Hi
we are planning to use NPS and MFA connector for remote desktop services on the local server.
I wanted to know if we could turn on MFA just for accessing the Remote gateway server or does it have to be turned on for outlook clients and OWA straight away.
thank you.
Mahesh
Hello,
I am trying to login in into AAD using ADAL "aquireTokenWithUsernamePassword".
However it doesn't work when the user has MFA enabled, how can I fix this?
Hi,
I'm new to the whole Azure Domain situation and I've managed to self teach myself through deploying a new domain.
I have a 2016 Data-centre VM running joint to the AD DS, all the users on Azure AD are showing on the AD built into the server, however when i try and push a GPO out applied to a specific user/group, it is not being picked up on a PC that is Azure joined (shows up in devices in Azure AD) and logged in by one of the users the GPO should be applied to.
Am I missing something obvious here? Let me know if more information is needed.
Kind Regards,
TeeKay
During doing Azure G-suite users provisioning I need to assign email alias to my g-suite accounts. But I couldn't find google_apps mapping for this.
And seems that other attributes such as street, department etc do not work
Please write down step-by-step instructions to make it work
Hi to all.
I've a problem: I create an angular application hosted by SharePoint Online.
Angular service uses ADAL to get a token by using Azure Active Directory Application in order to invoke an external custom Rest Service.
All works fine if my page does not have parameter.
If my code try to authenticate itself from a page with parameter (e.g. SharePoint Document Set Home Page), the authentication fails with the error:
"The reply url specified in the request does not match the reply urls configured for the application".
Doc Set Home Page (without parameters) is listed on App Reply Urls.
Any ideas?
Thanks,
Sergio
Regards,
Bubu
http://zsvipullo.blogspot.it
Please mark my answer if it helped you, I would greatly appreciate it.
I have set permission : internet and access network state
The first and 2nd attempt to login were OK.
problem:
}
catch(Exception ex){
string strErr = ex.ToString();
await DisplayAlert("Failure", "Authentication failed.", "Ok");
}
}
Please help.
Thanks
Hi, we have an issue where Win 10 machines are unable to complete autoenrollment.
We are able to manually enroll the device in Intune MDM and this works fine & the devices show up in Azure portal under Intune > devices as MDM managed.
If we turn autoenrollment off, we are also able to complete the join to AAD without any issue and the device shows up in Azure as AAD joined & MDM would say none.
Keeping autoenrollment off, if we first AAD join then machine and then manually enroll the device in MDM it works.
Given this we believe something is broken between AAD & Intune from an auto-enrollment perspective. This happens for any account we try as well as any machine. Any ideas what could be causing an issue? Thank you in advance!
Hi, we moved to a hybrid solution for O365. I used to use my work email for a live ID and had about 370 points. After the upgrade to O365, I do not seem to be able to use my old profile. This is my prior activity.
https://social.msdn.microsoft.com/profile/randy%20in%20marin/?ws=usercard-mini
I created a new profile so that I could use the forums. I used my personal private account. My new profile is
https://social.msdn.microsoft.com/profile/randy_in_marin/
Is my old ranking and points lost to me? What options do I have?
Thanks, "Randy in Marin" and "Randy_in_Marin"
Hi all
this may be an easy one not sure, when we first set up our office 365 tenant, if a user was set as the owner of a group in the 365 admin portal the would then be able to add and remove members from that group, this is a very good feature if we have admins that we only want to be able to administer groups, they do have to be given an admin role to be able to get into the portal, ie password admin, but this is ok for what we are trying to achieve.
how even if a user is an owner of a group they get the message
"You need to have the global admin role or the Exchange admin role to edit this group. To get access, contact your global admin and ask them to assign you one of those roles."
can anyone help be understand why this would have changed? group owners were definitely able to manage membership of their groups a few weeks ago
Thanks for your help
Dear All,
How to get SSO enabled Registered Applications list using PowerShell with Application Owner details?
Need Your Help!
