title | description |
---|---|
Steampipe Table: azuread_directory_setting - Query Azure Active Directory Directory Settings using SQL |
Allows users to query Directory Settings in Azure Active Directory, specifically the settings that define the behavior and functionality of the directory. |
Azure Active Directory (Azure AD) is Microsoft's multi-tenant, cloud-based directory, and identity management service. Directory Settings in Azure AD are configurable settings that define the behavior and functionality of the directory. These settings include the ability to manage features like self-service password reset, device settings, group settings, and more.
The azuread_directory_setting
table provides insights into Directory Settings within Azure Active Directory. As an IT administrator, explore settings-specific details through this table, including the status of various features like self-service password reset, device settings, group settings, and more. Utilize it to uncover information about the configuration and behavior of your Azure AD directory.
Explore the basic information in your Azure Active Directory settings to determine the areas where changes or updates may be needed. This can be especially useful in managing user access and permissions within your organization.
select
display_name,
id,
value
from
azuread_directory_setting;
select
display_name,
id,
value
from
azuread_directory_setting;
Determine if the workflow for user admin consent is activated. This is useful for managing and enforcing user permissions and access controls within your Azure Active Directory.
select
display_name,
id,
name,
value
from
azuread_directory_setting
where
display_name = 'Consent Policy Settings'
and name = 'EnableAdminConsentRequests'
and value::bool;
select
display_name,
id,
name,
value
from
azuread_directory_setting
where
display_name = 'Consent Policy Settings'
and name = 'EnableAdminConsentRequests'
and value = '1';
Determine if your organization's password policy is effectively safeguarding against the use of commonly banned passwords. This query is beneficial in identifying potential vulnerabilities in your password protection settings, ensuring a robust security protocol.
select
display_name,
id,
name,
value
from
azuread_directory_setting
where
display_name = 'Password Rule Settings'
and (
name = 'EnableBannedPasswordCheckOnPremises'
and value::bool
) and (
name = 'BannedPasswordCheckOnPremisesMode'
and value = 'Enforced'
);
select
display_name,
id,
name,
value
from
azuread_directory_setting
where
display_name = 'Password Rule Settings'
and (
name = 'EnableBannedPasswordCheckOnPremises'
and value = 'true'
) and (
name = 'BannedPasswordCheckOnPremisesMode'
and value = 'Enforced'
);