SlideShare una empresa de Scribd logo

Identity in Office 365 - SPS Redmond 2012

John Ferringer
John Ferringer

One of the most compelling aspects of Office 365 is how it can be integrated into organization's existing IT infrastructures to provide users with a seamless experience; when implemented properly users shouldn't even realize a difference between on premise platforms and services in the cloud with Office 365. But while this is a situation that can be very simple for end users to work within, establishing and configuring the systems necessary to provide that simple experience can be very complex and confusing. In this session, attendees will be introduced to the numerous ways that existing on premises systems, including Active Directory, Exchange, SharePoint, and Lync, can be seamlessly integrated into Office 365 by organizations of all shapes and sizes. We will walk through the decision process companies will need to follow to determine how to configure their coexistence and integration strategies, as well as provide hands-on examples of common set ups.

Tecnología
1 de 34
Descargar para leer sin conexión
Identity in Office 365
Blog: http://www.MyCentralAdmin.com Twitter: @ferringer
Outline  Office 365 Overview  Changing the Identity Perspective  Authentication vs. Authorization  Who Are You?  What Do You Do Here?  Who’s in Charge Here? 3 | SharePoint Saturday Redmond 2012
 Email and Calendaring  Websites and Collaboration  IM and Online Meetings  Office Client and Web Apps  Hosted by Microsoft – in the cloud! 4 | SharePoint Saturday Redmond 2012
 Office 365 Overview  Changing the Identity Perspective  Authentication vs. Authorization  Who Are You?  What Do You Do Here?  Who’s in Charge Here? 5 | SharePoint Saturday Redmond 2012
Did Someone say Cloud? 6 | SharePoint Saturday Redmond 2012
What’s Your Perspective? 7 | SharePoint Saturday Redmond 2012
Identity’s impact on Office 365  End User Experience  Complexity  Scale  Manageability  Investment 8 | SharePoint Saturday Redmond 2012
 Office 365 Overview  Changing the Identity Perspective  Authentication vs. Authorization  Who Are You?  What Do You Do Here?  Who’s in Charge Here? 9 | SharePoint Saturday Redmond 2012
Authentication vs. Authorization  Who gets in?  What can they do? 10 | SharePoint Saturday Redmond 2012
Who gets in?  Where do your Office 365 user accounts live?  What is needed to use them?  What can they do?  What are the limitations of the approach? 11 | SharePoint Saturday Redmond 2012
 Office 365 Overview  Changing the Identity Perspective  Authentication vs. Authorization  Who Are You?  What Do You Do Here?  Who’s in Charge Here? 12 | SharePoint Saturday Redmond 2012
Identity Options 1. Microsoft Online (MSO) IDs 2. MSO IDs + Directory Synchronization 3. Single Sign On + Directory Synchronization Microsoft Online Services Identity Services Exchange Your Environment Trust Authentication Online platform Active Directory Admin Portal/ Federation PowerShell IdP SharePoint Services 2.0 Online IdP MS Online Provisioning Directory Lync AD Directory Sync platform Store Online Office 365 Desktop Setup 13 | SharePoint Saturday Redmond 2012
What can they do? Appropriate for Appropriate for • Medium/Large orgs with Appropriate for • Smaller orgs without AD on-premise • Larger enterprise orgs AD on-premise with AD on-premise Pros Pros • Users and groups Pros • No servers required on- mastered on-premise • SSO with corporate cred premise • Enables co-existence • IDs mastered on-premise scenarios • Password policy Cons controlled on-premise • No SSO Cons • 2FA solutions possible • No 2FA • No SSO • Enables co-existence • 2 sets of credentials to • No 2FA scenarios manage with differing • 2 sets of credentials to password policies manage with differing Cons • IDs mastered in the password policies • High availability server cloud • Single server deployments required deployment 14 | SharePoint Saturday Redmond 2012
Sign On Experience * SSO vs. Online IDs Summary Outlook Web Application ActiveSync, Outlook 2007 or SharePoint Web Office 2010, or POP, IMAP, Lync Online 2010 Application Office 2007 SP2 Entourage Win7/Vista/XP Win7/Vista/XP Win 7/Vista/XP MS Online IDs Online ID Online ID Online ID Online ID Online ID SSO IDs (domain AD credentials AD credentials AD credentials AD credentials AD credentials joined) SSO IDs (non-domain AD credentials AD credentials AD credentials AD credentials AD credentials joined) *Requires ADFS 2.0 15 | SharePoint Saturday Redmond 2012
