Presentation is loading. Please wait.

Presentation is loading. Please wait.

Access resources in a federation partner organization.

Published byEugene Stevens Modified over 9 years ago

Similar presentations

Presentation on theme: "Access resources in a federation partner organization."— Presentation transcript:

1

2

3

4

5 Access resources in a federation partner organization

6

7

8

9

10

11

12

13

14 Devices Apps Users Empowering People-centric IT Management. Access. Protection. Data

15 Hybrid Identity Unify your environment Create a centralized identity across on-premises and cloud Use identity federation to maintain centralized authentication and securely share and collaborate with external users and businesses Enable users Provide users with self-service experiences to keep them productive Enable single sign-on for users across all the resources they need access to Protect your data Enforce strong authentication when users access resources and apply conditional access controls to sensitive company information Configure single sign-on across all company applications Ensure compliance with governance, attestation and reporting

16

17

18

19 Providing Users with a Common Identity IT can provide users with a common identity across on-premises or cloud- based services, leveraging Windows Server Active Directory and Azure Active Directory. Users are more productive by having a single sign-on to all their resources. Users get access through accounts in Azure Active Directory to Azure, Office 365, and third-party applications. Developers can build applications that leverage the common identity model.

20 Common Identity with Sync User attributes are synchronized including the password hash, Authentication can be completed against either Azure or Windows Server Active Directory Synchronization *Write back of attributes to support cloud first and co-existence

21 Common Identity with Federation User attributes are synchronized, Authentication is passed back through federation and completed against Windows Server Active Directory Federation AD FS provides conditional access to resources, Work Place Join for device registration and integrated Multi-Factor Authentication

22 Common Identity with Federation

23

24

25

26 Identity Federation Conditional access with multi- factor authentication is provided on a per-application basis, leveraging user identity, device registration & network location Organizations can federate with partners and other organizations for seamless access to shared resources Organizations can connect to SaaS applications running in Azure, Office 365 and 3 rd party providers Enhancements to AD FS include simplified deployment and management Published applications

27

28 Active Directory Federation Services Overview - http://technet.microsoft.com/en-us/library/hh831502.aspxhttp://technet.microsoft.com/en-us/library/hh831502.aspx Setup Geographic Redundancy with SQL Server Replication - http://technet.microsoft.com/en- us/library/dn632406.aspxhttp://technet.microsoft.com/en- us/library/dn632406.aspx AD FS Certificate Requirements - http://technet.microsoft.com/en-us/library/dn554247.aspx#BKMK_1http://technet.microsoft.com/en-us/library/dn554247.aspx#BKMK_1 Configuring AD FS Extranet Lockout - http://technet.microsoft.com/en-us/library/dn486806.aspxhttp://technet.microsoft.com/en-us/library/dn486806.aspx Configuring Alternate Login ID - http://technet.microsoft.com/en-us/library/dn659436.aspxhttp://technet.microsoft.com/en-us/library/dn659436.aspx Walkthrough Guide: Manage Risk with Additional Multi-Factor Authentication for Sensitive Applications - http://technet.microsoft.com/en-us/library/dn280946.aspx http://technet.microsoft.com/en-us/library/dn280946.aspx Configuring Authentication Policies - http://technet.microsoft.com/en-us/library/dn486781.aspxhttp://technet.microsoft.com/en-us/library/dn486781.aspx Developing Modern Applications using OAuth and AD FS - http://msdn.microsoft.com/en-us/library/dn633593.aspxhttp://msdn.microsoft.com/en-us/library/dn633593.aspx Directory integration - http://msdn.microsoft.com/en-us/library/azure/jj573653.aspxhttp://msdn.microsoft.com/en-us/library/azure/jj573653.aspx AD FS on Curah - http://curah.microsoft.com/51820/ad-fs-technet-content-maphttp://curah.microsoft.com/51820/ad-fs-technet-content-map BYOD on Curah - http://curah.microsoft.com/37111/bring-your-own-device-byodhttp://curah.microsoft.com/37111/bring-your-own-device-byod

29 www.microsoft.com/learning http://microsoft.com/msdn http://microsoft.com/technet http://channel9.msdn.com/Events/TechEd

30

31

32

Download ppt "Access resources in a federation partner organization."

