directory-identity%2Fupdate-your-applications-to-use-microsoft-authentication-library%2Fba-p%2F1257363%22%20target%3D%22_blank%22%3E%3CSPAN%20data-contrast%3D%22none%22%3Eretire%20the%20%3C%2FSPAN%3E%3C%2FA%3E%3CSPAN%20data-contrast%3D%22none%22%3EAzure%20AD%20Graph%20API%20on%20June%2030%2C%202022%3C%2FSPAN%3E%3CSPAN%20data-contrast%3D%22auto%22%3E.%20Listening%20closely%20to%20your%20feedback%20about%20the%20challenges%20of%20migrating%20such%20a%20critical%20dependency%2C%20we%E2%80%99re%20delaying%20the%20retirement%20date%20through%20at%20least%20the%20end%20of%20this%20year.%20We%E2%80%99ll%20provide%20a%20retirement%20update%20mid-calendar%20year%20with%20information%20on%20additional%20tools%20to%20assist%20with%20your%20migration.%20For%20more%20information%2C%20see%20%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fgraph%2Fmigrate-azure-ad-graph-overview%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3E%3CSPAN%20data-contrast%3D%22none%22%3EMigrate%20Azure%20AD%20Graph%20apps%20to%20Microsoft%20Graph%20-%20Microsoft%20Graph%20%7C%20Microsoft%20Docs%3C%2FSPAN%3E%3C%2FA%3E%3CSPAN%20data-contrast%3D%22auto%22%3E.%3C%2FSPAN%3E%3CSPAN%20data-ccp-props%3D%22%7B%26quot%3B201341983%26quot%3B%3A0%2C%26quot%3B335559739%26quot%3B%3A160%2C%26quot%3B335559740%26quot%3B%3A259%7D%22%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FLI%3E%0A%3CLI%20data-leveltext%3D%22%C2%B7%22%20data-font%3D%22Symbol%22%20data-listid%3D%224%22%20aria-setsize%3D%22-1%22%20data-aria-posinset%3D%222%22%20data-aria-level%3D%221%22%3E%3CSPAN%20data-contrast%3D%22auto%22%3EWe%20will%20continue%20to%20retire%20the%20Azure%20AD%20Graph%20and%20MSOnline%20PowerShell%20%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fazure-active-directory-identity%2Fmigrate-your-apps-to-access-the-license-managements-apis-from%2Fba-p%2F2464366%22%20target%3D%22_blank%22%3E%3CSPAN%20data-contrast%3D%22none%22%3Elicensing%20assignment%20APIs%3C%2FSPAN%3E%3C%2FA%3E%3CSPAN%20data-contrast%3D%22auto%22%3E%20and%20PowerShell%20cmdlets%20on%20August%2026%2C%202022.%20Please%20migrate%20your%20apps%20to%20access%20the%20license%20managements%20APIs%20from%20Microsoft%20Graph.%20For%20more%20information%2C%20visit%20%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fazure-active-directory-identity%2Fmigrate-your-apps-to-access-the-license-managements-apis-from%2Fba-p%2F2464366%22%20target%3D%22_blank%22%3E%3CSPAN%20data-contrast%3D%22none%22%3EMigrate%20your%20apps%20to%20access%20the%20license%20managements%20APIs%20from%20Microsoft%20Graph%20-%20Microsoft%20Tech%20Community%3C%2FSPAN%3E%3C%2FA%3E%3CSPAN%20data-ccp-props%3D%22%7B%26quot%3B201341983%26quot%3B%3A0%2C%26quot%3B335559739%26quot%3B%3A160%2C%26quot%3B335559740%26quot%3B%3A259%7D%22%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FLI%3E%0A%3CLI%20data-leveltext%3D%22%C2%B7%22%20data-font%3D%22Symbol%22%20data-listid%3D%224%22%20aria-setsize%3D%22-1%22%20data-aria-posinset%3D%223%22%20data-aria-level%3D%221%22%3E%3CSPAN%20data-contrast%3D%22auto%22%3EWe%3C%2FSPAN%3E%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fazure-active-directory-identity%2Fautomate-and-manage-azure-ad-tasks-at-scale-with-the-microsoft%2Fba-p%2F1942489%22%20target%3D%22_blank%22%3E%3CSPAN%20data-contrast%3D%22none%22%3Estated%20before%20%3C%2FSPAN%3E%3C%2FA%3E%3CSPAN%20data-contrast%3D%22auto%22%3Ethat%20if%20you%E2%80%99re%20using%20the%20Azure%20AD%20PowerShell%20or%20MSOnline%20PowerShell%20modules%20to%20manage%20Azure%20AD%2C%20we%20encourage%20you%20to%20try%20the%20Microsoft%20Graph%20PowerShell%20SDK.%20The%20Microsoft%20Graph%20PowerShell%20SDK%20continues%20to%20be%20where%20all%20our%20current%20and%20future%20PowerShell%20investments%20are%20being%20made.%20In%20light%20of%20the%20announcement%20to%20not%20turn%20off%20the%20Azure%20AD%20Graph%20API%20on%20June%2030th%2C%20our%20goal%20is%20to%20also%20provide%20guidance%20and%20tools%20for%20migrating%20existing%20scripts%20and%20PowerShell%20processes%2C%20reliant%20on%20the%20Azure%20AD%20Graph%20API%20and%20MSOnline%20module%2C%20to%20the%20Microsoft%20Graph%20PowerShell%20SDK.%20This%20is%20due%20to%20the%20%3C%2FSPAN%3E%3CSTRONG%3E%3CSPAN%20data-contrast%3D%22auto%22%3Eplanned%20deprecation%20of%20the%20two%20PowerShell%20modules%20(MSOL%20%26amp%3B%20AAD)%3C%2FSPAN%3E%3C%2FSTRONG%3E%3CSPAN%20data-contrast%3D%22auto%22%3E%20after%20December%202022%3C%2FSPAN%3E%3CSPAN%20data-contrast%3D%22none%22%3E.%20%3C%2FSPAN%3E%3CSPAN%20data-contrast%3D%22auto%22%3ECheck%20out%20more%20information%20%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fpowershell%2Fmicrosoftgraph%2Fmigration-steps%3Fview%3Dgraph-powershell-beta%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3E%3CSPAN%20data-contrast%3D%22none%22%3Ehere%3C%2FSPAN%3E%3C%2FA%3E%3CSPAN%20data-contrast%3D%22none%22%3E%20and%20%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fgraph%2Fmigrate-azure-ad-graph-faq%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3E%3CSPAN%20data-contrast%3D%22none%22%3Ehere%3C%2FSPAN%3E%3C%2FA%3E%3CSPAN%20data-contrast%3D%22none%22%3E.