Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.

Slides:

Advertisements

Similar presentations

Office 365 Identity June 2013 Microsoft Office365 4/2/2017

Advertisements

Agenda AD to Windows Azure AD Sync Options Federation Architecture

Core identity scenarios Federation and synchronization 2 3 Identity management overview 1 Additional features 4.

[Speaker] [Title] [Company] Identity management integration options for Office 365.

Microsoft Ignite /16/2017 3:28 PM

Identity management integration options for Office 365

IT can provide users with a common identity across on-premises or cloud- based services, leveraging Windows Server Active Directory and Azure Active.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

Active Directory Integration with Microsoft Office 365

Cloud app Cloud app Cloud app Separate username/password sign-in Manual or semi-automated provisioning Active Directory App Separate username/password.

Active Directory Integration with Microsoft Office 365 Ross Adams & Jono Luk Program Managers Microsoft Corporation OSP321.

User Microsoft Account Ex: User Organizational Account Ex: Microsoft Account Windows Azure Active Directory.

Empower Enterprise Mobility Jasbir Gill Azure Mobility.

Scenario covered in this presentation Separate credential from on- premises credential Authentication occurs via cloud directory service Does not.

OUC204. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.

Timothy Heeney| Microsoft Corporation. Discuss the purpose of Identity Federation Explain how to implement Identity Federation Explain how Identity Federation.

Single Sign-On with Microsoft Azure

Windows Azure Conference 2014 Windows Azure AD – All about WAAD & integration with on- premises AD.

Microsoft ® Official Course Module 13 Implementing Windows Azure Active Directory.

Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Paul Andrew. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.

Office 365 deployment choices Cutover, Staged, Hybrid What is AD FS (Active Directory Federation Services) Attribute Stores, ADFS Configuration Database.

Identity Decision Tree Framework Quick Reference Guides.

Alessandro Cardoso Microsoft MVP | Readify National Manager |

Office 365: Identity and Access Solutions Suresh Menon Technology Specialist – Office 365 Microsoft Corporation India.

Office 365 Directory Synchronization Update: Deploying Password Sync.

Access and Information Protection Product Overview Andrew McMurray Technical Evangelist – Windows

ON YOUR TERMS Business needs * Enhanced by upcoming Azure IAAS features GoodBetterBest * * GoodBetterBestGoodBetterBestGoodBetterBestGoodBetterBestGoodBetterBest.

Get identities to the cloud Mix on-premises and cloud identity for improved PC, mobile, and web productivity Cloud identities help you run your business.

Microsoft Azure Active Directory. AD Microsoft Azure Active Directory.

Access resources in a federation partner organization.

Building consumer apps with Azure AD B2C

DNS DNS changes required to validate domains in Office 365 UPN – User Principal Name Every user must have a UPN UPN suffixes must match a validated.

Craig Pringle & Derek Moir

Identities and Azure AD Premium

Slavko Kukrika MVP Connect Windows 10 to the Cloud – Cloud Join.

Why EMS? What benefit does EMS provide O365 customers Manage Mobile Productivity Increase IT ProductivitySimplify app delivery and deployment LOB Apps.

BE-com.eu Brussel, 26 april 2016 EXCHANGE 2010 HYBRID (IN THE EXCHANGE 2016 WORLD)

Agenda  Microsoft Directory Synchronization Tool  Active Directory Federation Server  ADFS Proxy  Hybrid Features – LAB.

Provides an overview of Lync Online Dates and capabilities are subject to change Screen captures are for illustration purposes and subject to change.

EMS in action Hugh Simpson-Wells and Mark Riley 2016 Redmond Summit | Identity Without Boundaries

ADFS - Does it Still have a Place? Fitting into the EMS puzzle Frank C. Drewes III 2016 Redmond Summit | Identity.

MCSA Windows Server 2012 Pass Upgrading Your Skills to MCSA Windows Server 2012 Exam By The Help Of Exams4Sure Get Complete File From

Azure Active Directory Uday Hegde 2016 Redmond Summit | Identity Without Boundaries May 26, 2016 Group Program Manager, Azure AD

Gregor Šuster, Microsoft Azure Active Directory. Kaj je in kaj ni Azure Active Directory (AAD)? Različice storitve Azure Active Directory Predstavitev.

Protect your data Enable your users Desktop Virtualization Information protection Mobile device & application management Identity and Access Management.

Recording Brief EMS Partner Bootcamp Variables Values Module Title

Active Directory Modernization Technical competitive comparison

SaaS Application Deep Dive

Microsoft Virtual Academy

Directory Synchronization in Office 365

9/13/2018 4:54 PM BRK How to get Office 365 to the next level with Azure Active Directory Premium Brjann Brekkan Program Manager Lead – Customer.

