We are running in a hybrid mode with Azure and when a user object is deprovisioned in Active Roles it takes 30-45 minutes for that change to sync to Azure. The problem is that terminated user would have access to Office 365 resources during that period of time. How are people handling revoking access tokens in Azure during terminations? I know there is a command that i can run via powershell from ARS server (Revoke-AzureADSignedInUserAllRefreshToken) however our ARS server lives on premise and we require MFA to authenticate to our azure tenant so i dont know how to run the command from ARS server because of the MFA requirement. How are others handling this situation?
- Products
- View all products
- Free trials
- Privileged Access Management
- Overview
- Safeguard
- Safeguard On Demand
- Safeguard for Privileged Analytics
- Safeguard for Privileged Passwords
- Safeguard for Privileged Sessions
- Safeguard Remote Access
-
Endpoint Privilege Management
- Privilege Manager for Windows
- Privilege Manager for Unix
- Safeguard Authentication Services
- Safeguard for Sudo
- Access Management
- Identity Governance and Administration
- Active Directory Management
- Log Management
- Solutions
- Resources
- Trials
- Support
- Partners
- Communities