I wish to connect an active directory controller which is hosted on an Azuer VPS to a domain I have purchased (which uses CloudFlare), how can I go about doing so?
I am aware of the security risks imposed by exposing an AD instance to the public.
I have poked around to try and find details about what ports should be exposed and records that should be created but couldn't find any.
Edit: I found a page containing a list of the required records and managed to configure it correctly - I will now add an answer.
DNS is now properly configured for the AD instance to be exposed to the web.
I followed the records available here and now it's for all to see!
Related
I'd like to consider this Azure feature:
https://www.youtube.com/watch?v=HxXs9_ggBfg
But it won't be of much use to me if I'm unable to configure a custom domain for it. I'm having no problem with custom domains for standard App Service websites, but this is for containers.
I've tried searching for documentation, but I'm coming up empty.
--EDIT--
The technology I'm interested in is Web Apps for Containers; thanks to #sam-cogan for pointing this out to me.
I believe the video is talking about Azure Web Apps for Containers (I would really recommend not asking people to watch a 30-minute video to understand your question). Assuming that is the case, then adding a custom domain name is the same as setting one up for a normal app service, you can do so through the custom domain name settings in the portal. The process is documented here.
If you're looking to use a different service in Azure for hosting containers then please state which one and I will update. All of these can have custom domain names.
Azure Container Instances usually provide a public IP address, so pointing a domain name to it should not be a problem.
You could map either an A record or a CNAME to your instance.
There is no difference between configuring custom domain for normal web apps and web for container. I have tried below document and it is worked well.
http://www.ayushrathi.com/configuring-a-custom-domain-name-for-web-app-azure-portal/
I have been trying for 3 days now to link custom domains, caretopets.com and www.caretopets.com, to an Azure Web app - the issue is that I am was not able to verify it (I get both Domain ownership and Hostname availability errors).
The domain is newly purchased from godaddy. I read several articles, and also have other web app with different domain linked. I'm not sure what I am doing wrong.
I added the required A, TXT and CNAME records as seen here:
I checked the records with digwebinterface:
The only thing is that there are some strange additional CNAMEs.
I also tried to verify a domain that is already linked to another web app in the same subscription, and even that one won't verify as well.
Any suggestions on where to go from here would be helpful.
link a custom domain caretopets.com and www.caretopets.com to an Azure Web app I am was not able to verify it
To map custom domain to web app, I create the DNS record(s) like this. I could validate Domain successfully.
As far as I know, it should report success or detailed error with prescriptive guidence on how to fix the error while checking for Domain ownership and Hostname availability in Azure portal.
Please make sure whether you point to correct IP address and Azure app's default domain name.
Besides, this article shows us how to manually map a custom domain name to web app with detailed steps, please refer to it.
I have a requirement, that the SharePoint portal of our company should be made accessible from internet, as in
once URL is entered in the browser, it should ask for credentials- once entered, should display the homepage of the portal.
Provided it should be accessible from the current intranet also.
It is in windows authentication mode currently.
Disclaimer: This question would be more appropriate in a forum like SuperUser or Sharepoint StackExchange. I am not a system administrator so my answer will lack detail and probably wont be optimal.
The only thing you need to provide is access from an external interface to your network. So something that routes requests from outside of your network to your sharepoint instance.
This is usually achieved through a reverse proxy and proper configuration of DNS. You can setup a reverse proxy by different means, if your organisation uses the Microsoft Stack then I suggest setting up IIS as a reverse proxy to your Sharepoint Instance. There are multiple tutorials on how to do this on the web.
http://sahelp.sharepointforall.com/FAQ/bconfigure_IIS.html
You then need to add an entry to your organisation DNS hosting something like sharepoint.organisation.com that points to your external interface (public IP) where the reverse proxy is sitting.
You will then need to add an Alternate Access Mapping to your Sharepoint WebApplication so Sharepoint can route the requests that the proxy sends to the appropriate Webapplication.
http://blog.blksthl.com/2012/12/03/a-guide-to-alternate-access-mappings-basics-in-sharepoint-2013/
If you are using basic authentication make sure you enable SSL. this can be done in several ways but a possible and easy (but not the most secure) is to enable SSL just externally and then use a normal unencrypted channel on the inside of your network, this is probably the easiest setup but again not very secure as people inside the newtork can snoop comms between the proxy and the sharepoint instance.
I'm new to Azure and have set up an Asure web site which will connect to a SOLR instance on an Azure VM. The web site cannot communicate with SOLR (port 8080) unless I create an endpoint. In order to create an endpoint I need to provide an internal and external port, however I do not want to allow external/remote access to SOLR, other than from the web site itself. Can anyone tell me how I should allow the web site to communicate with my VM, without making the VM publicly accessible?
Thank you,
JP
As #hhaggan stated, you cannot create a virtual network connection, or secure an endpoint, from Web Sites to a Virtual Machine. One option to consider is the use of SSL+certificate to secure the endpoint.
If you instead deploy your web application to a web role (in a cloud service) or a virtual machine, you can then take advantage of a brand new feature called Endpoint ACL. In essence, you can whitelist / blacklist a set of IP address ranges that may access your SOLR external endpoint. You can read about ACL'd endpoints, and how to configure them, here.
Now: You might be asking yourself why this doesn't work with Web Sites. That's because Web Sites runs on a server farm, and sites don't get unique IP addresses (unlike Cloud Services).
if you are talking about Windows Azure Websites, I am not sure if this can be done but if you are talking about Web roles in Windows Azure Cloud service, here is something that I hope it can be beneficial.
Connect ASP.NET application to SQL Server in Windows Azure via Virtual Network http://msdn.microsoft.com/en-us/library/windowsazure/jj823135.aspx
you might also would like to have a look on this http://www.windowsazure.com/en-us/services/virtual-network/ I don't think you will need it but I am just sharing it with you, it is for WIndows Azure Virtual Network.
let me know if this solved your problems or if you need anything else.
Currently I'm trying to port a web application(ASP.NET MVC) to windows azure and have come across a point, I don't know how to solve.
The application is a multi tenant one. Every customer who registers, can enter a name for his instance and is able to surf the site later on over theenteredname.example.com. Further, the domain is used in an ActionFilter to switch between the databases.
How can I realize this in Windows Azure? I know that I must define a binding with defined hostHeader attribute, but as the subdomains a generated dynamically I would have to change the service definition every time a user registers and a new sub domain appears and redeploy it. But that is really not the way I want it.
Any help would be appreciated!
I think the problem is that IIS does not support subdomain wildcard mapping, see here Wildcard subdomains in IIS7. Is it possible to make them like it is in Apache? for more information.
If you would still like to do this there is a solution here http://www.seoconsultants.com/windows/isapi/subdomains/ , but it requires:
Ability to update DNS records
IIS web server admin access
ISAPI_Rewrite component (for Solution 2)
In Windows Azure, if you simply don't assign any host headers to your web role (which is the default), the site will be configured to accept any host header.
You still need to configure wildcard DNS to point to your Azure instance, just as you would for a non-Azure solution.