Website under construction



Download 13,37 Mb.
Pdf ko'rish
bet70/131
Sana27.03.2022
Hajmi13,37 Mb.
#512480
1   ...   66   67   68   69   70   71   72   73   ...   131
Bog'liq
9780735697744 Introducing Windows Server 2016 pdf

Figure 2-77:
Published web applications 
In this case, we are assuming that this is a split DNS configuration and that internal and external DNS 
resolve the name mail.contoso.com to different IP addresses, depending on the user’s location. Thus, 
the External URL value and Backend Server URL value are the same, but they could be different, as 
we’ll show later. So, when a user who is on the internal Contoso network goes to 
https://mail.contoso.com/owa, authentication takes place by using Windows Integrated 
Authentication. This requires that the URLs for mail.contoso.com and adfs.contoso.com are defined in 
the Trusted Zone for Local Intranet in Internet Explorer. If that is done, the user should be able to 
connect to his mailbox and not be prompted for authentication at all. 
On the other hand, a user connecting from outside the corporate network is presented with a form-
based authentication webpage, such as that shown in Figure 2-78, and is required to provide sign-in 
credentials. 
Figure 2-78:
A form-based authentication page 
However, one very important service used extensively in nearly every organization is missing—
Microsoft Server ActiveSync. You could define a relying party trust for ActiveSync and set it up for 
pass-through authentication; this is what you would have done in Windows Server 2012 R2 Web 
Application Proxy. But, as noted earlier in this chapter, Web Application Proxy in Windows Server 2016 
now supports the use of HTTP Basic clients for services such as ActiveSync that don’t support 
redirection and that use HTTP Basic to authenticate users. 
HTTP Basic is the authorization method used by many protocols, including ActiveSync, to connect rich 
clients, including smartphones, with an Exchange mailbox. (For more information on HTTP Basic, see 
RFC 2617 at 
http://www.ietf.org/rfc/rfc2617.txt
.) Web Application Proxy traditionally interacts with AD 
FS using redirections, which is not supported on ActiveSync clients. Publishing an app by using HTTP 
Basic provides support for ActiveSync clients in Web Application Proxy by making it possible for the 
HTTP app to receive a nonclaims relying party trust for the application to AD FS. 


78 
CHAPTER 2 | Software-defined datacenter 
The authentication flow for clients that use HTTP Basic is described in the following steps: 

Download 13,37 Mb.

Do'stlaringiz bilan baham:
1   ...   66   67   68   69   70   71   72   73   ...   131




Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling

kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha


yuklab olish