Windows Azure Active Directory step-by-step, How to set-up Azure Active Directory, Identity Management in Azure, Access Management with Azure Active Directory
2. Go to your azure portal and sign in with your Azure subscription
• As of now , Azure Active Directory is not migrated to the new portal
of cloud along with full features. So here , we are going to open Azure
Classic Portal.
http://manage.windowsazure.com
• And sign-in with your Azure Subscription.
10. So here you can see new user is created inside Azure Active Directory.
11. • Now , open new chrome instance in incognito mode and sign in to Azure portal
with the newly created user.
• Here,as the user account we have created is backed by the Azure we will be able
to login to the azure portal and would be allowed to reset password but that user
is not having any azure subscription so can’t perform anything.
• So go to azure.com and click on portals.
• Give the details and reset the password.
12. I open new chrome window in incognito mode and provide our Azure AD user and
temporary generated password.
14. We would be able to reset password successfully but as we know for our Azure AD
user we are not having Azure subscription.
15. • Now, we will create our new Web Application and will provide
authentication to that application.
• We will write a code in such a way that we can Sign In to our Web
Application using Azure AD.
16. Open VS 2015 / VS 2013 select New ASP.NET Web Applicaiton
17. Divide the process in the 5 steps
Create MVC
Web
Application
01
Adding
Authentication
Logic
02
Adding Sign in
and Sign out
Functionality
03
Registering
your start-up
class
04
Registering
your app in
Azure
05
20. Once application is created select your application name and go to properties, set
SSL to true and copy the SSL url. This would be our application url.
21. Right Click on your Application NameGo to Propertiesselect Web category
Replace your project url with the SSL url.
22. Now open your web.config file and add below mentioned code
23. • Here , we defined four keys:
• CliendID : that we will get once we register our app with Azure AD
• AADInstance [Azure AD Instance] : That would be always
https://login.microsoftonline.com/{0} , {0} is the country code . Only for China
it is 1.
• Tenant : our Azure AD domain name , which we have created for our user
• PostLogoutRedirectUri : SSL url to run our web application.
24. Now , open package manager console and install following packages
Install Install-Package Microsoft.Owin.Host.SystemWeb
Install Install-Package Microsoft.Owin.Security.Cookies
Install Install-Package Microsoft.Owin.Security.OpenIdConnect
Install Install-Package System.IdentityModel.Tokens.Jwt -Version 4.0.2.20622135 , use nugget package manger to update it to specif
version
Install Install-Package Microsoft.IdentityModel.Protocol.Extensions
26. System.IdentityModel.Tokens.Jwt
• Includes types that provide
support for creating, serializing
and validating JWT tokens.
• Install it using nuget package
manager and update it to
version 4.02….
30. Once all mentioned packages are installed then right click on App_Start folder and
add new class named StartUp.cs
31. Import below mentioned namespaces in the StartUp.cs file
• using Owin;
• using Microsoft.Owin;
• using Microsoft.Owin.Security.Cookies;
• using Microsoft.Owin.Security.OpenIdConnect;
• using System.Threading.Tasks;
• using System.Globalization;
• using System.Configuration;
• using Microsoft.Owin.Security;
43. Now , we will register our web application with Azure and get the Client Id and place
it in the web.config file
44. Go to your Active Directory and click on Applications
45. Once you are inside Applications tab click on Add.
46.
47. You can give any name, I prefer my webapp name from VS project.
48. Provide Sign-On Url which is our SSL Url and APP ID URI which is
https://domainname/appname
49. Once the app is added go inside the app and click on Configure tab.
50. From the configure section copy Client Id and place it into your web.config
51.
52. • Build the application and run it in some another browser , not in the
same browser where your Azure subscription is open or log out from
the Azure subscription and run it.
53. You can see Application is running on the SSL url and if your try to click on Home it
will not allow you to navigate.
Click on SignIn link.
54. You can see you are redirected to Microsoft’s Azure AD SignIn page and it shows
your web application name which you have registered with your Azure AD.
55.
56. You can see we are signedin to our web application which is running on our on-prem
environment with an Azure AD user.