Verifying domain identity SES - dns

I am trying to setup email verification for my django app. It is running on Lightsail Debian server, the domain is registered using google domains. I created domain identity. Now I need to verify it. How and where do I add CNAME names and values to verify identity?

Related

Weird behavior when using contact form in Azure App Service to send email through SendGrid

I have a contact form on my website hosted on Azure App Service, used to send emails through SendGrid. It works well when I use the website with the default Azure URL ***.azurewebsites.net, but I does not work when I use the custom domain attached to the Azure App Service.
Any idea if it could come from SendGrid configuration?
Thank you.
When you use custom domain in web app, you need to set up domain authentication in sendgrid.
1. How to set up domain authentication
2. Configure SendGrid in Microsoft Azure for email campaigns and smtp relay
After valied your custom domain, your issue will be solved.

Verify publisher domain for AAD multi-tenant app on tenant migration

We're moving an existing application registration from our corporate tenant (foo-corporate.com) to a new dedicated tenant (bar-app.com).
The process of moving the app registration requires to create a new app registration in the bar-app.com tenant.
According to this article, we need to verify the publisher domain (foo-corporate.com) in the new dedicated tenant (bar-app.com).
This is necessary, as the user will otherwise see unverified as the publisher on the consent screen (see #5 on screenshot) instead of the publisher (foo-corporate).
The process to verify the publisher involves hosting a microsoft-identity-association.json on https://foo-corporate.com/.well-known/ to verify the publisher.
Questions
Is there another way to verify the publisher foo-corporate.com for the new app registration in bar-app.com tenant? We're a large enterprise and our development team doesn't have access to the hosting of foo-corporate.com (public website), so we can't put the json file there. I assume this is the case for most larger enterprises.
In case there is no other option, do we need to host this file permanently or is it only needed for a first verification and can be removed afterward?
Update 1
The question is about publisher domain verification and not custom domain verification as the first answer to this questions assumed.
Sample Consent Screen
You can verify your domain in Azure AD by adding a custom domain. You can verify it using any of the methods here, which include creating DNS records or placing a file on the site. The file is only required while verifying the domain; It can be deleted after the status shows as verified.
Azure Portal -> Azure AD -> Custom Domains:
From this page:
New applications
When you register a new app, the publisher domain of your app may be
set to a default value. The value depends on where the app is
registered, particularly whether the app is registered in a tenant and
whether the tenant has tenant verified domains.
If there are tenant-verified domains, the app’s publisher domain will
default to the primary verified domain of the tenant. If there are no
tenant verified domains (which is the case when the application is not
registered in a tenant), the app’s publisher domain will be set to
null.
Adding a tenant verified domain gives you more verification options. Verification ensures non-repudiation which is essential for Microsoft to display an application's publisher to an end user.
Without placing a file on a website for the domain (I don't have a website), these are the options available to me:
The first is the domain I verified through DNS, the second is the onmicrosoft.com default domain. Using the onmicrosoft domain however will not suffice as it is an Available domain as opposed to a Verified one.

Windows Authentication prompt appears if you access via domain name

I have a web application hosted in IIS and configured with Windows Authentication. It is supposed to be SSO (Single sign-on) and work without prompting users for their credentials. It works in this way if I access it via server name or cname. Example:
https://serverName/applicationName
https://cname/applicationName
However, it asks for user credentials if I access the application via full domain name such as:
https://serverName.domain.com/applicationName
https://cname.domain.com/applicationName
Any ideas what the issue would be?

How to reauthorize domain at mailgun.com

I have domain that is already added by another developer at mailgun.com,
but now i don't have access of that developer account at mailgun.com also smtp password has changed at mailgun.com account for my domain.
Now i have created new account at mailgun.com and wants to add my domain under this account, but i am getting error "This domain name is already taken".
I have complete access of my domain and hosting but don't have access of last mailgun.com.
however i already have removed TXT record for my domain associated with mailgun.com last account from my domains DNS setting.
my domain's DNS is hosted at godaddy.
Thanks!

Integrate with LDAP in Azure

Our application store some user information(username, password) in LDAP, and because we cannot change the authenticate code, so we would like to setup a LDAP server in Azure, but I do not see Azure provide such service.
is it possible?
Curently, we have LDAP, DataBase, Application(java,tomcat). DataBase is used to store some business information, LDAP is used to store user credentials.
If user want to use our service, he should sign up, then we will store his credentials to LDAP and when he login, we will compare the credential.
LDAP works within the bounds of a domain, but your browser will not present your credentials to sites out on the internet.
I have two suggestions, I haven't tested either of them.
Option 1:
Use Windows Azure Connect to add the Azure boxes to your own domain, thus allowing users within the domain to authenticate.
Option 2:
Install AD FS 2.0 on your companie's intranet or DMZ, and then add it as an identity provider in the Access Control Service. You then add the Access Control Service as an identity provider in your application. When a user attempts to use your application, they will be redirected to the AD FS server (via the ACS) to authenticate with their local credentials.

Resources