Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Blue active directory

Published byDarrell Ryan Modified over 6 years ago

Similar presentations

Presentation on theme: "The Blue active directory"— Presentation transcript:

1 The Blue active directory
Bob Dowling 22 February 2017 1

2 Agenda Timeline & background Architecture AD admin tools Next

3 Background: timeline to present
2015 30 Sep University signs MS EES deal 01 Oct Technical people asked for a University AD 00 Oct Office 365PP for students 00 Dec Staff added 2016 Q1,2 Blue & Office 365PP Q2,3 OneDrive Q3,4 Exchange Online investigations 2017 Q1 UIS migration

4 Background: entitlement
“The University of Cambridge and its associated bodies” The University of Cambridge and 27/31 Colleges, plus the Theological Federation, minus the two University institutions with their own deals, plus the manually added emeritus professors.

5 Background: entitlement
“The University of Cambridge and its associated bodies” The University of Cambridge and 29/31 Colleges, now including the MRC units as they join, without the Theological Federation, but plus one Theological Federation institution that wants to rejoin, minus the two University institutions with their own deals, but one of those is planning to join with us later, plus the manually added emeritus professors.

6 Background: staff entitlement flowchart

7 Background: timeline from present
2017 Q2 Early adopter institutions migrate to Exchange Online Q2,3 SharePoint Online Ongoing Other institutions migrating

8 Background: requirements on the AD
Easy: Minimal requirements Two groups: staff & students (One-time complexity in setting rules for groups.) Hard: Exchange objects Mail domain administration Need for federated control

9 Architecture: single domain design
DC=blue,DC=cam,DC=ac,DC=uk OU=Accounts OU=Groups OU=People

10 Architecture: domain design
DC=blue,DC=cam,DC=ac,DC=uk * OU=Accounts OU=Groups OU=People OU=institution OU=Accounts OU=Groups OU=Devices OU=Servers CN=inst-blue-admin

11 Architecture: servers
Data out of lookup & password app. Data centre redundancy. (Hashed) passwords never leave our servers.

12 Architecture: Active Directory administration tool
Azure Active Directory institutional administrator web Azure AD Connect Services consumed script or automated process End user Active Directory administration system Blue Active Directory API

13 Architecture: Active Directory administration tool
SQL front end to AD back end (including us!) No use of native tools Powerful logic & rules sets Supports federated controls “Freedom within a framework”

14 Opportunities: moving mail domains to Exchange Online
50GB quotas Shared calendars Better contact syncing Increased OneDrive sharing S/MIME

15 Other opportunities MS EES includes Windows 10 licensing
SharePoint Online Groups for OneDrive, Forms, SharePoint … AD for institutions that don’t want to run it Better University-wide collaborative working

16 Next Detailed design work on AD rules Selection of administration tool
Getting used to Exchange’s quirks Extended Support only.

17 Questions ?

Download ppt "The Blue active directory"

Similar presentations

UTILIZING WITH ITA. offers an entire suite of benefits for you and your students. You can also set up s for the purpose.

UTILIZING WITH ITA. offers an entire suite of benefits for you and your students. You can also set up s for the purpose.
Classroom Architects Own the classroom experience –Look to be unique and innovative Institutions Educators Cohesive Experiences Integrating technology.

Classroom Architects Own the classroom experience –Look to be unique and innovative Institutions Educators Cohesive Experiences Integrating technology.
Agenda AD to Windows Azure AD Sync Options Federation Architecture

Agenda AD to Windows Azure AD Sync Options Federation Architecture
Configuring SharePoint 2013 and Office 365 Hybrid – Part 1

Configuring SharePoint 2013 and Office 365 Hybrid – Part 1
Gold Sponsors Bronze Sponsors Silver Sponsors Taking SharePoint to the Cloud Aaron Saikovski Readify – Software Solution Specialist.

Gold Sponsors Bronze Sponsors Silver Sponsors Taking SharePoint to the Cloud Aaron Saikovski Readify – Software Solution Specialist.
RequirementsDeployment Options 2 3 Dirsync Overview 1 Understanding Synchronization 4.

RequirementsDeployment Options 2 3 Dirsync Overview 1 Understanding Synchronization 4.
Acceleratio Ltd. is a software development company based in Zagreb, Croatia, founded in 2009. Acceleratio specializes in developing high-quality enterprise.

Acceleratio Ltd. is a software development company based in Zagreb, Croatia, founded in Acceleratio specializes in developing high-quality enterprise.
Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.

Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.
Microsoft Ignite /16/2017 4:55 PM

Microsoft Ignite /16/2017 4:55 PM
Exchange server 2003. Mail system Four components Mail user agent (MUA) to read and compose mail Mail transport agent (MTA) route messages Delivery agent.

Exchange server Mail system Four components Mail user agent (MUA) to read and compose mail Mail transport agent (MTA) route messages Delivery agent.
Active Directory federation user provisioning.

Active Directory federation user provisioning.
Business Productivity Online Suite Enterprise class software delivered via subscription services hosted by Microsoft and sold with partners.

Business Productivity Online Suite Enterprise class software delivered via subscription services hosted by Microsoft and sold with partners.
OSP206. Experience Office as it was meant to be… without the complexity of setting up servers.

OSP206. Experience Office as it was meant to be… without the complexity of setting up servers.
OFFICE 365 GROUPS Administrative look into Groups July 9, 2015.

OFFICE 365 GROUPS Administrative look into Groups July 9, 2015.
Cloud app Cloud app Cloud app Separate username/password sign-in Manual or semi-automated provisioning Active Directory App Separate username/password.

Cloud app Cloud app Cloud app Separate username/password sign-in Manual or semi-automated provisioning Active Directory App Separate username/password.
Debunking the Top 10 Myths of Small Business Server: Using Windows SBS in Larger Environments Abstract: This session will debunk some of the common myths.

Debunking the Top 10 Myths of Small Business Server: Using Windows SBS in Larger Environments Abstract: This session will debunk some of the common myths.
Office 365 Administration Ron Schindler See full Office 365 Admin course on Ron Schindler See.

Office 365 Administration Ron Schindler See full Office 365 Admin course on Ron Schindler See.
OM. Brad Gall Senior Consultant

OM. Brad Gall Senior Consultant
Montcalm Area Intermediate School District Tom Staten – Billy Willis – October 13, 2011 MAEDS Session 8D.

Montcalm Area Intermediate School District Tom Staten – Billy Willis – October 13, 2011 MAEDS Session 8D.
123456789101112…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.

…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.

Similar presentations

Ads by Google