I get email requests every now and then about the inner workings of my EAS MD utility, and if the source is available. Of course the source code is technically speaking available to me, but I’ve never made it public. It’s not that I’ve hidden any dark secrets in it, or the code is so magical that I need to keep it to myself. I’ve tried to help people with their Exchange-related issues, and I have no problems sharing code fragments, but the whole Visual Studio solution ready for compilation has never left my "datacenter".
The response I’ve given so far is a variant of "it’s on my backlog of things to do". Which sounds like a lame excuse for "can’t be bothered"…
Well, I guess I have to force myself into another mode, and move it closer to the top of the list
So, my intent is to actually go open-source with it in the near future. I’ll be pushing it to GitHub as soon as I’ve cleaned up it up a little. The code isn’t that awful (I hope), but I should probably do things like upgrading the .Net version of it as well.
This means you can’t download it right now, but it will be available on this address soon: https://github.com/ahelland/EASMD
One of the components I highlighted as an improvement to the MDM enrollment process in Windows Phone 8.1 was support for Web Authentication Broker (WAB):
Which itself was “ripped” from the Windows 8.1 bits:
At any rate; it is a nice way to hook into Azure Active Directory, and by extension your on-prem AD as well if you’re doing DirSync. (Or ADFS if you are so inclined.) What I used in the MDM process was the .Net server side implementation suitable for browsers.
Unfortunately using WAB natively in Windows Phone was not as easy. Yes, the WAB component is present in the operating system, but it requires some effort to get started with nonetheless. Active Directory Authentication Library, or ADAL for short, was/is the package responsible for making AD integration easier in .Net server side and now it’s finally present for Windows Phone 8.1 as well. Now you can easily use AD as your authentication in your Windows Phone app without problems, without VPN/reverse proxying and all that stuff. Just include the necessary NuGet package in your VS solution and you’re almost there. (Yes, you still need to write some code yourself.)
The funny thing is that this library was available for iOS and Android before Windows Phone even though Active Directory is just about as Microsoft as you get technology wise, but now you should be golden whatever your mobile preference is
Usually I’d whip up some code for you to try this, but in this case I will let the work already done by Vittorio Bertocci illustrate the moving parts instead. There’s a nice code sample over on the official AzureAD GitHub page:
Not to mention a blog post with some more details:
Short post, I know, but useful little trick I hope.
I ran through a setup three weeks ago where I used the “Directory Extensions” preview feature in Azure Active Directory to show how I could store an extra id on the user object and use this attribute in a different web app:
Not feeling entirely done with creating samples I’ll be building another web app showing another scenario where directory extensions might be a useful approach. We’ll extract some data from Office 365 (Exchange Online more specifically), and insert into Azure AD and re-use it.
Exchange Online has this neat feature where you can publish your calendar externally so anyone can check it without being a member of your Active Directory. Actually, it’s not just Office 365 users who get this – Exchange 2013 on-prem can do so as well, but this sample will only explore the clouded version. (You can probably tweak it to work with a local Exchange Server if you like; the differences are probably fairly minor.) I’m not saying there aren’t drawbacks to using this feature, you certainly should not expose all details in your calendar to the general public, but it can be useful in a couple of scenarios and you don’t have to share all the details either.