You want to empower accessibility for your on premise web application when securing access to it? You do not want to open ports, setup proxies etc. to unknown sources? Than you should definetly scrutinize application proxy feature of Azure AD Premium.
To get into the details you may visit the page listed below.
Having gone through the feature I would like to share my insight.
· Do not need to setup reverse proxy, dmz or vpn
· Can be integrated with OWA, Sharepoint and other line of business applications.
· Many other rich offerings like authorization control and security analytics on Azure
· Single Sign On (SSO) [which I have not evaluated yet]. Pass through authentication is also an option.
· Web applications that uses IWA or Form Based authentication can be integrated with Application Proxy
· Applications hosted behind remote desktop gateway can be integrated with Application Proxy
· APIs that you want to expose to applications on different devices
· A tiny windows service called connector get almost all things done
Now let me share some hands-on parts I went through with you.
Continue reading “Azure Application Proxy”
As domain name is crucial part of the identifier for most of the directory resources(user-group-app ID) , you will probably add your own domain in to Azure Active Directory. During the addition process the domain is needed to be verified. Although the TXT record has been configured and the process is so straightforward , you may not be able to verify your domain :)
At this point you have to figure out what lies behind. What lurks in shadows :) ?
When you create Power BI free trial account by using your domain name, a shadow tenant is created without an admin and a subscription! What’s more, your domain name is verified and allocated by the shadow tenant. That’s the reason why you can’t verify it. Because, it has already been verified by another “shadow” tenant :)
At first, you need to release it. As there is no admin associated with the shadows tenant, you need to take over the admin rights, then you can release your domain.
Here are the documentations to perform these steps.
Wish you the best.
Although not being a daily operation, you might need to reset the password of root account on some occasions. Here are the steps:
Restart the operating system and press e when prompted.
Move cursor to linux16 line and remove rhgb and quite , add rd.break enforcing=0 as shown below.
Proceed with pressing Ctrl+x in order to access the initramfs(initial RAM file system) that gets loaded into memory during the startup process. Rest of the process is so straight forward. Perform the commands those are written below.
mount -o remount,rw /sysroot
passwd (type the_password_you_want_set twice after hitting “enter” )
mount -o remount,ro /sysroot
When you reach out to login screen, login through root by the typing new password and run the followings.
Mission accomplished successfully :) If you take some “hands-on” certification exams, you probably are not given the “root” account password and you are entailed to reset it. Keep those steps in your mind just in case.
Wish you the best.
We have been through an issue pertaining to the time zone setting of our web application which run on Azure App Service. After a couple of trial, we set the time zone to the value shown below.
It worked for our web application which is supposed use GMT+3, Turkish Standard Daytime :) It seems there are several values to get the result(GMT +3) that you may give it a try.
Wish you all the best, regards.