Entra ID

Latest Articles

Using Cross-Tenant Access Settings for Azure B2B Collaboration 15 Comments

Using Cross-Tenant Access Settings for Azure B2B Collaboration

When Microsoft released cross-tenant access settings into preview, the natural focus was on how this capability enabled external access to Teams shared channels. However, the story is deeper because cross-tenant access settings are also available for Azure AD B2B Collaboration (aka guest user access). A different blocking mechanism is used and it delivers better results, once you're used to the new method.

April 18, 2022
Microsoft 365 License Management for User Accounts with the Microsoft Graph PowerShell SDK 61 Comments

Microsoft 365 License Management for User Accounts with the Microsoft Graph PowerShell SDK

MSOL and AzureAD license management cmdlets stop working at the end of March 2024. By then, Microsoft 365 will have switched to a new license management platform. The Microsoft Graph PowerShell SDK includes cmdlets which can replace the older code, once you know how. The good news is that this article is packed full of practical examples of how to add, remove, and update licenses assigned to Entra ID user accounts.

April 13, 2022
How to Create and Use Azure AD Cross Tenant Access Policies 24 Comments

How to Create and Use Azure AD Cross Tenant Access Policies

Azure AD cross-tenant access settings or policies define how your tenant collaborates with other Microsoft 365 tenants. By default, collaboration using Azure B2B Direct Connect is disabled, so some work is needed to prepare for Teams shared channels. In this article, we look at how to set up cross-tenant policies to enable collaboration to begin using Teams shared channels.

April 7, 2022
Why Continuous Access Evaluation (CAE) for Azure AD Matters 5 Comments

Why Continuous Access Evaluation (CAE) for Azure AD Matters

Continuous access evaluation (CAE) is a feature that flew under the radar over the past two years. Even so, CAE for Azure Active Directory is an extremely important feature that will not only increase the security posture of your environment but reduce the amount of time before a user loses access to resources when certain critical events happen. This article discusses the need for the feature and how to work with it.

March 22, 2022
Creating New Microsoft 365 Accounts with PowerShell 3 Comments

Creating New Microsoft 365 Accounts with PowerShell

It's common to find a requirement to create new Microsoft 365 accounts with PowerShell. We're at a point of transition when the old method of using the Azure AD module will switch to the Microsoft Graph PowerShell SDK or Graph API queries. In this article, we explain how to create new accounts and assign licenses with both the Azure AD module and the Microsoft Graph PowerShell SDK.

March 21, 2022
Why Azure AD Backup is Needed 4 Comments

Why Azure AD Backup is Needed

Backing up Azure AD may sound like a counterintuitive concept to many. However, in this article, we examine several reasons aside from Disaster Recovery that support why this is good practice for enterprise organizations, now more than ever.

March 17, 2022
Microsoft Extends Support for Azure AD Graph API for Six Months

Microsoft Extends Support for Azure AD Graph API for Six Months

Microsoft has announced a six month extension for support of the Azure AD Graph API. The new deadline is the end of 2022, which gives Microsoft 365 tenants some extra time to convert PowerShell scripts which use the Azure AD and MSOL modules. The original deadline for retirement of the Azure AD license management cmdlets remains at June 30, 2022.

March 3, 2022
Ten Ways to Harden the Security of Your Microsoft 365 Tenant – Part 2 One comment

Ten Ways to Harden the Security of Your Microsoft 365 Tenant – Part 2

Over the years, the Microsoft security stack has become very feature rich and offers many ways to customize the configuration. Third-party products are available with similar features, but lack the integration capability of the Microsoft stack. In the second part of the "Ten Ways to Harden the Security of Your Microsoft 365 Tenant" series, we look at five ways to secure your environment using controls that require a premium license such as Office E5 or Azure AD Premium.

March 2, 2022
Ten Ways to Harden the Security of a Microsoft 365 Tenant 4 Comments

Ten Ways to Harden the Security of a Microsoft 365 Tenant

If there's one topic all administrators can agree on, it's that security is something every organization should work to improve in 2022. In this two-part article series, we explain ten different ways to improve tenant security that every administrator should consider. The first part reviews five ways to harden tenant security without the need for extra licenses, using controls that every organization can implement.

February 17, 2022
Why Using App Secrets in Production is a Bad Idea 3 Comments

Why Using App Secrets in Production is a Bad Idea

As many organizations adapt legacy scripts to use app authentication instead of traditional service account credentials, security can be compromised if certain risks are overlooked. While app secrets can be great for testing code, there’s a reason they have an enforced expiry date - the longer a secret exists in production, the higher the risk it will become compromised. The methods described in this article will help build a good foundation for app authentication while keeping security top of mind when creating or updating automation scripts.

February 16, 2022
Attack Simulation Training: RBAC and End User Notifications 2 Comments

Attack Simulation Training: RBAC and End User Notifications

Attack Simulations are Microsoft’s foray into a crowded field of competitors who provide a service that trains users to recognize dangerous email with simulated Phishing or malware-infested messages. Microsoft has continually added features and functionality since they released Attack Simulations, including additional simulation types, different payloads, custom payloads, customizable training and more. The most recent upgrades are RBAC permissions and end user notifications. These two additions to Attack Simulation Training are a great incentive to deploy and adopt this functionality, as End User communications are the key enhancement that make this feature worthwhile for an organization.

February 15, 2022