Authenticator not displaying numbers on MacOS
I'm have an issue with MFA on a Mac (all the latest versions). We have conditional access policies in place, so once a day I'm prompted for MFA (I work off-site) and the Office app (e.g. Outlook, Teams) will create the pop-up window that 'should' display a number that I then match on my phone. My phone see's the push notification, but the Mac never creates the numbers in the first place. The pop-up is there, just no number. The workaround is: Answer 'its not me' on the phone On the Mac, select 'I can't use Authenticator right now' Tell the Mac to send a new request This time it creates the number and I can authenticate on the phone. It only appears to happen for the installed Office applications i.e. if I'm accessing applications/admin-centre via the browser, then the pop-up is within the browser and everything works first time. Is this a known issue?Anomalies with Conditional Access Policy "Terms of Use" Failures
Hello Microsoft Community, I'm reaching out with a bit of a puzzle regarding our "Terms of Use" Conditional Access policy, and I'm eager to tap into the collective wisdom here for some insights. In our Entra ID User Sign-In logs, we've identified intermittent "failure" entries associated with the "Terms of Use" Conditional Access policy. Interestingly, even for users who had previously accepted the "Terms of Use". There appears to be no discernible impact, and they continue their tasks without interruption. This observation became apparent during the troubleshooting of unrelated Surface Hub and Edge Sync issues at some client sites. What adds to the complexity of the situation is that for the same users, both before and after these "failure" entries, the Conditional Access policy is marked as "success". Hence, it doesn't seem to be a straightforward case of the policy erroneously detecting non-acceptance of the "Terms of Use". The mystery lies in understanding why these intermittent "failure" entries occur for users who have already accepted the terms, especially when the policy consistently reports "success" for the same users. Furthermore, the Insights for the "Terms of Use" Conditional Access policy show around 1.48k successes and 1.43k failures in the last 90 days, yet there's no discernible impact on user functionality. Observations: "Failure" entries in Sign-In logs don't seem to disrupt users' day-to-day activities. The ratio of successes to failures is balanced, yet users experience no noticeable problems. The issue complicates troubleshooting efforts but doesn't significantly affect the user experience. I'm turning to the community for guidance on interpreting and resolving this discrepancy between "failure" entries in the Conditional Access policy logs and the seemingly unaffected user experience. Any insights into why these failures occur without user impact would be greatly appreciated. For additional context, I've attached screenshots of a user's Sign-In log entry and the insight chart from the Conditional Access policy. Sign-In log of a user (failure): Sign-In log of same user (success): Current Conditional Access insights: Thank you in advance for your time and assistance. I look forward to any guidance or solutions you can provide. Best regards, Leon TüpkerMicrosoft Security Community in 2025
Hey all! As your community manager, I wanted to kick off 2025 by asking you all: What you want to see more of on the Security Tech Community in the next year? What makes this platform most helpful to you? Is it more online events? Is it more community-based games or giveaways? We know this new platform UI update has come with a lot of overwhelming changes and challenges, so I wanted to check in on how everyone is doing. Please comment down below! Any and all feedback is appreciated. Let's have a conversation. Thank you!
MS Sensitivity labels mail sending MIME format Header
I selected the Sensitivity labels in OWA and checked the value exposed in Chrome developer mode when sending an email. When sending mail (C#-EWS sending test), i confirmed that the message was encrypted by additionally coding the header with the information below. ## Header Sample X-MS-Exchange-Organization-ModifySensitivityLabel: 00000000-0000-0000-0000-000000000000;6e4f02ee-0f9f-44eb-9f14-57b7d505f382 msip_labels: MSIP_Label_6e4f02ee-0f9f-44eb-9f14-57b7d505f382_Enabled=True;MSIP_Label_6e4f02ee-0f9f-44eb-9f14-57b7d505f382_SiteId=a23af047-ccd4-43c4-b36d-5303e9f04b12;MSIP_Label_6e4f02ee-0f9f-44eb-9f14-57b7d505f382_SetDate=2024-03-18T00:20:34.940Z;MSIP_Label_6e4f02ee-0f9f-44eb-9f14-57b7d505f382_Name=Confidential;MSIP_Label_6e4f02ee-0f9f-44eb-9f14-57b7d505f382_ContentBits=0;MSIP_Label_6e4f02ee-0f9f-44eb-9f14-57b7d505f382_Method=Privileged; ## Question - If only msip_labels is applied, the sensitivity label is displayed, but the message is not encrypted. Adding X-MS-Exchange-Organization-ModifySensitivityLabel will enable message encryption. Can I code it like this? - The msip_labels guide is provided by [concept-mip-metadata] Where can I find the specifications for X-MS-Exchange-Organization-ModifySensitivityLabel? - What are the limitations of development if implemented only by adding a header? Thanks in advanceRSS feeds to security blogs?
Hello, After the update of blogs here i no longer see any RSS feeds or links. Where can those RSS feed be found now? It was the only newsfeed where blogs could be aggregated. perhaps im just blind :) but i cant find the new RSS feeds. Thank you! Previously (before this weeks update) the links to those RSS feed was as follows: https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=MicrosoftSecurityandCompliance https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=Identity https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=CoreInfrastructureandSecurityBlog https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=AzureNetworkSecurityBlog https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=IdentityStandards https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=MicrosoftThreatProtectionBlog https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=MicrosoftDefenderCloudBlog https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=MicrosoftDefenderATPBlog https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=MicrosoftDefenderIoTBlog https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=DefenderExternalAttackSurfaceMgmtBlog https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=Vulnerability-Management https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=DefenderThreatIntelligence https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=MicrosoftSecurityExperts https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=Microsoft-Security-Baselines https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=MicrosoftSentinelBlog https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=MicrosoftDefenderforOffice365Blog
Auto-labelling in Purview-Which license or alternatives can be used rather than E5 ?
We are considering adopting Purview for Information Protection and DLP, but we are currently on E3 licenses. Given the extensive size of our SharePoint environment, auto-labelling is crucial for applying sensitivity labels to content across wide scopes automatically. My question is, are there any alternatives to upgrading licenses to E5 or adding the Compliance Add-on? Upgrading several thousand users to E5 or the Compliance Add-on requires significant justification, and I am wondering if there are other interim solutions we could leverage for a period of one year. Any thoughts would be greatly appreciated! Thank you! KevMonitor logical disk space through Intune
Hi All, We have a requirement to monitor low disk space, particularly on devices with less than 1GB of available space. We were considering creating a custom compliance policy, but this would lead to blocking access to company resources as soon as the device becomes non-compliant. Therefore, we were wondering if there are any other automated methods we could use to monitor the logical disk space (primarily the C drive) using Intune or Microsoft Graph. Thanks in advance, Dilan
