SlideShare una empresa de Scribd logo

Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with windows technologies

Descargar como PPTX, PDF
Nordic Infrastructure Conference
Nordic Infrastructure Conference
Tecnología
1 de 71
Bring Your Own Device Essentials with Windows Technology, Part 1 Raymond Comvalius & Sander Berkouwer
Please take all the photos you like, but we would like to point out: Sharing is caring @NEXTXPERT @SanderBerkouwer @NICConf
Introduction Sander Berkouwer MCSA, MCSE, MCITP Microsoft MVP since 2009 Blogger DirTeam.com/ActiveDir.org ServerCore.Net Microsoft Tech Lead OGD ict-diensten Since 2000 MVP
Introduction Raymond Comvalius MCSA, MCSE, MCITP, MCT Microsoft MVP since 2011 Author Windows 7 for XP Professionals Updating Support Skills… Independent IT Architect Specialized in IT Infrastructure since1998 MVP
Introducing Bring Your Own
Fact or Fiction… Domain Join is almost Legacy Kerberos and LDAP are for trusted networks only A mobile device can be an authentication factor HTTP(S) is the Universal Firewall Bypass Protocol Exchange ActiveSync was way ahead of its time Without PKI and certificates your out
Reality 57% 18 67 51% of employees between the age of 21 and 32 years chooses to deliberately ignore corporate policies, when they apply to: 51% • Corporte use of privately-owned devices (BYOD) • Cloud storage • Wearable devices Source: Fortinet, October 22, 2013
Bring Your Own Employees Devices Apps Information
Bring Your Own Employees Devices Apps Management| Access| Security Information
Bring Your Own Facilitating access to companny IT sources with devices owned by employees and other entities
BYO Non-corporate Bring Your Own Device Data Corporate Application s
Solid BYO Authentication Username + Password + ? = MFA Multi-Factor Authentication Policies Device is sufficiently secured Complies to minimum security policies Health Patch levels are up-to-date Not jailbroken or hacked by Anonymous
Bring Your Own Building Blocks AD Domain Services Solid AD Federation Authenticatio Services n Windows Azure AD Solid Azure RMS Data Protection Workplace Join Solid WebAutorisation Application Proxy System Center Solid Management Windows Intune
Solid Authentication
Current challenges Current protocols lack flexibility Kerberos tickets are encrypted, cannot split Kerberos tickets only contain SIDs Active Directory trusts provide too little flexibility Trusted domains share too much information Domain Trusts lack scalability Multi-Factor Authentication Verifying user identity is crucial Username and password is not good enough
Current Authentication(Kerberos) KDC (Domain Controller) Client Resource May I acces your resources? Go get a ticket at the KDC May I have a Ticket? + Here is my TGT Here is a Service Ticket May I have access + Service Ticket Here are the resources
Solution Authentication with AD Federation Services
Authentication with AD FS (SAML) STS (AD FS) Client Resource May I access your resources? Go get a token at the STS (redirect) May I have a token? + credentials Here is your (SAML) token May I have access + (SAML) token Here are the resources
AD FS benefits SAML en OAuth2 are “web ready” Transport over SSL channel Tokens are optionally encrypted Relying Party trusts are very flexible Token contents is defined per Relying Party (RP) Trust Relying Party Trusts are scalable Multi-Factor Authentication AD FS authentication is “extensible” for third parties
Claims vs Tickets Claim Tokens in stead of Tickets More flexibility with inbound and outbound filtering Web based protocol, optional encryption Relying Parties replace Domain Members en Trusts Relying Parties have fine grained definitions Less dependent, requires little information Rich authentication scenarios Even the authentication method is a claim Anything can be a authentication factor
Claims vs. Tokens Encryption Transport Optional HTTP (TCP80) HTTPS (TCP443) Claims in SAML Claims in Kerberos Tokens Kerberos (TCP88) Kerberos (TCP88) Contents Limits Security XML-based Signing Replay Protection XML-based MaxTokenSize Ticket Lifetime Mutual Auth PAC Validation MaxTokenSize Ticket Lifetime Mutual Auth PAC Validation Authorization data
Demo Configuring SAML Authentication
Solution Windows Azure Active Directory
