Configuring Entra ID Cross-Tenant Synchronization
In this blog, James Yip reviews Microsoft's Entra ID Cross-Tenant Sync feature, and how it can make things a lot easier when deploying a M&A project.
August 28, 2023
Latest Articles
Practical Graph: How to Bulk Delete Entra ID Accounts
Most articles covering how to bulk delete Azure AD accounts use a CSV file to hold the input set of accounts for removal. That approach works, but there are better ways to do the job if the contents of Azure AD are accurate.
July 5, 2023
Practical Graph: Maintain Manager-Employee Relationships Stored in Entra ID
Maintaining accurate Azure AD User Account manager links is important because many Microsoft 365 features like the Organization chart in Teams, the user profile card, and Outlook's Org Explorer depend on the information. This article covers how to use PowerShell to maintain the manager-employee links.
June 27, 2023
Stop Using Phone-Based Responses for Multifactor Authentication
While some methods for MFA responses have security issues, people often overlook their practical advantages. Not everyone is ready to dump a valid authentication method. In this article, we take the journey to removing phone-based responses from your tenant while considering some practical implications.
May 9, 2023
Practical Graph: Find Sets of Entra ID User Objects or Mailboxes to Process with PowerShell
Many PowerShell scripts written to automate operations in Microsoft 365 tenants fetch Azure AD users or mailboxes to process. In this article, we explain how to fetch user objects effectively by using filters to make sure that scripts process the right set of accounts or mailboxes.
May 8, 2023
Adding an Expiration Date for Entra ID Guest Accounts
Microsoft has long been asked to support guest account expiration, just like the functionality available for on-premises Active Directory accounts. Engineering priorities have not allowed the developers to work on the feature, but it's possible to do the job with PowerShell as we explain here.
May 2, 2023
How to Update Entra ID Guest Accounts With Thumbnail Photos
It's good to put a face on Azure AD Guest Accounts by updating the accounts with thumbnail photos. This article explains how to approach the process of gathering suitable photos and uploading them to Azure AD. We also discuss how to speed up the process by finding guest accounts that are missing photos so that the script can focus on those accounts.
April 24, 2023
Migrating Exchange Online Mail Contacts to Entra ID Guest Accounts
Microsoft actively develops Azure AD external identities and doesn't do much with mail contacts. Maybe it's a good idea to migrate mail contacts to Azure AD guest accounts. This article explores what's involved in moving mail contacts over to Azure AD guest accounts using PowerShell.
April 12, 2023
Practical Graph: Using Dynamic Entra ID Administrative Units
Dynamic Azure AD administrative units are like dynamic Azure AD groups in that they have a membership rule to calculate their membership. Azure AD uses the rule to find members regularly, so the administrative unit never goes out of date. That is, assuming the properties of Azure AD user accounts are maintained and up to date.
February 14, 2023
The Importance of Standardizing Microsoft 365 Account Creation
Microsoft 365 tenants can create Azure AD accounts in different ways. No matter whether you create accounts manually or with PowerShell scripts, the important thing is to end up with the right data in Azure AD because many Microsoft 365 features depend on accurate directory.
January 23, 2023
Why It’s a Good Idea to Review and Remove Inactive Guest Accounts Annually
Over time, Microsoft 365 tenants tend to accumulate large numbers of guest accounts in Entra ID. And over time, some of those accounts become obsolete and inactive. In this article, we explore how to use PowerShell to analyze the activity of guest accounts to figure out what accounts are inactive and which are candidates for removal. It's something you should do annually.
February 1, 2022
How to Create a Microsoft 365 Licensing Report Using the Microsoft Graph SDK for PowerShell
After figuring out how to convert a script from using Azure AD licensing cmdlets (due to stop working in June 2022), we move on to create a licensing report for a tenant using cmdlets from the Microsoft Graph SDK for PowerShell. The code is pretty straightforward, but you need to do some up-front work to extract and prepare some input files containing product and service plan codes. Given that Microsoft is increasing its license fees, it's a good time to report this information...
October 14, 2021