darrenjrobinson – Bespoke Identity and Access Management Solutions
Enterprise Microsoft and SailPoint Identity & Access Management Architect
As I mentioned in a recent post I’ve recently dived back into Microsoft Identity Manager. The focus of this post is some development I recently did to build a Microsoft Dynamics 365 Finance & Operations Management Agent for Microsoft Identity Manager.… keep reading
Collaboration between Azure Active Directory tenants typically involves Azure AD Guest accounts. After a few years, the proliferation of ‘Guest’ accounts usually becomes a focus, especially for larger tenants. As Azure AD has matured the meta data associated with accounts, along with Microsoft Graph improvements is making it easier to define and locate stale Azure AD B2B Guest Accounts.… keep reading
Azure AD Registered Applications are the Azure AD version of Active Directory Service Accounts. Over time, the number of them grow and grow, each having permissions to consume information from Azure AD and or Microsoft Graph. As an Administrator of Azure AD there is maintenance associated with these Registered Applications, namely credential validity and more important application validity.… keep reading
Last year I wrote Lithnet Microsoft Identity Manager plug-ins for PoshBot. After publishing those I developed the majority of a PoshBot plugin to enable ChatOps for Azure Active Directory. Finally with a little more bandwidth at the start of 2020 I’ve been able to put the finishing touches on the module and release it.… keep reading
SailPoint IdentityNow has numerous Email Templates associated with the solution. It is pertinent to have a backup of customisations to IdentityNow Email templates. I’ve previously documented examples for generating configuration reports and configuration backups for;
This post details exporting email templates configuration and generating an HTML IdentityNow Email Template Report.… keep reading
An IdentityNow Security Configuration Report of a SailPoint IdentityNow environment is a valuable artefact to have. I’ve previously documented examples for generating reports for;
But what about the configuration of items such as;
The script (further below) leverages the SailPoint IdentityNow PowerShell Module to generate a HTML report of the configuration items listed above.… keep reading
The SailPoint IdentityNow Workday Source by default will retrieve the standard Workday records and associated metadata for employees and contingent workers. However, if you want to retrieve less or additional information from Workday you need to update the configuration for the Workday Response Groups.… keep reading
Update Nov 2020: Please checkout the IdentityNow PowerShell Module readme here for the latest details for generating v2 and v3 IdentityNow API Credentials.
This post details how to generate SailPoint IdentityNow v2 and v3 API credentials. This method is valid as of Oct 2019 whereby v3 Credentials are now able to be generated via the SailPoint IdentityNow Portal and v2 Credentials can be generated via the IdentityNow API.… keep reading
Jan 28, 2020 Also see ChatOps for Azure Active Directory
A Bot or ChatOps for Microsoft Identity Manager is something I’ve had in the back of my mind for just over two years. More recently last year I did build the Voice Assistant for Microsoft Identity Manager as a submission for an IoT Hackathon.… keep reading
The Managed Identities for Azure Resources feature is a free service with Azure Active Directory. Formerly known as Managed Service Identity, Managed Identities for Azure Resources first appeared in services such as Azure Functions a couple of years ago. Much more recent though Azure Copy (AzCopy) now supports Azure Virtual Machines Managed Identity.… keep reading