32 C
Dubai
Sunday, April 27, 2025
Home Blog Page 13

Local Admin Password Solutions

Dinesh D P
-
0
Local Admin Password Solutions

This document provides a brief explanation on how to create a Local admin password solutions (LAPS) Policy in Azure or Intune enrolled Windows 10/11 Devices.

LAPS policies provide the configuration and allow for Active Directory only joined windows machines to continue to store the credential in their directory but for Intune and Azure AD only joined devices the password can be stored within Azure Active Directory.

Prerequisites

>Devices should be enabled with Local Admin or built-in Administrator account.

>Autopilot enrolled devices Create Local Admin Using Intune

>Devices should be enrolled in Azure AD or Intune.

>Devices should be updated with April 2023 Cumulative Update.

Enable Local Admin Password Settings

Navigate to > portal.azure.com / Azure Active Directory

Create Windows LAPS Policy

Navigate to > endpoint.microsoft.com

Local Administrator Password Recovery

Navigate to > endpoint.microsoft.com

Deploy Spring boot App in Azure App Service with Azure DevOps

Satheshwaran Manoharan
-
0
Deploy Spring boot App in Azure App Service with Azure DevOps

In this requirement. We are using CI / CD from Azure DevOps using Azure Repos and YAML files and creating an artifact, and deploying Java Spring Boot on Azure App Service using Azure DevOps Releases.

Good to know – CI/CD are Continuous Integration, Continuous Delivery, and Continuous Deployment.

Pipelines are integrated with Azure Repo for CI / CD and are deployed to Dev (Azure App Service ) from develop branch, where they can be tested. If it gets approved (Approval Gates), it will be deployed to the Production App Service after testing. Otherwise, the change can be rejected.

I ran the Java Spring boot locally using Extension Pack for Java, which went through successfully.

.

I have installed Eclipse as requested by Visual Studio Code

.

Run the AppApplication.java sits inside the controller folder.

.

.

Whatever port was declared in application.yaml file , its comes up in the localhost

.

Confirmed the site is online and coming up locally.

.

Repo stored Azure Repos / azure-pipelines.yaml is stored in Develop branch.

.

# YAML Pipeline - Azure DevOps
trigger:
  branches:
    include:
    - main
    - develop

pool:
  vmImage: 'Ubuntu-latest'

steps:
- task: Maven@3
  inputs:
    mavenPomFile: 'pom.xml'
    mavenOptions: '-Xmx3072m'
    javaHomeOption: 'JDKVersion'
    jdkVersionOption: '1.8'
    jdkArchitectureOption: 'x64'
    publishJUnitResults: false
    testResultsFiles: '**/surefire-reports/TEST-*.xml'
    goals: 'package'
- task: CopyFiles@2
  displayName: 'Copy Files to artifact staging directory'
  inputs:
    SourceFolder: '$(System.DefaultWorkingDirectory)'
    Contents: '**/target/*.?(war|jar)'
    TargetFolder: $(Build.ArtifactStagingDirectory)
- task: PublishBuildArtifacts@1
  inputs:
    pathToPublish: $(Build.ArtifactStagingDirectory)
    artifactName: SampleSpringBootBuild
.

As you see, the YAML is set to create an Artifact named SampleSpringBootBuild.
Now let’s use the artifact and deploy it to App Service.

Now lets create a pipeline using existing Azure Pipelines YAML file

.

Now Pipelines is running as expected.

.

Now let’s create a release pipeline to deploy the artifact to App Service.

.

Now create a Dev Stage to deploy the jar file, which is the artifact/package that needs to be pushed to Azure App Service.

.

Automatic Trigger is Enabled to have Continous CI/CD

.

You can see it’s released successfully to the app service. Using release pipelines

.

Converting PFX File to PEM file using OpenSSL in Windows 10

Satheshwaran Manoharan
-
0
Converting PFX File to PEM file using OpenSSL in Windows 10

I am converting PFX File to .Pem file using OpenSSL in Windows 10.

Some Applications never allow .pfx files to import directly. Running the Ubuntu Bash shell becomes much simpler in Windows 10

In Windows 10, you can have a Linux subsystem. It’s a great feature for sys admins for these sorts of tasks.

