Azure AD Application Proxy connector for Application in Linux server

Question

Azure AD Application Proxy connector for Application in Linux server

Nafila Afrin 111

hi,

I want to use Azure MFA for the application which resides in Linux server. But the application proxy connector can be only installed in Windows server. How can i use application proxy in this situation.

Thanks in advance.

Regards,
Nafila

Siva-kumar-selvaraj 15,721 Reputation points

2021-12-09T08:19:09.123+00:00

@Nafila Afrin ,

Just checking in to see if the below answer helped. If this answers your query, please don’t forget to click "Accept the answer" and Up-Vote for the same, which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.
Thanks,
Johnny Silverhand 1 Reputation point

2022-04-30T02:23:45.827+00:00

Hey the requirement to use a windows server really sucks.

If you don't want to use a Windows server, I am using this project in combination with Nginx on Ubuntu Server to force Azure AD MFA login to my web apps.

https://github.com/oauth2-proxy/oauth2-proxy

1 answer

Your answer

Siva-kumar-selvaraj 15,721 Reputation points

2021-12-09T08:19:09.123+00:00

@Nafila Afrin ,

Just checking in to see if the below answer helped. If this answers your query, please don’t forget to click "Accept the answer" and Up-Vote for the same, which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.
Thanks,
Johnny Silverhand 1 Reputation point

2022-04-30T02:23:45.827+00:00

Hey the requirement to use a windows server really sucks.

If you don't want to use a Windows server, I am using this project in combination with Nginx on Ubuntu Server to force Azure AD MFA login to my web apps.

https://github.com/oauth2-proxy/oauth2-proxy

Answer 1

@Nafila Afrin

Hello Nafila,

Thanks for reaching out.

Yes, Azure AD application proxy connector is a lightweight agent that runs only on a Windows Server (2012 R2 or higher version) but you can publish web applications running on servers other than Windows Server as long as AAD proxy connector machine has network connectivity with Non-windows application server (Like: Linux).

This setup to work, you need to have windows server which is connected to same network as backend application server and installed AD application proxy connector on windows server, then you should be able to publish it through Azure AD proxy.

However, you might not be able to use Windows Integrated authentication along with pre-authentication for a non-Windows Server, depending on if the web server supports Negotiate (Kerberos authentication).

Flow would be:

FAQ: https://learn.microsoft.com/en-us/azure/active-directory/app-proxy/application-proxy-faq#can-only-iis-based-applications-be-published--what-about-web-applications-running-on-non-windows-web-servers--does-the-connector-have-to-be-installed-on-a-server-with-iis-installed-

Remote access to on-premises applications through Azure AD Application Proxy: https://learn.microsoft.com/en-us/azure/active-directory/app-proxy/application-proxy

If your backend application does support Kerberos Constrained Delegation (KCD) and you would like to enable Windows Integrated Authentication to experience SSO as shown below then make sure App proxy connector is domain joined and SPNEGO enabled on each App proxy connectors. Hope this helps.

------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

Share via

Azure AD Application Proxy connector for Application in Linux server

1 answer

Your answer