Recent Searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            How to enable Windows Authentication / Azure Authentication

            Modified on Mon, 25 Mar 2024 at 05:19 PM

            How to enable Windows Authentication

             

            Allow Client Login

            • ManagementStudio automatically authenticates the user logging in with the domain that the service account is a member of.
            • No additional configuration is required for login.


            Create Accounts / Sync Roles

            • Create an Azure AD Connector (or use an existing one)
            • Go to: Administration\Role Groups
              • Add the name of the Azure Group to read Users to the ‘Az Group’ field.
                • Optionally prefix the group name with “[Azure Conn Name]\[Azure Group Name]”
                • Multiple Group names can be entered but separating them with a ;
                • Optionally tick ‘AD User Source’ to Create accounts in MS  from the AD/Az Group members


            Allow Portal Login

            • Add the Server Role:
              • Web Server (IIS)\Web Server\Security\Windows Authentication
              • Enable WindowsAuth in the appSettings.json
            • Configure Authentication in IIS
              • Anonymous Authentication: Enabled
              • Windows Authentication: Enabled
              • All others present: Disabled

             


            How to enable Azure Authentication


            Azure Application

            • Create an Azure AD Connector (or use an existing one)
            • Required API Permissions (Application Permission)
              • GroupMember.Read.All
              • User.ReadBasic.All
            • Configure  either a Client Secret or Certificate to use for authentication


            Allow Client Login

            • Go to: Administration\Global Settings
              • Enter the Tenant ID / Client ID of the Azure App to authenticate the User with
              • Enter either a Client Secret or Certificate to use to authenticate with the Azure App
            • Update the Azure Application Configuration


            Create Accounts / Sync Roles

            • Go to: Administration\Role Groups
              • Add the name of the Azure Group to read Users to the ‘Az Group’ field.
              • Optionally prefix the group name with “[Azure Conn Name]\[Azure Group Name]”
              • Multiple Group names can be entered but separating them with a ;
              • Optionally tick ‘AD User Source’ to Create accounts in MS  from the AD/Az Group members

            Allow Portal Login

            • Go to: Administration\Global Settings
            • Enter the Tenant ID / Client ID of the Azure App to authenticate the User with
            • Update the Azure Application
              • Go to Authentication
              • Add a platform, select 'Web'
              • Check the box for 'https://[ManagementStudioUrl]/signin-oidc'
                • Note the url must be HTTPS
              • Tick the option 'ID tokens (used for implicit and hybrid flows)'
              • Save configuration




            Further Support

            If you require further support, please visit ManagementStudio's Service Desk to search the knowledge base or create a new support ticket.

            Preview
            0 of 0