Show/Hide Toolbars

Flynet Azure AD Configuration

Navigation: » No topics above this level «

Configuring Azure Active Directory for a New Flynet Viewer Server

Scroll Prev Top Next More

This page will guide you through the process of configuring a new Azure AD application that integrates with your Flynet Viewer FVTerm web application so that Azure AD becomes the security system for users accessing FVTerm.

 

Requirements

 

1.You must have a Azure AD Signin that has administrative rights to your Azure AD configuration.

2.Your Flynet server must have a DNS name configured in your network--you can start with a server that is not fully accessible on the internet, but will eventually need a full DNS name for the Flynet server to configure in the Azure AD management pages.

3.Your IIS server must have an active SSL/TLS certificate.  If you do not have a trusted certificate from an issuing authority, you can use the IIS server node's "Server Certificates" page and use the "Create Self-Signed Certificate" action.

4.Your IIS web site for FVTerm must have the https binding activated--this is in the site's "Bindings" configuration dialog--add https if it is missing.

 

Sign-In to Azure Management Page

 

Open Azure Management in order to access the Azure AD --

 

http://manage.windowsazure.com

 


This will open your Azure management--this interface is very free-form and tries to remember the last place you were at--you can either navigate with "all items" and select the TYPE=Directory, or on the left bar, scroll down to Active Directory, select it, then select your company's directory in the main page:

 
 clip0001 clip0003


This will take you to the next section-- where you want to click on "APPLICATIONS" to list any active registered applications:

 

 clip0007


In the tools at the bottom of the page Click on ADD to add a new application

 

 clip0004


Add a new Application

 

 clip0005


Accept the Default type and enter the name of the Server in the Context of your Directory

 

 clip0006


Next, enter the signon from requirements # 2 (above) that your users will utilize to access the FVTerm application--if you are testing, enter the test server URL as you will be accessing it.  Remember that it must be HTTPS.  The URI of the ID is a unique identifier like the namespace for a web service--choose a unique URI ID that matches patterns for any other URI ID's in your organization.

 

While you are on this page, copy the APP ID URI to the clipboard and to a scratch notepad or other text editor for later use when configuring the FVTerm application to integrate with Azure AD.

 

clip0008


 

You should next see the notification that the new application has been added:

 

clip0009

 


 

The next step is to obtain the finger prints (also called thumb prints) for the active Certificates used to encrypt and validate the sign-on with Azure AD.  This requires you to view the endpoint document for the new application just created and copy the certificate to the clipboard.  First step is to grab the URL to access the endpoints XML document...click on VIEW ENDPOINTS:

 

clip0010

 


This will display the endpoint URL's -- you are interested in the FEDERATION METADATA DOCUMENT url--copy the URL to the clipboard and/or your scratchpad text document:

 

clip0011

 


 Next Step: Configuring Flynet FVTerm for Azure AD