Create the Azure B2C Local accounts in bulk
IDMFUN - More than just Identity & Access Management
by
5M ago
Creating Azure B2C local accounts with randomly generated passwords-  # Install required modules (if not already installed) Import-Module Microsoft.Graph Import-Module ImportExcel # Variables $clientId = "<<clientid>>" $clientSecret = "<<clientsecret>>" $tenantId = "<<tenantid>>" $issuerDomain = "<<domain>>.onmicrosoft.com"  # The Azure B2C issuer domain # FilePath to your Excel file $excelFilePath = "C:\Stage\PowershellScript\users.xlsx" $logFilePath = "C:\Stage\PowershellScript\logfile.txt" # Function to authenticate and get an acc ..read more
Visit website
Powershell script to read the groups using Get-MgGroup
IDMFUN - More than just Identity & Access Management
by
6M ago
# Step 1: Define the client credentials $clientId= "<<client id>>" $tenantId= "<<tenant id>>" $clientSecret = ConvertTo-SecureString "<<client secret>>" -AsPlainText -Force  # Step 2: Create the PSCredential object $credential = New-Object System.Management.Automation.PSCredential($clientId, $clientSecret) Connect-MgGraph -Credential $credential -TenantId $tenantId # Retrieve all groups with preferred properties $groups = Get-MgGroup -All -Property Id, DisplayName, OnPremisesSyncEnabled, mail # Define the output file path $excelFilePath ..read more
Visit website
Powershell script to check B2B guest account invitation state in bulk
IDMFUN - More than just Identity & Access Management
by
1y ago
 # Install AzureAD module if not already installed Install-Module -Name AzureAD -Force -Scope CurrentUser # Import required modules Import-Module AzureAD # Read emails from Excel sheet $emails = Import-Excel -Path "emails.xlsx" | Select-Object -ExpandProperty Email # Connect to Azure AD Connect-AzureAD # Iterate through emails and check user existence and account status foreach ($email in $emails) {     $user = Get-AzureADUser -Filter "mail eq '$email'"     if ($user) {         Write-Host "User with email $email exists. Account Enabled: $($user.Acco ..read more
Visit website
How to schedule Azure APIM instance backup
IDMFUN - More than just Identity & Access Management
by
1y ago
In this article we will go through high level steps to take backup of Azure APIM instance to a storage account. There are couple of ways to configure a regular backup of the Azure APIM instances. In this instance, we will configure Azure APIM backup using Logic Apps. Before we proceed make sure below services are are already created 1. Azure APIM instance 2. Azure Storage account 3. Container in Azure Storage account Let's see what it takes to configure a scheduled Azure APIM instance backup on a daily basis 1. Create a Logic App and navigate to Logic App designer tab 2. Add Recurrence step an ..read more
Visit website
Check the assigned policies to Application in Azure AD through powershell
IDMFUN - More than just Identity & Access Management
by
1y ago
Install the required Azure AD preview module Install-Module AzureADPreview Connect to Azure AD with valid credentials - Connect-AzureAD Obtain the application Object ID  Get-AzureADServicePrincipal -Filter "DisplayName eq '<<APPLICATION_NAME>>'" Take the ObjectId from the above command result Get-AzureADServicePrincipalPolicy -id  <<OBJECT ID from the above command>>  Get the policy details   Get-AzureADPolicy -Id <<ObjectIdOfthe Policy>> |select *   ..read more
Visit website
PowerShell script to export data Cosmos DB to a CSV file
IDMFUN - More than just Identity & Access Management
by
1y ago
 # Set your Cosmos DB account and database details $resourceGroupName = "<<Resource Group Name>>" $accountName = "<<Azure Cosmos DB Account Name>>" $databaseName = "<<Database Name>>" $containerName = "<<container Name>>" # Set the output CSV file path $outputCsvFilePath = "<<Location>>\export.csv" # Query to retrieve data from Cosmos DB $query = "SELECT * FROM c" # Authenticate to your Azure account (if not already authenticated) # Connect-AzAccount # Get the Cosmos DB container $container = Get-AzCosmosDBSqlContainer -ResourceG ..read more
Visit website
SSO with Apache and Kerberos authentication
IDMFUN - More than just Identity & Access Management
by
4y ago
I'm sharing another use case, "Kerberos + HEADER-based application SSO" implementation experience with Apache and Keberos module. There are times you end up working with a custom authentication & Single Sign-On solution to an application despite modern authentication mechanisms. One such situation is providing seamless access to an application when accessing from an Active Directory domain-joined machine. It technically means leveraging the Kerberos token from the device and authenticates the user into the HEADER-based application. Utilizing Apache web server, Kerberos module, and apache r ..read more
Visit website
How To Correct Microsoft Azure AD IdP SAML Metadata for Qlik Sense printing module SAML integration
IDMFUN - More than just Identity & Access Management
by
4y ago
 When uploading Azure AD SAML metadata to a service provider you might get below error message -   ********************************************************************* SAML xml metadata validation failed with the following error: This is an invalid xsi:type 'http://docs.oasis-open.org/wsfed/federation/200706:SecurityTokenServiceType'” SAML xml metadata validation failed with the following error: This is an invalid xsi:type 'http://docs.oasis-open.org/wsfed/federation/200706:SecurityTokenServiceType'. **************************************************************************** Q ..read more
Visit website
Azure AD Powershell command to query group with DirSyncEnabled attribute
IDMFUN - More than just Identity & Access Management
by
4y ago
There are times you want to know synched or cloud only groups. Command to search synched groups -  Get-AzureADGroup -All $true | where-Object {$_.DirSyncEnabled -eq $TRUE} Command to search cloud only groups -  Get-AzureADGroup -All $true | where-Object {$_.DirSyncEnabled -eq $NULL} Funny enough that DirSyncEnabled attribute contains "TRUE" (if it's synched group) "NULL" (if cloud only) Thanks Siva Pokuri ..read more
Visit website
Azure AD B2B & B2C accounts provision to MS Exchange Address Book
IDMFUN - More than just Identity & Access Management
by
5y ago
Below setting in Azure AD user entry will make the external account visible in Outlook Address book - Create Azure AD guest account using Graph API invitation URL Update the user entry by setting "ShowInAddressList" attribute to "true" using Graph User API Check the email address in Outlook Address Book Note - This above configuration worked in beta version of graph API. Thanks Siva Pokuri ..read more
Visit website

Follow IDMFUN - More than just Identity & Access Management on FeedSpot

Continue with Google
Continue with Apple
OR