question

SzabolcsNyiredi-0112 avatar image
0 Votes"
SzabolcsNyiredi-0112 asked SzabolcsNyiredi-0112 commented

SharePoint 2016 Published via Azure AD Application Proxy - blocked content because insecure sing-in method

Our SharePoint is using Azure AD as an Authentication provider. It was implemented based on this article - https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/sharepoint-on-premises-tutorial
We have published our SharePoint via Application Proxy -> config was done based on this article https://docs.microsoft.com/en-us/azure/active-directory/app-proxy/application-proxy-integrate-with-sharepoint-server-saml

Login is working fine and SharePoint is available as expected.

Trouble:
If we try to open an excel file from the SharePoint site, we get the following error message(sign-in method insecure):
169465-image.png


If I click on OK -> nothing happens
I i clock on Open Trust Center -> Following is displayed
169395-image.png

There is now way to add a host or URL as a trusted location list.
This is happening on a brand new windows 10 and office 365 installation.


We would like to publish this webapplication to external users like customers or partners. So the client machines are not under our controll.

One workaround is to set a registry key, but it does not seems to be a real life solution: https://admx.help/?Category=Office2016&Policy=office16.Office.Microsoft.Policies.Windows::L_AuthenticationFBABehavior

This article explains the root casue, but we use AAD as an auth provider and we do not enabled Form Based Auth on our WebApplication: https://windowsmanagementexperts.com/did-you-know-there-is-an-updated-feature-restricting-form-based-authentication-in-office-apps

Any help is apriciated.

office-sharepoint-server-administrationoffice-sharepoint-server-itproazure-ad-app-registrationazure-ad-application-proxy
image.png (5.2 KiB)
image.png (8.0 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

ElsieLu-MSFT avatar image
0 Votes"
ElsieLu-MSFT answered SzabolcsNyiredi-0112 commented

Hi @SzabolcsNyiredi-0112 , welcome to Q&A forum!

Forms-based authentication provides custom identity management in SharePoint by implementing a membership provider, which defines interfaces for identifying and authenticating individual users, and a role manager, which defines interfaces for grouping individual users into logical groups or roles.

If you want to configure FBA, you could refer to these blogs for more information:
SharePoint 2016 - Forms Based Authentication - Part One
SharePoint 2016 - Forms Based Authentication - Part Two

Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.


If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

We would like to Publish the on-Prem SharePoint over the Azure Application proxy and use the MFA Feature and accounts from the Azure AD.
Implementation is already done and working fine. We have only trouble with the office files like Excel - see above.

0 Votes 0 ·