Thursday, April 25, 2019

Tips: Azure AD B2B user UserPrincipalName(UPN) update

Issue:

Trying to update the UserPrincipalName (UPN) of B2B user to some public domain email address like siva@gmail.com in Azure AD tenant and results below error message.

Error message - "Property userPrincipalName is invalid"



Solution:

Make sure create/update user UPN with verified domain names in Azure AD tenant.

Thanks
Siva Pokuri.

Monday, March 25, 2019

Service providers and identity providers

Identity federation standards identify two operational roles in an SSO transaction:

  1. Identity provider (IdP)
  2. Service provider (SP).


An IdP, for example, might be an enterprise that manages accounts for a large number of users who may need secure access to the Web-based applications or services of customers, suppliers, and business partners.

An SP might be a SaaS provider or a business-process outsourcing (BPO) vendor wanting to simplify client access to its services.

Identity federation allows both types of organizations to define a trust relationship whereby the SP provides access to users from the IdP.

The IdP continues to manage its users, and the SP trusts the IdP to authenticate them.

Thanks,
Aditya

Sunday, January 20, 2019

Ping Access internet proxy setting to access token provider

Offen this kind of setup needed especially when deploying ping access internally and token provider such as Ping federation/Aure AD in the cloud.

In this kind of set up, secure internet access needed from Ping Access needed in order to register the token provider.

First, register the internet proxy IP and port number (provide credentials if proxy need authentication) in the Ping Access Administration console settings >> networking >> proxies

Next, Add created proxy instance to Administration/replica Administration nodes and all the engine nodes(If in the multinode cluster setup) else if in a standalone setup adding in Primary Administration node is good enough.

Thanks
Siva Pokuri