How to : Azure Web App using On Premise Windows Authenticated SQL - azure-sql-database

I want to use On Premise Windows Authenticated SQL with Azure Web App. I am new to Azure. what are all possible ways to achieve this.
Thanks!

I want to use On Premise Windows Authenticated SQL with Azure Web App.
Unfortunately, it is not supported by Azure WebApp. If we want to use the Windows Authenticated, we need to ensure that Windows Authentication is enabled for the web server. We could remote to Azure website to check that there is no Windows Authenticated under the Authentication option, details please refer to the screenshot.
.
If you stick on absolutely use On Premise Windows Authenticated and host your website on Azure, you could use Azure Windows VM to host your website. And need to join the VM to your AD, that meanings both VMs are in the same network.
As you use on-premise machine, you will need to create a site to site VPN.

Related

Could I use selfhost AD with OpenPAI?

For some reasons, our servers cannot connect to the Internet so we have a selfhost AD server to manage users. I wonder if I could use it because the docs only say they support AAD :( Thanks!
It's not possible to self-host AAD.
Except for AAD, OpenPAI provides also basic authentication mode, which you can use without internet access.
As a reference, there are tools like Azure AD Connect that can help to sync your on-prem & cloud auth system.

Apache: Microsoft Azure and SSO Auth

Is it generally possible to have a Microsoft Azure in the background to act as a SSO Authentication server for Apache auth?
The example is:
There are many users inside the Microsoft Azure
I have a Webpage on a Linux server served by Apache2
The webpage should be protected (exactly like basic-auth) by Azure (via SSO)
If the user is signed in into Azure and has rights, he can see the website
If the user is not signed in, he will be redirected back to Azure's login-page and after successful login will back to the webpage.
Is this generally possible?
If so what technologies/modules do I have to use for apache in order to speak with Azure?
Thanks for any hints towards the right direction.
Update
The Azure server is already fully configured. I just need to sort out the end on Apache.
I think what you are looking for is Azure Active Directory. it is an Identity as a Service product that supports modern protocols like OAuth, OpenID Connect. There's a client SDK called ADAL (Active Directory Authentication Library), but since it's standard protocols, you can integrate with other standard based authentication libraries. For example, the node.js tutorial shows how to use passport.
You didn't mention what web stack you are using but it's most likely listed here:
https://azure.microsoft.com/en-us/documentation/articles/active-directory-developers-guide/
On a side note: if you can host your app on Azure Web App Service then it has built in integration with Azure Active Directory, so you can add a layer of authentication on top of your website without modifying your application code.
More info on that here: https://azure.microsoft.com/en-us/documentation/articles/app-service-mobile-how-to-configure-active-directory-authentication/

Connecting to one-note through one-note API without windows azure account

In order to connect to one-note API from a .net application, We need client id and client secret. For office 365 account it requires the user to register in windows azure. Is there a way to get the client id/secret for office 365 account without windows azure account ?
Yes, you can do it without registering your app in Windows Azure.
You do need to register your app with the Microsoft Account Developer Center https://account.live.com/developers/applications/ and that will give you a client ID and secret you can use in your ASP.net site without using Azure.
Here is a great tutorial walking you from beginning to end: https://channel9.msdn.com/Series/OneNoteDev/Getting-Started-with-the-OneNote-API-ASP-NET-Edition

Federated authentication via OpenID Connect from Azure

I need to run .NET applications in Azure and have them authenticate against my on-premise directory (via PingFederate). It appears that ACS is the only way to do federated authentication from Azure, even though it has been deprecated for over a year. It also seems that ACS does not support OpenID Connect.
So am I correct in thinking it is not possible to do federated authentication via OpenID connect from Azure? And does anyone know when federation with external identity providers will be added to Azure AD?
Federated authentication is supported by Azure AD. Most of our enterprise customers connect their Azure Active Directory to their on-premises directory for federated authentication with Office 365 and other SAAS apps connected with Azure AD.
You can indeed federated your Azure AD with PingFederate and use Azure AD' OpenIDConnect protocol to configure single sign on for your cloud application.
Sign-up for a free trial Azure subscription and create a directory. Use the documentation here (http://msdn.microsoft.com/library/azure/jj673460.aspx) and the following sample app (https://github.com/AzureADSamples/WebApp-OpenIDConnect-DotNet) to connect your app' authentication with your directory using OpenIDConnect.
Then, add a verified domain to your directory and federate it with your PingFederate STS by following the guidance here (http://documentation.pingidentity.com/display/PFS/SSO+to+Office+365+Introduction).
We don't recommend using ACS for this scenario.
Hope this helps.

SQL pass Windows Auth details using Server Authentication

We have a MSSQL2005 Database on our domain, We can only connect to the database using Windows Authentication. When i am on the domain it connects perfectly, but when i am not on the domain i am unable to pass through my domain credentials to connect to the database.
I tried using Server Authentication and passing domain credentials but i haven't been successful
Thanx
Have a look at this tutorial he gives a nice explanation including screenshots
Are you sure this is even possible? You want to connect to database using domain account when your windows machine is not on a domain.
Try using local windows account.