%3C%2FSPAN%3E%3CSPAN%20data-ccp-props%3D%22%7B%26quot%3B201341983%26quot%3B%3A0%2C%26quot%3B335559739%26quot%3B%3A160%2C%26quot%3B335559740%26quot%3B%3A259%7D%22%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FLI%3E%0A%3CLI%20data-leveltext%3D%22%C2%B7%22%20data-font%3D%22Symbol%22%20data-listid%3D%224%22%20aria-setsize%3D%22-1%22%20data-aria-posinset%3D%223%22%20data-aria-level%3D%221%22%3E%3CSPAN%20data-contrast%3D%22auto%22%3EADAL%20end%20of%20life%20is%20extended%20from%20June%2030th%20to%20December%202022.%20%26nbsp%3BWhile%20ADAL%20apps%20may%20continue%20to%20work%2C%20no%20support%20or%20security%20fixes%20will%20be%20provided%20past%20end%20of%20life.%20%26nbsp%3BIn%20addition%2C%20there%20are%20no%20planned%20ADAL%20releases%20planned%20prior%20to%20end%20of%20life%20for%20features%20or%20support%20for%20new%20platform%20versions%3C%2FSPAN%3E%3CSPAN%3E.%3C%2FSPAN%3E%3CSPAN%3E%20For%20more%20information%2C%20see%3C%2FSPAN%3E%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fazure-active-directory-identity%2Fupdate-your-applications-to-use-microsoft-authentication-library%2Fba-p%2F1257363%22%20target%3D%22_blank%22%3E%3CSPAN%20data-contrast%3D%22none%22%3EUpdate%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%20-%20Microsoft%20Tech%20Community%3C%2FSPAN%3E%3C%2FA%3E%3CSPAN%20data-ccp-props%3D%22%7B%26quot%3B201341983%26quot%3B%3A0%2C%26quot%3B335559739%26quot%3B%3A160%2C%26quot%3B335559740%26quot%3B%3A259%2C%26quot%3B469777462%26quot%3B%3A%5B720%5D%2C%26quot%3B469777927%26quot%3B%3A%5B0%5D%2C%26quot%3B469777928%26quot%3B%3A%5B1%5D%7D%22%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FLI%3E%0A%3CLI%20data-leveltext%3D%22%C2%B7%22%20data-font%3D%22Symbol%22%20data-listid%3D%224%22%20aria-setsize%3D%22-1%22%20data-aria-posinset%3D%223%22%20data-aria-level%3D%221%22%3E%3CSPAN%3EWe%20have%20begun%20the%20legacy%20TLS%201.0%20and%201.1%20protocol%20deprecations%20for%20the%20%3C%2FSPAN%3E%3CSPAN%3Ep%3C%2FSPAN%3E%3CSPAN%3EP%3C%2FSPAN%3E%3CSPAN%3Eublic%20cloud%20and%20will%20continue%20with%20a%20gradual%20roll%20out%20of%20the%20deprecation%20over%20the%20course%20of%20this%20year.%20For%20more%20information%20se%3C%2FSPAN%3E%3CSPAN%20data-contrast%3D%22none%22%3Ee%26nbsp%3B%20%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Ftroubleshoot%2Fazure%2Factive-directory%2Fenable-support-tls-environment%3Ftabs%3Dazure-monitor%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3E%3CSPAN%20data-contrast%3D%22none%22%3EEnable%20TLS%201.2%20support%20as%20Azure%20AD%20TLS%201.0%2F1.1%20is%20deprecated%20-%20Active%20Directory%20%7C%20Microsoft%20Docs%3C%2FSPAN%3E%3C%2FA%3E%3CSPAN%20data-ccp-props%3D%22%7B%26quot%3B201341983%26quot%3B%3A0%2C%26quot%3B335559739%26quot%3B%3A160%2C%26quot%3B335559740%26quot%3B%3A259%2C%26quot%3B469777462%26quot%3B%3A%5B720%5D%2C%26quot%3B469777927%26quot%3B%3A%5B0%5D%2C%26quot%3B469777928%26quot%3B%3A%5B1%5D%7D%22%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FLI%3E%0A%3CLI%20data-leveltext%3D%22%C2%B7%22%20data-font%3D%22Symbol%22%20data-listid%3D%224%22%20aria-setsize%3D%22-1%22%20data-aria-posinset%3D%223%22%20data-aria-level%3D%221%22%3E%3CSPAN%3EWe%20will%20begin%20retiring%20past%20versions%20of%20Azure%20AD%20Connect%20Sync%2012%20months%20from%20the%20date%20they%20are%20superseded%20by%20a%20newer%20version.%20To%20upgrade%20your%20Azure%20AD%20Connect%20Sync%20server%3C%2FSPAN%3E%3CSPAN%3E%2C%3C%2FSPAN%3E%3CSPAN%3E%20follow%20these%20steps%3A%3C%2FSPAN%3E%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fazure%2Factive-directory%2Fhybrid%2Fhow-to-upgrade-previous-version%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3E%3CSPAN%20data-contrast%3D%22none%22%3EAzure%20AD%20Connect%3A%20Upgrade%20from%20an%20earlier%20version%26nbsp%3B%3C%2FSPAN%3E%3C%2FA%3E%3CSPAN%20data-ccp-props%3D%22%7B%26quot%3B201341983%26quot%3B%3A0%2C%26quot%3B335559739%26quot%3B%3A160%2C%26quot%3B335559740%26quot%3B%3A259%2C%26quot%3B469777462%26quot%3B%3A%5B720%5D%2C%26quot%3B469777927%26quot%3B%3A%5B0%5D%2C%26quot%3B469777928%26quot%3B%3A%5B1%5D%7D%22%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FLI%3E%0A%3CLI%20data-leveltext%3D%22%C2%B7%22%20data-font%3D%22Symbol%22%20data-listid%3D%224%22%20aria-setsize%3D%22-1%22%20data-aria-posinset%3D%223%22%20data-aria-level%3D%221%22%3E%3CSPAN%3EWe%20will%20enable%20combined%20MFA%20and%20SSPR%20security%20information%20registration%20for%20enabled%20tenants%20created%20before%20Aug%202020.