Martin Rublik
@martin-rublik.bsky.social
Entra ID, Active Directory, Identity, Cryptography and Computer Security enthusiast.
https://martin.rublik.eu
https://martin.rublik.eu
Pinned
Martin Rublik
@martin-rublik.bsky.social
· Nov 18
I always forget where the powershell history file is saved, gonna post it here so that I can look up every time :)
notepad (Get-PSReadLineOption | select -ExpandProperty historysavepath)
notepad (Get-PSReadLineOption | select -ExpandProperty historysavepath)
Reposted by Martin Rublik
April 27, 2025 at 11:20 PM
some time ago I needed to convert #LDAP distinguished names to canonical names. unfortunately this was a dump not a live look-up from #activedirectory. Thus I wrote a simple #powershell function to convert distinguished name to canonical name.
martin.rublik.eu/2025/03/20/c...
hope that helps.
martin.rublik.eu/2025/03/20/c...
hope that helps.
getting canonical name in Active Directory via PowerShell
Some time ago I wrote a blog post about distinguished names and how to compute a parent in Active Directory using powershell). Today I’m following-up with a simple PowerShell function for translating ...
martin.rublik.eu
March 20, 2025 at 9:29 PM
some time ago I needed to convert #LDAP distinguished names to canonical names. unfortunately this was a dump not a live look-up from #activedirectory. Thus I wrote a simple #powershell function to convert distinguished name to canonical name.
martin.rublik.eu/2025/03/20/c...
hope that helps.
martin.rublik.eu/2025/03/20/c...
hope that helps.
Microsoft is phasing out #MSOL module. Update-MSOLFederatedDomain is one of those and it is used in scenarios where users cannot authenticate into tenant.
I wrote a short blog post on how to perform #entraid federation trust repair with #mggraph. Hope it helps.
martin.rublik.eu/2025/03/17/r...
I wrote a short blog post on how to perform #entraid federation trust repair with #mggraph. Hope it helps.
martin.rublik.eu/2025/03/17/r...
MSOL decommisioning and emergency Entra ID federated domain trust repair
Microsoft typically monitors ADFS federation metadata 35 days before the token signing certificate expires and updates the federation domain settings automatically. However, there are cases where Micr...
martin.rublik.eu
March 18, 2025 at 2:08 PM
Microsoft is phasing out #MSOL module. Update-MSOLFederatedDomain is one of those and it is used in scenarios where users cannot authenticate into tenant.
I wrote a short blog post on how to perform #entraid federation trust repair with #mggraph. Hope it helps.
martin.rublik.eu/2025/03/17/r...
I wrote a short blog post on how to perform #entraid federation trust repair with #mggraph. Hope it helps.
martin.rublik.eu/2025/03/17/r...
Reposted by Martin Rublik
Microsoft Entra just got a new 𝐇𝐞𝐚𝐥𝐭𝐡 𝐀𝐥𝐞𝐫𝐭𝐬 feature with automated alerts for premium tenants (#EntraID P1 or P2) that have at least 100 monthly active users. It looks like a nice addition for orgs that are large enough.
techcommunity.micros... #M365
techcommunity.micros... #M365
Introducing Microsoft Entra Health alerts: An enhancement to tenant health monitoring | Microsoft Community Hub
Improvements to monitoring systems in Microsoft Entra will help enhance tenant health and observability.
techcommunity.microsoft.com
March 11, 2025 at 5:38 PM
Microsoft Entra just got a new 𝐇𝐞𝐚𝐥𝐭𝐡 𝐀𝐥𝐞𝐫𝐭𝐬 feature with automated alerts for premium tenants (#EntraID P1 or P2) that have at least 100 monthly active users. It looks like a nice addition for orgs that are large enough.
techcommunity.micros... #M365
techcommunity.micros... #M365
yay, first (and really small) commit to #microsoftdocs;
github.com/MicrosoftDoc...
it took some time but may be helpful for others. if you find an error do not hesitate to fix, we will benefit all :).
github.com/MicrosoftDoc...
it took some time but may be helpful for others. if you find an error do not hesitate to fix, we will benefit all :).
Update custom-claims-provider-reference.md by martin-rublik · Pull Request #1199 · MicrosoftDocs/entra-docs
Fixing the comment, in the schema the id value represents user's objectid.
github.com
March 7, 2025 at 9:40 AM
yay, first (and really small) commit to #microsoftdocs;
github.com/MicrosoftDoc...
it took some time but may be helpful for others. if you find an error do not hesitate to fix, we will benefit all :).
github.com/MicrosoftDoc...
it took some time but may be helpful for others. if you find an error do not hesitate to fix, we will benefit all :).
Last year, I wrote about #unit #testing #Entra HR-driven provisioning. I've updated the #HRProvisioningTests #PowerShell module to support #Maester. It's still in the early stages, so I’d love to hear your feedback on its usefulness, complexity, and overall usability martin.rublik.eu/2025/01/27/m...
extending HR Provisioning Tests with Maester: A Non-Invasive Approach
Last year, I shared insights on unit testing HR-driven provisioning rules. Initially, this was more of an academic exercise, but it garnered positive feedback and even some requests to integrate the t...
martin.rublik.eu
January 30, 2025 at 7:48 PM
Last year, I wrote about #unit #testing #Entra HR-driven provisioning. I've updated the #HRProvisioningTests #PowerShell module to support #Maester. It's still in the early stages, so I’d love to hear your feedback on its usefulness, complexity, and overall usability martin.rublik.eu/2025/01/27/m...
ever needed to export a private key and cert from linux and import to windows? openssl helps; and if you are using v3 do not forget to disable hmac and use old algos :( -certpbe PBE-SHA1-3DES -keypbe PBE-SHA1-3DES -nomac
January 13, 2025 at 3:43 PM
ever needed to export a private key and cert from linux and import to windows? openssl helps; and if you are using v3 do not forget to disable hmac and use old algos :( -certpbe PBE-SHA1-3DES -keypbe PBE-SHA1-3DES -nomac
Reposted by Martin Rublik
#MicrosoftEntra Attack & Defense Playbook Update:
@samilamppu.bsky.social and I have updated some content:
🔃 #EntraConnect: New capabilities by MDI sensor & XSPM
🎯 #AiTM: Attack scenarios on MDA sessions
🛡️ #MITRE: Updated TTP coverage & map
Check out the latest version:
github.com/Cloud-Archit...
