Powershell script to audit all Azure AD app registrations and notify secret key or certificate expiration

This week, I have another real-time use case about the audit of all azure AD app registrations and notify the application credential (secret key or certificate) near to expiration. Registering an application in Azure AD establishes a trust relationship between your app and the Microsoft identity platform, The application registration can be used to authenticate…
Use PowerShell to audit the Conditional Access Policies and alert via email

Conditional Access in Azure Active Directory needs no introduction. To read more information about Conditional Access, please refer to https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview In my recent assignment, there was an ask to back up the conditional access policies every day and also notify through email for a list of conditional policies that are created or modified in the…
Using filters to restrict security information registration from trusted devices

It has been a while since Microsoft has released the combined registration (security) feature that helps users to register for both MFA and SSPR can register once if the methods in the Azure AD Multi-Factor Authentication and SSPR policies are enabled. For more information about Combined security information registration please read https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-registration-mfa-sspr-combined One of the…
Exchange Online and Azure AD Administrative Units (AUs)

Note: This article was first published on www.procloudguru.com by Alpesh .Since the website is down, I am publishing the content here. This post talks about the Administrative Units in Azure AD. I will also touch upon delegating mail recipients’ task for exchange online for one such similar AU. In an hybrid Exchange scenario where you sync your identities from your…
Qualys SAML integration with Azure AD

Note: This article was first published on www.procloudguru.com by Alpesh .Since the website is down, I am publishing the content here. This article is about Azure AD integration with Qualys which is not formally documented with Qualys and is not listed as on Azure AD App gallery. That being said, not just Qualys but any…
Exploring Azure AD Continuous Access Evaluation (CAE) in real time

Microsoft Azure Active Directory and Office 365 uses open standards and protocols such as OpenID Connect (OIDC) for authentication and OAuth 2.0 for authorization. In Azure Active Directory, when a client application like Outlook connects to a service like Exchange Online, the API requests are authorized using OAuth 2.0 access tokens. By default, these access…
Get a list of devices based on iOS enrolment type – dynamic groups in Azure Active Directory

A year ago, Apple announced a new method of iOS/iPad device enrolment which is called User Enrollment. This enrolment method is available in iOS 13 and macOS 10.15 Catalina and later OS. with user enrollment, we can use federated authentication to link Apple Business Manager to your instance of Microsoft Azure Active Directory (Azure AD). As…