Start – Run – Appwiz.cpl – Turn Windows Features on or off.

image
image
image

Note: All Commands and Directory Names are Case Sensitive

List the Drives you can mount –

cd /mnt/

Press TAB to list the Drives.  Mounting F Drive.

cd /mnt/f
image
image

Change Directories get inside c:\cert –

cd /mnt/f/cert/

List Directories –

ls
image

To Export the private key from the Pfx File and Make .PEM file –

openssl pkcs12 -in mycert.pfx -nocerts -out key.pem -nodes
image

To Export Certificate from the Pfx file to .PEM file – 

openssl pkcs12 -in mycert.pfx -nokeys -out cert.pem
image

Remove the Passphrase from Key.Pem File (Optional) –

openssl rsa -in key.pem -out server.key
image

To Export to .crt

openssl pkcs12 -in mycert.pfx -clcerts -nokeys -out mycert.crt

Remove the Passphrase from Key.Pem File (Optional) –

You can see below files  –

Known issues –

Error outputting keys and certificates
805BA41FAD7F0000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:../crypto/evp/evp_fetch.c:349:Global default library context, Algorithm (RC2-40-CBC : 0), Properties ()

openssl pkcs12 -in mycert.pfx -nokeys -out cert.pem -legacy

Web Filtering using Defender for Endpoint

Dinesh D P
-
0
Web Filtering using Defender for Endpoint

A Web-filtering solution for Azure AD & Intune joined devices, Secure on-premises organization devices without using third-party firewalls and a robust solution for Work Form Home devices.

Go to => security.microsoft.com

Turn on web content filtering

Navigate to /Setting/Endpoints/Advanced features & Turn on web content filtering features

Creating a web filtering policy

Navigate to /Settings/Endpoints/Web content filtering & Add items

Filter Response Check

Manage Migration – Legacy MFA

Dinesh D P
-
0
Manage Migration – Legacy MFA

Azure Active Directory (Azure AD) allows the use of a range of authentication methods to support a wide variety of sign-in scenarios. Administrators can specifically configure each method to meet their goals for user experience and security. This topic explains how to manage authentication methods for Azure AD, and how configuration options affect user sign-in and password reset scenarios.

On September 30th, 2024, the legacy multifactor authentication and self-service password reset policies will be deprecated.

Navigation

Set Migration to In Progress

Enabling Authentication               

Disable Legacy MFA

Navigate to Active Directory / Users

Navigate to Azure Active Directory / Password Reset

Complete the Migration

Azure AD Connect Interactive Auth Error

Satheshwaran Manoharan
-
0
Azure AD Connect Interactive Auth Error

Unable to validate credentials due to an unexpected error. Restart Azure AD Connect with the /
InteractiveAuth option to further diagnose this issue. (extendedMessage: There was an error
parsing WS-Trust response from the endpoint. This may occur if there is an issue

ADFS configuration. See https://aka.ms/msal-net-iwa- troubleshooting for more detail
Message: Federated service at https://autologon.microsoftazuread-sso.com/evernet.com.sg/
‘winauth/trust/2005/usernamemixed2client-request-id=c948ad65-af36-404e-81e3-
dT7b3eccdfeb returned error: Authentication Failure | Federated service at https://
autologon.microsoftazuread-sso.com/evernet.com.sg/winauthy/trust/2005/usernamenmixed?
client-request-id=c943ad65-af36-404e-81e3-d77b3eccafeb returned error: Authenti

Failure) Learn more

AzureADConnect.exe /InteractiveAuth

1...121314...113Page 13 of 113

EDITOR PICKS

POPULAR POSTS

POPULAR CATEGORY

ABOUT ME

Satheshwaran Manoharan - Microsoft MVP - Award-winning Technology Leader with a wealth of experience running large teams and diversified industry exposure in cloud computing. From shipping lines to rolling stocks.In-depth expertise in driving cloud adoption strategies and modernizing systems to cloud native. Specialized in Microsoft Cloud, DevOps, and Microsoft 365 Stack and conducted numerous successful projects worldwide. Also, Acting as a Technical Advisor for various start-ups.

Contact : Info@Azure365Pro.com

FOLLOW US

© Azure365Pro.com

× How can I help you?