Entra.News #30: This week in Microsoft Entra
Read about granular cert-based auth config in CA, auditing your tenant for highly privileged apps and more!
👋 Greetings, Merill here with another thrilling edition of the Microsoft Entra newsletter!
You won’t believe the awesome content we have for you this week, covering everything you need to know about Microsoft Entra. 🎉
And that’s not all! I also have a special treat for you 🍦: a new PowerShell cmdlet along with a companion video on YouTube. Trust me, you don’t want to miss this one! (And while you’re there, make sure to hit that subscribe button 😉).
🏆 Generally Available
New Microsoft Entra homepage → entra.microsoft.com
🔥 Public Preview
From the community…
Graph User.ReadBasic.All Application Permission Available • Tony Redmond
Start migrating MFA and SSPR to the new Authentication Methods policy • Mike van den Brandt
🤖 Automation & DevOps
Report the MFA Status for Entra ID User Accounts • Tony Redmond
How to use Get-MgUser in PowerShell • Ali Tarjan
Automate Entra ID Application Creation and Access Management with Terraform and GitHub Actions • Suryendu Bhattacharyya
🚦 Conditional Access
🔐 Credential Management
Global Reader in Microsoft Entra to Allow Access to Teams Devices • Daniel Bradley
FSLogix on Entra Joined AVD • Niels Kok
💠 External ID
Using Entra External ID (CIAM) with the MSAL samples • Rory Braybrook
Using the quick start in Entra External ID for Customers • Rory Braybrook
⛑️ ID Protection
Use case: Phishing resistant MFA of a privileged role • Jonas Bøgvad
📈 Reporting and Insights
Weird issues with Entra ID Signin Logs • Martin Rothe
Why You Should Conduct Regular Entra ID Assessments • Sean McAvinue
(An Attempt at) Detecting Managed Identity Abuse • Ryan Hausknecht
Active Authentication Administrators in Azure • rootsecdev
Pivoting into Google Workspace using an Azure Managed Identity • Narayanan subramanian
New Lessons Learned From Microsoft’s Security Breach • Arvind Suthar
AitM detection with Sentinel via custom CSS • Robbe Van den Daele
Microsoft Entra ID Role vs Azure Role • Debac M.
Microsoft Cloud Group Analyzer • Jasper Baes
Zero Trust and the Secure Future Initiative: 2024 | Unpacking Endpoint Management (58 min) • Windows IT Pro
Handling Apple ID conflicts during Entra and Apple Business Manager Federation (14 min) • Dean Ellerby MVP
What's new in Microsoft Entra ID? January 2024 • RioCloudSync
Microsoft Breach: What Happened? What Should Azure Admins Do? (1 hour) • SpecterOps
Breaking Bitlocker - Bypassing the Windows Disk Encryption (9 min) • stacksmashing
👨🏽💻 Merill’s corner
→ Find out who has OAuth API access to your Microsoft 365 data
This new cmdlet in the MSIdentityTools module exports all the permissions granted to users and applications in your Microsoft Entra tenant.
Watch the video below for a quick overview and how you can run the export on your tenant.
Backstory: This cmdlet is based on this Azure AD PowerShell script by Philippe Signoret which was later updated by Michael Epping to create the Excel export with the pivot tables.
I have now ported this over to Microsoft Graph, added a bunch of enhancements and added it to the MSIdentityTools module.
If you want to learn more about ‘Hiding in the clouds’ watch this session by my colleagues Mark Morowczynski and Michael Epping.
→ Protect your Microsoft 365 Privileged Accounts
❓ Here's a quick quiz for you. Are you doing everything you can to protect your Microsoft 365 Privileged Accounts? Here are the top five that Microsoft recommends. What is your score?
Follow the Protect your Microsoft 365 privileged accounts guide on Microsoft Learn to implement these in your organization.
Folks, in case you missed it. You can protect remote access to your servers both Linux and Windows with phishing resistant MFA using Microsoft Entra conditional access policies.
The last bit to enable MFA to Windows VMs on AWS, GCP and on-prem is yet to come but it IS COMING!
🪃 Always Was, Always Will Be Aboriginal Land
Entra.News is created on Wurundjeri land and acknowledges the traditional owners of country throughout Australia, recognising their continuing connection to land, water and community. I pay my respect to them and their cultures and to elders both past and present.
Thanks for reading Entra.News - Your weekly dose of Microsoft Entra! Subscribe for free to receive new posts and support my work.