Azure AD Custom Security Attributes enable flexible authorization structures
Active Directory FAQ
by Sophia Tunui
4M ago
Azure AD Security Attributes are key-value pairs that can be custom created in Azure AD. This allows users to be assigned enterprise applications or various Azure resources (for example, specific values such as cost center, project affiliation, or personnel number) as a custom attribute. These attributes are available in full subscription for a variety of resources. They require an Azure AD Premium P1 or P2 subscription to be deployed. Attribute management takes place in the Azure Active Directory admin center. Roles for rights management in Azure AD In addition, it is possible to control whic ..read more
Visit website
Authentication for MS Teams in hybrid networks
Active Directory FAQ
by Thomas Joos
8M ago
Microsoft Teams supports all authentication options that are also offered by Microsoft 365/Office 365. This means that authentications for MS Teams can only take place in the cloud, i.e. via Azure Active Directory (AAD), but also in a hybrid way, together with Active Directory (AD). In hybrid deployments, it is possible to synchronise local AD accounts with Azure AD and use them together with Microsoft Teams. For many companies, local AD and its efficient maintenance play an important role even in times of comprehensive cloud migration. Microsoft Teams also works in Windows 10/11 without AD If ..read more
Visit website
Manage file permissions in MS Teams and SharePoint Online – This is how it works
Active Directory FAQ
by Sophia Tunui
9M ago
How do file permissions work in Microsoft Teams and SharePoint? In Microsoft Teams, files can also be stored directly in the teams. This facilitates the exchange of information between team members, as they do not have to use different sources of information. Instead, all files are directly available in the team. For this purpose, the data is stored in SharePoint Online of Microsoft 365. More precisely, there is a tab called “Files” for each team. Here you can see all the files that are available for the team and that the team members have saved. This data is available in the desktop client an ..read more
Visit website
Azure AD Connect and Azure AD Connect cloud sync
Active Directory FAQ
by Thomas Joos
1y ago
To synchronize login credentials between Active Directory and Azure Active Directory, many administrators use Azure AD Connect. We have already described how to synchronize on-premises Active Directory environments with Azure AD. Read the article “Install Azure AD Connect” to learn about single sign-on scenarios between on-premises networks and Azure. In addition to Azure AD Connect, Microsoft also offers Azure AD Connect cloud sync. These are different services for similar functions.  Azure AD cloud synchronization comparison Use Azure AD Connect  In addition to the option of using ..read more
Visit website
Install Azure AD Connect
Active Directory FAQ
by Sophia Tunui
1y ago
There are many scenarios where credentials from on-premises Active Directory environments are synchronized with Azure Active Directory. Besides single sign-on, for the use of cloud resources in Microsoft Azure or Microsoft 365, such synchronization is also used for the deployment of Microsoft Endpoint Manager. The synchronization is done via the tool “Azure AD Connect” provided by Microsoft. First you install the tool on a server in the network, then you set up a connection with Microsoft Azure and after that, you let it synchronize the data. What does Azure AD Connect do?  Azure AD Conne ..read more
Visit website
Avoid password generator adjustments after policy change
Active Directory FAQ
by Elysabeth Yven
1y ago
Do you need (again) to adjust your password generator after a policy change? The best way to avoid password generator adjustments after a policy change, is to generate passwords depending on the current Domain Password Policy. Here is how it works. Reading the password policies of a domain First we want to read out the password policies of the domain. Via Server Manager > Tools there are two ways to find the policies: The Group Policy Management tool show you all policies under the domain and default domain policy, including the password policy. The password policies can also be displayed ..read more
Visit website
Avoid strings in passwords with Azure AD
Active Directory FAQ
by Holger Warth
1y ago
In this article you will learn how to avoid strings in passwords with Azure AD password protection. By default, the Windows operating system, via the password policies, offers to specify the minimum number of characters, as well as a predefined complexity of the password.  This defined complexity (if enabled) requires: that a new password must contain at least one character from three defined sets (uppercase letters, lowercase letters, numbers and special characters), and that the content of the Active Directory attribute sAMAccountName and substrings of the attribute displayName (separa ..read more
Visit website
PowerShell – Manager can update membership list
Active Directory FAQ
by Elysabeth Yven
2y ago
The management of AD groups does not have to be in IT hands. The ‘Group-Manager’ function is often used when a non-IT employee in the company has to manage a group. For example, the department manager should be able to decide which employee is included in a certain distribution list (i.e. a distribution group). Manager can update membership list For this purpose, the user can be entered in the Active Directory Users and Computers console as the manager of the group. We can also check the box: “Manager can update membership list”. The user can then add and remove members, but cannot edit the gr ..read more
Visit website
Define Teams naming policies
Active Directory FAQ
by Jens Fiedler
2y ago
What options does Microsoft 365 offer for defining Teams naming policies? If Teams is to be introduced in the company, a governance concept must be created beforehand. This concept clarifies, for example, how groups and teams are created, which security rules apply, whether guest access is permitted, how naming is regulated, and much more. In the best case, it should also be possible to ensure that all the rules of the governance concept can be applied technically. In this article I would like to look at the options for implementing the naming policy. After searching the Microsoft documentatio ..read more
Visit website
Sending an E-mail to Members of an AD Group
Active Directory FAQ
by Jens Fiedler
2y ago
Sometimes you have to send  an e-mail to members of an AD Group. This may be the case if you find it necessary to inform all your co-workers. If you administer the resource via Active Directory group you have the option to send an e-mail to all the group’s members. It’s best to go with the PowerShell script ‚CreateMailFromGroup‘. Send E-Mails to AD Group Members The PowerShell script „CreateMailFromGroup.ps1“ reads all users of the AD transfer group recursively. It reads the attribute “email” from all user accounts to find out all the group members’ addresses. So, in the end you want to s ..read more
Visit website

Follow Active Directory FAQ on Feedspot

Continue with Google
OR