Active Directory Integration with Microsoft Office 365 Ross Adams & Jono Luk Program Managers Microsoft Corporation OSP321.

Slides:



Advertisements
Similar presentations
Office 365 Identity June 2013 Microsoft Office365 4/2/2017
Advertisements

Office 365 Identity Federation Technology Deep-Dive
Agenda AD to Windows Azure AD Sync Options Federation Architecture
Core identity scenarios Federation and synchronization 2 3 Identity management overview 1 Additional features 4.
Office 365 Identity aka Azure Active Directory
Identity management integration options for Office 365
Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.
Microsoft Ignite /16/2017 4:55 PM
Sessions about to start – Get your rig on!. Notes from the field – Implement Hybrid Search and OneDrive for Business Chris Zhong - Microsoft Aaron Dinnage.
OSP206. Experience Office as it was meant to be… without the complexity of setting up servers.
Active Directory Integration with Microsoft Office 365
Cloud app Cloud app Cloud app Separate username/password sign-in Manual or semi-automated provisioning Active Directory App Separate username/password.
SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)
User Microsoft Account Ex: User Organizational Account Ex: Microsoft Account Windows Azure Active Directory.
Building Integrated Microsoft Office 365, SharePoint Online, and Office Solutions Using BCS and LOB Data Donovan Follette Sr. Technical.
Archiving in the Cloud with Exchange Online Archiving BHARAT SUNEJA SR TECHNICAL WRITER | EXCHANGE MICROSOFT CORPORATION EXL301.
SIM 320. Contoso customer premises AD MS Online Directory Sync Identity Services Provisioning platform Provisioning platform Lync Online Lync Online.
Introduction Please answer the survey questions posted at the end of this meeting. Let us know what sessions you want! Josh Topal at
Scenario covered in this presentation Separate credential from on- premises credential Authentication occurs via cloud directory service Does not.
OUC204. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.
Timothy Heeney| Microsoft Corporation. Discuss the purpose of Identity Federation Explain how to implement Identity Federation Explain how Identity Federation.
Supporting Microsoft Office in an Enterprise Environment Will Brandt Sr Technical Lead Microsoft Corporation OSP303.
5 | Microsoft Confidential 6 | Microsoft Confidential.
Single Sign-On with Microsoft Azure
…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.
Office 365 – evaluating, Deploying & Migrating – Notes from the field Daryl Gwyn Office 365 TSP (Technical Solutions Professional) Microsoft Corporation.
Building SharePoint Online Applications in a Hybrid World Chris Johnson General Manager Provoke Solutions - Seattle OSP331.
Cloud Identity Windows Azure Active Directory Cloud Identity & Directory SyncFederated Identity Appropriate for Smaller orgs without.
Microsoft NDA Confidential Enabling users to be productive, responsibly Finding the right balance Devices & Experiences Users Want Applications and.
A Lap Around Windows Azure Active Directory Stuart Kwan Lead Principal Program Manager Microsoft Corporation SIA209.
Microsoft ® Official Course Module 13 Implementing Windows Azure Active Directory.
Paul Andrew. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.
Office 365 deployment choices Cutover, Staged, Hybrid What is AD FS (Active Directory Federation Services) Attribute Stores, ADFS Configuration Database.
OSP325 ScenarioUse Directory Synchronization? Initial on-boarding/bulk Provisioning of users only* No Identity FederationYes Long-term.
Office 365: Identity and Access Solutions Suresh Menon Technology Specialist – Office 365 Microsoft Corporation India.
Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Office 365 Office 365 Overview & InfrastructureAdministering Lync Online.
Supporting Microsoft Office in an Enterprise Environment Will Brandt Sr Technical Lead Microsoft Corporation OSP303.
Bronze Sky customer premises AD MS Online Directory Sync Provisioning platform Provisioning platform Lync Online Lync Online SharePoint Online SharePoint.
Get identities to the cloud Mix on-premises and cloud identity for improved PC, mobile, and web productivity Cloud identities help you run your business.
Configuration Manager and InTune Gemeinsam oder einsam?
DNS DNS changes required to validate domains in Office 365 UPN – User Principal Name Every user must have a UPN UPN suffixes must match a validated.
Identities and Azure AD Premium
Microsoft Office 365: Identity and Access Solutions
BE-com.eu Brussel, 26 april 2016 EXCHANGE 2010 HYBRID (IN THE EXCHANGE 2016 WORLD)
Agenda  Microsoft Directory Synchronization Tool  Active Directory Federation Server  ADFS Proxy  Hybrid Features – LAB.
 Step 2 Deployment Overview  What is DirSync?  Purpose – What does it do?  Understanding Synchronization  Understanding Coexistence  Understanding.
 What is DirSync?  Purpose – What does it do?  Understanding Synchronization  Understanding Coexistence  Demo.
Enabling the Modern Workstyle with Windows 10 & Azure Active Directory Venkatesh Gopalakrishnan 2016 Redmond Summit | Identity Without Boundaries May 25,
ADFS - Does it Still have a Place? Fitting into the EMS puzzle Frank C. Drewes III 2016 Redmond Summit | Identity.
Office 365 Migration Challenges Drew St. John 2016 Redmond Summit | Identity Without Boundaries May 24, 2016 Consultant
Protect your data Enable your users Desktop Virtualization Information protection Mobile device & application management Identity and Access Management.
Identity; What you need to know to be in the Microsoft Cloud
Authentication Interact Cloud.
6/1/2018 2:18 AM OSP302 Building Integrated Microsoft Office 365, SharePoint Online, and Office Solutions Using BCS and LOB Data Donovan Follette
6/17/2018 5:54 AM OSP322 Getting the best of both worlds, making the most of SharePoint hybrid search solutions Shyam Narayan Microsoft © 2013 Microsoft.
Microsoft Online Services Partner Deployment Training for Office 365
SharePoint Online Management and Control
Microsoft Office 365: Identity and Access Solutions
Azure AD Application Proxy
Office 365 Identity Management
05 | AD to Windows Azure AD IT Professionals
TechEd /24/2018 4:00 PM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered.
Microsoft Ignite NZ October 2016 SKYCITY, Auckland.
SharePoint Online Hybrid – Configure Outbound Search
M7: New Features for Office 365 Identity Management
Office 365 Identity Management
Office 365 Identity Management
M3: Guidance for choosing the right integration option
Microsoft Ignite /24/2019 6:23 PM
2/27/2019 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Presentation transcript:

