Friday, March 08, 2019

AD : Domain Controller password policy

Every now and then you get an error:

"Unable to update the password. The value provided for the new password does not meet the length, complexity, or history requirements of the domain."

So you need to find out the allowed length in the password policy.

An easy way to do this is to run:

secpol.msc



Other reasons for this message are that you have already changed your password in the last 24 hours or that you have reused a password that you used in the last 24 passwords.

Enjoy!

Wednesday, February 27, 2019

IdentityServer: IResourceOwnerPasswordValidator

I was looking at idsrv4 and how to integrate it with a custom user store. In this case it was SQL Server.

idsrv4 uses .NET Core 2.2 but a lot of the samples I found were for earlier versions of .Net Core.

Some of the samples used IUserService but I couldn't find that.

So Mr Google to the rescue.

e.g.

https://stackoverflow.com/questions/35304038/identityserver4-register-userservice-and-get-users-from-database-in-asp-net-core

"In IdentityServer4. IUserService is not available anymore, now you have to use IResourceOwnerPasswordValidator to do the authentication and to use IProfileService to get the claims."

The problem I have with this is that Resource Owner Password is not just a random method name. It's the name of an OAuth flow! Most people don't realise this.

My client used implicit flow. Using IResourceOwnerPasswordValidator makes no sense.

So  you can just use a controller to authenticate the user like the AccountController.

Enjoy!

Tuesday, January 29, 2019

Azure : Web API - The requested resource does not support http method 'GET'

I was running a web API on Azure and doing a POST.

The full error is:

{
    "Message": "The requested resource does not support http method 'GET'."
}

That's weird because the method is decorated with  [HttpPost] and I was doing a POST.

Then I noticed that I was calling Azure with a http connection.

Changing to https fixed the issue.

Enjoy!