Daniel Bradley

Check out 𝐄𝐧𝐭𝐫𝐚𝐃𝐨𝐜𝐬𝐓𝐫𝐚𝐜𝐤𝐞𝐫 to stay always up to date with everything Microsoft Entra > entradocs.ourcloudnetwork.com 𝐓𝐡𝐢𝐬 𝐢𝐬 𝐝𝐞𝐟𝐢𝐧𝐢𝐭𝐞𝐥𝐲 𝐚 𝐩𝐚𝐠𝐞 𝐭𝐨 𝐛𝐨𝐨𝐤𝐦𝐚𝐫𝐤 One way I stay up to date with all changes in Microsoft Entra is by monitoring updates to the Microsoft documentation, which often gets updated before official announcements of new features. Previously, I did this privately, but here I have turned it into an easy-to-use website, with a sprinkle of AI to summarise often difficult-to-read large commits. Let me know what you think! #Microsoft #Entra #EntraDocsTracker

@merddyn For Entra, it has never ever been that way, how long ago did you last check ;)

@DanielatOCN This is kinda weird no? Like, from a pure licensing perspective, I get it, but from a functional perspective you have to assign a license to an account for certain features to work or be available last I checked. So how would that work?

The Microsoft Licensing FAQs finally clarify a long-standing point of frustration for Entra ID. I have broken this down here ourcloudnetwork.com/one-person-one… The "One Person, One License" philosophy for Microsoft Entra was only ever shared through blog posts and social media, meaning people often doubted whether it breached the current licensing terms or not. Now, the Microsoft Licensing FAQs clarify these points. 𝐏𝐒𝐀: 𝐒𝐭𝐨𝐩 𝐥𝐢𝐜𝐞𝐧𝐬𝐢𝐧𝐠 𝐬𝐞𝐜𝐨𝐧𝐝𝐚𝐫𝐲 𝐚𝐜𝐜𝐨𝐮𝐧𝐭𝐬 (𝐥𝐢𝐤𝐞 𝐀𝐝𝐦𝐢𝐧 𝐚𝐜𝐜𝐨𝐮𝐧𝐭𝐬) 𝐰𝐡𝐞𝐫𝐞 𝐢𝐭 𝐢𝐬𝐧'𝐭 𝐫𝐞𝐪𝐮𝐢𝐫𝐞𝐝. #Entra #Microsoft

@merill Yes please

Now that I'm no longer at Microsoft, I'm free to share some of my rebel tips 😎 Who wants me to post them?

@Nigel_Farage Is social media safety not part of the current IT syllabus for secondary schools... surely that would make more sense? Social media was way worse 20 years ago during the times of Bebo and Tumblr. Nothing like preparing adolescents for adulthood like treating them like a child.

Whilst the social media ban is well-intentioned, it’s unlikely to work given the mass adoption of VPNs. It will also mean the introduction of Digital ID via the back door. The real answer here is handsets for children with limited features.

@darkstarnj74 You should do, did you read my article?

@DanielatOCN Not seeing this yet in my tenant 😞

Baseline Scope enforcement in Conditional Access is rolling out today, but Microsoft have hidden the setting for it > ourcloudnetwork.com/how-to-enable-… Currently, if a Conditional Access policy includes an exclusion, and your application only requests a specific set of baseline directory scopes (like user.read), then that authentication request could bypass the Conditional Access policy. Rolling out from today, this behaviour is changing, and all authentication requests will be subject to Conditional Access policy enforcement. For 99.9% of organisations, there will be no impact on you, but for a small subset that have built their own applications, you should verify any impact following the steps I have outlined in my article! #Microsoft #Entra

@acjuelich I believe it will be enforced, this is for you to make exceptions

@DanielatOCN Dang. I thought that was going to be automatically set as the default.

@mjovanovictech @KarenPayneMVP Was hoping for a reset!

@KarenPayneMVP Did the limits reset? I was on 100% as of a few days ago, woke up to 0% toda

What is your usage? I've used Copilot a lot this week 🤨

Check it out 🩵 You can now validate PIM requests automatically (like verifying a Ticket ID) using Custom Extensions! Read here > ourcloudnetwork.com/stop-wasting-t… This could be such a game changer, both for security, validation and accountability for accessing Roles, Groups and Azure Resource. Once configured properly, you go from an organisation that only reacts to critical privileged access events, to an organisation that implements zero trust programmatically to a critical part of the user elevation process. While it would require some development, I'm sure it will not be long for ISV's to integrate API's and approval logic to integrate natively into PIM! #Microsoft #Entra #PIM

@crismsantos @nick_cloudops Well that’s quite small, but if you need an ISO, just download one online?

