ENTRA

Hi All, From time to time i check, if there is a new Version of Microsoft Entra Connect Sync available. Microsoft Entra Connect: Version release history Just a few days ago, the Version 2.4.131.0 has been released for Auto upgrade. Let’s check the Auto Upgrade Settings Get-ADSyncAutoUpgrade -Detail Let’s check the Version of Entra Connect Sync (Get-Item "C:\Program Files\Microsoft Azure AD Sync\Bin\miiserver.exe").VersionInfo The Version can also found in Entra Admin Center

Hi All, A few Weeks ago, i wrote a PowerShell Script and an Azure Runbook to report expiring Clientsecrets and Certificates. With the Runbook, the Owners woul even receive an Email bevore the expiry date. Depending on the Permissions of the Application, beeing Owner could add a Path for Privilege Escalation. So i was looking for another Way of storing the Information who is responsable of the App. Tags If you look at the Manifest of an App, there is a String Array Property called Tags

Hi All, With the MC1011142 Message Center Post, Microsoft has announced the retirement of App Permissions for OneNote: Effective March 31, 2025, we will retire support for authentication tokens with application permissions (app-only tokens) for MSGraph OneNote APIs. We will continue to support authentication tokens that have delegated permissions. While app-only tokens are easy to use, they may be more easily exploited compared to more sophisticated authorization methods. Requests to the Notes API endpoints using tokens with application permissions will return 401 unauthorized errors starting March 31, 2025.

Hi All, I’ve added a second Active Directory Forest in my Entra Connect Sync in my Lab. Compliant to the supported Entra Connect Sync topologies. Multiple forests, single Microsoft Entra tenant It’s already a few Months ago, since i’ve configured this and created the Screenshots. Since then Azure AD Connect has been Rebranded to Entra Connect Sync, got updated Icons - but the Process remains the same. Architecture This Article describes, how to add an additional Active Forest to an existing Entra Connect Sync Infrastructure to sync to a common Entra ID Tenant.

Hi All, I am working with a customer on a M365 Onboarding. Bevore migrating Users to the Cloud, we want to make sure the Onboarding of the Microsoft Authenticator App is successful. I was tasked to figure out a way to find out the Users that have registered the Microsoft Authenticator App for MFA Authentication. Enduser Portal From a User Perspective you can see in the Security Information that there are registered two Microsoft Authenticators.

Hi All, By coincidence I’ve stumbled across the Entra Connect Sync Update 2.4.129. It’s released for Auto Upgrade. I am running currently Entra Connect Sync 2.4.27.0 Microsoft Entra Connect: Version release history If it has been released at 01/15/2025 then it’s over three weeks - enough time for the Auto Upgrade to kick in i guess. Microsoft Entra Connect: Automatic upgrade Auto Upgrade is enabled and no SuspensionReason has been set.

Hi All, I’ve alredy blogged this February about Microsoft Entra Verified ID when it was still in Preview. I’ve also blogged about Entra Verified ID Advanced Setup. In the following MS Learn Site, you can find more Information about Verified employee / Verified ID Verify credentials by using the Microsoft Entra Verified ID Network Microsoft Entra Verified ID now generally available since August 2024 it seems, but there is not much Information and Blogs out there, especially for the Verifiable credentials Admin API.

Hi All, Recently I had the Task to set up Entra External collaboration settings with PowerShell. According to the Microsoft Documentation you should use the AzureAD PowerShell Module Allow or block B2B collaboration with organizations The retirement of the MSOnline (MSOL) and AzureAD PowerShell Modules has been postphoned many times. The modules will not be supported after March 30 2025. It would certainly work, but that would be only a short time solution.

Hi All, In the previous Article I’ve explained how to check for Entra Apps with expiring ClientSecrets and Certificates. In this Blog Article i explain how we can extend this into a Azure Automation Runbook. Automation Account The Azure Automation Account needs to have a Managed Identity Use the AZ PowerShell to get Infos about the Azure Automation Account ############################################################################### # Get Managed Identity of Azure Automation Account ############################################################################### Connect-AzAccount -Tenant icewolfch.

Hi All, A few years ago, i did write a Script to warn Entra Application Owners about expiring ClientSecrets and Certificates. PowerShell Script to check for AAD Apps with expiring ClientSecrets and Certificates The Script has been using the AzureAD PowerShell Module. Time to renew it to Microsoft.Graph Entra App Registrations Here is the Code to get the Entra App Registration with Microsoft.Graph PowerShell #Connect to Microsoft.Graph Connect-MgGraph -Scopes Application.Read.All -NoWelcome Let’s have a look at a specific Entra Application