As many organizations adapt legacy scripts to use app authentication instead of traditional service account credentials, security can be compromised if certain risks are overlooked. While app secrets can be great for testing code, there’s a reason they have an enforced expiry date - the longer a secret exists in production, the higher the risk it will become compromised. The methods described in this article will help build a good foundation for app authentication while keeping security top of mind when creating or updating automation scripts.
Still in public preview, new application authentication method policies will help Microsoft 365 customers adhere to best practices for managing application credentials, while asserting pressure on ISVs to do the same. Going forward we can expect this to turn into a standard configuration, enforced across many organizations. To address the problem, Microsoft is ready to release a set of features to help. In this article, we introduce you to Azure AD application authentication method policies, one of the features in the set.
Every organization faced with a large tenant-to-tenant migration is concerned with how quickly they can migrate their content, and often view throttling as a nuisance. This article details why throttling is important to the process; how you can outline expectations with the client, and best practices for accommodating throttling against a timeline.
Microsoft has announced that they won't support the Azure AD Graph after June 30, 2022. This means that the Azure AD PowerShell module won't be supported either. With that in mind, it's probably a good idea to think about how to upgrade scripts to use Graph API calls instead of Azure AD cmdlets. In this article, we take a script created to count members in distribution lists and convert it to use the Graph. As it turns out, the Graph bit is easy. It's all the housekeeping beforehand that takes the time.
When contacts are added to an organizations Global Address List (GAL), they do not always populate in the users personal device contacts depending on what app, device, etc. is being used. This becomes problematic when users working from outside the office are unable to contact the IT Service Desk, HR, or other internal services. To solve the problem, this article introduces a PowerShell script that will read a set of standard contacts from a CSV file and write them as personal contacts to user mailboxes. Mobile devices can then synchronize these contacts along with others created by the user.