Azure AD Registered Applications are the Azure AD version of Active Directory Service Accounts. Over time, the number of them grow and grow, each having permissions to consume information from Azure AD and or Microsoft Graph. As an Administrator of Azure AD there is maintenance associated with these Registered Applications, namely credential validity and more important application validity.… keep reading
ChatOps for Azure Active Directory
Last year I wrote Lithnet Microsoft Identity Manager plug-ins for PoshBot. After publishing those I developed the majority of a PoshBot plugin to enable ChatOps for Azure Active Directory. Finally with a little more bandwidth at the start of 2020 I’ve been able to put the finishing touches on the module and release it.… keep reading
Microsoft Graph using MSAL with PowerShell
Update 9 July 2020: This post details using MSAL with PowerShell for Azure AD Registered Applications with Application Permissions. See this post for using MSAL with PowerShell for Azure AD Registered Applications with Delegated Permissions. See this post for using MSAL with PowerShell for Azure AD Registered Applications using Application Permissions with Certificate based authentication.… keep reading
Microsoft Identity Manager Graph Connector stopped-extensible-extension-error
Running a Delta Import on the Microsoft Identity Manager Graph Connector returns stopped-extensible-extension-error .
Looking into the Application Event Log we initially see BadRequest.
Digging deeper we find DeltaLink older than 30 days is not supported.
In this particular case the Microsoft Graph Connector for Microsoft Identity Manager has not run in over 30 days and the Differential Query DeltaLink cookie that I detailed in this post and this post has expired.… keep reading
Azure AD/Active Directory User Security Evaluation Reporter
During December 2018 – February 2019 Microsoft have run an online Microsoft Graph Security Hackathon on Devpost.
The criteria of the hackathon was;
- Build or update a functioning Microsoft Graph-powered solution that leverages the Microsoft Graph Security API
Following the announcement of the Hackathon I was encouraged by Kloud management to enter. … keep reading
Updated: Azure AD B2B Guest Invitations Microsoft Identity Manager Management Agent
In August I posted this that detailed Automating Azure AD B2B Guest Invitations using Microsoft Identity Manager. More recently Microsoft updated the Microsoft Graph to include additional information about Azure AD B2B Guest users and I wrote this that creates HTML Reports based off these new attributes.… keep reading
Azure Active Directory B2B Pending and Accepted User Reports
One of the benefits of Cloud Services is the continual enhancements that vendors provide based on feedback from their customers. One such item of feedback that Microsoft has heard often is the request to know what state a Guest user in Azure AD is in.… keep reading
Automating Azure AD B2B Guest Invitations using Microsoft Identity Manager
Update: Oct 30 '18 Also see this post that adds support for Microsoft's updates to the Microsoft Graph to include additional information about Azure AD B2B Guest users.
Introduction
Earlier this year Microsoft released the Microsoft Identity Manager Azure AD B2B Management Agent.… keep reading
How to use the FIM/MIM Azure Graph Management Agent for B2B Member/Guest Sync between Azure Tenants
Introduction
UPDATE: August 2018 As promised below I've finally written up my Azure AD B2B Invitation Management Agent. You can find it in this post here. UPDATE: June 2018 When I originally wrote this post the intent was to test the ability of the Graph MA to export to Azure AD.… keep reading
Provisioning Hybrid Exchange/Exchange Online Mailboxes with Microsoft Identity Manager
Introduction
Working for Kloud all our projects involve Cloud services, and all our customers have varying and unique requirements. Recently one of our customers embarked on their migration from On-Premise Exchange to Exchange Online. Nothing really groundbreaking there though, however they had a number of unique requirements including management of Litigation Hold.… keep reading