By default a ‘Registered Application’ account is not a member of any Directory Roles and/or group memberships and there is no easy way to make these changes using the portal. You may have an API or back-end application that will be required to perform actions on your AD that requires elevated permissions (e.g. Reset passwords or delete accounts etc..)
Normally for advanced configuration, you will need to start editing the manifest file. Luckily this has been made easy using the Portal. You can now edit the file directly, or download, make changes and then upload.
However, to make a ‘Registered Application’ a member of a ‘Directory Administrative Role’ you need to use PowerShell to add the role member to the ‘Service Principal’ (as I couldn’t find a way to do this in the manifest!).
Continue reading “Azure Active Directory – How to give a Registered Application an AD Directory Administrative Role”
I have recently been trying to program against the Azure Active Directory (AAD) using the
Microsoft.Azure.ActiveDirectory.GraphClient library. Unfortunately this library literally has no useful comments to assist understanding or clarify parameters etc.. Let alone how best to use or implement objects and methods or what and why exception may occur.
Equally the MSDN documentation seems to be lacking in any examples and really has minimal comments (although I see it’s getting a bit better…I think).
To this end I have created a ‘wrapper / handler’ to simplify all sorts of AAD interactions called AADGraphHandler. It effectively will help manage the creation of the
ActiveDirectoryClient and a bunch of it’s operations. You can find this on GitHub at https://github.com/nrogoff/AADGraphHandler
You can get access to the ActiveDirectoryClient directly, and so any methods not covered yet. (e.g. Adding and removing roles to a user. Just not needed it yet!)
Continue reading “Azure Active Directory Graph API Wrapper to help make it a bit easier!”
Thanks to Simon J.K. Pedersen (https://github.com/sjkp) there is now a reasonably easy way to get auto-updating “Let’s Encrypt” SSL certificates in you Azure App Services using the “Azure Let’s Encrypt” Extension (https://github.com/sjkp/letsencrypt-siteextension).
There are some very comprehensive install and setup steps here https://github.com/sjkp/letsencrypt-siteextension/wiki/How-to-install
Continue reading “Let’s Encrypt Extension for Azure App Services”
Quick helper boiler plates for setting up your Unit Test.
I have included ReSharper Template here that you can import directly Resharper Templates.
After importing the ReSharper Templates then you can use ‘uTestBoiler’ or ‘uTestnUnitBoiler’ shortcuts to add the code below into any test class.
If you don’t have ReSharper, then you can add the snippets below to Visual Studios Snippet Manager by following the instructions here https://msdn.microsoft.com/en-us/library/ms165394.aspx
Continue reading “Unit Test Class ReSharper Template and Snippets for nUnit and MS Test”
You may have discovered that deleting an Azure Active Directory is a particularly frustrating experience that ultimately ends in failure. The new portal have improved things a bit, by running through a series of check before the delete button is enabled.
You may need to go back to the Classic portal (https://manage.windowsazure.com) to see some of the objects/resources to delete.
However, although this will help you remove ‘most’ of what you need to, unfortunately NOT all!
In this case I got a “Unable to delete directory”
Continue reading “How to delete an Azure Active Directory (ADD) Tenant”
When you first create a new repository in GitHub, you get a very handy drop down of Open Source Licenses options to add. This is really useful and saves you trying to find the standard copy somewhere.
If you don’t choose one when you create the repo, then there is a sneaky way to get that drop down back and easily add a standard license file later. Continue reading “How to add Open Source License to your GitHub repository”