%20More%20information%20on%20this%20experience%20can%20be%20found%20here%3A%3C%2FSPAN%3E%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fauthentication%2Fconcept-registration-mfa-sspr-combined%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3E%3CSPAN%20data-contrast%3D%22none%22%3ECombined%20registration%20for%20SSPR%20and%20Azure%20AD%20Multi-Factor%20Authentication%20-%20Azure%20Active%20Directory%20%7C%20Microsoft%20Docs%3C%2FSPAN%3E%3C%2FA%3E%3CSPAN%20data-ccp-props%3D%22%7B%26quot%3B201341983%26quot%3B%3A0%2C%26quot%3B335559739%26quot%3B%3A160%2C%26quot%3B335559740%26quot%3B%3A259%2C%26quot%3B469777462%26quot%3B%3A%5B720%5D%2C%26quot%3B469777927%26quot%3B%3A%5B0%5D%2C%26quot%3B469777928%26quot%3B%3A%5B1%5D%7D%22%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FLI%3E%0A%3CLI%20data-leveltext%3D%22%C2%B7%22%20data-font%3D%22Symbol%22%20data-listid%3D%224%22%20aria-setsize%3D%22-1%22%20data-aria-posinset%3D%223%22%20data-aria-level%3D%221%22%3E%3CSPAN%20data-contrast%3D%22auto%22%3EThe%20Azure%20Key%20Vault%20Team%20is%20working%20on%20enforcing%20soft%20delete%20protection%20on%20all%20key%20vaults%20to%20ensure%20that%20customer%20secrets%2C%20keys%2C%20and%20certificates%20are%20protected%20from%20accidental%20deletion.%20Soft%20Delete%20is%20a%20feature%20that%20allows%20deleted%20key%20vaults%20and%20secrets%20stored%20inside%20key%20vault%20to%20remain%20recoverable%20for%20a%20period%20of%20up%20to%2090%20days%20and%20allows%20customers%20to%20restore%20deleted%20secrets%20in%20a%20self-serve%20process.%20All%20existing%20key%20vault%20resources%20will%20have%20soft%20delete%20automatically%20enabled%20by%20February%201%2C%202025.%20Enabling%20soft%20delete%20is%20a%20one-way%20operation.%20Once%20enabled%2C%20the%20feature%20cannot%20be%20disabled.%20Learn%20more%20here%3C%2FSPAN%3E%3CSPAN%3E%3A%3C%2FSPAN%3E%20%3CA%20href%3D%22https%3A%2F%2Fnam06.safelinks.protection.outlook.com%2F%3Furl%3Dhttps%253A%252F%252Fdocs.microsoft.com%252Fen-us%252Fazure%252Fkey-vault%252Fgeneral%252Fsoft-delete-change%26amp%3Bdata%3D04%257C01%257Charismo%2540microsoft.com%257Cdc59de7fd68742b2188608d9f9b93450%257C72f988bf86f141af91ab2d7cd011db47%257C1%257C0%257C637815396125882543%257CUnknown%257CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%253D%257C3000%26amp%3Bsdata%3D6pG%252BnIoEAtx9kU8hmrmCvO%252BhWrgV%252B4qHdHa2mwnP0kU%253D%26amp%3Breserved%3D0%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3E%3CSPAN%20data-contrast%3D%22none%22%3ESoft-delete%20will%20be%20enabled%20on%20all%20key%20vaults%3C%2FSPAN%3E%3C%2FA%3E%3CSPAN%20data-ccp-props%3D%22%7B%26quot%3B134233117%26quot%3B%3Atrue%2C%26quot%3B134233118%26quot%3B%3Atrue%2C%26quot%3B201341983%26quot%3B%3A0%2C%26quot%3B335559740%26quot%3B%3A240%7D%22%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3E%3CSPAN%20data-ccp-props%3D%22%7B%26quot%3B201341983%26quot%3B%3A0%2C%26quot%3B335559685%26quot%3B%3A360%2C%26quot%3B335559739%26quot%3B%3A60%2C%26quot%3B335559740%26quot%3B%3A240%7D%22%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%0A%3CH3%20id%3D%22toc-hId--2091127186%22%20id%3D%22toc-hId--1406763654%22%20id%3D%22toc-hId--1406763654%22%20id%3D%22toc-hId--1406763654%22%20id%3D%22toc-hId--1406763654%22%20id%3D%22toc-hId--1406763654%22%20id%3D%22toc-hId--1406763654%22%20id%3D%22toc-hId--1406763654%22%20id%3D%22toc-hId--1406763654%22%20id%3D%22toc-hId--1406763654%22%20id%3D%22toc-hId--1406763654%22%20id%3D%22toc-hId--1406763654%22%20id%3D%22toc-hId--1406763654%22%20id%3D%22toc-hId--1406763654%22%20id%3D%22toc-hId--1406763654%22%20id%3D%22toc-hId--1406763654%22%20id%3D%22toc-hId--1406763654%22%20id%3D%22toc-hId--1406763654%22%20id%3D%22toc-hId--1406763654%22%20id%3D%22toc-hId--1406763654%22%20id%3D%22toc-hId--1406763654%22%20id%3D%22toc-hId--1406763654%22%20id%3D%22toc-hId--1406763654%22%20id%3D%22toc-hId--1406763654%22%20id%3D%22toc-hId--1406763654%22%20id%3D%22toc-hId--1406763654%22%20id%3D%22toc-hId--1406763654%22%20id%3D%22toc-hId--1406763654%22%20id%3D%22toc-hId--1406763654%22%20id%3D%22toc-hId--1406763654%22%20id%3D%22toc-hId--1406763654%22%3E%3CSPAN%20data-contrast%3D%22none%22%3E2022%20Change%20Communication%20Timeline%3A%3C%2FSPAN%3E%3C%2FH3%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22ChangeCommsTimeline.png%22%20style%3D%22width%3A%20802px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F352196i9AF24AF9B87710A4%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22ChangeCommsTimeline.png%22%20alt%3D%22ChangeCommsTimeline.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E----------------------------------------------------------------------------------------------------------%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CI%3E%3CSPAN%20data-contrast%3D%22auto%22%3ELearn%20more%20about%20Microsoft%20identity%3A%3C%2FSPAN%3E%3C%2FI%3E%3CSPAN%20data-ccp-props%3D%22%7B%26quot%3B201341983%26quot%3B%3A0%2C%26quot%3B335559685%26quot%3B%3A360%2C%26quot%3B335559739%26quot%3B%3A160%2C%26quot%3B335559740%26quot%3B%3A240%7D%22%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%20data-leveltext%3D%22%EF%82%B7%22%20data-font%3D%22Symbol%22%20data-listid%3D%222%22%20aria-setsize%3D%22-1%22%20data-aria-posinset%3D%221%22%20data-aria-level%3D%221%22%3E%3CI%3E%3CSPAN%20data-contrast%3D%22auto%22%3ERelated%20Articles%3A%20%3C%2FSPAN%3E%3C%2FI%3E%3CSPAN%20aria-label%3D%22Rich%20text%20content%20control%22%3E%3CSPAN%20data-contrast%3D%22auto%22%3ETo%20understand%20the%20differences%20between%20deprecations%20and%20product%20retirement%20and%20meanings%20of%20terms%20like%20end%20of%20support%20referenced%20above%2C%20please%20see%20here%3A%20%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Flifecycle%2Fdefinitions%