I asked the VMware crew at work when we were going to virtualize our network. This was about 5 years ago. I got basically laughed at for suggesting it. I asked when we were going to adopt Azure AD to ensure us being ready for moving to teams etc. Got insults back with how bad the cloud is.

Guess what two projects are getting finalized now? Glad I left that company. Going to enjoy some nice mellow weed, enjoy my 30 day x-mas vacay and jump fresh at a new position. New upstart with a security maker for the maritime sector. A company that embraces new tech by making it them selfs. New day with aiding in the development of an IoT based solution with cloud support.

Happy holidays peeps.

A bit of backstory...

I have been the sole dev at my organization for awhile now (other two left for other jobs), so I have been maintaing and writing new code to support the business.

Our company was recently acquired by a larger entity and it has been very strange so far.

1. It has taken 5 weeks to acquire local admin rights on my own machine (I work remote) as well as a visual studio license.

2. We have known for a few weeks now we are getting a jr dev who will need the SAME procedures done on his machine/account and it has been two weeks now and nothing has been done. (Tickets have been put it - the issues have been escalated etc etc)

3. All of our code from our old company is in Azure Devops (which is connected to Azure AD) for some reason I haven't been able to add an external account (for my new account and org) to move the code elsewhere. I don't have the authority (I don't think) to place all of our code in a new location (GitHub,GitLab, self hosted solutions, etc)

4. All of our production VMs are billed through our old org located in Azure, so eventually that bill will stop being paid since we transitioned - I've brought this up to my manager (more non technical) who wasn't terribly worried about it.

5. I'm feeling slightly unfulfilled in this position. Earlier in my time here it was new and exciting, but there isn't much direction, not many goals, or interesting problems to solve.

Just wanted to express some issues that had been going on. Feel free to add ant feedback of suggestions 😄

Fucking Power Apps and Automate/Flow:
You want to make an app?, great!
- Easy UI and editor, you can make a decent app in a day
- Best data integration in MS space bar none, connect to anything under the planet no problem.
- Deployment on mobile and desktop instantly and at scale, you better believe it.
- Wanna take from sharepoint, manipulate the data and throw it at XRM, we gothcu.
- Source control? FUCK YOU FOR ASKING GO DIE IN A FIRE.
- Proper permission system, Yep, based on O365 and azure AD
- Just let me get the source code please?: BURN IN HELL MOTHERFUCKER
- Integrated AI, indeed we have it. And chatbot frameworks on top of it, no problem at all
- ...

As a tool it is aimed at non technical people, not by making it beginner friendly, but by making it developer hostile. And whenever you hit a wierd quirk in the editor you wish you could just go edit the source code (WHICH YOU CAN TOTALLY SEE SNIPPETS OF), but you are never allowed to touch it.
I am so very tempted to make a version control layer on top of it myself, scraping it via scripts and doing the reverse on upload, but it will be janky as fuck.

Trying to use authenticate a JWT token from an Azure service, which apparently needs to use Azure AD Identity services (Microsoft Entra ID, Azure AD B2C, pick your poison). I sent a request to our Azure admin. Two days later, I follow up, "Sorry, I forgot...here you go..."
Sends me a (small) screenshot of the some of the properties+GUIDs I need, hoping I don't mess up, still missing a few values.
Me: "I need the instance url, domain, and client secret."
<hour later>
T: "Sorry, I don't understand what those are."
Me: "The login URL. I assume it's the default, but I can't see what you see. Any shot you can give me at least read permissions so I can see the various properties without having to bother you?"
T: "I don't see any URLs, I'll send you the config json, the values you need should be in there."
<10 minutes later, I get a json file, nothing I needed>
<find screenshots of what I'm looking for, send em to T>
Me: "The Endpoints, what URLs do you see when you click Endpoints?"
<20 minutes later, sends me the list of endpoints, exactly what I'm looking for, but still not authenticating the JWT>
Me: "Still not working. Not getting an error, just that the authentication is failing. Don't know if it's the JWT, am I missing a slash, or what. Any way I can get at least read permissions so I don't have to keep bugging you to see certain values?"
T: "What do you need, exactly?"
Me: "I don't know. I don't know if I'm using the right secret key, I can't verify if I'm using the right client id. I feel like I'm guessing trying to make this work."
T: "What exactly are you trying to get working?"
<explain, again, what I'm trying to do>
T: "That's probably not going to work. We don't allow AD authentication from the outside world."
Me: "Yes we do. Microsoft Teams, Outlook, the remote access services. I can log into those services from home using my AD credentials."
T: "Oh yea, I guess we do. I meant what you are trying to do. Azure doesn't allow outside services to authenticate using a JWT. Sorry."

FRACK FRACK FRACK!!

Whew! Putting the flamethrower away.

Thanks devrant for letting me rant.

Fuck ms, fuck azure, fuck azure b2c, fuck azure b2b, fuck azure ad, fuck ms once again, fuck my company that decided to switch from another hell to this hell

Ranting becomes old when your company uses Microsoft ADs for everything!

We're doing single login with Azure AD for a Java-based site. We need to also sync the user changes with a microservice.

Now, here comes the fun part: Microsoft is working on a new API which looks promising, which they recommend to use as they've migrated their resources there. But this new API has SDK for a ton of languages but Java, so that's a no-no. On the other side, the js sdk for the old API is borderline unusable and has no deltas (which we need to sync users), although the new one is pretty good.

As a cherry on the cake, applications created with the old API are not transferrable to the new one, but it is otherwise. This is detailed in a very small section of their labrythinc docs and I'm really hoping that this is true or we're thoroughly screwed.

Alas, Microsoft, you've disappointed me again!

I just like bulding silly things, my ideal devjob would be one where I could just make random junk that makes me smile all day...

Like recently I made an NoSQL database using azure AD. They give you 50000 AD objects free, but I found you could encode all sorts of data in the AD objects variables. So basically I setup a framework that uses Security groups as Collections, AD objects as Documents, and object variables as key pairs.

It's really slow, like roughly 50 queries a minute, but hey. It was fun proving it could be done...

Yeah, that would be my ideal devjob :P that kind of stuff all day

When was the last time you implemented SSO for Azure AD? What technology did you use? SAML or OpenID Connect?

Yo what the actual hell is up with the lack of Azure AD B2C documentation, the error codes are pretty ass too! Had a similar problem many users faced & on stackoverflow everyone had different solutions. My solution wasn't the accepted one and it has 2 upvotes ....2 UPVOTES!!