Questions tagged [active-directory]

1

votes
1

answer
130

Views

Node.js timing w/ activedirectory package

I'm quite a noob with Node but found that the activedirectory package is far better than any alternative Python module for extracting recursive group members across an AD forest so figured, right tool for the job. I've done loads with JS before but obviously this is a different kettle of fish. Basic...
Allan M
1

votes
0

answer
418

Views

unwillingToPerform ldap3 useAccountControl change

I am using ldap3 module in python to create and disable users in AD in python. When I create a user using the following code, from ldap3 import * import ssl tls_configuration = Tls(validate=ssl.CERT_REQUIRED, version=ssl.PROTOCOL_TLSv1) tls_configuration.validate = ssl.CERT_NONE s...
asd
1

votes
0

answer
40

Views

Code freezes when trying to set new user password in Active Directory in ASP.NET MVC 5

var NewUserPC= new PrincipalContext(ContextType.Domain, Server, OU, ServiceUserName, ServiceUserPassword); var user = new UserPrincipal(NewUserPC); user.GivenName = firstName; user.Surname = lastName; user.Name = firstName + ' ' + lastName; user.UserPrincipalName = FILN + '@domain.com'; user.SamAcco...
rStackSharper
1

votes
1

answer
562

Views

Calling a secured REST api from Javascript without user login screen

How would you call the secured REST api from the Javascript script application that doesn't have the login? I have a Javascript application (React) that doesn't have a user login. It needs to call some REST api services that uses Oauth (Azure Ad - WindowsAzureActiveDirectoryBearerAuthentication)....
Michael Sync
1

votes
0

answer
119

Views

Outlook notification subscription using Azure Webhook Domain Not Found

I am working on Creating a push notification for inbox messages to be sent to my azure webhook. I have been following the documentation as a reference. Till now I have been able to create and register my app using the Azure app registration. I got the client_id and client_secret accordingly. Shared...
gkb
1

votes
1

answer
770

Views

Azure AD Cannot hit login.microsoftonline.com/{tenantId}

I am trying to create authentication for my App via Azure Active Directory but have had little luck. I created a new Azure Active Directory instance in portal.azure.com and copied the 'Directory ID' (Click on Azure Active Directory and then properties) and still cannot authenticate. I am trying to u...
Bob
1

votes
0

answer
810

Views

Connect to Active Directory using Java JNDI

I am new to using JNDI and I am trying to connect to Active Directory using JNDI and I am facing either Authentication Error or Connection Time out. I am unable to understand what is the potential reason.This how my Active Directory looks like I have tried the following code public class ConnectAD...
user3679686
1

votes
1

answer
278

Views

Azure access token always returns 401

I have obtained an access token from https://login.microsoftonline.com/tenentid/oauth2/token - using the grant_type=client_credentials Now, when I try to get the embedded token from https://api.powerbi.com/v1.0/myorg/groups/gid/reports/rid/GenerateToken it always returns 401 unauthorized. Does anyon...
Sandeep Dhankhar
1

votes
1

answer
30

Views

Using Azure AD without codebehind

I am learning Windows Identity Foundation and trying to understand authentication via Azure AD using the web.config as described here, but I can not understand, where to find issuer and realm for my application on Azure Portal. Can anybody describe me where is it?
Mixim
1

votes
0

answer
30

Views

Authentication Mechanisms in Terminal Servers

I am working on a legacy application wherein I have to implement authentication mechanism in VDI & Terminal Servers using Azure AD for different types of users (guest, member). I could not find any resources on Azure blogs regarding AAD B2B for VDI and Terminal Servers. Is there any tutorial on appr...
david nadal
1

votes
1

answer
68

Views

Authenticate UWP Client and .Net Core Web App with Customers' Active Directory (Azure or ADFS)

I am building a UWP app and .Net Core API. Both should be deployed at the customers' on-premises and authenticated with Azure Active Directory. Is there a way to authenticate the users without registering the application manually (And specifying the client id and other variables)?
Walaa El Kerdy
1

votes
0

answer
551

Views

Connecting OneLogin to Azure Ad

I am trying to connect One Login to office 365 in order to control the users of Azure from One Login. The idea it is that One Login would be the source of trouth and would sync with azure ad. I did the steps on the tutorial to connect to Office 365 described here But I still get the errors When tryi...
1

votes
0

answer
206

Views

Why do datetime values from AD show up as 'System.__ComObject' in SSIS?

