Tag: #MicrosoftEntraID

Transfer an AD Group Source of Authority to the Entra ID!!!

Still using on premises Security Groups to manage access to apps? Do you have old Distribution Lists from a legacy Exchange environment and cringing recreating them in Exchange Online? Or worst you still have the dreaded Mail-enable Security Groups kicking around? Well Microsoft has finally come up with a solution to transfer these to Entra ID and THIS game changer is today’s ‘Bonus Edition’ #MicrosoftCloudQuickFix !!!

Bonus Edition

Contained within the July 31, 2025 Microsoft Entra Connect Update 2.5.76.0 is the listing for the added Group Source of Authority conversation feature (Public Preview) which will allow on a per Active Directory Group basis an administrator to transfer the Group Source of Authority from Windows Active Directory to Microsoft Entra ID. The per group basis allows for a nicely phased approach for the transfer!

You will need to make sure you upgrade your production and staging Microsoft Entra Connect servers in order to utilize this new capability which was also announced this week during the Microsoft Entra Suite Summer Camp

Screenshot from Entra ID Connect

Note: For Entra ID Cloud Sync you must be at minimum version 1.1.1370.0

Once you move the Active Directory Group Source of Authority to Entra ID you gain the ability to use the advanced modern identity governance capabilities such as Access Reviews, Entitlement Management, Group Expiration and Naming Policies, and Dynamic Group membership assignment all in that single Entra ID pane. You can then use Group Writeback if the group is needed to govern any on premises applications / resources. If need be you can rollback the Group Source of Authority from Entra ID back to Active Directory!

See what I mean about THIS is a game changer!

You can watch the demo from #Microsoft here:

This new capability is in Public Preview and rolling out worldwide in August 2025 and is included in Entra ID Free and Basic (and above) licensing however to take advantage of Access Reviews and Entitlement Management capabilities an Entra ID P2 license is needed.

I am certain I will have more to discuss about this new capability so stay tuned!

For more information see:

#MicrosoftCloudQuickFix #Microsoft365 #MicrosoftCloudSecurity #MicrosoftEntra #MicrosoftEntraID #WindowsActiveDirectory #ActiveDirectory #SecurityGroups #IdentityAccessManagement #IdentityGovernance #ExchangeOnline #ExchangeServer #DistributionList #MailEnabledSecurityGroup

Change to Microsoft user sign-in background

Microsoft is releasing a new default background image for the Microsoft Entra Personal and Work/School sign-in experience. This is today’s #MicrosoftCloudQuickFix !

Microsoft is making a change to the sign-in experience to align with the new modern design principals with the modernized end-user UX which aims to provide a cleaner experience across all authentication flow.

This update is visual only, no user or admin action is required, and it will not affect sign-in functionality nor will it supersede any corporate company branding configured in a Work or School Microsoft Entra ID tenant. This update will only affect screens where Company Branding doesn’t apply.

Screenshot of new signin background

This update is already in General Availability and rolling out worldwide in August 2025 for personal Microsoft accounts, in late September 2025 for Microsoft Work and School accounts, with an expected completion by mid-October 2025.

Although no administrator action is needed to prepare for this change it is recommended to notify users of the change and update training documentation.

For more information see:

#MicrosoftCloudQuickFix #Microsoft365 #MicrosoftCloudSecurity #MicrosoftEntraID

Change to user sign-in experience with Microsoft Authenticator

Ever had connectivity issues that delayed your MFA authentication? Left your phone by the coffee pot but have your cup ready for the meeting? One-time code expired before you could use it? Microsoft is changing the user sign-in experience to help reduce duplicate request errors and allow the user to refresh their notifications in the Microsoft Authenticator app. This is today’s #MicrosoftCloudQuickFix !

With the rollout of this change the user sign-in experience will include the message, “Didn’t receive a sign-in request? Swipe down to refresh the content in your app.” advising the user that they can refresh notifications in the Microsoft Authenticator app (or Microsoft Authenticator Lite for Outlook mobile) if they have not received the sign-in notification. Once refreshed the user can complete the sign-in.

Screenshot of new user sign-in experience

This is already in General Availability and began rollout worldwide in late March 2025 with an expected completion by mid-April 2025.

Although no administrator action is needed to prepare for this change it is recommended to notify users of the change and update training documentation.

For more information see:

#MicrosoftCloudQuickFix #Microsoft365 #MicrosoftCloudSecurity #MicrosoftEntraID #MicrosoftAuthenticatorApp