Forum Discussion
Solved
AAD Users from main subscription can't login to the application after failing over the VMs
Hi Azure Folks! AAD users from main subscription can't login to the application after failing over the VMs to another region (via ASR). I'm working on a DR solution for an in-house developed ...
- I have managed to sort this out by simply resolving the domain name (app1.domain.net) locally as this will be only accessed by a small group of people after the failover.
Short term solution:
1. Add a host file entry in the DR Web server to resolve the app1.domain.net with the Web server IP itself.
2. Modify the IIS bindings to match the same.
This way, it simply used the existing Azure AD enterprise app registration.
Long term solution:
1. Register a new domain and configure DNS to have a dedicated DR experience (i.e. app1-dr.domain.net)
2. Configure IIS bindings to match the above
3. Register a new AAD Enterprise App to match the above and that will serve the Identity/Auth Integration.
Hope this will be useful for someone out there. Cheers!
Hi,
First Question would be: How is the Authentication done for that App, via AD or AAD?
If AAD, how did you grant access to the Users from Tenant A for the Application in Tenant B?
Do you use App Registrations?
Do you use Conditional Access?
Kind Regards,
Peter
First Question would be: How is the Authentication done for that App, via AD or AAD?
If AAD, how did you grant access to the Users from Tenant A for the Application in Tenant B?
Do you use App Registrations?
Do you use Conditional Access?
Kind Regards,
Peter
- Thanks for your prompt response Peter_Beckendorf !
I have posted an update above on how I dealt with it.
Cheers!