Active Directory Federation Services (AD FS) Microsoft Online Services Identity Services Exchange Your Environment Trust Authentication Online platform Active Directory Federation IdP SharePoint Services 2.0 Online IdP MS Online Directory Lync AD Directory Sync Store Online Office 365 Desktop Setup 16 | SharePoint Saturday Redmond 2012
How does AD FS work?  Claims authentication  Think of it like a passport  Passport Application  Visa Application  Submit for authorization  Allowed access 17 | SharePoint Saturday Redmond 2012
AD FS’s Authentication flow Your Environment Microsoft Online Services Active Directory AD FS 2.0 Server (SAML 1.1) Token Logon UPN:user@contoso.com Authentication platform Source User ID: ABC123 Auth Token UPN:user@contoso.com Unique ID: 254729 ` Exchange Online or Client SharePoint Online (joined to CorpNet) 18 | SharePoint Saturday Redmond 2012
AD FS 2.0 deployment options 1. Single server configuration 2. AD FS 2.0 server farm and load-balancer 3. AD FS 2.0 proxy server or UAG/TMG (External Users, Active Sync, Outlook) Active Directory AD FS 2.0 AD FS 2.0 AD FS 2.0 Server Server Server Proxy AD FS 2.0 Server Proxy External Internal Enterprise user user DMZ 19 | SharePoint Saturday Redmond 2012
ADFS Considerations  Can you afford an outage?  How do you secure it?  It’s complex  Requires specific AD config Hat tip: @usher  UPN formatting  Requires DirSync  Other options available  Shibboleth (added August 2012) 20 | SharePoint Saturday Redmond 2012
Directory Synchronization  One-way copy of accounts to Office 365  Required for SSO/AD FS  But can be used without AD FS  Required for Hybrid scenarios  Think of it as an appliance, always running 21 | SharePoint Saturday Redmond 2012
How DirSync Fits in Microsoft Online Services Identity Services Exchange Your Environment Trust Authentication Online platform Active Directory Federation IdP SharePoint Services 2.0 Online IdP MS Online Directory Lync AD Directory Sync Store Online Office 365 Desktop Setup 22 | SharePoint Saturday Redmond 2012
Getting to know DirSync  It’s actually Forefront Identity Manager  Copies AD accounts into Office 365  But not back down  Doesn’t sync passwords  Filtering now available  Can have sizing issues  Upload sizing  Database sizing  FIM: no touchy! (maybe) 23 | SharePoint Saturday Redmond 2012
 Office 365 Overview  Changing the Identity Perspective  Authentication vs. Authorization  Who Are You?  What Do You Do Here?  Who’s in Charge Here? 24 | SharePoint Saturday Redmond 2012
Who does what around here?  Role-based Administration (RBAC)  External access 25 | SharePoint Saturday Redmond 2012
Office 365 user roles  End Users  Service administrators  Exchange Online  SharePoint Online  Lync Online  Office 365 administrators  External users 26 | SharePoint Saturday Redmond 2012
Office 365 admin roles  Global administrator  Billing administrator  Password administrator  Services administrator  User management administrator  Delegated administrator  See the Office 365 Support Services Description document for more info: http://tinyurl.com/o365SvcDescrs 27 | SharePoint Saturday Redmond 2012
External access  Allows external users access to SharePoint Online  No USLs required  Not full Extranet  Users can have:  MSO ID  Live ID  EASI ID  It’s a Feature Preview… 28 | SharePoint Saturday Redmond 2012
 Office 365 Overview  Changing the Identity Perspective  Authentication vs. Authorization  Who Are You?  What Do You Do Here?  Who’s in Charge Here? 29 | SharePoint Saturday Redmond 2012
Managing Identity in Office 365  Admin activities do not go away  AD FS is complex  And important!  PowerShell is your friend  How’s your internet connection?  Office 365 is constantly changing 30 | SharePoint Saturday Redmond 2012
Troubleshooting Identity  Microsoft Online Diagnostics and Logging tool (MOSDAL)  Microsoft Remote Connectivity Analyzer: HTTP://testexchangeconnectivity.com  Fiddler  WireShark/Netmon  Office 365 Expert Discussion Series: http://tinyurl.com/o365ExptDisc 31 | SharePoint Saturday Redmond 2012
Tie IT All Together 32 | SharePoint Saturday Redmond 2012
Blog: http://www.MyCentralAdmin.com Twitter: @ferringer

