Enterprise Microsoft and SailPoint Identity & Access Management Architect
Earlier this week I posted this blog post that showed a working example of using a custom Pwned Password FIM/MIM Management Agent to flag a boolean attribute in the MIM Service to indicate whether a users password is in the pwned passwords dataset or not.… keep reading
As the title suggests this is Part 2 of a three-part post on configuring FIM/MIM to synchronise users passwords from AD to the Domino ID Vault via PCNS and FIM/MIM.
Part 1 here detailed the creation of a PowerShell Management Agent to join users from Domino to the MIM Sync Metaverse.… keep reading
Recently I wrote about getting started with the latest IBM/Lotus Notes/Domino Management Agent for Microsoft Identity Manager. In a recent engagement we are using that MA to provision and manage identities into Domino. We are also using the MA to synchronise passwords via PCNS and MIM to the Notes users’ Internet (HTTP) password.… keep reading
Update: An element of this solution details checking passwords online (using the Have I Been Pwned API). Troy explains succinctly in his blog-post announcing the pwned passwords list why this is a bad idea. If you are looking to implement the concept I detail in this post then WE STRONGLY recommend using a local copy of the pwned password list.… keep reading
Recently I posted about implementing the Microsoft IBM/Lotus Domino Management Agent.
In the implementation I needed to synchronise password changes from Active Directory to Lotus Notes (HTTP Password). After configuring PCNS to send password change events to the FIM/MIM server, and configuring the IBM Domino MA as a password target I was hoping everything would just fire up like it normally does with PCNS.… keep reading
Last week (19 July 2017) one of Microsoft’s Azure Security Center’s latest features went from Private Preview to Public Preview. The feature is Azure Just in time Virtual Machine Access.
Essentially JIT VM Access is a wrapper for automating an Azure Network Security Group rule set for access to an Azure VM(s) for a temporal period on a set of network ports restricted to a source IP/Network.… keep reading
A couple of weeks back I inherited a Microsoft Identity Manager development environment that wasn’t quite complete. When I performed a sync on a user object I got the following error; sync-rule-validation-parsing-error
Looking into the error for further details, Details and Stack Trace were both greyed out as shown below.… keep reading
Remember the good old days of working from home, or checking your email/doing research for whatever you were working on and you had to plug-in the phone line to the modem and dialup your ISP or employer to access the internet? The… keep reading
A few weeks back I noticed that I now had the option for the Azure Cloud Shell in the Azure Portal.
Essentially rather than having the Azure CLI installed on your local workstation, you can now initiate it from the Portal and you have automatically assigned (initiated as part of the setup) 5Gbytes of storage associated with it.… keep reading
This week I was building in Azure a Linux Server (Ubuntu 14). I’d deployed my new Ubuntu Server and I went to connect to it. But I was on a brand new laptop. No tools with SSH installed. Damn. As I was about to go and get my usual windows favorite SSH tools I remembered a session of Build 2017 and Microsoft starting to talk more loudly about Windows Subsystem for Linux.… keep reading