Azure Active Directory is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for June 2022:
What’s New
Temporary Access Pass is now available General Availability
Service category: Multi-factor Authentication (MFA)
Product capability: User Authentication
Temporary Access Pass (TAP) is now generally available. TAPs can be used to securely register password-less methods such as Phone Sign-in, phishing resistant methods such as FIDO2, and even assist in Windows onboarding (Azure AD Join and Windows Hello for Business). TAPs also makes recovery easier when people have lost or forgotten their strong authentication methods and need to sign in to register new authentication methods.
Protect against by-passing of cloud Azure AD Multi-Factor Authentication when federated with Azure AD General Availability
Service category: Microsoft Graph
Product capability: Identity Security & Protection
Microsoft is delighted to announce a new security protection that prevents bypassing of cloud Azure AD multi-factor authentication (MFA) when federated with Azure AD.
When enabled for a federated domain in the Azure AD tenant, it ensures that a compromised federated account cannot bypass Azure AD multi-factor authentication (MFA) by imitating that multi-factor authentication has already been performed by the identity provider (IdP). The protection can be enabled via new security setting, federatedIdpMfaBehavior.
Microsoft highly recommends enabling this new protection when using Azure AD multi-factor authentication (MFA) as your multi-factor authentication method for federated users.
Dynamic Group support for MemberOf Public Preview
Service category: Group Management
Product capability: Directory
This feature enables admins to build dynamic Azure AD security groups and Microsoft 365 groups, based on memberships of other groups, For example, you can now create Dynamic-Group-A with members of Group-X and Group-Y.
Roles are being assigned outside of Privileged Identity Management Public Preview
Service category: Privileged Identity Management (PIM)
Product capability: Privileged Identity Management (PIM)
Organizations can be alerted on assignments made outside Azure AD Privileged Identity Management (PIM) either directly on the Azure portal or also via email. For the current public preview, the assignments are being tracked at the subscription level.
New provisioning connector in the Azure AD Application Gallery
Service category: App Provisioning
Product capability: 3rd Party Integration
Organizations can now automate creating, updating, and deleting user accounts for Whimsical.
New Federated Apps available in Azure AD Application gallery
ervice category: Enterprise Apps
Product capability: 3rd Party Integration
In June 2022, Microsoft has added the following new applications in the Azure AD App gallery with Federation support:
- Leadcamp Mailer
- PULCE
- Hive Learning
- Planview LeanKit
- Javelo
- きょうしつでビスケット
- Agile Provisioning
- xCarrier®
- Skillcast
- JTRA
- InnerSpace inTELLO
- Seculio
- XplicitTrust Partner Console
- Veracity Single-Sign On
- Guardium Data Protection
- IntellicureEHR v7
- BMIS – Battery Management Information System
- Finbiosoft Cloud
- Standard for Success K-12
- E2open LSP
- TVU Service
- S4 – Digitsec
What’s Changed
New Azure AD Portal All Users list and User Profile UI Public Preview
Service category: User Management
Product capability: User Management
Microsoft is enhancing the All Users list and the User Profile in the Azure AD Portal to make it easier to find and manage user objects. Improvements include:
All Users List:
- Infinite scrolling
- More user properties can be added as columns and filtered on
- Columns can be reordered via drag and drop
- Default columns shown and their order can be managed via the column picker
- The ability to copy and share the current view
User Profile:
- A new Overview page that surfaces insights (that is, group memberships, account enabled, MFA capable, risky user, etc.)
- A new monitoring tab
- More user properties can be viewed and edited in the properties tab
More device properties supported for Dynamic Device groups Public Preview
Service category: Group Management
Product capability: Directory
Admins can now create or update dynamic device groups using the following properties:
- deviceManagementAppId
- deviceTrustType
- extensionAttribute1-15
- profileType
Login