I'm excited to share the latest Active Azure Directory news, including feature updates, support deprecation, and new capabilities that will streamline administrator, developer, and user experiences. These updates show our commitment to simplifying identity and access management, while also enhancing the customization and controls you need.
With My Apps collections, you can create tabs organized by app function, role, or other categories that make it easier to discover and access apps. These collections can also be surfaced in the Office portal, if organizations want to combine broad app launch within their Office productivity hub. Since the public preview, this will now be available by default in all tenants and no special URL is required.
User-based collections in Azure AD My Apps, now generally available.
GA of new risk detectionsin Azure AD Identity Protection – Three new risk detections—the Microsoft Cloud App Security (MCAS) New Country, Activity from Anonymous IP Address, and Suspicious Inbox Forwarding Rules—are now generally available. These signals are integrated from MCAS to influence both sign-in and user risk in Identity Protection. Customers currently using MCAS don’t need to take any additional steps for these three new risk detections to flow into Identity Protection. They can be found in the risky sign-ins blade, risk detections blade, and the risk history tab of the risky users report.
This integration expands the surface area of our detections with insight into intrasession activity, improves our signal quality, and delivers on our One Microsoft value by leveraging signals across the Microsoft ecosystem. There is also a link back to the MCAS UI in the risk details so that admins can investigate further if necessary. You can now see all the MCAS detections that Identity Protection has consumed by filtering on “Microsoft Cloud App Security” as the source in either the risky sign-ins or risk detections blades.
Alerts in MCAS automatically flow into Azure AD Identity Protection.
Support for unmanaged Azure Active Directory accounts ending in October 2021– We previously shared that Microsoft would no longer support the redemption of invitations using unmanaged Azure Active Directory accounts starting March 31, 2021. Based on your feedback, we are delaying the transition from March 31, 2021 to October 31, 2021. Starting October 31, 2021, Microsoft will no longer support the redemption of invitations by creating unmanaged Azure AD accounts and tenants for B2B collaboration scenarios. To prepare for this, you are encouraged to opt into email one-time passcode authentication, which was made generally available earlier this year.
Deprecation of Azure AD Connect sync old versions – We recently announced that we will no longer support old versions of Azure AD Connect sync (versions published before May 5, 2018 – 1.1.751.0 and older) to ensure customers are using versions with additional security and performance benefits. To minimize service disruption, upgrade to a newer version of Azure AD Connect sync before February 29, 2024. For help with your update, refer to our migration guide, reach out to our community experts, or open up a technical support request.
As always, we’d love to hear your feedback or suggestions in the comments or on Twitter (@AzureAD). I also invite you to join me and other Microsoft leaders at Microsoft Ignite, March 2-4. Registration is free and includes access to sessions covering important topics in our industry, such as the Zero Trust security model, decentralized identities, going passwordless, and more.