Recomendados

SharePointCincy 2014: On-Premises, Office 365, or Dedicated Hosting - Which t...
SharePointCincy 2014: On-Premises, Office 365, or Dedicated Hosting - Which t...SharePointCincy 2014: On-Premises, Office 365, or Dedicated Hosting - Which t...
SharePointCincy 2014: On-Premises, Office 365, or Dedicated Hosting - Which t...John Ferringer
 
Office 365 for IT Pros - SPS Michigan 2012
Office 365 for IT Pros - SPS Michigan 2012Office 365 for IT Pros - SPS Michigan 2012
Office 365 for IT Pros - SPS Michigan 2012John Ferringer
 
Everybody Lies: Troubleshooting SharePoint with House MD - SharePoint Saturda...
Everybody Lies: Troubleshooting SharePoint with House MD - SharePoint Saturda...Everybody Lies: Troubleshooting SharePoint with House MD - SharePoint Saturda...
Everybody Lies: Troubleshooting SharePoint with House MD - SharePoint Saturda...John Ferringer
 
After the Dust Settles - What to do with SharePoint Once You Go Live
After the Dust Settles - What to do with SharePoint Once You Go LiveAfter the Dust Settles - What to do with SharePoint Once You Go Live
After the Dust Settles - What to do with SharePoint Once You Go LiveJohn Ferringer
 
IndyPASS - Can SharePoint and SQL Server Find Wedded Bliss?
IndyPASS - Can SharePoint and SQL Server Find Wedded Bliss?IndyPASS - Can SharePoint and SQL Server Find Wedded Bliss?
IndyPASS - Can SharePoint and SQL Server Find Wedded Bliss?John Ferringer
 
Ascension Health SharePoint Summit 2013 - Windows Server 2012 and PowerShell...
Ascension Health SharePoint Summit 2013 - Windows Server 2012 and PowerShell...Ascension Health SharePoint Summit 2013 - Windows Server 2012 and PowerShell...
Ascension Health SharePoint Summit 2013 - Windows Server 2012 and PowerShell...John Ferringer
 
Same but Different - Developing for SharePoint Online -- SPSSTL
Same but Different - Developing for SharePoint Online -- SPSSTLSame but Different - Developing for SharePoint Online -- SPSSTL
Same but Different - Developing for SharePoint Online -- SPSSTLJohn Ferringer
 
Make SharePoint Look Not Like SharePoint - SPSNashville - Cathy Dew
Make SharePoint Look Not Like SharePoint - SPSNashville - Cathy DewMake SharePoint Look Not Like SharePoint - SPSNashville - Cathy Dew
Make SharePoint Look Not Like SharePoint - SPSNashville - Cathy DewCathy Dew
 

Recomendados

SharePointCincy 2014: On-Premises, Office 365, or Dedicated Hosting - Which t...
SharePointCincy 2014: On-Premises, Office 365, or Dedicated Hosting - Which t...SharePointCincy 2014: On-Premises, Office 365, or Dedicated Hosting - Which t...
SharePointCincy 2014: On-Premises, Office 365, or Dedicated Hosting - Which t...John Ferringer
 
