Recently, we ran into a weird permission problem on OneDrive / Sharepoint with a user account we've set up with an email address that was used more than 2 years ago.
For a long time, we've been successfully using Apache and mod_authnz_ldap to secure some of our legacy applications. Our employees could easily log in via their LDAP credentials. And while it worked, it had its problems.
When we made the move to Office 365, it was clear that at some point our old LDAP infrastructure will be fully replaced with Azure Active Directory (AAD) but I haven't had a good replacement for our simple mod_authnz_ldap solution until I realized that Traefik EE comes with an OIDC middleware.
In the process of refactoring an internal tool that connects to the Microsoft Graph API I re-worked the process of retrieving an authentication token that is needed for making a request to the MS Graph API.
While refactoring and upgrading one of our internal tools that is using the MS Graph API, I experimented with several techniques to fake API responses to simulate requests without actually hitting the MS Graph Production API.
Whilst configuring our Office 365 tenant via Powershell, one command failed with a server error. It did not spit out an error code or message, just a generic error message. After trying a few workarounds, I thought, I'd better check if my user has all the permissions needed.