We have implemented product using several private nugets (Azure DevOps feed) which worked very well.
Now the development is completed and delivered. As part of the agreement, the client wants the source code. When the client tried to compile the source code in VisualStudio, they couldn't restore the nugets as they are in our organization's private feed. Although the PAT is is given in the nuget.config file, the Azure Credential Authentication window asks for the username and password of our organization, which we cannot provide to the client.
Is there any solution for this issue? How usually project code base with private nugets are delivered?
Any suggestions will be greatly appreciated.
Thanks in advance.
We don't want to create a stalkholder user account for anyone in client organization. So the solution provided here will not work.
I am thinking of two options:
Remove the reference to nuget and add the latest dlls of those libraries directly to the projects
Add the private nuget projects into the solution( provide code base for private nugets as well)
Any other way? How can we resolve it using PAT(personal access token)?
Related
I have a powershell script to get the audit logs of O365 tenants. Basically, this script will give me the users who is accessing the PowerBI platform, usability, memory consumption,etc. This is currently having the basic authentication. I need to convert the basic authentication to modern authentication in the current script. As per the current implementation,I see the registry key has been added as per the basic authentication.
I have googled and could see, I need to install the EXO V2 module and try using the Connect ExchangeOnline. But I am not sure of whether, i need to add the registry key for modern authentication? Also, it will be great if someone can help me with process flow of how to proceed in here. What are the steps , I need to follow to ensure that the modern authentication is working as expected. I have tried out all the options but I could not achieve the output. Please help me here as I am new to powerShell.
We have TFS 2013 setup on our own server in house. We have about 8 windows users from AD that currently use it.
I need to interact with TFS via API from a console app that will run on a different server. I have it all working fine when running as my own Windows account. How can I set up a user in TFS that will be used only for API interaction? I searched around and it seems I can't add a non-Windows user to TFS for this. Is it possible to use a service account or something? What is the best practice for this?
Thanks.
No, there is not any API related service account. You could take a look at this thread: Service Accounts for Team Foundation Server
Which include a table shows all the service accounts that you might use in a deployment of TFS such as TFSService, TFSBuild...
As a workaround, you could create a public domain account in TFS used for API related. However it's not able to restrict the account only used for API interaction. Since for which permissions are needed for an end user/domain user to call into the TFS API, this is based on the action that you request through TFS API. For example if your TFS API is used for checking in files, API account need code related permission, used for triggering a build, then the API account need build related permission. More information of permission, please refer to: Permission reference for Team Foundation Server
I have downloaded agent zip file and configured agent on the build machine. To authenticate agent Microsoft provided four ways PAT,Integrated,Negotiate,Alternate.
PAT should be used for Team Services they said but I don't understand how it works.
I have authenticated using negotiate but here agent is going to offline once build completed and I am manually using power shell making it run.
I am using previously XAML build definition and new to this can some one help how to make agent online continuously.
Compared with common alternate credentials, PAT is more secure.
When your 3rd party tool prompts you to sign in, you can provide your alternate credentials for authentication purposes, and it stored the credentials for later retrieval that may you don't want the tools to do some actions.
For non-Microsoft tools that integrate into Team Services but do not
support Microsoft account or Azure AD authentication interactions (for
example, Git, NuGet, or XCode), you need to set up personal access
tokens by using Git credential managers or by creating PATs manually.
You can also use personal access tokens when there is no "pop up UI"
such as with command-line tools, integrating tools or tasks into build
pipelines, or using REST APIs.
Personal access tokens essentially are alternate passwords that you
create in a secure way using your normal authentication, and
PATs can have expiration dates, limited scopes (for example, only certain REST APIs or command line operations are valid), and specific
Team Services accounts. You can put them into environment variables so
that scripts do not hardcode passwords. For more information, see
Authentication overview and scopes.
See use-personal-access-tokens-to-authenticate for details.
Once you create a PAT you can use it pretty much anywhere your user credentials are required for authentication. If you use a PAT for a 3rd party tool only to find out later that it is acting maliciously, you can deactivate that specific PAT and it immediately becomes invalid. You can also apply one or more scopes to a PAT so you can, for example, limit access to reading work items and nothing else.
Please reference below articles to understand the PAT:
https://roadtoalm.com/2015/07/22/using-personal-access-tokens-to-access-visual-studio-online/
http://blog.devmatter.com/personal-access-tokens-vsts/
I am trying to access this Service to Service
Service-to-service authentication with client secret and certificate (trying with both) but no one working for me.
I am trying to create directory on Data lake store but that given code is not working.
It's not even giving any error so i can identify it.
I have followed all the steps mentioned in this page but not able to create directory on data lake store.
I have also tried File upload code but that is also not working.
End user Authentication is working fine.
So please suggest how can i achieve it.
Thanks!
Rajni
I would like to centralise user management including authentication, authorisation and auditing as this is currently being performed by each application. I was wondering if there is an open source solution already available? I'm aware I can use LDAP or AD but this still requires development of an application to manage users.
I believe LDAP is not an appropriate solution as we require custom user attributes to be defined at runtime which is something LDAP does not support.
Any advice would be greatly appreciated!
There is Apereo CAS. It handles what you are after.
See www.github.com/apereo/cas