Creating an AzureAD WebApp using PowerShell to leverage Certificate Based Authentication

17th of August, 2017 / / No Comments

Introduction

Previously I’ve posted about using PowerShell to access the Microsoft AzureAD/Graph API in a number of different ways. Two such examples I’ve listed below. The first uses a Username and Password method for Authentication, whilst the second uses a registered application and therefore ClientID and Client Secret.

As time has gone on I have numerous WebApp’s doing all sorts of automation.… [Keep reading] “Creating an AzureAD WebApp using PowerShell to leverage Certificate Based Authentication”

Swashbuckle Pro Tips for ASP.NET Web API – Example(s) Using AutoFixture

13th of August, 2017 / / 2 Comments

In the previous post, we implemented IOperationFilter of Swashbuckle to emit the consumes and produces properties in a Swagger document. This post will implement another IOperationFilter to emit example(s) properties containing auto-generated values by AutoFixture.

The sample codes used in this post can be found here.

Acknowledgement

The sample application uses the following spec:

[Keep reading] “Swashbuckle Pro Tips for ASP.NET Web API – Example(s) Using AutoFixture”

Synchronizing Passwords from Active Directory to the IBM/Lotus Domino Identity Vault using Microsoft Identity Manager – Part 3

11th of August, 2017 / / No Comments

Introduction

As the title suggests this is Part 3, and the final part in a three-part post on configuring FIM/MIM to synchronise users passwords from AD to the Domino ID Vault via PCNS and FIM/MIM.
Part 1 here detailed the creation of a PowerShell Management Agent to join users from Domino to the MIM Sync Metaverse.
Part 2 here detailed the creation and configuration of the Domino Agents to receive password changes via the PS MA into the ID Vault.… [Keep reading] “Synchronizing Passwords from Active Directory to the IBM/Lotus Domino Identity Vault using Microsoft Identity Manager – Part 3”

UPDATED: Identifying Active Directory Users with Pwned Passwords using Microsoft/Forefront Identity Manager

10th of August, 2017 / / No Comments

Earlier this week I posted this blog post that showed a working example of using a custom Pwned Password FIM/MIM Management Agent to flag a boolean attribute in the MIM Service to indicate whether a users password is in the pwned password dataset or not. If you haven’t read that post this won’t make a lot of sense, so read that then come back.
The solution when receiving a new password for a user (via Microsoft Password Change Notification Service) was checking against the Have I Been Pwned API.… [Keep reading] “UPDATED: Identifying Active Directory Users with Pwned Passwords using Microsoft/Forefront Identity Manager”

SharePoint Online forecast storage requirements

10th of August, 2017 / / No Comments

Background

Office 365 users get quite a bit of storage on SharePoint Online for content, be it files, metadata, etc. But still to manage the storage and forecast as to when additional storage has to be added becomes a challenge with very limited analytics available in SharePoint Online. Since adding more storage cost money so adding before you actually require or a bit too late would not be ideal.
SharePoint Online provides two ways to track the storage one from the admin center and other one from within the site collection using Storage metrics.… [Keep reading] “SharePoint Online forecast storage requirements”

SharePoint Online external user access error "User Not in directory"

10th of August, 2017 / / No Comments

Background

Organization wants to share their SharePoint online site collection, documents and collaborate with external partners, vendors or customers. By default site collection are shared to internal user’s only. But this can be extended to authenticated external users or also with limited sharing to anonymous users. External users do not have a license to office 365 subscription, they are limited to basic collaboration tasks.
I had recently enabled external access for site collection on the SPO tenant only to selected domains and authenticated external users.… [Keep reading] “SharePoint Online external user access error "User Not in directory"”

Making application configuration files dynamic with confd and Azure Redis

10th of August, 2017 / / No Comments

Service discovery and hot reconfiguration is a common problem we face in cloud development nowadays. In some cases we can rely on an orchestration engine like Kubernetes to do all the work for us. In other cases we can leverage a configuration management system and do the orchestration ourselves. However, there are still some cases where either of these solutions are impractical or just too complex for the immediate problem… and you don’t have a Consul cluster at hand either :(.… [Keep reading] “Making application configuration files dynamic with confd and Azure Redis”

Synchronizing Passwords from Active Directory to the IBM/Lotus Domino Identity Vault using Microsoft Identity Manager – Part 1

9th of August, 2017 / / No Comments

Introduction

Recently I wrote about getting started with the latest IBM/Lotus Notes/Domino Management Agent for Microsoft Identity Manager. In a recent engagement we are using that MA to provision and manage identities into Domino. We are also using the MA to synchronise passwords via PCNS and MIM to the Notes users’ Internet (HTTP) password.
What you may or may not be aware of is that IBM introduced a new feature with Domino 8.5 called the ID Vault.… [Keep reading] “Synchronizing Passwords from Active Directory to the IBM/Lotus Domino Identity Vault using Microsoft Identity Manager – Part 1”

Build from source and package into a minimal image with the new Docker Multi-Stage Build feature

5th of August, 2017 / / No Comments

Confd is a Golang written binary that can help us make configuration files dynamic. It achieves this by providing a templating engine that is driven by backend data stores like etcd, consul, dynamodb, redis, vault, zookeeper.

https://github.com/kelseyhightower/confd

A few days ago I started putting together a BYO load-balancing PoC where I wanted to use confd and Nginx. I realised however that some features that I needed from confd were not yet released. Not a problem; I was able to compile the master branch and package the resulting binary into an Nginx container all in one go, and without even having Golang installed on my machine.… [Keep reading] “Build from source and package into a minimal image with the new Docker Multi-Stage Build feature”

Swashbuckle Pro Tips for ASP.NET Web API – Content Types

4th of August, 2017 / / 4 Comments

Open API 2.0 (AKA Swagger) is a de-facto standard to document Web API. For ASP.NET Web API applications, Swashbuckle helps developers build the Swagger definition a lot easier. As Swashbuckle hasn’t fully implemented the Swagger specification, we need to develop some extensions using a few interfaces provided by Swashbuckle. In this post we’re going to talk about a couple of extensions to make Swagger definition more completed.… [Keep reading] “Swashbuckle Pro Tips for ASP.NET Web API – Content Types”