Introducing Azure Active Directory Modern Identity Mangement Free REST-based web service for authentication Identity and Access Managment for cloud services Cloud Identity Management Identity and Access Management for Windows Azure, Office 365, CRM Online, Windows Intune, etc. 100% interoperability Based on open standards, like SAML en WS-Fed Full support for 3rd party identity providers
Integration options for Azure AD Scenarios for identity Portal Complexity Requirements Integration PowerShell / Graph API DirSync met Cloud identities DirSync met Password Sync DirSync met Federation Low complexity Medium complexity Low complexity Low complexity High complexity No need for extra hardware No need for extra hardware Windows Server required Windows Server required Requires extra Windows Servers Separate credentials, 2x logon Same username, other password, 2x logon Same username and password, 2x logon Same username and wachtwoord, SSO on-prem, MF Auth Separate credentials, 2x logon
Advanced Authentication to Azure AD 8 Colleague 7 Azure Active Directory 2 Integrated Application 4 6 3 Active Directory Federation Trust 5 Active Directory Domain Services 1 Active Directory Federation Services Directory Synchronization Tool Azure Active Directory Access Control Service Azure Active Directory Azure Management API Active Directory On Premises
Current challenges Smart Cards for MFA with Active Directory Smart Card readers never became a commodity Smart Cards require extra hardware Smart Cards require PKI Expensive with a public Certificate Authority Kerberos or Browser authentication User Friendliness Is a smart card convenient for BYOD We now have alternatives for a card
Solution Multi-Factor Authentication
Multi-Factor Authentication with AD FS Extensible Authentication Model API for 3rd party extensions Default support for Smart Cards Azure PhoneFactor Simple implementation Phone Call, Text Message, App or OATH passcode Not just PhoneFactor Multiple vendors support AD FS MFA
PhoneFactor Multi-Factor Authentication On-premises Application 1 Colleague 2 9 Multi-Factor Authentication Server 3 7 8 5 4 Active Directory Domain Services On Premises 6 Multi-Factor Authentication Service
Join us for Part 2! Part 1 and Part 2 There’s a lot to cover in terms of Bring Your Own (BYO). We’re only half way now… This Part We’ve discussed Solid Authentication You now know why Kerberos is going away. Part 2 There’s another hour of BYO Goodness coming! This afternoon from 13:40 to 14:40 ½
Questions?
Please evaluate our session.
Sessions of Interest Today Adventures in Underland: What Passwords Do When No One Is Watching Paula Januszkiewicz, Auditorium 6, 12:20 - 13:20 Managing Mobile Devices with System Center 2012 R2 ConfigMgr and Windows Intune Wally Mead, Auditorium 3, 13:40 - 14:40 Identity and Directory Synchronization with Office 365 and Windows Azure AD Brian Desmond, Auditorium 1, 15:00 - 16:00
Thank You!
Bring Your Own Device Essentials with Windows Technology, Part 2 Raymond Comvalius & Sander Berkouwer
Please take all the photos you like, but we would like to point out: Sharing is caring @NEXTXPERT @SanderBerkouwer @NICConf
Introduction Sander Berkouwer MCSA, MCSE, MCITP Microsoft MVP since 2009 Blogger DirTeam.com/ActiveDir.org ServerCore.Net Microsoft Tech Lead OGD ict-diensten Since 2000 MVP
Introduction Raymond Comvalius MCSA, MCSE, MCITP, MCT Microsoft MVP since 2011 Author Windows 7 for XP Professionals Updating Support Skills… Independent IT Architect Specialized in IT Infrastructure since1998 MVP
Solid Authorization
Current challenges Group membership is too strict Based on a single attribute Becomes uncontrollable very fast Token bloat A ticket with too many SIDs is not accepted Causes inconsistencies during logon Cross organization access Organizations must trust each other a lot Connections are not always stable
Claims for rich authorization scenarios Rich authorization Claims can be based on Group Membership or on: • Any property of a user account (i.e. Department) • Or occurrence of the user the in the address list • Or the location of the computer … or combinations of the above … or external claims.
Solution Claims
Claims in Tokens and/or Kerberos Tickets Claims in SAML/OAuth2 and/or Kerberos Claims in SAML via Federation Services Claims in Kerberos via Dynamic Access Control Benefits of Claims in SAML/OAuth2 Kerberos and LDAP are not web based protocols Active Directory is not a web based product Benefits of Claims in Kerberos Claims can be based on any attribute Authorisation in ACLs exceeds user status
