Azure AD

Resetting the Azure AD Connect Credentials

If you ever want to update the account password that Azure AD Connect uses for its service account, you can do this by running a PowerShell cmdlet. Additionally, you will want to keep this handy in the event you receive the notorious “Error validating credentials” error message. To do this, on the Azure AD Connect computer, open a PowerShell window with the administrator context and run the following: Add-ADSyncAADServiceAccount You’ll need to supply the Azure AD Global admin credentials, but this will effectively change the password for both Azure AD and the sync engine.

Tip: Maintaining Azure AD On-premises Components

Does your IT processes include methods to review and update the on-premises components for Azure-connected tools? It should. The components are regularly updated for performance improvements and feature additions, but more importantly, they are sometimes updated to for better security. The following Azure AD components should be upgraded as new versions are released: Azure AD Connect Azure AD Application Proxy Connectors Azure AD Pass-through authentication agents Azure AD Connect Health Agents Most components have an auto-update setting which will automate the upgrade process, but some don’t. Be aware of those that need manual intervention, but also make sure that the auto-update component is working. Resources: Azure AD Connect Health: Version Release History Required Updates for A...

Granting Local Admin Rights for Users Using Intune Devices that are Azure AD Joined

If you’d like to assign local administrator rights to specific people in the organization, you do it through the Azure Active Directory blade in the Azure portal. 1. In portal.azure.com go to Azure Active Directory. 2. Select Devices 3. Select Device Settings 4. Under Additional local administrators on Azure AD Joined devices, you can add the admins here.

Microsoft Cracks the Azure AD Password Character Barrier

Microsoft cloud-based AD schema and identity technology has come closer to matching its on-premises counterpart. The company has now officially removed the 16 character password limit for Azure AD. From Azure PM, Alex Simons… Many of you have been reminding us that we still have a 16-character password limit for accounts created in Azure AD. While our on-premises Windows AD allows longer passwords and passphrases, we previously didn’t have support for this for cloud user accounts in Azure AD.   Today, I am pleased to announce that we have changed this limit, allowing you to set a password with up to 256 characters, including spaces. Full set of Azure AD password policies: Password policies that only apply to cloud user accounts

Office 365 Groups Gains the Ability to Enforce Company-consistent Group Names

Microsoft is rolling out a new function for Office 365 Groups to allow companies to help make sense of the group names being created by end-users. Office 365 Groups is a valuable feature that gives users the ability to connect with like-minded or collaborative partners for corporate projects, business, and community. But, due to the ability to generate groups, the group names can become unruly. Azure AD Naming Policy for Office 365 Groups is now generally available and contains two rules that can be applied: Prefix-suffix naming policy You can define prefixes or suffixes that are then added automatically to enforce a naming convention on your groups (for example, in the group name “GRP_JAPAN_My Group_Engineering”, GRP_JAPAN_ is the prefix, and _Engineering is the suffix). Custom blocked wo...