Entra 🆔 News #108 → This week in Microsoft Entra
Learn about GA of Application Based Authentication in Microsoft Entra Connect Sync, Entra Suite Summer Camp and more!
👋 Hi, Merill and Joshua here with this week’s roundup of the latest news on Microsoft Entra from around the globe 🌍.
This week, Microsoft released a significant number of GA updates. A major highlight is the public preview for converting the source of authority for synced Active Directory groups to the cloud. This is an important feature that enables you to begin migrating on-premise groups.
Don't forget, the Microsoft Entra Suite Summer Camp starts in a few days! You can still register for sessions on Entra ID Governance, Global Secure Access, and more.
Our podcast this week is a special one, featuring my co-workers, Ramiro and Clay—two of the key people behind the wildly popular Zero Trust Workshop. If you want to learn about securing Entra and Intune, it's well worth a listen.
Enjoy!
Sponsored by:
Robopack – Automated Intune App Patching
Still repackaging the same apps for Intune, one update at a time? Still patching manually and hoping nothing breaks? Robopack takes care of the whole process for you, from discovering apps to deploying updates, even apps outside Intune you didn’t know needed patching.
Finds unmanaged apps automatically
Patches with rollback and deployment control
Supports custom scripts and app settings
Keeps new apps patched with Radar tracking
ISO 27001 certified for data protection
Set your patching once and let Robopack do the rest. Trusted by MSPs, enterprises, and IT teams who are done wasting time on repetitive tasks.
Check it out: robopack.com
⚡️ Microsoft
🏆 General Availability
Application Based Authentication on Microsoft Entra Connect Sync • Microsoft Learn
Audit administrator events in Microsoft Entra Connect Sync • Microsoft Learn
Conditional Access What If API • Microsoft Learn
A fresh look for the Microsoft authentication background • Ankur Patel
Announcing GA of Bicep templates support for Microsoft Entra ID resources • Dan Kershaw
Restricted Management Administrative Units • Microsoft Learn
New Lifecycle Workflows task to revoke refresh tokens • Microsoft Learn
Conditional Access Agent Supports Disabling Agent Creation of Report-Only Policies • Microsoft Learn
🔥 Public Preview
📖 Read
🗣️ Message Center
Sponsored by:
Unlock the Power of AI with Oasis
AI agents and non-human identities are exploding across cloud and SaaS, yet most remain unmanaged.
Oasis delivers continuous visibility, rich context around permissions, usage, and ownership, policy enforcement, and full lifecycle automation for every NHI.Prevent privilege sprawl, detect anomalous behavior, automate key rotation and decommissioning, and take steps toward federated authentication. Oasis equips security and identity teams with scalable, end-to-end governance built for the age of autonomous systems.
From the community…
🚀 Most popular posts from last week
🥇No, FIDO2 Was Not Bypassed — Just Poor Implementation • Dr. Emin Huseynov
🥈Changes Coming to Smoothen Edges in Microsoft Authenticator App • Tony Redmond
🥉Microsoft Makes Token Protection Available for Entra ID P1 Licenses • Daniel Bradley
☀️ Learn
👩✈️ AI & Copilot
💳 Verified ID
Beginner's Guide to Decentralized Identity • Sooraj Payyoormana
👮♂️ ID Governance
Dynamic approval in Entra ID access packages using custom extensions • Jan Bakker
Entra ID Governance Levies Charges for Guest Accounts • Tony Redmond
🌐 Private Access & Internet Access (GSA)
Finally! Private Access for Domain Controllers is Here • Dustin Gullett
🔑 Authentication
Legacy MFA & SSPR are retiring -How to migrate MFA and SSPR settings to the Authentication methods policy • Ewelina Paczkowska
Microsoft Authenticator – Same Device Sign-in Experience changing • Rudy Mens
🤖 DevOps & PowerShell
Assign Microsoft Graph permissions using Azure Bicep • Brian Veldman
📺 No more secrets! Optimize your Power Platform deployment using federated credentials (15 min) • Reshmee Auckloo
📺 Entra Authentication 101 - PSConfEU 2025 (48 min) • Fred Weinmann
🚦 Conditional Access
Important Changes to Conditional Access Policies for Azure DevOps Sign-ins • Daniel Bradley
Prevent Permanent Deletion of Entra ID Objects Using Protected Actions • Aima
📺 Advanced Conditional Access for IT Pros | Complete Guide (57 min) • Ru Campbell, Nathan Hutchinson
🖥️ Devices
Internet-facing File Servers, with a dash of Entra Authentication! • Anthony Fontanez
Solving the Endless MFA Loop in Azure Virtual Desktop — What Really Went Wrong • Shaun Hardneck
Trouble with Windows Hello PIN? Error Code 0x80090010 • Moe Kinani
📺 Cleaning up stale devices in Intune and Entra ID (3 min) • Andrew Johnson, Johan Arwidmark
🏙️ External ID - Guests & Multi-Tenant Organizations
🥷 Security
Microsoft OAuth App Impersonation Campaign Leads to MFA Phishing | Proofpoint US • The Proofpoint Threat Research Team
NIST Special Publication (SP) 800-63-4, Digital Identity Guidelines • NIST
The 7 Most Forgotten Microsoft 365 Security Settings • Rudy Mens
📺 Audit & Secure Microsoft 365 Fast with Maester (Free, 280+ Tests) (10 min) • Jonathan Edwards
♻️ Sync
Group SOA Conversion – From AD to Entra! • Anthony J. Fontanez
🎙️ Podcasts
HIP Podcast: Getting Rid of ADFS • Sean Deuby, Sander Berkouwer
🔥 Maester
👨🏽💻 Merill’s corner
Want to get featured on Entra.News? → Submit your content 😎
Want us to say nice things about your company? Sponsor entra.news 🤩
Love the newsletter? Tell us 💚❤️💜
🪃 Acknowledgement of Country
Entra.News is created on Wurundjeri land and acknowledges the traditional owners of country throughout Australia, recognising their continuing connection to land, water and community. We pay our respect to them and their cultures and to elders both past and present.