JWTDetails PowerShell Module for Decoding JWT Access Tokens with readable Token Expiry Time

31st of July, 2019 / / No Comments

I’ve just published my first PowerShell Module to the PowerShell Gallery. The JWTDetails PowerShell Module contains the get-JWTDetails cmdlet that decodes a JWT Access Token and converts it to a PowerShell Object. But wait, there’s more. The reason I created this module is because I always need to know what is the Expiry Time for a JWT Access Token. The returned PowerShell Object from my get-JWTDetails cmdlet in the JWTDetails Module also includes the expiry date-time in PowerShell DateTime format as ‘expiryDateTime‘.… [Keep reading] “JWTDetails PowerShell Module for Decoding JWT Access Tokens with readable Token Expiry Time”

What’s wrong with removing a RouteTable association with AzureAz Powershell

31st of July, 2019 / / 1 Comment

Originally published on Lucian’s blog, lucian.blog. Follow Lucian on Twitter @LucianFrango.

Background

For a change recently, I needed to disassociate Azure RouteTable’s from subnets, specifically: I needed to this at scale. It wasn’t a matter of a couple of RouteTable’s. Rather, the design had close to a RouteTable per subnet (with many subnets across many VNETs). The environment is also spread across multiple logical zone types and VNETs are also spread across multiple subscriptions.… [Keep reading] “What’s wrong with removing a RouteTable association with AzureAz Powershell”

Darren’s PowerShell Snippets Volume 2

30th of July, 2019 / / No Comments

This is my PowerShell Snippets Volume 2. A collection of PowerShell commands for tasks that I don’t perform often and can’t recall easily from memory. Those ‘I know I’ve worked this out before’ type moments. Volume 1 is available here.

A quick recap.

I live in PowerShell and my memory is pretty good. There are a number of common PowerShell commands and one-liners or functions that I use a lot and I can remember them.[Keep reading] “Darren’s PowerShell Snippets Volume 2”

Tag EBS Volumes with EC2 Instance Name

30th of July, 2019 / / No Comments

AWS environment, there is no automation process to update or create EC2 Server-Name Tags (ex: Tag{key}: Name  Tag{Value}:  ABCSRV001) into attached EBS volumes. The  “Name” tag has to be created manually in volumes.  This is an issue when try to identify  which ec2 instance is, or was, associated with the volume. You should use an Instance ID all the time to search the volume.

Also, this is an issue in CPM backups to identify snapshots due to missing “Name” Tag in EBS Volumes.… [Keep reading] “Tag EBS Volumes with EC2 Instance Name”

An Azure MFA Management Agent for User MFA Reporting using Microsoft Identity Manager

19th of July, 2019 / / No Comments

Microsoft as part of the uplift in Authentication Methods capability have extended the Graph API to contain User Azure MFA information. My customers have been requesting MFA User Reporting data for some time. How many users are registered for Azure MFA? What and how many methods are they registered with? The new Graph API functions provide this information and we no longer have to use the legacy MSOLUser PowerShell cmdlet to obtain the strongAuthenticationMethods information. The new API’s provide;

Azure MFA User Reporting Management Agent

With this new functionality exposed, I’ve built an Azure MFA Management Agent for Microsoft Identity Manager to consume information from the credentialRegistrationDetails API, which can then be used in Identity Workflows to trigger notifications to users that don’t have enough registered methods (e.g.… [Keep reading] “An Azure MFA Management Agent for User MFA Reporting using Microsoft Identity Manager”

Automated Microsoft Identity Manager Configuration Backups & Documentation to Azure

17th of July, 2019 / / No Comments

Two and half years ago I wrote this post on creating an Azure Function to trigger the process of Automating Microsoft Identity Manager Configuration backups. The Azure Function piece was a little obtuse. I was using it, as it was the “new thing” and it was my new hammer. And everything was a nail. The reality is that the rest of the process is completely valid (nightly backups of your development Identity Manager configuration).… [Keep reading] “Automated Microsoft Identity Manager Configuration Backups & Documentation to Azure”

Improve Operational Communications by using Microsoft Teams

16th of July, 2019 / / 1 Comment

Microsoft proudly announced their fastest growing product hit 13 Million+ active users per month. It’s amazing how far the product has come in just 3 years!Infographic showing Microsoft Teams outpacing Slack in daily active users with 13+ million. Slack DAU based on public disclosures, matched with month of disclosure. For dates between disclosures, straightline linear growth was assumed.

It’s safe to say Teams has become the cornerstone of the intelligent workplace powering experiences from content collaboration to chat to modern meetings.  Of late I’ve been working on some not-so-typical use cases, ones that emerged with new features that became available in June 2019.

It reinforces the importance of keeping abreast of product updates as the simplest enhancement can unlock new use cases and drive efficiencies in areas you wouldn’t normally expect.… [Keep reading] “Improve Operational Communications by using Microsoft Teams”

Using AzCopy with Azure Virtual Machines Managed Identity

10th of July, 2019 / / No Comments

The Managed Identities for Azure Resources feature is a free service with Azure Active Directory. Formerly known as Managed Service Identity, Managed Identities for Azure Resources first appeared in services such as Azure Functions a couple of years ago. Much more recent though Azure Copy (AzCopy) now supports Azure Virtual Machines Managed Identity. This negates the need to get and manage SAS keys or certificates, and even the need for installing and leveraging the AzureRM or AzRM PowerShell modules.… [Keep reading] “Using AzCopy with Azure Virtual Machines Managed Identity”

Troubleshooting the SailPoint IdentityNow RACF Connector Gateway Configuration

4th of July, 2019 / / No Comments

Installing and configuring a SailPoint IdentityNow RACF Connector isn’t something you do everyday. It’s probably something you will only over do once or twice it at all. This post is my learnings from troubleshooting the SailPoint IdentityNow RACF Connector Gateway to allow the IdentityNow RACF Source to connect to the RACF Agent on z/OS. The best background reference for such a configuration is this document on Compass. The IdentityNow RACF Connector Gateway can be downloaded from here.… [Keep reading] “Troubleshooting the SailPoint IdentityNow RACF Connector Gateway Configuration”

Configuring a SailPoint IdentityNow JDBC Source with multivalue fields – ‘mergeColumns’

2nd of July, 2019 / / No Comments

Recently I was configuring a SailPoint IdentityNow JDBC Source with data a little different than a simple series of single valued columns. The Source was an Oracle SQL View with around 19 columns of which one key column was multi-valued. It contained a list of the Roles a user is a member of.

Just like doing anything for the first time there was some trial and error before I got the JDBC Source all configured and the Import, Correlation and Aggregation working.… [Keep reading] “Configuring a SailPoint IdentityNow JDBC Source with multivalue fields – ‘mergeColumns’”