Application Development and Integration – Page 33

Automating Source IP Address updates on an Azure Network Security Group RDP Access Rule

25th of April, 2017 / Darren Robinson / No Comments

Recently I’ve migrated a bunch of Virtual Box Virtual Machines to Azure as detailed here. These VM’s are in Resource Groups with a Network Security Group associated that restricts access to them for RDP based on a source TCPIP address. All good practice. However from a usability perspective, when I want to use these VM’s, I’m not always in the same location, and rarely on a connection with a static IP address.
This post details a simple little script that;

Has a couple of variables associated with a Resource Group, Network Security Group, Virtual Machine Name and an RDP Configuration File associated with the VM
Gets the public IP Address of the machine I’m running the script from
Prompts for Authentication to Azure, and retrieves the NSG associated with the Resource Group
Compares the Source IP Address in the ‘RDP’ Inbound Rule to my current IP Address.

… [Keep reading]

Diagnosing FIM/MIM 'kerberos-no-logon-server' error on an Active Directory Management Agent

24th of April, 2017 / Darren Robinson / 1 Comment

Overview

I have a complex customer environment where Microsoft Identity Manager is managing identities across three Active Directory Forests. The Forests all serve different purposes and are contained in different network zones. Accordingly there are firewalls between the zone where the MIM Sync Server is located and two of the other AD Forests as shown in the graphic below.

As part of the project the maintainers of the network infrastructure had implemented rules to allow the MIM Sync server to connect to the other two AD Forests.… [Keep reading] “Diagnosing FIM/MIM 'kerberos-no-logon-server' error on an Active Directory Management Agent”

An alternate method for dealing with Orphaned MetaVerse Objects

20th of April, 2017 / Darren Robinson / No Comments

Update 21 April ’17. The LithnetMIISAutomation PS Module now has a -Force switch for Delete-CSObject
As often happens in development environments, data changes, configurations change and at some point you end up with a whole bunch of objects that are in no-mans land. This happened to me today. I had thousands of objects that we basically empty but had previously triggered to be exported to the MIM Service prior to them actually being deleted from the source management agent.… [Keep reading] “An alternate method for dealing with Orphaned MetaVerse Objects”

Getting Azure 99.95% SLA for Cisco FTD virtual appliances in Azure via availability sets and ARM templates

20th of April, 2017 / Lucian Franghiu / No Comments

First published on Lucian’s blog at Lucian.Blog. Follow Lucian on Twitter: @LucianFrango or connect via LinkedIn: Lucian Franghiu.

In the real world there are numerous lessons learned, experiences, opinions and vendors recommendations that dictate and what constitutes “best practice” when it comes to internet edge security. It’s a can of worms that I don’t want to open as I am not claiming to be an expert in that regard. I can say that I do have enough experience to know that not having any security is a really bad idea and having bank level security for regular enterprise customers can be excessive.… [Keep reading] “Getting Azure 99.95% SLA for Cisco FTD virtual appliances in Azure via availability sets and ARM templates”

Calling WCF client proxies in Azure Functions

17th of April, 2017 / Scott Scovell / 2 Comments

Azure Functions allow developers to write discrete units of work and run these without having to deal with hosting or application infrastructure concerns. Azure Functions are Microsoft’s answer to server-less computing on the Azure Platform and together with Azure ServiceBus, Azure Logic Apps, Azure API Management (to name just a few) has become an essential part of the Azure iPaaS offering.

The problem

Integration solutions often require connecting legacy systems using deprecating protocols such as SOAP and WS-*.… [Keep reading] “Calling WCF client proxies in Azure Functions”

Adapting to the changes in the AzureAD Preview PowerShell Module ADAL Helper Library

13th of April, 2017 / Darren Robinson / No Comments

I’m a big proponent of using PowerShell for integration and automation of Azure Active Directory Services using the Azure AD GraphAPI. You may have seen many of my posts leverage the evolving Azure AD Preview PowerShell Module helper libraries. Lines in my scripts that use this look like the one below. In this case using preview version 2.0.0.52.

# the default path to where the ADAL GraphAPI PS Module puts the Libs
Add-Type -Path 'C:\Program Files\WindowsPowerShell\Modules\AzureADPreview\2.0.0.52\Microsoft.IdentityModel.Clients.ActiveDirectory.dll'

… [Keep reading]

Bulk create and update related configuration objects in FIM/MIM using the Lithnet Import-RMConfig cmdlet

12th of April, 2017 / David Minnelli / 3 Comments

Working on a FIM implementation for a customer, I needed to bulk create and update a number of related Sets and MPRs which granted permissions to users. I could have performed this task a number of ways:

Manually create and update all objects
Scripted in PowerShell using FIM Automation
Scripted using the Lithnet FIM/MIM Service PowerShell Module

I’ve been successfully using the Lithnet FIM/MIM Service PowerShell Module in a number of scripts to query and bulk create objects in the FIM Service which has greatly improved the quality and simplicity of my PowerShell scripts compared to using the FIM Automation module.… [Keep reading] “Bulk create and update related configuration objects in FIM/MIM using the Lithnet Import-RMConfig cmdlet”

Joining Identities between Active Directory and Azure Active Directory using Microsoft Identity Manager

11th of April, 2017 / Darren Robinson / 1 Comment

Introduction

One of the foundations of Identity Management is the ability to join an identity between disparate connected systems. As we extend our management of identities into cloud services this adds a few twists.
A key concept is to use an anchor that is persistent. Something that doesn’t change through a users life-cycle. A user’s Security IDentifier (SID) in Active Directory is perfect. It doesn’t change when a user or group may get renamed. What gets interesting is how the SID is represented when returned using different methods.… [Keep reading] “Joining Identities between Active Directory and Azure Active Directory using Microsoft Identity Manager”

MuleSoft Anypoint Studio in High DPI Mode

5th of April, 2017 / Justin Yoo / No Comments

MuleSoft‘s development platform, Anypoint Studio, is a great tool for service integration. However, if we’re using an OS that supports High DPI mode like Windows 10, its user experience is not quite nice.

Icons are barely recognisable! By the way, this is NOT the issue from the Anypoint Studio side. Rather, it’s the well-known issue that Eclipse has had so far at least since 2013. Anypoint Studio is built on top of Eclipse, so the same issue occurs here.… [Keep reading] “MuleSoft Anypoint Studio in High DPI Mode”

Performing OCR with Azure Cognitive Services and HTML5 Media Capture API

30th of March, 2017 / Justin Yoo / No Comments

There are a few ways to access camera on mobile devices during application development. In our previous post, we used the getUserMedia API for camera access. Unfortunately, as of this writing, not all browsers support this API, so we should provide a fallback approach. On the other hand, HTML5 Media Capture API is backed by almost of all modern browsers, which we can utilise with ease. In this post, we’re going to use Vue.js, TypeScript and ASP.NET… [Keep reading] “Performing OCR with Azure Cognitive Services and HTML5 Media Capture API”