Download presentation
Presentation is loading. Please wait.
Published byBaldwin Roy Nichols Modified over 8 years ago
4
What is DirSync? Purpose – What does it do? Understanding Synchronization Understanding Coexistence Demo
6
Pilot completeDeploy CompleteAdopt new features Deploy Enhance Pilot
7
Sign-on Integrated identity management Sign-on with the same user and password as on premises Mail Integrated mail flow and migration Global address list Full mail content migration – mail, calendar, contacts Collaboration Sharing and working with others Lync business partner federation Site governance and provisioning support Setup of Apps for Office corporate app catalog Clients IT managed client productivity Office 365 ProPlus deployed to user desktop via IT process Mobile Managed mobile connectivity Send and receive mail from mobile device as on-prem email Administration Control & monitor Data loss prevention configuration (limited) Exchange Online Protection mail protection configuration (limited) Setup in days Adds on-premises integration Pilot user and info is sustained IT driven migration Mail migration that best fits environment Deploy Experience – what’s added
8
Identity What’s Required Directory Sync server/s AD meets service requirements for hygiene Same password on-prem and in cloud via password sync Network What you need to connect Network access to service from client end points Network bandwidth availability Access to maintain DNS entries for share domains Clients Required to connect and deploy Web client – minimum browser Office 365 Pro Plus – clients running Windows 7 + Unique requirements per mail platform Dedicated customer IT team Change management readiness Mail Required to setup and migrate Admin access Deploy – what’s required
9
Cloud Identity Single identity in the cloud Directory & Password Synchronization Single identity without federation Federated Identity Single federated identity and credentials Deploy Identity Scenario Deploy Enhance Pilot
10
http://aka.ms/sync
28
On-premises ExchangeActive Directory Office 365 Windows Azure Active Directory Directory Synchronization Provisioning Web Service Logon Enabled User Mail-Enabled (not mailbox-enabled) ProxyAddresses: SMTP: John.Doe@contoso.com smtp: John.Doe@contoso.onmicrosoft.com smtp: John.Doe@contoso.mail.onmicrosoft.com TargetAddress: SMTP: John.Doe@contoso.com Logon Enabled User Mail-Enabled (not mailbox-enabled) ProxyAddresses: SMTP: John.Doe@contoso.com smtp: John.Doe@contoso.onmicrosoft.com smtp: John.Doe@contoso.mail.onmicrosoft.com TargetAddress: SMTP: John.Doe@contoso.com Exchange Online Authentication Platform SharePoint Online Lync Online User Object Mailbox-Enabled ProxyAddresses: SMTP: John.Doe@contoso.com User Object Mailbox-Enabled ProxyAddresses: SMTP: John.Doe@contoso.com Sync Cycle Stage 3: Export Users, Groups, and Contacts to Office 365 Sync Cycle Stage 4: Export “Write Back” attributes Sync Cycle Stage 2: Import Users, Groups, and Contacts from Office 365
30
Introduced with DirSync in June 2013 Benefits of using Password Sync as an alternative to Federated Authentication “Single set of credentials” to access both on-premises and online resources Managed in the customer’s Active Directory and is synchronized with Office 365 (username + password) Fully integrated in the DirSync appliance No requirement for Active Directory Federation Services. Keeps the deployment simple and eliminates IT costs associated with AD/FS
31
Does not require nor access the plain text password No requirement for AD reversible encrypted format AD user password hash is hashed again using a non-reversible encryption function and digest is synchronized into Azure AD The digest in Azure AD cannot be used to access resources in the customer’s on-premises environment
32
One-way synchronization from on-premises to the cloud Password Complexity Policy implemented in the on-premises AD is the master policy Password Expiration Policy on the Azure AD is set to “Never Expire” Password expiration and sync to Azure AD is driven by on-premises events
36
On-premises Message Filtering MX Record: contoso.com User Object Mailbox-Enabled ProxyAddresses: SMTP: John.Doe@contoso.com User Object Mailbox-Enabled ProxyAddresses: SMTP: John.Doe@contoso.com ExchangeActive Directory
37
On-premises Message Filtering MX Record: contoso.com ExchangeActive Directory Office 365 MX Record: contoso.onmicrosoft.com contoso.mail.onmicrosoft.com Exchange Online Protection Exchange Online Online Directory DirSync DirSync Web Service Logon Enabled User Mailbox-Enabled ProxyAddresses: SMTP: Jane.Doe@contoso.com smtp: Jane.Doe@contoso.onmicrosoft.com smtp: Jane.Doe@contoso.mail.onmicrosoft.com Logon Enabled User Mailbox-Enabled ProxyAddresses: SMTP: Jane.Doe@contoso.com smtp: Jane.Doe@contoso.onmicrosoft.com smtp: Jane.Doe@contoso.mail.onmicrosoft.com User Object Mail-Enabled (not mailbox-enabled) ProxyAddresses: SMTP: Jane.Doe@contoso.com TargetAddresses: SMTP: Jane.Doe@contoso.mail.onmicrosoft.com User Object Mail-Enabled (not mailbox-enabled) ProxyAddresses: SMTP: Jane.Doe@contoso.com TargetAddresses: SMTP: Jane.Doe@contoso.mail.onmicrosoft.com
38
On-premises Message Filtering MX Record: contoso.com ExchangeActive Directory Office 365 MX Record: contoso.onmicrosoft.com contoso.mail.onmicrosoft.com Exchange Online Protection Exchange Online Online Directory DirSync DirSync Web Service Logon Enabled User Mail-Enabled (not mailbox-enabled) ProxyAddresses: SMTP: John.Doe@contoso.com smtp: JohnDoe@contoso.onmicrosoft.com smtp: JohnDoe@contoso.mail.onmicrosoft.com TargetAddresses: SMTP: John.Doe@contoso.com Logon Enabled User Mail-Enabled (not mailbox-enabled) ProxyAddresses: SMTP: John.Doe@contoso.com smtp: JohnDoe@contoso.onmicrosoft.com smtp: JohnDoe@contoso.mail.onmicrosoft.com TargetAddresses: SMTP: John.Doe@contoso.com User Object Mailbox-Enabled ProxyAddresses: SMTP: John.Doe@contoso.com User Object Mailbox-Enabled ProxyAddresses: SMTP: John.Doe@contoso.com
42
“It just seemed like every piece of the path that needed to be right at one point broke in the pilot, and nobody can explain why it all happened. “ “The very fundamental assumption I made is that O365 is ]the same if it's on-prem as in the Cloud. Functionality-wise, everything, as on prem.“ “Microsoft would get escalations internally, they’re like, we’ll just throw more resources at it.” “We weren’t proficient/technical enough to know the right questions to ask Microsoft” Satisfied Dissatisfied
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.