home.social

#azuread — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #azuread, aggregated by home.social.

  1. What's New in Office 365, Friday, May 01, 2026
    35 new posts across 18 Microsoft websites since Tuesday, April 28, 2026

    #Microsoft365 #Office365 #MicrosoftTeams #Microsoft365Copilot #MicrosoftAzure #SharePoint #AzureAD

    • Microsoft Defender for Office 365 (1)
    • Microsoft Copilot Studio Blog (1)
    • Microsoft Power Platform Blog (1)

    ..and more: o365.cannell.org/2026/05/01/wh

  2. What's New in Office 365, Friday, May 01, 2026
    35 new posts across 18 Microsoft websites since Tuesday, April 28, 2026

    #Microsoft365 #Office365 #MicrosoftTeams #Microsoft365Copilot #MicrosoftAzure #SharePoint #AzureAD

    • Microsoft Defender for Office 365 (1)
    • Microsoft Copilot Studio Blog (1)
    • Microsoft Power Platform Blog (1)

    ..and more: o365.cannell.org/2026/05/01/wh

  3. What's New in Office 365, Friday, May 01, 2026
    35 new posts across 18 Microsoft websites since Tuesday, April 28, 2026

    #Microsoft365 #Office365 #MicrosoftTeams #Microsoft365Copilot #MicrosoftAzure #SharePoint #AzureAD

    • Microsoft Defender for Office 365 (1)
    • Microsoft Copilot Studio Blog (1)
    • Microsoft Power Platform Blog (1)

    ..and more: o365.cannell.org/2026/05/01/wh

  4. What's New in Office 365, Tuesday, April 28, 2026
    12 new posts across 11 Microsoft websites since Friday, April 24, 2026

    #Microsoft365 #Office365 #MicrosoftTeams #MicrosoftAzure #Microsoft365Copilot #AzureAD

    • Access Blog (1)
    • Ask the Directory Services Team (1)
    • Teams Blog (1)

    ..and more: o365.cannell.org/2026/04/28/wh

  5. What's New in Office 365, Tuesday, April 28, 2026
    12 new posts across 11 Microsoft websites since Friday, April 24, 2026

    #Microsoft365 #Office365 #MicrosoftTeams #MicrosoftAzure #Microsoft365Copilot #AzureAD

    • Access Blog (1)
    • Ask the Directory Services Team (1)
    • Teams Blog (1)

    ..and more: o365.cannell.org/2026/04/28/wh

  6. What's New in Office 365, Tuesday, April 28, 2026
    12 new posts across 11 Microsoft websites since Friday, April 24, 2026

    #Microsoft365 #Office365 #MicrosoftTeams #MicrosoftAzure #Microsoft365Copilot #AzureAD

    • Access Blog (1)
    • Ask the Directory Services Team (1)
    • Teams Blog (1)

    ..and more: o365.cannell.org/2026/04/28/wh

  7. 🟦 Entra ID Backup. What you Need to Know!

    Microsoft has added built in backup and restore to Entra ID — a big win for admins. 🔹
    It creates automatic daily backups with five days of retention.
    Backups cannot be disabled or deleted even by admins.
    Restores cover users groups apps and policies enabling faster recovery and compliance.

    💡 Daily backups retained for five days
    🔍 Restore users groups apps and policies
    ⚖️ Backups stored in tenant geo for compliance

    Want a short guide to get started?

    #EntraID #IdentityBackup #AzureAD #CloudSecurity
    ▶︎hubsite365.com/en-ww/pro-offic

  8. ----------------

    🛠️ Tool
    ===================

    Executive summary:
    The Zero Trust Assessment is a Microsoft PowerShell module designed to evaluate tenant configuration against Zero Trust principles and produce a local HTML report. The module performs read-only checks via Microsoft Graph and, optionally, Azure sign-in/audit log verification, and requests administrator consent on the initial connection.

    Technical details:
    • The module operates by authenticating to Microsoft Graph to enumerate tenant configuration and security-related settings. When available, it also connects to Microsoft Azure to verify export of audit and sign-in logs.
    • The assessment is explicitly read-only and stores results locally in an output folder that contains an ZeroTrustAssessmentReport.html file and associated artifacts.
    • Initial authentication requires Global Administrator consent to grant a set of Graph permissions. Subsequent assessments can run under Global Reader where applicable.

