Presentation is loading. Please wait.

Presentation is loading. Please wait.

M3: Guidance for choosing the right integration option

Published byΠαιάν Δημητρίου Modified over 6 years ago

Similar presentations

Presentation on theme: "M3: Guidance for choosing the right integration option"— Presentation transcript:

1 M3: Guidance for choosing the right integration option

2 Meet Paul Andrew | @pndrw
Office 365 Technical Product Manager Office 365 datacenter, networking, identity management Passion for informing and inspiring IT Professionals to create simpler solutions to complex problems Meet Ross Adams Azure AD Senior Program Manager Core Azure AD Directory, identity management

3 How to choose an identity model
?

4 Change between models as needs change
Cloud Identity to Synchronized Identity Deploy DirSync Hard match or soft match of users Synchronized Identity to Federated Identity Deploy AD FS Can leave password sync enabled as backup Federated identity to Synchronized Identity PowerShell Convert-MsolDomainToStandard Takes 2 hours plus 1 additional hour per 2,000 users Synchronized Identity to Cloud Identity PowerShell Set-MsolDirSyncEnabled Takes up to 72 hours and you can monitor with Get-MsolCompanyInformation

5 Choose the simplest model for your needs
This is our recommendation Cloud Identity is the simplest model Choose cloud when You have no on-premises directory There is on-premises directory restructuring You are in pilot with Office 365

6 Choose synchronized identity if you have an on-premises directory
Password hash sync means federation is not required just to have the same password on the cloud Same sign-on – the username and password is the same in the cloud as on-premises Single sign-on – you log on to the PC and “no” password is required for cloud services Save credentials for later uses Windows Credential Manager Outlook does not support Single sign-on Choose password hash sync unless you have one of the scenarios that requires federation

7 Scenarios for choosing federation Existing infrastructure
You already have an AD FS Deployment You already use a Third Party Federated Identity Provider You don’t have Active Directory on-premises

8 Scenarios for choosing federation Technical requirements
You have Multiple Forests in your on-premises AD You have an On-Premises Integrated Smart Card or Multi- Factor Authentication (MFA) Solution Custom Hybrid Applications or Hybrid Search is Required Web Accessible Forgotten Password Reset

9 Scenarios for choosing federation Policy requirements
You Require Sign-In Audit and/or Immediate Disable Single Sign-On is Required Require Client Sign-In Restrictions by Network Location or Work Hours Policy preventing Synchronizing Password Hashes to Azure AD

10 M3 Summary: Guidance for choosing the right integration option
You can change your mind later Choose the simplest model When to choose cloud identity Scenarios to choose federated identity Otherwise go with synchronized identity

11

Download ppt "M3: Guidance for choosing the right integration option"

Similar presentations

Office 365 Identity June 2013 Microsoft Office365 4/2/2017

Office 365 Identity June 2013 Microsoft Office365 4/2/2017
Agenda AD to Windows Azure AD Sync Options Federation Architecture

Agenda AD to Windows Azure AD Sync Options Federation Architecture
Core identity scenarios Federation and synchronization 2 3 Identity management overview 1 Additional features 4.

Core identity scenarios Federation and synchronization 2 3 Identity management overview 1 Additional features 4.
Configuring SharePoint 2013 and Office 365 Hybrid – Part 1

Configuring SharePoint 2013 and Office 365 Hybrid – Part 1
Authentication solutions for Outlook and Office 365 Multi-factor authentication for Office 365 Outlook client futures.

Authentication solutions for Outlook and Office 365 Multi-factor authentication for Office 365 Outlook client futures.
[Speaker] [Title] [Company] Identity management integration options for Office 365.

[Speaker] [Title] [Company] Identity management integration options for Office 365.
Identity management integration options for Office 365

Identity management integration options for Office 365
Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.

Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.
Sessions about to start – Get your rig on!. Notes from the field – Implement Hybrid Search and OneDrive for Business Chris Zhong - Microsoft Aaron Dinnage.

Sessions about to start – Get your rig on!. Notes from the field – Implement Hybrid Search and OneDrive for Business Chris Zhong - Microsoft Aaron Dinnage.
IT can provide users with a common identity across on-premises or cloud- based services, leveraging Windows Server Active Directory and Azure Active.

IT can provide users with a common identity across on-premises or cloud- based services, leveraging Windows Server Active Directory and Azure Active.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Active Directory Integration with Microsoft Office 365

Active Directory Integration with Microsoft Office 365
Active Directory Integration with Microsoft Office 365 Ross Adams & Jono Luk Program Managers Microsoft Corporation OSP321.

Active Directory Integration with Microsoft Office 365 Ross Adams & Jono Luk Program Managers Microsoft Corporation OSP321.
Introduction Please answer the survey questions posted at the end of this meeting. Let us know what sessions you want! Josh Topal at

Introduction Please answer the survey questions posted at the end of this meeting. Let us know what sessions you want! Josh Topal at
Scenario covered in this presentation Separate credential from on- premises credential Authentication occurs via cloud directory service Does not.

Scenario covered in this presentation Separate credential from on- premises credential Authentication occurs via cloud directory service Does not.
OUC204. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.

OUC204. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.
Single Sign-On with Microsoft Azure

Single Sign-On with Microsoft Azure
123456789101112…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.

…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.
Microsoft ® Official Course Module 13 Implementing Windows Azure Active Directory.

Microsoft ® Official Course Module 13 Implementing Windows Azure Active Directory.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Similar presentations

Ads by Google