Presentation is loading. Please wait.

Presentation is loading. Please wait.

Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.

Published byGary McKinney Modified over 9 years ago

Similar presentations

Presentation on theme: "Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication."— Presentation transcript:

1

2

3

4

5 Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication

6 Cloud Identity Model

7

8

9

10 Synchronized Identity Model

11 Password hashes User accounts User Sign-on Azure AD Sync On-premises directory

12 User Password On-premises directory

13  Includes sync from multiple forests including merging duplicate users in these forests  In addition to AD, can sync from LDAP v3, SQL Server (coming soon)  Enables selective OU sync with using UX in the setup  Enables selective attribute sync  Enables transforming of attributes using UX in the setup  Installer that deploys Azure AD Sync and optionally AD FS  A superset of Azure AD  In preview now

14 Azure AD Connect (sync + sign on) Active Directory LDAP directories

15

16

17

18

19 Federated Identity Model

20 On-premises directory Azure AD Sync

21 This new backup option for Office 365 customers using federated sign-in provides the option to manually switch your domain in a short amount of time during outages such as on- premises power loss, internet connection interruption and any other on-premises outage. Backup Password Hash Sync User accounts Azure AD Sync On-premises directory

22 Making AD FS Easy

23 How to choose an identity model

24 Change between models as needs change

25 Choose the simplest model for your needs

26 Choose synchronized identity if you have an on-premises directory

27 Scenarios for choosing federation Existing infrastructure

28 Scenarios for choosing federation Technical requirements

29 Scenarios for choosing federation Policy requirements

30 Office 365 federation options Suitable for medium, large enterprises including educational organizations Recommended option for Active Directory (AD) based customers Single sign-on Support for web and rich clients Microsoft supported Works for Office 365 Hybrid Scenarios Requires on-premises servers, licenses & support Suitable for medium, large enterprises including educational organizations Recommended where customers may use existing non-ADFS Identity systems with AD or Non-AD Single sign-on Support for web and rich clients Third-party supported Works for Office 365 Hybrid Scenarios Requires on-premises servers, licenses & support Verified through ‘works with Office 365’ program Suitable for educational organizations Recommended where customers may use existing non-ADFS Identity systems Single sign-on Support for web clients and outlook (ECP) only Microsoft supported for integration only, no shibboleth deployment support Requires on-premises servers & support Works with AD and other directories on-premises For organizations that need to use SAML 2.0 Recommended where customers may use existing non-ADFS Identity systems Single sign-on Support for web clients and outlook (ECP) only Microsoft supported for integration only, no identity provider deployment support Requires on-premises servers & support Works with AD and other directories on-premises

31 Works with Office 365 – Identity program

32 New Identity Features

33 Enables these capabilities Multi-Factor Authentication SAML based identity providers Smart Card and Cert authentication Outlook doesn’t need Basic Authentication The program is easier to join and production support is included for participants. Some incomplete scenarios like IRM, External Sharing, AD FS Client Access Policies. Updates in the coming months. Targeted March 2015

34

35

36 Azure AD FeaturesOffice 365 Common features Directory as a service No object limit User and group management using UI or Windows PowerShell cmdlets Access Panel portal for SSO-based user access to SaaS and custom applications Up to 10 apps per user User-based application access management and provisioning Self-service password change for cloud users Directory synchronization tool – For syncing between on-premises Active Directory and Azure Active Directory Standard security reports 3 standard reports Premium and Basic features High availability SLA uptime (99.9%) Group-based application access management and provisioning Customization of company logo and colors to the Sign In and Access Panel pages Self-service password reset for cloud users Application Proxy Premium- only feature Self-service group management for cloud users Self-service password reset with on-premises write-back Microsoft Identity Manager (MIM) server licenses – For syncing between on-premises databases and/or directories and Azure Active Directory Advanced anomaly security reports (machine learning-based) Advanced application usage reporting Multi-Factor Authentication service for cloud users Limited features Multi-Factor Authentication server for on-premises users For Free and Premium see https://msdn.microsoft.com/en-us/library/azure/dn532272.aspx

37 Summary

38

39

Download ppt "Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication."

Similar presentations

Office 365 Identity June 2013 Microsoft Office365 4/2/2017

Office 365 Identity June 2013 Microsoft Office365 4/2/2017
Agenda AD to Windows Azure AD Sync Options Federation Architecture

Agenda AD to Windows Azure AD Sync Options Federation Architecture
Core identity scenarios Federation and synchronization 2 3 Identity management overview 1 Additional features 4.

Core identity scenarios Federation and synchronization 2 3 Identity management overview 1 Additional features 4.
[Speaker] [Title] [Company] Identity management integration options for Office 365.

[Speaker] [Title] [Company] Identity management integration options for Office 365.
Microsoft Ignite /16/2017 3:28 PM

Microsoft Ignite /16/2017 3:28 PM
Identity management integration options for Office 365

Identity management integration options for Office 365
IT can provide users with a common identity across on-premises or cloud- based services, leveraging Windows Server Active Directory and Azure Active.

IT can provide users with a common identity across on-premises or cloud- based services, leveraging Windows Server Active Directory and Azure Active.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Active Directory Integration with Microsoft Office 365

Active Directory Integration with Microsoft Office 365
Cloud app Cloud app Cloud app Separate username/password sign-in Manual or semi-automated provisioning Active Directory App Separate username/password.

Cloud app Cloud app Cloud app Separate username/password sign-in Manual or semi-automated provisioning Active Directory App Separate username/password.
Active Directory Integration with Microsoft Office 365 Ross Adams & Jono Luk Program Managers Microsoft Corporation OSP321.

Active Directory Integration with Microsoft Office 365 Ross Adams & Jono Luk Program Managers Microsoft Corporation OSP321.
User Microsoft Account Ex: User Organizational Account Ex: Microsoft Account Windows Azure Active Directory.

User Microsoft Account Ex: User Organizational Account Ex: Microsoft Account Windows Azure Active Directory.
Empower Enterprise Mobility Jasbir Gill Azure Mobility.

Empower Enterprise Mobility Jasbir Gill Azure Mobility.
Scenario covered in this presentation Separate credential from on- premises credential Authentication occurs via cloud directory service Does not.

Scenario covered in this presentation Separate credential from on- premises credential Authentication occurs via cloud directory service Does not.
OUC204. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.

OUC204. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.
Timothy Heeney| Microsoft Corporation. Discuss the purpose of Identity Federation Explain how to implement Identity Federation Explain how Identity Federation.

Timothy Heeney| Microsoft Corporation. Discuss the purpose of Identity Federation Explain how to implement Identity Federation Explain how Identity Federation.
Single Sign-On with Microsoft Azure

Single Sign-On with Microsoft Azure
Windows Azure Conference 2014 Windows Azure AD – All about WAAD & integration with on- premises AD.

Windows Azure Conference 2014 Windows Azure AD – All about WAAD & integration with on- premises AD.
Microsoft ® Official Course Module 13 Implementing Windows Azure Active Directory.

Microsoft ® Official Course Module 13 Implementing Windows Azure Active Directory.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Similar presentations

Ads by Google