Show/Hide Toolbars

Flynet Azure AD Configuration

Navigation: » No topics above this level «

Configuring Azure Active Directory for a New Flynet Viewer Server

Scroll Prev Top Next More

This page will guide you through the process of configuring a new Azure AD application that integrates with your Flynet Viewer FVTerm web application so that Azure AD becomes the security system for users accessing FVTerm.

 

Requirements

 

1.You must have a Azure AD Signin that has administrative rights to your Azure AD configuration.  

2.Your Flynet server must have a DNS name configured in your network--you can start with a server that is not fully accessible on the internet, but will eventually need a full DNS name for the Flynet server to configure in the Azure AD management pages.

3.Your IIS server must have an active SSL/TLS certificate.  If you do not have a trusted certificate from an issuing authority, you can use the IIS server node's "Server Certificates" page and use the "Create Self-Signed Certificate" action.

4.Your IIS web site for FVTerm must have the https binding activated--this is in the site's "Bindings" configuration dialog--add https if it is missing.

 

         NOTE-PLEASE CONFIGURE HTTPS (step 4 above) BEFORE ATTEMPTING AZ-AD SIGNONS!

 

Sign-In to Azure Management Page

 

Open Azure Management in order to access the Azure AD --

 

https://portal.azure.com

 


This will open your Azure management as of July, 2018, you use the "blade" menu on the far left--scroll down to Azure Active Directory, select it, then select App Registrations in the next "blade":

 
clip0001         clip0002

 

 


This will display the applications for your organization in the next page (if any) -- Click on New Application Registration:

 

clip0007:

 


Add a new Application-- use an appropriate name for the servers that will be supporting this application.

 

Accept the default Web app / API application type...

 

Next, enter the signon from requirements # 2 (above) that your users will utilize to access the FVTerm application--if you are testing, enter the test server URL as you will be accessing it.  Remember that it must be HTTPS.  The URI of the ID is a unique identifier like the namespace for a web service--choose a unique URI ID that matches patterns for any other URI ID's in your organization.  Use just the "FVTerm" for the URL portion, not the full web page url.  Once you've entered click on Create...

 

 clip0005clip0003


The application is now created in Azure AD--now you need to capture two key text strings that will be used when configuring FVTerm.

 

Click on the "Settings" icon / link

 

clip0008


Next click on Properties:

 

clip0009

 


The App ID URI we need for our FVTerm configuration -- copy it to the clipboard and paste to a "scratch" text file:clip0010

 


 

The next step is to obtain the finger prints (also called thumb prints) for the active Certificates used to encrypt and validate the sign-on with Azure AD.  This requires you to view the endpoint document for the new application just created and copy the certificate to the clipboard.  First step is to grab the URL to access the endpoints XML document...exit the new application details back to the list of your applications.

 

clip0011

 

Click on Endpoints to access the key URL's about your company, application and so on:

 

clip0010

 


This will display the endpoint URL's -- you are interested in the FEDERATION METADATA DOCUMENT url--copy the URL to the clipboard and/or your scratchpad text document:

 

clip0006

 

clip0027

 


 Next Step: Configuring Flynet FVTerm for Azure AD