azure-active-directory

问题 I created the app on Azure AD. The application works fine. By the way, I wanted to make this app's permissions smaller. First, I want to limit the schedule that this app can view. For example, the application can see user A's schedule, but not user B's schedule, and so on. User A and User B are registered on the same Azure AD. Second, I want to limit the users who can impersonate themselves as email senders. For example, user C can send a mail, but user D can't send a mail. Is there a better

问题 I'm trying to rewrite powershell script that creates Azure AD application and assigns permission to it. The script is using AzureAD module, I would like to use new Az module, so I can run it on Linux/MacOS. Creating a new application is easy (New-AzADApplication) but I have a problem with permissions. Old script is using this code to assign permissions: #=============Graph Permissions======================== $req = New-Object -TypeName "Microsoft.Open.AzureAD.Model.RequiredResourceAccess"

问题 I'm trying to rewrite powershell script that creates Azure AD application and assigns permission to it. The script is using AzureAD module, I would like to use new Az module, so I can run it on Linux/MacOS. Creating a new application is easy (New-AzADApplication) but I have a problem with permissions. Old script is using this code to assign permissions: #=============Graph Permissions======================== $req = New-Object -TypeName "Microsoft.Open.AzureAD.Model.RequiredResourceAccess"

问题 I used MSAL JS for authenticating user & thereafter calling acquireTokenPopup(scopes) for Access Token. I am getting the access token, but cannot use it as it says Invalid Signature . (checked in jwt.io too - same error) Over the forum I found it is due to Graph adding nonce. What will be the solution? Please help. Following is the code. tenantConfig = { scopes: ["directory.read.all"] }; this.clientApplication.acquireTokenSilent(this.tenantConfig.scopes).then( function (accessToken) { },

问题 I am using the Azure AD B2C .Net core Microsoft.AspNetCore.Authentication.AzureADB2C.UI library (installed using NuGet) in a ASP.Net Core 2.2 MVC Web App. I would like to be able to change the Error page, however it ignores any custom or Developer mode error pages. Does anyone know how I can override the error handling and/or any other pages of this library? This is the page (github) that gets returned for any Azure B2C errors. https://github.com/aspnet/AspNetCore/blob/master/src/Azure

问题 I am using the Azure AD B2C .Net core Microsoft.AspNetCore.Authentication.AzureADB2C.UI library (installed using NuGet) in a ASP.Net Core 2.2 MVC Web App. I would like to be able to change the Error page, however it ignores any custom or Developer mode error pages. Does anyone know how I can override the error handling and/or any other pages of this library? This is the page (github) that gets returned for any Azure B2C errors. https://github.com/aspnet/AspNetCore/blob/master/src/Azure

问题 I am using the Azure AD B2C .Net core Microsoft.AspNetCore.Authentication.AzureADB2C.UI library (installed using NuGet) in a ASP.Net Core 2.2 MVC Web App. I would like to be able to change the Error page, however it ignores any custom or Developer mode error pages. Does anyone know how I can override the error handling and/or any other pages of this library? This is the page (github) that gets returned for any Azure B2C errors. https://github.com/aspnet/AspNetCore/blob/master/src/Azure

问题 We have setup an infrastructure on Azure containing Azure AD , VM's etc. We use Azure Active Directory Domain Services to have the servers domain-joined and alsoo for local AD-authentication for some specific applications. I would like to write some custom Azure functions that access the Azure Active Directory Domain Services for querying some specific AD-properties like msDS-UserPasswordExpiryTimeComputed. Those properties are not exposed in Azure AD. Can an Azure function access resources

问题 I have been trying to set the following values on a group using graph using the beta API: { "hideFromOutlookClients": true, "hideFromAddressLists": true } However, I get the following error: { "code": "ErrorGroupsAccessDenied", "message": "User does not have permissions to execute this action." } The application does have the required permissions for updating a Group, in fact, updating a group's description works just fine . These two properties were added a few months back but they seem to

问题 I have been trying to set the following values on a group using graph using the beta API: { "hideFromOutlookClients": true, "hideFromAddressLists": true } However, I get the following error: { "code": "ErrorGroupsAccessDenied", "message": "User does not have permissions to execute this action." } The application does have the required permissions for updating a Group, in fact, updating a group's description works just fine . These two properties were added a few months back but they seem to