Using client_credentials with Microsoft Graph in Hybrid Exchange setup

If you or your customers are running hybrid Microsoft Exchange deployment and you are using Microsoft Graph, you might have noticed that using the client_credentials grant flow doesn’t really work and ends with errors. Last week, we have had a customer who we have been integrating few systems for, and hit the exactly same issue.

Continue reading “Using client_credentials with Microsoft Graph in Hybrid Exchange setup”

Lost access to Linux VM in Azure and no idea what to do? Check this out…

Last week, we have hit a really interesting issue with our Linux machines in Azure. We “somehow” (will be explained later in the post) managed to get completely locked out of the machine, not even Serial Console could have been used to login. After bunch of time spent by investigating the situation, we managed to get it resolved.

Continue reading “Lost access to Linux VM in Azure and no idea what to do? Check this out…”

Best practices for managing students in Active Directory

For quite a long time, we have been running a local service called SkolniLogin.cz which primarily focused on providing SSO experience for various systems at schools (primary and high schools) along with automatic synchronization with the school’s information system. Throughout the time we have hit a lot of edge scenarios, and compiled a best practices guideline.

Continue reading “Best practices for managing students in Active Directory”

Azure AD authentication for SSH

To be honest, managing authentication in Linux for multiple users/admins can be a huge pain. Different companies use various tools – generally, they use a centralized tool to distribute developer’s SSH keys. This can still be a pain, however if the company has Azure AD (or Office 365), why not to use those accounts for authentication?

Continue reading “Azure AD authentication for SSH”

Zabezpečte vaše webové aplikace jednoduše pomocí Azure App Service Authentication

Zabezpečte jednoduše vaší aplikaci bez nutnosti většího zásahu do backendu. App Service Authentication vám pomůže zabezpečit váš web nebo mobilní aplikaci. Toho je dosaženo prostřednictvím federované identity. Uživatel se tedy nepřihlašuje oproti vaší aplikaci, ale je přesměrován na třetí stranu (poskytovatele identit), která jej přihlásí a následně je uživatel přesměrován zpět. Vaše aplikace tedy nemusí uchovávat údaje o identitě uživatele. Pro přihlášení do vaší aplikace si můžete vybrat více poskytovatelů identit.

Continue reading “Zabezpečte vaše webové aplikace jednoduše pomocí Azure App Service Authentication”