mastodon.world is one of the many independent Mastodon servers you can use to participate in the fediverse.
Generic Mastodon server for anyone to use.

Server stats:

8.1K
active users

#graphapi

0 posts0 participants0 posts today
Replied in thread

🧵 4/5 Until now, I have been using IMAP+SMTP, and TbSync for address books and calendars. After going through a few iterations, I have now settled on using Exchange (native, experimental) accounts (yes, plural) for email and sticking with TbSync for calendars and address books.

Replied in thread

🧵 3/5 Right now, Exchange requires add-ons to work. Usually this means TbSync or OWL. Each of these has its own set of features and limitations to consider. Account Hub will show you Exchange in two flavors… one says “add-on required” and the other doesn’t. It’s the latter one that is the native integration in experimental form at this time (and does email ONLY for now).

Replied in thread

🧵 2/5 Further, the “native” connection to EWS/OWA within Thunderbird is only available in 140 when you enable a custom setting (search for “ews”). What you see in the new Account Hub will depend on whether that custom setting is enabled.

I'm not easily swearing, but how can I put this: sending infra emails from a data center to addresses managed by #Microsoft 365 is crazy. MS dislikes #SMTP AUTH, ok, and so begins the #OAuth journey to get the #postfix mail relay to embrace OAuth

The best idea so far is to write a script that acts as a proxy between postfix and MS, sending emails via the MS #GraphAPI. Undoubtedly much more secure and, just as undoubtedly, absolutely no vendor lock-in for something as simple as SMTP ... WTF!!

Aktuell vermehrt #Cyberangriffe auf #Owncloud-Instanzen - Patch für die ausgenutzte #Schwachstelle ist seit September 2023 verfügbar, allen Administratoren wird deshalb die dringende Aktualisierung der #Graphapi-App auf Version 0.3.1 nahe gelegt:
"Die bei den beobachteten Angriffen ausgenutzte Sicherheitslücke ist als CVE-2023-49103 registriert und mit dem maximal möglichen CVSS-Wert von 10 als kritisch eingestuft." #cybersecurity #cybersicherheit
golem.de/news/patch-verfuegbar

Golem.de · Patch verfügbar: Kritische Owncloud-Lücke wird vermehrt attackiert - Golem.deBy Marc Stöckel

Some Graph API fun today.

The Graph API knows `applications` (learn.microsoft.com/en-us/grap) and `servicePrincipals` (learn.microsoft.com/en-us/grap).

The Azure Portal knows `App Registrations` and `Enterprise Applications`.

App Registrations (Portal) = applications (Graph API)
Enterprise Applications (Portal) = servicePrincipals (Graph API)

Applications (App Registrations) and servicePrincipals (Enterprise Applications) have a unique, individual `ObjectId` but the ones that belong together hold the same `ApplicationId` which glues them together.

Fortunately, the Graph API documentation is clear and relatively consistent on what is expected for requesting an object - either the `objectId` or the `applicationId`:

```
GET /servicePrincipals/{id}
GET /servicePrincipals(appId='{appId}')
GET /applications/{applicationObjectId}
GET /applications(appId='{appId}')
```

When searching for servicePrincipals (Enterprise Applications) in the portal, it is not that clear since the terms are mixed up a bit.