Azure AD Application Proxy: Kerberos Constrained Delegation


At the end of 2014, Microsoft released some new Azure AD features. One of these features is the added support for Kerberos Constrained Delegation within the Azure AD Application Proxy. This introduces the capability to publish on premises Windows Integrated Applications for external access. This is extremely useful to publish applications like Outlook Web Access or any other application using Kerberos as the default (internal) authentication method. … Read more…

A quick intro to Azure AD Application Proxy


One of the features in the premium license of Azure AD is the Application Proxy (AAD AP). This feature can be compared with the Web Application Proxy (WAP) role which you can install on top of Windows Server 2012 R2. In this post we will go over most of its features which are now available in the preview release.
AAD AP can be used to publish applications inside your private on premise or cloud network. The AAD AP can be configured as an out of the box service within Azure AD which, at this point, is the main difference and a huge benefit compared to WAP. As the WAP role does require a dedicated server and a trust connection with an ADFS server, the AAD AP now only requires you to install an Application Proxy connector on a server within your environment. There is only … Read more…