Questions tagged [active-directory]

1

votes
3

answer
255

Views

Can I use Azure AD/Azure AD B2B/Azure AD B2C in this scenario?

We have several asp.net applications, each has its own users tables and databases. Each application does is own login/reset password etc. Our users are from different companies, so a user is an employee from that company. Now we want to use a central identity provider and let it do all the authenti...
martial
1

votes
3

answer
751

Views

faster way to get AD memberships for millions of AD groups in a network with multiple trusted forests and domains

First, I cannot get into why I need this data and I cannot get into specifics about the network. You'll have to trust me there is no other way to get this data other than a PowerShell script to run LDAP queries. I am working with a network that has multiple forests and multiple domains. There is a t...
IMTheNachoMan
1

votes
1

answer
954

Views

What is the difference between uid and sAMAccountName

What is the difference between uid and sAMAccountName attributes of a Microsoft Active Directory. Edit : I am aware of the fact that sAMAccountName is a mandatory field and uid is not. Can someone explain how they differ from each other in terms of usage
Prayag Sagar
1

votes
1

answer
311

Views

How do I authenticate a user against an Azure storage blob in python?

I'm looking for a way to authenticate a user against an Azure blob container. The sample code (yep, newbie alert) works just fine, using an access key for the storage account, but that feels uncomfortably like giving away full control of the entire storage account to anyone who steals the credential...
zaump
1

votes
1

answer
50

Views

403 forbidden when retrieve all users from Azure AD using Graph API

I get a 403 Forbidden response from Azure AD when trying to get all users using the Graph API: public static async Task AppAuthenticationAsync() { var tenant = ConfigurationManager.AppSettings['ida:TenantId']; var resource = 'https://graph.microsoft.com/'; var clientID = ConfigurationManager.AppSett...
User5590
1

votes
1

answer
65

Views

Accessing MS Graph API with directly obtained token issue

My project is based on this on-behalf-of-flow example. In my web api I have a non-restricted by [Authorize] method which receives login and password. I also have a restricted method which gets some info from MS Graph API: [HttpGet] [Authorize] [Route('[action]')] public async Task Info() { string re...
amplifier
1

votes
1

answer
77

Views

Bearer token is not valid when calling the graph API

I would like to see full information on my users in the AD (users in groups, etc...) I already have an application that signs in to AD and then I get a bearer token that has access to my azure blockchain workbench API and everything works fine. The workbench API has a users endpoint but the informat...
Contentop
1

votes
1

answer
24

Views

Can Azure change a users OID?

we are going to be storing users information in Cosmos. Storing their information against their email address is not an option. Instead, we are looking at storing against OID. Can Azure change a users OID?
Albert
1

votes
1

answer
68

Views

Azure service to query Azure Active Directory

Suggest any azure service which can connect customer azure active directory can query customer azure active directory keep my application azure active directory in sync with any future change (add/remove user) on customer azure active directory ?
thiru
1

votes
1

answer
73

Views

Integrate Azure Multi-Factor-Authentication in website to authenticate its users

I have a website (built in PHP), OS of web-server is Linux (Ubuntu) from AWS EC2, I want to integrate Azure MFA in website to authenticate users using 2FA (2 factor authentication), I checked this code using Node JS https://github.com/Azure-Samples/active-directory-node-webapp-openidconnect It is a...
Herry Shawn
1

votes
2

answer
44

Views

ADAL: Where do I view the resource ID's?

I'm new to using adal-node npm package. In the example it mentions: var resource = '00000002-0000-0000-c000-000000000000'; Where is this ID from? From my use-case, I just want to batch update users in my AD.
nxmohamad
1

votes
1

answer
64

Views

Microsoft Graph and access without a user

I'm trying to upload and download files in my sharepoint online using a background task (daemon) that runs frequently in my ASP.NET Core app. Because it's a background task, no user identity is used. Instead, I tried to follow this document, getting an access token using the https://graph.microsof...
Los Morales
1

votes
1

answer
17

Views

What next after purchasing Microsoft 365?

