Modifying the attribute mapping in API-driven provisioning to on-premises Active Directory.

This blog post is a small continuation of the blog post about Getting started with API-driven Inbound User Provisioning to On-Premises AD, but in this blog, I’m going to show you how to modify the API and Active Directory mapping of attributes when you are provisioning users. This is useful if want to customize mapping … Read more

Getting started with API-driven Inbound User Provisioning to On-Premises AD

API-driven Inbound User Provisioning to On-Premises AD is a feature that I personally have been really excited about for quite some time. I started working with it when it was in public preview around June 2023 and it went to General Availability in early 2024.API-driven Inbound User Provisioning is streamlined way of managing users in … Read more

Monitor Azure App registration secret / certificate expiry with PowerShell

I came across a need to know when a certificates and secrets are about to expire on Azure app registrations, but there was no native way for me do this, expect to just scroll down the application registration list and look for “Expirer soon”, and that didn’t really do it for me.
So, I decided to look for way to get notified a number of days before a secret or a certificate will expire using PowerShell. I ended up writing this script and then running it using an Automation Account in Azure, but you can run this script everywhere, if you have the Microsoft Graph PowerShell module installed on the platform of your choice.

Read more

Using Azure Service principal to run PowerShell script on Azure SQL server (Managed instance)

Azure service principals (or App regs.) is nice secure way to connect to fx. a Azure SQL manage instance and then perform querys using PowerShell. This is an ideal alternativ to using a local Service Account. The upside to this is that you can authenticate with a secret or with a certificate that you create for yourself or the machine you are running your script(s) from.

Read more

Assign Azure SQL database permissions to AAD group

Intro
When you create an Azure SQL database (DB) right of the bat, you will be faced with the need to assign permission in the database to users or security groups. Normally on an on-premises SQL DB it’s no problem and can be done using the GUI in SSMS. But for an Azure SQL DB, there is no GUI to assign permissions, you will need to use SQL queries to assign permissions to users or groups. Let me show you how to assign SQL DB permissions to a AAD security group.

Read more