Autorisation with Bring Your Own Claims-aware applications Active Directory Federation Services Relying Party (RP) processes the claims Windows-integrated web applications Web Application Proxy in Windows Server 2012 R2 Translate claims from SAML to Kerberos with KCD Data Work Folders allow for file server synchronisation SkyDrive Pro offers synchronisation with SharePoint
Solution Workplace Join
Introducing Workplace Join Claims Employees verify devices Claims provided by Active Directory Federation Services Certificates Verified devices enroll a certificate from AD FS Per device an object in the Registered Devices container Service Discovery DNS Record (enterpriseregistration) for AutoDiscover DNS Record required per user domain
Workplace Join Internals Certificate In local User Store from MS-Organization-Access Workplace Join requires working CRL for AD FS SSL Cert Active Directory msDS-Device object in Active Directory Tied to the user/device combination Cookies Permanent Cookie enables Single Sign-on
Demo Workplace Join
Solid Access
Current Challenges Server Message Block (SMB) Discloses Windows-based file servers Not optimized for the web Remote Procedure Call (RPC) Discloses remote Windows functionality Not optimized for the web HTTP for everyting HTTP (with/without SSL) to be used as the standard protocol HTTP is the universal firewall bypass protocol
Solution Work folders
Work Folders positioning Personal data Individual business data Team/Departe ment business data Personal devices SkyDrive Public Cloud SkyDrive Pro SharePoint and/or Office 365 Work Folders File Server Folder Redirection File Server
Work Folders Internals HTTP-based file synchronisation DNS Record (workfolders) for AutoDiscovery Windows Authentication or AD FS (OAuth2) Standard Policies Password policy and device lock Policies cannot be customized Encryption and remote wipe Encryption based on EFS Enterprise Key Functional remote wipe initiated from Exchange / Intune
Current Challenges TMG is End-of-Life We must have a Reverse Proxy Pre-authentication with Active Directory integration Groups are insufficient for autorization Client properties can be used for allow/deny access Existing web apps often not claims-aware Publish AD Federation Services on the Internet Disclosing Active Directory on the Internet is no option Internet accessible services in the Perimeter network
Solution Web Application Proxy
Introducing Web Application Proxy Edge Role 1. AD FS Proxy configuration on the AD FS Server 2. Reverse Proxy for HTTPS with pre-authentication Kerberos Constraint Delegation Web App Proxy translates SAML to Kerberos Requires Service Principal Names (SPNs) Custom claims Configurable in AD Federation Services from multiple sources
Internal access to a claims based app Active Directory Federation Services (acting as STS) 5 6 4 Active Directory Domain Services 3 Employee 2 1 Claims-based App On Premises 7
BYO Access to a claims based app Active Directory Federation Services (acting as STS) 5 4 Active Directory Domain Services Colleague 6 ADFS Proxy 2 Reverse Proxy Claims-based Web App Proxy App On Premises 3 1 7
BYO Access to a non-claims aware app Active Directory Federation Services (acting as STS) 5 4 Active Directory Domain Services Colleague 9 8 6 ADFS Proxy 2 10 Kerberos App Reverse Proxy Web App Proxy On Premises 3 1 7
Solid Management
Managing Bring Your Own Not a single method to offer applications Organizations use multiple methods Unclear and hard to report Applications for multiple platforms Not just Windows, but also Mac OS Not just desktops, laptops, but also tablets, etc. Application distribution is hard Not all devices are connected to the network Not all devices can be connected to the network
Solution Windows Intune
ConfigMgr with Windows Intune Employee System Center Configuration Manager 2012 R2 Windows Intune Central Management and Reporting On Premises
Conclusion
BYO Non-corporate Bring Your Own Data Corporate Application s
Bring Your Own AD Domain Services Solid AD Federation authenticatio Services n Windows Azure AD Solid Azure RMS access Workplace Join Solid Webautorization Application Proxy System Center Solid management Windows Intune
Questions?
Please evaluate our session.
Thank You!

