Share via


Azure AD Troubleshooting: AAD Application Proxy connector fails to install

This is one of the Quick things you can check when the Azure App Proxy connector fails to install.

Background

Consider a Situation when you are logged on to a Windows Server which is a Part of a Domain and your Domain is Federated with Azure AD. While installing the wizard fails.

Now in this case one of the main reason of installation failure is the Authorization Failure.

Explanation

Here is the explanation why:

The Default configuration if ADFS is Integrated Authentication for internal and FBA for external users. When you try to install the Connector it check if you are a Global Admin or not. In this case since the domain is federated the user Authentication Request will be forwarded to the ADFS Server which is internal and it will do a Integrated Auth and the User might not be Authorized as a Global Admin. As a result the Installation will fail.

Steps

Here's how to fix it:

  • One of the Best way is to provide the credentials of your global admin in the form of user@domain.onmicrosoft.com.
  • The second reason could be that you are logged on as a non Admin user and since the ADFS is doing the integrated Auth it fails to authorized you as a Admin. In this situation logon as a Local Admin and install the connector.