Trond Jakob Sjøvang

Get all members from nested group and add to a new group

November 26, 2018

This probably takes a bit of explanation. My use case is the following: I wish to expose an internal Wiki outside the corporate network. To accomplish this I use an Azure AD Application Proxy. I also wish to restrict who has access to the application proxy and enforce multifactor authentication. This is easily accomplished by setting “User assignment required” in properties and adding a Conditional Access-policy. However. A really weird drawback in Azure AD is lack of support for nested groups. ...

Static Website Hosting With Azure and Hugo

August 30, 2018

Earlier this summer Microsoft announced Static Website Hosting for Azure Storage in public preview. An affordable way of hosting websites where you don’t need any server side logic. Instead of paying for, securing and updating my own Virtual Machine I decided to check it out. This of course led me deep down a rabbit hole thinking about resurrection my personal website in some way. Instead of doing this the boring way and just upload some good, old fashioned, HTML I thought why not #RubDevOpsOnIt and use a build pipeline in Visual Studio Team Services and a static site generator to create something cool? ...

Nordmøre Panorama

April 9, 2018

Panoramic view of the coastline from Tustna to Grip. Shot from Hallarøya

Hallarøya

April 4, 2018

Change size for Virtual Machines in availability set

October 27, 2017

To change VM Size when your virtual machines are part of an availability set can be a pain in the Azure Portal. Especially if the new size you want is not available on your current cluster and the resources have to be moved as well.

The entire process is a lot easier to do with powershell

...

Find Users without a Manager in Active Directory

September 29, 2017

Get-ADUser -SearchBase "ou=users,dc=contoso,dc=com" -Filter * -Properties Name, EmployeeNumber, UserPrincipalName, Manager | where {$_.Manager -eq $null} | ft Name, EmployeeNumber, UserPrincipalName, Manager

Because “Manager” being an extended attribute in Active Directory you can’t use -Filter {Manager -notlike “*“} like you would with basic attributes

Delete a tree of protected objects in Active Directory

September 22, 2017

To delete an entire tree structure with objects (typically Organizational Units) with the flag “ProtectedFromAccidentialDeletion” we first need to remove the flag. We can then select the top node and delete the entire tree. Needless to say, you should probably use this with caution. If you don’t want to remove the protection from every OU in the specified SearchBase you need to split up and run the command multiple times with different values for the SearchBase-argument ...

Find password expiration date for users in Active Directory

July 17, 2017

Get-ADUser -Filter "*" -SearchBase "ou=Users,dc=contoso,dc=com" -Properties "DisplayName", "msDS-UserPasswordExpiryTimeComputed" |
    Select-Object -Property "Displayname",@{Name="ExpiryDate";Expression={[datetime]::FromFileTime($_."msDS-UserPasswordExpiryTimeComputed")}}

Certificates with Ansible, Letsencrypt and Cloudflare

December 2, 2016

This is an old example (albeit with a few updates) on how to use Ansible’s ACME-module to generate free certificates and validated them with a DNS record.

The example use Cloudflare for DNS, but any provider with an ansible module works.

To use the example, add your own email, api token and domain name to variables. To receive a certificate with an actual trusted root, change ACME Directory to https://acme-v02.api.letsencrypt.org/directory

...

Beach Day

January 10, 2016

Only 30 minutes driving east from Puerto Escondido you’ll find Tierra Blanca. There’s a restaurant right next to the road, but walk 5 minutes along the beach and you’ll be all by yourself. Pretty much the defintion of a perfect beach day.