We are now at the last part of the blog post series about admin lifecycle management. In this last part, the focus will be on offboarding – specifically the scenario where the user who owns the admin account(s) is leaving the company and their regular user account is offboarded. In the real world, however, admin … Read more
Automating access to Shared mailboxes in Exchange Online using Entra ID Governance is something that has been on my to-do list for some time. I was recently asked by a colleague if I could find a way to automate that process when a user onboards or moves (department, location change, etc.). When handling access to … Read more
Continuing from where I left off in part 1 of this blog post series, in this one I want to turn the focus on the security I wrote a little bit about at the end of part 1, but also how to request access to different resources on behalf of the admin accounts. One of … Read more
For some time, I have been thinking about the possibility of creating something that allows me or my colleagues to run Custom extensions in Entra ID Governance manually without the need to navigate to the automation account where the code that gets executed with the Custom extension is hosted or create a Lifecycle workflow to … Read more
The lifecycles of admin accounts can be tricky to manage, because admin accounts are not regular user accounts – they have to be handled differently. You need to make sure, just like with regular users, that they are not over-privileged. Another thing to consider with admin accounts is their lifecycle. What happens when the regular … Read more
If you have been working with Entra ID Governance, you probably figured out that there is no native way of working with Exchange Online (or On-premises Exchange) resources. So, you will have to get creative in how to manage members of distribution lists memberships at a scale in Entra ID Governance. In this blog post … Read more
If you have been working with Lifecycle Workflows in Entra ID Governance, then you how to start a Lifecycle a run it for a specific user or more. But there may come a time when you find yourself in the need to run a Lifecycle Workflow for a specific user by using PowerShell. One such … Read more
Have you ever asked yourself this question after setting up Microsoft Entra ID Lifecycle Workflows and API-driven user provisioning: “What happens if one of my colleagues changes a user attribute in Active Directory (AD), will Entra ID Governance correct it?” The answer to this question is: “No, it won’t”. Or like an IT consultant would … Read more
When new employees are about to start in a company, one of the tasks that needs to be done before the employees have its first day is to assign a phone number to them, so they are able to make and receive phone call in their everyday work. If you are using Microsoft Teams in … Read more
When I started using Microsoft Entra ID Governance Lifecycle workflows to handle Joiners in my company, the first task I wanted to accomplish using the Lifecycle workflows was the creating of a new employee’s mailbox in a hybrid environment. Creating of user mailboxes is not an out-of-of-the-box task in Lifecycle Workflows, but it can be … Read more
