Thursday, January 31, 2013

Friday, January 18, 2013

stackoverflow : The forum double

In cricket, we have the concept of the “all-rounder’s double” for cricketers who have scored 1000 runs and taken 100 wickets or whatever.

So I set myself the “forum double” of 10,000 points on stackoverflow and 1,000 points on the Microsoft .NET Framework Forums. It’s a LOT harder to get points on the Microsoft forum – trust me.

This is completely arbitrary but what the hell.

The stackoverflow goal was achieved a while back (refer previous posts) but I’ve just achieved the Microsoft one.



ADFS : objectGUID as a claim

You may have a business requirement to pass some unique key to the application that is not readily identifiable or editable. There are two possibilities in AD viz. objectSID and objectGUID.

As per SID vs. GUID, objectGUID is the better choice because:

“globally unique identifier (GUID), which is a 128-bit value is unique not only in the enterprise but also across the world”   and
“the values of other object properties can change, but the object-GUID never changes. When an object is assigned a GUID, it keeps that value for life”. 

So you configure the claim in the normal LDAP attribute manner and when you look at the claims, you see: kzGVAByOYki4z7CdR2yecA==
WTF – that ain’t no GUID? The two equal signs at the end would seem to indicate Base64?

Mr. Google to the rescue and viola Issuing objectGUID as an ADFS Claim.

So lets test it out. Couldn’t be bothered to create a VS project just for this so the inestimable LINQPad to the rescue.


And the GUID at the bottom is indeed what is displayed in AD.


Monday, January 07, 2013

ADFS : Forum about to be retired


Refer : This Forum Is to Be Retired.

After a number of posts from people much more knowledgeable and much more influential than me happy to see that the decision was reversed.

Nice one Microsoft!

But I do content myself with the fact that I had a small part to play in all of this!