Presentation is loading. Please wait.

Presentation is loading. Please wait.

Windows Server Management Marketing

Published byErika Kranz Modified over 6 years ago

Similar presentations

Presentation on theme: "Windows Server Management Marketing"— Presentation transcript:

1 Windows Server Management Marketing
11/27/2018 Module 2 Install and Configure the Windows Azure Pack John Ballard, Principal Program Manager Shri Natarajan, Program Manager Symon Perriman, Senior Technical Evangelist © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

2 Course Overview Day 1 Day 2 Introduction to the Windows Azure Pack
Build 2012 11/27/2018 Course Overview Day 1 Introduction to the Windows Azure Pack Install & Configure the Windows Azure Pack Integrate the Fabric with the Windows Azure Pack Deliver Self-Service with the Windows Azure Pack Day 2 Service Management Automation in the Windows Azure Pack Extend Services with Third Parties in the Windows Azure Pack Create Tenant Experiences with the Windows Azure Pack © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

3 John Ballard​ ​Principal Program Manager, Microsoft
Build 2012 11/27/2018 John Ballard​ ​Principal Program Manager, Microsoft John is a Principal Program Manager with the System Center Cloud and Datacenter Management engineering team. His areas of responsibility include System Center’s IaaS API (Service Provider Foundation) and end-to-end service provider administration, which is unique to the use of Windows Azure Pack IaaS services based on System Center’s management capabilities. © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

4 Agenda IaaS Resources Powered by System Center
Build 2012 11/27/2018 Agenda IaaS Resources Powered by System Center Service Provider Foundation Windows Azure Pack Fundamentals Deployment Topologies Extensibility Identity © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

5 Goals Provide clarity on the different services in WAP and review IaaS deployments Discuss different deployment topologies Provide clarity on interaction between components Discuss WAP Identity with AD FS and Security

6 IaaS Resources Powered by System Center
Windows Server Management Marketing 11/27/2018 IaaS Resources Powered by System Center © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

7 Multi-tenant IaaS Cloud Architecture
Windows Azure Pack Tenant / Self Service User creates and operates VMs Management Portal Service Admin Tenant Management Portal Tenant and Service Admin UI Service Management API Public Endpoint Tenant API Admin API Service Management API Governs routing and access to resources Service Provider Foundation SPF Web Server SPF DB SPF multi-tenant REST Odata API for System Center IaaS Stamp2 VMM Server 2 VMs Stamp1 VMM Server 1 Stamp scale unit each with management and host capacity Compute Storage Network

8 Whiteboard Your Private Cloud
VM Configure and deploy: Fibre Channel SAN Scale-out file servers from bare metal Clustered Hyper-V hosts Additional Service Provider Capacity VM Networking IP address management Logical switches Logical networks Virtual networks Delegated capacity for departments Expanding your network / capacity to a service provider

9 IaaS Scale Unit: The “Stamp”
Rack 1 Storage Management Edge components Compute Rack 2 Storage Edge components Compute Management (Run as VM’s on Clustered Hyper-V hosts) VMM VM OM VM SPF VM Etc Rack 3 Storage Edge components Compute Rack 4 Storage Edge components Compute Edge Network Virtualization Gateway Top of rack (TOR) switch Clustered Compute Nodes Compute Tenant or user VMs Storage File Servers (JBOD), SANs (iSCSI, Fibre Channel)

10 Network Topology SQL SPF, etc. VMM OM Tenant 1 VMs Tenant 2 VMs
Isolation Datacenter isolation – separation of infrastructure traffic as security boundary and for QOS Tenant isolation – keeping tenants from each other and protect the infrastructure Public Internet Gateway Corporate Windows Azure Pack SQL SPF, etc. VMM Management OM Tenant 1 VMs Tenant 1 Tenant 2 VMs Tenant 2 Hyper-V hosts LM, Cluster, Storage

11 Before Starting IaaS Configuration…
Plan out the intended private cloud environment (scale, components, security, etc.) Download and install VMM, SPF & Windows Azure Pack Have information & (full access control) on minimum set of fabric resources powering the cloud, & necessary library resources to back the IaaS service

