Redmond Protocols Plugfest 2016 Randy Dong AD Family and BYOD Protocol Test Suite Updates Software Engineer.

Slides:

Advertisements

Similar presentations

Office 365 Identity June 2013 Microsoft Office365 4/2/2017

Advertisements

Agenda AD to Windows Azure AD Sync Options Federation Architecture

 Jan Alexander Program Manager Microsoft Corporation BB43.

Core identity scenarios Federation and synchronization 2 3 Identity management overview 1 Additional features 4.

Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.

Implementing and Administering AD FS

Microsoft Ignite /16/2017 4:55 PM

Implementing ISA Server Caching. Caching Overview ISA Server supports caching as a way to improve the speed of retrieving information from the Internet.

Conditional access DirectAccess & automatic VPN Desktop Virtualization.

Windows Server 2012 R2 Capabilities for BYOD Scenario Yuri Diogenes Senior Knowledge Engineer Data Center, Devices & Enterprise Client – CSI Team’s Page:

SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)

Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.

Understanding Active Directory

UAGSharePoint InternetIntranet.

TechEd /20/2017 2:02 AM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.

Virtual techdays INDIA │ august 2010 Secure Collaboration: All You Need to Know about Extending Active Directory Rights Management Services (AD RMS)

Matt Steele Senior Program Manager Microsoft Corporation SESSION CODE: SIA326.

On-Premises Cloud On-PremisesHybridCloud.

Introduction Please answer the survey questions posted at the end of this meeting. Let us know what sessions you want! Josh Topal at

Module 1 Introduction to Managing Microsoft® Windows Server® 2008 Environment.

Module 10: Designing an AD RMS Infrastructure in Windows Server 2008.

Implementing Secure Shared File Access

Microsoft Windows 8.1 Enterprise: A brief overview of Microsoft Windows 8 Enhancements. Welcome!

MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.

Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.

Module 11: Implementing ISA Server 2004 Enterprise Edition.

Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®

Welcome Windows Server 2008 安全功能 -NAP. Network Access Protection in Windows Server 2008.

Office 365: Identity and Access Solutions Suresh Menon Technology Specialist – Office 365 Microsoft Corporation India.

Office 365 Directory Synchronization Update: Deploying Password Sync.

Access and Information Protection Product Overview Andrew McMurray Technical Evangelist – Windows

Bronze Sky customer premises AD MS Online Directory Sync Provisioning platform Provisioning platform Lync Online Lync Online SharePoint Online SharePoint.

Get identities to the cloud Mix on-premises and cloud identity for improved PC, mobile, and web productivity Cloud identities help you run your business.

Access resources in a federation partner organization.

Module 11: Designing an Active Directory Federation Services Implementation in Windows Server 2008.

Module 3 Planning for Active Directory®

Microsoft Virtual Academy Preparing for the Windows 8.1 MCSA Module 5: Managing Devices & Resource Access.

Module 10: Identity and Access Services in Windows Server 2008 Active Directory.

Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.

Microsoft ® Lync™ Server 2010 Setup and Deployment Module 04 Microsoft Corporation.

Slavko Kukrika MVP Connect Windows 10 to the Cloud – Cloud Join.

BE-com.eu Brussel, 26 april 2016 EXCHANGE 2010 HYBRID (IN THE EXCHANGE 2016 WORLD)

Agenda  Microsoft Directory Synchronization Tool  Active Directory Federation Server  ADFS Proxy  Hybrid Features – LAB.

Microsoft Virtual Academy Dean Yamada | Senior Premier Field Engineer, Microsoft Stephen Hall | Cloud Solutions Specialist, District Computers.

Hybrid Identity Deep dive Ross Adams 2016 Redmond Summit | Identity Without Boundaries May 25 th 2016 Azure AD

Redmond Protocols Plugfest 2016 The role of the Message Analyzer parsers and network captures Windows Protocols Overview Documents Althea Champagnie, Senior.

Redmond Protocols Plugfest 2016 Ron Starr, Paul Bartos, Hagit Galatzer, Stephen Guty New and Modified Windows Protocol Documents.

Enabling the Modern Workstyle with Windows 10 & Azure Active Directory Venkatesh Gopalakrishnan 2016 Redmond Summit | Identity Without Boundaries May 25,

Redmond Protocols Plugfest 2016 Jinghui Zhang Office Interoperability Test Tools (Test Suites and Open Source Projects) Software Engineer Microsoft Corporation.

EMS in action Hugh Simpson-Wells and Mark Riley 2016 Redmond Summit | Identity Without Boundaries

Redmond Protocols Plugfest 2016 Matt Kurjanowicz Hyper-V Networked Storage: MS-HVRS, MS-SQOS, MS-RSVD, MS-VHDX, MS- HRL updates Senior Software Engineer.

MCSA Windows Server 2012 Pass Upgrading Your Skills to MCSA Windows Server 2012 Exam By The Help Of Exams4Sure Get Complete File From

Azure Active Directory Uday Hegde 2016 Redmond Summit | Identity Without Boundaries May 26, 2016 Group Program Manager, Azure AD

Redmond Protocols Plugfest 2016 Yan ZENG File Server Family Test Suite Updates Software Engineer.

