Hybrid Search Planning Implementation.

Slides:



Advertisements
Similar presentations
Office 365 Identity June 2013 Microsoft Office365 4/2/2017
Advertisements

Agenda AD to Windows Azure AD Sync Options Federation Architecture
Core identity scenarios Federation and synchronization 2 3 Identity management overview 1 Additional features 4.
Configuring SharePoint 2013 and Office 365 Hybrid – Part 1
Physical Topology Logical Topology Authentication Licensing.
Hybrid Search with SharePoint 2013 and Office 365 Brendan Griffin.
Identity management integration options for Office 365
Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.
Sessions about to start – Get your rig on!. Notes from the field – Implement Hybrid Search and OneDrive for Business Chris Zhong - Microsoft Aaron Dinnage.
NETOP ONDEMAND What’s new in version 2.1? DECEMBER 09 NETOP ONDEMAND1.
Introduction Please answer the survey questions posted at the end of this meeting. Let us know what sessions you want! Josh Topal at
Scenario covered in this presentation Separate credential from on- premises credential Authentication occurs via cloud directory service Does not.
Timothy Heeney| Microsoft Corporation. Discuss the purpose of Identity Federation Explain how to implement Identity Federation Explain how Identity Federation.
Module 8 Configuring and Securing SharePoint Services and Service Applications.
Single Sign-On with Microsoft Azure
Terry Henry IS System Manager, SharePoint SME Micron Technology Inc.
Julien “Superman” Stroheker and Nicolas “Batman” Georgeault Negotium
New SharePoint 2016 Features
…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
Paul Andrew. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.
Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Office 365 Office 365 Overview & InfrastructureAdministering Lync Online.
ON YOUR TERMS Business needs * Enhanced by upcoming Azure IAAS features GoodBetterBest * * GoodBetterBestGoodBetterBestGoodBetterBestGoodBetterBestGoodBetterBest.
Module 9 User Profiles and Social Networking. Module Overview Configuring User Profiles Implementing SharePoint 2010 Social Networking Features.
DNS DNS changes required to validate domains in Office 365 UPN – User Principal Name Every user must have a UPN UPN suffixes must match a validated.
#SPSMX Hybrid Environments SharePoint On-premises & SharePoint Online Luis Du Solier SharePoint Premier Field Engineer Microsoft.
How To Build a Production-Ready SP 2013 Farm Martin Cox SharePoint / O365 Architect SharePoint 2013 BI Farm Setup Best Practices.
BE-com.eu Brussel, 26 april 2016 EXCHANGE 2010 HYBRID (IN THE EXCHANGE 2016 WORLD)
Agenda  Microsoft Directory Synchronization Tool  Active Directory Federation Server  ADFS Proxy  Hybrid Features – LAB.
Managing Office 365 Identities and Requirements Question Answer
Managing Office 365 Identities and Requirements.
SharePoint Online Hybrid Troubleshooting Tips and Tricks Manas Biswas Sr. Support Escalation Engineer, SharePoint Online Escalation Services Microsoft.
SaaS apps.
ADFS - Does it Still have a Place? Fitting into the EMS puzzle Frank C. Drewes III 2016 Redmond Summit | Identity.
Productivity Architect Meet Chris Bortlik Author, Blogger, Speaker.
Office 365 Migration Challenges Drew St. John 2016 Redmond Summit | Identity Without Boundaries May 24, 2016 Consultant
Hybrid SharePoint Search
SharePoint 2016/2013: Plan for SharePoint Services Farm
Recording Brief EMS Partner Bootcamp Variables Values Module Title
ArcGIS for Server Security: Advanced
SharePoint Hybrid Capabilities
O365 & AZURE ADDS Mladen Baranek, Miadria
Microsoft - Managing Office 365 Identities and Requirements
6/17/2018 5:54 AM OSP322 Getting the best of both worlds, making the most of SharePoint hybrid search solutions Shyam Narayan Microsoft © 2013 Microsoft.
Directory Synchronization in Office 365
Exam in just 24 hours!!! Pass your exam in first attempt by the help of our latest braindumps
Microsoft Online Services Partner Deployment Training for Office 365
Dumps PDF Implementing Microsoft Azure Infrastructure Solutions dumps.html Are You worried About Your Exam.
Leverage your on-premise investments with cloud innovation
SharePoint Online Management and Control
Deploying Office 365 ProPlus
Cloud Connect Seamlessly
Azure AD Application Proxy
Multi-Farm, Cross-Continent SharePoint Architecture
Local AD, Azure AD, & Google Suite User Management
Hybrid Search Technical Guidance.
Hybrid Search Phased Approach.
PSC Group, LLc Office 365/SharePoint Online Migration traps and tricks
05 | AD to Windows Azure AD IT Professionals
SharePoint Online Hybrid – Configure Outbound Search
M7: New Features for Office 365 Identity Management
2/27/2019 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
M6: Advanced Identity Management topics for Office 365
Office 365 Identity Management
System Center Configuration Manager Cloud Services – Cloud Distribution Point Presented By: Ginu Tausif.
SCCM in hybrid world Predrag Jelesijević Microsoft 7/6/ :17 AM
Microsoft 365 Business Technical Fundamentals Series
10 | Implementing Directory Synchronization
How to install and manage exchange server 2010 OP Saklani.
Microsoft Virtual Academy
Presentation transcript:

