Category: Azure B2B

Azure AD External Identities with SAML IdP part 2 of 2

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 12/04/2023 0 Comments on Azure AD External Identities with SAML IdP part 2 of 2
Posted in Authentication methods, Azure, Azure AD, Azure B2B, Azure B2C, Identity, Identity Platform, Security

In this part we will see the end-user experience and what you could use instead of Direct federation. SAML-based External IdP can be also done with federating your cloud-based domains. The idea and the concept is the same but in…

Continue Reading Azure AD External Identities with SAML IdP part 2 of 2

Azure AD External Identities with SAML IdP part 1 of 2

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 05/04/2023 0 Comments on Azure AD External Identities with SAML IdP part 1 of 2
Posted in Authentication methods, Azure, Azure AD, Azure B2B, Hybrid, Identity, Identity Platform, Security

In the picture above, you can see how Conditional Access will evaluate those guest users. The majority of users who are typically thought of as guests fall into this category. This B2B collaboration user has guest-level access in your organization…

Continue Reading Azure AD External Identities with SAML IdP part 1 of 2

Do’s and don’ts concerning security for Identity part 4

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 30/10/2022 0 Comments on Do’s and don’ts concerning security for Identity part 4
Posted in Azure, Azure AD, Azure B2B, Conditional access, Entitlement management, IAM, Identity, Microsoft 365, Microsoft Authenticator, Microsoft Graph, Security

Continuing with the do’s of Identity and supposing that you are in part of your journey that you have either Hybrid or fully cloud-based identities. In the last part I covered how you can use Hybrid Identity Administrator role, Automation…

Continue Reading Do’s and don’ts concerning security for Identity part 4

Automatic assignment policy in Entitlement management

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 01/09/2022 0 Comments on Automatic assignment policy in Entitlement management
Posted in Azure, Azure AD, Azure B2B, Entitlement management, IAM, Identity, Security

If you are not familiar with Entitlement management, read this first. Microsoft keeps evolving Azure AD Entitlement management solution, here is a feature added previously. And there is again a new feature added, let us see what it is. Automatic…

Continue Reading Automatic assignment policy in Entitlement management

TOTP globally available for Azure AD B2C

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 17/08/2022 0 Comments on TOTP globally available for Azure AD B2C
Posted in Azure, Azure B2B, Azure B2C, Conditional access, Identity, Identity Platform, Microsoft Graph, Powershell, Security

I wrote before a post about B2C in general, how to use our own custom domain thru Azure Front door and how to use custom policies. I prefer that you read these out to get clearer picture of B2C functionality….

Continue Reading TOTP globally available for Azure AD B2C

Section 3 – Design a Zero Trust strategy and architecture – Design an identity security strategy

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 10/08/2022 0 Comments on Section 3 – Design a Zero Trust strategy and architecture – Design an identity security strategy
Posted in Azure, Azure AD, Azure B2B, Azure B2C, Hybrid, Identity, sc-100, Security

And onward to the next section in my SC-100 study guide: Note: includes hybrid and multi-cloud scenarios! Design a strategy for access to cloud resources Recommend an identity store (tenants, B2B, B2C, hybrid) Recommend an authentication strategy Recommend an authorization…

Continue Reading Section 3 – Design a Zero Trust strategy and architecture – Design an identity security strategy

Section 15 – Plan and Implement an Identity Governance Strategy – Plan, implement and manage access reviews

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 08/04/2022 0 Comments on Section 15 – Plan and Implement an Identity Governance Strategy – Plan, implement and manage access reviews
Posted in Access Reviews, Azure, Azure AD, Azure B2B, Identity, Security

Next section to my SC-300 study guide will cover the following: plan for access reviews create access reviews for groups and apps monitor access review findings manage licenses for access reviews automate access review management tasks configure recurring access reviews…

Continue Reading Section 15 – Plan and Implement an Identity Governance Strategy – Plan, implement and manage access reviews

Section 14 – Plan and Implement an Identity Governance Strategy – Plan and implement entitlement management

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 06/04/2022 0 Comments on Section 14 – Plan and Implement an Identity Governance Strategy – Plan and implement entitlement management
Posted in Access Reviews, Azure, Azure AD, Azure B2B, Entitlement management

Next section to my SC-300 study guide will cover the following: define catalogs define access packages plan, implement and manage entitlements implement and manage terms of use manage the lifecycle of external users in Azure AD Identity Governance settings What…

Continue Reading Section 14 – Plan and Implement an Identity Governance Strategy – Plan and implement entitlement management

Section 13 – Implement Access Management for Apps – Implement app registrations

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 03/04/2022 0 Comments on Section 13 – Implement Access Management for Apps – Implement app registrations
Posted in Azure, Azure AD, Azure B2B, Azure B2C, Identity, Identity Platform, Security

Getting to the end, slowly but surely. In this section covering the following: plan your line of business application registration strategy implement application registrations configure application permissions implement application authorization plan and configure multi-tier application permissions What is App registration…

Continue Reading Section 13 – Implement Access Management for Apps – Implement app registrations

Some of my personal favorites for auditing Microsoft environments

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 24/03/2022 0 Comments on Some of my personal favorites for auditing Microsoft environments
Posted in AAD Connect, ADFS, AIP, Azure, Azure AD, Azure B2B, Azure Information Protection, Compliance, Conditional access, Data Loss Prevention, Identity, Microsoft 365, Security

Professionals are always finding out ways to report M365 or Azure environments, automating activities or remediating threats. There is insane amount of content available to achieve these goals but I want to list some of my favorites in this post….

Continue Reading Some of my personal favorites for auditing Microsoft environments