Practical 365

About Vasil Michev

Vasil Michev is an Office Servers and Services MVP, specializing in Office 365. He's currently employed as a Technical Product Manager, and in his free time he can be found helping others in the Office 365 community.

Inventorying Azure AD Apps and Their Permissions

by Leave a Comment

Many apps are created in the Azure AD for a tenant. Those apps have permissions to allow them to access data, and consent for those permissions are granted by administrators and users. How often do you check what apps are known in your Azure AD and what permissions those apps have? In this article, we review how to use the Graph API and PowerShell to create a report inventorying apps and permissions. What you do with that data is up to you!

Why Microsoft 365 Audit Logs Lack Proper Fit and Finish

by 1 Comment

The audit events generated for license assignments to user accounts available in the Azure AD audit log and Office 365 audit log are inconsistent and incomplete. This is certainly true for licenses assigned to accounts through auto-claim policies and group-based licensing, but known gaps exist in the audit records generated in other areas of Office 365 and Microsoft 365 functionality. We think Microsoft needs to pay attention to ensure that auditing works consistently and predictably across all workloads. Once they improve the fit and finish of audit record generation, they can move into other areas, like charging for access to high-value audit events.