Skip to content

Entra

Enrich Microsoft 365 profile card with extensions and custom attributes

Microsoft 365 is equipped with a very nice, but underestimated feature: Profile cards. I’m sure you know Microsoft Delve, and how it can enrich your Office 365 profile with relevant information such as hobbies, working hours, skills, and your birthday. Next to that, you can find information about recent projects, and the people that you worked with. All this information and insights are getting more and more integrated with the profile card feature. You can find the profile card in… 

Azure Active Directory Identity Governance – Azure AD Entitlement Management

In this series, we take a look at Azure Active Directory Identity Governance. This premium feature provides you with all the tools that you need to take and keep control over your (external) identities and access to roles, resources, applications, and groups. In short, Identity Governance gives you three ways to do this: Azure AD Access Reviews (review membership of groups and access to applications) Azure AD Privileged Identity Management (manage time-based and approval-based role activation to protect your resources with just-in-time… 

Azure Active Directory Identity Governance – Privileged Identity Management

In this series, we take a look at Azure Active Directory Identity Governance. This premium feature provides you with all the tools that you need to take and keep control over your (external) identities and access to roles, resources, applications, and groups. In short, Identity Governance gives you three ways to do this: Azure AD Access Reviews (review membership of groups and access to applications) Azure AD Privileged Identity Management (manage time-based and approval-based role activation to protect your resources with just-in-time… 

Azure Active Directory Identity Governance – Access Reviews

In this series, we take a look at Azure Active Directory Identity Governance. This premium feature provides you with all the tools that you need to take and keep control over your (external) identities and access to roles, resources, applications, and groups. In short, Identity Governance gives you three ways to do this: Azure AD Access Reviews (review membership of groups and access to applications) (This blog post) Azure AD Privileged Identity Management (manage time-based and approval-based role activation to protect your… 

License on-demand with Power Automate and Azure AD

Most organizations are using group-based licensing in Azure Active Directory. This is often integrated with the onboarding process of the users. But there are some use cases where you have some non-standard licenses attached to your tenant that you hand out on demand. You could still use group-based licensing, but users are added manually to the group. Thinking about that scenario, I came up with a pretty easy method to automate this flow. In short: a user can request a… 

Block outdated operating systems with Cloud App Security

It is not unlikely that some of your users still use Windows 7 on their home computers. Or any other outdated operating system (heaven forbid). Despite the warnings, news articles, and endless coffee chit chats about this subject, they still have the – “if it ain’t broke, don’t fix it” – mindset, and will eventually use it to access work resources as well. With the use of Conditional Access you can block specific operating systems, but you cannot specify a… 

Azure MFA authentication method analysis. Share the results with Power Automate!

You might have seen the sample script, created by the Microsoft community, to run some analysis on your Azure MFA authentication methods. This script can be used to make recommendations on how to improve each user’s MFA configuration. You can run the script against your tenant, and the results can be exported to a CSV file. Wouldn’t it be cool to share those results with your users straight away? With the use of Power Automate (Flow), we can easily send… 

Microsoft Secure Score Series – 15 – Do not expire passwords

Research has found that when periodic password resets are enforced, passwords become less secure. Users tend to pick a weaker password and vary it slightly for each reset. If a user creates a strong password (long, complex and without any pragmatic words present) it should remain just as strong in 60 days as it is today. It is Microsoft’s official security position to not expire passwords periodically without a specific reason, and recommends that cloud-only tenants set the password policy… 

Bulk dismiss risky users with Power Automate or Logic Apps

Update 08-10-2020: Microsoft released an official connector for Azure AD Identity Protection. This would be much easier to use, since you don’t have to create a service principal to authenticate the custom connector. However, at the time of writing the official connector does not have the action to get all the risky users. Will keep an eye on things. This blog was inspired by an Azure AD Mailbag blog about Azure AD Identity Protection. In the article, Microsoft provided a… 

Prepopulate phone methods using a Custom Connector in Power Automate

Part 2 – Automation In the previous blog post of this series, I’ve shown you the use of the Graph API and how you could manually populate the phone methods for your users. Today, we are going to take it a step further. We’re going to add some automation with Power Automate by using a custom connector. What are we building? Today we are going to add a phone method for all your users using Power Automate and a custom…