User Profile
Mi1anovic
Copper Contributor
Joined 5 years ago
User Widgets
Recent Discussions
Proper licensing for dynamic membership groups with the memberOf attribute.
Hello, because Microsoft premium licensing in MS Entra is too confusing and problematic I would like to be informed about proper licensing while using dynamic membership groups with the memberOf attribute as this article describes:https://learn.microsoft.com/en-us/entra/identity/users/groups-dynamic-rule-member-of, This function is available only for synchronized identities with premium licenses or just one premium license for a whole tenant is enought? I assume we need only one premium license based on this (from the official documentation): You must have a Microsoft Entra ID P1 or P2 license for the Microsoft Entra tenant. However I want to be sure because with one premium license we have all premium features unlocked in MS Entra ID . This means we need to be really careful and take care of compliance which is from my point of view very unfortunate. Microsoft put heavy burden on their tenants because of this licensing approach. It would be very nice to develop system/feature/policy which will take care of it or at least notify tenants that they are not compliant.SolvedMicrosoft 365 licensing for MFA seems to be one big joke?
I think licensing for M365 MFA is one big joke from Microsoft in these days. Let me explain: Let's say in our organization we have 100 users. We have 50 users with MS Entra ID Premium P1 licenses. The rest 50 users don't have any MS Entra ID premium license. Now because we had problems with MFA in past we decided to go to Conditional Access to create our custom login flows to avoid any problems we had. But because Conditional Access is only for users with Premium license we can use it only for 50 users. For the rest 50 users we can't use Security Defaults (which were disabled on our tenant since begging of times). We also can't use M365 per-user MFA because MS documentation says so: "You should also turn off per-user MFA after you've configure your policies and settings in Conditional Access." So overall in this example the only option for us how to get MFA for the rest 50 users is to buy more premium licenses. Yes you can say we don't need MFA for the rest 50 users but let me tell you that's not an option. Certain Microsoft portals requires MFA and they are not accessible for user or through API until you activate MFA for the user! So congratulations Microsoft. You business plan how to get as much money from your tenants is absolutely legendary. This is one big joke...SolvedLooking for an answer to a specific case within Exchange Hybrid Free/Busy sharing across two org.
Hello, At first let me say that we are really exhausted by finding some real answers for our problem. We tried Microsoft Official support which leads us nowhere, we read official and un-official documentations but the answer is nowhere to find. We have this problem for months and we can't find any reliable source of information to answer our questions. The context: We have two separate organizations. By separate organization I mean separate AD DS, separate M365 and MS Entra ID, separate physical place, separate management etc.. The setup within these two organizations: Organization A: AD DS, ADFS, AAD Connect, M365 (MS Entra ID), Exchange Online (only) All hybrid users in this organization have their active mailboxes in Exchange Online only. Non-hybrid users doesn't have any mailbox. THERE IS NO EXCHANGE ON-PREMISE SERVER! ALL EXCHANGE ON-PREMISE SERVERS ARE DEALLOCATED AND DELETED! Exchange Online has sharing configured against Organization B Exchange On-premise server and Exchange Online server and it's configured correctly. Organization B: AD DS, ADFS , AAD Connect, M365 (MS Entra ID), Exchange Hybrid (Exchange On-premise server and Exchange Online. Users in this organization have their mailboxes in Exchange On-prem or in Exchange Online (depends on the situation). Their autodiscover DNS is pointing to their Exchange On-premise server. Now the problem: We as Organization A are unable to retrieve Free/Busy status of calendars of users in Organization B WHEN the users in Organization B have their mailbox located in Exchange Online. Let's put it another way: I as an user from Organization A can retrieve user's free/busy status in Organization B when the user's mailbox is located on Exchange on-premise. However, when the user is migrated to Exchange Online within the Exchange Hybrid setup in the Organization B I as the user from Organization A can no longer retrieve the calendar free/busy status from that user from Organization B. The questions: 1. Why the free/busy status retrieval doesn't work when an user in Organization A is retrieving it from an user in Organization B while the user's mailbox of Organization B is located in Exchange Online within the Exchange Hybrid setup in Organization B? We will be very thankful for any information to this case.435Views0likes4CommentsM365 Customer Lockbox licensing
Can someone explain us how customer lockbox works under mixed licensing? For example: We have 99 M365 E3 licences and one M365 E5 license. In this situation there will be only one user/admin (which have M365 E5 license) able to turn on and off lockbox feature and also approve requests? Others users with E3 licence canĀ“t turn lockbox feature on or off or approve requests despite they are global admins?Solved21KViews0likes4Comments
Groups
Recent Blog Articles
No content to show