Get-MgPolicyAuthorizationPolicy Archives

Update Entra ID User Role Permissions to Secure Your Tenant

Posted on May 9, 2024May 2, 2024 by Tony Redmond

The user authorization policy defines user role permissions, or actions that non-admin users can take within an Entra ID tenant. The default settings are silly. I can’t think of good reasons to allow non-admin users to create new registered apps, tenants, or security groups. Why default settings allow these actions is a mystery, and it could be they’re just outdated.

The Fuss About the Azure AD Tenant Creation Setting

Posted on November 29, 2022December 14, 2022 by Tony Redmond

A fuss erupted about the Azure AD admin center setting to control Azure AD tenant creation by users. Allowing people to have their own tenant can be a good thing, especially for developers who want to have a tenant as a sandbox to test code in. In this article, we discuss what the control is, what it does, and how to set it with PowerShell.