The ability to customize Azure AD Login branding with company images has been around for many years. Recently though additional configuration options have become available. Specifically, the ability to provide Username hint and Sign-in page text. Having recently done a mock-up of this for an engagement there were a few items that I want to recall for the next time I need to do this.… keep reading
Microsoft Graph using MSAL with PowerShell and Certificate Authentication
Close to 3 years ago I authored this post on using PowerShell for Certificate based Azure AD Authentication using ADAL (Active Directory Authentication Library). More recently I’ve published posts on using MSAL (MicroSoft Authentication Library) with PowerShell for Application and Delegated integration with the Microsoft Graph.… keep reading
Convert Azure AD Users from Members to B2B Members
Last week Microsoft released the public preview of the ability to convert Azure AD Users from members to B2B members. This means that full Azure AD User Objects (rather than Guests) can be federated to another tenant and that the Azure AD User object remains as a ‘member’ User Type.… keep reading
Auditing Azure AD Registered Applications
Azure AD Registered Applications are the Azure AD version of Active Directory Service Accounts. Over time, the number of them grow and grow, each having permissions to consume information from Azure AD and or Microsoft Graph. As an Administrator of Azure AD there is maintenance associated with these Registered Applications, namely credential validity and more important application validity.… keep reading
ChatOps for Azure Active Directory
Last year I wrote Lithnet Microsoft Identity Manager plug-ins for PoshBot. After publishing those I developed the majority of a PoshBot plugin to enable ChatOps for Azure Active Directory. Finally with a little more bandwidth at the start of 2020 I’ve been able to put the finishing touches on the module and release it.… keep reading
Microsoft Graph using MSAL with PowerShell
Update 9 July 2020: This post details using MSAL with PowerShell for Azure AD Registered Applications with Application Permissions. See this post for using MSAL with PowerShell for Azure AD Registered Applications with Delegated Permissions. See this post for using MSAL with PowerShell for Azure AD Registered Applications using Application Permissions with Certificate based authentication.… keep reading
Microsoft Identity Manager Graph Connector stopped-extensible-extension-error
Running a Delta Import on the Microsoft Identity Manager Graph Connector returns stopped-extensible-extension-error .
Looking into the Application Event Log we initially see BadRequest.
Digging deeper we find DeltaLink older than 30 days is not supported.
In this particular case the Microsoft Graph Connector for Microsoft Identity Manager has not run in over 30 days and the Differential Query DeltaLink cookie that I detailed in this post and this post has expired.… keep reading
Azure AD/Active Directory User Security Evaluation Reporter
During December 2018 – February 2019 Microsoft have run an online Microsoft Graph Security Hackathon on Devpost.
The criteria of the hackathon was;
- Build or update a functioning Microsoft Graph-powered solution that leverages the Microsoft Graph Security API
Following the announcement of the Hackathon I was encouraged by Kloud management to enter. … keep reading
Updated: Azure AD B2B Guest Invitations Microsoft Identity Manager Management Agent
In August I posted this that detailed Automating Azure AD B2B Guest Invitations using Microsoft Identity Manager. More recently Microsoft updated the Microsoft Graph to include additional information about Azure AD B2B Guest users and I wrote this that creates HTML Reports based off these new attributes.… keep reading
Azure Active Directory B2B Pending and Accepted User Reports
One of the benefits of Cloud Services is the continual enhancements that vendors provide based on feedback from their customers. One such item of feedback that Microsoft has heard often is the request to know what state a Guest user in Azure AD is in.… keep reading