Entra π News #90 β This week in Microsoft Entra
Learn about π 'Require reauthentication every time in CA' and π¦ 'Custom Attributes support for Microsoft Entra Domain Services' going GA, π‘οΈ new Security Copilot features for CA and more! β¨
π Hi, Merill and Joshua here with this weekβs roundup of the latest news on Microsoft Entra from around the globe π.
We have two features going GA this week including the much awaited βRequire reauthentication every timeβ feature in conditional access. A note of warning, please use this feature with care, more MFA prompts <> more secure.
Also, check out the public preview announcement for using Entra to strengthen AI security and identity protection.
Enjoy!
Entra.Chat Podcast
π§ Apple Podcast β’ πΊ Spotify β’ π§ Overcast β’ π§ Pocketcast β’ π§ Others
Sponsored by:
EasyEntra: Empower First-Level Support to Work Efficiently
Managing standard first-level user support in a hybrid environment is overly complex. To handle even basic tasks, your team needs expertise across multiple platforms like ADUC, Exchange on-premises Admin Center, M365 Admin Center, Entra Admin Center, EXO Admin Center, EXO PowerShell, and Entra Connect PowerShell.EasyEntra eliminates this complexity and allows first-level support to work without headaches:
β Intuitive β The interface mimics the familiar AD Users & Computers layout.
β Consolidated β Manage all user settings from a single-pane-of-glass.
β Responsive β Preloads all properties for lightning-fast navigation of settings.
β Reduces junior IT training β Onboard junior IT staff in minutes.
β Protects senior IT staff β Prevent first-level support tickets from escalating.
β‘οΈ Microsoft
π General Availability
Conditional Access reauthentication policy (Require reauthentication every time) β’ Microsoft Learn
Custom Attributes support for Microsoft Entra Domain Services β’ Microsoft Learn
π₯ Public Preview
New innovations in Microsoft Entra to strengthen AI security and identity protection β’ Alex Simons
Limit creation or promotion of multitenant apps β’ Microsoft Learn
π Read
New user experience for consumer authentication β’ Robin Goldstein
US Department of Laborβs journey to Zero Trust security with Microsoft Entra ID β’ Joy Chik
πΊ Watch
Create Custom reports for Microsoft Entra ID Governance data using Azure Data Explorer (8 min) β’ Rodrigo Castillo
Configure Entra Private Access and Quick Access in Microsoft Entra Global Secure Access (9 min) β’ Mohammad Zmaili
Microsoft's Zero Trust approach (30 min) β’ Heike Ritter, Clay Taylor
Sign into shared devices with a QR code and PINβno need to enter long credentials. (1 min) β’ Microsoft Mechanics
π£οΈ Message Center
From the communityβ¦
π Most popular posts from last week
How to authenticate with Windows Hello for Business or FIDO security key in RDP session ? β’ Morten Knudsen
Essential Eight Compliance Assistant - A Free GPT that Makes Your Solution Architecture Assessment Easy! β’ Hassan Syed
Controlling Access to Microsoft 365 for Entra ID Apps β’ Tony Redmond
Sponsored by:
ππ Onboard & Secure Azure Services the Right WayβStart with the Entra ID Threat Model
Entra ID is the foundation of your Azure securityβbut do you have full visibility into its risks? Are the right controls in place to address your risk appetite? Built by TrustOnCloud, our ThreatModel for Entra ID gives you a clear, actionable security blueprint. We help organizations confidently adopt Azure, AWS, and GCP by securing over 220+ cloud servicesβso youβre not just in the cloud, youβre secure in it. The Entra ID ThreatModel helps you:
β Prioritise your control implementation based on risk and the threats that impact you.
β Map & mitigate attack techniques with MITRE ATT&CK
β Strengthen security controls with tested validation procedures
β Align controls with 318+ frameworks for compliance & regulatory coverage Get a sneak peek into our Entra ID ThreatModel with 3 sample threats, including detailed Data Flow Diagrams, Mitre ATT&CK mappings, and prioritized risk controls tailored for Azure services.
βοΈ Learn
π Private Access & Internet Access (GSA)
The Ultimate Microsoft 365 Upgrade You Didnβt Know You Already Paid For! (But Wait, Thereβs More!) β’ Dustin Gullett
Automate the deployment of Global Secure Access resources π₯ β’ Brian Veldman
π¦ Apps
Entra ID Application Management Policies β’ Brian Veldman
π Authentication
A Comprehensive Overview of an SSO Implementation β’ Mateusz Jendza
π€ DevOps & PowerShell
Access Graph resources across tenants without secrets or certificates! β’ Ben Reader
Setting up MCP Server to Entra ID / Graph with Lokka β’ Marius Sandbu
Manage M365 with Lokka & Claude AI β’ Rudy Mens
ASP.NET Core delegated Microsoft OBO access token management (Entra only) β’ Damien Bowden
Artificial Intelligence, PowerShell, and Microsoft 365 Administration β’ Tony Redmond
π¦ Conditional Access
Using KQL to Detect Gaps in your Conditional Access Strategy β’ Dylan Tenebruso
Azure devops as a Microsoft admin portal in conditional access β’ Jay Kerai
Conditional Access (CA) policy part 1 β Get started! β’ Kim AndrΓ© Vaksdal
Conditional Access (CA) policy part 2 β’ Kim AndrΓ© Vaksdal
π Credential Management
Monitoring Passkeys Enrollment with Graph PS Module β’ Moe Kinani
π₯οΈ Devices
ποΈ External ID - Guests & Multi-Tenant Organizations
Duplicate Mail User Objects Created for Guest Accounts β’ Tony Redmond
π₯· Security
Creating immutable users through a bug in Entra ID restricted administrative units β’ Katie Knowles
Automatic Password Hacking Machine ConfirmedβStop Using Passwords Now β’ Davey Winder
Microsoft 365: Protect your environment against AiTM phishing attacks β’ Ricardo van der Linden
β»οΈ Sync
How to Upgrade Microsoft Entra Connect: A Step-by-Step Guide β’ Liam Robinson
βοΈ Toolkit
New MiToken Graph PowerShell module for multi-tenant apps β’ Daniel Bradley
ποΈ Podcasts
Conditional Access Done Right: Practical 365 Podcast β’ Louis Mastelinck, Steve Goodman, Bastiaan Verdonk
Exploring Microsoft's Global Secure Access: Practical 365 Podcast β’ Janice Ricketts, Steve Goodman, Bastiaan Verdonk
Identity Governance, JML, Serverless GPUs, SME's & Cybercrime, Azure Landing Zones & more MSFT Cloud (53 min) β’ David Rowley, Cyrus Irandoust, Richard Hogan
πΊ Watch
Introduction to OAuth (13 min) β’ Roland Guijt
You Wonβt Believe How Hackers Exploit Identity Tokens (33 min) β’ Ru Campbell, Dr Nestori Syynimaa
Your PIM roles aren't safe...Unless you do THIS! (4 min) β’ Nate Hutchinson
How to allow PIN reset for Windows Hello for Business (9 min) β’ Cybersecurity World
π¨π½βπ» Merillβs corner
Want to get featured on Entra.News? β Submit your content π
Want us to say nice things about your company? Sponsor entra.news π€©
πͺ Acknowledgement of Country
Entra.News is created on Wurundjeri land and acknowledges the traditional owners of country throughout Australia, recognising their continuing connection to land, water and community. I pay my respect to them and their cultures and to elders both past and present.