Skip to content

Deploy to Azure

Jump to bottom
Roger Zander edited this page May 23, 2020 · 17 revisions

Deploy latest DevCDR Server to Azure

Requirements

  • Azure "Web App" F1 (Free) or higher (app will be created during deployment)
  • Azure AD (Free or higher)

Step1 Deploy to Azure

To deploy DevCDR from the GitHub repository to your Azure Subscription, just click the following button:

A Web Site will pop up where you have to enter the Site Name, Service Plan etc.

Note: Sku F1 = Free, all other sku will generate Costs !!!

After a short verification, you are ready to deploy DevCDR Server

it will generate the deployment based on the latest source from https://github.com/rzander/DevCDR/tree/ServerCore21. This step may take a few minutes... Done, you have now an own instance of Device-Commander.

Step2 Azure AD Authentication

Initially, DevCDR does not require authentication as the Environment Variable ASPNETCORE_ENVIRONMENT is set to Development

As a first step, you have to copy the Application URL as we need this URL in the next step:

Create Azure AD App registration

The Device Commander Web-Frontend will use an Azure AD App to authorize Azure AD Users. In Azure Active Directory create a new application registration:

The Sign-on URL must be set to the copied Application URL followed by /signin-oid

Copy the ApplicationID from the new Application as we need the ID later...

In the Authentication Settings of the App, enable Implicitoy grant "ID tokens": ID-Token

Users also reported that they had to enable "oauth2AllowImplicitFlow": true in the Manifest File of the Azure Application...

Authorize Users

In Azure Active Directory Enterprise Application, open the generated application and assign users (or if you have premium Azure AD also Groups) to the Application. These Users will be able to logon on the Device-Commander Portal.

verify that a user assignment is required on the users should not see the application:

Enable Authentication

Back in the Web Application, open Application settings and you will see some Variables. Click on "Show Values" to get the Values of the Variables. You can delete (or rename the value) ASPNETCORE_ENVIRONMENT as this Variable prevents authentication. Paste your ApplicationID from the previous step in the Value of the Variable AzureAD__ClientId and change AzureAD__Domain with your Azure AD Domain Name

Done

If you open the Device-Commander Frontend, you have to logon with your AzureAD Account(s) to get access to the Devices Page.

Note: Do not enable Authentication on the Web App itself as the DevCDR Agents will no longer be able to communicate with the Server.

Clone this wiki locally