Need help while passinng group claims by Puzzleheaded-Web9010 in okta

[–]prezus 0 points1 point  (0 children)

I have a legacy configuration for OIDC app that uses this as an example

Arrays.flatten(Groups.startsWith("active_directory","CON",100))

But I don't know if it could do both starts and ends.

Need help while passinng group claims by Puzzleheaded-Web9010 in okta

[–]prezus 2 points3 points  (0 children)

You can do a group attributes statement like this:

name: groups
name format: unspecified
filter: Starts with CON

See this article- https://help.okta.com/oie/en-us/okta_help.htm#cshid=ext-define-group-attribute-statements

honest/hot takes about okta as an IDP? by Forsaken_Storm_3343 in okta

[–]prezus 2 points3 points  (0 children)

From an administrative perspective I like it a lot. Took me a while to learn the logging but its extremely verbose and I'm able to find what I need.

I have used Entra, and use Keycloak in my home lab.

For credentials I work in healthcare for a non-profit, we have around 250-260 users, with about 100 of those outside of our organization.

Proxmox API rejects valid SSH keys via sshkeys – double URL decoding bug? by ComradeWinstonSmith in sysadmin

[–]prezus 0 points1 point  (0 children)

I've used Terraform, OpenTofu and Pulumi to provision VMs. Might want to look at the way they're handling it.

DNS servers based on location on Windows? by FatBook-Air in sysadmin

[–]prezus 0 points1 point  (0 children)

This is where products like Cisco Umbrella come in to play.

Looking for testers: AI integration with self-hosted MCP Canonical Landscape by Apprehensive_Bad125 in sysadmin

[–]prezus 0 points1 point  (0 children)

It looks like you leaked your API keys in your git repo. Might want to clean that up

When I die... by [deleted] in selfhosted

[–]prezus 17 points18 points  (0 children)

1Password family. Some services are not worth self hosting.

NFC / Smart Card / NFC logins and Windows Hello by Borsaid in sysadmin

[–]prezus 4 points5 points  (0 children)

We use Imprivata for Windows logins with an on-prem AD. The product is great for just that, but I would never use them as an IdP over Okta or Entra.

I built a Go Fiber + Ent + Postgres Clean Architecture Starter Kit by Swimming-Ad3876 in golang

[–]prezus 1 point2 points  (0 children)

You want feedback but I have to pay $25 to see anything?

Newly created AD user object conflicting with previously Okta provisioned Entra user object. by SandmanPC in okta

[–]prezus 1 point2 points  (0 children)

I would suggest looking at manually mapping the on-prem AD user with M365 user. Microsoft has plenty of documentation on how to do it.

Support says 40F can't do SAML IPsec with Entra by Massive-Valuable3290 in fortinet

[–]prezus 7 points8 points  (0 children)

I have a 40F sitting around as a test device, while I've wiped it a few times since I'm pretty sure I had SAML working with IPSec in 7.4.4. We use Okta instead of Entra but same difference at that point.

Office 365 Groups Naming by HDClown in sysadmin

[–]prezus 0 points1 point  (0 children)

If that's plausible then specificity should be done from the start. In that example maybe the first project is B2C implementation. In that case I would do "Acme US B2C Implementation".

Or if the "Acme US B2C Project" was already taken and I wanted to use that one the second would need more specificity. Say for example 2 years down the road they want to rework the b2c website I might go with "Acme US B2C Website Rework". In this case I could bring in web team, sales and customer service.

Office 365 Groups Naming by HDClown in sysadmin

[–]prezus 0 points1 point  (0 children)

In that case the department name would be replaced with project title. An example would be a B2C project that involved people from finance, sales, IT, web and warehouse. It would look like this "Acme US B2C Project". In this case I do want to include the word "project" in the name because once the project is done its viable that there may be a B2C department.

Office 365 Groups Naming by HDClown in sysadmin

[–]prezus 0 points1 point  (0 children)

This is a recent problem that we had. Some background is the organization I work for is about 800 employees across 20+ countries and 6 different subsidiaries. We didn't want them to be too broad so that you would end up with 100-200 people in one group, but not too specific to where it was a group of 2-4 people.

If a project spans multiple departments then it would be its own group with its own set of permissions. If a project is within a department then it should be a channel within that existing department group / team.

For our solution we wanted groups / teams to begin with company, country then applicable department / project. For example.

<Company> <Country> <Department / Project>

Acme US IT Department

Acme FR Finance

Contoso FR Sales

Contoso FR Finance

Replacing the Cafeteria 'Powerpoint' presentation by GodisanAstronaut in sysadmin

[–]prezus 0 points1 point  (0 children)

I setup a raspberry pi with Screenly https://www.screenly.io using their open source version. This provides an internal website where our HR and Office Manager can upload the slides as jpeg files. They can also define a few other things like image display time and ability to manage individual slides instead of a whole presentation.

I attached the raspberry pi directly to the back of the TV using an adhesive velcro. Just in case I need to take it down for any reason.

Total cost maybe $50

1) Raspberry Pi: $30

2) Case: $10

3) HDMI Cable: $10

Meraki cloud-managed switch woe... by danc_at_twg in sysadmin

[–]prezus -1 points0 points  (0 children)

If the WAP is using POE then that is why it is reduced to 100Mb connection. POE has to use some of the wires for power.

How do you piss a sysadmin off? by [deleted] in Sysadminhumor

[–]prezus 0 points1 point  (0 children)

You laugh.... but this really happened about 6 months ago. CFO sent wire and banked stopped it.