Recomendados

Brian Desmond - Identity and directory synchronization with office 365 and wi...
Brian Desmond - Identity and directory synchronization with office 365 and wi...Brian Desmond - Identity and directory synchronization with office 365 and wi...
Brian Desmond - Identity and directory synchronization with office 365 and wi...Nordic Infrastructure Conference
 
Office 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsOffice 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsamitchachra
 
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365Microsoft TechNet - Belgium and Luxembourg
 
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft CloudEuropean Collaboration Summit
 
Get your Hybrid Identity in 4 steps with Azure AD Connect
Get your Hybrid Identity in 4 steps with Azure AD ConnectGet your Hybrid Identity in 4 steps with Azure AD Connect
Get your Hybrid Identity in 4 steps with Azure AD ConnectRonny de Jong
 
OFM AIA FP Implementation View and Case Study
OFM AIA FP Implementation View and Case StudyOFM AIA FP Implementation View and Case Study
OFM AIA FP Implementation View and Case StudySreenivasa Setty
 
Directory Synchronization Single Sign-On in Office 365
Directory Synchronization Single Sign-On in Office 365Directory Synchronization Single Sign-On in Office 365
Directory Synchronization Single Sign-On in Office 365InnoTech
 
Office 365 Identity Management - SMBNation 2015
Office 365 Identity Management - SMBNation 2015Office 365 Identity Management - SMBNation 2015
Office 365 Identity Management - SMBNation 2015Robert Crane
 

Recomendados

Brian Desmond - Identity and directory synchronization with office 365 and wi...
Brian Desmond - Identity and directory synchronization with office 365 and wi...Brian Desmond - Identity and directory synchronization with office 365 and wi...
Brian Desmond - Identity and directory synchronization with office 365 and wi...Nordic Infrastructure Conference
 
Office 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsOffice 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsamitchachra
 
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365Microsoft TechNet - Belgium and Luxembourg
 
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft CloudEuropean Collaboration Summit
 
Get your Hybrid Identity in 4 steps with Azure AD Connect
Get your Hybrid Identity in 4 steps with Azure AD ConnectGet your Hybrid Identity in 4 steps with Azure AD Connect
Get your Hybrid Identity in 4 steps with Azure AD ConnectRonny de Jong
 
OFM AIA FP Implementation View and Case Study
OFM AIA FP Implementation View and Case StudyOFM AIA FP Implementation View and Case Study
OFM AIA FP Implementation View and Case StudySreenivasa Setty
 
Directory Synchronization Single Sign-On in Office 365
Directory Synchronization Single Sign-On in Office 365Directory Synchronization Single Sign-On in Office 365
Directory Synchronization Single Sign-On in Office 365InnoTech
 
Office 365 Identity Management - SMBNation 2015
Office 365 Identity Management - SMBNation 2015Office 365 Identity Management - SMBNation 2015
Office 365 Identity Management - SMBNation 2015Robert Crane
 
Adfs Shib Interop Um Oxford
Adfs Shib Interop Um OxfordAdfs Shib Interop Um Oxford
Adfs Shib Interop Um Oxfordguestd9aa5
 
Office 365: Do’s and Don’ts, Lessons learned from the field
Office 365: Do’s and Don’ts, Lessons learned from the fieldOffice 365: Do’s and Don’ts, Lessons learned from the field
Office 365: Do’s and Don’ts, Lessons learned from the fieldMicrosoft TechNet - Belgium and Luxembourg
 
Identity and o365 on Azure
Identity and o365 on AzureIdentity and o365 on Azure
Identity and o365 on AzureMostafa
 
Windows Azure Active Directory: Identity Management in the Cloud
Windows Azure Active Directory: Identity Management in the CloudWindows Azure Active Directory: Identity Management in the Cloud
Windows Azure Active Directory: Identity Management in the CloudChris Dufour
 
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-OnEWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-OnPeter Selch Dahl
 
Office 365 Identity Management options
Office 365 Identity Management options Office 365 Identity Management options
Office 365 Identity Management options Microsoft TechNet - Belgium and Luxembourg
 
ADFS + IAM
ADFS + IAMADFS + IAM
ADFS + IAMRichard Harvey
 
Windows Azure Active Directory - from Atidan
Windows Azure Active Directory - from AtidanWindows Azure Active Directory - from Atidan
Windows Azure Active Directory - from AtidanDavid J Rosenthal
 