@DanielatOCN @nick_cloudops My friend, even if you pay almost 1,000 dollars per year as a small partner MSFT will NOT let you download a simple Windows 11 ISO file from VS subscription They really want you to pay extra 500 dollars to do it Unbelievable

Considering if it is worth to get the new Github Copilot Max plan Not enough token 🤣 Need to use it wisely

In my article ourcloudnetwork.com/how-to-stop-gu… I explain that guests can read user details, managers, group members, application properties and certificate configurations in your directory, and by default, anyone can invite them to your org, even other guests! All this information is what a malicious actor can use to map your organisation, and how would you know if any of the potential thousands of guests in your environment have been breached? you wouldn't... Before you can think about managing the lifecycle of your guests, you need to stop this problem in its tracks. Take the first step and limit who can invite guests to your tenant now! #Microsoft #Entra

@merill Yeah it’s hammering my usage limit, but wow it’s good. Now back to watching my VRAM max out for 2 tokens a second…

Started using Fable - 1 hr ago. Me after one hour. FML

@Se_Railway @commie_cal I had no idea £13 was a minimum, that's quite poor :(

@commie_cal Easy answer , Railcards have a minimum fare they are allowed to be used with . £13 being the minimum . Therefore in this instance its cheaper just to buy the ticket as is . For more info : spkl.io/601878zJg ^TB

i have questions @Se_Railway

@crite512 @xenappblog @merill Non interactive sign-ins. You just need to go by the right property and not blindly trust flaky AI :)

@xenappblog @merill Understand and agree with the filtering criteria of 90 days interactive sign in. Will check out the project. I was curious how an account without an interactive sign in would be considered not stale?

Customer hit me with this today: “I am looking for a way to revoke session tokens on users who have not signed in for 90 days or longer to force them to use their password to update their last sign-in time.” Why didn’t somebody tell me before how much money we’re burning on stale Entra member accounts? 😩 Right now in our tenant: • 779 members in scope • 21 idle 90+ days • 47 never signed in • 52 licensed & stale Still paying for those licenses… still showing as “active” in reports… still a security hygiene nightmare. The FREE Intune Dashboard just added the **Stale Users (P1)** view — one-click Revoke + Disable right there. Forces fresh password sign-in, updates last activity, and lets you actually reclaim those licenses. Stop feeding ghost accounts. DOGE would approve. @MSIntune #Intune

@jerrynixon Perfect, added! Thanks

@DanielatOCN This work? Data API builder and SQL MCP Server have the same logo - the database with the hat. 1drv.ms/f/c/be501a3a7a…

I've collated 2400+ Microsoft architecture icons and published them for easy access at msicons.com 💙 For every icon, you can: • Download the scalable SVG file • Download the PNG of your desired size • Embed the icon directly into your website or markdown • Choose a light, dark or transparent background You can can even compare different icons together and favourite multiple icons for bulk download! #Microsoft

@jerrynixon Can you provide the SVG files for these logos?

@DanielatOCN Brilliant. The only other missing Microsoft SQL logos I can think of now are SQL Server Management Studio and SQL MCP Server andyleonard.blog/wp-content/upl… and github.com/Azure/data-api…

Soft-delete for Devices is in Microsoft Entra is now in Public Preview! Read more about the experience here > ourcloudnetwork.com/how-to-restore… 💻 Devices may get be deleted from a multitude of reasons. But now, when they are deleted, they simply get deregistered and moved to a soft-delete container for up to 30 days, during this time they can be restored. This way, the device cannot be used for authentication, or accessing cloud resources, but important data is preserved, such as the BitLocker key, LAPS password and Device Id. #Microsoft #Entra

@1000ysoncho If they want to reach out (plenty of Microsoft employees know about this) they can. I’m one man, I’m not going out of my way to offer a free service lol

@DanielatOCN 便利な発明なので、Microsoftの許可を得て、権利関係をクリーンにして配布してほしいな。

便利な反面、再配布ってポリシー大丈夫か？