Office 365 for IT Pros - SPS Michigan 2012
Office 365 for IT Pros - SPS Michigan 2012Office 365 for IT Pros - SPS Michigan 2012
Office 365 for IT Pros - SPS Michigan 2012John Ferringer
 
Everybody Lies: Troubleshooting SharePoint with House MD - SharePoint Saturda...
Everybody Lies: Troubleshooting SharePoint with House MD - SharePoint Saturda...Everybody Lies: Troubleshooting SharePoint with House MD - SharePoint Saturda...
Everybody Lies: Troubleshooting SharePoint with House MD - SharePoint Saturda...John Ferringer
 
After the Dust Settles - What to do with SharePoint Once You Go Live
After the Dust Settles - What to do with SharePoint Once You Go LiveAfter the Dust Settles - What to do with SharePoint Once You Go Live
After the Dust Settles - What to do with SharePoint Once You Go LiveJohn Ferringer
 
IndyPASS - Can SharePoint and SQL Server Find Wedded Bliss?
IndyPASS - Can SharePoint and SQL Server Find Wedded Bliss?IndyPASS - Can SharePoint and SQL Server Find Wedded Bliss?
IndyPASS - Can SharePoint and SQL Server Find Wedded Bliss?John Ferringer
 
Ascension Health SharePoint Summit 2013 - Windows Server 2012 and PowerShell...
Ascension Health SharePoint Summit 2013 - Windows Server 2012 and PowerShell...Ascension Health SharePoint Summit 2013 - Windows Server 2012 and PowerShell...
Ascension Health SharePoint Summit 2013 - Windows Server 2012 and PowerShell...John Ferringer
 
Same but Different - Developing for SharePoint Online -- SPSSTL
Same but Different - Developing for SharePoint Online -- SPSSTLSame but Different - Developing for SharePoint Online -- SPSSTL
Same but Different - Developing for SharePoint Online -- SPSSTLJohn Ferringer
 
Make SharePoint Look Not Like SharePoint - SPSNashville - Cathy Dew
Make SharePoint Look Not Like SharePoint - SPSNashville - Cathy DewMake SharePoint Look Not Like SharePoint - SPSNashville - Cathy Dew
Make SharePoint Look Not Like SharePoint - SPSNashville - Cathy DewCathy Dew
 
Moving to M365: You Got There, Now What Do You Do?
Moving to M365: You Got There, Now What Do You Do?Moving to M365: You Got There, Now What Do You Do?
Moving to M365: You Got There, Now What Do You Do?John Ferringer
 
Deciding What to Do - SharePoint 2019 - NACS 2019
Deciding What to Do - SharePoint 2019 - NACS 2019Deciding What to Do - SharePoint 2019 - NACS 2019
Deciding What to Do - SharePoint 2019 - NACS 2019John Ferringer
 
After the Dust settles - SharePoint Operations Guidance DaySPUG
After the Dust settles - SharePoint Operations Guidance DaySPUGAfter the Dust settles - SharePoint Operations Guidance DaySPUG
After the Dust settles - SharePoint Operations Guidance DaySPUGJohn Ferringer
 
Identity in office 365 sps michigan 2013
Identity in office 365 sps michigan 2013Identity in office 365 sps michigan 2013
Identity in office 365 sps michigan 2013John Ferringer
 
SharePoint Conference 2012 - After the Dust Settles
SharePoint Conference 2012 - After the Dust SettlesSharePoint Conference 2012 - After the Dust Settles
SharePoint Conference 2012 - After the Dust SettlesJohn Ferringer
 
Backup is not Backup, Restore is Backup SPSCincy 2012
Backup is not Backup, Restore is Backup SPSCincy 2012Backup is not Backup, Restore is Backup SPSCincy 2012
Backup is not Backup, Restore is Backup SPSCincy 2012John Ferringer
 
