Azure AD Application Proxy HTTP to HTTPS redirection

We are happy to announce that one of our most commonly requested feature is now live and enabled for all tenants: the ability to have automatic redirection from HTTP to HTTPS. This feature is turned on by default for all organizations that are using App Proxy, no action is needed to make it work. Redirection…


Important Reminder for Forefront Threat Management Gateway (TMG) Web Protection Services customers

Back in September 2012, we communicated broadly on Forefront product roadmap changes. At this time, we would like to remind you that Forefront Threat Management Gateway (TMG) Web Protection Services will be discontinued on December 31st, 2015. There will be no further updates to this URL filtering/categorization service beyond this date. The gateway product itself,…


Unattended installation of the Azure AD Application Proxy connector

We heard feedback from customers that they need to be able to install the Azure AD Application Proxy connector without using the interactive login UI. It is now possible! This capability is useful when you want to: Install the connector on machines with no UI layer or when you cannot RDP to the machine. Install…


The complete guide for troubleshooting Azure AD Application Proxy

As part of our continuous work to make Azure AD Application Proxy easier to deploy and more transparent we have created a whitepaper that provides full overview of all the capabilities around Application Proxy troubleshooting. The paper can be downloaded from here: Even if you don't have immediate troubleshooting needs, we hope that the…


Publishing apps on separate networks and locations using connector groups

Customers utilize Azure AD Application Proxy for more and more scenarios and applications. They asked us to make App Proxy more flexible, and to enable more topologies. We are enabling this using Application Proxy Connector groups – a new capability to assign specific connectors to serve specific applications. This capability enables a slew of use…


Azure AD Application Proxy single-sign-on to non-Windows Applications

We are always working on adding more applications to the Azure Active Directory eco-systems, making Azure Active Directory the one-stop-shop for all the applications your users consume. It is a long journey to support more and more types of backend applications. Today we are enabling single-sign-on (SSO) to non-Windows backend applications using Kerberos over SPNego….


Publishing Remote Desktop with Azure Active Directory Application Proxy

Azure Active Directory Application Proxy enables making Remote Desktop deployments accessible for remote users. Such Remote Desktop deployments can reside on-premises or at private network such as IaaS deployments. Remote Desktop protocol traffic can be published through Application Proxy as a pass-through proxy application. This solution solves the connectivity problem and provides basic security protection…


Azure AD Application Proxy can perform single-sign-on when cloud and on-prem identities are different

Single sign on is a key element of Azure AD Application Proxy. It provides the best user experience: user signs in to the cloud, all security validations happen in the cloud (preauthentication) and then, when the request is sent to on-prem application, the App Proxy connector impersonates the user so the backend application thinks that…


Web Application Proxy hotfixes and updates for Windows Server 2012 R2

Microsoft is the only vendor that offers both on-premises and cloud solutions for remote application access. Not only do we offer both, we also work hard to keep these solutions current and continue improving them all the time. We have recently released many enhancements to Azure AD Application Proxy and we announced our Windows Server…


All you want to know about Kerberos Constrained Delegation (KCD)

Kerberos Constrained Delegation (KCD) is a key technology in our application proxies. It enables single-sign-on (SSO) from the cloud to on-prem applications. With it, users can start work on Office 365, click on a link to on-prem app and continue working on this app with no password prompts. If the user is working from Azure…