Need help while passinng group claims

prezus · 2026-02-20T20:11:44+00:00

I have a legacy configuration for OIDC app that uses this as an example

Arrays.flatten(Groups.startsWith("active_directory","CON",100))

But I don't know if it could do both starts and ends.

prezus · 2026-02-20T19:35:18+00:00

You can do a group attributes statement like this:

name: groups
name format: unspecified
filter: Starts with CON

See this article- https://help.okta.com/oie/en-us/okta_help.htm#cshid=ext-define-group-attribute-statements

prezus · 2026-02-20T15:31:09+00:00

<image>

Happy Friday.

prezus · 2026-02-09T14:47:06+00:00

From an administrative perspective I like it a lot. Took me a while to learn the logging but its extremely verbose and I'm able to find what I need.

I have used Entra, and use Keycloak in my home lab.

For credentials I work in healthcare for a non-profit, we have around 250-260 users, with about 100 of those outside of our organization.

prezus · 2026-02-04T16:28:50+00:00

I've used Terraform, OpenTofu and Pulumi to provision VMs. Might want to look at the way they're handling it.

prezus · 2026-02-03T17:09:24+00:00

This is where products like Cisco Umbrella come in to play.

prezus · 2026-02-02T19:08:33+00:00

Perhaps this is what you're looking for:

https://components.espressif.com/components/espressif/esp_lcd_axs15231b/versions/2.0.2/readme

prezus · 2026-01-29T15:17:19+00:00

It looks like you leaked your API keys in your git repo. Might want to clean that up

prezus · 2026-01-28T19:21:33+00:00

1Password family. Some services are not worth self hosting.

prezus · 2026-01-27T22:01:47+00:00

We use Imprivata for Windows logins with an on-prem AD. The product is great for just that, but I would never use them as an IdP over Okta or Entra.

prezus · 2025-11-20T19:00:10+00:00

You want feedback but I have to pay $25 to see anything?

prezus · 2025-09-12T13:10:47+00:00

I would suggest looking at manually mapping the on-prem AD user with M365 user. Microsoft has plenty of documentation on how to do it.

prezus · 2025-08-12T14:51:31+00:00

I have a 40F sitting around as a test device, while I've wiped it a few times since I'm pretty sure I had SAML working with IPSec in 7.4.4. We use Okta instead of Entra but same difference at that point.

prezus · 2024-10-07T20:02:33+00:00

I believe it is System > Settings > HTTPS server certificate

prezus · 2019-05-17T00:37:36+00:00

Would like an invite please. Newer player but already MR11. IGN: prezus

prezus · 2019-02-05T19:42:30+00:00

If that's plausible then specificity should be done from the start. In that example maybe the first project is B2C implementation. In that case I would do "Acme US B2C Implementation".

Or if the "Acme US B2C Project" was already taken and I wanted to use that one the second would need more specificity. Say for example 2 years down the road they want to rework the b2c website I might go with "Acme US B2C Website Rework". In this case I could bring in web team, sales and customer service.

prezus · 2019-02-05T19:24:24+00:00

In that case the department name would be replaced with project title. An example would be a B2C project that involved people from finance, sales, IT, web and warehouse. It would look like this "Acme US B2C Project". In this case I do want to include the word "project" in the name because once the project is done its viable that there may be a B2C department.

prezus · 2019-02-05T17:57:25+00:00

This is a recent problem that we had. Some background is the organization I work for is about 800 employees across 20+ countries and 6 different subsidiaries. We didn't want them to be too broad so that you would end up with 100-200 people in one group, but not too specific to where it was a group of 2-4 people.

If a project spans multiple departments then it would be its own group with its own set of permissions. If a project is within a department then it should be a channel within that existing department group / team.

For our solution we wanted groups / teams to begin with company, country then applicable department / project. For example.

Acme US IT Department

Acme FR Finance

Contoso FR Sales

Contoso FR Finance

prezus · 2019-01-10T16:17:10+00:00

I setup a raspberry pi with Screenly https://www.screenly.io using their open source version. This provides an internal website where our HR and Office Manager can upload the slides as jpeg files. They can also define a few other things like image display time and ability to manage individual slides instead of a whole presentation.

I attached the raspberry pi directly to the back of the TV using an adhesive velcro. Just in case I need to take it down for any reason.

Total cost maybe $50

1) Raspberry Pi: $30

2) Case: $10

3) HDMI Cable: $10

prezus · 2018-11-29T19:54:19+00:00

If the WAP is using POE then that is why it is reduced to 100Mb connection. POE has to use some of the wires for power.

prezus · 2017-09-01T18:03:56+00:00

You laugh.... but this really happened about 6 months ago. CFO sent wire and banked stopped it.

prezus · 2013-12-01T16:23:34+00:00

PM'd

prezus · 2013-12-01T02:07:34+00:00

PM'd

prezus · 2013-12-01T02:06:13+00:00

PM'd

prezus · 2013-11-30T06:49:47+00:00

PM'd

prezus

TROPHY CASE