Excel authentication token reuse for access to Log Analytics
I have noticed that Excel is not able to reuse the authentication token when accessing Log Analytics workspaces if an expired token was renewed for a single sheet in a workbook. Scenario: 1 workbook with 1+ worksheets Each worksheet is a different query to LA (KQL query displayed in Excel for ease and consolidation) Access to LA is protected by the usual access controls (Conditional Access; Security Reader role + Session control) After a period of time, session and token expire and require renewal User receives a prompt stating the token has expired and needs to be renew User clicks on "Sign-in" and successfully completes the prompts (u/n+pwd+MFA) Expected result: The new token will be reused for subsequent connections to LA within the same workbook Actual result: User is prompted to re-authenticate for each and every connection in the workbook resulting in as many auth requests as there are connections Workaround: After successfully completing the first auth request, close Excel and re-open it and run "Refresh all" This successfully completes refresh of all data without any additional re-auth requests Is this behaviour by design or due to a configuration? Is there a way to address this so that the first token is re-used by all other connections without having to close and reopen the workbook?How Do I Target the Azure VPN Client in a Conditional Access Policy?
I am using the Azure VPN Client to connect users to an Azure VPN Gateway using their Entra ID credentials to authenticate. I want to target this application with a CA policy that requires MFA every time it connects. The problem is that I don't see the applications in my Enterprise Apps and all of my searching says that it won't appear because it was "pre-certified" by Microsoft. In the Gateway setup I used the Audience GUID of c632b3df-fb67-4d84-bdcf-b95ad541b5c8. And this is working as expected. The only solution that I have found for targeting the Azure VPN Client app is to create a Service Principal using that Audience GUID. This seems like a bit of a hack, so I am posting here to see if there are any other methods that I am missing to target this app when it doesn't appear in my Enterprise Apps list.
MFA alerts for when a alternative phone number is added
Hi, i need to be able to find a way when someones adds a alternative phone number to MFA it sends an alert via email that would go into a shared mailbox but haven't been able to find a way to get the MFA alerts for alternative phone numbers. can someone help please?
Hacked Live account
Hello, On of our customers accounts was hacked. This is a Live account linked to his own emailadres (not hotmail) from his Internet Provider. A few weeks ago someone gained access to this account. They changed the recovery email address and the phone number. The customer has a paid Office 36 family account, which is paid for with his MasterCard and he can provide the invoice from the last years.. We tried the account recovery Form multiple times, opened a case with CDOC Case Management. We simply got the reply that they could not do anything but to suspend the account. I Think this is crazy, is there no solution to this ? Thanks,
Case 2512040040001886 - Cannot Access Account
Since the 4th of December we have been patiently waiting on MS Tech support to assist on resolving our Case with no success endless calls and endless promises with no luck. How do you proceed in using Microsoft for a Business if they don't deliver on the support. My business is taking the brunt of it. I suppose another call holding for hours and another Support person promise a solution. No other methods to log complaints as you cannot log into your Account Portal.
Graph http 449 throttled
We are experiencing a lot of Microsoft Graph trolling errors from some of our applications that are hosted in Azure Web App Services and other third party such as Front App to name one. I am trying to find an approach or strategy to figure out and narrow down what may be causing so many of these events. Whether I can narrow down by application or process, I am not sure yet. We enforce MFA on all our users, but of course, on Azure Enterprise Applications, we don't, which are used extensively in our ecosystem of apps. Any help is much appreciated here.
In "Per-user multifactor authentication" I disabled MFA for one user; All got disabled
Hi, I'm the 365 admin for our org. Today I had a user that got a new phone and became stuck in a MS Authenticator app loop. (The app required MFA to login to the app, but they can't login to the app because they aren't logged into the app. This happened once before, and is a ridiculous Kafkaesque situation; but I digress.) To solve it, I went to disable MFA on their account, allowing them to login to the app. Then MFA could be re-enabled. Problem solved. And indeed that did work. However, on the admin side (per the screenshot) I checked off their user account (the user starting with the letter "B") and hit the "Disable MFA" link. A confirmation appeared asking me if I wanted to disable MFA for all selected users. Because I'm the careful sort, I could still see that only that one user was checked off as the popover div didn't cover that much of the screen. Hence I confirmed that I wanted to disable MFA for the selected users (i.e. that one user). I then refreshed the page, and all users are now shown as having MFA disabled. I'm 100% sure only that one user was selected, not everyone in my org. That would've been foolish. Trying to figure out what's wrong with this portion of the admin site.
