Azure Application Proxy

You want to empower accessibility for your on premise web application when securing access to it? You do not want to open ports, setup proxies etc. to unknown sources? Than you should definetly scrutinize application proxy feature of Azure AD Premium.

To get into the details you may visit the page listed below.

https://docs.microsoft.com/en-us/azure/active-directory/active-directory-application-proxy-get-started

Having gone through the feature I would like to share my insight.

· Do not need to setup reverse proxy, dmz or vpn

· Can be integrated with OWA, Sharepoint and other line of business applications.

· Many other rich offerings like authorization control and security analytics on Azure

· Single Sign On (SSO) [which I have not evaluated yet]. Pass through authentication is also an option.

· Web applications that uses IWA or Form Based authentication can be integrated with Application Proxy

· Applications hosted behind remote desktop gateway can be integrated with Application Proxy

· APIs that you want to expose to applications on different devices

· A tiny windows service called connector get almost all things done Smile

Now let me share some hands-on parts I went through with you.

Continue reading “Azure Application Proxy”

Azure AD – Domain Name Verification

Hello all,

As domain name is crucial part of the identifier for most of the directory resources(user-group-app ID) , you will probably add your own domain in to Azure Active Directory. During the addition process the domain is needed to be verified. Although the TXT record has been configured and the process is so straightforward , you may not be able to verify your domain :)

At this point you have to figure out what lies behind. What lurks in shadows :) ?

When you create Power BI free trial account by using your domain name, a shadow tenant is created without an admin and a subscription! What’s more, your domain name is verified and allocated by the shadow tenant. That’s the reason why you can’t verify it. Because, it has already been verified by another “shadow” tenant :)

At first, you need to release it. As there is no admin associated with the shadows tenant, you need to take over the admin rights, then you can release your domain.

Here are the documentations to perform these steps.

https://powerbi.microsoft.com/en-us/blog/how-to-perform-an-it-admin-takeover-with-o365/

https://powerbi.microsoft.com/en-us/blog/understanding-the-shadow-tenant-in-office-365/

https://docs.microsoft.com/en-us/azure/active-directory/active-directory-add-domain-concepts

Wish you the best.

Azure Web App Day/Time issue

Hello all,

We have been through an issue pertaining to the time zone setting of our web application which run on Azure App Service. After a couple of trial, we set the time zone to the value shown below.

It worked for our web application which is supposed use GMT+3, Turkish Standard Daytime :) It seems there are several values to get the result(GMT +3) that you may give it a try.

http://www.louischarlesgagnon.com/post/azure-app-service-set-timezone-for-your-web-application

Wish you all the best, regards.