News

Microsoft Rolls Out Azure AD Improvements

Microsoft recently unveiled several improvements to Azure Active Directory (AD), including enhancements to the Azure AD Application Proxy service that make it easier for organizations to connect remote end users to company-hosted Web applications.

Organizations can use Azure AD Application Proxy as a cloud-based substitute for maintaining a demilitarized zone on-premises when permitting single sign-on access to Web apps. The benefits of using Azure AD Application Proxy, according to Microsoft, are that it doesn't require setting up inbound connections through a firewall and organizations get to use Azure-based security analytics tools. Azure AD Application Proxy is a feature that's available with Azure AD Premium subscriptions.

The onboarding process to set up Azure AD Application Proxy has now been improved such that only two outbound ports are required, namely Port 443 and Port 80. Microsoft also simplified matters by only requiring connections via two domains, namely "*.msappproxy.net and *.servicebus.windows.net." The latest connector update needs to be used to get those benefits, according to Microsoft's announcement last week.

Lastly, Microsoft added a new "Long" 180-second timeout option to the Azure AD Application Proxy service. The Long option can be used for those Web apps that take longer than the default 85-second period to respond.

Work Folders Integration
In another announcement, Microsoft announced that the Windows Work Folders role now works with the Azure AD Application Proxy service. It provides a means for end users to access their work files remotely via single sign-on without opening connections through a firewall.

To use Work Folders with the Azure AD Application Proxy service, organizations need to be running Windows Server 2012 R2 or Windows Server 2016. In addition, local AD accounts need to be synchronized to Azure AD using Azure AD Connect.

Windows 10 version 1703 clients can be used to access Work Folders under this scheme, as well as Android and iOS clients. Microsoft described a few of the client nuances in this announcement.

Workday Provisioning
Microsoft also announced last week that it has launched a preview of a new capability that will make it easier for organizations using Workday software-as-a-service (SaaS) applications to move the provisioning information over to Azure AD or Windows Server AD. Workday is a provider of SaaS applications for finance and human resource needs.

The preview is called "Workday Inbound Provisioning to Azure Active Directory" and is available for use by Azure AD Premium P1 subscribers. It uses a "new thin client that is deployed alongside Azure AD Connect" to synchronize the Workday information to AD on-premises or Azure AD.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured

  • Broadcom Revamps VMware Partner Program Again

    Broadcom recently announced a significant update regarding its VMware Cloud Service Provider (VCSP) program, coinciding with the release of VMware Cloud Foundation (VCF) 9.0, a key component in Broadcom’s private cloud strategy.

  • Closeup of the new Copilot keyboard key

    Microsoft Updates Copilot To Add Context-Sensitive Agents to Teams, SharePoint

    Microsoft has rolled out a new public preview for collaborative "always on" agents in Microsoft 365 Copilot, bringing enhanced, context-aware tools into Teams channels, meetings, SharePoint sites, Planner workstreams and Viva Engage communities.

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.

  • Report: Security Initiatives Can't Keep Pace with Cloud, AI Boom

    The increasingly fast adoption of hybrid, multicloud, and AI systems is easily outgrowing existing security measures, according to a recent global survey by the Cloud Security Alliance (CSA) and exposure management firm Tenable.