Cum să configurezi serviciile Azure

Configurare noua (How To)

Situatie

Configurarea serviciilor Azure AD folosind managerul de configurare.

Servicii disponibile:

*Cloud Management. Acest serviciu permite site-ului si clientului sa se autentifice folosind Azure AD. Aceasta autentificare permite si alte scenarii cum ar fi:

*Log Analytic connector. Permite conectarea la  Azure Log Analytics. Sincronizeaza colectia de date cu Log Analytic.

*Microsoft Store for Business. Conectarea la Microsoft Store si descarcarea aplicatiilor pe care le poti ulterior da deploy folosint Configuration Manager.

Solutie

Pasi de urmat
Start the Azure Services wizard
  1. In the Configuration Manager console, go to the Administration workspace, expand Cloud Services, and select the Azure Services node.
  2. On the Home tab of the ribbon, in the Azure Services group, select Configure Azure Services.
  3. On the Azure Services page of the Azure Services Wizard:
    1. Specify a Name for the object in Configuration Manager.
    2. Specify an optional Description to help you identify the service.
    3. Select the Azure service that you want to connect with Configuration Manager.
  4. Select Next to continue to the Azure app properties page of the Azure Services Wizard.
Azure app properties

On the App page of the Azure Services Wizard, first select the Azure environment from the list. Refer to the table in Service details for which environment is currently available to the service.

The rest of the App page varies depending upon the specific service. Refer to the table in Service details for which type of app the service uses, and which action you can use.

  • If the app supports both import and creates actions, select Browse. This action opens the Server app dialog or the Client App dialog.
  • If the app only supports the import action, select Import. This action opens the Import Apps dialog (server) or the Import Apps dialog (client).

After you specify the apps on this page, select Next to continue to the Configuration or Discovery page of the Azure Services Wizard.

Web app

This app is the Azure AD type Web app / API, also referred to as a server app in Configuration Manager.

Server app dialog

When you select Browse for the Web app on the App page of the Azure Services Wizard, it opens the Server app dialog. It displays a list that shows the following properties of any existing web apps:

  • Tenant friendly name
  • App friendly name
  • Service Type

There are three actions you can take from the Server app dialog:

  • To reuse an existing web app, select it from the list.
  • Select Import to open the Import apps dialog.
  • Select Create to open the Create Server Application dialog.

After you select, import or create a web app, select OK to close the Server app dialog. This action returns to the App page of the Azure Services Wizard.

Import apps dialog (server)

When you select Import from the Server app dialog or the App page of the Azure Services Wizard, it opens the Import apps dialog. This page lets you enter information about an Azure AD web app that is already created in the Azure portal. It imports metadata about that web app into Configuration Manager. Specify the following information:

  • Azure AD Tenant Name: The name of your Azure AD tenant.
  • Azure AD Tenant ID: The GUID of your Azure AD tenant.
  • Application Name: A friendly name for the app, the display name in the app registration.
  • Client ID: The Application (client) ID value of the app registration. The format is a standard GUID.
  • Secret Key: You have to copy the secret key when you register the app in Azure AD.
  • Secret Key Expiry: Select a future date from the calendar.
  • App ID URI: This value needs to be unique in your Azure AD tenant. It’s in the access token used by the Configuration Manager client to request access to the service. The value is the Application ID URI of the app registration entry in the Azure AD portal. The format is similar to https://ConfigMgrService.

After entering the information, select Verify. Then select OK to close the Import apps dialog. This action returns to either the App page of the Azure Services Wizard, or the Server app dialog.

Create Server Application dialog

When you select Create from the Server app dialog, it opens the Create Server Application dialog. This page automates the creation of a web app in Azure AD. Specify the following information:

  • Application Name: A friendly name for the app.
  • HomePage URL: This value isn’t used by Configuration Manager, but required by Azure AD. By default this value is https://ConfigMgrService.
  • App ID URI: This value needs to be unique in your Azure AD tenant. It’s in the access token used by the Configuration Manager client to request access to the service. By default this value is https://ConfigMgrService.
  • Secret Key validity period: choose either 1 year or 2 years from the drop-down list. One year is the default value.

Select Sign in to authenticate to Azure as an administrative user. These credentials aren’t saved by Configuration Manager. This persona doesn’t require permissions in Configuration Manager, and doesn’t need to be the same account that runs the Azure Services Wizard. After successfully authenticating to Azure, the page shows the Azure AD Tenant Name for reference.

Select OK to create the web app in Azure AD and close the Create Server Application dialog. This action returns to the Server app dialog.

Client App dialog

When you select Browse for the Native Client app on the App page of the Azure Services Wizard, it opens the Client App dialog. It displays a list that shows the following properties of any existing native apps:

  • Tenant friendly name
  • App friendly name
  • Service Type

There are three actions you can take from the Client App dialog:

  • To reuse an existing native app, select it from the list.
  • Select Import to open the Import apps dialog.
  • Select Create to open the Create Client Application dialog.

After you select, import or create a native app, choose OK to close the Client App dialog. This action returns to the App page of the Azure Services Wizard.

Import apps dialog (client)

When you select Import from the Client App dialog, it opens the Import apps dialog. This page lets you enter information about an Azure AD native app that is already created in the Azure portal. It imports metadata about that native app into Configuration Manager. Specify the following information:

  • Application Name: A friendly name for the app.
  • Client ID: The Application (client) ID value of the app registration. The format is a standard GUID.

After entering the information, select Verify. Then select OK to close the Import apps dialog. This action returns to the Client App dialog.

Create Client Application dialog

When you select Create from the Client App dialog, it opens the Create Client Application dialog. This page automates the creation of a native app in Azure AD. Specify the following information:

  • Application Name: A friendly name for the app.
  • Reply URL: This value isn’t used by Configuration Manager, but required by Azure AD. By default this value is https://ConfigMgrService.

Select Sign in to authenticate to Azure as an administrative user. These credentials aren’t saved by Configuration Manager. This persona doesn’t require permissions in Configuration Manager, and doesn’t need to be the same account that runs the Azure Services Wizard. After successfully authenticating to Azure, the page shows the Azure AD Tenant Name for reference.

Select OK to create the native app in Azure AD and close the Create Client Application dialog. This action returns to the Client App dialog.

Configuration or Discovery

After specifying the web and native apps on the Apps page, the Azure Services Wizard proceeds to either a Configuration or Discovery page, depending upon the service to which you’re connecting. The details of this page vary from service to service. For more information, see one of the following articles:

Finally, complete the Azure Services Wizard through the Summary, Progress, and Completion pages. You’ve completed the configuration of an Azure service in Configuration Manager. Repeat this process to configure other Azure services.

Update application settings

To allow your Configuration Manager clients to request an Azure AD device token and to enable the Reading directory data permissions, you need to update the web server application settings.

Update Application Settings

  1. In the Configuration Manager console, go to the Administration workspace, expand Cloud Services, and select the Azure Active Directory Tenants node.
  2. Select the Azure AD tenant for the application you want to update.
  3. In the Applications section, select your Azure AD web server application, then select Update Application Settings from the ribbon.
  4. When prompted for confirmation, select Yes to confirm you want to update the application with the latest settings.

Tip solutie

Permanent

Impact colateral

For more detailed information, see Azure AD authentication workflow.

Voteaza

(14 din 34 persoane apreciaza acest articol)

Despre Autor

Leave A Comment?