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3E%3CSPAN%20data-contrast%3D%22none%22%3ELifecycle%20Terms%20and%20Definitions%20-%20Microsoft%20Lifecycle%20%7C%20Microsoft%20Docs%3C%2FSPAN%3E%3C%2FA%3E%20%3C%2FSPAN%3E%3CSPAN%20data-ccp-props%3D%22%7B%26quot%3B201341983%26quot%3B%3A0%2C%26quot%3B335559739%26quot%3B%3A160%2C%26quot%3B335559740%26quot%3B%3A240%7D%22%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FLI%3E%0A%3CLI%20data-leveltext%3D%22%EF%82%B7%22%20data-font%3D%22Symbol%22%20data-listid%3D%222%22%20aria-setsize%3D%22-1%22%20data-aria-posinset%3D%222%22%20data-aria-level%3D%221%22%3E%3CI%3E%3CSPAN%20data-contrast%3D%22auto%22%3EReturn%20to%20the%20%3C%2FSPAN%3E%3C%2FI%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fazure-active-directory-identity%2Fbg-p%2FIdentity%22%20target%3D%22_blank%22%3E%3CI%3E%3CSPAN%20data-contrast%3D%22none%22%3EAzure%20Active%20Directory%20Identity%20blog%20home%3C%2FSPAN%3E%3C%2FI%3E%3C%2FA%3E%3CSPAN%20data-ccp-props%3D%22%7B%26quot%3B201341983%26quot%3B%3A0%2C%26quot%3B335559739%26quot%3B%3A160%2C%26quot%3B335559740%26quot%3B%3A240%7D%22%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FLI%3E%0A%3CLI%20data-leveltext%3D%22%EF%82%B7%22%20data-font%3D%22Symbol%22%20data-listid%3D%222%22%20aria-setsize%3D%22-1%22%20data-aria-posinset%3D%223%22%20data-aria-level%3D%221%22%3E%3CI%3E%3CSPAN%20data-contrast%3D%22auto%22%3EJoin%20the%20conversation%20on%20%3C%2FSPAN%3E%3C%2FI%3E%3CA%20href%3D%22https%3A%2F%2Ftwitter.com%2Fazuread%2Fstatus%2F1278418103903363074%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3E%3CI%3E%3CSPAN%20data-contrast%3D%22none%22%3ETwitter%3C%2FSPAN%3E%3C%2FI%3E%3C%2FA%3E%3CI%3E%3CSPAN%20data-contrast%3D%22auto%22%3E%20and%20%3C%2FSPAN%3E%3C%2FI%3E%3CA%20href%3D%22https%3A%2F%2Fwww.linkedin.com%2Fshowcase%2Fmicrosoft-security%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3E%3CI%3E%3CSPAN%20data-contrast%3D%22none%22%3ELinkedIn%3C%2FSPAN%3E%3C%2FI%3E%3C%2FA%3E%3C%2FLI%3E%0A%3CLI%20data-leveltext%3D%22%EF%82%B7%22%20data-font%3D%22Symbol%22%20data-listid%3D%222%22%20aria-setsize%3D%22-1%22%20data-aria-posinset%3D%223%22%20data-aria-level%3D%221%22%3E%3CI%3E%3CSPAN%20data-contrast%3D%22auto%22%3EShare%20product%20suggestions%20on%20the%20%3C%2FSPAN%3E%3C%2FI%3E%3CA%20href%3D%22https%3A%2F%2Ffeedback.azure.com%2Fd365community%2Fforum%2F22920db1-ad25-ec11-b6e6-000d3a4f0789%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3E%3CI%3E%3CSPAN%20data-contrast%3D%22none%22%3EAzure%20Feedback%20Forum%3C%2FSPAN%3E%3C%2FI%3E%3C%2FA%3E%3CSPAN%20data-ccp-props%3D%22%7B%26quot%3B201341983%26quot%3B%3A0%2C%26quot%3B335559739%26quot%3B%3A160%2C%26quot%3B335559740%26quot%3B%3A240%7D%22%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FLI%3E%0A%3C%2FUL%3E%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-2967456%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%20class%3D%22NormalTextRun%20SCXW201414337%20BCX8%22%3ENow%20%3C%2FSPAN%3E%3CSPAN%20class%3D%22NormalTextRun%20SCXW201414337%20BCX8%22%3Ep%3C%2FSPAN%3E%3CSPAN%20class%3D%22NormalTextRun%20SCXW201414337%20BCX8%22%3Erovid%3C%2FSPAN%3E%3CSPAN%20class%3D%22NormalTextRun%20SCXW201414337%20BCX8%22%3Eing%3C%2FSPAN%3E%3CSPAN%20class%3D%22NormalTextRun%20SCXW201414337%20BCX8%22%3E%20predictable%20%3C%2FSPAN%3E%3CSPAN%20class%3D%22NormalTextRun%20SCXW201414337%20BCX8%22%3Echange%20communications%20and%20timelines.%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Change%20Management%20Simplified.jpg%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F352220iFC2FAC879D9F1CB3%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22Change%20Management%20Simplified.jpg%22%20alt%3D%22Change%20Management%20Simplified.jpg%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-TEASER%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2967456%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EProduct%20Announcements%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3240037%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20AD%3A%20Change%20Management%20Simplified%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3240037%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Team%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EShouldn't%20this%3A%20%22%3CSPAN%3EWe%20will%20enable%20combined%20MFA%20and%20SSPR%20security%20information%20registration%20for%20enabled%20tenants%20created%20before%20Aug%202020.%20More%20information%20on%20this%20experience%20can%20be%20found%20here%3A%20%22%20actually%20read%20%22We%20will%20enable%20combined%20MFA%20and%20SSPR%20security%20information%20registration%20for%20all%20non-enabled%20tenants%20created%20before%20Aug%202020.%20More%20information%20on%20this%20experience%20can%20be%20found%20here%22%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EI'm%20assuming%20that%20this%20statement%20is%20meant%20to%20mean%20that%20all%20tenants%20created%20before%20Aug%202020%20will%20have%20the%20feature%20enabled%20automatically%20by%20Microsoft%20on%20the%20backend.%20Or%20do%20I%20have%20it%20wrong.