Managing AD Terminal Services Configuration with FIM / MIM using the Granfeldt PowerShell Management Agent

2nd of February, 2016 / Darren Robinson / No Comments

Forefront / Microsoft Identity Manager contains numerous Management Agents (MA’s) out of the box. However an MA for managing AD Terminal Services user configuration isn’t one of them. And at first pass you’d think you could just manipulate a few attributes in AD on an AD MA like you do for home directories (aside from creating the file and permissions on the filesystem) and you’d be done. Don’t worry, I made that wrong assumption too.

Overview

In this blog post I’ll document how you can enable Active Directory users with the necessary attributes and file system elements utilising Søren Granfeldt’s extremely versatile PowerShell Management Agent.… [Keep reading] “Managing AD Terminal Services Configuration with FIM / MIM using the Granfeldt PowerShell Management Agent”

Provisioning Home Directories for Active Directory Users with FIM / MIM using the Granfeldt PowerShell Management Agent

29th of January, 2016 / Darren Robinson / 1 Comment

Forefront / Microsoft Identity Manager contains numerous Management Agents (MA’s) out of the box. However an MA for creating user home directories and setting the associated permissions isn’t one of them.

Over the years I’ve accomplished home directory provisioning and permissioning in Active Directory / Windows File Services and Novell eDirectory / Novell File Services using methods that aren’t strictly best practice / supported (e.g. calling native libraries from within a Management Agent Extension to create/manage/delete etc).… [Keep reading] “Provisioning Home Directories for Active Directory Users with FIM / MIM using the Granfeldt PowerShell Management Agent”

Provisioning Users for Lync / Skype for Business with FIM / MIM using the Granfeldt PowerShell Management Agent

28th of January, 2016 / Darren Robinson / No Comments

Forefront / Microsoft Identity Manager contains numerous Management Agents (MA’s) out of the box. However, a MA for Lync / Skype for Business isn’t one of them.

Over the years I’ve accomplished lifecycle management for users in Lync via FIM using methods that aren’t strictly best practice / supported (e.g. calling PowerShell from within a Management Agent Extension to enable/disable/manage policies). Whilst this functionally works the ability for end customers to maintain the implementation for changes is limited.… [Keep reading] “Provisioning Users for Lync / Skype for Business with FIM / MIM using the Granfeldt PowerShell Management Agent”

Provision Users for Exchange with FIM/MIM 2016 using the Granfeldt PowerShell MA, avoiding the AD MA (no-start-ma) error

27th of January, 2016 / Darren Robinson / 6 Comments

Forefront / Microsoft Identity Manager provides Exchange Mailbox provisioning out of the box on the Active Directory Management Agent. I’ve used it in many many implementations over the years. However, in my first MIM 2016 implementation in late 2015 I ran into issues with something I’d done successfully many times before.

I was getting “no-start-ma” on the AD MA on export to AD. The point at which the MA sets up its connection to the Exchange environment.… [Keep reading] “Provision Users for Exchange with FIM/MIM 2016 using the Granfeldt PowerShell MA, avoiding the AD MA (no-start-ma) error”

Easy Debugging of PowerShell DSC for Azure Virtual Machines

11th of January, 2016 / Simon Waight / 6 Comments

Many of the Kloud team have recently been buried deep in the world of Azure Resource Manager (ARM) as it becomes the preferred way to create and manage Azure resources.

One extension point offered via ARM for Virtual Machine automation is the use of PowerShell Desired State Configuration (DSC) to control the Windows OS (and now Linux too!) and application software setup on a VM post creation.

I hadn’t touched PowerShell DSC much prior to the last year and have found that it’s not that hard to pick up, especially if you come from a programming, scripting or Linux sysadmin background.… [Keep reading] “Easy Debugging of PowerShell DSC for Azure Virtual Machines”

Implementing Application with Office 365 Graph API in App-only Mode

14th of December, 2015 / Justin Yoo / 9 Comments

Microsoft has recently release Microsoft Graph to easily integrate Office 365 resources with applications. Graph API basically provides one single endpoint to call bunch of Web APIs to get access Office 365 resources.

In order to use Graph API from another application, the application must be registered in Azure Active Directory (AAD) first. When the application is registered, we can choose how the application is permitted to use resources – application permissions or delegate permissions. The latter one typically requires users to provide user credentials like username and password to get a proper access token.… [Keep reading] “Implementing Application with Office 365 Graph API in App-only Mode”

Testable Entity Filtering for Service Context on Dynamics CRM 2015

2nd of December, 2015 / Justin Yoo / 1 Comment

MS Dynamics CRM provides several web service endpoints. This is one of those endpoints, for organisation service.

One of the greatest benefits using this endpoint is to create a context class derived from CrmOrganizationServiceContext, which works as like DbContext from Entity Framework. The context class can be generated by CrmSvcUtil.exe that is shipped in CRM SDK.

When you directly run the following command in the Command Prompt screen, or put the command in build.bat… [Keep reading] “Testable Entity Filtering for Service Context on Dynamics CRM 2015”

Creating a simple nodejs API on AWS (including nginx)

26th of November, 2015 / Ben Martin / 3 Comments

On a recent project I was part of a team developing an AngularJS website with a C# ASP.NET backend API hosted in Azure. It was a great project as I got to work with a bunch of new tools, but it got me wondering on how simple it could be to use a Javascript API instead. That way the entire development stack would be written in Javascript.

And so a personal project was born. To create a simple JS API and get it running in the cloud.… [Keep reading] “Creating a simple nodejs API on AWS (including nginx)”

Resource Manager Cmdlets in Azure PowerShell 1.0

24th of November, 2015 / Justin Yoo / 5 Comments

Azure recently launched the 1.0 version of PowerShell cmdlets. The changes are huge, including new Azure Resource Manager (ARM), which resulted in deprecating Azure-SwitchMode between ASM and ARM. In this post, we only have a brief look at how new PowerShell cmdlets for ARM have been introduced, especially for managing resource groups and templates.

Installation

In order to get the newest Azure PowerShell, using MS Web Platform Installer is the quickest and easiest way.

Note: At the moment of writing, the released date of Azure PowerShell is Nov.

… [Keep reading]

Implementing a WCF Client with Certificate-Based Mutual Authentication without using Windows Certificate Store

23rd of November, 2015 / Paco de la Cruz / 9 Comments

Windows Communication Foundation (WCF) provides a relatively simple way to implement Certificate-Based Mutual Authentication on distributed clients and services. Additionally, it supports interoperability as it is based on WS-Security and X.509 certificate standards. This blog post briefly summarises mutual authentication and covers the steps to implement it with an IIS hosted WCF service.

Even though WCF’s out-of-the-box functionality removes much of the complexity of Certificate-Based Mutual Authentication in many scenarios, there are cases in which this is not what we need.… [Keep reading] “Implementing a WCF Client with Certificate-Based Mutual Authentication without using Windows Certificate Store”