Get Users/Groups/Objects from Microsoft/Forefront Identity Manager with Azure Functions and the Lithnet Resource Management Powershell Module

14th of November, 2016 / / No Comments

Introduction

As an Identity Management consultant if I had a $1 for every time I’ve been asked “what is user x’s current status in IDAM”, “is user x active?”, “does user x have an account in y?”, “what is user x’s primary email address?”, particularly after Go Live of an IDAM solution my holidays would be a lot more exotic.
From a Service Desk perspective IDAM implementations are often a black box in the middle of the network that for the most part do what they were designed and implemented to do.… [Keep reading] “Get Users/Groups/Objects from Microsoft/Forefront Identity Manager with Azure Functions and the Lithnet Resource Management Powershell Module”

Automate Secondary ADFS Node Installation and Configuration

1st of November, 2016 / / No Comments

Originally posted on Nivlesh’s blog @ nivleshc.wordpress.com

Introduction

Additional nodes in an ADFS farm are required to provide redundancy incase your primary ADFS node goes offline. This ensures your ADFS service is still up and servicing all incoming requests. Additional nodes also help in load balancing the incoming traffic, which provides a better user experience in cases of high authentication traffic.

Overview

Once an ADFS farm has been created, adding additional nodes is quite simple and mostly relies on the same concepts for creating the ADFS farm.… [Keep reading] “Automate Secondary ADFS Node Installation and Configuration”

Ubuntu security hardening for the cloud.

Hardening Ubuntu Server Security For Use in the Cloud

26th of October, 2016 / / 1 Comment

The following describes a few simple means of improving Ubuntu Server security for use in the cloud. Many of the optimizations discussed below apply equally to other Linux based distribution although the commands and settings will vary somewhat.

Azure cloud specific recommendations

  1. Use private key and certificate based SSH authentication exclusively and never use passwords.
  2. Never employ common usernames such as root , admin or administrator.
  3. Change the default public SSH port away from 22.
[Keep reading] “Hardening Ubuntu Server Security For Use in the Cloud”

Are There Sufficient Standards in Cloud Computing Today?

26th of October, 2016 / / No Comments

The hybrid cloud may be a hot topic with adoption growing faster than ever but should we be concerned about a lack of established standards?

What is the Hybrid Cloud?

Private clouds, whether owned or leased, generally consist of closed IT infrastructures accessible only to a business which then makes available resources to it’s own internal customers. Private clouds are often home to core applications where control is essential to the business, they can also offer economies of scales where companies can afford larger, long term investments and have the ability to either run these environments themselves or pay for a managed service.… [Keep reading] “Are There Sufficient Standards in Cloud Computing Today?”

How to make a copy of a virtual machine running Windows in Azure

How to make a copy of a virtual machine running Windows in Azure

6th of October, 2016 / / No Comments

I was called upon recently to help a customer create copies of some of their Windows virtual machines. The idea was to quickly deploy copies of these hosts at any time as opposed to using a system image or point in time copy.
The following PowerShell will therefore allow you to make a copy or clone of a Windows virtual machine using a copy of it’s disks in Azure Resource Manager mode.

Create a new virtual machine from a copy of the disks of another

Having finalized the configuration of the source virtual machine the steps required are as follows.… [Keep reading] “How to make a copy of a virtual machine running Windows in Azure”

Automate ADFS Farm Installation and Configuration

27th of September, 2016 / / No Comments

Originally posted on Nivlesh’s blog @ nivleshc.wordpress.com

Introduction

In this multi-part blog, I will be showing how to automatically install and configure a new ADFS Farm. We will accomplish this using Azure Resource Manager templates, Desired State Configuration scripts and Custom Script Extensions.

Overview

We will use Azure Resource Manager to create a virtual machine that will become our first ADFS Server. We will then use a desired state configuration script to join the virtual machine to our Active Directory domain and to install the ADFS role.… [Keep reading] “Automate ADFS Farm Installation and Configuration”

Azure API Management Step by Step – Use Cases

23rd of September, 2016 / / No Comments

jorge-fotoUse Cases

On this second post about Azure API management, let’s discuss about use cases. Why “Use Cases”?                  

Use cases helps to manage complexity, since it focuses on one specific usage aspect at the time. I am grouping and versioning use cases to facilitate your learning process and helping to keep track with future changes. You are welcome to use these diagrams to demonstrate Azure API management features.

API On-boarding is a key aspect of API governance and first thing to be discussed. [Keep reading] “Azure API Management Step by Step – Use Cases”

Create a Replica Domain Controller using Desired State Configuration

20th of September, 2016 / / No Comments

Originally posted on Nivlesh’s blog @ nivleshc.wordpress.com
Welcome back. In this blog we will continue with our new Active Directory Domain and use Desired State Configuration (DSC) to add a replica domain controller to it, for redundancy.
If you have not read the first part of this blog series, I would recommend doing that before continuing (even if you need a refresher). The first blog can be found at Create a new Active Directory Forest using Desired State Configuration
Whenever you create an Active Directory Domain, you should have, at a minimum, two domain controllers.… [Keep reading] “Create a Replica Domain Controller using Desired State Configuration”

Azure AD Connect – Multi-valued Directory Extensions

16th of September, 2016 / / No Comments

I happened to be at a customer site working on an Azure project when I was asked to cast a quick eye over an issue they had been battling with. They had an Azure AD Connect server synchronising user and group objects between their corporate Active Directory and their Azure AD, used for Office 365 services and other Azure-based applications. Their intention was to synchronise some additional attributes from their Active Directory to Azure AD so that they could be used by some of their custom built Azure applications.… [Keep reading] “Azure AD Connect – Multi-valued Directory Extensions”

Azure Functions or WebJobs? Where to run my background processes on Azure?

14th of September, 2016 / / 14 Comments

functionsvswebjobs-icon

Introduction

Azure WebJobs have been a quite popular way of running background processes on Azure. They have been around since early 2014. When they were released, they were a true PaaS alternative to Cloud Services Worker Roles bringing many benefits like the WebJobs SDK, easy configuration of scalability and availability, a dashboard, and more recently all the advantages of Azure Resource Manager and a very flexible continuous delivery model. My colleague Namit previously compared WebJobs to Worker Roles.[Keep reading] “Azure Functions or WebJobs? Where to run my background processes on Azure?”