%3F%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3241462%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20AD%3A%20Change%20Management%20Simplified%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3241462%22%20slang%3D%22en-US%22%3E%3CP%3E2025%3F%20Why%20so%20far%20out%20for%20the%20Azure%20key%20vault%2C%20we'll%20all%20be%20driving%20flying%20cars%20by%20then.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3241720%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20AD%3A%20Change%20Management%20Simplified%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3241720%22%20slang%3D%22en-US%22%3E%3CP%3EShouldn't%20you%20include%20the%20Azure%20AD%20connect%201.x%20version%20retirement%20on%20August%2031%2C2022%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3243970%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20AD%3A%20Change%20Management%20Simplified%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3243970%22%20slang%3D%22en-US%22%3E%3CP%3E%26gt%3B%26nbsp%3Bthe%20planned%20deprecation%20of%20the%20two%20PowerShell%3C%2FP%3E%3CP%3E%26gt%3B%20modules%20(MSOL%20%26amp%3B%20AAD)%20after%20December%202022%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EDoes%20this%20mean%20we%20will%20finally%20be%20able%20to%20access%20default%20MFA%20method%20through%20other%20means%20besides%20the%20MSOL%20module%20sometime%20soon%3F%20The%20most%20recent%20update%20that%20I've%20seen%20was%20a%20change%20to%20the%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fgraph%2Fapi%2Fresources%2Fauthenticationmethods-overview%3Fview%3Dgraph-rest-beta%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3Edocs%3C%2FA%3E%20that%20indicates%20the%20MSOL%20module%20is%20the%20only%20way%20to%20get%2Fset%20this%20info.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3247341%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20AD%3A%20Change%20Management%20Simplified%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3247341%22%20slang%3D%22en-US%22%3E%3CP%3EHi%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ERegarding%20%3CSPAN%3EAzure%20AD%20Graph%20API%20and%20the%20extension%20for%206%20months.%20Does%20this%20mean%20that%20editing%20current%20API%20permissions%20is%20still%20not%20available%3F%26nbsp%3B%20Mine%20still%20seems%20to%20be%20greyed%20out%20when%20accessing%20this%20module%3F%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EThanks%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3250131%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20AD%3A%20Change%20Management%20Simplified%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3250131%22%20slang%3D%22en-US%22%3E%3CP%3EWould%20be%20nice%20to%20have%20an%20option%20to%20disable%20the%26nbsp%3BAzure%20AD%20Graph%20API%20in%20an%20environment%20and%20if%20needed%20enable%20it%20again.%20So%20we%20can%20make%20shure%20we%20don't%20mis%20anything%20and%20if%20so%20can%20use%20the%20time%20to%20correct%20it%20and%20try%2Fdisable%20the%20API%20again.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3252796%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20AD%3A%20Change%20Management%20Simplified%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3252796%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F40222%22%20target%3D%22_blank%22%3E%40Ian%20Clarke%3C%2FA%3E%26nbsp%3BHi%20Ian%2C%20I%20believe%20you%20are%20referring%20to%20the%20permission%20configuration%20pane%20in%20application%20registration%20blade%2C%20that%20UI%20will%20stay%20disabled%20as%20the%20Azure%20AD%20Graph%20API%20is%20deprecated%20and%20on%20the%20path%20to%20retirement.%20However%2C%20you%20can%20still%20edit%20your%20permissions%20through%20other%20channels%2C%20see%20more%20information%20here%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fazure-active-directory-identity%2Fend-of-support-for-azure-ad-graph-permission-sign-up-through%2Fba-p%2F2464404%22%20target%3D%22_blank%22%3EEnd%20of%20support%20for%20Azure%20AD%20Graph%20permission%20sign%20up%20through%20portal%20UX%20-%20Microsoft%20Tech%20Community%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3254124%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20AD%3A%20Change%20Management%20Simplified%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3254124%22%20slang%3D%22en-US%22%3E%3CP%3E%26nbsp%3BI%20understand%20your%20frustrations%20and%20appreciate%20the%20feedback%3B%20to%20shed%20some%20light%20%3B%3C%2FP%3E%3CP%3EAs%20part%20of%20the%20parity%20work%2C%20we%20are%20looking%20at%20both%20the%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fpowershell%2Fmodule%2Fmsonline%2F%3Fview%3Dazureadps-1.0%22%20rel%3D%22noopener%20noreferrer%22%20target%3D%22_blank%22%3EMSOL%3C%2FA%3E%20(MSOnline)%20and%20Azure%20AD%20libraries%20of%20Azure%20AD%20cmdlets%20and%20mapping%20the%20functionality%20onto%20the%20MS%20Graph%20PowerShell%20SDK%2C%20to%20make%20sure%20that%20all%20scenarios%20are%20available.