none
Password Rest through Reverse Proxy RRS feed

  • Question

  • Hi everybody,

    actually I´m forcing a very huge problem for me and my customer. Here is a short explanation what configuration we have:

    -MIM 2016 with Password Registration and Reset Portal on Server1

    -Password Reset Portal for extranet on Server2

    We are trying to publish the Password-Reset Site for the extranet through an Reverse-Proxy called NginX. The reverse proxy is slightly difficult to understand so here is another example:

    Our customer has the following site published:

    https://services.customer.com

    after the .com the service application is hosted like this:

    https://services.customer.com/pwdservice

    actually what this reverse proxy internal does is, translate this into an interal url

    https://mimserverExtranet.customerdomain.local/pwdservice

    BUT the Password Reset service is just available at this site

    https://mimserverExtranet.customerdomain.local.

    I hope everything is clear until this point.

    So, to make the Password Reset working, the application must be available through this url

    https://mimserverExtranet.customerdomain.local/pwdservice

    Actually I can provide this through an virtual directory in IIS but then no Scripts and no CSS are working, because of a absolute and not relative paths in the sourcecode I think.

    So my question is: is it possible to install the MIM Password Reset into an directory shifted one to the right?

    So not into C:\Program Files\Microsoft Forefront Identity Manager\2010\Password Reset Portal

    but into

    C:\Program Files\Microsoft Forefront Identity Manager\2010\Password Reset Portal\pwdservice

    I know, this is a very specific request and hope that someone can help me! Anthony I am counting on you as the developer :-)

    Thank you very much in advance!

    Tom

    Wednesday, April 13, 2016 12:40 PM

All replies

  • I don't think changing the URL and moving stuff around on the sites is supported or advisable, it's something your reverse proxy should handle.

    As NginX is your reverse proxy I'd expect it to be able to take requests for https://services.customer.com/pwdservice/* and pass them to https://mimserverExtranet.customerdomain.local/*

    I suspect you could achieve this with something similar to:

    server {
        listen 80;
        location /pwdservice {
            proxy_pass https://mimserverExtranet.customerdomain.local;
        }
    }

    If that's not the case though, I'm sure you could achieve it with IIS ARR. Take a look at this http://www.iis.net/learn/extensions/url-rewrite-module/reverse-proxy-with-url-rewrite-v2-and-application-request-routing

    • Edited by FIM-EN Wednesday, April 13, 2016 3:21 PM
    Wednesday, April 13, 2016 2:43 PM