My boss purchased Microsoft 365 which came in three products. He now challenged me to design a management system, like an employee self-service portal. I am hereby looking for advice on where to start or which product to use, since I am new to this. I have tried a bit of research and I came across t...
Seyyid Said
1

votes
3

answer
1.3k

Views

C# Powershell Interop

The Sys Admin guy is writing some common housekeeping Power Shell scripts. Predominantly for AD management (updating exchange details, moving people around security groups etc.) I'd like to use these scripts from C# (I intend to write it as a library, consumed by a web site). I've seen this code pro...
Ed Blackburn
1

votes
2

answer
6.5k

Views

Spring ldap authentication failed error codes

I'm using Spring LDAP (1.3.1) to talk to ADAM and Active Directory. When I try to authenticate someone using ldapTemplate.authenticate() I get back errors via the error callback, but it gives a very generic exception AuthenticationException and I cannot extract what exactly is the problem: account...
Alexandru Luchian
1

votes
1

answer
9

Views

How do I not print a string if request AD field is empty

I've written a script that queries our Domain controllers AD, and pulls out data to create an email signature, I've done this using numerous tutorials online as I've previously not had any experience with this language. Everything works perfectly, with the exception of one field; mobile phone. I wou...
0

votes
1

answer
7

Views

validating the issuer - token has issuer https://login.microsoftonline.com/Xv2.0 but sample implies i should validate using https://sts.windows.net/X

I'm trying to follow the example validation code in https://azure.microsoft.com/en-us/resources/samples/active-directory-dotnet-webapi-manual-jwt-validation/ (REALLY the code in https://github.com/Azure-Samples/active-directory-dotnet-webapi-manual-jwt-validation/blob/master/TodoListService-ManualJ...
Lewis Pringle
1

votes
2

answer
555

Views

Expanding MemberOf

Currently working on a PowerShell script for a data vault / security auditing system. I am currently having some difficulty with the below script $table_user = @() $record_user = [ordered]@{ 'ObjectGUID' = '' 'SamAccountName' = '' 'Name' = '' 'Surname' = '' 'Give...
Merenix
1

votes
2

answer
12k

Views

LDAP query in PowerShell

Im trying to run the below query in powershell with no success :( ((mailNickname=id*)(whenChanged>=20170701000000.0Z))(|(userAccountControl=514)(userAccountControl=66050))(|(memberof=CN=VPN,OU=VpnAccess,OU=Domain Global,OU=Groups,OU=01,DC=em,DC=pl,DC=ad,DC=mnl)(memberof=CN=VPN-2,OU=VpnAccess,OU=Doma...
Chrismage
1

votes
2

answer
2.8k

Views

What is the difference between IAM and Azure AD on the azure cloud?

What is the difference between IAM and Azure AD on the azure cloud? They don't make it clear.
arcom
0

votes
0

answer
7

Views

.NET MVC Application - Azure Active Directory - Redirecting to LocalHost

I have a .NET MVC applicatoin and I am trying to use Azure AD Authentication. I create a new project and chose 'Work or School Accounts' Cloud - Single Organiszation At no time does it ask me for a redirect URL I then click okay and it creates the solution (as well as registering it at Azure AD). P...
Always Learning
1

votes
2

answer
41

Views

move AD group by file

I'm new with PS and doing my first steps.. I have a file named 'C:\temp\used_groups.csv'. The file has email address of AD Groups populated by Powershell script to check which distributions group are being used in 365. Now I want to be able to move them to different OU. the file has some AD group's...
Ohad_E
1

votes
2

answer
82

Views

AADSTS50011 - The reply url specified in the request does not match the reply urls configured for the application

I'm getting this error while trying to use OpenID to login from my mobile app. I'm using React Native App Auth (https://github.com/FormidableLabs/react-native-app-auth#azure-active-directory) to authenticate my app to AAD. The same setup is already working with Okta and Google OpenID providers. Thes...
gmlion
1

votes
3

answer
29

Views

using linq on active directories underlying object

Currently my code is: using (var context = new PrincipalContext(ContextType.Domain, adDomain)) { using (var searcher = new PrincipalSearcher(new UserPrincipal(context))) { foreach (Principal result in searcher.FindAll()) { DirectoryEntry entry = result.GetUnderlyingObject() as DirectoryEntry; if (en...
Bryan Dellinger
1

votes
2

answer
4.7k

Views

Active directory Notes field max character length

Does anyone know what is the max character length in the AD notes field?
chugh97
0

votes
0

answer
15

Views

There is any way to create active directory server online for testing purpose?

