Architecture of Internal Apps

Bluesky application

This application resides on-prems in IIS server. Its FQDN is https://bluesky.f5access.onmicrosoft.com

This application is not authenticated, meaning there is no Single Sign on required in front of this app.

../../_images/bluesky.png

Vanilla application

This application resides on-prems in IIS server. Its FQDN is https://vanilla.f5access.onmicrosoft.com

This application is authenticated by Kerberos. So a Signle Sign On will be required to connect to this app.

../../_images/vanilla.png

Check IIS configuration

  1. RDP to IIS with f5access\user as user, and user as password

  2. Click IIS manager icon in the taskbar

    ../../_images/winmenu.png

  3. In the Connections tree, click on vanilla and Authentication

    ../../_images/IIS_vanilla.png

  4. You can notice Anonymous Auth is Disabled and Windows Authentication is Enabled

    ../../_images/vanilla_krbt.png

Note

In the next class we will configure APM to publish, protect and SSO to internal apps.