All about Microsoft 365
In this article, we take a look at which methods and tools we can use in order to “audit” the adherence to Microsoft’s Identity platform best practices for any third-party applications that might be in use in your tenant. With OAuth app compromises hitting the news on a regular basis nowadays, it is time to action! …
Report on permanently assigned Entra ID directory roles as well as any PIM-eligible role assignments. The scripts come in two versions, one based on the Graph SDK for PowerShell and another one using “raw” Graph API requests. Supports Privileged Access Groups as well (PIM for groups). …
Continue readingReporting on Entra ID directory role assignments (including PIM)
In this article, we are presenting you with an update version of the PowerShell script to report on Entra ID service principal objects and their properties and permissions. In addition, a version of the script running on the Graph SDK for PowerShell is also provided, for usage with delegate permissions. …
Using the Graph API, we create a sample script to report on item count and size per year. The script can be run against multiple Exchange Online mailboxes at a time. …
Continue readingReporting on Microsoft 365 mailbox item count and size by year via the Graph API
Last week, we explored Entra ID’s app instance property lock feature. As part of the process, we examined one possible way that bad actors could take advantage of the convoluted nature of working with multi-tenant applications within Microsoft 365 and their in-tenant representation, the service principal. As the app instance …
Continue readingScript to review and remove service principal credentials