Forum Widgets
Latest Discussions
angular-b2c-sample-app and iframes
I have a project that I based on this sample project: https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/msal-angular-v3-samples/angular-b2c-sample-app Currently I have the custom policies as intended. Button, redirects to a azure page, finishes w/e the custom policy is, redirects back to the web app. But now I need to using said custom policy as an iframe, basically the client requests that there is less one layer of buttons to pressed. Therefore I want the custom policy to be displayed as an iframe, making the web app feel more single page. I have looked around, but can't really find anything detailed enough. Any help is welcomed :)TiagoCJan 24, 2025Copper Contributor9Views0likes1CommentARM Templates (API Versions)
Hi All, I have question regarding ARM templates API versions. I notice that when I create some resources I have to specify different API Versions for them. Is there any common API version we can apply ? because sometimes its so cumbersome to use different API versions for different resources. ThanksSolvedkasunsjcJan 23, 2025Iron Contributor11KViews2likes6CommentsEntra Connect - Access to onsite Server Shares
Will setting up Entra Connect and syncing AD IDs with Entra IDs provide access to on Prem Windows server shares? We are planning for our migration to the cloud and have a bunch of Windows server shares that users currently access with their Active Directory accounts. Setting up Entra Connect and syncing the AD accounts to Entra ID Accounts provide the same access to these shares? Migrating the file shares to Entra ID is a bigger migration project probably further down the road. I found this article but it's the other way around, Hybrid identities accessing Azure shares: https://learn.microsoft.com/en-us/azure/storage/files/storage-files-identity-auth-hybrid-identities-enable?tabs=azure-portal%2CintuneSamEJan 23, 2025Occasional Reader24Views0likes3CommentsNew Azure GxP guidelines help pharmaceutical and biotech customers build GxP solutions
We recently released a detailed set of GxP qualification guidelines for our Azure customers. These guidelines give life sciences organizations, such as pharmaceutical and biotechnology companies, a comprehensive toolset for building solutions that meet GxP compliance regulations. GxP is a general abbreviation for "good practice" quality guidelines and regulations. Technology systems that use GxP processes such as Good Laboratory Practices (GLP), Good Clinical Practices (GCP), and Good Manufacturing Practices (GMP) require validation of adherence to GxP. Solutions are considered qualified when they can demonstrate the ability to fulfill GxP requirements. GxP regulations include pharmaceutical requirements, such as those outlined in the U.S. Food and Drug Administration CFR Title 21 Part 11, and EU GMP Annex 11. Read about it in the Azure blog.EricStarkerJan 22, 2025Former Employee818Views2likes1CommentRunning self hosted agent in interactive mode on on-prem server
I have a scenario, Where I have some UFT Developer Automation Tests cases that carry UI automation of Facets Application. I have them running on TFS release pipelines but the test cases are failing because the agent is not able to find the Facets window as it is running as a service and we need to configure the ADO agent to run in interactive mode for UI test. Instead of manually logging in to the server and trigger the agent to run in interactive how can we automate that because i need 50 agents to run in the interactive modejayendharreddy24Jan 21, 2025Copper Contributor143Views0likes2CommentsRandomly 401 errors accessing AZ Devops artifacts
Hello! We are experiencing random 401 errors during maven download artifacts. The token is valid. It happens randomly. We're not sure whether there is something wrong on Azure Devops. Is anybody experiencing the same issue? Thanks!sacuccurulloJan 21, 2025Copper Contributor235Views0likes2CommentsError in Manager data synchronization via SCIM
Hello! My name is Alex Moiseev, and I am experiencing an issue with user synchronization via SCIM with Azure Active Directory. Well, actually with manager synchronization. As far as I understand, the approach of provisioning of the user is the following. Step 1. Provisioner tries to get info about the user by id with GET User resource request. Step 2. Based on information received, Provisioner decides should the whole information about the user be sent or there is a need only to update certain fields. Step 3. Provisioner send POST or PUT/PATCH request with user details to create/update user on the receiver side. And everything works more or less ok, but the managers. In user data to provide there is one field, which is used for manager info: urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:manager When there is no manager on consumer side assigned to the user, everything works perfectly. The provisioner sends manager info in both cases - with existing and with non-existing user. If the manager is changed on Azure AD side, we still receive manager data in the field mentioned in PATCH request in order to overwrite stored manager. But when the manager is removed on Azure AD side, we didn't receive any information about it - urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:manager field doesn't exist in PATCH request. We thought, that may be because we didn't add manager information in GET User resource response. We tried to add manager information there according to the documentation (https://docs.microsoft.com/en-us/azure/active-directory/app-provisioning/use-scim-to-provision-users-and-groups) by adding "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": { "manager": "0" }, We use "0" in order to make the provisioner to send us information about the manager in each request. But we've got an error there: Error message We are not able to deserialize the resource received from your SCIM endpoint because your SCIM endpoint is not fully compatible with the Azure Active Directory SCIM client. Here is the resource we received from your SCIM endpoint: { "schemas”: [ "urn:ietf:params:scim:schemas:core:2.0:User", "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User" ], "externalId": "Worker", "id": "1548197", "userName": "email address removed for privacy reasons", "name": { "familyName": "Ker", "givenName": "Wor" }, "emails": [ { "value": "email address removed for privacy reasons", "type": "work", "primary": true } ], "title": "Developer", "locale": "nl", "timezone": "CEST", "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": { "manager": "0" }, "active": true, "displayName": "Wor Ker" } Please refer to the Azure Active Directory SCIM provisioning documentation (https://docs.microsoft.com/en-us/azure/active-directory/app-provisioning/use-scim-to-provision-users-and-groups) and adapt the SCIM endpoint to be able to process provisioning requests from Azure Active Directory. We have reviewed the documentation referenced, and the format for specifying the manager is exactly as indicated in the documentation. If the "manager" field is removed from the data, the error does not occur. So, the questions are: 1. How should we provide manager information in the response of GET User resource call? 2. How should we catch the removing of the manager in Azure in a proper way? I would appreciate your assistance in resolving this issue. I'd like to know what is causing the error and how to correctly transmit manager information via SCIM. Thank you in advance for your attention and help! Yours sincerely, Alex MoiseevalexstrangeJan 21, 2025Copper Contributor327Views0likes2CommentsAVS LAB: Deploying AVS and Routing Internet Traffic via Hub Azure Firewall in Azure Virtual WAN Hub
LAB Overview: AVS (Azure VMware Solution) is a Microsoft Azure service that enables organizations to run VMware workloads natively on Azure infrastructure. It provides a seamless and fully managed platform to migrate, extend, or modernize VMware-based environments while taking advantage of Azure's scalability, global reach, and integrated services. AVS can be integrated to your on-premises and azure native environments. Here in this lab, I am going to show how AVS can be connected with Azure Virtual WAN (Hub and spoke topology). Pre-requisite Set up azure native component which needed to be integrated with AVS. Here I have deployed an Azure Virtual WAN (Hub and spoke topology) which has the components below. Virtual WAN – Standard SKU A Hub Virtual Network connection to Jump Server VNet Point to Site VPN in hub (Connected to personal laptop represents on-premise connectivity) Express route gateway in hub A hub firewall deployed in hub Create AVS Private cloud Goto Azure Portal and Navigate to Azure VMware solution and provide details as below: Wait around 5 hours and your private cloud will be ready. Once ready navigate to overview page and see the CIDR subnet distribution as shown below Create Express route connectivity to azure native environment Go to your AVS-->Manage-->Connectivity-->ExpressRoute Generate Authentication Key Note the express route auth key and ID, which needed to be provided while connecting express route circuit with express gateway deployed in Azure Infrastructure. Go to Express route deployed in VWAN and Redeem the auth key Login to jump server and check connectivity. You should be able to reach vcenter and nsx URL from both vpn and azure vnet environments. Deploy DHCP, Network segments and VM Got to AVS-->Workload Networking-->DHCP Add DHCP and provide IP and save Got to AVS-->Workload Networking-->Segments Add segment by providing name and gateway IP Now deploy a test vm in VMware, there are multiple way to deploy VM I have deployed a Linux VM using OVF deployment option. You can choose any method to deploy VM. After that login to test VM Your VM must be assigned with an IP address from the range you have defined for your segment. But if you try to reach out to internet you won’t be able to do it as we did not provide internet connectivity. Route Traffic to Azure Hub Firewall in Virtual WAN There are three primary patterns to create outbound access to the Internet from Azure VMware Solution and to enable inbound Internet access to resources on your Azure VMware Solution private cloud. Internet Service hosted in Azure Azure VMware Solution Managed SNAT Azure Public IPv4 address to NSX Data Center Edge Your requirements for security controls, visibility, capacity, and operations drive the selection of the appropriate method for delivery of Internet access to the Azure VMware Solution private cloud. I am sending internet traffic to azure hub firewall (Internet Service hosted in Azure) as some times this would be a use case. Other methods are easy to deploy and routing internet traffic to azure is having more process. That is the reason I am showing it in demo. In order to send traffic to hub firewall, follow below process Define default route in hub (0.0.0.0-->Firewall). This can be done by either defining the route manually or using below option >hub1-->Routing-->Routing Intent and Routing Policies You can see and edit the associated and propagated connection by looking into default route table settings. >hub1-->Routing-->Route Tables Then verify whether routes are showing properly in route table >hub1-->Routing-->Effective Routes Now you need to do a very important step, by default express route doesn’t propagate default route. you need to explicitly change the below setting so that express route can propagate default route. Now you can see default routes are propagated to T0 gateway in AVS. Use below path to download routing and forwarding table of T0 gateway. Now you will be able to reach out internet Note Deploying AVS and integrating it with Azure and on-premises environment involves multiple steps and routing complexities. You should be very careful with routing as integrating hybrid and cloud environments together bring additional complexity to routing. There could be chance of unnecessary route propagation which can be restricted using route filters. Thank you!!Aaida_AboobakkarJan 21, 2025Microsoft56Views0likes0CommentsHas anyone implemented the DORA metrics on top of Azure Devops Services?
We use Azure DevOps Server 2020 on-prem. Specifically, Azure Git Repos and Azure Pipelines. Now we would like to collect the DORA metrics, but first would like to check if anyone using Azure DevOps has done it already. Maybe there is an extension that helps implement it. Maybe 3rd party integration. In general, sharing your experience with DORA metrics and Azure DevOps may be very valuable. Thank you.markkharitonovJan 20, 2025Copper Contributor23KViews0likes11Comments
Resources
Tags
- azure2,220 Topics
- Azure DevOps1,384 Topics
- Data & Storage379 Topics
- Networking224 Topics
- Azure Friday220 Topics
- App Services196 Topics
- blockchain168 Topics
- devops150 Topics
- Security & Compliance138 Topics
- Analytics130 Topics