%20We%20have%20started%20working%20on%20a%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-au%2Fpowershell%2Fmicrosoftgraph%2Fazuread-msoline-cmdlet-map%3Fview%3Dgraph-powershell-beta%22%20rel%3D%22noopener%20noreferrer%22%20target%3D%22_blank%22%3Ecmdlet%20map%3C%2FA%3E%20for%20MSOL%20vs%20Microsoft%20Graph%20PowerShell%2C%20and%20Azure%20AD%20Graph%20PowerShell%20vs%20Microsoft%20Graph%20PowerShell%2C%20as%20part%20of%20the%20migration%20documentation.%20Users%20have%20contacted%20us%20requesting%20specific%20scenarios%2Fcmdlets%20that%20we%20will%20add%20to%20Microsoft%20Graph%20PowerShell.%20We%20will%20continue%20to%20deliver%20tools%20like%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fpowershell%2Fmicrosoftgraph%2Ffind-mg-graph-command%3Fview%3Dgraph-powershell-1.0%22%20rel%3D%22noopener%20noreferrer%22%20target%3D%22_blank%22%3EFind-MgGraphCommand%3C%2FA%3E%20and%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fpowershell%2Fmicrosoftgraph%2Ffind-mg-graph-permission%3Fview%3Dgraph-powershell-1.0%22%20rel%3D%22noopener%20noreferrer%22%20target%3D%22_blank%22%3EFind-MgGraphPermission%3C%2FA%3E%2C%20that%20will%20assist%20users%20in%20locating%20and%20using%20the%20appropriate%20Microsoft%20Graph%20cmdlet.%26nbsp%3B%3C%2FP%3E%3CP%3EMicrosoft%20Graph%20cmdlets%20are%20autogenerated%20from%20the%20Microsoft%20Graph%20API%20schema.%20The%20process%20has%20many%20advantages%2C%20for%20example%2C%20providing%20a%20rich%20set%20of%20cmdlets%20that%20cover%20the%20whole%20API%20landscape.%20The%20disadvantage%20is%20that%20the%20resultant%20cmdlets%20may%20not%20be%20as%20user%20friendly%2C%20when%20compared%20to%20human%20authored%20cmdlets.%20Consequently%2C%20we%20are%20actively%20working%20on%20usability%20improvements%20of%20MS%20PS%20SDK%20cmdlets%20docs%20and%20examples%20and%20more%20tools%20on%20migration.%26nbsp%3B%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3251558%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20AD%3A%20Change%20Management%20Simplified%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3251558%22%20slang%3D%22en-US%22%3E%3CP%3EFurther%20to%20my%20comment%20above%2C%20announcing%20the%20deprecation%20of%20the%20MSOL%20and%20Azure%20modules%20in%20December%202022%20when%20there%20are%20still%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fpowershell%2Fmicrosoftgraph%2Fmigration-steps%3Fview%3Dgraph-powershell-beta%23limitations%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3Eknown%20limitations%3C%2FA%3E%26nbsp%3Band%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fgraph%2Fapi%2Fresources%2Fauthenticationmethods-usage-insights-overview%3Fview%3Dgraph-rest-beta%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3Ekey%20functionality%20still%20in%20beta%3C%2FA%3E%2C%20and%20you%20haven't%20even%20written%20the%20%3CSPAN%3Eguidance%20and%20tools%20for%20migrating%20existing%20scripts%20to%3C%2FSPAN%3E%26nbsp%3Bthe%20product%20intended%20to%20replace%20them%2C%20is%20just%20disrespectful%20to%20your%20customer's%20patience%20and%20time.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3251554%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20AD%3A%20Change%20Management%20Simplified%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3251554%22%20slang%3D%22en-US%22%3E%3CP%3EAs%20mentioned%20before%2C%20it's%20quite%20frustrating%20that%20the%20automation%20interfaces%20for%20Azure%20and%20Microsoft%20365%20are%20in%20a%20constant%20state%20of%20flux.%20As%20something%20to%20bear%20in%20mind%2C%20system%20administrators%20are%20not%20developers.%20We%20don't%20expect%20API%20calls%20etc%20to%20change%20every%205%20minutes.%20In%20the%20past%2C%20Windows%20tools%20such%20as%20cmd.exe%2C%20VBScript%20and%20other%20automation%20instances%20have%20worked%20across%20all%20versions%20of%20Windows%2C%20with%20backwards%20compatibility%20a%20priority.%20When%20it%20comes%20to%20Microsoft%20365%20%2F%20Azure%2C%20we've%20been%20through%20four%20incomplete%20iterations%3A%3C%2FP%3E%3CUL%3E%3CLI%3EThe%20MSOnline%20module%2C%20which%20is%20*still*%20required%20for%20stable%20access%20to%20MFA%20(support%20under%20Microsoft%20Graph%20is%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fgraph%2Fapi%2Fresources%2Fauthenticationmethods-usage-insights-overview%3Fview%3Dgraph-rest-beta%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3Estill%20in%20beta%3C%2FA%3E%26nbsp%3B-%20I'm%20sorry%2C%20but%20having%20used%20beta%20endpoints%20in%20the%20past%2C%20they%20are%20subject%20to%20change%20at%20any%20point%2C%20so%20there's%20no%20point%20investing%20time%20in%20updating%20scripts%20until%20they%20are%20released%20to%20general%20availability.)%3C%2FLI%3E%3CLI%3EThe%20AzureAD%20module%2C%20which%20is%20buggy%20and%20often%20doesn't%20seem%20to%20support%20pipelining%20properly%20(try%20piping%20things%20into%20Get-AzureADUser%2C%20for%20example).%3C%2FLI%3E%3CLI%3EThe%20AzureAD%20module%20cmdlets%20which%20are%20identical%20to%20existing%20ones%20but%20use%20MS%20Graph%20(e.g.