PowerShell test scripts for retrieving messages from O365
Basic script to test authentication using an app registration to retrieve the last message in an inbox using Graph API. Note these are targeting the GCC-High (Government) endpoints. Basic script to test authentication using an app registration to retrieve the last message in an inbox using the deprecated office APIs. Note these are targeting the…
OAuth 2.0 Support for IMAP and POP3
In the recent months, Exchange online deprecated basic authentication with the IMAP and POP3 protocols requiring the switch to OAuth 2.0 authentication for the two protocols. Here’s a sample application demonstrating methods of authenticating with OAuth and IMAP/POP3 with an interactive login. The code utilizes a library called MailKit which manages creating the authentication wrapper.…
Access Azure Government with VS Code Azure Extension
Here are the steps to access Azure Government resources from VS Code. If you experience issues even after setting these setting I’d recommend capturing a Fiddler trace to inspect the URLs being accessed. 1. Open VS Code and Press Ctrl-Shift-P to pull up the command pallet and search for Sign In to Azure Cloud 2.…
Azure PowerShell Functions in Azure Government
When working with services in Azure Government, often times Azure Government endpoints have to be specified as the defaults for Azure CLI, PowerShell, the Azure SDKs, ect all will default to use the commercial endpoints. This is the same for Azure Functions. To run Azure PowerShell functions to execute the AZ commandlets add the -Environment…
Creating Certificate Bundles for Application Gateway
There are certain clients that still require a full certificate chain as they may return certificate errors. Certain web servers like IIS can build the chain while others may not serve the full certificate chain in the Server Certificate exchange. Here’s a step-by-step process going through how to detect if this is an issue and…
Querying Resources in Azure Graph
I had a customer reach out requesting how to query all certificates across all subs and figure out when they are expiring. Using Azure Resource Graph I came up with the query below that searches for all app services, find the bindings, and matches those apps up with the Microsoft.web/certificate object. Azure Graph is a…
Root Certificates on Windows
I’m far from a PKI expert so I won’t be going into much detail as a lot of information around certificates can be found through a web search. I spent a considerable amount of time debugging an issue related to certificates and the trusted root store on Windows and I didn’t find much documentation discussing…
Exporting an App Service Certificate from Azure Key Vault to use elsewhere
Download the certificate from the Key Vault hosting the App Service Certificate. Double click on the exported PFX downloaded from Keyvault onto your Windows Machine. Navigate through the prompts on the screen, leaving the Password blank and marking the key as exportable Whever the cert was installed ie Personal store -> Right click on the…
Using MSI to call another Web/Function App
I see this question come up every so often around how to call another function or web app with MSI that is configured to use the built in Authentication. The steps to setting up the authentication and authorization can be found in steps 1-3 of this previous blog. The UX has since changed so I…
App Service Network Troubleshooting
My basic process behind debugging any sort of networking issue is to reduce the complexity of the issue and walk up the basic network stack. Often times we overlook a basic problem such as DNS resolution issues or the incorrect reference in code that can cause hours, days, or weeks going down a rabbit hole.…