News

Microsoft Rolls Out Azure AD Improvements

Microsoft recently unveiled several improvements to Azure Active Directory (AD), including enhancements to the Azure AD Application Proxy service that make it easier for organizations to connect remote end users to company-hosted Web applications.

Organizations can use Azure AD Application Proxy as a cloud-based substitute for maintaining a demilitarized zone on-premises when permitting single sign-on access to Web apps. The benefits of using Azure AD Application Proxy, according to Microsoft, are that it doesn't require setting up inbound connections through a firewall and organizations get to use Azure-based security analytics tools. Azure AD Application Proxy is a feature that's available with Azure AD Premium subscriptions.

The onboarding process to set up Azure AD Application Proxy has now been improved such that only two outbound ports are required, namely Port 443 and Port 80. Microsoft also simplified matters by only requiring connections via two domains, namely "*.msappproxy.net and *.servicebus.windows.net." The latest connector update needs to be used to get those benefits, according to Microsoft's announcement last week.

Lastly, Microsoft added a new "Long" 180-second timeout option to the Azure AD Application Proxy service. The Long option can be used for those Web apps that take longer than the default 85-second period to respond.

Work Folders Integration
In another announcement, Microsoft announced that the Windows Work Folders role now works with the Azure AD Application Proxy service. It provides a means for end users to access their work files remotely via single sign-on without opening connections through a firewall.

To use Work Folders with the Azure AD Application Proxy service, organizations need to be running Windows Server 2012 R2 or Windows Server 2016. In addition, local AD accounts need to be synchronized to Azure AD using Azure AD Connect.

Windows 10 version 1703 clients can be used to access Work Folders under this scheme, as well as Android and iOS clients. Microsoft described a few of the client nuances in this announcement.

Workday Provisioning
Microsoft also announced last week that it has launched a preview of a new capability that will make it easier for organizations using Workday software-as-a-service (SaaS) applications to move the provisioning information over to Azure AD or Windows Server AD. Workday is a provider of SaaS applications for finance and human resource needs.

The preview is called "Workday Inbound Provisioning to Azure Active Directory" and is available for use by Azure AD Premium P1 subscribers. It uses a "new thin client that is deployed alongside Azure AD Connect" to synchronize the Workday information to AD on-premises or Azure AD.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured

  • Report: Cost, Sustainability Drive DaaS Adoption Beyond Remote Work

    Gartner's 2025 Magic Quadrant for Desktop as a Service reveals that while secure remote access remains a key driver of DaaS adoption, a growing number of deployments now focus on broader efficiency goals.

  • Windows 365 Reserve, Microsoft's Cloud PC Rental Service, Hits Preview

    Microsoft has launched a limited public preview of its new "Windows 365 Reserve" service, which lets organizations rent cloud PC instances in the event their Windows devices are stolen, lost or damaged.

  • Hands-On AI Skills Now Outshine Certs in Salary Stakes

    For AI-related roles, employers are prioritizing verifiable, hands-on abilities over framed certificates -- and they're paying a premium for it.

  • Roadblocks in Enterprise AI: Data and Skills Shortfalls Could Cost Millions

    Businesses risk losing up to $87 million a year if they fail to catch up with AI innovation, according to the Couchbase FY 2026 CIO AI Survey released this month.