Some people have had some trouble with the F5 demo I posted about where we can inject additional HEADERS based on an external LDAP store. While this post specifically goes into setting up the LDAP store for that, it can also be used for any Active Directory LDAP deployment. First let’s start with a standard […]
As you might have noticed, the last few posts are all about identity and the so called Secure Hybrid Access solutions. This one fall under that same category and is not sponsored by, but I did get a test account from them…. Active Directory or any identity store is usually used as the primary source […]
In all our previous posts we had the user sign-up flow take control of the actual creation of the user in Azure AD. The problem with that flow is that if we want to add the user to a group or perform other functions on it (like adding additional attributes) we would have to reply […]
Let’s say you have an application that you want your vendors to access. If this application is Azure AD joined you could create a separate account, you could invite them as a guest using their email address, you can even add their domain name as a connected organization, or you could use external identities. That […]
Microsoft is on a quest to remove passwords. While this will be a long journey it is worth the effort. Passwords are weak as people tend to reuse their passwords on various sites and/or websites don’t do enough to protect them. And so, accounts are breached almost on weekly basis, and many passwords are “known” […]