Vasil Michev

Entra ID, Graph API, Microsoft 365, PowerShell

How to manage Entra ID’s banned password list via the Graph SDK for PowerShell

June 9, 2025 Vasil Michev

Entra ID’s password protection feature was introduced back in 2018, adding support for a banned password list, the smart lockout controls and integration with on-premises AD. Programmatic access to the feature was enabled via directory settings templates, which at the time were exposed via the Azure AD Preview PowerShell module, …

Continue readingHow to manage Entra ID’s banned password list via the Graph SDK for PowerShell

Exchange Online, Microsoft 365, PowerShell

You can no longer delegate folder-level permissions to a shared mailbox

May 26, 2025 Vasil Michev

In what looks like another attempt to curtail unsanctioned use of shared mailboxes in Exchange Online, Microsoft has begun blocking the ability to grant folder-level permissions to shared mailbox principals via PowerShell. As a side effect, you will no longer be able to use the Add-MailboxFolderPermission cmdlet to designate a …

Continue readingYou can no longer delegate folder-level permissions to a shared mailbox

Entra ID, Graph API, Microsoft 365

Using the estimateAccess method to determine permissions on Entra objects

May 20, 2025 Vasil Michev

In this article, we take a look at the undocumented estimateAccess Graph API method, which can be used to determine what permissions a given user or application has against any directory object. This in turn can help you troubleshoot permission related issues, such as those where a given app throws an unexpected 403 error. …

Continue readingUsing the estimateAccess method to determine permissions on Entra objects

Entra ID, Graph API, Microsoft 365

Graph-based What If Conditional Access tool

May 2, 2025May 2, 2025 Vasil Michev

Microsoft released new Graph API based implementation of the What If tool. In this article, we will take a look at how to leverage the new What If experience in the UI as well as how the underlying Graph API endpoints work. It is great to finally have a supported method to test your Conditional Access policies! …

Continue readingGraph-based What If Conditional Access tool

Graph API, Entra ID, Microsoft 365

First look at the Graph API usage report

April 23, 2025 Vasil Michev

Microsoft recently introduced the Graph API usage report. In this article, we will take a quick look at the new endpoints and the data we can obtain via them. Spoiler alert, there are some rough edges, but that’s to be expected from a /beta release. …

Continue readingFirst look at the Graph API usage report