Category Archives: Entra ID (Azure)

Remove certificate from a Single Sign-On Enterprise Application

SAML certificates are an important part of Single Sign-On (SSO) in a Security Assertion Markup Language (SAML) environment. SAML certificates are used to establish trust between the identity provider (IdP) and the service provider (SP) in a SAML-based SSO scenario. … Continue reading

Posted in Entra ID (Azure) | Tagged , | 1 Comment

How to disable MFA for all users except the admins in the M365

For a number of reasons, I am often asked how to disable MFA for all users except the administrator in M365 , for example for: educational institutions like schools, etc… If you don’t want to do it, you can still … Continue reading

Posted in Entra ID (Azure), M365 | Tagged , | Leave a comment

Can I set up recurring access reviews for different Azure AD roles

Here is how you can set up recurring access reviews for different Azure AD roles using. Azure AD Privileged Identity Management (PIM):   Create an Access Review: In the Microsoft Entra admin center, go to Identity governance > Privileged Identity … Continue reading

Posted in Entra ID (Azure) | Leave a comment

How to create custom roles with specific permissions in Azure AD

Creating Custom Roles with Specific Permissions in Azure AD Creating custom roles with specific permissions in Azure Active Directory (Azure AD) can be a useful way to grant users the exact level of access they need, without giving them unnecessary … Continue reading

Posted in Entra ID (Azure) | Leave a comment

How can I automate the revocation of privileged roles in Azure AD

Here are the key steps to automate the revocation of privileged roles in Azure AD:       Use Azure AD Privileged Identity Management (PIM): PIM provides the ability to create access reviews for Azure AD roles. This allows you … Continue reading

Posted in Entra ID (Azure) | Leave a comment

How can I automate the reporting of Azure AD role assignments

Here are a few ways to automate the reporting of Azure AD role assignments:       Use PowerShell scripts: The Get-AzRoleAssignmentReport.ps1 script fetches role assignments and compiles them into a comprehensive report sent via email. It requires the managed … Continue reading

Posted in Entra ID (Azure) | Leave a comment