What’s wrong with removing a RouteTable association with AzureAz Powershell

Originally published on Lucian’s blog, lucian.blog. Follow Lucian on Twitter @LucianFrango.

Background

For a change recently, I needed to disassociate Azure RouteTable’s from subnets, specifically: I needed to this at scale. It wasn’t a matter of a couple of RouteTable’s. Rather, the design had close to a RouteTable per subnet (with many subnets across many VNETs). The environment is also spread across multiple logical zone types and VNETs are also spread across multiple subscriptions.… [Keep reading] “What’s wrong with removing a RouteTable association with AzureAz Powershell”

Darren’s PowerShell Snippets Volume 2

This is my PowerShell Snippets Volume 2. A collection of PowerShell commands for tasks that I don’t perform often and can’t recall easily from memory. Those ‘I know I’ve worked this out before’ type moments. Volume 1 is available here.

A quick recap.

I live in PowerShell and my memory is pretty good. There are a number of common PowerShell commands and one-liners or functions that I use a lot and I can remember them.[Keep reading] “Darren’s PowerShell Snippets Volume 2”

An Azure MFA Management Agent for User MFA Reporting using Microsoft Identity Manager

Microsoft as part of the uplift in Authentication Methods capability have extended the Graph API to contain User Azure MFA information. My customers have been requesting MFA User Reporting data for some time. How many users are registered for Azure MFA? What and how many methods are they registered with? The new Graph API functions provide this information and we no longer have to use the legacy MSOLUser PowerShell cmdlet to obtain the strongAuthenticationMethods information. The new API’s provide;

Azure MFA User Reporting Management Agent

With this new functionality exposed, I’ve built an Azure MFA Management Agent for Microsoft Identity Manager to consume information from the credentialRegistrationDetails API, which can then be used in Identity Workflows to trigger notifications to users that don’t have enough registered methods (e.g.… [Keep reading] “An Azure MFA Management Agent for User MFA Reporting using Microsoft Identity Manager”

Automating RACF Administration with PowerShell

Automating RACF Administration with PowerShell? Yes, I’m writing this post from the past as it is 2019 and certain technologies are not in my job description anymore like Faxing Solutions and Mainframe Administration. I guess its been one of those months. Recently I needed to automate some RACF Administration tasks. Naturally I wanted to perform this with my favourite scripting tool, PowerShell.

After much searching, I couldn’t find any references to anyone doing such a thing.… [Keep reading] “Automating RACF Administration with PowerShell”

Microsoft Identity Manager PowerShell Management Agent for Oracle Internet Directory

Why a FIM/MIM PowerShell Management Agent for Oracle Internet Directory? Why not just use the Generic LDAP Connector for Microsoft Identity Manager? I needed an integration solution that was able to update an Oracle Database behind Oracle Internet Directory. That meant I required a solution that was able to use LDAP to get visibility as to who/what was in OID, but then make updates into an Oracle DB. That functionality I wanted to be contained on a single Management Agent, not an MA for the Database and another for LDAP.… [Keep reading] “Microsoft Identity Manager PowerShell Management Agent for Oracle Internet Directory”

Azure NSG security rule management like a boss with PowerShell and CSVs

Originally this blog post was posted on Lucian’s blog. Check it out, or check him out on @LucianFrango on Twitter.

* * *

Network Security Groups (NSG) are pretty good. I don’t mind them that much as for what they are, they do a good job. Designing them can be a little tricky, having to know all the nuances of working with them. When it comes to implementing them, changing them at scale… well that’s where things can be a little tiresome.… [Keep reading] “Azure NSG security rule management like a boss with PowerShell and CSVs”

Querying Oracle Internet Directory (LDAP) with PowerShell

If you are an IT Professional it is highly likely you are very familiar with Microsoft Active Directory and in turn PowerShell and LDAP. At some point though you may need to integrate with another LDAP directory such as Oracle Internet Directory and you find it isn’t as straight forward as Active Directory and the rich tooling it comes with. I’ve had to create interfaces with numerous LDAP directories over the years but its been quite a long time since I had to integrate with Oracle Internet Directory.… [Keep reading] “Querying Oracle Internet Directory (LDAP) with PowerShell”

Using PowerShell to query Oracle DB’s without using the Oracle Client – Oracle Data Provider for .NET

With every Identity and Access Management project comes the often tactical integration with heritage/legacy systems that can often assist with their decommissioning. That is exactly what I was having to do a couple of weeks ago with Oracle. My public frustration with installing the Oracle Client on a Windows Server 2016 host to allow me to integrate Microsoft Identity Manager with Oracle saw me rewarded with an unsolicited but fantastic response from Sylvan Laurence. The suggestion was to use the Oracle Data Provider for .NET The key benefit here is NO Oracle Client Install Required, and I can leverage the library with PowerShell.… [Keep reading] “Using PowerShell to query Oracle DB’s without using the Oracle Client – Oracle Data Provider for .NET”

Get/Update SailPoint IdentityNow Global Reminders and Escalation Policies

SailPoint IdentityNow Access Requests for Roles or Applications usually require approvals which are configured on the associated Role or Application. The Approval could be by the Role/Application Owner, a Governance Group or the Requestor’s Manager. However for reminders and escalation policies the configuration is only available to be retrieved and set via the API. The SailPoint Identity Now api/v2/org API is used to configure these Global Reminders and Escalation Policies.

This post details how to get the configuration of your IdentityNow Org along with updating the the Global Reminders and Escalation Policies.… [Keep reading] “Get/Update SailPoint IdentityNow Global Reminders and Escalation Policies”

Windows Terminal with Tabs, on Steroids

At Microsoft Build last week, one of the many announcements was a new Windows Terminal.

If you spend anytime as an IT Support Person/ DevOps type role and you checkout that second link above you’ll be mightily keen for this new Terminal.

Tabs in a Terminal Window YES (heck I remember paying for a product to provide that to me in a browser) 15+ years ago; a Terminal Window that is a standard command prompt (with Unicode Support) YES; a Terminal Window for cross platform, CMD, PowerShell, PowerShell Core, Windows Subsystem for Linux DAMN YES. … [Keep reading] “Windows Terminal with Tabs, on Steroids”