Azure AD

Install Azure AD Application Proxy

Anders Rødland ConfigMgr

Azure AD Application Proxy provides users a secure remote access to on-premise web applications. It lets you publish applications inside your network without the need of opening firewall ports. You can add security to it by requiring Azure AD authentication just as when a user tries to access any other resource in Azure.

This guide covers the installation of Azure AD Application Proxy.

Azure AD Application Proxy

Go to Azure Active Directory -> Enterprise applications -> Application proxy.

If you get the message that “Application Proxy is currently disabled for your tenant. Click here to enable Application Proxy“, and nothing happens when you click it, don’t worry. Azure AD Application Proxy will enable automatically when we install the connector.

Click Download connector service to download the file for the application proxy connector..

Microsoft Azure AD Application Proxy Connector

Note that Internet Explorer Enhanced Security will block the Application Proxy connector from signing in to Azure if it’s enabled. Make sure that is disabled that first before you run the installation.

Install Microsoft Azure AD Application Proxy Connector

Run the Microsoft Azure Active Directory Application Proxy Connector as administrator.

Microsoft Azure AD Application Proxy Connector

You need either the global administrator or the application administrator role for Application Proxy to register itself with Azure AD. But don’t worry, those credentials are only used to register the connector with Azure AD and not used as a service account.

Microsoft Azure Active Directory Application Proxy Connector

The installation of Microsoft Azure Active Directory Application Proxy Connector completes successfully.

Microsoft Azure Active Directory Application Proxy Connector

The unclickable message about enabling application proxy is gone. It is enabled automatically by the the first connector installed in your tenant.

Microsoft Azure AD Application Proxy Connector

That is it. Azure AD Application proxy is now installed. You need at least two connectors to provide failover / load balancing, and Microsoft recommends three connectors.

Troubleshoot Azure AD Application Proxy

If the connector fails to register or you need to troubleshoot Azure AD Application Proxy, the event log is located under “Applications and Services Logs\Microsoft\AadApplicationProxy“.

Reference: https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/application-proxy

Anders Rødland

Anders Rødland started his IT career in 2006. My main focus is MS Configuration Manager and client management, and I have passed 17 Microsoft certifications since then. My main expertise is on client management with Microsoft Endpoint Manager: Intune and Configuration Manager. I also do a lot of work on the security side with Microsoft Defender for Endpoint. In addition to my Microsoft certification, I also have an ITIL v3 Foundation certification. This is my private blog and do not represent my employer. I use this to share information that I find useful. Sharing is caring.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.