    Permissions observed:

    AuditLog.Read.All
    CrossTenantInformation.ReadBasic.All
    DeviceManagementApps.Read.All
    DeviceManagementConfiguration.Read.All
    Directory.Read.All
    DirectoryRecommendations.Read.All
    Policy.Read.All
    Policy.Read.ConditionalAccess
    Reports.Read.All
    RoleManagement.Read.All
    UserAuthenticationMethod.Read.All
    PrivilegedAccess.Read.AzureAD

    How it works (conceptual):
    • The module queries tenant objects, policy configuration, device management settings, role and entitlement data, and authentication methods via Graph endpoints.
    • If Azure sign-in is provided, additional checks validate whether audit/sign-in logs are being exported and accessible for monitoring and retention checks.

    Use cases:
    • Internal security reviews to benchmark tenant configuration against Zero Trust recommendations.
    • Regular health checks before audits or compliance assessments.
    • Pre-engagement diagnostic for third‑party security assessments (with caution about sharing results).

    Limitations and considerations:
    • The tool requires elevated consent on the first run; organizations must review requested Graph permissions before consenting.
    • The assessment may skip Azure‑dependent checks when Azure access is not provided, producing partial results.
    • Large tenants can experience runs exceeding 24 hours; the report and export folder contain sensitive tenant metadata and should be handled securely.

    References & notes:
    • The module name and approach indicate an endpoint‑driven audit using Graph APIs with local result storage. Additions such as custom report paths are supported conceptually.

    🔹 tool #ZeroTrust #MicrosoftGraph #AzureAD #tenant_security

    🔗 Source: learn.microsoft.com/en-us/secu

  9. RE: infosec.exchange/@merill/11618

    Android Authenticator

    Root Detection

    🚨⚠️🚨⚠️🚨⚠️🚨⚠️

    #MicrosoftAuthenticator on #Android
    strictly blocks usage on rooted or
    jailbroken devices.

    Relies on Google
    Play Services;

    privacy-focused OS
    distributions (e.g., #GrapheneOS)
    lacking Play Services will be
    completely blocked.

    THIS WONT MAKE EVERYONE HAPPY

    #EntraID #AzureAD

  10. 🟦 Entra ID Access Reviews — Beginner's Guide

    New walkthrough demystifies Microsoft Entra ID Access Reviews and how they enforce least privilege 🚀

    💡 Access review basics and workflow
    🔍 Setup steps roles and scopes
    ⚖️ Automation recommendations and audit trails

    ▶︎hubsite365.com/en-ww/pro-offic

    Watch the video for a step by step demo and a preview of upcoming features. Requires Entra ID P2 or Governance licensing for full capabilities. What access review challenge are you tackling next?

    #EntraID #IdentityGovernance #ZeroTrust #AzureAD

  11. 🟦 Entra ID Access Reviews — Beginner's Guide

    New walkthrough demystifies Microsoft Entra ID Access Reviews and how they enforce least privilege 🚀

    💡 Access review basics and workflow
    🔍 Setup steps roles and scopes
    ⚖️ Automation recommendations and audit trails

    ▶︎hubsite365.com/en-ww/pro-offic

    Watch the video for a step by step demo and a preview of upcoming features. Requires Entra ID P2 or Governance licensing for full capabilities. What access review challenge are you tackling next?

    #EntraID #IdentityGovernance #ZeroTrust #AzureAD

  12. 🟦 Entra ID Access Reviews — Beginner's Guide

    New walkthrough demystifies Microsoft Entra ID Access Reviews and how they enforce least privilege 🚀

    💡 Access review basics and workflow
    🔍 Setup steps roles and scopes
    ⚖️ Automation recommendations and audit trails

    ▶︎hubsite365.com/en-ww/pro-offic

    Watch the video for a step by step demo and a preview of upcoming features. Requires Entra ID P2 or Governance licensing for full capabilities. What access review challenge are you tackling next?

  13. 🔧 Keycloak + OpenID (Entra ID) gặp lỗi AADSTS50011: redirect URI không khớp. Cần đồng bộ URI giữa Azure portal và Keycloak: dùng http://localhost:8080/... thay 127.0.0.1 và cập nhật trong “Valid Redirect URIs” của client. Đừng quên chọn “client secret sent in request body” nếu phiên bản cũ không có tùy chọn khác. #Keycloak #OpenID #AzureAD #EntraID #dev #công_nghệ #phát_triển

    reddit.com/r/selfhosted/commen

  14. "While preparing for my Black Hat and DEF CON talks in July of this year, I found the most impactful #EntraID #vulnerability that I will probably ever find. This vulnerability could have allowed me to compromise every Entra ID tenant in the world (except probably those in national cloud deployments). If you are an Entra ID admin reading this, yes that means complete access to your tenant." 😲

    dirkjanm.io/obtaining-global-a

    #Microsoft #security #Cloud #Azure #AD #ActiveDirectory #AzureAD

  15. EntraFalcon is a PowerShell-based security assessment tool to evaluate the security posture of a Microsoft Entra environment: github.com/CompassSecurity/Ent #security #pentest #entraid #azuread

  16. 🎙️ BIG NEWS: I'm launching Entra.Chat - the podcast identity pros have been waiting for!