Similar presentations

Users expect to be able to work in any location and have access to all their work resources. The explosion of devices has eradicated the standards-

Users expect to be able to work in any location and have access to all their work resources. The explosion of devices has eradicated the standards-
Microsoft Ignite /16/2017 3:28 PM

Microsoft Ignite /16/2017 3:28 PM
SharePoint Server Exchange Server CORPORATE NETWORK Mobile devices PCs Browsers INTERNET DMZ Active Directory Policies Filter EAS Filter web access.

SharePoint Server Exchange Server CORPORATE NETWORK Mobile devices PCs Browsers INTERNET DMZ Active Directory Policies Filter EAS Filter web access.
Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.

Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.
Microsoft Ignite /16/2017 4:55 PM

Microsoft Ignite /16/2017 4:55 PM
IT can provide users with a common identity across on-premises or cloud- based services, leveraging Windows Server Active Directory and Azure Active.

IT can provide users with a common identity across on-premises or cloud- based services, leveraging Windows Server Active Directory and Azure Active.
Today’s challenges Deliver applications to mobile platforms (BYOD) Respond to dynamic business requirements for IT: Seasonal/temporary workers Vendors.

Today’s challenges Deliver applications to mobile platforms (BYOD) Respond to dynamic business requirements for IT: Seasonal/temporary workers Vendors.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Empower Enterprise Mobility. of employees use personal devices for work purposes.* of employees that typically work on employer premises, also frequently.

Empower Enterprise Mobility. of employees use personal devices for work purposes.* of employees that typically work on employer premises, also frequently.
Windows Server 2012 R2 Capabilities for BYOD Scenario Yuri Diogenes Senior Knowledge Engineer Data Center, Devices & Enterprise Client – CSI Team’s Page:

Windows Server 2012 R2 Capabilities for BYOD Scenario Yuri Diogenes Senior Knowledge Engineer Data Center, Devices & Enterprise Client – CSI Team’s Page:
SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)

SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)
UAGSharePoint InternetIntranet.

UAGSharePoint InternetIntranet.
Demi Albuz SENIOR PRODUCT MARKETING MANAGER Samim Erdogan PRINCIPAL ENGINEERING MANAGER Thomas Willingham TECHNICAL PRODUCT MANAGER.

Demi Albuz SENIOR PRODUCT MARKETING MANAGER Samim Erdogan PRINCIPAL ENGINEERING MANAGER Thomas Willingham TECHNICAL PRODUCT MANAGER.
Empower Enterprise Mobility Jasbir Gill Azure Mobility.

Empower Enterprise Mobility Jasbir Gill Azure Mobility.
Windows Azure Networking & Active Directory Nasir (Muhammad Nasiruddin) Developer Evangelist - Azure Microsoft Corporation

Windows Azure Networking & Active Directory Nasir (Muhammad Nasiruddin) Developer Evangelist - Azure Microsoft Corporation
Matt Steele Senior Program Manager Microsoft Corporation SESSION CODE: SIA326.

Matt Steele Senior Program Manager Microsoft Corporation SESSION CODE: SIA326.
ARC312. Security Policy Governance Audit Reporting Analysis Data Quality Directory Logon Mobility Provisioning Development Access Control Authentication.

ARC312. Security Policy Governance Audit Reporting Analysis Data Quality Directory Logon Mobility Provisioning Development Access Control Authentication.
OUC204. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.

OUC204. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.
5 | Microsoft Confidential 6 | Microsoft Confidential.

5 | Microsoft Confidential 6 | Microsoft Confidential.
Single Sign-On with Microsoft Azure

Single Sign-On with Microsoft Azure

Similar presentations

Ads by Google