Azure RemoteApp – Hybrid deployment

Difficulty Level:    

I started to introduce Azure RemoteApp to my customers a year ago, it’s very interested topic. Some of them informed me they launched projects to move their desktop applications to Cloud using Azure RemoteApp solution. Discussing with my customers, I understand Azure RemoteApp is great from technical and business perspectives, but it’s new and having a lot of challenges we need to deal with such as

  • How to standardize, simplify and automate deploying any application?
  • How to optimize upgrading, patching process with minimum downtime?
  • How to manage users, user groups easier and more effective?
  • How to integrate Azure RemoteApp with existing AD, DNS, Network?

I will work hard to resolve all the questions, and in this post I would like to introduce you how to integrate Azure RemoteApp with existing AD, DNS and Network. Let’s start with real situation first.

  • Azure now provide ARM (Azure Resource Management) mode, it’s better for resources grouping, tagging and managing. But Azure RemoteApp just be supported in ASM (Azure Service Management) mode.
  • Azure Active Directory is centralized identity system to manage access accounts to Azure RemoteApp collections, in case we want to use similar credential with on-premises applications Azure AD doesn’t support by default.
  • Azure RemoteApp collections are accessed from internet, and if integration from them to other application layers (such as application layer or database layer) we need to expose directed connection from these layer to internet, it’s unsecured solution.
  • Some application truly required Windows authentication/ authorization and this requirement cannot handled by standalone Azure AD.

How to handle these challenges? Is it easy? No it’s not easy stuff but doable and possible. Let’s discuss about concept now.

So quite good now, right? All the concerns will be handled. The follow diagram represent the high-level design for my PoC.

 

hybrid-design-model

You know all the step accept deploying a new Azure RemoteApp collection into VNet right? Let’s start with missing piece, you’ll surprise because it cannot be easier.

Click on New –> App Services –> RemoteApp –> Create with VNet then choose Virtual Network and Subnet you want to deploy your app collection into. Please make sure Join Local Domain is checked.

create-new-collection

In the new app collection dashboard, you can find quick guide to finish configuration.

four major step

Before starting with first step, please access to your Domain Controller, create new Organization Unit (my case is RemoteApp) and RemoteApp service account under new OU (my case is remoteapp@sonnn2.com). The follow image show you simplest way to configure local domain.

join domain

In the second step, I link app collection with a template image by selecting a Virtual machine image (for more detailed guideline please refer to Azure RemoteApp – Bring Java app to RemoteApp).

select virtual machine image

The process can take hours then you can publish and use your app with your on-premises local account.

Son Nguyen

Son Nguyen

Son Nguyen is a Cloud Consultant working for FPT Software’s Cloud Innovation team. With deep knowledge in AWS and MS Azure, Son acts as a cloud consultant in various areas, ranging from assessment to architecture design, supporting customers from Japan, EU to US.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *

*