I am trying to create a package in SSIS that will read values from my AD and save into a table in a database. When I run this query: SELECT * FROM OpenQuery ( ADSI, 'SELECT whenCreated, whenChanged, [...], badPasswordTime, sAMAccountName FROM ''LDAP://mydomain.com/OU=ouUsers,DC=MYDOMAIN,DC=com'...
azulu
1

votes
0

answer
66

Views

Call multiple ClaimsEndpoint using Azure AD B2C custom policies

I am using B2C custom policies, to get a third party token and then creating an Azure AD B2C token with that, which contains the claims of the third party. I am using ClaimsEndpoint in the Technical Profile in the policy. The problem I am facing is, that I need multiple claims, and I can't obtain a...
V. G.
1

votes
1

answer
317

Views

Json type claim in Azure AD B2C custom policies

I am using Azure AD B2C custom policies to get claims from a third party and map it to the claims which are returned in the Azure AD B2C token. If the third party returns claims in the form of string, my User journey in the policy works fine. My problem is that the third party is returning the clai...
V. G.
1

votes
1

answer
497

Views

Getting Spring Boot Security Working with Azure AD

Currently trying to get Azure AD integrated with a Spring Boot application I'm working on. I'm utilizing the azure-active-directory-spring-boot-starter package, and following the example laid out in the official documentation on Microsoft's website. However, when following the example, I'm receiving...
ReservedDeveloper
1

votes
1

answer
73

Views

how to register users to mongodb after open id connect authentication?

I have a backend API written in nodejs(authorization with oAuth2) using azure-passport-ad, my frontend angular 5(openId connect), and I`m using Azure AD for authentication, the thing is that our users will have two roles 'student', 'admin', how can I make that difference of roles, does the token ret...
Otto Cheley
1

votes
1

answer
334

Views

Retrieve oauth access token using azure implicit flow

I am using the azure node based api to set up an implicit flow of oauth v2. Upon typing in the url within the browser, although the page doesn't return anything - the browser url is updated to contain access_token and other parameters, following the redirect. I am looking to extract these by using a...
skarred14
1

votes
2

answer
518

Views

Azure AD - get user's profile photo, OAUTH access failure

I'm trying to access the signed in user's Profile Photo in the context of an email app which uses EWS to connect to Office 365. The app is registered on portal.azure.com with the following required permissions: Office 365 Exchange Online -> Access mailboxes as the signed-in user via Exchange Web Ser...
Kostya Vasilyev
1

votes
1

answer
482

Views

Asp.Net Core Azure AD V1.0 JWT Authentication Invalid Signature

I have to make an ASP.NET Core 2.0 Web API application which uses the resources of Microsoft Graph. I tried to make the app use JWT authentication with the following properties: Audience: 'CLIENT_ID'; Authority: 'https://login.microsoftonline.com/TENANT_ID' The idea here is that I have a SPA app whi...
Abraxas
1

votes
2

answer
208

Views

OAuth token state and invalidate

Given I have acquired an OAuth2 token from https://login.windows.net/{tenant-id}/oauth2/token using the password grant type, is their a REST API to get the status of that token invalidate the token (logout) I will be using this token to access Power BI REST APIs
Johno
1

votes
0

answer
452

Views

List users in nested, cross-forest AD groups using PowerShell

I've tried to search for something that matches my case, but I can't find any concrete matches. I'm trying to do an audit for users with access to certain groups in AD. Now, most of these would be members of nested groups some levels down, until finally the last group would be a cross-forest group c...
sbrustad
1

votes
1

answer
312

Views

Xamarin.Forms Azure Mobile App Services Offline Sync without hosting Web Api on Azure

At the moment I have an app that uses Azure Mobile App Services to manage offline sync as well as authentiation. Authentication is done with Azure Active Directory and the way that I have it setup is that the web api is published as an app service on azure and it is configured as an app in the Activ...
Rafael Colon
1

votes
1

answer
494

Views

How to log in using Azure Active Directory

I am using: https://github.com/thephpleague/oauth2-client and https://github.com/TheNetworg/oauth2-azure to allow users to register/login using their MS accounts. I have the first bit working: Users click the login with MS button. Request is then sent and received for auth code. Request is then sent...
Mick
1

votes
1

answer
98

Views

Error “Unable to retrieve tenant service info” from Microsoft Graph

We use the Microsoft Graph .NET SDK to authenticate users who use O365 and to work with the users' files and folders in OneDrive and SharePoint. Today, some of our users started receiving this error message: 'Unable to retrieve tenant service info'. The error code is: 'BadRequest', which doesn't see...
DinhNguyen92
1

votes
1

answer
273

Views

How to resolve Multi Factor authentication for AAD in Selenium test in CI

I am trying to integrate Selenium tests to CI. The problem I am facing is all the users (even test user) is protected by Multi-factor authentication and when I will run test cases on the server with each login there will a prompt user for the Multi factor. We are running selenium test cases on SPA u...
Ramesh Chandra
1

votes
2

answer
61

Views

Deleting VSTS User From Active Directory

Microsoft Docs has substantive info on adding users to VSTS via Active Directory, but I'm not finding specific info on what happens when you delete a VSTS user from AD, or what ripple effects take place when you delete them from VSTS itself. MSFT says removing them from AD may make them still appear...
VSTSNOOB
1

votes
1

answer
253

Views

Which IUser to Use in AcquireTokenSilentAsync in MSAL

I'm asking this question in the context of a mobile (Xamarin) app using Azure AD B2C. The tl;dr; of this is: Should I always use the IUser obtained from the “sign-in / sign-up” policy when invoking PublicClientApplication.AcquireTokenSilentAsync? Now let me explain a scenario a bit. A user trie...
Matt Soucoup
1

votes
0

answer
319

Views

How to implement Azure AD single tenant auth in React and standalone Golang Web API?

