Using filters to restrict security information registration from trusted devices

It has been a while since Microsoft has released the combined registration (security) feature that helps users to register for both MFA and SSPR can register once if the methods in the Azure AD Multi-Factor Authentication and SSPR policies are enabled. For more information about Combined security information registration please read https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-registration-mfa-sspr-combined One of the…
Exchange Online and Azure AD Administrative Units (AUs)

Note: This article was first published on www.procloudguru.com by Alpesh .Since the website is down, I am publishing the content here. This post talks about the Administrative Units in Azure AD. I will also touch upon delegating mail recipients’ task for exchange online for one such similar AU. In an hybrid Exchange scenario where you sync your identities from your…
Qualys SAML integration with Azure AD

Note: This article was first published on www.procloudguru.com by Alpesh .Since the website is down, I am publishing the content here. This article is about Azure AD integration with Qualys which is not formally documented with Qualys and is not listed as on Azure AD App gallery. That being said, not just Qualys but any…
Exploring Azure AD Continuous Access Evaluation (CAE) in real time

Microsoft Azure Active Directory and Office 365 uses open standards and protocols such as OpenID Connect (OIDC) for authentication and OAuth 2.0 for authorization. In Azure Active Directory, when a client application like Outlook connects to a service like Exchange Online, the API requests are authorized using OAuth 2.0 access tokens. By default, these access…
Get a list of devices based on iOS enrolment type – dynamic groups in Azure Active Directory

A year ago, Apple announced a new method of iOS/iPad device enrolment which is called User Enrollment. This enrolment method is available in iOS 13 and macOS 10.15 Catalina and later OS. with user enrollment, we can use federated authentication to link Apple Business Manager to your instance of Microsoft Azure Active Directory (Azure AD). As…
Monitor Azure AD Enterprise applications using powershell script

Azure Active Directory (Azure AD) is the future and is Microsoft’s cloud-based identity and access management service, which helps your users to sign in and access resources. Azure AD contains a large number of enterprise applications such as the gallery, on-premise, custom-developed, and non-gallery applications. For more information about Application Management in Azure AD, please…
Use powershell to create Azure AD dynamic security group for Azure AD joined (AADJ) devices only

  Recently, we had a requirement from customer, that they wanted to deploy applications /apply device configurations etc. from Intune to Azure AD Joined devices ONLY but not other devices like BYOD intune enrolled devices. (MAM/MDM) With intune, you can target apps ,device configurations, profiles ,deployments to both user groups OR device groups but not…