Azure-Samples/azure-mfa-nps-extension-health-check

Current test don't account for proxy configuration

WAftring opened this issue · 1 comments

WAftring commented

The current implementation doesn't account for proxy configuration.

When doing the following tests:

$TCPLogin = (RunPSScript -PSScript "Test-NetConnection -ComputerName  login.microsoftonline.com -Port 443").TcpTestSucceeded
$DNSLogin = (RunPSScript -PSScript "Test-NetConnection -ComputerName  login.microsoftonline.com -Port 443").NameResolutionSucceeded

########################################################################
$TCPAdnotification = (RunPSScript -PSScript "Test-NetConnection -ComputerName adnotifications.windowsazure.com -Port 443").TcpTestSucceeded
$DNSADNotification = (RunPSScript -PSScript "Test-NetConnection -ComputerName adnotifications.windowsazure.com -Port 443").NameResolutionSucceeded

The will report a false negative during the checks for if the URL's can be accessed if the user has a proxy configured and intends that traffic to go through the proxy.

An alternative to this would be to include an Invoke-WebRequest which will leverage the configured wininet proxy configuration allowing for a more accurate connectivity test.

Justinha commented

@WAftring sorry for delay. I think recent merges have fixed this. If not, please kindly submit a pull request with further changes you want to see.