    After years in the identity trenches, I've seen a lot - the midnight calls, the authentication puzzles, and those "how is this even possible?" moments.

    That's why I created EntraChat - to share the REAL stories behind Microsoft Entra deployments that you won't find in documentation.

    My first episode drops TODAY with identity wizard Ben Wolfe, who reveals how his team migrated 700 apps and 30,000 users from Okta to Microsoft Entra in just 90 days (while implementing Windows Hello for Business simultaneously!)

    I've already recorded amazing conversations with identity leaders who've solved problems you're probably facing right now. Their candid insights and battle-tested solutions might just save your next deployment!

    Upcoming episodes include conversations with
    ❤️ Kuba Gretzky - Creator of EvilGinx
    ❤️ Martin Sandren - Product leader at Ikea
    ❤️ Dhanyah Krishnamoorthy - Product Manager, Microsoft Entra for Connect Sync and Cloud Sync
    ❤️ Samantha 🦚 Kloos-Kilkens -
    ❤️ Nathan McNulty - Fountain of knowledge on all things Microsoft Security

    Who's ready to level up their identity knowledge?

    Drop a 💙 if you're as excited about this as I am!

    Subscribe with your favourite podcast player:
    🎧 Apple Podcast - podcasts.apple.com/us/podcast/

    🎧 Spotify - open.spotify.com/show/2lJSWBTm

    📺 YouTube - youtube.com/@merillx/podcasts

    🎧 Pocketcast - pca.st/10oii6uv

    🎧 Overcast - overcast.fm/itunes1801200012

    🎧 Other podcast apps (rss) - api.substack.com/feed/podcast/

    Episode 1: entra.news/p/from-okta-to-entr

    #MicrosoftEntra #IdentityManagement #TechPodcast #AzureAD #CloudSecurity

  17. 02-14-2025 MSOnline and AzureAD PowerShell modules.. One last Valentine’s day card each dlvr.it/TJ02dV via PlanetPowerShell #ValentinesDay #MSOnline #AzureAD #PowerShell

  18. 02-14-2025 MSOnline and AzureAD PowerShell modules.. One last Valentine’s day card each dlvr.it/TJ02dV via PlanetPowerShell #ValentinesDay #MSOnline #AzureAD #PowerShell

  19. 02-14-2025 MSOnline and AzureAD PowerShell modules.. One last Valentine’s day card each dlvr.it/TJ02dV via PlanetPowerShell #ValentinesDay #MSOnline #AzureAD #PowerShell

  20. 02-14-2025 MSOnline and AzureAD PowerShell modules.. One last Valentine’s day card each dlvr.it/TJ02dV via PlanetPowerShell #ValentinesDay #MSOnline #AzureAD #PowerShell

  21. 02-14-2025 MSOnline and AzureAD PowerShell modules.. One last Valentine’s day card each dlvr.it/TJ02dV via PlanetPowerShell #ValentinesDay #MSOnline #AzureAD #PowerShell

  22. Some Graph API fun today.

    The Graph API knows `applications` (learn.microsoft.com/en-us/grap) and `servicePrincipals` (learn.microsoft.com/en-us/grap).

    The Azure Portal knows `App Registrations` and `Enterprise Applications`.

    App Registrations (Portal) = applications (Graph API)
    Enterprise Applications (Portal) = servicePrincipals (Graph API)

    Applications (App Registrations) and servicePrincipals (Enterprise Applications) have a unique, individual `ObjectId` but the ones that belong together hold the same `ApplicationId` which glues them together.

    Fortunately, the Graph API documentation is clear and relatively consistent on what is expected for requesting an object - either the `objectId` or the `applicationId`:

    ```
    GET /servicePrincipals/{id}
    GET /servicePrincipals(appId='{appId}')
    GET /applications/{applicationObjectId}
    GET /applications(appId='{appId}')
    ```

    When searching for servicePrincipals (Enterprise Applications) in the portal, it is not that clear since the terms are mixed up a bit.

    #azure #graphapi #entraid #azuread #MicrosoftGraph

  23. Some Graph API fun today.

    The Graph API knows `applications` (learn.microsoft.com/en-us/grap) and `servicePrincipals` (learn.microsoft.com/en-us/grap).

