Learn how to convert the Source of Authority for a hybrid user from Active Directory to Microsoft Entra using PowerShell. The post How to Convert a Synced User Source of Authority to Microsoft Entra appeared first on Our Cloud Network.| Our Cloud Network
Learn how to restore deleted Conditional Access policies in Microsoft Entra using Microsoft Graph PowerShell. The post How to Restore Deleted Conditional Access Policies appeared first on Our Cloud Network.| Our Cloud Network
Learn how to configure password protection settings like banned password lists in Microsoft Entra using Microsoft Graph PowerShell. The post How to Configure Password Protection with Microsoft Graph appeared first on Our Cloud Network.| Our Cloud Network
What's the best way to find SharePoint sites with the Microsoft Graph PowerShell SDK? Is the Get-MgAllSite cmdlet best or should you use the Get-MgSite cmdlet? Does it matter if you’re looking for one site or many sites? We explore the issue in this article by examining some reasons why you’d choose Get-MgSite and others that drive the decision for Get-MgAllSite.| Office 365 for IT Pros
A change to a Graph beta API meant that some data used to create the user password and authentication report was no longer available. A script update was required. The experience underlines the truth that developers should not rely on the Graph beta APIs because the APIs are prone to change at any time as Microsoft moves them along to become production-ready.| Office 365 for IT Pros
The Office 365 for IT Pros team is happy to announce the availability of the October 2025 update for the Automating Microsoft 365 with PowerShell eBook. Subscribers can download the latest PDF and EPUB files from Gumroad.com. In other news, a new eBook about Exchange Server Subscription Edition (SE) is available. It’s always nice to see new sources of knowledge open up!| Office 365 for IT Pros
Microsoft Teams Phone has improved over the years, but missed call reporting in call queues remains a gap. In this blog, Martin Heusser shows how to use Microsoft Graph and PowerShell to build a custom report that captures missed and answered calls, complete with caller info and agent details. Until Microsoft adds shared call history natively, this DIY approach is a solid workaround. The post Practical Teams Phone: Reporting Missed Calls on Call Queues appeared first on Practical 365.| Practical 365
Microsoft 365 users see the profile card and might wonder where the information displayed on the card comes from. Entra ID is the obvious source, but the people platform that Microsoft is developing is another and could include information imported through a Copilot connector to build out a complete picture of users and contacts within a Microsoft 365 tenant. It’s early days yet, but beta code is available.| Office 365 for IT Pros
MC1134747 describes a new permissions requirement for Entra apps that run Teams PowerShell cmdlets. Fixing apps to meet the new requirement is easily done with PowerShell. First, find the apps that use Teams PowerShell (we show two ways), and then assign the two required permissions to the apps. All done with a few lines of Microsoft Graph PowerShell SDK code.| Office 365 for IT Pros
A reader asked if it's possible to analyze the external meeting participants for Teams online events. The information is available through the Events Graph API, and some PowerShell code written using the Graph PowerShell SDK quickly extracts events to analyze and determine the set of external domains meeting participants come from. The post Practical Graph: Analyzing External Meeting Participants for Teams Meetings appeared first on Practical 365.| Practical 365
Microsoft has depreciated the Microsoft Graph CLI and Graph Toolkit. It’s nice to see some rationalization, but the real need is for better quality and coverage across all the Microsoft 365 administrative actions. Even after fourteen years of development, too many undocumented and private APIs exist today, which is an unacceptable situation. You should vote for a feedback portal item to ask Microsoft to do better.| Office 365 for IT Pros
Three new Graph API resources provide easy access to Entra ID authentication method summary data. The information is helpful to understand the type of sign-ins that happen, and the authentication methods used by user connections. The article includes a script based on the MFA sign-in summary to highlight non-MFA connections and the apps users connect to.| Office 365 for IT Pros
If you use the Microsoft Graph PowerShell SDK, you don’t need to worry about obtaining an access token because SDK cmdlets include automatic token management. Although you don’t need to know the details of the access token used in an SDK session, it’s possible to find and examine its contents, and even use the token with a Graph request. It's a nice to know thing that you’ll never need in practice.| Office 365 for IT Pros
