Tuesday, July 4, 2023

How to create an Azure AD user ?

 In this article, we will explain how to create an Azure AD user via azure portal, azure cli

First with Azure Portal:

Search for Active Directory in the search box as by the screenshots below, then click on Azure Active Directory


In Azure Active Directory, click on +Add then click on  User


 Fill the fields, especially the user-princiapl-name.The user principal name is 2 parts: prefix is like an identifier for the user inside the domain, and the suffix is one of the domains you have added your azure AD



You can choose to auto-generate password. Password will be auto-generated with Azure and you can see what is the password that has been auto-generated. Or you create the password you want. Also, you can force the user to change his password on sign-in for first time

Once you click on the Click the button "Review + Create". It will create the user for you.



To create an AD user via azure cli, use the command:
az ad user create, the required parameters are the user-principal-name and the password
 
az ad user create --display-name 'John TheBlogger' --user-principal-name 'john.blogger@group-club.com' --password 'testpass'




To view the list of azure AD users, use the command:
az ad user list




To delete an Azure Ad user, it is enough to know the id (we can get the id from the list above)

az ad user delete --id 'abc'


We offer services for azure clouds, whether new projects, or support. For more information about our cloud services, please go to the link  https://http-cloud.com/cloud/

You can also contact us by going to https://http-cloud.com/contact-us/

We would like to thank you for reading our blog. Our next blog will be on how to create azure ad users in bulk

Sunday, May 14, 2023

Sandbox versus Honeypot

What is the difference between sandbox and honeypot ?

A sandbox can be used by an enterprise to test softwares. An example of a sandbox, is a PC, isolated from the network , this PC is used to test softwares. If you doubt that a specific software contains malware, you run this software on that PC first, and then you will see the behavior of the software on that PC.

A sandbox is good for zero day malware. Note that zero day malware is a very new malware that does not have yet signatures from antivirus softwares.

A sandbox can also be used for lab and training puproses. By doing this you will protect your environment from any mistake or abnormal behaviour

A honeypot is a device that has security weakness. the device is installed in the network on a purpose. A honeypot is used to trap hackers. A condition for honeypot device, is that it must never be able to access other devices, or to be the road to access other devices. The role of honeypot is to trap hackers. Hackers will think that they took control of a PC in the company, they will try to get info from this PC, and they will try to use it to access other devices in the network. They will waste time, in addition they are exposing their infos (country of origin, IP address, company, purpose of the attack...), so the security team of the entreprise will take the appropriate action such as blocking them on firewall/IPS ...

A honeynet is similar to a honeypot, but it is a network not just one PC.

Would you like to know more about our IT Services? Click here

Thursday, May 11, 2023

aaa Authentication, Authorization, Accounting

The model aaa stands for authentication, authorization and accoutning. In real, they are four not three. There is something called Identification and comes before the authentication. In order to access data or resources, users need to be identified and authenticated.

Identification : by name or username

If someone need to enter a restricted area for a private or public place, the guard or receptionist ask the first question " who are you ?" or "may I know with whom am I talking ?" and so on.... All these questions mean identify yourself

What is the receptionist asking the visitor is his identity, when the visitor replies by introducing himself (example I am Mr. X) or saying his name, he is identifying himself to the receptionist. This is the identification process.

Logging on the a computer, also needs identification. The identification is done when the employee writes his username to login. Whether the username exists or do not exists in the Active Directory, or in the SAM database; that person is identifying himself to the system. If the system recognizes the name, it will go to a further step which is the authentication. If the system didn't recognizes the name, it cannot move to the further step, and the employee will be denied access

Authentication is to prove the identity

Sometimes the receptionist might ask the visitor to see his identity card or his driving license or other ID cards with photos. In other terms the receptionist is asking the visitor, can I see an ID that proves that your are Mr X. This process is called authentication. The receptionist is asking Mr. John to authenticate himself by showing ID card, Mr John authenticated himself by providing the receptionist with his ID card.

Let's talk now about a user logging in to a system .The user will enter first his username, the system he is accessing will look in his database to see if there is a record for this username. What happened here, is that the user identified himself to the system, but the system saw that is user is not in the registered allowed users, so the system rejected this access.

Now let's say the username exists in the list of users, Before allowing access , the system will ask the user "can you proof your identity ? or can you proof that you are the person you are claiming to be ?" Here the username must authenticate himself. One type of authentication is the password. The system has already in his database the password for this user (or a hash for this password, we can talk about it later). If the username enter the correct password, meaning that he entered the password that the system has for this username, then authentication succeeded, and the user is allowed access. The system thinks that this user is not lying about his identity because he entered the correct password. If the user did not enter the correct password, the system will think that this user may not be the person who is claiming to be.

Because each company follow the same standards of username writing, employees can know each others usernames. One common standard is the first letter of the given name with the family name. Another common standard is firstname.lastname and so on...

So an employee can easily guess what is the username for each of the other employees. So a user can identify himself to the system as the general manager (by writing the general manager username), but the system will ask this fake general manager to prove his identity , he must enter the general manager's password. But this password is owned and known only by the general manager. As the bad employee doesn't have the appropriate password, the authentication will fail, and he will be blocked access to the system

Would you like to know more about cloud servcies? Click here