Entra ID

Latest Articles

Windows Laptops, Remote Work and Today’s Threat Landscape

Windows Laptops, Remote Work and Today’s Threat Landscape

The reality is, remote employees and working situations are here to stay. Unfortunately, many organizations have regressed in terms of endpoint security, partly due to the pandemic as well as the subsequent rush to implement remote work solutions. To help make sense of the many technologies out there and determine the best approach for your organization, this article explores different options from the traditional Active Directory domain membership with group policy management, to co-management with Configuration Manager and Microsoft Intune.

August 9, 2021
How to Report Teams Channel Storage with Microsoft Graph API and PowerShell

How to Report Teams Channel Storage with Microsoft Graph API and PowerShell

Within large organizations utilizing Teams, generating reports on channel storage and then migrating this data is extremely difficult. To help map out how Teams uses SharePoint, this article introduces a simple Graph API/PowerShell script to report Teams channels and their SharePoint locations and walks you through the steps so you can run the report yourself.

July 15, 2021
Upgrading PowerShell Scripts with Azure AD Cmdlets to Use Graph API Calls
PowerShell Microsoft Graph

Upgrading PowerShell Scripts with Azure AD Cmdlets to Use Graph API Calls

Microsoft has announced that they won't support the Azure AD Graph after June 30, 2022. This means that the Azure AD PowerShell module won't be supported either. With that in mind, it's probably a good idea to think about how to upgrade scripts to use Graph API calls instead of Azure AD cmdlets. In this article, we take a script created to count members in distribution lists and convert it to use the Graph. As it turns out, the Graph bit is easy. It's all the housekeeping beforehand that takes the time.

July 7, 2021
Taking Control of Your Unmanaged PCs with Intune One comment
Azure AD Intune Windows 10

Taking Control of Your Unmanaged PCs with Intune

In a frantic rush to enable remote workers at the onset of the pandemic, many organizations were forced to ship devices directly to the user from the supplier without any prior configuration by IT. Administrators must take back control to properly secure and manage these devices. This article will show you how to regain control and prepare for scalable deployments consistent with corporate policy; reviews best practices for long-term management; and gets you thinking about how to protect your organization from this type of unmanaged situation in the future.

June 14, 2021
Creating Custom B2B Guest User Invitations with Graph API 14 Comments
Azure AD Microsoft Graph API PowerShell

Creating Custom B2B Guest User Invitations with Graph API

Azure AD business-to-business guest user accounts are a terrific way to securely grant access to apps and services for external users and partner organizations. In this article, a script is introduced that can be used to automate the guest user invitation process, integrating it more seamlessly with any custom applications.

June 2, 2021
“Right to Disconnect” – Implementing a Timed Disclaimer in Exchange Online with Azure Automation 5 Comments
Working from home

“Right to Disconnect” – Implementing a Timed Disclaimer in Exchange Online with Azure Automation

Over the past year, the pandemic has disrupted traditional work patterns. With many working from home, many organizations now focus on how to help employees manage their work/life balance. Platforms like Microsoft Viva Insights can help, but there are many steps admins can take using existing technology to support a wellbeing mindset in their organization. An easy and effective change is to implement a transport rule that reminds people they have the “Right to Disconnect” when an email is received outside work hours. This article walks you through how to implement a timed disclaimer in Exchange Online with Azure Automation.

May 13, 2021
Achieving Passwordless Authentication in Azure AD 6 Comments

Achieving Passwordless Authentication in Azure AD

In the second iteration of a two-part series about FIDO2 and passwordless authentication, we walk you through how to facilitate your passwordless deployment for Azure AD identities. Once passwordless authentication is achieved, users can authenticate up to 3x faster and helpdesks should receive fewer requests for password resets, saving your organization time and money.

May 11, 2021
Inventorying Permissions Assigned to Azure AD Apps 10 Comments

Inventorying Permissions Assigned to Azure AD Apps

Many apps are created in the Azure AD for a tenant. Those apps have permissions to allow them to access data, and consent for those permissions are granted by administrators and users. How often do you check what apps are known in your Azure AD and what permissions those apps have? In this article, we review how to use the Graph API and PowerShell to create a report inventorying apps and permissions. What you do with that data is up to you!

April 26, 2021
Why Microsoft 365 Audit Logs Lack Proper Fit and Finish 3 Comments

Why Microsoft 365 Audit Logs Lack Proper Fit and Finish

The audit events generated for license assignments to user accounts available in the Azure AD audit log and Office 365 audit log are inconsistent and incomplete. This is certainly true for licenses assigned to accounts through auto-claim policies and group-based licensing, but known gaps exist in the audit records generated in other areas of Office 365 and Microsoft 365 functionality. We think Microsoft needs to pay attention to ensure that auditing works consistently and predictably across all workloads. Once they improve the fit and finish of audit record generation, they can move into other areas, like charging for access to high-value audit events.

April 14, 2021