12 Zero to IaaS Cloud in… 6 steps
1. Configure Fabric 2. Create & Configure Cloud 3. Configure Accounts in SPF 4. Connect Service Management API to SPF 5. Offer Plan with Cloud to Tenant User 6. Tenant Subscribes to Plan and Creates VM Step 0: Installation of VMM, SPF, & Windows Azure Pack VMM SPF Azure Pack

13 Multi-tenant IaaS features in VMM
Clouds Shared Resource Pools Tenant Administrator user role Access Control and Quotas On Behalf Of Admin identity proxy Identity VM Networks Network isolation Hybrid networking Connectivity

14 Step-by-Step Configurations
TechEd 2013 11/27/2018 7:58 AM Step-by-Step Configurations Fabric Configuration Configure / add storage resources (add/create file servers, storage providers, etc.) Configure / add compute resources (add/create hosts) Configure / add networking resources (add logical & VM networks, port profiles, logical switches, etc.) Cloud Configuration Create templates (hardware profiles & VM templates) Create cloud Configure SPF account permission Test configuration © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

15 Networking Cheat Sheet
Set up connectivity (Optional) IP Pool Logical network with networking site VM Network Set up Logical Switch Uplink port profile Logical switch

16 System Center Virtual Machine Manager
11/27/2018 System Center Virtual Machine Manager Demo © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

17 Service Provider Foundation
Windows Server Management Marketing 11/27/2018 Service Provider Foundation © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

18 Accounts in SPF: AppPool
Ensure SPF VMM IIS Application Pool identity running as domain user (not network service account) SPF AppPool identity needs admin access to VMM and admin access on the SPF SQL DB When using a service account as AppPoolIdentity, login to the SPF server with this account once IIS W3WP AppPool recycles by default every 29 hours. You can customize it if desired.

19 Accounts in SPF: Local User
SPF integration with Windows Azure Pack through Basic Authentication method Create Local User on SPF Server, add it to SPF Local Groups (VMM, Admin, Provider, Usage) Use the Local User to register with the Azure Pack’s Service Management Portal and API (do not use a domain user)

20 Accounts in SPF: Tenant Accounts
No need to create any tenants from the SPF PowerShell cmdlets, this is handled automatically when users sign up for a subscription. User roles created on VMM or SPF without going through Windows Azure Pack will not be exposed on the Tenant / Admin portal.

21 Topology & Scale Considerations
Just a web service farm Consider number of servers, load-balancers, etc. Consider the users and their location Minimize the number of admin Support a number of tenants/end-users Will consumers access the service from the Internet? Will services be behind multiple firewalls? Span multiple stamps

22 Service Provider Foundation
11/27/2018 Service Provider Foundation Demo © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

23 Windows Azure Pack Fundamentals
Windows Server Management Marketing 11/27/2018 Windows Azure Pack Fundamentals © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

24 Shriram Natarajan ​ ​Program Manager, Microsoft
Build 2012 11/27/2018 Shriram Natarajan ​ ​Program Manager, Microsoft Shriram Natarajan is a Program Manager with Windows Azure Pack, focusing on Authentication, Authorization, PowerShell, and Security.​​​  © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

25 Common Questions How many VMs are required for Windows Azure Pack? Is it possible to make Windows Azure Pack Highly Available? What are the roles of the different APIs? What is the difference between WAP Express install and Distributed Install? Do I have to reconfigure the Azure Pack components (portals and APIs) post deployment? Should WAP be in a dedicated domain? Should we use the Express install or the Distributed install of WAP? Can I  have some users authenticate through ADFS and the Tenant Auth site simultaneously?

26 Windows Azure Pack Sites & Endpoints
Portal Admin Site Admin Authentication Site Tenant Site Tenant Authentication Site Configuration Site API Tenant API Tenant Public API Admin API Resource Providers Virtual Machines Web Sites Service Bus SQL RP My SQL RP Infrastructure Monitoring Web App Gallery PowerShell Modules Usage Usage Collector

27 WAP Component Interaction
11/27/2018 WAP Component Interaction AD FS Admin Portal Tenant Portal SQL Cluster Management Databases Infrastructure Services Admin API Tenant API Tenant Public API © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

28 Service Management APIs
TechEd 2013 11/27/2018 7:58 AM Service Management APIs Admin API Tenant API Tenant Public API Provides Access to Admin Functionality Claims based Authentication Resource Management Used for Automation, Panel/Portal Integration, Admin PowerShell Provides Access to Tenant Functionality Claims based Authentication Provides access to all subscriptions Used for Automation, Panel/Portal Integration Provides Access to Tenant Functionality Certificate based Authentication Provides access that subscription that the cert is tied to Tenant PowerShell © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

