In this article, I will detail how to configure Web Application Proxy. Please check out the Part 1, Part 2, and Part 3 of this series which provides an overview of the solution, explains how to configure ADFS server, and Relying Party Trust.
[Integration] ADFS as the Identity Provider for Adxstudio – Part 1 – Overview
[Integration] ADFS as the Identity Provider for Adxstudio – Part 2 – Configure ADFS Server
[Integration] ADFS as the Identity Provider for Adxstudio – Part 3 – Configure Relying Party Trust
Install Web Application Proxy
Login to the WAP server.
On the Web Application Proxy server, in the Server Manager console, in the Dashboard, click Add roles and features.
In the Add Roles and Features Wizard, click Next three times to get to the server role selection screen.
On the Select server roles dialog, select Remote Access, and then click Next.
Click Next twice.
On the Select role services dialog, select Web Application Proxy, click Add Features, and then click Next.
On the Confirm installation selections dialog, click Install.
On the Installation progress dialog, verify that the installation was successful, and then click Close.
Configure Web Application Proxy
Click Open the Web Application Proxy Wizard.
On the Web Application Proxy Configuration Wizard, on the Welcome dialog, click Next.
On the Federation Server dialog, do the following, and then click Next:
In the Federation service name box, enter the fully qualified domain name (FQDN) of the AD FS server; for example, adfs.dyn365apps.local.
In the User name and Password boxes, enter the credentials of a local administrator account on the AD FS servers.
On the AD FS Proxy Certificate dialog, in the list of certificates currently installed on the Web Application Proxy server, select a certificate to be used by Web Application Proxy for AD FS proxy functionality, and then click Next.
The certificate you choose here should be the one that whose subject is the Federation Service name, for example, adfs.dyn365apps.local.
On the Confirmation dialog, review the settings. If required, you can copy the PowerShell cmdlet to automate additional installations. Click Configure.
You can also use a PowerShell script to perform this action.
Install-WebApplicationProxy -FederationServiceTrustCredential System.Management.Automation.PSCredential -CertificateThumbprint 'A9AAAA6FAB8BBBB63C76ACCCCA09EAEEEEC7D0' -FederationServiceName 'adfs.dyn365apps.internal'
On the Results dialog, verify that the configuration was successful, and then click Close.
IMPORTANT: Make sure to add the service account to the Administrators group of the ADFS server.
Please check out next article in the series to learn how to publish an application in Web Application Proxy.
[Integration] ADFS as the Identity Provider for Adxstudio – Part 5 – Publish an Application in Web Application Proxy
[Integration] ADFS as the Identity Provider for Adxstudio – Part 6 – Configure Adxstudio
Thank you for visiting Dyn365Apps.com.
Follow me on Twitter to get the latest news, tips and tricks and more …
Until next time…