Everybody lies: Troubleshooting SharePoint with House M.D. - SPSTC fall 2012
Everybody lies: Troubleshooting SharePoint with House M.D. - SPSTC fall 2012Everybody lies: Troubleshooting SharePoint with House M.D. - SPSTC fall 2012
Everybody lies: Troubleshooting SharePoint with House M.D. - SPSTC fall 2012John Ferringer
 
Getting to know Office 365: Detroit Day of Azure 2012
Getting to know Office 365: Detroit Day of Azure 2012Getting to know Office 365: Detroit Day of Azure 2012
Getting to know Office 365: Detroit Day of Azure 2012John Ferringer
 
Intro to SharePoint 2010 development for .NET developers
Intro to SharePoint 2010 development for .NET developersIntro to SharePoint 2010 development for .NET developers
Intro to SharePoint 2010 development for .NET developersJohn Ferringer
 
Same but Different: Developing for SharePoint Online
Same but Different: Developing for SharePoint OnlineSame but Different: Developing for SharePoint Online
Same but Different: Developing for SharePoint OnlineJohn Ferringer
 
Establishing Dominance - SPS Columbus 2011
Establishing Dominance - SPS Columbus 2011Establishing Dominance - SPS Columbus 2011
Establishing Dominance - SPS Columbus 2011John Ferringer
 
SharePoint on Imaginary Hardware - IndyTechFest 2010
SharePoint on Imaginary Hardware - IndyTechFest 2010SharePoint on Imaginary Hardware - IndyTechFest 2010
SharePoint on Imaginary Hardware - IndyTechFest 2010John Ferringer
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 

Más contenido relacionado

Más de John Ferringer

Moving to M365: You Got There, Now What Do You Do?
Moving to M365: You Got There, Now What Do You Do?Moving to M365: You Got There, Now What Do You Do?
Moving to M365: You Got There, Now What Do You Do?John Ferringer
 
Deciding What to Do - SharePoint 2019 - NACS 2019
Deciding What to Do - SharePoint 2019 - NACS 2019Deciding What to Do - SharePoint 2019 - NACS 2019
Deciding What to Do - SharePoint 2019 - NACS 2019John Ferringer
 
After the Dust settles - SharePoint Operations Guidance DaySPUG
After the Dust settles - SharePoint Operations Guidance DaySPUGAfter the Dust settles - SharePoint Operations Guidance DaySPUG
After the Dust settles - SharePoint Operations Guidance DaySPUGJohn Ferringer
 
Identity in office 365 sps michigan 2013
Identity in office 365 sps michigan 2013Identity in office 365 sps michigan 2013
Identity in office 365 sps michigan 2013John Ferringer
 
SharePoint Conference 2012 - After the Dust Settles
SharePoint Conference 2012 - After the Dust SettlesSharePoint Conference 2012 - After the Dust Settles
SharePoint Conference 2012 - After the Dust SettlesJohn Ferringer
 
Backup is not Backup, Restore is Backup SPSCincy 2012
Backup is not Backup, Restore is Backup SPSCincy 2012Backup is not Backup, Restore is Backup SPSCincy 2012
Backup is not Backup, Restore is Backup SPSCincy 2012John Ferringer
 
Everybody lies: Troubleshooting SharePoint with House M.D. - SPSTC fall 2012
Everybody lies: Troubleshooting SharePoint with House M.D. - SPSTC fall 2012Everybody lies: Troubleshooting SharePoint with House M.D. - SPSTC fall 2012
Everybody lies: Troubleshooting SharePoint with House M.D. - SPSTC fall 2012John Ferringer
 
Getting to know Office 365: Detroit Day of Azure 2012
Getting to know Office 365: Detroit Day of Azure 2012Getting to know Office 365: Detroit Day of Azure 2012
Getting to know Office 365: Detroit Day of Azure 2012John Ferringer
 
Intro to SharePoint 2010 development for .NET developers
Intro to SharePoint 2010 development for .NET developersIntro to SharePoint 2010 development for .NET developers
Intro to SharePoint 2010 development for .NET developersJohn Ferringer
 
