When you have a large Azure AD tenant it is likely that you want to scope your SailPoint IdentityNow Source based on the different type of identities it contains. Using the Filtering and Scoping section of the Azure AD Source Configuration Guide from Compass I first started constructing queries as I normally would with Azure AD against the Microsoft Graph API.… keep reading
Azure Active Directory B2B Pending and Accepted User Reports
One of the benefits of Cloud Services is the continual enhancements that vendors provide based on feedback from their customers. One such item of feedback that Microsoft has heard often is the request to know what state a Guest user in Azure AD is in.… keep reading
Creating an AzureAD WebApp using PowerShell to leverage Certificate Based Authentication
Introduction
Previously I’ve posted about using PowerShell to access the Microsoft AzureAD/Graph API in a number of different ways. Two such examples I’ve listed below. The first uses a Username and Password method for Authentication, whilst the second uses a registered application and therefore ClientID and Client Secret.… keep reading
How to Synchronize users Active Directory/Azure Active Directory Photo using Microsoft Identity Manager
Introduction
Whilst Microsoft FIM/MIM can be used to do pretty much anything your requirements dictate, dealing with object types other than text and references can be a little tricky when manipulating them the first time. User Profile Photos fall into that category as they are stored in the directory as binary objects.… keep reading
Adapting to the changes in the AzureAD Preview PowerShell Module ADAL Helper Library
I’m a big proponent of using PowerShell for integration and automation of Azure Active Directory Services using the Azure AD GraphAPI. You may have seen many of my posts leverage the evolving Azure AD Preview PowerShell Module helper libraries. Lines in my scripts that use this look like the one below.… keep reading
Joining Identities between Active Directory and Azure Active Directory using Microsoft Identity Manager
Introduction
One of the foundations of Identity Management is the ability to join an identity between disparate connected systems. As we extend our management of identities into cloud services this adds a few twists.
A key concept is to use an anchor that is persistent.… keep reading
How to create a PowerShell FIM/MIM Management Agent for AzureAD Groups using Differential Sync and Paged Imports
Introduction
I’ve been working on a project where I must have visibility of a large number of Azure AD Groups into Microsoft Identity Manager.
In order to make this efficient I need to use the Differential Query function of the AzureAD Graph API.… keep reading