MongoDB World 2018: Partner Talk - Microsoft: LDAP in the Enterprise: Integra...
MongoDB World 2018: Partner Talk - Microsoft: LDAP in the Enterprise: Integra...MongoDB World 2018: Partner Talk - Microsoft: LDAP in the Enterprise: Integra...
MongoDB World 2018: Partner Talk - Microsoft: LDAP in the Enterprise: Integra...MongoDB
 
Windows Azure Platform
Windows Azure PlatformWindows Azure Platform
Windows Azure PlatformDavid Chou
 
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365Scott Hoag
 
Adfs azure
Adfs azureAdfs azure
Adfs azureJethro Seghers
 
Office Track: SharePoint Apps for the IT Pro - Thomas Vochten
Office Track: SharePoint Apps for the IT Pro - Thomas VochtenOffice Track: SharePoint Apps for the IT Pro - Thomas Vochten
Office Track: SharePoint Apps for the IT Pro - Thomas VochtenITProceed
 
Azure - Identity as a service
Azure - Identity as a serviceAzure - Identity as a service
Azure - Identity as a serviceBizTalk360
 
Azure integration in dynamic crm
Azure integration in dynamic crmAzure integration in dynamic crm
Azure integration in dynamic crmssuser93127c1
 
Office 365 identity
Office 365 identityOffice 365 identity
Office 365 identityMotty Ben Atia
 
Implementing Azure Active Directory Connect and more
Implementing Azure Active Directory Connect and moreImplementing Azure Active Directory Connect and more
Implementing Azure Active Directory Connect and moreJason Himmelstein
 
O365Con18 - Azure AD Connect Inside and Out - Sander Berkouwer
O365Con18 - Azure AD Connect Inside and Out - Sander BerkouwerO365Con18 - Azure AD Connect Inside and Out - Sander Berkouwer
O365Con18 - Azure AD Connect Inside and Out - Sander BerkouwerNCCOMMS
 
Azure AD and Office 365 - Deja Vu All Over Again
Azure AD and Office 365 - Deja Vu All Over AgainAzure AD and Office 365 - Deja Vu All Over Again
Azure AD and Office 365 - Deja Vu All Over AgainSean Deuby
 
Get your site microsoft edge ready
Get your site microsoft edge readyGet your site microsoft edge ready
Get your site microsoft edge readyMostafa
 
Non stop monitoring and automation
Non stop monitoring and automationNon stop monitoring and automation
Non stop monitoring and automationWolfgang Breidbach
 
Kåre Rude Andersen - Create a scombot – automate and monitor azure
Kåre Rude Andersen - Create a scombot – automate and monitor azureKåre Rude Andersen - Create a scombot – automate and monitor azure
Kåre Rude Andersen - Create a scombot – automate and monitor azureNordic Infrastructure Conference
 

Más contenido relacionado

La actualidad más candente

Adfs Shib Interop Um Oxford
Adfs Shib Interop Um OxfordAdfs Shib Interop Um Oxford
Adfs Shib Interop Um Oxfordguestd9aa5
 
Identity and o365 on Azure
Identity and o365 on AzureIdentity and o365 on Azure
Identity and o365 on AzureMostafa
 
Windows Azure Active Directory: Identity Management in the Cloud
Windows Azure Active Directory: Identity Management in the CloudWindows Azure Active Directory: Identity Management in the Cloud
Windows Azure Active Directory: Identity Management in the CloudChris Dufour
 
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-OnEWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-OnPeter Selch Dahl
 
Windows Azure Active Directory - from Atidan
Windows Azure Active Directory - from AtidanWindows Azure Active Directory - from Atidan
Windows Azure Active Directory - from AtidanDavid J Rosenthal
 
MongoDB World 2018: Partner Talk - Microsoft: LDAP in the Enterprise: Integra...
MongoDB World 2018: Partner Talk - Microsoft: LDAP in the Enterprise: Integra...MongoDB World 2018: Partner Talk - Microsoft: LDAP in the Enterprise: Integra...
MongoDB World 2018: Partner Talk - Microsoft: LDAP in the Enterprise: Integra...MongoDB
 
Windows Azure Platform
Windows Azure PlatformWindows Azure Platform
Windows Azure PlatformDavid Chou
 