Same but Different: Developing for SharePoint Online
Same but Different: Developing for SharePoint OnlineSame but Different: Developing for SharePoint Online
Same but Different: Developing for SharePoint OnlineJohn Ferringer
 
Establishing Dominance - SPS Columbus 2011
Establishing Dominance - SPS Columbus 2011Establishing Dominance - SPS Columbus 2011
Establishing Dominance - SPS Columbus 2011John Ferringer
 
SharePoint on Imaginary Hardware - IndyTechFest 2010
SharePoint on Imaginary Hardware - IndyTechFest 2010SharePoint on Imaginary Hardware - IndyTechFest 2010
SharePoint on Imaginary Hardware - IndyTechFest 2010John Ferringer
 

Más de John Ferringer (12)

Moving to M365: You Got There, Now What Do You Do?
Moving to M365: You Got There, Now What Do You Do?Moving to M365: You Got There, Now What Do You Do?
Moving to M365: You Got There, Now What Do You Do?
 
Deciding What to Do - SharePoint 2019 - NACS 2019
Deciding What to Do - SharePoint 2019 - NACS 2019Deciding What to Do - SharePoint 2019 - NACS 2019
Deciding What to Do - SharePoint 2019 - NACS 2019
 
After the Dust settles - SharePoint Operations Guidance DaySPUG
After the Dust settles - SharePoint Operations Guidance DaySPUGAfter the Dust settles - SharePoint Operations Guidance DaySPUG
After the Dust settles - SharePoint Operations Guidance DaySPUG
 
Identity in office 365 sps michigan 2013
Identity in office 365 sps michigan 2013Identity in office 365 sps michigan 2013
Identity in office 365 sps michigan 2013
 
SharePoint Conference 2012 - After the Dust Settles
SharePoint Conference 2012 - After the Dust SettlesSharePoint Conference 2012 - After the Dust Settles
SharePoint Conference 2012 - After the Dust Settles
 
Backup is not Backup, Restore is Backup SPSCincy 2012
Backup is not Backup, Restore is Backup SPSCincy 2012Backup is not Backup, Restore is Backup SPSCincy 2012
Backup is not Backup, Restore is Backup SPSCincy 2012
 
Everybody lies: Troubleshooting SharePoint with House M.D. - SPSTC fall 2012
Everybody lies: Troubleshooting SharePoint with House M.D. - SPSTC fall 2012Everybody lies: Troubleshooting SharePoint with House M.D. - SPSTC fall 2012
Everybody lies: Troubleshooting SharePoint with House M.D. - SPSTC fall 2012
 
Getting to know Office 365: Detroit Day of Azure 2012
Getting to know Office 365: Detroit Day of Azure 2012Getting to know Office 365: Detroit Day of Azure 2012
Getting to know Office 365: Detroit Day of Azure 2012
 
Intro to SharePoint 2010 development for .NET developers
Intro to SharePoint 2010 development for .NET developersIntro to SharePoint 2010 development for .NET developers
Intro to SharePoint 2010 development for .NET developers
 
Same but Different: Developing for SharePoint Online
Same but Different: Developing for SharePoint OnlineSame but Different: Developing for SharePoint Online
Same but Different: Developing for SharePoint Online
 
Establishing Dominance - SPS Columbus 2011
Establishing Dominance - SPS Columbus 2011Establishing Dominance - SPS Columbus 2011
Establishing Dominance - SPS Columbus 2011
 
SharePoint on Imaginary Hardware - IndyTechFest 2010
SharePoint on Imaginary Hardware - IndyTechFest 2010SharePoint on Imaginary Hardware - IndyTechFest 2010
SharePoint on Imaginary Hardware - IndyTechFest 2010
 

Último

Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 

Último (20)

Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 

Identity in Office 365 - SPS Redmond 2012

  • 3. Outline  Office 365 Overview  Changing the Identity Perspective  Authentication vs. Authorization  Who Are You?  What Do You Do Here?  Who’s in Charge Here? 3 | SharePoint Saturday Redmond 2012
  • 4. Email and Calendaring  Websites and Collaboration  IM and Online Meetings  Office Client and Web Apps  Hosted by Microsoft – in the cloud! 4 | SharePoint Saturday Redmond 2012
  • 5. Office 365 Overview  Changing the Identity Perspective  Authentication vs. Authorization  Who Are You?  What Do You Do Here?  Who’s in Charge Here? 5 | SharePoint Saturday Redmond 2012
  • 6. Did Someone say Cloud? 6 | SharePoint Saturday Redmond 2012
  • 7. What’s Your Perspective? 7 | SharePoint Saturday Redmond 2012
  • 8. Identity’s impact on Office 365  End User Experience  Complexity  Scale  Manageability  Investment 8 | SharePoint Saturday Redmond 2012
  • 9. Office 365 Overview  Changing the Identity Perspective  Authentication vs. Authorization  Who Are You?  What Do You Do Here?  Who’s in Charge Here? 9 | SharePoint Saturday Redmond 2012
  • 10. Authentication vs. Authorization  Who gets in?  What can they do? 10 | SharePoint Saturday Redmond 2012
  • 11. Who gets in?  Where do your Office 365 user accounts live?  What is needed to use them?  What can they do?  What are the limitations of the approach? 11 | SharePoint Saturday Redmond 2012
  • 12. Office 365 Overview  Changing the Identity Perspective  Authentication vs. Authorization  Who Are You?  What Do You Do Here?  Who’s in Charge Here? 12 | SharePoint Saturday Redmond 2012
  • 13. Identity Options 1. Microsoft Online (MSO) IDs 2. MSO IDs + Directory Synchronization 3. Single Sign On + Directory Synchronization Microsoft Online Services Identity Services Exchange Your Environment Trust Authentication Online platform Active Directory Admin Portal/ Federation PowerShell IdP SharePoint Services 2.0 Online IdP MS Online Provisioning Directory Lync AD Directory Sync platform Store Online Office 365 Desktop Setup 13 | SharePoint Saturday Redmond 2012
  • 14. What can they do? Appropriate for Appropriate for • Medium/Large orgs with Appropriate for • Smaller orgs without AD on-premise • Larger enterprise orgs AD on-premise with AD on-premise Pros Pros • Users and groups Pros • No servers required on- mastered on-premise • SSO with corporate cred premise • Enables co-existence • IDs mastered on-premise scenarios • Password policy Cons controlled on-premise • No SSO Cons • 2FA solutions possible • No 2FA • No SSO • Enables co-existence • 2 sets of credentials to • No 2FA scenarios manage with differing • 2 sets of credentials to password policies manage with differing Cons • IDs mastered in the password policies • High availability server cloud • Single server deployments required deployment 14 | SharePoint Saturday Redmond 2012
  • 15. Sign On Experience * SSO vs. Online IDs Summary Outlook Web Application ActiveSync, Outlook 2007 or SharePoint Web Office 2010, or POP, IMAP, Lync Online 2010 Application Office 2007 SP2 Entourage Win7/Vista/XP Win7/Vista/XP Win 7/Vista/XP MS Online IDs Online ID Online ID Online ID Online ID Online ID SSO IDs (domain AD credentials AD credentials AD credentials AD credentials AD credentials joined) SSO IDs (non-domain AD credentials AD credentials AD credentials AD credentials AD credentials joined) *Requires ADFS 2.0 15 | SharePoint Saturday Redmond 2012
  • 16. Active Directory Federation Services (AD FS) Microsoft Online Services Identity Services Exchange Your Environment Trust Authentication Online platform Active Directory Federation IdP SharePoint Services 2.0 Online IdP MS Online Directory Lync AD Directory Sync Store Online Office 365 Desktop Setup 16 | SharePoint Saturday Redmond 2012
