Presentation is loading. Please wait.

Presentation is loading. Please wait.

SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)

Similar presentations


Presentation on theme: "SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)"— Presentation transcript:

1 SIM205

2

3

4

5 (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime Other Manages You manage Platform (as a Service) Other Manages You manage Storage Servers Networking O/S Middleware Virtualization Applications Runtime Data Software (as a Service) Other Manages Storage Servers Networking O/S Middleware Virtualization Applications Runtime Data Common Identity Leveraging on-premises Active Directory Federating based on industry standards Provisioning objects to services where needed Enabling cloud identity providers

6

7 Private Cloud On-Premises Public Cloud Partners SaaS PaaS User Public Cloud SaaS PaaS

8 Private Cloud On-Premises Partners Public Cloud SaaS PaaS AD Federation Services AD Certificate Services AD Rights Management Services AppFabric Access Control service SAML OAUTH WS-Trust, SAML User Claims based applications

9 a claims store and so much more Active Directory Domain Service the developer experience Windows Identity Foundation cloud hosted STS AppFabric Access Control Service on-premises STS Active Directory Federation Service on-premises identity management Forefront Identity Manager cloud identity provider + much more Windows Live ID SaaS - Exchange Online, SharePoint Online… Office 365 / BPOS PaaS - a cloud-OS offering a development, service-hosting and service-management environment Windows Azure

10 Relationship Claims Provider (Security Token Service) Claims Provider (Security Token Service) 2. Get claims 3. Send claims 1. Require claims SUBJECT Resource Provider

11 End User Configure: Claims Rules (Federation Metadata) Configure: Establish Relationship / Trust (Signing key) 3. Get claims 2. AuthN (Creds) Claims Framework (WIF) Claims Framework (WIF) App Business Logic App Business Logic 4. AuthN (Claims) 1. Get policy 5. Grant/deny access Resource Provider Claims-aware application Security Token Service (AD FS) Directory (AD DS)

12

13 Credential Management Group Management User Management Policy Management

14

15

16

17

18 Define Role in Hyper-V AzMan or VMM Add Groups to roles Manage Groups in FIM Secure Delegated Administra tion System Center Forefront Identity Manager Private Cloud management

19

20

21

22

23

24

25

26 Active Directory Other Providers WS-* and SAML On Premises Use of Active Directory identities and groups through federation Enable seamless access experience with other corporate applications tied to AD Integration with 3 rd party systems through WS-* and SAML 2.0 open standards In the next release of AppFabric Access Control Services (ACS 2.0), single sign-on with popular Internet identity providers

27 Access Control Service Your Service 2. Request token (pass input claims) 4. Return token (receive output claims) 5. Send message with token 0. Establish trust via key exchange Customer 1. Define access control rules for an identity provider 3. Map input claims to output claims based on access control rules 6. Process token

28 demo

29

30

31 On Premises AD Online Directory Sync Identity services Provisioning platform Provisioning platform Lync SharePoint Exchange Active Directory Federation Services Trust IdP Directory Store Admin portal Authentication platform IdP Forefront Identity Manager 2010 Small/Medium Customer

32

33

34 Windows Integrated/Kerberos FIM 2010 HR System Workflow ADDS Phone Title Department Manager Group Identity directories Exchange GAL & DL SharePoint Profiles and Access SAP and other apps AD FS 2.0 WS-* and SAML Claims Partner Claims-Aware Applications Claims- Aware Applications SQL Server Role Client List Self Service MS Online Directory Synchronization

35

36

37

38

39 www.microsoft.com/teched Sessions On-Demand & CommunityMicrosoft Certification & Training Resources Resources for IT ProfessionalsResources for Developers www.microsoft.com/learning http://microsoft.com/technet http://microsoft.com/msdn http://northamerica.msteched.com Connect. Share. Discuss.

40

41 Scan the Tag to evaluate this session now on myTechEd Mobile

42

43


Download ppt "SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)"

Similar presentations


Ads by Google