Create a user delegated permission and an application permission with the same name in Azure Active Directory

For a training we are delivering I tried to create a little sample where I show how to create an API and protect it with our Microsoft Identity Platform. We have 2 kind of permissions we can support with our consent and permissions framework. User delegated permissions and application permissions. This is what we use for MS Graph as well. User delegated permissions are used if you want to grant the app running the permissions in name of the user.

Little update about my job after 8 months

End of June our fiscal year ended. After a lot of travel this month I finally had some time to spend time with my family. My mom is visiting and was able to watch my daughter Lisa so my wife could join me in Washington, where I was for Identiverse and later travel to visit friends near New York. June was the heaviest travel month for me so far. I spend 2 nights at home.

Configure Domain_hint in asp.net core

This took me way to much time to figure out since there is a ton of old information on the internet. I wanted to change the default behavior when people are logging in to my ASP.NET Core website using Azure Active Directory (or Microsoft Identity Platform). After some searching I figured out how to change this setting. You have to add the following piece of code to the ConfigureService method in your Startup.

Switching to Google Fi

Last week I switched all the mobile lines of my family to Google Fi. We had t-mobile for some time but I wanted to try and see how Google Fi works. Since I am going to travel a bit for work, I was looking for a new phone which could work at least a working day without charging and gives me great coverage. I also wanted a plan with works great when abroad.

What to pack for business travel?

For my new job, I need to travel a lot again. So instead of giving tips on how to fold your underwear so you can travel 3 weeks with only carry-on, I will share some of the stuff I take with me during travel. Since I will be delivering presentations, demo’s and give training I travel with at least 2 laptops. In case 1 stops working, but also to have 1 ready to download stuff you might need to recover the other device in case you get a corrupt OS or something like that.

How to detect if your devices are trying to circumvent your pihole

As I described in my previous blog post, you can set up a pi.hole DNS server to optimize your network traffic and your browsing experience. But not every device will be respecting your DHCP DNS settings it seems. Some devices have hardcoded DNS entries and just ignore your settings. Scott Helme wrote on his blog how to redirect those naughty devices and redirect their traffic to your pihole instead. But before we start doing that I was curious to find how many of those devices I actually had on my network.

Installing pihole on your Cloudkey gen2+

The other day I bought myself a Gen2 cloudkey plus from Ubiquiti and replace my old cloudkey. It comes installed with the Unifi SDN and the new Unifi Protect. The device looks really nice and has a little display which shows you information about the applications running on the device. Since I have been playing with pi-hole lately on one of my Raspberry Pi’s, I was wondering if I could install pi-hole on the cloudkey so I would have everything from my network on a central place.

New job in the Azure Identity team

Just posted the email to my colleagues and send an email to our wonderful Windows Development MVPs. Today is my last day in Windows (DEP, developer platform team). I am starting a new job in the Azure Identity organisation in the CxP team. I will be working with developers to evangelize and drive adoption of our Azure Active Directory platform. The full job description is below:  Senior Program Manager Azure Active Directory Premium, B2C The Digital Transformation era is upon us!

Adding FlightRadar24 feed to my FlightAware raspberry pi PiAware install

Since a week or so I am running PiAware from FlightAware on 1 of my Raspberries. It’s running fine. Thanks to Chris Johnson I also managed to feed Flightradar24 from the same feed. This are the steps I did on my raspberry through the shell. I don’t run a fancy container solution like Chris does on his setup so I had to steal some configuration and instructions from his github page.

Creating my config.gateway.json provisioning file for my USG

As described in a few previous blog posts I needed to set some configuration through the command line for my USG. But every time you provision the USG the changes will be lost. This can be solved to store the changes in the config.gateway.json file on my cloud key. Since the cloud key is running Ubuntu I can find that file in /usr/lib/unifi/data/sites/default (your site can be named differently, but mine is the default).