Using client_credentials with Microsoft Graph in Hybrid Exchange setup

If you or your customers are running hybrid Microsoft Exchange deployment and you are using Microsoft Graph, you might have noticed that using the client_credentials grant flow doesn’t really work and ends with errors. Last week, we have had a customer who we have been integrating few systems for, and hit the exactly same issue.

Continue reading “Using client_credentials with Microsoft Graph in Hybrid Exchange setup”

Lost access to Linux VM in Azure and no idea what to do? Check this out…

Last week, we have hit a really interesting issue with our Linux machines in Azure. We “somehow” (will be explained later in the post) managed to get completely locked out of the machine, not even Serial Console could have been used to login. After bunch of time spent by investigating the situation, we managed to get it resolved.

Continue reading “Lost access to Linux VM in Azure and no idea what to do? Check this out…”

Just In Time Access with SharePoint and Microsoft Flow

When you are managing services which deal with customer’s data, sensitive information etc. you should never allow users to directly access the data. Instead, you should use some privileged identity management solution. In this article, we are going to look into how to implement this on our own with the use of SharePoint and Microsoft Flow.

Continue reading “Just In Time Access with SharePoint and Microsoft Flow”

Internal NuGet feed with Azure DevOps (VSTS)

Imagine you have some tools or a framework you want to share with your company and reuse it on various projects. If you develop your tool in .Net standard, then you are in luck. Creating a NuGet package has never been easier.

Continue reading “Internal NuGet feed with Azure DevOps (VSTS)”

Logic Apps foreach and variables

Sometimes we need to work with a variable inside a loop section. Whether it’s a precomputation or just a helper variable. Logic Apps allows us to do so. Yet the variable must be initialized on a global level (above all loops).

Here comes the problem:

By default, foreach runs in parallel, in 20 threads (instances). Now, because there is no such thing as mutex in Logic Apps, there is no way how to create a critical section. Critical section is a section only one thread at a time can enter. That results in dirty reads.

We can solve this problem by running the loop synchronously. You can do that by editing settings of the foreach block.

Now only one thread at a time will execute the foreach loop and no other thread will modify our variable while we work with it.

Azure AD Connect, group-based licensing and proxy addresses

We have had the group-based licensing option available in preview for over a year. While this service is in preview, it makes provisioning hundreds of users from Active Directory really simple.

You simply create users in your on-premise Active Directory, assign them a valid User Principal Name, add them to the correct group and then sync them with Azure AD Connect, right? Not that fast cowboy!

Continue reading “Azure AD Connect, group-based licensing and proxy addresses”

Azure AD authentication for SSH

To be honest, managing authentication in Linux for multiple users/admins can be a huge pain. Different companies use various tools – generally, they use a centralized tool to distribute developer’s SSH keys. This can still be a pain, however if the company has Azure AD (or Office 365), why not to use those accounts for authentication?

Continue reading “Azure AD authentication for SSH”

Setting up ADFS with Azure AD as Dynamics 365 Identity Provider

In previous article, we have looked at the possibility to connect Dynamics 365 on-premise directly with Azure AD, which is on one hand really cool, on the other, it doesn’t provide all the features like mobile apps integration. In this article, we are going to explore a production ready solution by leveraging Active Directory Federation Service and Azure AD as a Claims Provider Trust.

Continue reading “Setting up ADFS with Azure AD as Dynamics 365 Identity Provider”

Using Azure Active Directory for SSO with Dynamics 365 On-Premise

While Dynamics 365’s documentation is full of articles and tutorials about setting it up with Active Directory Federation Services, there is no mention of using Azure Active Directory for Single Sign On. Many replies in communities say that this is not possible, but today we are going to prove them wrong.

Continue reading “Using Azure Active Directory for SSO with Dynamics 365 On-Premise”