Nomad version 1.5 comes with Single sign-on (SSO) and OIDC support. As we shifted to an Office 365 environment some time ago, we have been using Entra ID (previously known as Azure Active Directory) as our primary SSO solution whenever possible.
Recently, we ran into a weird permission problem on OneDrive / Sharepoint with a user account we've set up with an email address that was used more than 2 years ago.
For a long time, we've been successfully using Apache and mod_authnz_ldap to secure some of our legacy applications. Our employees could easily log in via their LDAP credentials. And while it worked, it had its problems.
When we made the move to Office 365, it was clear that at some point our old LDAP infrastructure will be fully replaced with Azure Active Directory (AAD) but I haven't had a good replacement for our simple mod_authnz_ldap solution until I realized that Traefik EE comes with an OIDC middleware.
In the process of refactoring an internal tool that connects to the Microsoft Graph API I re-worked the process of retrieving an authentication token that is needed for making a request to the MS Graph API.
We decided that we will still work on a remote basis after the pandemic. Still, we keep our offices in Mannheim and Bucharest for our team to meet in case it makes sense. Thanks to Office 365 our employees can book workspaces in a similar fashion as booking a conference room for a meeting.
While refactoring and upgrading one of our internal tools that is using the MS Graph API, I experimented with several techniques to fake API responses to simulate requests without actually hitting the MS Graph Production API.
Whilst configuring our Office 365 tenant via Powershell, one command failed with a server error. It did not spit out an error code or message, just a generic error message. After trying a few workarounds, I thought, I'd better check if my user has all the permissions needed.