Publish offline 365 ADFs Internet access through TMG

Last Update:2015-03-03 Source: Internet

Author: User

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

Publish the ADFs service of office365 through TMG

We have introduced the configuration of joint authentication for office365, synchronous filtering of Active Directory, and role assignment. Today we will mainly introduce how to publish the ADFs service of office365 to the Internet through TMG, in this way, you can use the local active directort user to verify and manage the office365 portal page. There are two ways to release the SDK: 1. directly publish the corresponding ports of the ADFs Service (80, 443 ). 2. port 80 and port 443 of the ADFs Proxy Server are released. The second method is recommended by Microsoft, which is recommended at the security level. Today, we will introduce the first method to directly release ports 80 and 443 of the ADFs service of office365 through TMG;

We have introduced the installation and configuration of the ADFs proxy server in the previous article:

Http://gaowenlong.blog.51cto.com/451336/1605502

First, check that the internal address of the server of the ADFs service is 10.10.1.10.

650) This. width = 650; "Title =" clip_image002 "style =" border-top: 0px; border-Right: 0px; Background-image: none; border-bottom: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; border-left: 0px; padding-Right: 0px; "Border =" 0 "alt =" clip_image002 "src =" http://s3.51cto.com/wyfs02/M02/5A/13/wKiom1T1ba_h9TT3AAFnvIdaV4o080.jpg "Height =" 325 "/>

Then we need to publish ports 80 and 443 of ADFs to the Internet through TMG;

Open the TMG console-firewall policy-New-non-Web Server Protocol publishing rules

650) This. width = 650; "Title =" clip_image004 "style =" border-top: 0px; border-Right: 0px; Background-image: none; border-bottom: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; border-left: 0px; padding-Right: 0px; "Border =" 0 "alt =" clip_image004 "src =" http://s3.51cto.com/wyfs02/M00/5A/13/wKiom1T1ba-zu967AAHfGlBptYk248.jpg "Height =" 417 "/>

Release name ---- publish ADFs prot

650) This. width = 650; "Title =" clip_image006 "style =" border-top: 0px; border-Right: 0px; Background-image: none; border-bottom: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; border-left: 0px; padding-Right: 0px; "Border =" 0 "alt =" clip_image006 "src =" http://s3.51cto.com/wyfs02/M01/5A/13/wKiom1T1ba-iVgb6AAGU53Q1N-g357.jpg "Height =" 411 "/>

Internal Server address of ADFs service of office365: 10.10.1.10

650) This. width = 650; "Title =" clip_image008 "style =" border-top: 0px; border-Right: 0px; Background-image: none; border-bottom: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; border-left: 0px; padding-Right: 0px; "Border =" 0 "alt =" clip_image008 "src =" http://s3.51cto.com/wyfs02/M02/5A/13/wKiom1T1bbDxJyZqAAFf9MA7plo434.jpg "Height =" 423 "/>

Protocol type ---- select new

650) This. width = 650; "Title =" clip_image010 "style =" border-top: 0px; border-Right: 0px; Background-image: none; border-bottom: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; border-left: 0px; padding-Right: 0px; "Border =" 0 "alt =" clip_image010 "src =" http://s3.51cto.com/wyfs02/M00/5A/13/wKiom1T1bbDi5E_xAAFX8qbSZqg216.jpg "Height =" 413 "/>

After the protocol name is defined, choose create port ---- select protocol type --- TCP ----- select direction --- inbound ---- Select Port ---- 80, 443

650) This. width = 650; "Title =" clip_image012 "style =" border-top: 0px; border-Right: 0px; Background-image: none; border-bottom: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; border-left: 0px; padding-Right: 0px; "Border =" 0 "alt =" clip_image012 "src =" http://s3.51cto.com/wyfs02/M01/5A/0F/wKioL1T1bsOQHs4RAAFsbdyxAbk519.jpg "Height =" 431 "/>

Select TCP ---- inbound --- 443

650) This. width = 650; "Title =" clip_image014 "style =" border-top: 0px; border-Right: 0px; Background-image: none; border-bottom: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; border-left: 0px; padding-Right: 0px; "Border =" 0 "alt =" clip_image014 "src =" http://s3.51cto.com/wyfs02/M01/5A/0F/wKioL1T1bsOyy-wZAAFdOdo49Rw362.jpg "Height =" 419 "/>

Then the external address interface can be used.

