User Profile
AZ365
Copper Contributor
Joined 7 years ago
User Widgets
Recent Discussions
How to find the Power Automate flow behind a form?
Sorry for the newbie question. There is a form I need to find the Power Automate flow behind it to troubleshoot. However, I have a hard time finding it. The form is owned by an ex-employee who has changed the ownership to a MS Teams team before she left and consequently the flow is broken. I am an owner in the team. However, I have a hard time to locate the Power Automate flow used by the form and need to modify the flow. Thanks.2.4KViews0likes1CommentCorrect name for user location
Hi, When I use AzureAD PowerShell module, I see my own user location under the attribute "PhysicalDeliveryOfficeName". However, when I use the MS Graph module, it's listed under "OfficeLocation". How do I find the real attribute name for it? I ask because our non-PowerShell developer wants to retrieve its value so I am wondering what attribute name I should provide. Thanks.Solved3.3KViews0likes1CommentWhere is OAuth log for multi tenant app in Azure?
Hi, I have a 3rd party vendor who has an app registered in their tenant and their setup process creates an enterprise app in my tenant. It's how the vendor access a particular OneDrive in my tenant. I have been trying to find the OAuth activities from the vendor but I could not find any trace of it in the enterprise app's sign-in logs page (user sign-ins interactive/non-interactive/service principal sign-ins/managed id sign-ins all empty). However, if I search the audit logs in the security/compliance portal, I do find OneDrive actions taken by the vendor and AuthType = OAuth. I guess I am unclear how multi-tenant app's OAuth flows and where the OAuth logs are to record such activities. Thanks.Solved1.6KViews0likes2CommentsAny way to set default recording expiration at the Teams team level?
Hi, I understand there is a default org-wide recording expiration setting in Teams admin center. Also, users can change expiration to individual recording. Finally, Teams admin can create a meeting policy for expiration and assign to specific users. * If I assign a user with expiration = 120 days, does it mean all recordings he participates (regardless he is an organizer or not and whether it's a 1:1 meeting or group meeting) will have that 120-day policy? * More importantly, I'd like to set default recording expiration for all recordings in a particular team. Is it possible? thanks.891Views0likes1CommentOAuth activity log in Azure AD
I notice the user audit logs in Azure AD do not seem to log OAuth-related activities such as issuing and renewing a token. Is there a way to see that? My end goal is to set up a conditional access for an external app that uses a service account to authenticate against Azure AD and I need to know where the OAuth related requests come from. Thank you.Solved3.3KViews0likes4CommentsCannot access cloud shell in Azure AD B2C
I've set up a B2C tenant and want to be able to use either PowerShell or AZ to script. However, when I go to the Azure portal and launch a cloud shell, it says: "No valid subscriptions found You need an Azure subscription to use Azure cloud Shell. Create an Azure subscription" I do already have a subscription associated with the B2C portal and I thought it's required to complete the portal provisioning. What's missing here? Thanks.982Views0likes1CommentRe: Narrow down Search-UnifiedAuditLog results
I see I can use -RecordType to limit the search to SharePoint/OneDrive operations. However, it's still capped at 5,000 records which can be reached easily. It will be much better to be able to specify the scope of search as narrow as possible to be more efficient.506Views0likes0CommentsNarrow down Search-UnifiedAuditLog results
Hi, I need to do audit log search for a particular OneDrive using Search-UnifiedAuditLog in order to generate monthly activity report. However, it seems there is no option to search based on a OneDrive. It's inefficient to search all M365 and then filter the huge results to find the entries relevant to the particular OneDrive. In addition, Search-UnifiedAuditLog limits the number of rows returned if I understand correctly. Any suggestions? Thank you.Remove events with Remove-CalendarEvents
Hi, I have an ex-employee who scheduled several meetings before he left. I was able to run Remove-CalendarEvents w/o error. However, I am curious: * Will the attendees receive cancellation emails in their inbox or this goes on behind the scene? I suppose it can silently remove the meetings from the attendees in the same Exchange environment. * For external attendees, do they get cancellation emails? It seems to me they have to and it's up to the receiving end's mail system to process the cancellation. If that's the case, external attendees will get a bunch of cancellation emails. Thank you.Solved965Views0likes2CommentsImpact of linking Azure AD B2C to a subscription
Hi, I try to understand Azure AD B2C and notice it's required to link to a subscription. Does the linking process change the subscription's authentication/authorization at all? That is, for example, if a I have subscription that uses Azure AD to authenticate/authorize, will linking the Azure AD B2C to that subscription change the subscription's authentication/RBAC etc., at all? Some posts suggest linking is more for accounting purpose but I just want to make sure linking Azure AD B2C to an existing subscription won't impact the subscription in any way because the subscription has a lot of resources for other purposes. Thanks.1KViews0likes1CommentAzure subscription policy
Hi, https://learn.microsoft.com/en-us/azure/cost-management-billing/manage/manage-azure-subscription-policy there are two options to disallow subscriptions entering/leaving Azure AD. Unfortunately I don't have a test environment to test but am wondering: * Can a user create a new subscription successfully even if the subscription is not allowed to enter Azure AD? * If the answer is no, does it make sense to use the options to prevent new subscription creation? Thanks,879Views0likes1CommentMS Teams External Federation
Hi, In https://admin.teams.microsoft.com/company-wide-settings/external-communications, it can allow only specific domains to communicate externally. If I want to be able to communicate with a company that has domain company.com and us.company.com, do I have to add both? From my tests, it seems adding company.com will not allow lookups of users with us.company.com. Thanks.Is there really no way to limit subscription creation by non-admin users?
I've seen some old posts saying the capability is unavailable. I also reached out the MS support who also said it's not possible. Considering providing any user the ability to create new subscriptions can get out of hand, I am wondering whether there is really no way to prevent regular users from creating new subscriptions. Anyone has any ideas/suggestions? Thank you.Solved11KViews0likes3CommentsAny way to find all users who can create new subscriptions?
Hi Our security team wants to identify all users who can create new subscriptions. From what I understand, users assigned with billing admin/contributor roles can do that and there are other roles that can grant users to create new subscriptions too. Is there an easy way to identify all users who can create new subscriptions? Thanks.1.5KViews0likes1CommentAzure Service Bus: Log all activities to the messages in a queue?
Hi, I am looking into a way to monitor all activities in a message queue such as sending to and picking up messages from a queue. I look at the logs in the admin portal but it does not seem to provide specifics. I tried to run in the service bus: AzureDiagnostics | where ResourceProvider == "MICROSOFT.SERVICEBUS" | where Category == "OperationalLogs" Is there a way to log details such as source/action/queue? Thanks.657Views0likes0CommentsRe: Windows DHCP servers in HA does not replicate scope options?
Thanks, Dave Patrick! Do you by any chance know the reason behind it? It does not quite make sense scope changes have to be replicated manually, considering replicating scope configs/data is part of Failover/HA relationship establishment in the first place. Keeping both servers in sync including the scope configurations should be the primary objective of the HA. Thanks.8.9KViews0likes3Comments
Recent Blog Articles
No content to show