Using Powershell to update Azure authentication method – phone number

Azure AD Multi-Factor Authentication (MFA) works by requiring two or more authentication methods for a user to gain access to applications. Multi-factor authenticator in Azure AD can be set using different methods such as Microsoft Authenticator, Phone number, Email  etc. One of the easiest MFA methods that doesn't require any user configuration and can be…
Powershell script to audit all Azure AD app registrations and notify secret key or certificate expiration

This week, I have another real-time use case about the audit of all azure AD app registrations and notify the application credential (secret key or certificate) near to expiration. Registering an application in Azure AD establishes a trust relationship between your app and the Microsoft identity platform, The application registration can be used to authenticate…
Exchange Online and Azure AD Administrative Units (AUs)

Note: This article was first published on www.procloudguru.com by Alpesh .Since the website is down, I am publishing the content here. This post talks about the Administrative Units in Azure AD. I will also touch upon delegating mail recipients’ task for exchange online for one such similar AU. In an hybrid Exchange scenario where you sync your identities from your…
Exploring Azure AD Continuous Access Evaluation (CAE) in real time

Microsoft Azure Active Directory and Office 365 uses open standards and protocols such as OpenID Connect (OIDC) for authentication and OAuth 2.0 for authorization. In Azure Active Directory, when a client application like Outlook connects to a service like Exchange Online, the API requests are authorized using OAuth 2.0 access tokens. By default, these access…
Use powershell to create Azure AD dynamic security group for Azure AD joined (AADJ) devices only

  Recently, we had a requirement from customer, that they wanted to deploy applications /apply device configurations etc. from Intune to Azure AD Joined devices ONLY but not other devices like BYOD intune enrolled devices. (MAM/MDM) With intune, you can target apps ,device configurations, profiles ,deployments to both user groups OR device groups but not…
Conditional Access to prompt MFA if user coming from untrusted location a.k.a exclude MFA from company intranet

Introduction: Multi-factor authentication (MFA) is a method of confirming a user's claimed identity in which a user is granted access only after successfully presenting 2 or more pieces of evidence (or factors) to an authentication mechanism. What is  Azure Multi-Factor Authentication ? Two-step verification is a method of authentication that requires more than one verification…