darrenjrobinson – Bespoke Identity and Access Management Solutions
Enterprise Microsoft and SailPoint Identity & Access Management Architect
I’m curious. I often think, how does that work? Or why does it behave like that? We are well into the journey towards Passwordless adoption and I’ve spoken and posted about aspects of it before. Always a good place to start are the standards.… keep reading
Which Azure AD Tenants is my user account federated too? More specifically, in which Azure Active Directory Tenants do I have an Azure Active Directory B2B Guest Account? Is there a way I can quickly get an Azure AD User Account Federation Report?… keep reading
This post relates to my Microsoft Reactor Sydney presentation from July 6 2021 – Digital Identity. Are we there yet?
Your Digital Identity is the foundation of who you are in our modern online world. In this session we take a quick trip down memory lane reminiscing on how our online digital identities have evolved and our early attempts at managing and securing them.… keep reading
Microsoft Graph webhooks or the ability to receive an Azure AD Change Notification has been around for some time. However, as I primarily deal with Azure AD for user and group objects I never previously had the need to utilize them.… keep reading
Accessing Microsoft Office365, the Azure Portal, and the plethora of services we integrate with Azure Active Directory is for the most part seamless, especially when you only need to access a single tenant. However, it is 2021, and collaboration across tenants is the new normal.… keep reading
Recently I’ve posted about accessing Microsoft Graph using MicroSoft Authentication Libraries (MSAL) with Python and using MSAL with Python and Delegated Permissions. This is the final post in the series where I give an example and script for accessing Microsoft Graph using MSAL with Python and Certificate Authentication.… keep reading
Recently I wrote about reporting on individual Azure AD Users Authentication Methods using Microsoft Graph and PowerShell. Whilst this is great at a user level, Azure AD Authentication Methods Summary Reports at an organization level are often requested by IT Management.… keep reading
Collaboration between Azure Active Directory tenants typically involves Azure AD Guest accounts. After a few years, the proliferation of ‘Guest’ accounts usually becomes a focus, especially for larger tenants. As Azure AD has matured the meta data associated with accounts, along with Microsoft Graph improvements is making it easier to define and locate stale Azure AD B2B Guest Accounts.… keep reading
Reporting on users’ registered Azure AD Authentication methods is a more common request from enterprise security teams recently with the advance of Passwordless Authentication. In mid 2020 Microsoft added the ability to report on Azure AD Authentication Methods using Microsoft Graph, however ONLY with Delegated Microsoft Graph permissions.… keep reading
The ability to obtain Individual User Usage Reports has been possible in Office365 for many years. However, they were only available from each individual service such as Teams, OneDrive, Exchange, SharePoint and Yammer. If you wanted a holistic view you needed to query each of the services API’s and collate the responses for each identity.… keep reading