Preventing double-app-loading behaviour with ADAL.js

Microsoft’s JavaScript implementation of its Azure Active Directory Authentication Library (ADAL.js) allows for some great client-side-only Single Page App (SPA) scenarios.
Unfortunately (as with most things auth-related), there are some gotcha’s to be aware of. One relates to how ADAL obtains refresh tokens in this crazy world of implicit auth.

Implicit Auth Flow

Implicit auth allows for the application developer to not have to host their own token authentication service. The ADAL.js and the Azure AD auth endpoint do all the heavy lifting:

It’s the bottom third of the diagram (after the token expires) that causes the issue I am addressing in this post.… [Keep reading] “Preventing double-app-loading behaviour with ADAL.js”

Creating your own PowerShell modules for Azure Automation – Part 1

Creating a PowerShell module is an easy way to create scripts you can use over and over again. If you Google  this you’ll find that to create a module is as simple as creating a PowerShell Script with the psm1 extension. However, that won’t work for Azure. Azure loads modules automatically, so you need to write your module to load automatically as well. To ensure a module loads correctly, you’ll need to create a module manifest file.… [Keep reading] “Creating your own PowerShell modules for Azure Automation – Part 1”

'Strong Name Verification' Issue with adding new Connectors in AAD Connect

I’ve been updating and installing the latest versions of AAD Connect recently (v1.1.750.0 to the latest v1.1.819.0) and noticed that I could not create a brand new custom ‘Connector’ using any of the following out of the box Connector templates:

  • Generic SQL
  • Generic LDAP (didn’t happen to me but I’ve seen reports it’s impacting others)
  • PowerShell
  • Web Service

The message in the AAD Connect Synchronisation Engine would appear as:
“The extension could not be loaded”
each time I tried to create a Connector with any of the above templates.… [Keep reading] “'Strong Name Verification' Issue with adding new Connectors in AAD Connect”

Removing Specific Azure Tags – PowerShell

Azure Tags

You apply tags to your Azure resources to logically organize them by categories. Each tag consists of a name and a value. For example, you can apply the name “Environment” and the value “Production” to all the resources in production.
After you apply tags, you can retrieve all the resources in your subscription with that tag name and value. Tags enable you to retrieve related resources from different resource groups. This approach is helpful when you need to organize resources for billing or management.… [Keep reading] “Removing Specific Azure Tags – PowerShell”

Automation and Creation of Office 365 groups using Flow, Microsoft Graph and Azure Function – Part 2

In the Part 1 blog here, we discussed an approach for the Group creation process and important considerations for provisioning groups. In this blog, we will look at getting a Graph App ID and App secret for invoking the graph service and then implementation of the group provisioning process.
MS Graph App Set up
Before we start creating groups we will need to set up a Graph App that will be used to create the group in the Office 365 tenancy.… [Keep reading] “Automation and Creation of Office 365 groups using Flow, Microsoft Graph and Azure Function – Part 2”

Key Vault Secrets and ARM Templates

What is Azure Key Vault

Azure Key Vault helps safeguard cryptographic keys and secrets used by cloud applications and services. By using Key Vault, you can encrypt keys and secrets (such as authentication keys, storage account keys, data encryption keys, .PFX files, and passwords) using keys protected by hardware security modules (HSMs).
Key Vault streamlines the key management process and enables you to maintain control of keys that access and encrypt your data. Developers can create keys for development and testing in minutes, and then seamlessly migrate them to production keys.… [Keep reading] “Key Vault Secrets and ARM Templates”

Set up a Microsoft Graph App for Office 365 and SharePoint Online management to use in Azure Functions, Flow, .Net solutions and much more

Microsoft Graph API can be used to connect and manage the Office 365 SaaS platforms such as SharePoint Online, Office 365 Groups, One Drive, OneNote, Azure AD, Teams (in beta) and much more.
A Graph app is an Azure AD app that has privileges (with provided permissions) to authenticate and then execute operations when using PowerShell, Azure Functions, Flow, Office Online CSOM, SharePoint Online and many other tools.
It is quite easy to set up a graph app, below is a brief preview of the process.… [Keep reading] “Set up a Microsoft Graph App for Office 365 and SharePoint Online management to use in Azure Functions, Flow, .Net solutions and much more”

Azure Policy for Auditing VM Tags

Azure Policy

Azure Policy is a service in Azure that you use to create, assign and, manage policy definitions. Policy definitions enforce different rules and actions over your resources, so those resources stay compliant with your corporate standards and service level agreements. Azure Policy runs an evaluation of your resources, scanning for those not compliant with the policy definitions you have.
Ref: https://docs.microsoft.com/en-us/azure/azure-policy/azure-policy-introduction
Mentioned below are the steps required for configuring Azure policies to monitor tags
Step 1 : Login on to the Azure Portal and search for Policy.… [Keep reading] “Azure Policy for Auditing VM Tags”

OMS Patching – Active Directory Groups

OMS : Update Management Solution in Azure 
The Update Management solution in Azure automation allows you to manage operating system updates for your Windows and Linux computers deployed in Azure, on-premises environments, or other cloud providers. You can quickly assess the status of available updates on all agent computers and manage the process of installing required updates for servers.
Ref: https://docs.microsoft.com/en-us/azure/automation/automation-update-management
This blog details the steps required for configuring patching through Azure OMS service.
Assumptions: 

  • The OMs client is installed on all the VMs.
[Keep reading] “OMS Patching – Active Directory Groups”

Automation and Creation of Office 365 groups using Flow, Microsoft Graph and Azure Function – Part 1

Automating the creation of Office 365 groups via an event triggered process can help business teams use a consistent template across all their groups, especially if there are numerous groups provisioned throughout the year.
For example, in our case we have 500+ custom Office 365 groups that are created and maintained each year. Hence in this case it became obvious we wanted to spin up an Office 365 group from a SharePoint list where users could make the request on their own.… [Keep reading] “Automation and Creation of Office 365 groups using Flow, Microsoft Graph and Azure Function – Part 1”