Active Directory Integration with Microsoft Office 365 Ross Adams & Jono Luk Program Managers Microsoft Corporation OSP321

Office Subscription Services Office Subscription Services Contoso customer premises AD MS Online Directory Sync Windows Azure Active Directory Provisioning platform Provisioning platform Lync Online Lync Online SharePoint Online SharePoint Online Exchange Online Exchange Online Active Directory Federation Server 2.0 Trust IdP Directory Store Directory Store Admin Portal/ PowerShell Admin Portal/ PowerShell Authentication platform Office 365 Desktop Setup IdP

1. No Integration Appropriate for Smaller orgs without AD on- premises Pros No servers required on- premises Cons No SSO No 2FA 2 sets of credentials to manage with differing password policies IDs mastered in the cloud Appropriate for Smaller orgs without AD on- premises Pros No servers required on- premises Cons No SSO No 2FA 2 sets of credentials to manage with differing password policies IDs mastered in the cloud 2. Directory Only Appropriate for Medium/Large orgs with AD on-premises Pros Users and groups mastered on- premises Enables co-existence scenarios Cons No SSO No 2FA 2 sets of credentials to manage with differing password policies Single server deployment Appropriate for Medium/Large orgs with AD on-premises Pros Users and groups mastered on- premises Enables co-existence scenarios Cons No SSO No 2FA 2 sets of credentials to manage with differing password policies Single server deployment 3. Directory and SSO Appropriate for Larger enterprise orgs with AD on-premises Pros SSO with corporate cred IDs mastered on-premises Password policy controlled on- premises 2FA solutions possible Enables hybrid scenarios Location isolation Cons High availability server deployments required Appropriate for Larger enterprise orgs with AD on-premises Pros SSO with corporate cred IDs mastered on-premises Password policy controlled on- premises 2FA solutions possible Enables hybrid scenarios Location isolation Cons High availability server deployments required