Hybrid Search Planning Implementation

Overview Implementation of hybrid search could be challenging or delayed if crucial resources are not available, not installed or not compatible with the hybrid search requirement. It’s always advisable to verify the configuration, installations and script execution is a trail environment. Hybrid search involves few critical implementations which should be configured/implemented during initial phase of implementation. During discovery phase, it’s very important to map the following hybrid search requirement with your current SharePoint environment and find the gaps and plan for it in advance. The following are the sections to complete discovery: Hybrid search : Pre-Requisite Office 365 Discovery and Planning SharePoint 2013 Discovery and Planning Identity Management Discovery and Planning

Pre-Requisites SharePoint Online SharePoint 2013 Enterprise On-premise Must have a required subscription of SharePoint online with min build number. Must have a SharePoint 2013 farm with required services running. Active Directory (Windows Server 2003 R2 or later) with DirSync implemented. Users synchronized and licensed in SharePoint online Azure Active Directory. SharePoint Online Office 365 subscriptions with SharePoint Online licenses E1 or E3 license type Minimum Build Number: 15.0.0.4420 SharePoint 2013 Enterprise On-premise SSL-secured On-Premise deployment of SharePoint Server 2013 On-premise SharePoint Server license Running with Required Services Identity Management Cloud Identity or Synchronized Identity On-Premise Active Directory & DirSync Reverse Proxy

Cloud Discovery and Planning 1 of 2 During the discovery phase, it’s always beneficial to validate the following information. Need of this information will be in setting up hybrid search with multiple parameters. Verify Organization Domain: Office 365 admin credentials and SharePoint 2013 administrator level access Login to SharePoint Online Administration Portal with Office 365 admin credentials Go to Domains > Verify your domain from list of all domains Find out if you have Cloud only identity or Synchronized identity Verify DirSync settings and synched user profiles An organization must have DirSync as a minimum setup running and synchronization users account between SharePoint online and On-premise environment DirSync Status, last run Users and groups > Office 365 users and local AD users Verify minimum build number: Navigate to your site collection at https://<your Office 365 domain>/_vti_pvt/service.cnf Find the entry vti_extenderversion:SR and this is the value of build number Verify

Cloud Discovery and Planning 2 of 2 Verify Company Information using PowerShell: Run the following PowerShell commands: Login to any web/app server Run “Connect-MSOLService” with admin credentials Run “Get-MSOLCompanyInformation” The following information appears: Company Name and Address Directory Service Synchronization Enabled Last Dir Sync Time Password Synchronization Enabled Secure Channel SSL Certificate location and file name Required to help secure communication channel between SharePoint Online and Reverse Proxy with friendly name, expiry date and password (incase private key associated) Stockholders/Teams Involved: Project Sponsor/decision makers for necessary approvals and decisions Office 365 and SharePoint 2013/2016 administrators, Reverse Proxy Team (F5 or Windows Server Team)

