Daniel Bradley
@DanielatOCN
Microsoft MVP, blogger and I write a little PowerShell
Joining in with the #mvpbuzz I am now an MVP in Security and Microsoft Graph! ๐๐
A huge WIN for Microsoft customers today, ๐๐จ๐ค๐๐ง ๐๐ซ๐จ๐ญ๐๐๐ญ๐ข๐จ๐ง is available in ๐๐ข๐๐ซ๐จ๐ฌ๐จ๐๐ญ ๐๐ง๐ญ๐ซ๐ ๐๐ > ourcloudnetwork.com/microsoft-makeโฆ What was previously assumed to be a permanent feature of Microsoft Entra P2, although no official announcement has been made,โฆ
Microsoft have now limited domains returned from the Autodiscover endpoint, impacting ๐๐๐๐๐ tools > ourcloudnetwork.com/planned-changeโฆ A blow to security peeps, but a win for defenders. Previously, you could make an ๐ฎ๐ง๐๐ฎ๐ญ๐ก๐๐ง๐ญ๐ข๐๐๐ญ๐๐ request to Autodiscover and return aโฆ
Microsoft will soon streamline the same-device sign-in experience for the Microsoft Authenticator app! > ourcloudnetwork.com/microsoft-to-sโฆ ๐ฑ Currently, when users sign in to applications on the same device as their Microsoft Authenticator app, the notification often hides the number theyโฆ
Did you know, you can gain incredible insights into Inactive Guests right from the Entra admin center > ourcloudnetwork.com/how-to-find-alโฆ ๐ Learn how from my blog post above, as well as some PowerShell snippets to obtain this information programmatically with Microsoft Graph PowerShell!โฆ
Is it just me, or has the license utilization page gone missing from the usage and insights blade of Microsoft Entra?
Backup and restore for Microsoft Authenticator will no longer require a personal Microsoft account! > ourcloudnetwork.com/microsoft-to-rโฆ ๐ In September 2025, Microsoft will automatically backup users' Microsoft Authenticator credentials to ๐ข๐๐ฅ๐จ๐ฎ๐ & ๐ข๐๐ฅ๐จ๐ฎ๐ ๐๐๐ฒ๐๐ก๐๐ข๐ง andโฆ
Poorly configured RedirectURIs in Entra Apps can lead to a compromise. Here I explain how to monitor for risky apps ๐ ourcloudnetwork.com/how-to-secure-โฆ Wildcards, URL Shorteners or Localhost addresses used as RedirectURIs in your Entra applications are a sign of poor configuration.โฆ
Microsoft Entra license compliance can be difficult. Here I've broken down some of the nuances with practical options to fix > ourcloudnetwork.com/how-to-ensure-โฆ Microsoft Entra license compliance is still somewhat of a challenge for administrators due to the overly flexible licensingโฆ
This helped me today! Have you ever accidentally done User consent instead of admin consent (forgot to check the box)?? I just built a URL to consent to a specific permission to the built-in Microsoft Graph Command Line Tools app and it worked like a dream!!
Okay folks, your going to want to bookmark this. Over the weekend I vibe coded a tool I'm calling Microsoft Entra Sign-in URL Builder This is something I've been wanting to build for some time and inspiration struck. Here's a quick walk through ๐งต๐
If you haven't configured trusted locations in Microsoft Entra, you should do so now ๐ Here's why: ourcloudnetwork.com/configure-micrโฆ Named locations in Microsoft Entra aren't just for use in Conditional Access policies. Even then, most organisations misuse them for exclusions, ratherโฆ
You should disable Seamless SSO in Microsoft Entra Connect as soon as possible! Here is how to do so safely > ourcloudnetwork.com/why-you-shouldโฆ Seamless SSO enables single sign-in for Active Directory joined devices. It is now legacy and relies on Kerberos tickets being sent to Entra ID,โฆ
Did you see, you will soon be able to assign different Passkey providers based on group in Microsoft Entra ๐ here's a write-up > ourcloudnetwork.com/configure-passโฆ Currently, it's an all-or-nothing approach to implementing Passkey provider restrictions in Microsoft Entra, which isn't soโฆ
Microsoft are making your environment more secure by default ๐ก๏ธ Stay ahead, update your policies & audit your permissions > ourcloudnetwork.com/require-admin-โฆ For organisations that enable users to consent to third-party apps accessing their data, this may impact you. If you haven't givenโฆ
Did you know you can enforce Token Protection specifically for Microsoft Graph PowerShell? Check out how > ourcloudnetwork.com/how-to-enable-โฆ ๐ช While you may not want to bind a privileged account to your device, there may be some practical usage for enhancing protection if you currentlyโฆ
Check out this new browser extension > ourcloudnetwork.com/export-conditiโฆ. Conveniently ๐๐จ๐ฉ๐ฒ or ๐๐จ๐ฐ๐ง๐ฅ๐จ๐๐ any Conditional Access policy to JSON! โญ If you have ever needed to backup, recreate or document a Conditional Access policy, the first step is usually to programmaticallyโฆ
You can now assign eligible group memberships via access packages in Microsoft Entra. Here is how > ourcloudnetwork.com/eligible-pim-eโฆ While the functionality is not yet available in the Entra admin portal, you can get the job done with PowerShell, using the code examples above in myโฆ
A new feature of Access Packages has just appeared! You can now use custom extensions to approve Access Package requests! ourcloudnetwork.com/use-custom-extโฆ๐ฒ Previously, the approver of an access package could only be manually assigned or dynamically assigned based on a limited list ofโฆ
I wrote a post in 2023 about potential upcoming ๐ญ๐ข๐ฆ๐-๐๐๐ฌ๐๐ ๐๐จ๐ง๐ญ๐ซ๐จ๐ฅ๐ฌ ๐ข๐ง ๐๐จ๐ง๐๐ข๐ญ๐ข๐จ๐ง๐๐ฅ ๐๐๐๐๐ฌ๐ฌ. Here is that post > ourcloudnetwork.com/enabling-time-โฆ Almost 2 years later, there has still been no clarity around this feature from Microsoft... but since myโฆ
Finding the least privileged Entra role to use a Graph API delegated permission is now easy with AI > ourcloudnetwork.com/find-least-priโฆ I often get a question: "What is the least privileged Entra role I need to run this Microsoft Graph PowerShell script?" I wish the answer were simple...โฆ
Can you even argue against using AI? I just asked it to create me a function to scrape the Entra Role table from a webpage and 30 seconds later I have my data...