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365Scott Hoag
 
Office Track: SharePoint Apps for the IT Pro - Thomas Vochten
Office Track: SharePoint Apps for the IT Pro - Thomas VochtenOffice Track: SharePoint Apps for the IT Pro - Thomas Vochten
Office Track: SharePoint Apps for the IT Pro - Thomas VochtenITProceed
 
Azure - Identity as a service
Azure - Identity as a serviceAzure - Identity as a service
Azure - Identity as a serviceBizTalk360
 
Azure integration in dynamic crm
Azure integration in dynamic crmAzure integration in dynamic crm
Azure integration in dynamic crmssuser93127c1
 
Implementing Azure Active Directory Connect and more
Implementing Azure Active Directory Connect and moreImplementing Azure Active Directory Connect and more
Implementing Azure Active Directory Connect and moreJason Himmelstein
 
O365Con18 - Azure AD Connect Inside and Out - Sander Berkouwer
O365Con18 - Azure AD Connect Inside and Out - Sander BerkouwerO365Con18 - Azure AD Connect Inside and Out - Sander Berkouwer
O365Con18 - Azure AD Connect Inside and Out - Sander BerkouwerNCCOMMS
 
Azure AD and Office 365 - Deja Vu All Over Again
Azure AD and Office 365 - Deja Vu All Over AgainAzure AD and Office 365 - Deja Vu All Over Again
Azure AD and Office 365 - Deja Vu All Over AgainSean Deuby
 
Get your site microsoft edge ready
Get your site microsoft edge readyGet your site microsoft edge ready
Get your site microsoft edge readyMostafa
 

La actualidad más candente (20)

Adfs Shib Interop Um Oxford
Adfs Shib Interop Um OxfordAdfs Shib Interop Um Oxford
Adfs Shib Interop Um Oxford
 
Office 365: Do’s and Don’ts, Lessons learned from the field
Office 365: Do’s and Don’ts, Lessons learned from the fieldOffice 365: Do’s and Don’ts, Lessons learned from the field
Office 365: Do’s and Don’ts, Lessons learned from the field
 
Identity and o365 on Azure
Identity and o365 on AzureIdentity and o365 on Azure
Identity and o365 on Azure
 
Windows Azure Active Directory: Identity Management in the Cloud
Windows Azure Active Directory: Identity Management in the CloudWindows Azure Active Directory: Identity Management in the Cloud
Windows Azure Active Directory: Identity Management in the Cloud
 
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-OnEWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On
 
Office 365 Identity Management options
Office 365 Identity Management options Office 365 Identity Management options
Office 365 Identity Management options
 
ADFS + IAM
ADFS + IAMADFS + IAM
ADFS + IAM
 
Windows Azure Active Directory - from Atidan
Windows Azure Active Directory - from AtidanWindows Azure Active Directory - from Atidan
Windows Azure Active Directory - from Atidan
 
MongoDB World 2018: Partner Talk - Microsoft: LDAP in the Enterprise: Integra...
MongoDB World 2018: Partner Talk - Microsoft: LDAP in the Enterprise: Integra...MongoDB World 2018: Partner Talk - Microsoft: LDAP in the Enterprise: Integra...
MongoDB World 2018: Partner Talk - Microsoft: LDAP in the Enterprise: Integra...
 
Windows Azure Platform
Windows Azure PlatformWindows Azure Platform
Windows Azure Platform
 
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
 
Adfs azure
Adfs azureAdfs azure
Adfs azure
 
Office Track: SharePoint Apps for the IT Pro - Thomas Vochten
Office Track: SharePoint Apps for the IT Pro - Thomas VochtenOffice Track: SharePoint Apps for the IT Pro - Thomas Vochten
Office Track: SharePoint Apps for the IT Pro - Thomas Vochten
 
Azure - Identity as a service
Azure - Identity as a serviceAzure - Identity as a service
Azure - Identity as a service
 
Azure integration in dynamic crm
Azure integration in dynamic crmAzure integration in dynamic crm
Azure integration in dynamic crm
 
Office 365 identity
Office 365 identityOffice 365 identity
Office 365 identity
 
Implementing Azure Active Directory Connect and more
Implementing Azure Active Directory Connect and moreImplementing Azure Active Directory Connect and more
Implementing Azure Active Directory Connect and more
 
