Showing posts from 2016

Azure Active Directory Domain Services Limitations

I work with Azure Active Directory (AAD) and enabled the Domain Services (AAD DS) feature to manage all my virtual machines and user-accounts. Domain Services is basically a Windows Domain Controller (in fact there are two of them), which provides Domain Join, LDAP and Authentication  for your cloud hosted network and machines. As a result, all users in the AAD can login to the Windows machines by using their AAD-Account. From the documentation ( ). Your domain controller as a service “Lift-and-shift” apps to Azure more easily than ever Use LDAP, Active Directory domain join, NTLM, and Kerberos authentication Rely on a managed, highly-available service Get started in minutes, pay as you go Develop and test with no identity worries Manage Azure virtual machines effectively using Group Policy I use the following setup, often referred as "cloud-only organizations" Known Limitations While

Fixing empty files with grunt-typescript

I recently faced the problem of an empty app.js file while working with gulp and the typescript compiler, which was wrapped using the grunt-typescript module. Synopsis : Almost every third or fourth call, the concatenated app.js was empty at the time where other gulp-tasks where running. The dependencies where all fine, and the gulp-output showed that the typescript-Task has successfully completed before the dependent task was started. However, the file was empty a the moment the dependent task tried to do anything with it. As you can see, the build:ts and even the build-task has completed without errors. Solution : After hours of work (debugging grunt-plugins is a pain), I found a solution which helped to actually wait for the particular file to exist or has its contents written to it. Its a simple task, which I have added to the chain of tasks immediately before the task which actually needs the missing file to exist var fs = require("fs")

Deleting Azure Active Directory Users in C#

Using the Azure Active Directory with the official client Libraries is straighforward. Just Install the required libraries in your C# Project PM> Install-Package Microsoft.IdentityModel.Clients.ActiveDirectory for authenticating yourself against the AD - and PM> Install-Package Microsoft.Azure.ActiveDirectory.GraphClient for accessing the directory Create your application in the directory Generate a ClientSecret for the Application Give permission to manager the AD to the Application Put it all together See: for further assistance. But When it comes to deletion of objects (Users, Groups, etc.) it will become less easy, because the application you created has not enough permissions to delete objects. You might see the error "Insufficient privileges to complete the operation." This is caused by the setup of the application in the AD itself and the missing membership to the "Company Adm