  • 17. How does AD FS work?  Claims authentication  Think of it like a passport  Passport Application  Visa Application  Submit for authorization  Allowed access 17 | SharePoint Saturday Redmond 2012
  • 18. AD FS’s Authentication flow Your Environment Microsoft Online Services Active Directory AD FS 2.0 Server (SAML 1.1) Token Logon UPN:user@contoso.com Authentication platform Source User ID: ABC123 Auth Token UPN:user@contoso.com Unique ID: 254729 ` Exchange Online or Client SharePoint Online (joined to CorpNet) 18 | SharePoint Saturday Redmond 2012
  • 19. AD FS 2.0 deployment options 1. Single server configuration 2. AD FS 2.0 server farm and load-balancer 3. AD FS 2.0 proxy server or UAG/TMG (External Users, Active Sync, Outlook) Active Directory AD FS 2.0 AD FS 2.0 AD FS 2.0 Server Server Server Proxy AD FS 2.0 Server Proxy External Internal Enterprise user user DMZ 19 | SharePoint Saturday Redmond 2012
  • 20. ADFS Considerations  Can you afford an outage?  How do you secure it?  It’s complex  Requires specific AD config Hat tip: @usher  UPN formatting  Requires DirSync  Other options available  Shibboleth (added August 2012) 20 | SharePoint Saturday Redmond 2012
  • 21. Directory Synchronization  One-way copy of accounts to Office 365  Required for SSO/AD FS  But can be used without AD FS  Required for Hybrid scenarios  Think of it as an appliance, always running 21 | SharePoint Saturday Redmond 2012
  • 22. How DirSync Fits in Microsoft Online Services Identity Services Exchange Your Environment Trust Authentication Online platform Active Directory Federation IdP SharePoint Services 2.0 Online IdP MS Online Directory Lync AD Directory Sync Store Online Office 365 Desktop Setup 22 | SharePoint Saturday Redmond 2012
  • 23. Getting to know DirSync  It’s actually Forefront Identity Manager  Copies AD accounts into Office 365  But not back down  Doesn’t sync passwords  Filtering now available  Can have sizing issues  Upload sizing  Database sizing  FIM: no touchy! (maybe) 23 | SharePoint Saturday Redmond 2012
  • 24. Office 365 Overview  Changing the Identity Perspective  Authentication vs. Authorization  Who Are You?  What Do You Do Here?  Who’s in Charge Here? 24 | SharePoint Saturday Redmond 2012
  • 25. Who does what around here?  Role-based Administration (RBAC)  External access 25 | SharePoint Saturday Redmond 2012
  • 26. Office 365 user roles  End Users  Service administrators  Exchange Online  SharePoint Online  Lync Online  Office 365 administrators  External users 26 | SharePoint Saturday Redmond 2012
  • 27. Office 365 admin roles  Global administrator  Billing administrator  Password administrator  Services administrator  User management administrator  Delegated administrator  See the Office 365 Support Services Description document for more info: http://tinyurl.com/o365SvcDescrs 27 | SharePoint Saturday Redmond 2012
  • 28. External access  Allows external users access to SharePoint Online  No USLs required  Not full Extranet  Users can have:  MSO ID  Live ID  EASI ID  It’s a Feature Preview… 28 | SharePoint Saturday Redmond 2012
  • 29. Office 365 Overview  Changing the Identity Perspective  Authentication vs. Authorization  Who Are You?  What Do You Do Here?  Who’s in Charge Here? 29 | SharePoint Saturday Redmond 2012
  • 30. Managing Identity in Office 365  Admin activities do not go away  AD FS is complex  And important!  PowerShell is your friend  How’s your internet connection?  Office 365 is constantly changing 30 | SharePoint Saturday Redmond 2012
  • 31. Troubleshooting Identity  Microsoft Online Diagnostics and Logging tool (MOSDAL)  Microsoft Remote Connectivity Analyzer: HTTP://testexchangeconnectivity.com  Fiddler  WireShark/Netmon  Office 365 Expert Discussion Series: http://tinyurl.com/o365ExptDisc 31 | SharePoint Saturday Redmond 2012
  • 32. Tie IT All Together 32 | SharePoint Saturday Redmond 2012
  • 33.