On Premise Discovery and Planning Verify Farm Information: Total Web Front Ends, Application Servers and SQL Servers Services Status The following services must be running in SharePoint 2013 environment: Search Service, User Profile Service, App Management Service Microsoft SharePoint Foundation Subscription Settings Service Verify the following: CU update August 2015 or later Web Application should be Integrated Windows Authentication NTLM Server Version : For password sync min should be 2008 R2 SP1 or later. User properties exist with attributes like “UserPrincipalName” and “ProxyAddress” (Work Email) in user profile service settings. Web Application SSL Certificate location and file name with expiry date Tool Installations Install the following tools on WFE or APP Server The Microsoft Online Services Sign-In Assistant https://www.microsoft.com/en-us/download/details.aspx?id=41950 The Azure Active Directory Module for Windows PowerShell http://go.microsoft.com/fwlink/p/?linkid=236297 The SharePoint Online Management Shell https://www.microsoft.com/en-my/download/details.aspx?id=35588

Identity Management Planning Verify Current Farm and Search Topology Current search load, crawling issues Search performance, query latency and search fault tolerance scenarios Check Current Security Certificates Run the following PowerShell Command on any SharePoint 2013 Server: (Get-SPSecurityTokenServiceConfig).LocalLoginProvider.SigningCertificate Expected Return: CN=SharePOint Security Token Service, OU= SharePoint, o = Microsoft, C= US Identity Federation The goal of identity federation is to enable resource access across completely unrelated security domains by sharing a limited amount of information, such as security identities and policies. Reverse Proxy Requirement When inbound traffic from SharePoint Online needs to be relayed to the on-premises SharePoint Server 2013 farm. When a federated user goes to a SharePoint Online Search portal that is configured to return hybrid search results, a reverse proxy device intercepts and pre-authenticates the request for on-premises SharePoint Server 2013 content and then relays it to SharePoint Server 2013. Supported Reverse Proxies Reverse proxy Options: Windows Server 2012 R2 with Web Application Proxy Forefront Threat Management Gateway (TMG) 2010 ( Limited Support until 2010) F5 Big IP with “Access Policy Manager” implemented for authentication

DirSync Role & Readiness Check What is DirSync and why it’s important DirSync (Directory Synchronization) is a tool and responsible for provisioning directory objects from an on-premises Active Directory to Azure Active Directory. 64-bit edition of Windows Server 2008 R2 SP1 Standard or Enterprise or higher.  Most of the organization is pre-configured with SharePoint Online and On-premise environment and a DirSync already in-place and working profile synchronization. To make sure a DirSync is in-place, follow these steps: Browse to Office 365 Admin center https://portal.microsoftonline.com. On the Microsoft Online Services page, in the Windows Live ID field, provide an account name that has  Global admin rights on your Office 365 subscription On the Home page, click Admin. On the Admin page, select Users, which is under the Management section on the left side. Under status column, you must see status “Synched with Active Directory”, it means the SharePoint 2013 users are synced with SharePoint online Azure AD.

Additional Checklist The below mentioned information is equally important while configuring the hybrid federated search. Information may vary based on the SharePoint environment, requirements and configuration required. On-Premise Web Application name and URL Identity Management Type (Cloud Identity, ADFS with SSO or DirSync with Password Sync) STS Certificate PFX file (with password) with start and end date and CER file with start and end date STS Certificate Friendly Name Teams SLAs UPN domain suffix SSL Certificate Location Network Requirements Farm and Server Information Network Ports

Design Considerations MultiTenancy: SharePoint 2013 farm can only attach to a single tenant in SharePoint online. Ex: Check if active directory is not shared with trail tenant. Search Issues: If your SharePoint 2013 search has pre-existing search related issues with search crawl, index or end user search, it is highly recommended to correct it. Service Federation: Services shared across multiple farms or separate Search farm implementation can cause issues. Few SharePoint 2013 services can not be shared across farm in hybrid search implementation. Search Service Latency: Verify your search service latency and consider it to add more load after hybrid search implementation. It is advisable to scale out search infrastructure in such cases.

Thank You

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.