I have some users in azure ad and some windows 10 joined devices. I want to get list of active users in windows 10(logged in with azure ad) making request to Microsoft graph, but i can't find that option.
I would appreciate any help or indication that you could give me. Thanks!!
You can try this
Get https://graph.microsoft.com/v1.0/devices?$count=true&$filter=startswith(operatingSystem, 'Windows')&$expand=registeredUsers
With request header ConsistencyLevel:eventual
Reference:
List devices - Microsoft Graph v1.0 | Microsoft Docs
Related
I've registered an application (Any Azure AD directory - Multitenant) in Microsoft Azure AD to be able to work with MS Graph API for creating the groups and teams programmatically. Now I'm able to call the MS Graph API and create the groups. The issue I'm having right now is I have a naming policy like this <Department> - <Group name> in Azure AD and as I call the MS Graph API with the application identity and as I don't have any department for my app, the department part is always empty. I would like to know if there is a way to set department or other attributes for the app in Azure AD?
Thank you in advance!
There is no option to add attribute for the app in azure ad.
I am a software developer and I've been working on integrating Microsoft Graph Api in my application to be able to retrieve calendar information for users. For development purposes, I have been using a Microsoft 365 Developer subscription, in which I register my app, by following https://learn.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app. This seems to be working fine with my developer subscription, so after creating a small proof of concept, now I am trying to make a time and cost estimation for this, and I have some doubts about if there are any costs for the client.
Is Azure Active Directory Admin Center available on all Microsoft 365 business plans with the "App registration" option? Or are there any other cost-related aspects I need to take in consideration?
I've searched online and found that there shouldn't be any additional costs, but since I am not really familiar with Microsoft 365 and Azure Active Directory Admin Center other than what I used for my proof of concept, I am not really sure I have the right information.
Maybe there is someone who already implemented this in production and can have a better understanding over this.
Thanks
Microsoft 365 subscription extra-costs for Microsoft Graph Api usage
1.There is no extra cost to use the API, it is open source.
and I have some doubts about if there are any costs for the client.
2.No,it's free.And only microsoft 365 subscription needs to be charged.
3.Yes,all Microsoft 365 subscriptions offer this option.
As #Nishant - MSFT Identity says,Registering apps in Azure AD does not involve any costs and Microsoft 365 E5 developer subscription​ comes with Azure Active Directory(it's free) for building advanced identity and access management solutions.
M365 subscription will have an Azure tenant associated with it and hence you can create application for authenticating to AAD using MS Graph.
we have been using office 365 E3 for the past number of years. we would like to configure a windows 2019 essentials server locally for file storage and a few shared applications (ie quickbooks multi-user).
is there a process to pull the user information from azure active directory to the local server? any advice is greatly appreciated.
thank you!!
If my understanding is correct, you really want is to be able to grant admin rights to your Azure AD users and allow them to login to the server with their regular Azure AD credentials.
If yes, then most optimum way of doing is to have on prem AD and have you user synced up from Azure AD to local AD. Azure AD Connect comes pretty handy in this scenario.
You can also take a look at Azure AD DS, Azure Active Directory Domain Services (Azure AD DS) provides managed domain services such as domain join, group policy, lightweight directory access protocol (LDAP), and Kerberos / NTLM authentication that is fully compatible with Windows Server Active Directory. You use these domain services without the need to deploy, manage, and patch domain controllers in the cloud. Azure AD DS integrates with your existing Azure AD tenant, which makes it possible for users to sign in using their existing credentials.
https://learn.microsoft.com/en-us/azure/active-directory-domain-services/overview
Check this link as well for additional reference:
https://serverfault.com/questions/808047/how-to-manage-on-premise-servers-using-azure-ad-credentials
Hope it helps.
I've logged into Windows 10 using my office 365 account and running WindowsIdentity.GetCurrent() gives me AzureAD\\LocTrang and Sid.
When I look into ADSI CN=ForeignSecurityPrincipals I can see the Sid. But pulling down the users from office 365 Azure Active Directory I could not find any correlation between my office 365 account and what WindowsIdentity has given me.
I know they're not the same but I need to find the connection between office 365 account and my Windows account which I've logged in using my office 365 account.
You need to check the attributes used to match users when AAD Connect is run.
AAD Connect syncs AD users up to Azure AD.
Normally UPN is used.
You also need to check what attributes are synched up since if they are not synched, they won't be in Azure AD.
How to fetch siginins (login information) for all the users in domain with the basic license without AAD premium licenses ]
You could use Microsoft Graph Explorer to get sign-ins information for all users by using:
GET https://graph.microsoft.com/v1.0/reports//getTeamsUserActivityUserDetail(period='{period_value}')
or GET https:/graph.microsoft.com/v1.o/reports/getTeamsUserActivityUserDetail(date={date_value})
And the required related permissions :
For the details, you could read here.