In IAG, we created Basic and Webmail trunks to publish a single Web application with a one-to-one connection, where one external IP address routes to a single backend Web application server. Basic and Webmail trunks are no longer available in UAG, so what happens now if you want to publish a single Web application directly, rather than requiring users to access an application via a UAG portal?
Basic and Webmail trunks provided limited functionality in IAG, and UAG aims to provide direct Web application publishing with the same flexibility and feature set as portal application publishing. In order to do this, UAG introduces a new feature known as application-specific public host names. For ISA Server/Forefront TMG users, this feature is similar to the link translation feature, and in UAG it provides an alternative to the HAT mechanism.
Using an application-specific public host name, you can publish Web applications directly via a portal trunk. When a user types the application public host name in a browser, rather than the portal public host name, the client endpoint connects directly to the application. When the UAG server receives a request for an application-specific host name, it performs authentication, and then automatically opens the required application, bypassing the UAG portal home page. One issue to note - although this option allows users to access a Web application directly, it does require them to remember a public host name for each application published in this way.
So how do I publish a Web application with an application-specific host name?
- When you create a portal trunk, ensure that the public host name of the portal trunk is fully qualified and contains at least two dots. For example uag.contoso.com.
- Add the application to the trunk using the Add Application Wizard, available from the main property page of the trunk.
- On the Select Application page of the wizard, click Web, and from the drop-down list select Other Web Application (application specific hostname).
- On the Configure Application page, type in the name of the application. This is the name that appears on the portal application list, and it is also the default name used for the application on the portal home page, and in the home page toolbar.
- On the Web Servers page, do the following:
- In Paths, specify the path of the published Web app. Note that if you want to publish multiple instances of the same application public host name, ensure that you use a unique path for each instance.
- In Public host name, specify the host name that the client will type in the browser to reach the Web application directly. Note the following:
- In HTTPS trunks, we recommend that both the public host name of the trunk and the public host name of the application should be included on the server certificate used by the trunk. Alternatively you can use a wildcard certificate. You can use names that do not match the certificate. In this case, ignore the certificate warning that pops up during trunk configuration. If names do not match, connecting endpoints will be presented with a browser warning that there might be a problem with the website’s security certificate, and must choose to continue for site access.
- The application’s public host name must be in or above the domain-level namespace of the portal’s public host name.
- By default the application appears in the portal home page and toolbar using the application name you specified earlier in the wizard. If you want the application to be available for direct access only and not via the portal, on the Portal Link page, clear the setting Add a portal and toolbar link.
Anything else I need to do?
After completing the wizard, do the following:
- If you have published more than one instance of an application public host name, ensure that the application path for each instance is unique.
- Ensure that the application-specific host name is resolvable by a public DNS server.
- In the DNS entry, the application host name should resolve to the same IP address as the public host name of the trunk.
- Try accessing the application directly, by typing the application public host name in the browser of a remote client endpoint.
Author: Rayne Wiselman (UAG User Experience Team)
Reviewers: Ran Dolev; Ophir Polotsky; Dan Herzog (UAG Supportability and Customer Support Team)