User Profile
a_n_7goo
Copper Contributor
Joined 7 years ago
User Widgets
Recent Discussions
Re: O365 Password Complexity
We would also like to see this added/restored. If I remember correctly, there used to be a setting at tenant level in AAD that allowed changing the default minimum password length, but Microsoft removed it. We want to see this setting restored. We use a company managed password manager, along with MFA, so a longer password length would be a benefit (as we can monitor password strength). We are using AAD only, with AAD joined devices managed by InTune MDM. Currently there is the option to set conditional access policy for password length at device level, but not the configuration. If we set the CA policy to 14 characters, then a user resets their password in a browser, which is governed by Microsoft's 365 setting of 8 characters, then the device gets marked as non-compliant and the user must reset their password again. Microsoft's own recommendations in the security center recommend a minimum password length of 14 characters. The security center recommendation gives the remediation guidance of using a GPO, which we cannot do as we are AAD only. Microsoft need to look at this urgently. It is a ridiculous situation for cloud only AAD joined and MDM device managed 365 users.2.1KViews0likes0CommentsRe: O365 password complexity
NetzenRob If I remember correctly, there used to be a setting at tenant level in AAD that allowed changing the default minimum password length, but Microsoft removed it. We want to see this setting restored. We use a company managed password manager, along with MFA, so a longer password length would be a benefit (as we can monitor password strength). We are using AAD only, with AAD joined devices managed by InTune MDM. Currently there is the option to set conditional access policy for password length at device level, but not the configuration. If we set the CA policy to 14 characters, then a user resets their password in a browser, which is governed by Microsoft's 365 setting of 8 characters, then the device gets marked as non-compliant and the user must reset their password again. Microsoft's own recommendations in the security center recommend a minimum password length of 14 characters. The security center recommendation gives the remediation guidance of using a GPO, which we cannot do as we are AAD only. Microsoft need to look at this urgently. It is a ridiculous situation for cloud only AAD joined and MDM device managed 365 users.101KViews2likes1CommentRe: Intune Compliance Policy: Device not compliant because of missing machine risk score: deactivated?
We have a similar issue with one device that is failing compliance due to an AAD error. We are cloud only and all devices are joined to AAD and MDM enrolled. However, one device shows as AAD registered when viewed in AAD, but shows as AAD joined on the device. It is enrolled in MDM. Defender for Endpoint returns a low risk score, but the compliance policy think it is non-compliant for reason of the risk score being high. I have tried various fixes, but the only solution seems to be a complete reset (MDM fresh start, or wipe) because the error seems to stem from the AAD joining process.24KViews0likes0Comments
Recent Blog Articles
No content to show