%20Get-AzureADMSGroup)%20and%20are%20necessary%20to%20get%20all%20functionality%3C%2FLI%3E%3CLI%3ENow%20the%20plethora%20of%20MS%20Graph%20modules%3C%2FLI%3E%3C%2FUL%3E%3CP%3EWhy%20do%20we%20have%20to%20keep%20updating%20our%20scripts%20to%20keep%20existing%20functionality%20working%3F%20Why%20can't%20you%20improve%20and%20evolve%20rather%20than%20continuously%20trying%20to%20reinvent%20the%20wheel%3F%3C%2FP%3E%3CP%3EWe%20all%20know%20that%20it%20would%20be%20possible%20(although%20a%20fair%20amount%20of%20work)%20to%20ensure%20backwards%20compatibility%20for%20these%20modules%20-%20keep%20the%20modules%20the%20same%2C%20but%20update%20the%20back%20end%20to%20use%20Microsoft%20Graph.%20In%20the%20past%20this%20would%20have%20been%20Microsoft's%20approach%20(read%20Raymond%20Chen's%20'%3CA%20href%3D%22https%3A%2F%2Fdevblogs.microsoft.com%2Foldnewthing%2F%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3EThe%20Old%20New%20Thing%3C%2FA%3E'%20for%20how%20much%20work%20Microsoft%20used%20to%20put%20in%20to%20avoid%20these%20kinds%20of%20issues%20in%20previous%20Windows%20releases).%20Not%20ensuring%20backwards%20compatibility%20is%20one%20of%20the%20mistakes%20that%20led%20to%20the%20huge%20backlash%20for%20products%20like%20Microsoft%20Vista.%20Indeed%20it%20seems%20that%20the%20Windows%20team%20%3CA%20href%3D%22https%3A%2F%2Fwww.microsoft.com%2Fen-gb%2Ffasttrack%2Fmicrosoft-365%2Fapp-assure%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3Estill%20understand%20this%3C%2FA%3E%20-%20when%20will%20Microsoft's%20cloud%20services%20teams%20learn%3F%20By%20all%20means%20progress%20with%20new%20technologies%20like%20Microsoft%20Graph%20-%20but%20don't%20forget%20the%20backwards%20compatibility%20religion.%20It's%20why%20many%20of%20us%20continue%20to%20choose%20Microsoft%20products%20-%20but%20if%20that%20benefit%20is%20taken%20away%2C%20why%20should%20we%20remain%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3254750%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20AD%3A%20Change%20Management%20Simplified%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3254750%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1073884%22%20target%3D%22_blank%22%3E%40dkimani%3C%2FA%3E%26nbsp%3BThanks%20for%20replying.%20I%20don't%20think%20you've%20really%20addressed%20my%20point%20about%20backwards%20compatibility%20-%20this%20will%20be%20a%20rare%20occasion%20when%20Microsoft%20completely%20breaks%20an%20automation%20process%20which%20was%20previously%20offered%20to%20system%20administrators%20to%20administer%20a%20system%2C%20breaking%20many%20scripts.%20I%20can't%20remember%20the%20last%20time%20you%20did%20this.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3CEM%3E'As%20part%20of%20the%20parity%20work%2C%20we%20are%20looking%20at%20both%20the%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fpowershell%2Fmodule%2Fmsonline%2F%3Fview%3Dazureadps-1.0%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EMSOL%3C%2FA%3E%26nbsp%3B(MSOnline)%20and%20Azure%20AD%20libraries%20of%20Azure%20AD%20cmdlets%20and%20mapping%20the%20functionality%20onto%20the%20MS%20Graph%20PowerShell%20SDK%2C%20to%20make%20sure%20that%20all%20scenarios%20are%20available.%20We%20have%20started%20working%20on%20a%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-au%2Fpowershell%2Fmicrosoftgraph%2Fazuread-msoline-cmdlet-map%3Fview%3Dgraph-powershell-beta%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ecmdlet%20map%3C%2FA%3E%26nbsp%3Bfor%20MSOL%20vs%20Microsoft%20Graph%20PowerShell%2C%20and%20Azure%20AD%20Graph%20PowerShell%20vs%20Microsoft%20Graph%20PowerShell%2C%20as%20part%20of%20the%20migration%20documentation.'%3C%2FEM%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAgain%2C%20if%20Microsoft%20was%20following%20the%20route%20that%20it%20has%20followed%20in%20the%20past%2C%20and%20which%20happy%20and%20repeat%20customers%20have%20come%20to%20expect%2C%20you%20would%20be%20using%20that%20information%20to%20update%20MSOL%20and%20Azure%20AD%20libraries%20to%20keep%20them%20working%20with%20MS%20Graph%20in%20the%20background.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CEM%3E'Microsoft%20Graph%20cmdlets%20are%20autogenerated%20from%20the%20Microsoft%20Graph%20API%20schema.%20The%20process%20has%20many%20advantages%2C%20for%20example%2C%20providing%20a%20rich%20set%20of%20cmdlets%20that%20cover%20the%20whole%20API%20landscape.%20The%20disadvantage%20is%20that%20the%20resultant%20cmdlets%20may%20not%20be%20as%20user%20friendly%2C%20when%20compared%20to%20human%20authored%20cmdlets.%20Consequently%2C%20we%20are%20actively%20working%20on%20usability%20improvements%20of%20MS%20PS%20SDK%20cmdlets%20docs%20and%20examples%20and%20more%20tools%20on%20migration.'%3C%2FEM%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThis%20just%20shows%20that%20you've%20lost%20sight%20of%20the%2080%2F20%20rule.%20What%20you%20had%20before%20made%20it%20easy%20to%20use%20the%2020%25%20of%20functionality%20that%2080%25%20of%20PowerShell%20users%20actually%20need%20-%20and%20what%20you're%20doing%20now%20will%20make%20life%20harder%20for%20those%2080%25%20of%20people%20-%20your%20'gain'%20being%20complete%20API%20coverage%20for%20the%2020%25%20minority%20who%20need%20the%20remaining%20functionality.%20Come%20on%20guys.