Version 2.29 of the Microsoft Graph PowerShell SDK can now be downloaded from the PowerShell Gallery. Initial tests show that the release is stable. However, it’s recommended that you deploy V2.29 on a few workstations to test essential scripts before proceeding to a full-scale roll-out. V2.29 does not address the issue with PowerShell runtime in Azure Automation, but overall, first indications are that V2.29 is a good release.| Office 365 for IT Pros
Sometimes tenants need to copy group membership from one user to another. Often PowerShell is used, but with the demise of the Azure AD module you might need to update the script that you use. Things are a little more complicated when using the Graph, but where there’s a will, there’s a way. Here's how to use the Graph PowerShell SDK to do the job.| Office 365 for IT Pros
The conditional access policy condition for token protection now extends to Microsoft Graph PowerShell SDK interactive sessions. Any account within the scope of a CA policy that requires token protection can use Web Account Manager (WAM) to sign in and check that everything is secure and ready to go. It’s a protection that might be of interest to administrators and developers that access sensitive data in Graph SDK sessions.| Office 365 for IT Pros
A recent post revealed that the Mailbox Import-Export Graph API doesn't capture audit events for its operations. The API is in beta, but this is disappointing. Auditing any mailbox is important, but it becomes a critical requirement when the possibility exists that attackers could use the API to exfiltrate mailbox data outside of the tenant. This is a hole that Microsoft needs to close.| Office 365 for IT Pros
Microsoft will launch the aiInteractionHistory Graph API (aka, the Copilot Interaction Export API) in June. The API enables third-party access to Copilot data for analysis and investigative purposes, but any ISV who wants to use the API needs to do some work to interpret the records returned by the API to determine what Copilot really did in its interactions with users.| Office 365 for IT Pros
A user reported that a script didn't list any details of hidden group memberships and asked why. The reason is that a separate Graph permission controls access to hidden group memberships. If an app doesn’t have the permission, the Graph returns null memberships, which is probably not all that helpful. Once the right permission is in place, everything works.| Office 365 for IT Pros
A while back I published a blog post on how you can add Microsoft Graph application role permissions to a Managed Identity, something that is useful if you have deployed Azure services that use managed identities, and need permission to access Graph API. https://gotoguy.blog/2022/03/15/add-graph-application-permissions-to-managed-identity-using-graph-explorer/ The above blog post is currently the only “graphical” or UI […]| GoToGuy Blog
In this contribution I will show you how you can build your own Security Copilot, by using Azure Open AI, AI Search Service and your own security data sources, in a creative way that let users ask about their own security status in a natural language! This is part of my contribution to the Festive […]| GoToGuy Blog
Microsoft recently announced that Workload Identity Federation for Azure Pipelines now is in Public Preview: https://devblogs.microsoft.com/devops/public-preview-of-workload-identity-federation-for-azure-pipelines/. This opens for a lot of scenarios for Azure service connections, without the need to manage secrets for service principals and more security as there are no secrets that can be exposed or exfiltrated. As I work a lot […]| GoToGuy Blog
There are several ways you can access the Azure AD Protected APIs in Power Platform Flows and Apps. Without creating Custom Connectors, which basically can connect to any REST based API that is available, it is useful to know what built-in HTTP connectors are available and can be used for delegated authentication to Azure AD […]| GoToGuy Blog
I’m excited and very much looking forward to speak at the upcoming Oslo Power Platform & Beyond Community Event, which will happen in-person at May 21st 2022 at Microsoft Norway offices i…| GoToGuy Blog
You have a service principal in your tenant. Either you created it yourself or it’s a service principal for an app registration from another tenant (multi tenant application). Now this service principal needs access to an addition role. It’s not always possible to do a new admin consent sometimes you want the change just for a single service principal in a single tenant. I wrote about this before, but since the Azure AD module is depreciated, it’s time to do the same with the new Micros...| Coding Stephan
Hey there! Today, I wanted to introduce you to one of the small but excellent module I've created called the O365Synchronizer. This module focuses on synchronizing contacts and users. If you've ever been tasked with synchronizing Global Address Lists (GAL) across different Office 365 tenants or just wanted to sync GAL with user mailboxes so they can access contacts directly on their phones, this tool is for you. The post Syncing Global Address List (GAL) to personal contacts and between Offic...| Evotec
