The scope of this article is to show users how to integrate NoMachine browser-based connections to a previously configured Azure Host where Active Directory has already been set up. For instructions on how to install NoMachine software and run browser-based sessions, please refer to the appropriate product documentation from the support section here: https://www.nomachine.com/all-documents.
NoMachine web sessions are deployed by a component included in the server installation and named 'Web Player'. The Web Player components is shipped with any of the Enterprise range products.
Azure ActiveDirectory SSO Services are already properly configured.
NoMachine web player is installed on an Azure Host connected to Azure Active Directory Domain Services.
Web player ports (by default 4080 and 4443) are open on Azure Domain Host.
Ref. Microsoft Azure
Integrating NoMachine with Azure Active Directory SSO
To integrate NoMachine with Azure Active Directory SSO first login to Azure portal and enter Active Directory options. From there choose ‘Enterprise Applications’ & click.
Fig. 1 - Go to https://portal.azure.com
Creating a new application in Azure
From the Active Directory options panel in Azure, choose ‘Enterprise Applications’ and click ‘New Application’.
Fig. 2 - Open 'New Application' in Azure
Add the application in Azure
Choose ‘Non-gallery application’ enter the name and click ‘Add an application’.
Fig. 3 - Add the application in Azure
Configure the application in Azure
Azure will now move to the application configuration page from where single sign-on and password-based options can be selected.
Fig. 4 - Configure single sign-on and password-based authentication
Provide the NoMachine web player URL
Now provide the URL to the Web Player installed on a hosts in Azure Active Directory. By default the port for HTTPS connections is 4443, the format of the URL looks like: https://<IP_TO_HOST>:4443/nxwebplayer
Click ‘Save’ and than ‘Configure NoMachine Password Single Sign-on Settings’.
Select ‘Manually detect sign in-fields’ from the ‘Configure sign-on’ column and click on ‘Capture sign-in fields’.
Fig. 5 - Configure Azure for the web player
Log-in to NoMachine
If you didn't do it already, install the Microsoft Azure add-on on your browser. The browser will open two additional tabs. One of the two tabs should be the log-in form of NoMachine: insert your username and password and click ‘ok’ to log-in.
Fig. 6 - Log-in to NoMachine
Lastly, once logged in, click ‘Save’ in the ‘Capture Field’.
Fig. 7 - Save data in the Azure 'Capture Field'
Complete configuration in Azure
Now go back to the application sign on options page and choose to ‘Edit sign in field labels’ otherwise Microsoft add-on will treat them as 'PARAM1' and 'PARAM2'.
Fig. 8 - Complete Azure's configuration
Assign user rights for application deployment as per Azure guidelines. When complete, login to https://myapps.microsoft.com as a AD user with permissions to NoMachine application. The just configured NoMachine application should be available there.
First time the user will be prompted for username & password by Microsoft Azure add-on. Every time user logs in to Azure Active Directory Apps and chooses to use NoMachine, they will be automatically logged-in to NoMachine web session.
Fig. 10 - Select the NoMachine !M icon from your Azure Active Directory Apps
Fig. 11 - Sign in with your user credentials