User Profile
starbuck3k
Brass Contributor
Joined Oct 07, 2021
User Widgets
Recent Discussions
Re: Users not receiving 'Comments' notifications on Planner Tasks (Teams)
Hello, We are now getting pressure from senior management asking us to provide and support another platform mainly because they know they will not get notifications if they use Teams Planner for task management. Has anyone seen a change or roadmap item which could let us think that Microsoft is working something about this limitation?Conditional access for Microsoft 365 admin centers
A client would like to enforce sign-in frequency and trusted location for access to any of its Microsoft 365 admin centers (e.g., SharePoint AC, Teams AC, Exchange AC, Security AC, Compliance AC, etc.). Is there any way to enforce these restrictions through conditional access policies and without specifying "All cloud apps"?Re: AAD shows source of the Directory Synchronization Service Account as "Windows Server AD". Why?
VasilMichev: thank you for your reply. I can't, I only have access to my customers' tenants. I noticed the same "source" at two different/independent locations, other tenants show it as a azure AD sourced account.AAD shows source of the Directory Synchronization Service Account as "Windows Server AD". Why?
TLDR: Why does Azure AD show the "directory synchronization service account" created during the installation of Azure AD Connect with a source set to "Windows Server AD"? In Azure AD, when I browse the synchronization account created during the installation of Azure AD Connect, the account "Source" shows as "Windows Server AD", as shown below: To reproduce on your tenant: - From the portal, select the Azure AD module. - In 'Users', identify the on-prem directory synchronization service account (typically starts with "Sync_"), - Copy the object identifier - Return to the 'overview' blade - In the "Overview" tab, paste the object identifier in the "Search your tenant" input box - A popup should show the account, click on it - The profile page of the account should show (p.s. if you know a better way to access this detailed profile page, I am interested 🙂 - Under "Identity", click "View more", two attributes appear (Directory synced, and Source). I would have guessed that the synchronization account would show its source set to "Azure Active Directory", but the interface indicates that this account was created in the Windows Server, then synced. As I understood it, Azure AD Connect requests a GA account during installation in order to provision a synchronization account directly into Azure AD. If am I right, why would this account reside in the on-prem server as its "source"? I could not find an explanation to this in the documentation, and I guess I am missing something to fully understand how AAD Connect works. Any help will be greatly appreciated!Re: How to reach admin center from tenant Y when not admin in tenant X?
Thank you for replying. Unfortunately that would not work: the problem is not caused by conflicting sessions but the admin center does not let you in if you are not given permissions into your own tenant administration console first. This is a different behavior that the Azure console, which lets you in without giving you access to your tenant's resources but you still can reach the "switch directory" button to initiate the switch.Re: How to reach admin center from tenant Y when not admin in tenant X?
Hello, I am not sure the rule you mentioned works entirely: as an external user granted with global reader role, I was still able to enter the SharePoint admin center. I think this is due to the fact that there is a uniquely identifying URL available (tenantname.admin.sharepoint.com) for each tenant. I think this is not caused by credentials or user type, but with a limitation in the admin centers that are reached through a unified url (e.g., admin.microsoft.com). You get pushed out of the site without ever being given the opportunity to switch tenant. I was hoping for a way to specify the tenant in the url (e.g., "?tenant=<guid>" or ?tid=<guid>"), like when you log in through PowerShell, but could not find one that works.Re: Microsoft Teams not closing document
Thank you Chris for your reply. I thought that whether a document is hosted in the cloud or on a "regular" server does not make things different: I still "open" and "close" the document, and the server allocates more physical resources when the document is "opened" than when it is not. If what you say is true, would that mean that cloud servers require much more computing resources to hosts 1'000 documents than regular servers? (you seem to say they are always "open") Same goes with the "save" function. I cannot find a technical requirement or constraint that makes this specifically a "cloud" feature. I have seen many applications implement continuous saving without the cloud, for decades. A good example of this is Onenote. Wouldn't this contradict what you proposed? On the other side, I also think it is not a good practice to tell users to just accept things as they are and get used to it when they notice something wrong. If a user interface shows a button labelled "close" when a document is opened, and clicking on this button does nothing, I think it is a failure from the editor, and that should be fixed. Of course, the editor could simply remove the button, as you implied, but that would likely make users' experience even worse. Or it could make the button actually work as intended, thus letting users close a document and return to whatever they were doing before opening it. In summary, I am not sure I can agree with your proposition 🙂How to reach admin center from tenant Y when not admin in tenant X?
Hello, I am a regular member in my own organization's tenant (Company X) and I have been given access to another company's MS365 tenant (Company Y) with global reader role to conduct a review. I have no problem accessing the AAD blade in the portal for both Company X (can't see much, which is normal) and Company Y (can see everything, which is normal) and there is the directory switching feature available in the top right corner. However, when entering the admin.microsoft.com page, I am shown the "sign out or switch to an account that has permission" message. It seems that this page only identifies my Company X membership, not my Company Y membership. I have read about the"All tenants" feature to help switching between tenants, but it is located inside the Admin Center, I cannot even reach that page. Any ideas on how I can "tell" the admin center that I want to be seen as a Company Y member and not a Company X member?
