Set HomePage for Azure AD Application Proxy applications

I want to address the situation when you would like to publish a web service, but the endpoint isn’t at the top level of the web site or the endpoint you publish uses sources from other subsites at the same, but different level as your endpoint.

So if you try to publish the endpoint, the users will land on the right page, but because images or other form of sources are in neighbor site it isn’t available to the endpoint. If the endpoint is missing images, the graphical rendering might be giving a useless endpoint.

What Microsoft responded with, is the ability to set a subsite as the HomePage for the published application, making the Application Proxy able to read from the top level web site and down to all sub sites, while it is only displaying the subsite set to the HomePage for this Application.

Even if it’s been out for a year, there is still no Web GUI to control this simple behavior, so here are the up to date Powershell commands.

Remember to install the latest version of the AzureAD PowerShell module: Install-Module AzureAD

Get-AzureADApplication | Select-Object DisplayName,ObjectId
#Copy Paste the ObjectId to be modified.

$appnew = New-Object “Microsoft.Open.AzureAD.Model.Application”

#Get the new HomePage
$appnew.Homepage = “https://myapplicaton-itiscloudy.msappproxy.net/toplevel/subsite1/"

#Paste in the ObjectID to set the new HomePage
Set-AzureADApplication -ObjectId a5a8d068-df89-47c6-a2eb-041ae9c5960b -Homepage $appnew.Homepage

Also, here is a nice diagram to explain the flow when enabling kerberos delegation:

NetworkDiagram

 

Source for diagram.


Leave a Reply

Ehlo!

I am Roy Apalnes, a Microsoft Cloud Evangelist working av Sopra Steria. Main focus in Microsoft Security and Endpoint Management, with a bigger picture in mind.

Featured Posts