Access to on-premises application to cloud-mastered users

Hariprakash Thiagarajan 1 Reputation point
2023-07-12T07:12:45.9166667+00:00

I have a scenario where users and devices are getting separated from their existing on-premises domain and moving to Azure AD cloud that are going to be created.

There are some on-premises applications in the existing will continue to be shared between two entities.

how the access to those applications will be gained for new entity users who will be in cloud also the devices in cloud.

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,518 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
18,552 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Tech-Hyd-1989 5,776 Reputation points
    2023-07-12T08:38:24.55+00:00

    Hello Hariprakash Thiagarajan

    There are a few ways to allow new entity users who are in the cloud to access on-premises applications that are shared between two entities.

    • Azure AD Application Proxy. Azure AD Application Proxy is a feature of Azure Active Directory (Azure AD) that allows you to publish on-premises applications to the cloud. This means that users can access the on-premises applications from anywhere, as long as they have an internet connection and are authenticated to Azure AD.
    • VPN. You can also set up a VPN between your on-premises network and the cloud. This will allow users to access the on-premises applications as if they were on the on-premises network.
    • Remote Desktop Services. You can also use Remote Desktop Services to allow users to access the on-premises applications from the cloud. This is a good option if you need to allow users to access applications that require a lot of resources, such as graphic design applications or CAD applications.

    Once you have chosen a method for allowing users to access the on-premises applications, you will need to configure the applications to allow access from the cloud. This will vary depending on the application, but most applications will have a setting that allows you to specify the IP addresses or ranges that are allowed to access the application.

    You will also need to configure Azure AD to allow users to authenticate to the on-premises applications. This can be done by configuring Azure AD to trust the on-premises Active Directory domain.

    Once you have configured Azure AD and the on-premises applications, users will be able to access the on-premises applications from the cloud.

    Here are some additional considerations for this scenario:

    • You will need to make sure that the on-premises applications are compatible with Azure AD.
    • You will need to make sure that the on-premises applications are configured to allow access from the cloud.
    • You will need to configure Azure AD to allow users to authenticate to the on-premises applications.

    I hope this helps! Let me know if you have any other questions.

    0 comments No comments

  2. Hariprakash Thiagarajan 1 Reputation point
    2023-07-14T09:28:40.46+00:00
    1. Choosing "Azure AD Application Proxy", would require cross tenant synchronization or what other settings required to be configured on both the tenant?
    2. For "VPN", the entity that separates will not have on-premises AD so how the access be provisioned to their cloud-mastered account to the on-premises application hosted on other entity.
    3. Remote Desktop Services - Can it be used to access application on other tenant also on-premises of other entity?
    0 comments No comments