Skip to content

Knowledgebase

Viewing changes to Conditional Access policies just became easier!

Today, a quick tip for all Entra admins out there. Conditional Access policies can be subject to change. When a policy is changed, its not very easy to see what changed. From the audit logs, this is how it looks: Let’s face it; that’s not very convenient to read. Well, here’s the good part: Microsoft released a new feature that can “visualize” changes to Conditional Access straight from the audit logs. This will show the changes side by side. You… 

Microsoft icons

That’s the post for today. Just a bunch of sources with icons from Microsoft 365, Azure, Azure AD, and other Microsoft-related services. This can be super handy if you need high-quality images for your excellent slides and documentation. Enjoy! Do you have a source to add? Drop me an email! Happy to keep this list going. Amazing Icon Downloader Amazing Icon Downloader – Microsoft Edge Addons Awesome extension for Edge & Chrome. This works pretty well if you use the… 

KB – Write requests (excluding DELETE) must contain the Content-Type header declaration.

This is a knowledgebase item. I hope it helps you out someday. The issue When using the HTTP action in Power Automate or Logic Apps in combination with Graph API, you get the following error: Write requests (excluding DELETE) must contain the Content-Type header declaration. Despite having a header included, you still got prompted with this error message. Cause In my case, this happened when the API required a body that I did not provide. I used it to create… 

KB – mobile phone number not in sync Azure AD Connect

This is a knowledgebase item. Hope it helps you out someday. The issue Some users reported that the mobile phone number in Azure Active Directory / Office 365 was different from the number in on-prem Active Directory. Even though these users were synced with Azure AD Connect, the mobile phone attribute was no longer in sync. Cause After some investigation, it seemed that the affected accounts were previously edited with the Set-MsolUser cmdlet from the MSOnline PowerShell module. To make… 

KB – SelfServicePasswordReset write-back problem – error hr=80230818

This is a knowledgebase item. Hope it helps you out someday. Now, since you landed on this page, I assume you’ve got the following issue: Azure AD SelfService Password Reset worked like a charm for quite some time. All of the sudden it stopped working, and you have no idea why. You have checked the permissions on the service account, and all looks good. You are in a hybrid setup, and use password write back. All checkmarks are green. Azure… 

ADMX ingestion for Centero Agent and Carillon Client using Intune

This article is about the ADMX templates for Centero Agent and Carillon client, that you can use to configure the settings on your endpoints. Microsoft Endpoint Manager (Intune) is capable of ADMX ingestion, but this process can be complex sometimes. This article will explain the ADMX ingestion and has a couple of examples, on how to handle various settings. ADMX ingestion Before the client can use settings from the ADMX template, you need to ingest them with Microsoft Endpoint Manager/Intune… 

KB – Add account operation is blocked by policy on the device

This is a knowledgebase item. Hope it helps you out someday. Error Add work or school account in Windows 10 or 11 fails with this message: “add account operation is blocked by policy on the device”. Error code: CAA50101 Solution Check the value of Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WorkplaceJoin\BlockAADWorkplaceJoin Change the value to 0. If this device is managed by your organization, you might not able to change this. Please contact your administrator, if that is the case.