We have a windows application hosted on a windows server with the RemoteApp/RDP role.
It works but we want to be able to open the application automatically by authenticating the user registered in the active directory from an external web page.
Is it possible ?
Thank you
Related
If I create an ASP.NET Core + Angular project and enable Windows Authentication (following these instructions link) and debug it using IIS Express, why does the Angular app load if I open the browser with a local user (runas /user:MY-PC\local-user Chrome.exe) which is not in AD? Shouldn't IIS Express ask me for credentials?
If I publish to Local IIS (with Windows Authentication enabled and Windows Hosting Bundle installed) using Web Deploy I get the same result, Angular app loads and Local IIS does not ask for credentials. I tried splitting the project with ASP.NET Core API + Angular, but I got the same result. I had to implement an endpoint with some logic to return 401 (not network user), 403 (network user but not in my AD Group) and a Guard in Angular to avoid loading the Component and 401 and 403 pages.
However, when I did publish to IIS on the server (manually, I created the website and copied the files, and installed Windows Hosting Bundle), I realized the behavior is different, the Angular app is not loaded and IIS always asks for credentials. If I put wrong credentials or click on Cancel, IIS shows 401. With the correct credentials I can access and browser will remember them, but if I close and open the browser again, I need to re-enter my credentials, which is a bit annoying.
IIS Express and Local IIS never ask me for credentials when I open a normal browser (using my AD account).
Why does 'IIS on the server' behave differently than 'Local IIS' and 'IIS Express'?
I just installed the latest version of SyncFusion Report Server and am running it in Microsoft IIS / Server 2016.
I created a subdomain (reports.mydomain.com) and created a binding in iis. I can hit that website and it opens the login page for the syncFusion report server.
When I go to my website (reports.myWebsite.com) I get the standard login for syncFusion. I then login with my SyncFusion credentials and it then prompts me with a server login. I can't figure out how to get around this server login prompt. If I use my server credentials and login then it works but I don't want to have to do that. The report server is running under port 57240.
Just for testing purposes, my firewall is completely disabled and I gave full access to the report server's application pool to the SyncFusion directory.
I created an iis binding for port 57240 and a binding for reports.mydomain.com on port 80.
SyncFusion does offer the ability to use windows authentication to login. I am curious if it is trying to windows authenticate first before basic authenticate. Thoughts?
I just got off the phone with Syncfusion and it turns out that SQL Server Reporting Services automatically registers the URL /reports. I switched my ssrs url to /ssrsreports and everything is now working.
A big thanks to Syncfusion for setting up a GoToMeeting and figuring this out for me!
Check whether the Authentication of your application is set by this way ?
(Open IIS -> Select your Web Application -> Double click on the “Authentication” listed in the main panel)
i. Windows Authentication and ASP.NET Impersonation should be Disabled
ii. Forms Authentication and Anonymous Authentication should be Enabled
I want to use On Premise Windows Authenticated SQL with Azure Web App. I am new to Azure. what are all possible ways to achieve this.
Thanks!
I want to use On Premise Windows Authenticated SQL with Azure Web App.
Unfortunately, it is not supported by Azure WebApp. If we want to use the Windows Authenticated, we need to ensure that Windows Authentication is enabled for the web server. We could remote to Azure website to check that there is no Windows Authenticated under the Authentication option, details please refer to the screenshot.
.
If you stick on absolutely use On Premise Windows Authenticated and host your website on Azure, you could use Azure Windows VM to host your website. And need to join the VM to your AD, that meanings both VMs are in the same network.
As you use on-premise machine, you will need to create a site to site VPN.
I would like to make an mvc4 application in asp.net that uses single sign on with ldap.
So a user logs in to AD and then goes to the webapplication. This application should be able to know which user is visitting without asking for any authentication anymore. The application should be able to know the username from the AD.
Anyone who can land me a hand with this or can give me a good explanation? I don't really understand how to fix this.
thanks in advance!
You could use Windows Authentication. Steps:
Create a new ASP.NET MVC application using the Intranet Application template
Read the text file that is opened for you which explains in details the things you need to do in order to configure your web server to enable windows authentication
Deploy your application and enjoy
For completeness sake here's the text file that is generated for you:
To use this template with Windows Azure authentication, refer to
http://go.microsoft.com/fwlink/?LinkID=267940.
Otherwise, to use this template with Windows authentication, refer to
the instructions below:
Hosting on IIS Express:
Click on your project in the Solution Explorer to select the project.
If the Properties pane is not open, open it (F4).
In the Properties pane for your project:
a) Set "Anonymous Authentication" to "Disabled".
b) Set "Windows Authentication" to "Enabled".
Hosting on IIS 7 or later:
Open IIS Manager and navigate to your website.
In Features View, double-click Authentication.
On the Authentication page, select Windows authentication. If Windows authentication is not an option, you'll need to make sure Windows authentication is installed on the server.
To enable Windows authentication on Windows:
a) In Control Panel open "Programs and Features".
b) Select "Turn Windows features on or off".
c) Navigate to Internet Information Services > World Wide Web Services > Security
and make sure the Windows authentication node is checked.
To enable Windows authentication on Windows Server:
a) In Server Manager, select Web Server (IIS) and click Add Role Services.
b) Navigate to Web Server > Security
and make sure the Windows authentication node is checked.
In the Actions pane, click Enable to use Windows authentication.
On the Authentication page, select Anonymous authentication.
In the Actions pane, click Disable to disable anonymous authentication.
I have an WinJS metro application that I'm using to connect to a remote webservice that same domain. I read up on the app manifest capability (well the little that is present online) and was hoping that I would be able to use the logged in users credentials to access this webservice without requiring them to login.
I'm trying to authenticate to the webservice via a post using a contentType: "application/x-www-form-urlencoded;charset='utf-8'". This application was previously a website that would prompt the user for login credentials in the authentication step using the aforementioned post. In the WinJS metro application I'm effectively using the same code (minor tweaks) to achieve the same result.
Has anyone had experience with Enterprise Authentication in a WinJS metro application and could better explain what types of resources I would/wouldn't have access to. I'm hoping this isn't specific to accessing things like file shares and intranet sites.
I had this exact issue as well. After ensuring the following Capabilities were enabled in the package.appxmanifest:
Enterprise Authentication
Internet (Client)
Private Networks (Client & Server)
I had to still add the URL of our web service to Internet Explorer's list of Intranet Sites. Only then did the prompt go away.