Recently I wrote about reporting on individual Azure AD Users Authentication Methods using Microsoft Graph and PowerShell. Whilst this is great at a user level, Azure AD Authentication Methods Summary Reports at an organization level are often requested by IT Management.… keep reading
Finding Stale Azure AD B2B Guest Accounts based on lastSignInDateTime
Collaboration between Azure Active Directory tenants typically involves Azure AD Guest accounts. After a few years, the proliferation of ‘Guest’ accounts usually becomes a focus, especially for larger tenants. As Azure AD has matured the meta data associated with accounts, along with Microsoft Graph improvements is making it easier to define and locate stale Azure AD B2B Guest Accounts.… keep reading
Reporting on Users’ Azure AD Authentication Methods using Microsoft Graph and PowerShell
Reporting on users’ registered Azure AD Authentication methods is a more common request from enterprise security teams recently with the advance of Passwordless Authentication. In mid 2020 Microsoft added the ability to report on Azure AD Authentication Methods using Microsoft Graph, however ONLY with Delegated Microsoft Graph permissions.… keep reading
Getting Microsoft 365 Individual User Usage Reports with PowerShell
The ability to obtain Individual User Usage Reports has been possible in Office365 for many years. However, they were only available from each individual service such as Teams, OneDrive, Exchange, SharePoint and Yammer. If you wanted a holistic view you needed to query each of the services API’s and collate the responses for each identity.… keep reading
Microsoft Graph using MSAL with Python
For MSAL with Python and Delegated Permissions see this post. For MSAL with Python and Certificate Authentication see this post.
The Microsoft Authentication Libraries (MSAL) started to become generally available in May 2019 and I’ve previously written numerous posts on leveraging the .NET… keep reading
Microsoft Graph using MSAL with PowerShell and Certificate Authentication
Close to 3 years ago I authored this post on using PowerShell for Certificate based Azure AD Authentication using ADAL (Active Directory Authentication Library). More recently I’ve published posts on using MSAL (MicroSoft Authentication Library) with PowerShell for Application and Delegated integration with the Microsoft Graph.… keep reading
Microsoft Graph using MSAL with PowerShell and Delegated Permissions
In October last year I authored this post that provided a getting started guide to using MSAL with PowerShell. That post also hinted at future posts expanding on additional functionality. Finally, I’m delivering on that with this post that will dive into using MSAL with PowerShell and delegated permissions.… keep reading
Microsoft Graph using MSAL with PowerShell
Update 9 July 2020: This post details using MSAL with PowerShell for Azure AD Registered Applications with Application Permissions. See this post for using MSAL with PowerShell for Azure AD Registered Applications with Delegated Permissions. See this post for using MSAL with PowerShell for Azure AD Registered Applications using Application Permissions with Certificate based authentication.… keep reading
Microsoft Identity Manager Graph Connector stopped-extensible-extension-error
Running a Delta Import on the Microsoft Identity Manager Graph Connector returns stopped-extensible-extension-error .
Looking into the Application Event Log we initially see BadRequest.
Digging deeper we find DeltaLink older than 30 days is not supported.
In this particular case the Microsoft Graph Connector for Microsoft Identity Manager has not run in over 30 days and the Differential Query DeltaLink cookie that I detailed in this post and this post has expired.… keep reading
Microsoft Build – ‘Build apps that integrate, automate, and manage security operations’ Presentation
At Microsoft Build last week I was honoured to co-present the “Build apps that integrate, automate, and manage security operations” session on the Microsoft Security Graph with Preeti Krishna and Sarah Fender
The session was recorded and is available here
The PowerPoint presentation itself is here BUILD19_SecurityDeveloperPlatform
I provided a demo of my Microsoft U.S.E.R… keep reading