Azure Application Proxy

2622
6
07-02-2018 12:12 PM
DavidMartin
Occasional Contributor II

Has anyone yet had any experience of integrating an On-Premise ArcGIS Enterprise deployment with Azure AD Application Proxy? I'm particularly interested in achieving Single Sign On for On Premise users as well as external users.

I've not yet been able to perform a test, but would be interested to hear of how others have got on with getting the two to work together, and whether there are any lessons to be learnt?

Tags (3)
6 Replies
AdamEversole1
Esri Contributor

Hello David, 

We have documentation on how to configure Portal for ArcGIS with Azure AD: 

http://enterprise.arcgis.com/en/portal/latest/administer/windows/configure-azure-active-directory.ht...

This looks like the Documentation from the Azure side of things:

https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/arcgisenterprise-tutorial

I've not actually set this up on my own but potentially someone in the community has and can share the experience had on this thread. 

Hope this helps!

- Adam

0 Kudos
FarmersBranchBrian
New Contributor

Has anyone had any luck with this?  I've managed to get the proxy app working but it breaks SAML integration when done, rendering it all but useless.

0 Kudos
GISCoordinator2
New Contributor

We are also having issues trying to implement Azure Enterprise Application Proxy. We have it working with SAML and working really well in browsers, but when it comes to ArcGIS Collector App this does not.

-Steffen

0 Kudos
KristineSmaadal1
New Contributor II

Hi Steffen,
When you got the AAP to work with ArcGIS Enterprise in browsers, did you use Pre-authentication or Pass through? I am interested in using AAP for webapplications hosted in Portal, but I need it to work with pre authentication. 


- Kristine 

0 Kudos
GlenShepherd
Esri Contributor

Hi David Martin,

You may want to take a look at your 'pre-authentication' configuration for the Azure App Proxy.

The "Azure Active Directory" setting causes a 302 redirect for users to sign in with Azure AD credentials and is currently known to be problematic for the ArcGIS Field Apps suite.

Using the "Passthrough" setting won't require users to authenticate with Azure AD and client requests will be forwarded to ArcGIS Enterprise. The following link may provide further detail: Tutorial - Add an on-premises app - Application Proxy in Azure AD | Microsoft Docs 

credit to Philip McNeilly for this product support knowledge.

BanchanaPandey
New Contributor III

@GlenShepherd @AdamEversole1 

Is there a document to configure stand alone arcgis server through azure app proxy? this arcgis server is not federated to portal. it uses the web tier authentication and has web adaptor.

0 Kudos