O365Con18 - Azure AD Connect Inside and Out - Sander Berkouwer
O365Con18 - Azure AD Connect Inside and Out - Sander BerkouwerO365Con18 - Azure AD Connect Inside and Out - Sander Berkouwer
O365Con18 - Azure AD Connect Inside and Out - Sander Berkouwer
 
Azure AD and Office 365 - Deja Vu All Over Again
Azure AD and Office 365 - Deja Vu All Over AgainAzure AD and Office 365 - Deja Vu All Over Again
Azure AD and Office 365 - Deja Vu All Over Again
 
Get your site microsoft edge ready
Get your site microsoft edge readyGet your site microsoft edge ready
Get your site microsoft edge ready
 

Destacado

Non stop monitoring and automation
Non stop monitoring and automationNon stop monitoring and automation
Non stop monitoring and automationWolfgang Breidbach
 
Kåre Rude Andersen - Create a scombot – automate and monitor azure
Kåre Rude Andersen - Create a scombot – automate and monitor azureKåre Rude Andersen - Create a scombot – automate and monitor azure
Kåre Rude Andersen - Create a scombot – automate and monitor azureNordic Infrastructure Conference
 
Loi de finances pour 2017 (rsm)
Loi de finances pour 2017 (rsm)Loi de finances pour 2017 (rsm)
Loi de finances pour 2017 (rsm)RSM France
 
Campus SaVE Act 2014 Regulatory Updates
Campus SaVE Act 2014 Regulatory UpdatesCampus SaVE Act 2014 Regulatory Updates
Campus SaVE Act 2014 Regulatory UpdatesLiz Williams
 
Kuidas õppida keeli efektiivselt
Kuidas õppida keeli efektiivseltKuidas õppida keeli efektiivselt
Kuidas õppida keeli efektiivseltKeelestuudio
 
Bucataria fara foc_-hrana_vie_in_238_de_retete
Bucataria fara foc_-hrana_vie_in_238_de_reteteBucataria fara foc_-hrana_vie_in_238_de_retete
Bucataria fara foc_-hrana_vie_in_238_de_reteteZoe Popescu
 
Tata Tiscon Part II- Matrix Rewards
Tata Tiscon Part II- Matrix RewardsTata Tiscon Part II- Matrix Rewards
Tata Tiscon Part II- Matrix Rewardsmatrikrewards
 
Мобифорс - система управления мобильными сотрудниками
Мобифорс - система управления мобильными сотрудникамиМобифорс - система управления мобильными сотрудниками
Мобифорс - система управления мобильными сотрудникамиСергей Вассерман
 
Andy Malone - Keynote: the cloud one small step for man one giant leap for it
Andy Malone - Keynote: the cloud one small step for man one giant leap for itAndy Malone - Keynote: the cloud one small step for man one giant leap for it
Andy Malone - Keynote: the cloud one small step for man one giant leap for itNordic Infrastructure Conference
 
Analysis of Previous Students Work
Analysis of Previous Students WorkAnalysis of Previous Students Work
Analysis of Previous Students Workdavidsjefferyhughes
 
The impact of minimally invasive surgery on complex drg assignments
The impact of minimally invasive surgery on complex drg assignmentsThe impact of minimally invasive surgery on complex drg assignments
The impact of minimally invasive surgery on complex drg assignmentsVojislav Valcic MBA
 
презентация маркетинг бюро
презентация маркетинг бюропрезентация маркетинг бюро
презентация маркетинг бюроguseva_mb_buro
 
김피디ㅋ 3월 3호 "당장 뉴스를 멈춰"
김피디ㅋ 3월 3호 "당장 뉴스를 멈춰"김피디ㅋ 3월 3호 "당장 뉴스를 멈춰"
김피디ㅋ 3월 3호 "당장 뉴스를 멈춰"김 피디
 
Safety Training for 2013
Safety Training for 2013Safety Training for 2013
Safety Training for 2013Liz Williams
 

Destacado (20)

Non stop monitoring and automation
Non stop monitoring and automationNon stop monitoring and automation
Non stop monitoring and automation
 
Kåre Rude Andersen - Create a scombot – automate and monitor azure
Kåre Rude Andersen - Create a scombot – automate and monitor azureKåre Rude Andersen - Create a scombot – automate and monitor azure
Kåre Rude Andersen - Create a scombot – automate and monitor azure
 
