How to bypass the Microsoft AAD login Screen for a Federated SSO User when access an AAD integrated application

As more organisations are integrating their SAML applications to AAD instead of ADFS to take advantage of the Azure AD Conditional Access Policy. One user experience issue of the change is that federated users (e.g. using ADFS for single-sign on) are first redirected to default MS AAD Login page. Only when they have entered their UPN, they are redirected to the ADFS page to sign in.

Many customers and end-users have asked if they can be redirected straight to the ADFS page, bypassing the MS login page, especially when migrating an existing ADFS federated application to AAD.… [Keep reading] “How to bypass the Microsoft AAD login Screen for a Federated SSO User when access an AAD integrated application”

JWTDetails PowerShell Module for Decoding JWT Access Tokens with readable Token Expiry Time

I’ve just published my first PowerShell Module to the PowerShell Gallery. The JWTDetails PowerShell Module contains the get-JWTDetails cmdlet that decodes a JWT Access Token and converts it to a PowerShell Object. But wait, there’s more. The reason I created this module is because I always need to know what is the Expiry Time for a JWT Access Token. The returned PowerShell Object from my get-JWTDetails cmdlet in the JWTDetails Module also includes the expiry date-time in PowerShell DateTime format as ‘expiryDateTime‘.… [Keep reading] “JWTDetails PowerShell Module for Decoding JWT Access Tokens with readable Token Expiry Time”

Tag EBS Volumes with EC2 Instance Name

AWS environment, there is no automation process to update or create EC2 Server-Name Tags (ex: Tag{key}: Name  Tag{Value}:  ABCSRV001) into attached EBS volumes. The  “Name” tag has to be created manually in volumes.  This is an issue when try to identify  which ec2 instance is, or was, associated with the volume. You should use an Instance ID all the time to search the volume.

Also, this is an issue in CPM backups to identify snapshots due to missing “Name” Tag in EBS Volumes.… [Keep reading] “Tag EBS Volumes with EC2 Instance Name”

Microsoft Teams – Direct Routing – Part 2

Continuation from the previous blog discussing the configuration and setup of Sonus SBC as well as O365 tenant to support Microsoft Teams direct routing.

Certificate Requirement

All deployed SBC(s) must have a public certificate from a supported Public CA. When generating the CSR, the private key size should be at least 2048.
Note: onmicrosoft.com domain for certificate is not supported.

Thomas Poett has a great article around certificates. His article can be found here:

Direct Routing Certificate Requirement

Wildcard certificate is also supported on Sonus SBC for Direct Routing.… [Keep reading] “Microsoft Teams – Direct Routing – Part 2”

Microsoft Teams – Direct Routing Deloyment – Part 1

Background

The deployment configuration below has been done in Australia and will cover all the requirements and configuration to be able to get Direct Routing up and running without any issues.

Voice gateway used for Enterprise Voice – Sonus Session Border Controller (SBC) 2000.

Note: The same configuration holds good for Sonus SBC 1000.

Pre-requisites

If media bypass is required for the deployment, the gateway will require a public IP address. Also note that in order for media bypass to successfully work, the Teams users in the corporate network will need to route to the public interface of the SBC, as such firewall rules need to be amended to allow this.… [Keep reading] “Microsoft Teams – Direct Routing Deloyment – Part 1”

Microsoft Teams Announcements and New Features – Enhance your meetings today

Microsoft Teams has just turned 2. To celebrate, new features have been announced and are coming your way soon. With this wave of new features there aren’t many reasons left not to adopt Microsoft Teams. Many of our customers are embracing Teams as they see the value in a connected collaboration experience that brings together voice, chat, content & meetings.

For me, nothing beats a face-to-face meeting. Though, as people embrace flexible working, are geographically distributed or constantly on the go, connecting with others can be challenging.… [Keep reading] “Microsoft Teams Announcements and New Features – Enhance your meetings today”

Outbound proxy considerations and Office 365 consumption

If you are looking at cloud services for your organisation, it is likely you have had a conversation with your security and network teams about what part a proxy service is going to play. If you’ve not had that conversation yet, there’s a good chance you will soon… Now before I get too much into this, let me just say; if you can get away without the use of an outbound proxy when implementing Office 365 or Azure services, then don’t use one.… [Keep reading] “Outbound proxy considerations and Office 365 consumption”

Forward a Microsoft Teams Auto Attendant call to an external number

A number of customers I work with have a fairy simple inbound call flow process for their service desk.

During business hours, a call comes in and hits a queue that has a number of service desk agents assigned to it. The agent answers the call, and everything is honky-dory.

After business hours though, the call is forwarded to an external call handling service. Typically, this isn’t a major issue with most phone systems – you just route the call to an external number.… [Keep reading] “Forward a Microsoft Teams Auto Attendant call to an external number”

Using Liquid transformations in Logic Apps… for free!

Microsoft offers a few different solutions to perform message transformations in Logic Apps. One of them I described before in ‘Translating JSON messages with Logic Apps’. Liquid is considered as the new way forward to translate JSON and XML messages. XSLT still has strong support if you’re working with XML documents but if you’re working with the JSON message format Liquid is your friend.

Liquid is an open source template language created by Shopify.… [Keep reading] “Using Liquid transformations in Logic Apps… for free!”

Create Office365 business value through the power of limitation

Recent consulting engagements have found me helping customers define what Office365 means to them & what value they see in its use. They are lucky to have licenses and are seeking help to understand how they drive value from the investment.

You’ve heard the sales pitches: Office365 – The platform to solve ALL your needs! From meetings, to document management, working with people outside your organisation, social networking, custom applications, business process automation, forms & workflow, analytics, security & compliance, device management…the list goes on and is only getting bigger!… [Keep reading] “Create Office365 business value through the power of limitation”