Merill Fernando
Merill Fernando
Based on feedback about instructions not being clear.
Would it be possible to extend further (I tried unsuccessfully with the current implementation) with deep linking to a specific tenant? e.g https://ad.cmd.ms/?tenantId=idmspecialist.com or https://ad.cmd.ms/idmspecialist.com ?? https://twitter.com/darrenjrobinson/status/1585405880585326593?s=20&t=7WKItS0wqGkVReHhDL89rw
Workload ID CA policies cannot have an exclusion for emergency access accounts. MT.1005 will need to automatically exclude Workload ID policies from this check. See this thread for discussion https://discord.com/channels/1125617152368594976/1228042312202850415
This test will validation if the tenant is configured to block federated tokens (deny sign-in request) from asserting to managed accounts or accounts belonging to a different federated domain in...
In tests like [Test-MtCaApplicationEnforcedRestrictions](https://github.com/maester365/maester/blob/main/src/public/Test-MtCaApplicationEnforcedRestrictions.ps1) where we check for a specific setting on unmanaged devices, if there is a global setting that requires Compliant device then these specific checks are not...