Building SailPoint IdentityNow Azure AD Source Filters

26th of March, 2019 / / No Comments

When you have a large Azure AD tenant it is likely that you want to scope your SailPoint IdentityNow Source based on the different type of identities it contains. Using the Filtering and Scoping section of the Azure AD Source Configuration Guide from Compass I first started constructing queries as I normally would with Azure AD against the Microsoft Graph API.

However the queries/filters I was using against Microsoft Graph were not working for the Azure AD IdentityNow Source.… [Keep reading] “Building SailPoint IdentityNow Azure AD Source Filters”

Plugging the Gaps in Azure Policy – Part Two

18th of March, 2019 / / No Comments

Introduction

Welcome to the second and final part of my blogs on how to plug some gaps in Azure Policy. If you missed part one, this second part isn’t going to be a lot of use without the context from that, so maybe head on back and read part one before you continue.

In part one, I gave an overview of Azure Policy, a basic idea of how it works, what the gap in the product is in terms of resource evaluation, and a high-level view of how we plug that gap.… [Keep reading] “Plugging the Gaps in Azure Policy – Part Two”

Plugging the Gaps in Azure Policy – Part One

14th of March, 2019 / / 2 Comments

Introduction

Welcome to the first part of a two part blog on Azure Policy. Multi-part blogs are not my usual style, but the nature of blogging whilst also being a full time Consultant is that you slip some words in when you find time, and I was starting to feel if I wrote this in a single part, it would just never see the light of day. Part one of this blog deals with the high-level overview of what the problem is, and how we solved it at a high level, part two will include the icky sticky granular detail, including some scripts which you can shamelessly plagiarise.… [Keep reading] “Plugging the Gaps in Azure Policy – Part One”

Changing SailPoint IdentityNow Identity Profiles Priorities using PowerShell

13th of March, 2019 / / No Comments 
Update: Oct 2019. IdentityNow Profiles Priorities can be easily managed using the SailPoint IdentityNow PowerShell Module.

In SailPoint IdentityNow a single user is highly likely to be represented on multiple Sources, that in turn are likely to be authoritative for differing SailPoint IdentityNow Identity Profiles. Often the first or last Identity Profile you create isn’t the one you wish to have the highest or lowest profile and you therefore need to change an Identity Profiles precedence so that the correct Identity Profile is associated with your identities.… [Keep reading] “Changing SailPoint IdentityNow Identity Profiles Priorities using PowerShell”

Deploy a Geo-redundant Web App behind an Azure Traffic manager using an ARM template.

12th of March, 2019 / / No Comments

This blog will guide you on how to deploy a Web App, App service plan in different geographical locations using Azure Traffic Manager to provide Geo redundancy.  I will discuss these concepts below and provide the necessary steps to achieve this .

We will familiarize ourselves with the terminology and the technologies which will be used in the blog to build out our solution:

  1. Azure APP Services
  2. Azure App Service plan
  3. App Service Editor
  4. Traffic Manager

 

1.Azure[Keep reading] “Deploy a Geo-redundant Web App behind an Azure Traffic manager using an ARM template.”

SailPoint IdentityNow Identity Profiles Mapping Report

12th of March, 2019 / / No Comments

Last year I wrote this post here that detailed using the SailPoint IdentityNow API to generate an IdentityNow Sources HTML Report using PowerShell.
In a similar vein here is a post that does a similar function, but for the IdentityNow Identity Profiles. The example script below will connect to IdentityNow and extract all the Identity Profiles and pull out the details for the Mappings and create an HTML Report with a section for each Identity Profile.… [Keep reading] “SailPoint IdentityNow Identity Profiles Mapping Report”

SharePoint Modern Sites hacktips – Manage Client-Side Pages via PnP PowerShell

8th of March, 2019 / / 1 Comment

Sometimes I get requirements when projects require a full width layout pages in Team Sites or would like to create a page which is System maintained, so users cannot edit those pages. In this blog, we will look at some of these options and how easy it is to set them up using PnP PowerShell

Set Full Width Layout pages using PnP PowerShell

By default, any new page that is created in Team site gets a left-hand navigation (Article Layout) when created through UI.… [Keep reading] “SharePoint Modern Sites hacktips – Manage Client-Side Pages via PnP PowerShell”

Darren’s PowerShell Snippets Volume 1

8th of March, 2019 / / No Comments

I live in PowerShell and my memory is pretty good. There are a number of common PowerShell commands and one-liners or functions that I use a lot and I can remember them. However, then there are the ones I use less regularly and I often find myself trying to recall the last time I used them in a script, in order to locate that script just to get those couple of lines. So I’m posting a bunch of them in this post, if for nothing else to help me find them quickly.… [Keep reading] “Darren’s PowerShell Snippets Volume 1”

Aggregating SailPoint IdentityNow Sources via API with PowerShell

6th of March, 2019 / / No Comments 
Update: Oct 2019. Aggregating Sources can be easily managed using the SailPoint IdentityNow PowerShell Module.

Aggregating an IdentityNow Source can be achieved in a number of ways, but when you are in a development environment there will be times where you need to add additional attributes for a Source to load. If the additional attribute(s) is/are used for Correlation, it’s at this time you will need to perform a full aggregation from a Source to re-evaluate each object with the new Correlation rules and to bring in the additional attributes for each identity on the Source.… [Keep reading] “Aggregating SailPoint IdentityNow Sources via API with PowerShell”

Creating SailPoint IdentityNow Access Profiles via API and PowerShell

5th of March, 2019 / / No Comments 
Update: Oct 2019. Access Profiles can be easily managed using the SailPoint IdentityNow PowerShell Module.

Managing SailPoint IdentityNow Access Profiles is easy enough to do using the SailPoint IdentityNow Portal. But what if you have the requirement to update, report on, or create numerous Access Profiles? That’s where the SailPoint IdentityNow API comes into play. The Access Profiles API is documented here but doesn’t go into a lot of detail. In this post I’ll detail interfacing with it using PowerShell primarily to create and update Access Profiles.… [Keep reading] “Creating SailPoint IdentityNow Access Profiles via API and PowerShell”