Thanks,
Shashidhar
Sorry, but we’re having trouble signing you in.
AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application: 'c9598e68-f*ff-*471-**46-32**69ae50**'.
Integrating Jenkins with Azure AD and I am running Jenkins on http://localhost:8080/, I have also added this to my reply URL but still facing above issue my Jenkins also able to successfully verify the application using application ID.
Sorry! You do not have access to this page.
Why i can't access this page even though I have global administrator permission? Do I need to add other permissions somewhere?
So, i'm quite new to this and i hope i've asked this question in the right Place, but tbh i am in a bit of Deep water so i guess it's a bit of a shot in the dark! I've working at a small Company that's earlier been using a normal server room with a normal server domain, my work really aint that complicated. i remove the computer from the domain and then i put the computer into the Azure "cloud domain" of whatever you want to call it. My problem starts when i try to login to the users account, a configuration starts, called "configurating unit for workplace" it's a 3 step process and it gets stuck on the third step called "profileconfiguration" it says it's trying to identify "security principles" "certificates" "network Connections" and "apps".
I'm sorry if it's all a bit vague, i can supply more information if needed, i thought that however this turns out it's Worth a try!
Hello,
ADFS servers in my current workplace was configured outside of ADconnect but we are now trying to move to PTA. i have read the procedure from the link below
https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect-pass-through-authentication-faq
It explains that i have to convert the domain from federated to managed but did not specify the exactly command.
has anyone migrated recently to please share which command they ran on ADFS server to change from federated to managed?
Dear Sir/Mam,
My job is to create a IT infra for a startup. For the same, Azure AD is being used for SSO in different PCs by different Users. However, we are not able to implement Group Policy by a centralized server.
So, we created a windows 2016 server as virtual machine on Azure, and integrated Azure AD with AD to create hybrid AD DS. Till now, our PCs are only connected to Azure AD, not the real domains (we are sure about this because workgroups are still working)
Here by real domains, I refer to the domain that we would have if we were not using Azure AD, but only on premise ADs.
Kindly, provide a solution to us.
Best regards,
Sahil Goyal
Hi!
I've just enabled device writeback feature on Azure AD Connect, but devices which joining to On-Premise domain are now not replicated to Azure AD.
I checked Sync Service Manager and it only shows "Projections: 1" and "Connectors with Flow Updates: 1" with a new device. No "Adds" or whatsoever. Containers are checked and it worked before...
Does anyone know what could go wrong?
I had a Windows 10 account that I logged in with using my hotmail e-mail address. Later on, I connected this account using AzureAD join. Now I login to this account using my work e-mail. Connecting to AzureAD join seems to have converted the local account
into an AzureAD join account, but it still uses the local C:\Users\<hotmail account> folder.
I want to remove the work access and go back to the original account. I know that I can do this by disconnecting, but Windows warns me saying that if I disconnect, then I can no longer sign-in with the account.
I thought I would be able to login with my old hotmail account since it was the original sign-in. I tried signing in with my hotmail account, but it won't recognize the password even though it is correct.
What happens if I disconnect? Do I lose access to this account? Why won't Windows 10 recognize my hotmail account anymore? I can login to hotmail with web browsers, but not Windows 10.
This seems like a serious design flaw.
EDIT:
Well, I lost the account after disconnecting and providing an admin account. Thanks alot crappy Windows 10 and AzureAD. Now I have to manually copy over the contents of my old account into a new admin account. This is a pretty serious design flaw
in my opinion. You should be able to disconnect from an AzureAD join and go back to the original sign-in. AzureAD should not be hijacking a local account.
Hi All,
I've been tasked with migrating a company of around 400 users on to the Azure platform. Their current on site infrastructure consists of a few DC’s, web servers and a SQL server. They want all of this moved to Azure.
My question is around best practices for domain controllers/active directory placement. Which of these configurations would you recommend?
If you could also provide some supporting information as to why you chose the solution above that would be great.
Thanks,
Stuart