29 Deployment Topologies
Windows Server Management Marketing 11/27/2018 Deployment Topologies © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

30 WAP Deployment Requirements
TechReady 17 11/27/2018 WAP Deployment Requirements Windows Server 2012 or higher Express Install VM  8GB RAM, dual core Distributed Install VM (each)  4GB RAM, dual core SQL 2012 SP1 or higher Internet Information Services (IIS) .NET 3.5 and 4.5 Web Platform Installer © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

31 Supported Deployments
Express Simple, single machine deployment , dev & test only Deploy all components on one box (portal, APIs, backend services, databases) Intended for lab or demo environments Distributed Scalable, HA support, production environments Offers flexibility to deploy based on customer requirements Performance and Scale Security

32 Express Deployment Tenant Portal Admin Portal API Tenant Public API
Quick to install Tenant Portal Admin Portal API Tenant Public API Admin Tenant & Admin Auth Sites WAP Infrastructure Services Highly Privileged Services + Internet Facing Services All WAP services in a single box For dev and test scenarios SQL Management Databases Resource Providers

33 Distributed Deployment
Web Application Proxy For Production scenarios Internet facing services Tenant Portal Tenant Public API Separate components for Security AD FS for Federation Tenant API Admin Portal Admin API SQL Cluster AD FS Increase # of servers to address performance High Privileged Services Scale out all nodes for HA Management Databases WAP Infrastructure Services Identity Resource Providers

34 Deployment Tips Scale Tenant Portal\API for better performance
TechReady 18 11/27/2018 Deployment Tips Scale Tenant Portal\API for better performance For high availability Hardware load balancer recommended for public tier (Tenant Portal and Tenant Public API) AlwaysOn Availability Groups supported for Tenant & Management Databases Use separate SQL instance (for Management data) During install process, take snapshots! Pre installation, Post installation, Post configuration © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

35 TechReady 18 11/27/2018 Deployment Tips Please note the passphrase used. There is no way to recover it. Replace self-signed certificates with certificates from a trusted public or enterprise certificate authority Prepare FQDNs required for configuration © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

36 11/27/2018 WAP Services Demo © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

37 Windows Server Management Marketing
11/27/2018 Extensibility © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

38 Setup Extensibility Multiple Tenant Portals
Setting up more than one Tenant Portal that talks to the Service Management API Facilitates providing different Identity Providers per tenant portal Facilitates having a different theme per tenant portal Hosed header based theming of Tenant Portal Allows for different themes within the same tenant portal based on hostname

39 Host Name-based Theming
11/27/2018 Host Name-based Theming Demo © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

40 Windows Server Management Marketing
11/27/2018 Identity © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

41 Demystifying Identity
WAP Authentication Claims-Based authentication using JWT tokens Federated Identities through ADFS ADFS federation with Third Party Identity Providers Supported Protocols : SAML 2.0, WS-* Supported Tokens: SAML, JWT Example Identity Stores Active Directory (AD), Ping, Azure Active Directory, etc… Tenant Authentication Site (ASP.NET membership provider)

42 Claims-based Identity Definitions
TechReady 17 11/27/2018 Claims-based Identity Definitions Relying party Tenant Portal (& Tenant API) Admin Portal (& Admin API) Federation Service ADFS Identity Provider Out-Of-Box Identity Providers Tenant – ASP.NET Admin – Windows Auth External Identity Providers AD FS, Federated AD FS instances ACS, Azure Active Directory etc. © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

43 Federated Identity A federated identity is the means of linking a person's electronic identity and attributes, stored across multiple distinct identity management systems. Source: Wikipedia AD FS STS 1 STS 2 Contoso Application Federation Chain

44 Federated Login ~= Boarding a plane
11/27/2018 Federated Login ~= Boarding a plane Gate Agent Check-in Agent Ticketing Agent Plane Access Ticket Ticket Boarding pass Credit Card Boarding Pass User WAP token WAP Token Contoso token Credentials Contoso Token Contoso Resources WAP STS WAP Portal Access © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

