December 02, 2022
Microsoft Entra gets new admin portal, plus machine learning for access reviews
Microsoft begins rolling out a new Microsoft Entra Admin Center portal, along with several other product enhancements announced this week.
In addition, users of the Microsoft Entra Identity Governance service get machine learning support to inform the access control process when using an access reviews feature.
Access Reviews and Machine Learning Preview
Microsoft has improved the process of checking user access permissions in organizations by adding machine learning capabilities. This machine learning capability is available in the preview phase via an Access Reviews feature for users of the Azure Identity Governance service, which is also in the preview phase.
For example, IT professionals can enable an“Affiliation recommendation from user to group” (in preview) from the Microsoft Azure Identity Governance portal for the Access Reviews feature. It will score users for getting access when IT professionals use the Access Reviews feature.
When enabled, it is recommended that a user be denied access if that person is organizationally too far removed from the usual hierarchical expectations for such access. Such users are considered “low affiliation” in such cases.
Microsoft usually describes the Access Reviews feature as an Azure Active Directory capability. However, it seems to be available specifically to users of the Azure Identity Governance service.
New Microsoft Entra Admin Center Portal
Microsoft will begin rolling out a new Microsoft Entra Admin Center portal for “Microsoft 365 and Azure Active Directory” customers this month.
The new portal will be delivered to IT professionals through a “phased rollout” this month. IT professionals will be directed to the new portal “instead of the Azure AD management center” portal, Microsoft explained.
The fate of the Azure AD Admin Center portal is not entirely clear from Microsoft’s announcement, but it will apparently still be available. The announcement indicated that users of the Entra Admin Center portal “can return to the Azure AD Admin Center via a link in the Entra Admin Center.”
The Microsoft Entra Admin Center provides links to various Microsoft Entra products, and that aspect seems to be at the heart of the portal switch. However, it will be the portal where Microsoft expects to add more new features, according to the announcement.
IT professionals can check out the new Microsoft Entra Admin Center at entra.microsoft.com. It is available for review prior to lease rollout.
Microsoft Entra Change Management
Also this week, Microsoft explained how it plans to announce Microsoft Entra product changes. Details are explained in this Nov. 30 announcement.
Announcements of Changes to Microsoft Entra are timed as follows:
- Semi-annual announcements of product “retirement,” and
- Quarterly “breaking change” and “feature change” announcements.
Microsoft also plans to describe new product capabilities between those intervals.
New Microsoft Entra product capabilities and changes were also described in Microsoft’s Nov. 30 announcement.
For example, Microsoft indicated that the“Number Matching and Additional Context” features in Microsoft Authenticator, which are used to fend off “multifactor authentication fatigue attacks,” are now in the commercial release phase of “general availability.” They even reached general availability on Oct. 24.
Microsoft is also bringing IPv6 support to the Azure Active Directory service. It is expected to be done via phased delivery, beginning on “March 31, 2023.” IPv4 is not deprioritized with this change. Instead, the addition of IPv6 support will “enable customers to reach Azure AD services over both IPv4 and IPv6 network protocols (dual stack),” according to the announcement.
Microsoft also announced plans to decommission Azure AD Domain Services on “March 1, 2023.” Azure AD Domain Services deployments can instead be hosted with Azure Resource Manager, Microsoft claimed.
The Microsoft Entra product line
Microsoft Entra is the brand name for a host of Microsoft identity and access management products. Microsoft had begun this new branding in May, which included three products at the time. In October, Microsoft added two more Entra products to this product line.
Here is the current list of Microsoft Entra products:
- Microsoft Azure Active Directory, part of Microsoft Entra (Azure AD), our flagship cloud identity product.
- Microsoft Entra Permissions Management, our cloud infrastructure rights management product.
- Microsoft Entra Verified ID, our decentralized identity product.
- Microsoft Entra Identity Governance, our complete Identity Governance product.
- Microsoft Entra Workload Identities, our product that provides advanced security and governance for non-human identities.
All of the above products are said to be in the commercial release phase of “general availability,” with the exception of Microsoft Entra Identity Governance, which is currently in the preview phase.
Want to know more?
I see, I see what you don’t: resources and governance in Microsoft 365
Microsoft Purview: Your Solution for Data Protection and Compliance
Is the New Microsoft Intune Suite the Right Step for Your Business?
Tech Updates: Microsoft 365, Azure, Cybersecurity & AI – Weekly in Your Mailbox.