    The Azure Portal knows `App Registrations` and `Enterprise Applications`.

    App Registrations (Portal) = applications (Graph API)
    Enterprise Applications (Portal) = servicePrincipals (Graph API)

    Applications (App Registrations) and servicePrincipals (Enterprise Applications) have a unique, individual `ObjectId` but the ones that belong together hold the same `ApplicationId` which glues them together.

    Fortunately, the Graph API documentation is clear and relatively consistent on what is expected for requesting an object - either the `objectId` or the `applicationId`:

    ```
    GET /servicePrincipals/{id}
    GET /servicePrincipals(appId='{appId}')
    GET /applications/{applicationObjectId}
    GET /applications(appId='{appId}')
    ```

    When searching for servicePrincipals (Enterprise Applications) in the portal, it is not that clear since the terms are mixed up a bit.

    #azure #graphapi #entraid #azuread #MicrosoftGraph

  24. Some Graph API fun today.

    The Graph API knows `applications` (learn.microsoft.com/en-us/grap) and `servicePrincipals` (learn.microsoft.com/en-us/grap).

    The Azure Portal knows `App Registrations` and `Enterprise Applications`.

    App Registrations (Portal) = applications (Graph API)
    Enterprise Applications (Portal) = servicePrincipals (Graph API)

    Applications (App Registrations) and servicePrincipals (Enterprise Applications) have a unique, individual `ObjectId` but the ones that belong together hold the same `ApplicationId` which glues them together.

    Fortunately, the Graph API documentation is clear and relatively consistent on what is expected for requesting an object - either the `objectId` or the `applicationId`:

    ```
    GET /servicePrincipals/{id}
    GET /servicePrincipals(appId='{appId}')
    GET /applications/{applicationObjectId}
    GET /applications(appId='{appId}')
    ```

    When searching for servicePrincipals (Enterprise Applications) in the portal, it is not that clear since the terms are mixed up a bit.

    #azure #graphapi #entraid #azuread #MicrosoftGraph

  25. Some Graph API fun today.

    The Graph API knows `applications` (learn.microsoft.com/en-us/grap) and `servicePrincipals` (learn.microsoft.com/en-us/grap).

    The Azure Portal knows `App Registrations` and `Enterprise Applications`.

    App Registrations (Portal) = applications (Graph API)
    Enterprise Applications (Portal) = servicePrincipals (Graph API)

    Applications (App Registrations) and servicePrincipals (Enterprise Applications) have a unique, individual `ObjectId` but the ones that belong together hold the same `ApplicationId` which glues them together.

    Fortunately, the Graph API documentation is clear and relatively consistent on what is expected for requesting an object - either the `objectId` or the `applicationId`:

    ```
    GET /servicePrincipals/{id}
    GET /servicePrincipals(appId='{appId}')
    GET /applications/{applicationObjectId}
    GET /applications(appId='{appId}')
    ```

    When searching for servicePrincipals (Enterprise Applications) in the portal, it is not that clear since the terms are mixed up a bit.

    #azure #graphapi #entraid #azuread #MicrosoftGraph

  26. Some Graph API fun today.

    The Graph API knows `applications` (learn.microsoft.com/en-us/grap) and `servicePrincipals` (learn.microsoft.com/en-us/grap).

    The Azure Portal knows `App Registrations` and `Enterprise Applications`.

    App Registrations (Portal) = applications (Graph API)
    Enterprise Applications (Portal) = servicePrincipals (Graph API)

    Applications (App Registrations) and servicePrincipals (Enterprise Applications) have a unique, individual `ObjectId` but the ones that belong together hold the same `ApplicationId` which glues them together.

    Fortunately, the Graph API documentation is clear and relatively consistent on what is expected for requesting an object - either the `objectId` or the `applicationId`:

    ```
    GET /servicePrincipals/{id}
    GET /servicePrincipals(appId='{appId}')
    GET /applications/{applicationObjectId}
    GET /applications(appId='{appId}')
    ```

    When searching for servicePrincipals (Enterprise Applications) in the portal, it is not that clear since the terms are mixed up a bit.

    #azure #graphapi #entraid #azuread #MicrosoftGraph

  27. #AzureAD #Entra #EntraID Entra ID Tenant ID & Custom Domains PowerShell Module dlvr.it/TFhVtv via PlanetPowerShell

  28. Abusing Family Refresh Tokens for Unauthorized Access and Persistence in Azure Active Directory - github.com/secureworks/family- #redteam #azuread