I have created iOS mobile app, now i want to authenticate user from active directory credentials, but here i don't have any active directory server, so is there any free online active directory server available for that?
Azim Kazi
1

votes
1

answer
130

Views

Node.js timing w/ activedirectory package

I'm quite a noob with Node but found that the activedirectory package is far better than any alternative Python module for extracting recursive group members across an AD forest so figured, right tool for the job. I've done loads with JS before but obviously this is a different kettle of fish. Basic...
Allan M
1

votes
0

answer
418

Views

unwillingToPerform ldap3 useAccountControl change

I am using ldap3 module in python to create and disable users in AD in python. When I create a user using the following code, from ldap3 import * import ssl tls_configuration = Tls(validate=ssl.CERT_REQUIRED, version=ssl.PROTOCOL_TLSv1) tls_configuration.validate = ssl.CERT_NONE s...
asd
1

votes
0

answer
40

Views

Code freezes when trying to set new user password in Active Directory in ASP.NET MVC 5

var NewUserPC= new PrincipalContext(ContextType.Domain, Server, OU, ServiceUserName, ServiceUserPassword); var user = new UserPrincipal(NewUserPC); user.GivenName = firstName; user.Surname = lastName; user.Name = firstName + ' ' + lastName; user.UserPrincipalName = FILN + '@domain.com'; user.SamAcco...
rStackSharper
1

votes
1

answer
562

Views

Calling a secured REST api from Javascript without user login screen

How would you call the secured REST api from the Javascript script application that doesn't have the login? I have a Javascript application (React) that doesn't have a user login. It needs to call some REST api services that uses Oauth (Azure Ad - WindowsAzureActiveDirectoryBearerAuthentication)....
Michael Sync
1

votes
0

answer
119

Views

Outlook notification subscription using Azure Webhook Domain Not Found

I am working on Creating a push notification for inbox messages to be sent to my azure webhook. I have been following the documentation as a reference. Till now I have been able to create and register my app using the Azure app registration. I got the client_id and client_secret accordingly. Shared...
gkb
1

votes
1

answer
770

Views

Azure AD Cannot hit login.microsoftonline.com/{tenantId}

I am trying to create authentication for my App via Azure Active Directory but have had little luck. I created a new Azure Active Directory instance in portal.azure.com and copied the 'Directory ID' (Click on Azure Active Directory and then properties) and still cannot authenticate. I am trying to u...
Bob
1

votes
0

answer
810

Views

Connect to Active Directory using Java JNDI

I am new to using JNDI and I am trying to connect to Active Directory using JNDI and I am facing either Authentication Error or Connection Time out. I am unable to understand what is the potential reason.This how my Active Directory looks like I have tried the following code public class ConnectAD...
user3679686
1

votes
1

answer
278

Views

Azure access token always returns 401

I have obtained an access token from https://login.microsoftonline.com/tenentid/oauth2/token - using the grant_type=client_credentials Now, when I try to get the embedded token from https://api.powerbi.com/v1.0/myorg/groups/gid/reports/rid/GenerateToken it always returns 401 unauthorized. Does anyon...
Sandeep Dhankhar
1

votes
1

answer
30

Views

Using Azure AD without codebehind

I am learning Windows Identity Foundation and trying to understand authentication via Azure AD using the web.config as described here, but I can not understand, where to find issuer and realm for my application on Azure Portal. Can anybody describe me where is it?
Mixim
1

votes
0

answer
30

Views

Authentication Mechanisms in Terminal Servers

I am working on a legacy application wherein I have to implement authentication mechanism in VDI & Terminal Servers using Azure AD for different types of users (guest, member). I could not find any resources on Azure blogs regarding AAD B2B for VDI and Terminal Servers. Is there any tutorial on appr...
david nadal
1

votes
1

answer
68

Views

Authenticate UWP Client and .Net Core Web App with Customers' Active Directory (Azure or ADFS)

I am building a UWP app and .Net Core API. Both should be deployed at the customers' on-premises and authenticated with Azure Active Directory. Is there a way to authenticate the users without registering the application manually (And specifying the client id and other variables)?
Walaa El Kerdy
1

votes
0

answer
551

Views

Connecting OneLogin to Azure Ad

I am trying to connect One Login to office 365 in order to control the users of Azure from One Login. The idea it is that One Login would be the source of trouth and would sync with azure ad. I did the steps on the tutorial to connect to Office 365 described here But I still get the errors When tryi...
1

votes
0

answer
206

Views

Why do datetime values from AD show up as 'System.__ComObject' in SSIS?

I am trying to create a package in SSIS that will read values from my AD and save into a table in a database. When I run this query: SELECT * FROM OpenQuery ( ADSI, 'SELECT whenCreated, whenChanged, [...], badPasswordTime, sAMAccountName FROM ''LDAP://mydomain.com/OU=ouUsers,DC=MYDOMAIN,DC=com'...
azulu
1

votes
0

answer
66

Views

Call multiple ClaimsEndpoint using Azure AD B2C custom policies

I am using B2C custom policies, to get a third party token and then creating an Azure AD B2C token with that, which contains the claims of the third party. I am using ClaimsEndpoint in the Technical Profile in the policy. The problem I am facing is, that I need multiple claims, and I can't obtain a...
V. G.

View additional questions