Is it possible to access an on-premises AD instance from an Azure-hosted app?
Question
I am currently maintaining a web application hosted on a server within the building, and it uses data retrieved from the Active Directory domain on the network.
The app uses libraries such as System.DirectoryServices.AccountManagement to access AD, and it works great.
However, we also have an Azure instance with AAD which syncs with the on-prem AD, and so eventually we want to move this application to an Azure app service.
However, the domain AD is not visible after publishing the app to Azure. Is there a way to connect to this using the "classic" C# AD libraries? Or does the entire app need to be rewritten to use AAD/MS Graph API?
The 2 main reasons why I want to achieve this:
- Currently the app employs some AD calls/functions which have not been implemented in the Graph API
- It would be easier if we didn't have to re-write the entire app just to change hosts
Please let me know if I can provide any other details which might be useful.
1 answers
solution1
0 2018-05-04 14:13:56
the domain AD is not visible after publishing the app to Azure
Sounds like a firewall issue. I assume you're getting "The server is not operational" type of errors? You'll have to ask your network folks to open up the way for your domain to be accessible from Azure.
These are the TCP ports that AD uses. Some or all will need to be allowed, depending on what you need:
- LDAP: 389
- LDAPS (SSL): 636
- Global Catalog: 3268
- GC over SSL: 3269
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.