Posts

Showing posts from 2016

Azure Active Directory Domain Services Limitations

Image
I work with Azure Active Directory (AAD) and enabled the Domain Services (AAD DS) feature to manage all my virtual machines and user-accounts. Domain Services is basically a Windows Domain Controller (in fact there are two of them), which provides Domain Join, LDAP and Authentication for your cloud hosted network and machines.
As a result, all users in the AAD can login to the Windows machines by using their AAD-Account.
From the documentation (https://azure.microsoft.com/en-us/services/active-directory-ds/). Your domain controller as a service “Lift-and-shift” apps to Azure more easily than everUse LDAP, Active Directory domain join, NTLM, and Kerberos authenticationRely on a managed, highly-available serviceGet started in minutes, pay as you goDevelop and test with no identity worriesManage Azure virtual machines effectively using Group Policy I use the following setup, often referred as "cloud-only organizations"

Known Limitations While still in the preview phase, I would …

Fixing empty files with grunt-typescript

Image
I recently faced the problem of an empty app.js file while working with gulp and the typescript compiler, which was wrapped using the grunt-typescript module.



Synopsis: Almost every third or fourth call, the concatenated app.js was empty at the time where other gulp-tasks where running. The dependencies where all fine, and the gulp-output showed that the typescript-Task has successfully completed before the dependent task was started. However, the file was empty a the moment the dependent task tried to do anything with it.


As you can see, the build:ts and even the build-task has completed without errors.

Solution: After hours of work (debugging grunt-plugins is a pain), I found a solution which helped to actually wait for the particular file to exist or has its contents written to it.

Its a simple task, which I have added to the chain of tasks immediately before the task which actually needs the missing file to exist
var fs = require("fs") // Load the filesystem …

Deleting Azure Active Directory Users in C#

Image
Using the Azure Active Directory with the official client Libraries is straighforward. Just Install the required libraries in your C# Project
PM> Install-Package Microsoft.IdentityModel.Clients.ActiveDirectory for authenticating yourself against the AD - and
PM> Install-Package Microsoft.Azure.ActiveDirectory.GraphClient for accessing the directoryCreate your application in the directoryGenerate a ClientSecret for the ApplicationGive permission to manager the AD to the ApplicationPut it all together See: http://justazure.com/azure-active-directory-part-5-graph-api/ for further assistance.
But When it comes to deletion of objects (Users, Groups, etc.) it will become less easy, because the application you created has not enough permissions to delete objects. You might see the error

"Insufficient privileges to complete the operation."
This is caused by the setup of the application in the AD itself and the missing membership to the "Company Administrator"-Role.

See…