What’s New in Azure Active Directory for September 2019

Azure Active Directory

Azure Active Directory is Microsoft’s Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for September 2019:

                          

What’s Planned

My Profile is re-naming and integrating with the Microsoft Office account page

Service category: My Profile/Account
Product capability: Collaboration

Starting in October, the My Profile experience will become My Account. As part of that change, everywhere that currently reads My Profile changes to My Account.

On top of the naming change and some design improvements, the updated experience will offer additional integration with the Microsoft Office account page. Specifically, you’ll be able to access Office installations and subscriptions from the Overview Account page, along with Office-related contact preferences from the Privacy page.

                                   

What’s New

Bulk manage groups and members using CSV files in the Azure AD portal Public Preview

Service category: Group Management
Product capability: Collaboration

Microsoft is pleased to announce public preview availability of the bulk group management experiences in the Azure AD portal. Admins can now use a CSV file and the Azure AD portal to manage groups and member lists, including:

  • Adding or removing members from a group.
  • Downloading the list of groups from the directory.
  • Downloading the list of group members for a specific group.

                 

Dynamic consent is now supported through a new admin consent endpoint

Service category: Authentications (Logins)
Product capability: User Authentication

Microsoft has created a new admin consent endpoint to support dynamic consent, which is helpful for apps that want to use the dynamic consent model on the Microsoft Identity platform.

                 

New Azure AD Global Reader role

Service category: RBAC
Product capability: Access Control

The Global Reader role is the read-only counterpart to Global Administrator. Users in this role can read settings and administrative information across Microsoft 365 services, but can’t take management actions.

Microsoft has created the Global Reader role to help reduce the number of Global Administrators in organizations. Because Global Administrator accounts are powerful and vulnerable to attack, Microsoft recommends:

  • that organizations have fewer than five Global Administrators.
  • using the Global Reader role for planning, audits, or investigations.
  • using the Global Reader role in combination with other limited administrator roles, like Exchange Administrator, to help get work done without requiring the Global Administrator role.

The Global Reader role works with the new Microsoft 365 Admin Center, Exchange Admin Center, Teams Admin Center, Security Center, Compliance Center, Azure AD Admin Center, and the Device Management Admin Center.

           

Access an on-premises Report Server from your Power BI Mobile app using Azure Active Directory Application Proxy

Service category: App Proxy
Product capability: Access Control

New integration between the Power BI mobile app and Azure AD Application Proxy allows you to securely sign in to the Power BI mobile app and view any of your organization’s reports hosted on the on-premises Power BI Report Server.

For information about the Power BI Mobile app, including where to download the app, see the Power BI site.

              

What’s Changed

New version of the AzureADPreview PowerShell module is available

Service category: Other
Product capability: Directory

New cmdlets were added to the AzureADPreview module, to help define and assign custom roles in Azure AD, including:

  • Add-AzureADMSFeatureRolloutPolicyDirectoryObject
  • Get-AzureADMSFeatureRolloutPolicy
  • New-AzureADMSFeatureRolloutPolicy
  • Remove-AzureADMSFeatureRolloutPolicy
  • Remove-AzureADMSFeatureRolloutPolicyDirectoryObject
  • Set-AzureADMSFeatureRolloutPolicy

leave your comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.