Acutelearn Azure Administration Training in Hyderabad Classroom Training Instructor led trainings at Acutelearn premises Corporate Training Custom tailored.

11/15/2018 3:42 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.

Hybrid Search Planning Implementation.

05 | AD to Windows Azure AD IT Professionals

TechEd /24/2018 4:00 PM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered.

Microsoft Ignite NZ October 2016 SKYCITY, Auckland.

SharePoint Online Hybrid – Configure Outbound Search

Microsoft Virtual Academy

M7: New Features for Office 365 Identity Management

Office 365 Identity Management

Office 365 Identity Management

M3: Guidance for choosing the right integration option

AD FS Integration Active Directory Federation Services (AD FS) 7.4

Microsoft Ignite /24/2019 6:23 PM

4/9/2019 5:05 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS.

M6: Advanced Identity Management topics for Office 365

Azure AD Simon May Technical Evangelist.

Presentation transcript:

Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication

Cloud Identity Model

Synchronized Identity Model

Password hashes User accounts User Sign-on Azure AD Sync On-premises directory

User Password On-premises directory

 Includes sync from multiple forests including merging duplicate users in these forests  In addition to AD, can sync from LDAP v3, SQL Server (coming soon)  Enables selective OU sync with using UX in the setup  Enables selective attribute sync  Enables transforming of attributes using UX in the setup  Installer that deploys Azure AD Sync and optionally AD FS  A superset of Azure AD  In preview now

Azure AD Connect (sync + sign on) Active Directory LDAP directories

Federated Identity Model

On-premises directory Azure AD Sync

This new backup option for Office 365 customers using federated sign-in provides the option to manually switch your domain in a short amount of time during outages such as on- premises power loss, internet connection interruption and any other on-premises outage. Backup Password Hash Sync User accounts Azure AD Sync On-premises directory

Making AD FS Easy

How to choose an identity model

Change between models as needs change

Choose the simplest model for your needs

Choose synchronized identity if you have an on-premises directory

Scenarios for choosing federation Existing infrastructure

Scenarios for choosing federation Technical requirements

Scenarios for choosing federation Policy requirements

Office 365 federation options Suitable for medium, large enterprises including educational organizations Recommended option for Active Directory (AD) based customers Single sign-on Support for web and rich clients Microsoft supported Works for Office 365 Hybrid Scenarios Requires on-premises servers, licenses & support Suitable for medium, large enterprises including educational organizations Recommended where customers may use existing non-ADFS Identity systems with AD or Non-AD Single sign-on Support for web and rich clients Third-party supported Works for Office 365 Hybrid Scenarios Requires on-premises servers, licenses & support Verified through ‘works with Office 365’ program Suitable for educational organizations Recommended where customers may use existing non-ADFS Identity systems Single sign-on Support for web clients and outlook (ECP) only Microsoft supported for integration only, no shibboleth deployment support Requires on-premises servers & support Works with AD and other directories on-premises For organizations that need to use SAML 2.0 Recommended where customers may use existing non-ADFS Identity systems Single sign-on Support for web clients and outlook (ECP) only Microsoft supported for integration only, no identity provider deployment support Requires on-premises servers & support Works with AD and other directories on-premises

Works with Office 365 – Identity program

New Identity Features

Enables these capabilities Multi-Factor Authentication SAML based identity providers Smart Card and Cert authentication Outlook doesn’t need Basic Authentication The program is easier to join and production support is included for participants. Some incomplete scenarios like IRM, External Sharing, AD FS Client Access Policies. Updates in the coming months. Targeted March 2015

Azure AD FeaturesOffice 365 Common features Directory as a service No object limit User and group management using UI or Windows PowerShell cmdlets Access Panel portal for SSO-based user access to SaaS and custom applications Up to 10 apps per user User-based application access management and provisioning Self-service password change for cloud users Directory synchronization tool – For syncing between on-premises Active Directory and Azure Active Directory Standard security reports 3 standard reports Premium and Basic features High availability SLA uptime (99.9%) Group-based application access management and provisioning Customization of company logo and colors to the Sign In and Access Panel pages Self-service password reset for cloud users Application Proxy Premium- only feature Self-service group management for cloud users Self-service password reset with on-premises write-back Microsoft Identity Manager (MIM) server licenses – For syncing between on-premises databases and/or directories and Azure Active Directory Advanced anomaly security reports (machine learning-based) Advanced application usage reporting Multi-Factor Authentication service for cloud users Limited features Multi-Factor Authentication server for on-premises users For Free and Premium see

Summary