Upon visiting the Microsoft 365 Dev Center, it will ask you to sign in with your Microsoft account.
This will be the Microsoft account that your developer tenant will be associated with, but not the one you use to log into it.
You should see something like this 👇
So we simply fill out a few forms that let Microsoft know what we intend to do.
Please do not abuse this or use it for business purposes.
I build automation scripts, test SSO like SAML/OIDC with various apps, and build documentation for sharing with others for learning.
And just like that, we now have our own M365 Developer account where we can set up our E5 subscription!
So the next step is to click the big blue "Set up E5 subscription" button and follow the wizard.
Note: Microsoft has a really bad password limitation on sign up, so use a crappy one and change it once you've logged in
2nd note: Kudos to MS on requiring MFA, even if it is SMS :)
You should now see 92 days or so (I did this a bit ago) remaining on the subscription, and you can renew this over and over as long as you are using it appropriately.
While you are here, you can definitely add their sample data packs which might be helpful to learn with :)
Next thing we can do is log into the Azure Portal by going to portal.azure.com
Click the hamburger menu icon (that's what we're calling it, right?), and click Azure Active Directory.
You should now see that you are a Global Admin with Azure AD Premium P2
Feel the power!
So you now have a dev tenant that you can just look around and play in.
Check out Azure AD, poke around, create users, groups, etc.
I have an AD lab that I will be connecting to this, and I'll be creating threads in the near future on setting up everything we can in M365.
If you have specific things you want to see, let me know
Plan is Azure AD first (Roles/PIM, Apps/SP's/SSO, Conditional Access, Users, Groups, AUs, etc), then Exchange/SharePoint/ConfigMgr migration stuff, and finally set up the full Defender/MCAS suite
Bedtime for now though :)
Many people asked about renewals, so I'm tossing a little update on here
I've logged into this tenant about 40 times in the last 90 days and played around with various settings, and I added my GitHub to my dev account with a few dozen commits.
That was all it needed to renew 👇
• • •
Missing some Tweet in this thread? You can try to
force a refresh
And there it is - Passkey in Microsoft Authenticator!
If you'd like to set up Passkeys in Microsoft Authenticator, follow along. I'll provide a script to grab all existing AAGUIDs from your environment so we can configure this for testing without breaking existing keys :)
Before we being, it's very important to call out that the Preview requires we set "Enforce attestation" to No, and for this reason, we NEED to restrict use to specific keys
In this case, we want to use the Allow option so that only those explicitly on the list can be registered
The query below can be used to identify all AAGUIDs currently in use in your environment
Add those along with these two :)
Authenticator for Android: de1e552d-db1d-4423-a619-566b625cdc84
Authenticator for iOS: 90a3ccdf-635c-4729-a248-9b709135078f
Initially, they only supported users but were expanded to support groups and devices, which also included some roles associated with those object types
One big issue had always been having to script add objects to AUs, but now we can use queries!
I saw a guide on this a while back but can't find it anymore... :(
I don't have Windows 365 to test right now, but this is what *should* work and best of what I can remember from the thread/blog that I read some time last year...