Entra 🆔 News #117 → This week in Microsoft Entra
Learn about the public preview of the new Access Review Agent, B2B guest user support for AVD and more.
👋 Hi, Merill and Joshua here with this week’s roundup of the latest news on Microsoft Entra from around the globe 🌍.
This week is packed with major updates, including Cross-tenant synchronization (cross-cloud) hitting General Availability - along with GA of service principal for Microsoft Entra Connect Sync - a huge step for securing your sync service.
We also have exciting Public Previews like the Access Review Agent for smarter governance, Azure Virtual Desktop for B2B guest users, and new Lifecycle Workflow tools, including triggering workflows for inactive employees.
Plus don’t forget to check out this week’s podcast on Entra External ID.
Enjoy!
Sponsored by:
Don’t Let Entra ID App Governance Be Your Weak Link
Stale apps, misconfigured or over-permissioned app registrations, legacy OAuth components, and weak consent governance create pathways for attackers.This is compounded by:
⌨️ Citizen developers (Agents ⏩ Apps)
🔃 Inconsistent Entra ID application governance ownership & offboarding
🗑️ Many vendors don’t remove apps after uninstallThese gaps create the perfect storm for breaches and business disruption. ENow’s AppGov Score is your first step to protecting your app landscape. It benchmarks your security posture and delivers a free Governance Assessment Report with actionable insights to improve your security immediately.
⚡️ Microsoft
🏆 General Availability
🔥 Public Preview
The Microsoft Entra agent for smarter access governance: Access Review Agent • Manmeet Bawa
Use SMS as a verification method in password reset flows in Microsoft Entra External ID
Global Secure Access Internet profile support for iOS client
ID Governance
📺 Watch
Build your own Security Copilot agent in minutes (2 min) • Microsoft Security
Secure Access With Microsoft Entra Verified ID (14 min) • Jai Maharaj, Yoel Horvitz
Microsoft Entra Verified ID Advanced Setup (15 min) • Yoel Horvitz, Rohit Gulati
Own your security posture | Build custom agents with Security Copilot (6 min) • Dilip Radhakrishnan
Microsoft Security Copilot agents (8 min) • Dilip Radhakrishnan
🗣️ Message Center
02 Oct - MC1124558 - (Updated) Microsoft Entra: Cross-cloud synchronization now available
20 Sept - MC1156361 - Update: Rollout of the Microsoft Entra ID Free subscription
📆 Upcoming Events
Live AMA with Microsoft Entra CxE Architecture Team - 6 Oct @ 1.15pm PDT • Register at aka.ms/entra/ama
Sponsored by:
Love this newsletter? Get AC’s M365 dev newsletter!
If Entra.news keeps you informed on identity, Andrew Connell’s (AC) FREE newsletter will make you a Microsoft 365 development expert! 💡
“Thanks for the newsletter! It literally gave me a very nice synopsis and got me clarity on where to focus on the learning side!” - Siddharth V.
Andrew, a 21-year Microsoft MVP, scours Microsoft & community resources so YOU DON’T HAVE TO. Get:
Latest M365 dev updates + my honest insights and opinion
SharePoint Framework, Teams apps & Copilot insights
Real-world solutions (not just Microsoft fluff)
12,000+ developers already subscribed to my bi-weekly “Full Stack Dev’s Microsoft 365 Playbook” • No clickbait • 100% FREE • Unsubscribe anytime
From the community…
🚀 Most popular posts from last week
🥇Certificate-Based Authentication just got serious • Andrea Fisher, Mike Palitto
🥈Different Ways to Receive Emails on Unlicensed Admin Accounts in Microsoft 365 • Kanaga
🥉Entra ID Application Policies: Beware the Impact on SAML Signing Certificates • Gabriel Delaney
☀️ Learn
👮♂️ ID Governance
📦 Apps
Microsoft Entra ID applications: Why Ignoring Them Could Cost You • Sander Berkouwer
Block the Creation of Client Secrets in Microsoft Entra Application • Karthi
Difference Between Delegated and App-Only Access in Microsoft Entra ID Applications • Thiraviam
🔑 Authentication
Yes, Hello For Business Constitutes MFA • Dom Kirby
👥 User & Group Management
How to Convert a Synced User Source of Authority to Microsoft Entra • Daniel Bradley
🤖 DevOps & PowerShell
Building Azure functions that never store secrets — ever • Luise Freese
How to Configure RBAC for Applications in Exchange Online • Ali Tajran
Set Up Automated Microsoft 365 User Sign-in Summary Email Using PowerShell • Blesslin Rinu
🚦 Conditional Access
Microsoft Introduces Restore Capability for Conditional Access Policies • Tony Redmond
Entra ID – You can now list and recover deleted conditional access policies • Benoit Hamet
How to Restore Deleted Conditional Access Policies • Daniel Bradley
Mastering Microsoft Entra Authentication Contexts – Part 2: Real-World Access & Action Controls • Sebastian Flæng Markdanner
Release: Conditional Access to zero trust compliance report V1.0.3 • Jan Mulder
Why Setting Office IP as a Trusted Location in Conditional Access Is Risky • AIMA
🔐 Credential Management
Managing OATH/TOTP Hardware Tokens in Microsoft Entra ID: Graph API Is Here, but GUI Still Missing • Dr. Emin Huseynov
🖥️ Devices
Microsoft BitLocker, Windows Hello for Business and Personal Data Encryption: Working Together to Protect User Data • Anders Ahl
🥷 Security
📺 Hackers Exploit Weak Identity Workflows [Fix: Use These Entra Settings] (27 min) • Ru Campbell, Matt Levy
🔥 Maester
New version of Maester on Azure Web App — Microsoft Security Test Automation Framework • Brian Veldman
👨🏽💻 Merill’s corner
Want to get featured on Entra.News? → Submit your content 😎
Want us to say nice things about your company? Sponsor entra.news 🤩
Love the newsletter? Tell us 💚❤️💜
🪃 Acknowledgement of Country
Entra.News is created on Wurundjeri land and acknowledges the traditional owners of country throughout Australia, recognising their continuing connection to land, water and community. We pay our respect to them and their cultures and to elders both past and present.