Posted on

Register a web application with Azure AD Portal App Registration to connect to a Microsoft 365 tenant

PowerShell Limits

Through Powershell it is possible to connect to a Microsoft 365 tenant to perform operations on users, groups and any other element of the tenant. When you use this tool, Powershell presents you with the mask for entering your account and password. You can write accounts and passwords directly in the Powershell script but it would be a serious security compromise.

Application

An alternative is to build a software that connects directly to the Tenant through customized keys present in the Tenant itself. In other words, it is necessary to communicate to the Tenant that there is a certain application that is authorized to access the Tenant. Furthermore, for each operation that you want to perform on the Tenant it is necessary to specify the appropriate permissions. To create these applications, we recommend that you follow the excellent tutorial “.Net Core console application for calling Microsoft Graph“.  This post proposes the images present in the previous tutorial only to specify how the application must be prepared on the Microsoft Tenant.

Register a web application with Azure AD Portal App Registration

Open a browser and navigate to the Azure Portal. Login using your account. Select the resource “Azure Active Directory”. On the left side menu, select “App regitstration”. Click New registration from the current page.

On the Register an application page, specify the following values:

  • Name = Name of your Application
  • Supported account types
  • Redirect URI
    • Type = Web
    • Value = https://localhost:8080   (*)

(*) The Redirect URI value must be unique within your domain. This value can be changed at a later time and does not need to point to a realy hosted URI.

It is now necessary to store 2 values that will be used in your application:

  • Application (client) ID
  • Directory (tenant) ID

Certificates & secrets

Click Certificates & secrets.

  1. Click New client secret.
  2. On the Add a client secret dialog, specify the following values:
    • Description = Your secret’s description
    • Expires = In 1 year (for example)
  3. Click Add.

After the screen has updated with the newly created client secret copy the VALUE of the client secret. This secret string is never shown again, so make sure you copy it now.

API permissions

Click API permissions.

  • Click Add a permission
  • On the Request API permissions panel select Microsoft Graph.

  • Select Application permissions.

Now you have to choose between the permissions to authorize your app. For example, to create an application to read alla information about Tenant’s users, in the “Select permissions” search box type “User”.Select User.Read.All from the filtered list. At the end, on the API permissions content blade, click Grant admin consent for the Tenant.

Summary of the data necessary for the application

Let’s see what data your application needs to connect and operate on the Microsoft Tenant.

  • applicationId = “xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx”;
  • applicationSecret = “xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx”;
  • tenantId = “xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx”;
  • redirectUri = “https://localhost:8080”;
  • domain = “yourtenant.onmicrosoft.com”;

Permissions

  • User.Read.All : Read all users’ full profiles
  • User.ReadWrite.All : Read and write all users’ full profiles
  • Group.ReadWrite.All : Read and write all groups
  • Notes.ReadWrite.All : Read and write all OneNote notebooks

Documentation

Posted on

CS1617: Invalid option ‘6’ for /langversion; must be ISO-1, ISO-2, 3, 4, 5 or Default

Compiler Error CS1617

Invalid option ‘option’ for /langversion. Use ‘/langversion:?’ to list supported values.

For example

Invalid option ‘6’ for /langversion; must be ISO-1, ISO-2, 3, 4, 5 or Default

Solution

Right click on your project and select “Properties” from menu.

Select Build menu and, in the bottom, click on button “Advanced”.

In the next form you don’t have any voice for the field “Language Version”

Select “default”

Done

Posted on

How to check the execution of Microsoft Agent Backup

To check the outcome of Microsoft Azure Backup execution we can take advantage of the fact that, if the backup fails, some events are generated.

Prepare script to send email

Copy and paste the following code in a new file and modify it with your data (mail server, user, password, messages).

$SMTPServer = "YOUR SMTP SERVER"
$SMTPPort = "25"
$Username = "USERNAME TO ACCESS SERVER"
$Password = "PASSWORD"

$to = "Email recipient"
# $cc = "cc email recipient"
$subject = "Error Backup MyServer"
$body = "backup failed"
# $attachment = ""

$message = New-Object System.Net.Mail.MailMessage
$message.subject = $subject
$message.body = $body
$message.to.add($to)
# $message.cc.add($cc)
$message.from = $username
# $message.attachments.add($attachment)

$smtp = New-Object System.Net.Mail.SmtpClient($SMTPServer, $SMTPPort);
$smtp.EnableSSL = $true
$smtp.Credentials = New-Object System.Net.NetworkCredential($Username, $Password);
$smtp.send($message)
write-host "Mail Sent"

Save it as file with extension .ps1

Creating a new Task

  1. Open the Task Scheduler : Control Panel -> Administrative Tools -> Task Scheduler
  2. Right-click the “Task Scheduler Library” branch, and select the New Folder option.
  3. Type a name for the folder. For example, MyTasks.
  4. Expand the “Task Scheduler Library” branch, and select the MyTasks folder.
  5. Click the Action menu.
  6. Select the Create Task option.

Task to check Azure Backup

  1. In the Name field you can write something like “Check Micrososft Agent Backup”.
  2. Click the Triggers tab.
  3. Click the New button.
  4. Use the “Begin the task” drop-down menu to select “On a Event”
  5. Click custom option under the Settings section.

  1. Click the Edit Event Filter… button.
  2. Go the XML tab and at the bottom of the menu press the edit query manually button.
  3. Copy and paste the below XML and OK the changes.
<QueryList>
<Query Id="0" Path="CloudBackup">
<Select Path="CloudBackup">*[System[(Level=1 or Level=2) and (EventID=5 or EventID=10 or EventID=11 or EventID=12 or EventID=13 or EventID=14 or EventID=16 or EventID=18)]]</Select>
</Query>
</QueryList>
  1. Click the Actions tab.
  2. Click the New button.
  3. Browse on the previous powershel script
  4. Clicck OK to save the task

From now on, an email should be sent to you when the backup fails.

Posted on

c# and shadow copy – notes on library AlphaVSS

AlphaVSS

AlphaVSS is a .NET class library providing a managed API for the Volume Shadow Copy Service also known as VSS

Error loading library AlphaVSS.x64.dll

if you have error loading the library probabilly you need to install on the machine the Visual C++ 2017 Redist package.

You can find it at this link

Control shadow copy

To control shadow copy, created using alphavss library, you have to open a command prompt whith administrative priviliges and type

vssadmin

to list your shadow copy you have to type :

vssadmin list shadows