0 votes

Hi

We have Adaxes available through Azure app proxy as we have external support for some of our companies and these people don't have VPN available to them. The security team want to have MFA enabled for Adaxes login, but I've already found that enabling this on the Common Sign-In page breaks access for the external staff as when login is complete, the URL used is the internal one which they can't use.

The only other option I can think of is to force all staff to use the Azure link for Adaxes as app proxy uses MFA. If I were to do this, can I change the Web Interface Address to the Azure link? Will this break anything?

Thanks

Matt

by (1.1k points)

1 Answer

0 votes
by (220k points)

Hello Matt,

I've already found that enabling this on the Common Sign-In page breaks access for the external staff as when login is complete, the URL used is the internal one which they can't use.

It looks like you have all Web interfaces using sign in settings of the Common Sign In page. It means that when you change settings for the page (e.g. enable MFA) the same applies to all Web interfaces. As a solution, you can do the following:

  • Enable using custom settings for specific Web interfaces. image.png

  • Enable MFA for the Common Sign In page again. It will apply to the page itself and all the Web interfaces that use the same sign in settings.

For details, have a look at the following tutorial: https://www.adaxes.com/tutorials_WebInterfaceCustomization_CustomizeSignInPageAndLogonNameOptions.htm.

If I were to do this, can I change the Web Interface Address to the Azure link?

Unfortunately, there is no possibility to change the URL of Adaxes Web interface. The only thing you can do about it is configure redirects and/or URL rewrite rules, but we are not aware is that is possible for the Azure URLs.

0

Thanks for the quick response, and you are right about the common signin.

For the Web Interface Address, I meant in here for the email URL's Adaxes CWA.png

0

Hello Matt,

Thank you for clarifying. The setting you are referencing does not influence the actual URLs for accessing Web interfaces. It is used to specify the Web interface URL that will be used to embed links to directory objects into exported report documents, approval request notifications, etc. If you change the URL to something different from Adaxes Web interface one, the embedded links will simply stop working.

Related questions

0 votes
1 answer

I am evaluating Adaxes. I noticed that the web interface does not allow modification of the External Email Address (ms-Exch-Target-Address). What would someone do if they needed to change the Target Address?

asked Aug 6, 2020 by ComputerHabit (790 points)
0 votes
1 answer

Our Adaxes Microsoft 365 Tenant was created before we copmpleted the "app registration" in Azure. Which means that in the instructions for "Register Adaxes as an app in ... M365 tenant, would that affect any of our custom commands that we have created?

asked Feb 17 by Tfarmer (80 points)
0 votes
1 answer

I would like to change department without a script just yet if possible on multiple accounts. If I cant do this then I will entertain custom script Thanks :)

asked Nov 23, 2021 by will17 (330 points)
0 votes
1 answer

We have some accounts that we would like to prevent from changing their password on login when it is expired. This is because we have saml setup on individual interface pages ... of a loophole for us as we require dual factor and use saml to accomplish this.

asked Oct 26, 2021 by mark.it.admin (1.8k points)
0 votes
0 answers

We would like users to be able to add their mobile number and carrier information from within the web console. Preferably, they would enter their mobile number in a ... ". This address would then be written to an extensionAttribute field in Active Directory.

asked Mar 2, 2016 by Kikaida (1.1k points)
2,733 questions
2,470 answers
6,460 comments
1,339,823 users