Web Clients Office 2010, Office 2007 SP2 with SharePoint Online Outlook Web Application Remember last user Web Clients Office 2010, Office 2007 SP2 with SharePoint Online Outlook Web Application Remember last user Exchange Clients Office 2010, Office 2007 SP2 Active Sync/POP/IMAP Entourage Can save credentials Exchange Clients Office 2010, Office 2007 SP2 Active Sync/POP/IMAP Entourage Can save credentials Rich Applications (SIA) Lync Online Office Subscriptions CRM Rich Client Can save credentials Rich Applications (SIA) Lync Online Office Subscriptions CRM Rich Client Can save credentials SSO IDs (domain joined) MS Online IDs No Prompt Username and Password Online ID AD credentials SSO IDs (non-domain joined) Username and Password AD credentials Username Username and Password Online ID AD credentials Username and Password AD credentials Username and Password Online ID AD credentials Username and Password AD credentials

Customer Microsoft Online Services Logon (SAML 1.1) Token Source User ID: ABC123 Logon (SAML 1.1) Token Source User ID: ABC123 Auth Token Unique ID: Auth Token Unique ID:

Customer Microsoft Online Services Logon (SAML 1.1) Token Source User ID: ABC123 Logon (SAML 1.1) Token Source User ID: ABC123 Auth Token Unique ID: Auth Token Unique ID:

Customer Microsoft Online Services Logon (SAML 1.1) Token Source User ID: ABC123 Logon (SAML 1.1) Token Source User ID: ABC123 Auth Token Unique ID: Auth Token Unique ID: Basic Auth Credentilas Username/Password Basic Auth Credentilas Username/Password

StructureDescriptionConsiderations Matching domainsInternal Domain and External domain are the same i.e. contoso.com No special requirements Sub domainInternal domains is a sub domain of the external domain i.e. corp.contoso.com Requires Domains registered in order, primary then sub domains.local domainInternal domain is not publicly “registered” i.e. contoso.local Domain ownership can’t be proved, must use a different domain Requires all users to get new UPN Use SMTP address if possible Smart Card issues Multiple distinct UPN suffixes in single forest Mix of users having login UPNs under different domains i.e. contoso.com & fabrikam.com Must use SupportMultipleDomain switch in PowerShell Sub domains require additional work Multi ForestMultiple AD ForestPremier engagement

Access Application Redirect to Authentication platform Types User Name Generate SAML token for authentication platform Redirect Back Present ticket to Application Install 3 rd party auth provider ADFS proxy Authenticate 2FA Authenticate 2FA response Authentication platform Windows Azure Active Directory

Authenticate 2FA Send Creds to Exchange Proxy Auth Evaluate Client Access Rules, issue SAML Token Send Creds to Exchange Proxy Auth Disable passive pages on proxy Connect to internal network Strong Auth VPN to internal network Authentication platform Windows Azure Active Directory

Questions

CodeTitleSchedule OSP221Microsoft Office 365 for Enterprises6/11/2012 3:00 PM OSP305The Modern Compatibility Process to Accelerate Microsoft Office Deployment6/11/2012 4:45 PM OSP321Active Directory Integration with Microsoft Office 3656/12/ :15 AM OSP224Microsoft Office 365 Management and Deployment6/12/2012 1:30 PM OSP223Microsoft Office 365 for Education6/12/2012 3:15 PM OSP303Supporting Microsoft Office in an Enterprise Environment6/12/2012 3:15 PM OSP202Microsoft Excel: A Web Development Tool?6/12/2012 5:00 PM OSP306Microsoft Office Deployment for the Elite6/13/ :15 AM OSP325To the Cloud, from the Trenches: Best Practices for Migrating to Microsoft Office 3656/13/2012 1:30 PM OSP302Building Integrated Microsoft Office 365, SharePoint Online, and Office Solutions Using BCS and LOB Data6/13/2012 3:15 PM OSP323Microsoft Office 365 Security, Privacy, and Trust6/13/2012 5:00 PM OSP324Microsoft Office 365 Service Reliability and Disaster Recovery6/14/2012 8:30 AM OSP304Optimized Desktop Deployment Jeopardy Live Game Show6/14/2012 1:00 PM OSP222Empowering Small Businesses: Microsoft Office 365 P-Suite6/14/2012 4:30 PM

Required Slide Complete an evaluation on CommNet and enter to win!

Connect. Share. Discuss. Learning Microsoft Certification & Training Resources TechNet Resources for IT Professionals Resources for Developers

Scan the Tag to evaluate this session now on myTechEd Mobile

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.