I was spending some time today (finally) looking at how to get what I really consider the baseline functionality of claims – apps, users and roles – all working together with one of my Azure AD apps. Azure has been pushing out pieces of an RBAC-based infrastructure for a few months now, and I wanted…
Year: 2015
Why I’m Leaving Microsoft…and Starting SamlMan
As I’m sure some of you noticed last week, I switched over all of my blogs from the former Share-n-Dipity site on TechNet to the new Share-n-Dipity site here on WordPress.Com. While there’s obvious aesthetic advantages to doing that (long time readers I’m sure know exactly how much I hated the formatting on the old…
Using Azure AD as an Identity Provider with ADFS for SharePoint 2013
I had someone ask me about this topic a couple times in the last few weeks so I decided it was time to spin up another blog post. The question is about how you can connect your on premises SharePoint farm to Azure Active Directory (AAD) using ADFS. Now I had blogged about how to…
Bug Alert for April CU and Migrating Users
Just heard about a nasty little bug in the April CU from my friend Syed. He was using the SPWebApplication.MigrateUsers method to migrate accounts from one claim value to another (i.e. like if you were migrating from Windows claims to SAML claims, or in his case, changing identity claim values). Turns out after doing the…
How To Delete An App You Consented to in Azure AD
In many ways this is a companion piece to the post I just published on solving an issue with multi-tenant applications in Azure AD: "The Account Needs to be Added as an External User in the Tenant with Azure AD Apps". This is actually a question I see come up fairly frequently, and one that…
The Account Needs to be Added as an External User in the Tenant with Azure AD Apps
This is an error I see pop up in various discussions forums every now and then and tracking it down can be somewhat difficult. I had this happen recently in a scenario that I think probably is or will be one of the more common scenarios so I figured I'd write it up here. In…
Fixing the Provided App differs from Another App with the Same Version and Product ID Error in Office 365
I started hitting this little gem of an error recently and was ready to pull out the little remaining hair I had, when a very kind Program Manager named Jim S. told me how to fix it. The scenario is something like this: you install an App for SharePoint in Office 365. You make some…
OneDriveBrowser and o365 APIs with A Custom Persistent Store for ADAL Token Cache
In this post I’m going to briefly cover a custom token cache that I wrote for use with ADAL. The implementation itself is pretty straightforward from a coding perspective so I will just highlight a few of the basics. What has been less clear up to this point is the “right way” to use it…
Signout With SharePoint 2013 and SAML
Today's topic is one for which I deserve zero credit, I'm just putting out info that one of our crack engineers, Chad Ray, managed to dig up. I wanted to publish it here because I've worked with and talked to so many folks in the past who have struggled with getting a truly complete signout…
Using the o365 APIs and ADAL to Send Email from an Unattended Process
UPDATE: We just posted a blog on a new and better way to do this! Check out the blog post at http://blogs.msdn.com/b/exchangedev/archive/2015/01/22/building-demon-or-service-apps-with-office-365-mail-calendar-and-contacts-apis-oauth2-client-credential-flow.aspx and use that method going forward. One of the things you frequently want to do in your custom applications is send out emails. Historically this could be solved by using an SMTP server…