Tag
PowerShell
Entra ID App Registration Secrets Expiry: How to Stop Getting Caught Off Guard
Client secrets on App Registrations expire silently — no email alert is sent by default. When the deadline passes, every integration fails immediately with AADSTS7000215. This article covers a PowerShell audit script, safe rotation without a maintenance window, and credential lifecycle policies.
Stale Devices in Entra ID and Intune: A Safe Cleanup Guide That Won't Cost You BitLocker Keys
Intune and Entra ID store device records independently — cleaning one system doesn't touch the other. Running a careless bulk delete will permanently destroy BitLocker recovery keys. This guide covers the full safe cleanup sequence: inventory export, Autopilot exclusions, BitLocker backup, disable-then-delete workflow, and PowerShell automation.