We have a React application created with Create-React-App. Right now, it's being served with nginx:alpine in a docker container in Azure App Services. I don't care much about the server since it only serves the built react app as static files. Aside from that, we also have a golang api running stan...
JohnStephen.19
1

votes
1

answer
306

Views

Visual Studio 2017 WebTest authenticate Azure Web App with Azure Active Directory (AAD)

I have an Azure Web App that uses Azure Active Directory to authenticate. I want to create a webtest that logs in and then performs some actions (testing pages basically). What's the 'correct' way to achieve this? After I record the test, when executing it again it doesn't authenticate correctly. If...
Christian Rodriguez
1

votes
1

answer
263

Views

Azure Multi Tenant App Registration: What happens when I add an “Admin Consent” required permission

We've created a Multi Tenant Azure Application Which is registered by several other tenants, with a set of permissions to which an admin already gave consent. Now we want to add some more permissions which require 'Admin consent' My question is what will happen? I would expect, the application will...
Derk Van Lochem
1

votes
0

answer
87

Views

setting MSI for hdinsight VMs inside Vnet

How can i set MSI for HDInsight linux VMs provisioned using ARM template or powershell New-AzureRmHDInsightCluster. I need the cluster to communicate with Azure services that support AD authentication.
Vijay Veera
1

votes
1

answer
410

Views

Asp.net Core Identity - Azure Authentication Middleware

Is there a package for authenticating with Azure AD, for Asp.net Core? For example, the following Authentication packages exist, when querying Nuget: Microsoft.AspNetCore.Authentication.Facebook Microsoft.AspNetCore.Authentication.Twitter Microsoft.AspNetCore.Authentication.Google Microsoft.AspNetCo...
contactmatt
1

votes
1

answer
316

Views

Joining existing windows servers in the AD Azure domain

We did AD on premise synchronization with AD Azure. Now we are thinking of disabling (kill the server and all users log into desktops with their respective accounts in office 365) AD On premises, staying with AD only in the cloud, and inserting other servers only in AD Azure. Can we do this step? O...
Erick Oliveira
1

votes
0

answer
57

Views

How to setup the Azure Active Directory autentication to a single page

I'm using OWIN combined with Azure Active Directory App Registration as my authentication method on my MVC Web App as below to restrict the login user within a single domain. This part is functioning well. public partial class Startup { private static string clientId = ConfigurationManager.AppSettin...
Kyle
1

votes
0

answer
176

Views

Issue with acquireTokenSilentAsync : Refresh Token

I want to use the Azure Active Directory for authorization in my Ionic App I'm successfully able to get the accessToken from Azure AD but after the token get expired I have called the acquireTokenSilentAsync and I'm getting this below error code: AUTH_REFRESH_FAILED_PROMPT_NOT_ALLOWED message: Ref...
Danny
1

votes
0

answer
41

Views

Azure AD users data retrieval issue

I'm trying to get some users related data from Azure AD, using AD Graph API or MS Graph API, but having trouble getting some specific data needed. I need to get data like: LastPasswordChangeTimestamp StrongAuthenticationRequirements (for MFA) StrongPasswordRequired PasswordNeverExpires All the clie...
Elrom Behar
1

votes
0

answer
85

Views

Azure ad sdk doesnot fetch Intunes company portal login for SSO

I have integrated Azure ad in my iOS app. I need to perform SSO when I have already logged into my Comp Portal app(Microsoft Intunes). Note: I am able to perform auto sign-in when I have Authenticator app installed, however this doesn't work if I have only Comp Portal App installed. On android its...
prasad nikumbh
1

votes
0

answer
194

Views

Using Azure GraphClient API how to grant permissions for a new Application?

I followed this instruction (Using Azure GraphClient API how can you create a new Native Application?) and I could create a native application by Azure Graph Client. However, I don't know how to grant permissions by Graph API. This is my code: var app = new Application() { DisplayName = 'appNativeN...
amzdmt
1

votes
1

answer
154

Views

Send Office365 e-mail using AzureAD authenticated user

I have a .Net Core MVC Web application that authenticates the user using AzureAD. At some stage I need to send an e-mail on behalf of that user. I searched for some options and apparently I can do that using Microsoft Exchange Service or Office365 but for both options I need to get the user's creden...
Sibele Lima

View additional questions