%20PowerShell%20is%20a%20sysadmin%20tool%20first%20and%20foremost%2C%20and%20most%20sysadmins%20only%20need%20to%20use%20a%20tiny%20subset%20of%20MS%20Graph%20functionality%20(managing%20users%2C%20groups%2C%20licenses%2C%20MFA)%20which%20is%26nbsp%3B%3CSTRONG%3Ealready%20covered%3C%2FSTRONG%3E%20by%20relatively%20easy-to-use%20MSOL%20and%20AzureAD%20modules.%20You%20should%20be%20maintaining%20those%20modules%2C%20and%20only%20expecting%20the%20%3CSTRONG%3Emonitory%3C%2FSTRONG%3E%26nbsp%3Bwho%20need%20the%20full%20functionality%20of%20MS%20Graph%20to%20use%20the%20new%20cmdlets%20-%20which%26nbsp%3B%3CSTRONG%3Ein%20your%20own%20words%3C%2FSTRONG%3E%20are%20'rich'%20but%20'not%20as%20user%20friendly'.%20Extra%20hint%20-%20most%20of%20that%20minority%20will%20be%20developers%2C%20who%20don't%20access%20Graph%20via%20PowerShell%20anyway.%20This%20is%20basic%20stuff.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3257574%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20AD%3A%20Change%20Management%20Simplified%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3257574%22%20slang%3D%22en-US%22%3E%3CP%3EPlease%20publish%20Azure%20AD%20planned%20changes%20on%20Message%20Centre.%20Some%20AAD%20changes%20appear%20there%20in%20the%20Identity%20Service%20category%2C%20but%20sometimes%20changes%20only%20announced%20in%20blogs%20like%20this%20one.%26nbsp%3B%20Planner%20Syncing%20in%20message%20center%20helps%20triage%20announcements.%26nbsp%3B%3CBR%20%2F%3Eadmin%20dot%20microsoft%20dot%20com%20MessageCenter%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3259356%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20AD%3A%20Change%20Management%20Simplified%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3259356%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F522019%22%20target%3D%22_blank%22%3E%40PeterJoInobits%3C%2FA%3E%26nbsp%3B-%20thank%20you%20for%20pointing%20out%20this%20error.%20We've%20updated%20the%20content%20to%20reflect%20the%20correct%20statement.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3260820%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20AD%3A%20Change%20Management%20Simplified%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3260820%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F203133%22%20target%3D%22_blank%22%3E%40Tim%20Larson%3C%2FA%3E%26nbsp%3B%20Glad%20to%20help.%20The%20original%20text%20struck%20me%20as%20being%20contradictory..%20%3Abeaming_face_with_smiling_eyes%3A%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3392950%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20AD%3A%20Change%20Management%20Simplified%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3392950%22%20slang%3D%22en-US%22%3E%3CP%3ESometimes%20I'm%20not%20sure%20if%20Microsoft's%20idea%20is%20to%20drive%20regular%20administrators%20into%20madness%20and%20then%20make%20MS%20admins%20irreplaceable%20when%20no%20others%20are%20left.%20Or%20more%20realistic%20reason%20behind%20of%20this%20could%20also%20be%2C%20they%20do%20have%20many%20different%20teams%20and%20management%20has%20forced%20teams%20to%20fight%20against%20each%20others.%20When%20one%20team%20lose%2C%20the%20backward%20compatibility%20is%20lost%20as%20that%20team%20is%20not%20needed%20anymore.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIf%20you%20read%20this%20change%20and%20then%20read%20(%2B%20comments)%20what%20they%20have%20planned%20to%20do%20on%20Exchange%20Online%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fexchange-team-blog%2Fchange-in-naming-convention-of-user-s-name-parameter%2Fbc-p%2F3289711%22%20target%3D%22_self%22%3EChange%20in%20naming%20convention%20of%20user%E2%80%99s%20Name%20parameter%3C%2FA%3E%26nbsp%3Byou%20can%20see%20very%20similar%20behavior.%20Suddenly%20someone%20though%20to%20reassign%20one%20attribute%20to%20other%20use.%20And%20once%20more%20thousands%20of%20admins%20are%20forced%20to%20look%20if%20their%20scripts%20are%20depended%20to%20that%20attribute.%20Attribute%20name%20is%20%22Name%22%2C%20so%20you%20can%20believe%20it%20could%20be%20widely%20used.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EMore%20and%20more%20all%20of%20this%20start%20look%20like%2C%20nobody%20is%20pulling%20the%20van%20to%20the%20same%20direction.%20Everybody%20is%20just%20trying%20to%20get%20glory%20to%20their%20own%20only.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ESometimes%20I%20have%20also%20asked%20from%20myself%2C%20do%20we%20actually%20have%20administrators%20who%20are%20managing%20O365%2FAzure%20services%20using%20PS%20after%205-10%20years%3F%20How%20does%20Google%2C%20Apple%20or%20Amazon%20do%20this%2C%20as%20they%20have%20no%20PS%20modules(%3F).%20Are%20we%20the%20last%20once%3F%26nbsp%3B%3CIMG%20class%3D%22lia-deferred-image%20lia-image-emoji%22%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Fhtml%2F%40B71AFCCE02F5853FE57A20BD4B04EADD%2Fimages%2Femoticons%2Fcool_40x40.gif%22%20alt%3D%22%3Acool%3A%22%20title%3D%22%3Acool%3A%22%20%2F%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
Co-Authors
Version history
Last update:
‎Mar 16 2022 09:50 AM
Updated by: