locked
WEB Application Proxy servers should be part of domain? RRS feed

  • Question

  • We are deploying Web application proxy server in AD FS environment. We will use this ADFS to configure Azure AD Connect for Exchange Hybrid Environment. 

    Question:   For above mentioned environment, Web Application server should be part of domain or can we keep it as stand alone server?

    If it should be part of domain then what ports should we need to open to allow its access to DMZ domain controller servers ( active directory)?


    • Edited by Asif-Janjua Monday, January 22, 2018 8:14 PM
    Saturday, January 13, 2018 7:08 PM

All replies

  • Hello, It is recommended to have WAP servers as standalone (not joined to a domain) and placed in the DMZ. Allow port 443 through your firewall between the WAP and ADFS servers.

    Isaac Oben MCITP:EA, MCSE,MCC <a href="https://www.mcpvirtualbusinesscard.com/VBCServer/4a046848-4b33-4a28-b254-e5b01e29693e/interactivecard"> View my MCP Certifications</a>

    Wednesday, January 17, 2018 6:41 AM
  • Hi, 

    Thanks for answers. I have configured the ADFS and have deployed Azure AD Connect along with Exchange Hybrid.  

    1: I enter the UPN on office 365 page and its redirect me to ADSF login page. 

    2: I enter the password of user on ADFS page and redirects me back to office 365 page. 

    3: Now office 365 does not login to user rather it shows login page again.  Can any one please let me know why not user is being login office 365.

    Sunday, January 21, 2018 3:48 PM
  • Can any one help me on this case? Can any one guide me how can I troubleshoot this case.
    Monday, January 22, 2018 6:24 PM
  • Hello,

    Have you converted to a federated domain? The link below might help you do that.

    https://blogs.technet.microsoft.com/canitpro/2015/09/11/step-by-step-setting-up-ad-fs-and-enabling-single-sign-on-to-office-365/


    Isaac Oben MCITP:EA, MCSE,MCC <a href="https://www.mcpvirtualbusinesscard.com/VBCServer/4a046848-4b33-4a28-b254-e5b01e29693e/interactivecard"> View my MCP Certifications</a>

    Tuesday, January 23, 2018 7:43 AM
  • HI, 

    Thanks for your reply. Yes, it is converted and I beleive that is why it is redirecting to my ADFS page as soon as I user UPN in office login page. Can you please let me know how I can troubleshoot this casae. As I am not able to find any logs regarding this case on Azure AD connect server or ADFS server. 

    Tuesday, January 23, 2018 7:55 AM