@samilamppu.bsky.social and I have updated some content:
🔃 #EntraConnect: New capabilities by MDI sensor & XSPM
🎯 #AiTM: Attack scenarios on MDA sessions
🛡️ #MITRE: Updated TTP coverage & map
Check out the latest version:
github.com/Cloud-Archit...
GitHub - Cloud-Architekt/AzureAD-Attack-Defense: This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can b...
This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected. - Cloud-Architekt/Azu...
github.com
January 9, 2025 at 8:00 AM
#MicrosoftEntra Attack & Defense Playbook Update:
@samilamppu.bsky.social and I have updated some content:
🔃 #EntraConnect: New capabilities by MDI sensor & XSPM
🎯 #AiTM: Attack scenarios on MDA sessions
🛡️ #MITRE: Updated TTP coverage & map
Check out the latest version:
github.com/Cloud-Archit...
@samilamppu.bsky.social and I have updated some content:
🔃 #EntraConnect: New capabilities by MDI sensor & XSPM
🎯 #AiTM: Attack scenarios on MDA sessions
🛡️ #MITRE: Updated TTP coverage & map
Check out the latest version:
github.com/Cloud-Archit...
Reposted by Martin Rublik
Have you checked out this week's Entra newsletter? 💚 → entra.news/p/entra-n...
Subscribe today to stay on top of all things Microsoft Entra!
Subscribe today to stay on top of all things Microsoft Entra!
December 2, 2024 at 3:03 AM
Have you checked out this week's Entra newsletter? 💚 → entra.news/p/entra-n...
Subscribe today to stay on top of all things Microsoft Entra!
Subscribe today to stay on top of all things Microsoft Entra!
Just a had a quick talk with my colleague and he reminded me about this gem xkcd.com/705/ #sysadmin
Devotion to Duty
xkcd.com
November 27, 2024 at 3:04 PM
Just a had a quick talk with my colleague and he reminded me about this gem xkcd.com/705/ #sysadmin
Reposted by Martin Rublik
If you use SimpleSAMLphp get ready to patch or update on 1st or 2nd December
November 25, 2024 at 8:36 PM
If you use SimpleSAMLphp get ready to patch or update on 1st or 2nd December
Reposted by Martin Rublik
🚀 Update (1.0.4) to my free M365Permissions PS module!
✅ Effortlessly generate detailed 360° reports on permissions across Microsoft 365 resources
🎯 New: -includeFolderLevelPermissions includes ALL folders in targeted mailboxes
www.lieben.nu/liebensraum/...
#PowerShell #Microsoft365 #MSIgnite
✅ Effortlessly generate detailed 360° reports on permissions across Microsoft 365 resources
🎯 New: -includeFolderLevelPermissions includes ALL folders in targeted mailboxes
www.lieben.nu/liebensraum/...
#PowerShell #Microsoft365 #MSIgnite
November 20, 2024 at 10:02 AM
🚀 Update (1.0.4) to my free M365Permissions PS module!
✅ Effortlessly generate detailed 360° reports on permissions across Microsoft 365 resources
🎯 New: -includeFolderLevelPermissions includes ALL folders in targeted mailboxes
www.lieben.nu/liebensraum/...
#PowerShell #Microsoft365 #MSIgnite
✅ Effortlessly generate detailed 360° reports on permissions across Microsoft 365 resources
🎯 New: -includeFolderLevelPermissions includes ALL folders in targeted mailboxes
www.lieben.nu/liebensraum/...
#PowerShell #Microsoft365 #MSIgnite
I always forget where the powershell history file is saved, gonna post it here so that I can look up every time :)
notepad (Get-PSReadLineOption | select -ExpandProperty historysavepath)
notepad (Get-PSReadLineOption | select -ExpandProperty historysavepath)
November 18, 2024 at 1:19 PM
I always forget where the powershell history file is saved, gonna post it here so that I can look up every time :)
notepad (Get-PSReadLineOption | select -ExpandProperty historysavepath)
notepad (Get-PSReadLineOption | select -ExpandProperty historysavepath)
so you are privacy aware and want to use something to #encrypt your data and communications? In past #PGP was used extensively for many use cases. It has many UX, design and protocol flaws and should not be used anymore. This blog post summarizes what you should use today soatok.blog/2024/11/15/w...
What To Use Instead of PGP - Dhole Moments
It’s been more than five years since The PGP Problem was published, and I still hear from people who believe that using PGP (whether GnuPG or another OpenPGP implementation) is a thing they s…
soatok.blog
November 18, 2024 at 12:44 PM
so you are privacy aware and want to use something to #encrypt your data and communications? In past #PGP was used extensively for many use cases. It has many UX, design and protocol flaws and should not be used anymore. This blog post summarizes what you should use today soatok.blog/2024/11/15/w...