Microsoft Entra Gets New Admin Portal, Plus Machine Learning for Access Reviews

Microsoft is starting to roll out a new Microsoft Entra Admin Center portal, along with some other product improvements announced this week.

Additionally, users of the Microsoft Entra Identity Governance service are getting machine learning support to inform the access review process when using an Access Reviews feature.

Access Reviews and Machine Learning Preview

Microsoft has enhanced the process of reviewing user access permissions in organizations by adding machine learning capabilities. This machine-learning capability is available at the preview stage via an Access Reviews feature for users of the Azure Identity Governance service, which is also at the preview stage.

For instance, IT pros can turn on a “User-to-Group Affiliation recommendation” (in preview) from the Microsoft Azure Identity Governance portal for the Access Reviews feature. It’ll score users for getting access when IT pros use the Access Reviews feature.

When turned on, the User-to-Group Affiliation capability will recommend denying access to a user if that person is too organizationally distant from the usual hierarchical expectations for such access. Such users are deemed to have a “low affiliation” in such cases.

Microsoft typically describes the Access Reviews feature as an Azure Active Directory capability. However, it appears to be specifically available to Azure Identity Governance service users.

New Microsoft Entra Admin Center Portal

Microsoft this month is starting to roll out a new Microsoft Entra Admin Center portal to “Microsoft 365 and Azure Active Directory” customers.

The new portal will get delivered to IT pros via a “staged rollout” this month. IT pros will be directed to the new portal “in place of the Azure AD admin center” portal, Microsoft explained.

The fate of the Azure AD Admin Center portal isn’t wholly clear from Microsoft’s announcement, but it’ll still be available, apparently. The announcement indicated that users of the Entra Admin Center portal can “return to the Azure AD admin center from a link on the Entra admin center.”

The Microsoft Entra Admin Center offers links to various Microsoft Entra products, and that aspect seems to be the gist of the portal switch. However, it’ll be the portal where Microsoft is expecting to add more new capabilities, per the announcement.

IT pros can check out the new Microsoft Entra Admin Center at entra.microsoft.com. It’s available for review prior to tenancy rollout.

Microsoft Entra Change Management

Also this week, Microsoft explained how it plans to announce Microsoft Entra product changes. The details are explained in this Nov. 30 announcement.

Microsoft Entra change announcements will be timed as follows:

Biannual product “retirement” announcements, and

Quarterly “breaking change” and “feature change” announcements.

Microsoft also plans to describe new product capabilities between those intervals.

New Microsoft Entra product capabilities and changes also were described in Microsoft’s Nov. 30 announcement.

For instance, Microsoft indicated that the “Number Matching and Additional Context” features in Microsoft Authenticator, used for warding off “multifactor authentication fatigue attacks” are now at the “general availability” commercial-release stage. They actually reached general availability on Oct. 24.

Microsoft also will be bringing IPv6 support to the Azure Active Directory service. It’s expected to happen via a phased delivery, starting on “March 31, 2023.” IPv4 won’t get deprioritized with this change. Instead, the addition of IPv6 support will “allow customers to reach the Azure AD services over both IPv4 and IPv6 network protocols (dual stack),” the announcement indicated.

Microsoft also announced plans to “retire” Azure AD Domain Services on “March 1, 2023.” Azure AD Domain Services deployments can instead be hosted using Azure Resource Manager, Microsoft contended.

The Microsoft Entra Product Line

Microsoft Entra is the branding name for a bunch of Microsoft identity and access management products. Microsoft had kicked off this new branding in May, which then encompassed three products. In October, Microsoft added two more Entra products to this product line.

Here’s the current list of Microsoft Entra products:

All of those products above are said to be at the “general availability” commercial-release stage, with the exception of Microsoft Entra Identity Governance, which is currently at the preview stage.