650) This. width = 650; "Title =" clip_image016 "style =" border-top: 0px; border-Right: 0px; Background-image: none; border-bottom: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; border-left: 0px; padding-Right: 0px; "Border =" 0 "alt =" clip_image016 "src =" http://s3.51cto.com/wyfs02/M02/5A/13/wKiom1T1bbCjwH0SAAG5o2OzcWc278.jpg "Height =" 419 "/>

We have released two rules for the ADFs service of office365. In fact, only the corresponding port of HTTPS can be published;

650) This. width = 650; "Title =" clip_image018 "style =" border-top: 0px; border-Right: 0px; Background-image: none; border-bottom: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; border-left: 0px; padding-Right: 0px; "Border =" 0 "alt =" clip_image018 "src =" http://s3.51cto.com/wyfs02/M01/5A/13/wKiom1T1bbGyE_syAAGsAFzkw-A256.jpg "Height =" 423 "/>

After the release, we also need to add domain name resolution records (for External Resolution access) in the iternalsoft.com domain)

Adfs.iternalsoft.com directs to the IP address published on the Internet.

650) This. width = 650; "Title =" clip_image020 "style =" border-top: 0px; border-Right: 0px; Background-image: none; border-bottom: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; border-left: 0px; padding-Right: 0px; "Border =" 0 "alt =" clip_image020 "src =" http://s3.51cto.com/wyfs02/M01/5A/0F/wKioL1T1bsORW87HAACCchoQkds316.jpg "Height =" 165 "/>

Then we test the resolution on the Internet and return the correct resolution address.

650) This. width = 650; "Title =" clip_image022 "style =" border-top: 0px; border-Right: 0px; Background-image: none; border-bottom: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; border-left: 0px; padding-Right: 0px; "Border =" 0 "alt =" clip_image022 "src =" http://s3.51cto.com/wyfs02/M02/5A/0F/wKioL1T1bsSQmkMyAACrV2Qawwk584.jpg "Height =" 242 "/>

For more confirmation, We can telnet ports 80 and 443 of adfs.iternalsoft.com

650) This. width = 650; "Title =" clip_image024 "style =" border-top: 0px; border-Right: 0px; Background-image: none; border-bottom: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; border-left: 0px; padding-Right: 0px; "Border =" 0 "alt =" clip_image024 "src =" http://s3.51cto.com/wyfs02/M00/5A/0F/wKioL1T1bsSCm2EPAAC5wwR3GOM698.jpg "Height =" 377 "/>

Test access on the Internet

650) This. width = 650; "Title =" clip_image026 "style =" border-top: 0px; border-Right: 0px; Background-image: none; border-bottom: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; border-left: 0px; padding-Right: 0px; "Border =" 0 "alt =" clip_image026 "src =" http://s3.51cto.com/wyfs02/M01/5A/0F/wKioL1T1bsSS5PTRAAEyirfhTUU439.jpg "Height =" 268 "/>

Redirection

650) This. width = 650; "Title =" clip_image028 "style =" border-top: 0px; border-Right: 0px; Background-image: none; border-bottom: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; border-left: 0px; padding-Right: 0px; "Border =" 0 "alt =" clip_image028 "src =" http://s3.51cto.com/wyfs02/M02/5A/10/wKioL1T1bsTgOm7gAAEQP6Dj-0o911.jpg "Height =" 253 "/>

Prompt certificate untrusted --- click Continue to access

650) This. width = 650; "Title =" clip_image030 "style =" border-top: 0px; border-Right: 0px; Background-image: none; border-bottom: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; border-left: 0px; padding-Right: 0px; "Border =" 0 "alt =" clip_image030 "src =" http://s3.51cto.com/wyfs02/M02/5A/13/wKiom1T1bbGj8B8cAADUiMJgvEE637.jpg "Height =" 232 "/>

Enter a valid user and password-log on

650) This. width = 650; "Title =" clip_image032 "style =" border-top: 0px; border-Right: 0px; Background-image: none; border-bottom: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; border-left: 0px; padding-Right: 0px; "Border =" 0 "alt =" clip_image032 "src =" http://s3.51cto.com/wyfs02/M02/5A/13/wKiom1T1bbHQ2NFPAAC06RVSCYM189.jpg "Height =" 274 "/>

Logon successful

650) This. width = 650; "Title =" clip_image034 "style =" border-top: 0px; border-Right: 0px; Background-image: none; border-bottom: 0px; padding-top: 0px; padding-left: 0px; border-left: 0px; padding-Right: 0px; "Border =" 0 "alt =" clip_image034 "src =" http://s3.51cto.com/wyfs02/M01/5A/10/wKioL1T1bsTgz_KOAACnvZO6ieE806.jpg "Height =" 307 "/>

This article is from the "Gao Wenlong" blog and will not be reproduced!

Publish offline 365 ADFs Internet access through TMG

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More

Publish offline 365 ADFs Internet access through TMG

Contact Us

What's Trending

Top 10 Tags

Top 10 Keywords

A Free Trial That Lets You Build Big!

Sales Support

After-Sales Support

Publish offline 365 ADFs Internet access through TMG

Contact Us

What's Trending

Top 10 Tags

Top 10 Keywords

Trending Topic

A Free Trial That Lets You Build Big!

Sales Support

After-Sales Support