Friday, February 5, 2021

How To Correct Microsoft Azure AD IdP SAML Metadata for Qlik Sense printing module SAML integration

 When uploading Azure AD SAML metadata to a service provider you might get below error message -  

*********************************************************************

SAML xml metadata validation failed with the following error: This is an invalid xsi:type 'http://docs.oasis-open.org/wsfed/federation/200706:SecurityTokenServiceType'” SAML xml metadata validation failed with the following error: This is an invalid xsi:type 'http://docs.oasis-open.org/wsfed/federation/200706:SecurityTokenServiceType'.

****************************************************************************

Quick solution is that to remove <RoleDescriptor section from the metadata file and try to upload the metadata again.

Thanks

Siva Pokuri. 

Tuesday, January 19, 2021

Azure AD Powershell command to query group with DirSyncEnabled attribute

There are times you want to know synched or cloud only groups.

Command to search synched groups - 

Get-AzureADGroup -All $true | where-Object {$_.DirSyncEnabled -eq $TRUE}

Command to search cloud only groups - 

Get-AzureADGroup -All $true | where-Object {$_.DirSyncEnabled -eq $NULL}

Funny enough that DirSyncEnabled attribute contains "TRUE" (if it's synched group) "NULL" (if cloud only)

Thanks

Siva Pokuri.

Wednesday, January 8, 2020

Azure AD B2B & B2C accounts provision to MS Exchange Address Book

Below setting in Azure AD user entry will make the external account visible in Outlook Address book -
  1. Create Azure AD guest account using Graph API invitation URL
  2. Update the user entry by setting "ShowInAddressList" attribute to "true" using Graph User API
  3. Check the email address in Outlook Address Book
Note - This above configuration worked in beta version of graph API.

Thanks
Siva Pokuri.