I need to retrieve all devices in an AzureAD from a background-application which needs to run without user interaction.
My research so far has come up empty, with Graph API as the only option to get the actual data - but doesn't support non-interactive scenarios. :(
Question
Is there a way/API to get all devices in a non-interavtive way?
Research
Graph API:
https://learn.microsoft.com/en-gb/graph/api/intune-devices-manageddevice-get?view=graph-rest-1.0
Does not support non-interactive screnarios, as confirmed in above screenshot from the documentation and the below links:
https://microsoftintune.uservoice.com/forums/291681-ideas/suggestions/18474520-intune-graph-api-should-be-accessible-non-interact
https://social.technet.microsoft.com/Forums/en-US/1636481c-7101-43d4-9f60-e09cdd65b4b0/noninteractive-access-to-intune-api?forum=microsoftintuneprod
MS Graph API - ManagedDevices obtaining Scope
Azure AD Graph API
https://msdn.microsoft.com/Library/Azure/Ad/Graph/api/api-catalog
Not recommended by MS - and doesn't seem to have a way to get devices either.
You can use the following "GET https://graph.microsoft.com/v1.0/devices". This call retrieves the list of device objects registered in the organization.
This call is supported in non-interactive scenarios as well. The application will need one of the following permissions.
Application :
Device.Read.All, Directory.Read.All
You can also check all the operations available in MS Graph for a device object here.
Related
I am using azure-maps API for DWG to GeoJson conversion, where it have started to give below error:
"400 Bad Request:
[{"error":{
"code":"MapsCreatorStorageQuotaExceeded",
"message":"Storage
used by Maps Creator (. Mb) exceeds storage available (.
Mb)."}}]"
Although, I have deleting conversions, datasets and mapData resources, but still facing same issue. What else could be consuming the resources here?
Or is there any way, I can check where the storage is being consumed? As I am not the administrator I can't check that in Admin console. I can only access the APIs using api key.
You can get storage utilization through Creator overview page from Azure Portal.
To know more about Creator, see Manage Azure Maps Creator.
Also, Please see the Creator section in Azure Maps for pricing details.
I am trying to fetch PreferredDataLocation (PDL) for a user from Azure Active Directory.
I used Graph v1.0 but do not receive PDL value in the response:
https://graph.microsoft.com/v1.0/users/{upn}?$select=preferredDataLocation
But when I use Graph Beta, I receive PDL value in the response:
https://graph.microsoft.com/beta/users/{upn}?$select=preferredDataLocation
Does that mean that fetching PDL is not supported in Microsoft Graph v1.0?
I also tried using Microsoft Graph SDK, but there is no property exposed for getting PDL.
Is there a way we can fetch PDL using MS Graph SDK?
The PreferredDataLocation property of a User is only returned/supported by the /beta endpoints. Since the SDKs currently only support the production API, PreferredDataLocation isn't exposed in the object model.
Once this feature makes it into v1.0, subsequent builds of the SDK should include it. If there is an unreasonable delay in a new SDK build, you can also request that it be added. From the SDK docs:
When new features are added to the library
Generation happens as part of a manual process that occurs once a significant change or set of changes has been added to the Graph. This may include:
A new workload comes to v1.0 of Graph (Microsoft Teams, Batching, etc.)
There is a significant addition of functionality (Delta Queries, etc.)
However, this is evaluated on a case-by-case basis. If the library is missing v1.0 Graph functionality that you wish to utilize, please file an issue.
I like that I can use the Logs API (described here: https://cloud.google.com/appengine/docs/java/logs/) to programatically access and display app & request logs as I see fit--it's great.
Now that I'm using Managed VMs on AppEngine you can see on the Admin Console Logs Viewer that there are a ton of additional logs--including in my case a custom log which I found I could include in the viewer (decribed here: https://cloud.google.com/appengine/docs/managed-vms/custom-runtimes#logging).
My question is: Is there any way I can use the Logs API (or other pipelines already built?) to access these logs? My Managed VM module includes several components which could produce logs that I want to view:
App logs -- I can get these! No problem here.
Custom log files created by background processes I kick off in _ah/start (like "my_custom_1.log" in the screenshot)
STDERR & STDOUT from my background processes
Relevant Managed VM logs (e.g. for when an instance was restarted due to bad health... other system events like normal restarts?)
Basically I want "the total picture" at the instance level. Anyone tried to tame Managed VMs in this way with success? I'm not looking forward to rolling my own solution. And I wouldn't even know where to start on the problem of capturing STDERR and STDOUT. Any help appreciated.
There is a difference between App Engine logging and Google Cloud logging. Some of the Managed VM logs go to both, but much of it only goes to cloud logging.
Until recently there was not an API to read Cloud logs, only to write them. However, there is a new v2 beta API: https://cloud.google.com/logging/docs/api/introduction_v2
To do things at an instance level, entries in Cloud logging should have metadata set to denote which VM they came from. Both of these values seem to vary on logs from my VMs:
compute.googleapis.com/resource_name
compute.googleapis.com/resource_id
I want to know if there is an api for java to integrate the data from the site into the myob database like inventory of a customer
The answer depends on which "MYOB database" you are referring to.
"v19" product range: use a JDBC-ODBC bridge.
"EXO": you can use JDBC SQL-Server driver, or use the REST API documented here.
"AccountRight Live" (desktop or cloud): use the REST API documented here.
"Essentials": use the REST API documented here.
"Advanced": use the REST API documented here.
Note that solutions involving JDBC drivers typically require that your site be deployed on the same network as the target company file. If not, you will need an intermediate stage to synchronise or post data.
Http Form adapter serves as an authentication service in my application. I have not implemented any application on the Identity Provider to get user inputs.
Therefore, on successful authentication, SP verifies the user's signature and redirects to the application. At my target Resource, I receive an open token. Is it still possible to utilize the open Token Jar to read the user attributes from OTK?
**Note: ** In Service Provider, I use open token Adapter.
Also, please let me know if there is any other possible way of getting the user attributes other than using the open token adapter/http form adapter.
Thanks.
There are numerous SP Adapters you can choose to use for your last mile integration with your application. The OpenToken Adapter is just one of them. If your application is in Java and you are using the SP OpenToken Adapter, then you would most likely use the Java OpenToken Agent implementation within your application to read the OTK (documented in the Java Integration Kit). If you look at the Add Ons list, there are actually 3 flavors of OTK Agents (.NET, Java and PHP from PingID. Ruby on Rails and Perl are available via respective Open Source repositories).
However, you are not limited to OpenToken Adapters. The Agentless Integration Kit is also very popular for SP/last-mile integration with PingFederate.
Unfortunately, the question is just too open ended for the Stackoverflow format. I would suggest talking to your Ping Identity Solution Architect who can help steer you in the right direction and ask the necessary follow-up questions on your use case.
If understand the question correctly, you desire attributes to be fulfilled that the web application can read and utilize. This starts with the SP Connection configuration. I am going to assume you are using Active Directory and already configured that data source along with the Password Credential Validator (PCV) for the HTML Form IdP Adapter. In the SP Connection you will need to extend the attribute contract to define the values to put into the SAML assertion and then use the Active Directory data source to fulfill the attributes. When the SAML assertion is received by the PingFederate SP role server, the SP Adapter maps the attribute values from the SAML assertion into the OpenToken. When your application receives the OpenToken, it can read the values.