45 WAP Portal Login 1. User without Claims 2. Portal redirects to ADFS
Federation Service ADFS AD ASP.Net Trust 3 IDP 1. User without Claims 5 ASP.Net 2. Portal redirects to ADFS 4 6 3. ADFS shows Login Page ADFS 4. User Enters Credentials 2 1 5. User is authenticated User Portal 3rd party 7 6. Claim token is issued to the user 7. User uses claim to access Portal Relying Party 8 8. Portal Grants access to Resources Identity Provider

46 Claims-based Identity Configuration
1. Configure the management portals to trust AD FS Set-MgmtSvcRelyingPartySettings Admin Auth Site WAP Admin Portal 2. Configure AD FS to trust the management portals Add-ADFSRelyingPartyTrust AD FS WAP Tenant Portal Tenant Auth Site 3. Configure the tenant authentication site to trust AD FS Set-MgmtSvcIdentityProviderSettings 4. Configure the tenant authentication site to trust AD FS Add-ADFSIdentityProviderTrust (3*) For Third Party providers trust is set up corresponding to the requirements of the provider

47 11/27/2018 ADFS & AD Groups Demo © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

48 TechNet Virtual Labs Deep technical content and free product evaluations Hands-on deep technical labs Free, online, technical courses At the TechNet Evaluation Center you can download free, trial versions of Microsoft software, with no feature limits. Dozens of trials are available – all at no cost. Try Windows Server 2012 R2 for up to 180 days. Download the Windows 8.1 Enterprise 90-day evaluation. Or try Microsoft Azure at no-cost for up to 90 days. Microsoft Hands On Labs offer virtual environments that will take you through guided, technically deep product learning experience. Learn at your own pace in labs that you can complete in 90 minutes or less. There is no complex setup or installation is required to use TechNet Virtual Labs. Microsoft Virtual Academy provides free online training on the IT scenarios that are important to your company and your career. Learn at your own pace and boost your IT skills with over 100 courses across more than 15 Microsoft technologies including Windows Server, Windows 8, Microsoft Azure, Office 365, virtualization, Windows Phone, and more. Download Microsoft software trials today. Find Hand On Labs. Take a free online course. Technet.microsoft.com/evalcenter Technet.microsoft.com/virtuallabs microsoftvirtualacademy.com

49 11/27/2018 7:58 AM © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. © 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Download ppt "Windows Server Management Marketing"

Similar presentations

“It’s going to take a month to get a proof of concept going.” “I know VMM, but don’t know how it works with SPF and the Portal” “I know Azure, but.

“It’s going to take a month to get a proof of concept going.” “I know VMM, but don’t know how it works with SPF and the Portal” “I know Azure, but.
Microsoft Virtual Academy

Microsoft Virtual Academy
Microsoft Virtual Academy

Microsoft Virtual Academy
Microsoft Virtual Academy

Microsoft Virtual Academy
Microsoft Virtual Academy

Microsoft Virtual Academy
Microsoft Virtual Academy

Microsoft Virtual Academy
Microsoft Virtual Academy

Microsoft Virtual Academy
Microsoft Virtual Academy

Microsoft Virtual Academy
Infrastructure Provisioning Kenon Owens Sr

Infrastructure Provisioning Kenon Owens Sr
Windows Azure Pack : Express Installation

Windows Azure Pack : Express Installation
Microsoft Virtual Academy

Microsoft Virtual Academy
Microsoft Virtual Academy

Microsoft Virtual Academy
Microsoft Virtual Academy

Microsoft Virtual Academy
11/11/2018 Desktop Virtualization Corey Hynes Kyle Rosenthal President Technical Lead HynesITe Inc Spider Consulting P/L @holSystems @windowspcguy.

11/11/2018 Desktop Virtualization Corey Hynes Kyle Rosenthal President Technical Lead HynesITe Inc Spider Consulting @windowspcguy.
Microsoft Virtual Academy

Microsoft Virtual Academy
Microsoft Virtual Academy

Microsoft Virtual Academy
Microsoft Virtual Academy

Microsoft Virtual Academy
Microsoft Virtual Academy

Microsoft Virtual Academy
Microsoft Virtual Academy

Microsoft Virtual Academy
Microsoft Virtual Academy

Microsoft Virtual Academy

Similar presentations

Ads by Google