In this episode, we are joined by Maqsood Bhatti, the IAM Principal Engineer at Elkjøp Nordic, who takes us through their incredible journey of migrating from the legacy NetIQ platform to Microsoft Entra.

What's fascinating is how they accomplished this years ago, completely bypassing traditional tools like Entra Connect and adopting a "production-only" environment. Maqsood shares how they built a truly cloud-native identity solution from the ground up, leveraging custom connectors, app roles, and automating everything, including moving off the legacy platform entirely.

You’ll also hear about their advanced use of Microsoft Identity Governance, Logic Apps for custom provisioning, and a strict modern authentication policy that has shaped their identity and access management (IAM) for nearly a decade.

Watch on YouTube

PS. Can I ask a favor? If you enjoyed this episode please leave a review and rating! Thank you 🙏 - Merill

About Maqsood

Maqsood is the IAM Principal Engineer at Elkjøp Nordic, a company that was an early adopter of access automation since 2006. He has been instrumental in their journey from legacy systems like NetIQ to a modern, cloud-native Microsoft Entra infrastructure , championing innovative approaches like custom API integrations and a "prod-only" development environment.

LinkedIn - https://www.linkedin.com/in/maqsoodbhatti/

🔗 Related Links

* Elkjøp Nordic unngår IT-floker med storskala automatisering

📗 Chapters

00:00 Intro

01:10 Early Days & NetIQ Automation

03:34 The Journey to Public Cloud & Microsoft 365

08:23 Custom Connectors and Real-Time Sync

15:08 Embracing Azure, App Roles & Modern Auth

19:29 Password Sync & Skipping Entra Connect

22:57 Decommissioning NetIQ: Challenges & Motivations

27:27 Leveraging Entra ID Domain Services as a Bridge

33:28 Mastering App Roles & Guiding Developers

44:27 Migrating to Entra ID Governance & Logic Apps

52:57 The "Prod-Only" Philosophy & Cloud-Native Mindset

Podcast Apps

🎙️ Entra.Chat - https://entra.chat

🎧 Apple Podcast → https://entra.chat/apple

📺 YouTube → https://entra.chat/youtube

📺 Spotify → https://entra.chat/spotify

🎧 Overcast → https://entra.chat/overcast

🎧 Pocketcast → https://entra.chat/pocketcast

🎧 Others → https://entra.chat/rss

Merill's socials

📺 YouTube → youtube.com/@merillx

👔 LinkedIn → linkedin.com/in/merill

🐤 Twitter → twitter.com/merill

🕺 TikTok → tiktok.com/@merillf

🦋 Bluesky → bsky.app/profile/merill.net

🐘 Mastodon → infosec.exchange/@merill

🧵 Threads → threads.net/@merillf

🤖 GitHub → github.com/merill

Get full access to Entra.News - Your weekly dose of Microsoft Entra at entra.news/subscribe