Microsoft Entra

Create a user mailbox using Lifecycle Workflows in Microsoft Entra ID Governance

by

When I started using Microsoft Entra ID Governance Lifecycle workflows to handle Joiners in my company, the first task I wanted to accomplish using the Lifecycle workflows was the creating of a new employee’s mailbox in a hybrid environment. Creating of user mailboxes is not an out-of-of-the-box task in Lifecycle Workflows, but it can be … Read more

Monitor Lifecycle Workflows status in Entra ID Governance

by

A few days ago, I was doing some maintenance on my company’s Lifecycle Workflows and discovered that one of the Lifecycle workflows had the same failed task every time the Lifecycle workflow had run. The task is a Custom Extension task (PowerShell based). This got me thinking about how I could get a notification when … Read more

Create onboarding Lifecycle Workflows using Microsoft Entra ID Governance

by

Onboarding of users is something that should not be taken lightly as it’s a first impressions matter as lot and it says a great deal about an IT department for new users when the start that they have everything need to get started for the job they were hired to do. There are of course … Read more

Using API-driven user provisioning with an Azure SQL database as a source of truth

by

Automating API-Driven User Provisioning with an Azure SQL Database. This post guides you through setting up an Azure SQL database and, integrating it with your HR system’s API, and then automating user creation and updates in Active Directory using API-driven provisioning to on-premises Active Directory

Configure EmployeeHireDate and EmployeeLeaveDateTime in Active Directory to be used with Microsoft Entra ID Governance.

by

To fully use Microsoft Entra ID Governance – more precisely lifecycle workflows -, you do need to configure a few things, although it is not mandatory to do it since all the lifecycle workflows can be run on-demand. But the whole purpose of lifecycle workflows is that they should run automatically based on attribute changes … Read more

Securing Service Principals in Microsoft Entra ID with Conditional Access policies

by

Service Principals in your Microsoft cloud environment has long been a nice and convenient way to provide access to resources like SharePoint Online, Entra ID, Microsoft Graph or Azure resources by using a secret (password) or a certificate, and by then combining it with the client ID (username) for the Service Principles to be able … Read more

Modifying the attribute mapping in API-driven provisioning to on-premises Active Directory.

by

This blog post is a small continuation of the blog post about Getting started with API-driven Inbound User Provisioning to On-Premises AD, but in this blog, I’m going to show you how to modify the API and Active Directory mapping of attributes when you are provisioning users. This is useful if want to customize mapping … Read more

Getting started with API-driven Inbound User Provisioning to On-Premises AD

by

API-driven Inbound User Provisioning to On-Premises AD is a feature that I personally have been really excited about for quite some time. I started working with it when it was in public preview around June 2023 and it went to General Availability in early 2024.API-driven Inbound User Provisioning is streamlined way of managing users in … Read more

Monitor Azure App registration secret / certificate expiry with PowerShell

by

I came across a need to know when a certificates and secrets are about to expire on Azure app registrations, but there was no native way for me do this, expect to just scroll down the application registration list and look for “Expirer soon”, and that didn’t really do it for me.
So, I decided to look for way to get notified a number of days before a secret or a certificate will expire using PowerShell. I ended up writing this script and then running it using an Automation Account in Azure, but you can run this script everywhere, if you have the Microsoft Graph PowerShell module installed on the platform of your choice.

Read more