Introduction to Windows Azure AppFabric

Exam : Identity with Windows Server 2016

Securing the Network Perimeter with ISA 2004

100% Exam Passing Guarantee & Money Back Assurance

Microsoft Virtual Academy

Windows Azure AppFabric

Hybrid Search Planning Implementation.

Microsoft Ignite /20/2018 2:21 PM

SharePoint Online Hybrid – Configure Outbound Search

AD FS Integration Active Directory Federation Services (AD FS) 7.4

AD FS Installation Active Directory Federation Services (AD FS) 7.1

Implement Web Application Proxy (WAP)

Device Registration and Multi-Factor Authentication

Microsoft Virtual Academy

Presentation transcript:

Redmond Protocols Plugfest 2016 Randy Dong AD Family and BYOD Protocol Test Suite Updates Software Engineer

Agenda AD Family Protocol Test Suite Overview Updates BYOD Protocol Test Suites Overview Updates How to use (demo on MS-ADFSPIP test suite) Q&A

AD Family Protocol Test Suite

Test Suite Overview MS-ADTS-Schema MS-ADTS-LDAP MS-ADTS-PublishDC MS-ADTS-Security MS-SAMR MS-LSAD MS-LSAT MS-DRSR MS-FRS2 MS-NRPC MS-APDS All-in- One

ClassAttribute domainDNSmsDS-ExpirePasswordsOnSmartCardOnlyAccounts topmsDS-ObjectSoa msDS-SourceAnchor msDS-AuthNPolicymsDS-ServiceAllowedNTLMNetworkAuthentication msDS-UserAllowedNTLMNetworkAuthentication msDS-StrongNTLMPolicy securityPrincipalmsds-tokenGroupNames msds-tokenGroupNamesGlobalAndUniversal msds-tokenGroupNamesNoGCAcceptable Test Suite Updates - I MS-ADTS-Schema Upgraded schema version numbers (AD DS: 87, AD LDS: 31) Added test cases to validate new added schema attributes

Test Suite Updates - II MS-SAMR Added test cases for Non-DC configuration MS-DRSR Added test cases for new response message version for method IDL_DRSGetNCChanges Added test cases for new methods: IDL_DRSReadNgcKey, IDL_DRSWriteNgcKey Test Suite bugs fixed

BYOD Protocols

Protocol Overview Federation Server Farm Active Directory Contoso Company [MS-DVRD] [MS-OAPX] [MS-DVRE] [MS-DVRJ] File Sync Server Company Device Personal Device [MS-ECS] Web Application Server [MS-ADFSPIP] Azure Active Directory Federated Trust [MS-MDE] IT Admin [MS-MDM] Add Device Object Compliance Policies Proxy Allow information workers to access their individual data … that is centrally located on a traditional file server … from all of their devices … from wherever they are … while remaining in compliance with the corporate policies

Test Suites Overview 5 Test Suites: MS-DVRD-DVRE MS-OAPX MS-ECS MS-ADFSPIP MS-MDM-MDE Protocols: [MS-DVRD], [MS- DVRE] [MS-OAPX] [MS-ECS], [MS- FSVCA] [MS-ADFSPIP] [MS-MDM], [MS-MDE]

MS-ADFSPIP Pre-authentication for HTTP Basic application publishing New test cases were added Propagation of client IP address to backend applications Added validation check for the new HTTP header: X-MS-ADFS-Proxy-Client-IP New AD FS configure properties added Enabled user to configure AD FS behavior level in test suite Test Suite bugs fixed Test Suites Updates Web Application ProxyBrowser Federation Server Farm HTTP Request HTTP 302 Personal Device HTTP Basic (Credentials) Credentials Web Application Server Client IP Address New for Windows Server 2016 SAML WS-Fed OAuth SSL/TLS

MS-ADFSPIP Demo

Test Topology and Scenarios Federation Server Farm Contoso Company Personal Device Web Application Server Web Application Proxy Scenario 1: Deploy Web Application Proxy 1. Establish Trust 2. Get Service Configuration 3. Get Proxy Configuration Scenario 2: Manage Web Applications 1. Get relying party trusts 2. Add/Delete publish settings for the relying party Scenario 3: Pre-authenticate User Request 1. HTTP Request 2. Pre-authenticate SAML WS-Fed OAuth HTTP Basic 3. Authenticated Request 4. Update Proxy Configuration

Test Methodology Federation Server Farm Contoso Company Personal Device Web Application Server Web Application Proxy 1.Synthetic Client and Server Combined (Depend on Testing Scenario) 2.SUT Control Adapter (PowerShell/Interactive) 3.Everything in the same network (For simplicity) 4.Replace SUT (Web Application Proxy) and configure Test Suite Trigger Test Suite (Synthetic Server) Scenario 1: Deploy Proxy Scenario 2: Manage Applications Scenario 3: Pre-authentication Test Suite (Synthetic Server) Test Suite (Synthetic Client) Test Suite

Demo

Redmond Protocols Plugfest 2016 Questions or Comments?

Redmond Protocols Plugfest 2016 Thank You!