Azure Active Directory

Latest Articles

Connecting to the Microsoft Graph Using the PowerShell SDK 49 Comments

Connecting to the Microsoft Graph Using the PowerShell SDK

The Microsoft Graph SDK for PowerShell exists to help developers use Graph API calls from PowerShell. It works, but like anything in life, there's a right way to connect and use the SDK and a wrong way. In this article we explore topics like how to connect to the right tenant, how permissions are managed (or not), and why running Graph SDK cmdlets interactively isn't something you should do in production. Good as the SDK is, Microsoft has some big issues to solve to address some obvious security issues.

September 23, 2021
Azure AD App Management Method Policies Harden Application Security Posture One comment

Azure AD App Management Method Policies Harden Application Security Posture

Still in public preview, new application authentication method policies will help Microsoft 365 customers adhere to best practices for managing application credentials, while asserting pressure on ISVs to do the same. Going forward we can expect this to turn into a standard configuration, enforced across many organizations. To address the problem, Microsoft is ready to release a set of features to help. In this article, we introduce you to Azure AD application authentication method policies, one of the features in the set.

September 22, 2021
Microsoft Forces Move from Azure AD Cmdlets for License Management 9 Comments

Microsoft Forces Move from Azure AD Cmdlets for License Management

On June 30, 2022, Azure AD and Microsoft Online Services cmdlets will stop working for license management. The result is that you need to upgrade PowerShell scripts which use these cmdlets. The choice is to use Graph API calls or cmdlets from the Microsoft Graph PowerShell SDK. In this article, we explore the steps necessary to upgrade a script to remove service plans from an Office 365 license (SKU).

September 9, 2021
How to Convert Azure B2B Guest Users to Members While Maintaining User Collaboration 19 Comments

How to Convert Azure B2B Guest Users to Members While Maintaining User Collaboration

Azure B2B guest accounts are often created during a Merger & Acquisition, so teams from both organizations can easily collaborate during the business and technology integration. However, these external users with B2B Guest accounts in their directory will eventually need to be migrated, which is problematic since B2B Guest accounts aren’t recognized as being licensed. The guest account can be removed and a new one created, but previous permissions would be lost. So how do we preserve permissions, keep collaborating without managing two sets of credentials while preparing the user account for data migrations? This article walks you through a solution that can be used in certain situations to help you easily manage the account to meet your needs.

September 8, 2021
Windows Laptops, Remote Work and Today’s Threat Landscape

Windows Laptops, Remote Work and Today’s Threat Landscape

The reality is, remote employees and working situations are here to stay. Unfortunately, many organizations have regressed in terms of endpoint security, partly due to the pandemic as well as the subsequent rush to implement remote work solutions. To help make sense of the many technologies out there and determine the best approach for your organization, this article explores different options from the traditional Active Directory domain membership with group policy management, to co-management with Configuration Manager and Microsoft Intune.

August 9, 2021
How to Report Teams Channel Storage with Microsoft Graph API and PowerShell

How to Report Teams Channel Storage with Microsoft Graph API and PowerShell

Within large organizations utilizing Teams, generating reports on channel storage and then migrating this data is extremely difficult. To help map out how Teams uses SharePoint, this article introduces a simple Graph API/PowerShell script to report Teams channels and their SharePoint locations and walks you through the steps so you can run the report yourself.

July 15, 2021
Upgrading PowerShell Scripts with Azure AD Cmdlets to Use Graph API Calls
PowerShell Microsoft Graph

Upgrading PowerShell Scripts with Azure AD Cmdlets to Use Graph API Calls

Microsoft has announced that they won't support the Azure AD Graph after June 30, 2022. This means that the Azure AD PowerShell module won't be supported either. With that in mind, it's probably a good idea to think about how to upgrade scripts to use Graph API calls instead of Azure AD cmdlets. In this article, we take a script created to count members in distribution lists and convert it to use the Graph. As it turns out, the Graph bit is easy. It's all the housekeeping beforehand that takes the time.

July 7, 2021
Taking Control of Your Unmanaged PCs with Intune One comment
Azure AD Intune Windows 10

Taking Control of Your Unmanaged PCs with Intune

In a frantic rush to enable remote workers at the onset of the pandemic, many organizations were forced to ship devices directly to the user from the supplier without any prior configuration by IT. Administrators must take back control to properly secure and manage these devices. This article will show you how to regain control and prepare for scalable deployments consistent with corporate policy; reviews best practices for long-term management; and gets you thinking about how to protect your organization from this type of unmanaged situation in the future.

June 14, 2021
Creating Custom B2B Guest User Invitations with Graph API 14 Comments
Azure AD Microsoft Graph API PowerShell

Creating Custom B2B Guest User Invitations with Graph API

Azure AD business-to-business guest user accounts are a terrific way to securely grant access to apps and services for external users and partner organizations. In this article, a script is introduced that can be used to automate the guest user invitation process, integrating it more seamlessly with any custom applications.

June 2, 2021