Category: Identity

AAD Connect multi-tenant sync now available

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 17/02/2022 0 Comments on AAD Connect multi-tenant sync now available
Posted in AAD Connect, Azure, Azure AD, Identity

Couple of months ago I wrote about multi-tenant sync when it was still in public preview. So what has changed after it’s globally available? Before the documentation was stating: It is not supported to use the same custom domain name…

Continue Reading AAD Connect multi-tenant sync now available

Azure AD certificate-based authentication (Preview) + Publishing CRL with Application Proxy

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 15/02/2022 0 Comments on Azure AD certificate-based authentication (Preview) + Publishing CRL with Application Proxy
Posted in Azure, Azure AD, Certificates, Identity, Onpremise, Security

Azure AD CBA allows user to sign-in with a certificate. Microsoft has removed the need for external ADFS federation. You can see the situation before this change from Sami Lamppu’s post. Feature highlights Facilitates onboarding to Azure quickly without being…

Continue Reading Azure AD certificate-based authentication (Preview) + Publishing CRL with Application Proxy

Cross-tenant access settings (Preview)

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 10/02/2022 0 Comments on Cross-tenant access settings (Preview)
Posted in Azure, Azure AD, Azure B2B, Identity, Security

Cross-tenant access settings in now in preview. You can use cross-tenant access settings to manage collaboration with external Azure AD organizations but for non-Azure AD organizations, use collaboration settings. https://portal.azure.com/#blade/Microsoft_AAD_IAM/AllowlistPolicyBlade What is Cross-tenant access? External Identities cross-tenant access settings to…

Continue Reading Cross-tenant access settings (Preview)

Section 3 – Manage application access

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 08/02/2022 0 Comments on Section 3 – Manage application access
Posted in Azure, Identity, Powershell, Security

This is the last part of section 3 and will cover two topics: Manage API permissions to Azure subscriptions and resources Configure an authentication method for a service principal Manage API permissions to Azure subscriptions and resources What is Azure…

Continue Reading Section 3 – Manage application access

Section 3 – Manage application access – Integrate single sign-on (SSO) and identity providers for authentication

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 04/02/2022 0 Comments on Section 3 – Manage application access – Integrate single sign-on (SSO) and identity providers for authentication
Posted in AAD Connect, Active Directory, Azure, Azure AD, Identity, Security

This is section 3 of AZ-500 preparation guide and starting with IdP and SSO. What is IdP? Azure AD is also consider as IdP, it can authenticate Your with different cloud services like Google and AWS. An identity provider (IdP)…

Continue Reading Section 3 – Manage application access – Integrate single sign-on (SSO) and identity providers for authentication

Information barriers, the GUI experience (Public preview)

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 02/02/2022 0 Comments on Information barriers, the GUI experience (Public preview)
Posted in Azure, Compliance, Identity, Information Barriers, Security

This pic above is exactly the opposite of how information barriers work. So how it works? When information barrier policies are in place, people who should not communicate or share files with other specific users won’t be able to find,…

Continue Reading Information barriers, the GUI experience (Public preview)

Section 3 – Manage application access – App Registrations

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 01/02/2022 0 Comments on Section 3 – Manage application access – App Registrations
Posted in Azure, Azure B2B, Azure B2C, Identity, Security

This is section 3 and part 2. In this post I will be covering App registrations with the following topics. Create an App Registration Configure App Registration permission scopes Manage App Registration permission consent What is App registration in Azure?…

Continue Reading Section 3 – Manage application access – App Registrations

Multi-tenant App registration and user (Admin) consent

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 31/01/2022 0 Comments on Multi-tenant App registration and user (Admin) consent
Posted in Access Reviews, Azure, Azure B2B, Azure B2C, Identity, Security

What has changed? Microsoft have removed ability for getting user consent for unverified applications. This is an great addition towards security but it will make your life harder as a admin and as a software publisher. Different options Let’s go…

Continue Reading Multi-tenant App registration and user (Admin) consent

Section 2 – Secure access by using Azure AD – Configure access reviews

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 26/01/2022 0 Comments on Section 2 – Secure access by using Azure AD – Configure access reviews
Posted in Access Reviews, Azure, Azure AD, Identity, Security

This will be end of Section 2 and the ending will done with Access Reviews. What are Access Reviews? Access reviews enable organizations to efficiently manage group memberships, access to enterprise applications, and role assignments. User’s access can be reviewed…

Continue Reading Section 2 – Secure access by using Azure AD – Configure access reviews

Section 2- Secure access by using Azure AD – Implement passwordless authentication

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 24/01/2022 0 Comments on Section 2- Secure access by using Azure AD – Implement passwordless authentication
Posted in Azure, Azure AD, Identity, Security

Passwordless authentication is a hot topic, if You have a password it can be cracked or phished. In the last parts we enabled MFA so let’s continue from there. What is passwordless? Passwordless means that You sign-in without a password,…

Continue Reading Section 2- Secure access by using Azure AD – Implement passwordless authentication