Hardware luis suarez 3
Hardware luis suarez 3Hardware luis suarez 3
Hardware luis suarez 3
 
AS Media - Target Audience
AS Media - Target AudienceAS Media - Target Audience
AS Media - Target Audience
 
Loi de finances pour 2017 (rsm)
Loi de finances pour 2017 (rsm)Loi de finances pour 2017 (rsm)
Loi de finances pour 2017 (rsm)
 
Campus SaVE Act 2014 Regulatory Updates
Campus SaVE Act 2014 Regulatory UpdatesCampus SaVE Act 2014 Regulatory Updates
Campus SaVE Act 2014 Regulatory Updates
 
Kuidas õppida keeli efektiivselt
Kuidas õppida keeli efektiivseltKuidas õppida keeli efektiivselt
Kuidas õppida keeli efektiivselt
 
Question 2
Question 2Question 2
Question 2
 
Bucataria fara foc_-hrana_vie_in_238_de_retete
Bucataria fara foc_-hrana_vie_in_238_de_reteteBucataria fara foc_-hrana_vie_in_238_de_retete
Bucataria fara foc_-hrana_vie_in_238_de_retete
 
Evaluation Question 6
Evaluation Question 6Evaluation Question 6
Evaluation Question 6
 
Tata Tiscon Part II- Matrix Rewards
Tata Tiscon Part II- Matrix RewardsTata Tiscon Part II- Matrix Rewards
Tata Tiscon Part II- Matrix Rewards
 
Мобифорс - система управления мобильными сотрудниками
Мобифорс - система управления мобильными сотрудникамиМобифорс - система управления мобильными сотрудниками
Мобифорс - система управления мобильными сотрудниками
 
Andy Malone - Keynote: the cloud one small step for man one giant leap for it
Andy Malone - Keynote: the cloud one small step for man one giant leap for itAndy Malone - Keynote: the cloud one small step for man one giant leap for it
Andy Malone - Keynote: the cloud one small step for man one giant leap for it
 
Analysis of Previous Students Work
Analysis of Previous Students WorkAnalysis of Previous Students Work
Analysis of Previous Students Work
 
The impact of minimally invasive surgery on complex drg assignments
The impact of minimally invasive surgery on complex drg assignmentsThe impact of minimally invasive surgery on complex drg assignments
The impact of minimally invasive surgery on complex drg assignments
 
dsreer
dsreerdsreer
dsreer
 
презентация маркетинг бюро
презентация маркетинг бюропрезентация маркетинг бюро
презентация маркетинг бюро
 
김피디ㅋ 3월 3호 "당장 뉴스를 멈춰"
김피디ㅋ 3월 3호 "당장 뉴스를 멈춰"김피디ㅋ 3월 3호 "당장 뉴스를 멈춰"
김피디ㅋ 3월 3호 "당장 뉴스를 멈춰"
 
Safety Training for 2013
Safety Training for 2013Safety Training for 2013
Safety Training for 2013
 
AZ Fitness Brno
AZ Fitness Brno AZ Fitness Brno
AZ Fitness Brno
 

Similar a Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with windows technologies

Ch12 Cryptographic Protocols and Public Key Infrastructure
Ch12 Cryptographic Protocols and Public Key InfrastructureCh12 Cryptographic Protocols and Public Key Infrastructure
Ch12 Cryptographic Protocols and Public Key InfrastructureInformation Technology
 
SAML and Other Types of Federation for Your Enterprise
SAML and Other Types of Federation for Your EnterpriseSAML and Other Types of Federation for Your Enterprise
SAML and Other Types of Federation for Your EnterpriseDenis Gundarev
 
Why Cant I Access The Portal
Why Cant I Access The PortalWhy Cant I Access The Portal
Why Cant I Access The PortalDan Usher
 
Infrastructure Saturday 2011 - Understanding PKI and Certificate Services
Infrastructure Saturday 2011 - Understanding PKI and Certificate ServicesInfrastructure Saturday 2011 - Understanding PKI and Certificate Services
Infrastructure Saturday 2011 - Understanding PKI and Certificate Serviceskieranjacobsen
 
SPCA2013 - It’s Me, and Here’s My ProofIdentity & Authentication in SharePoin...
SPCA2013 - It’s Me, and Here’s My ProofIdentity & Authentication in SharePoin...SPCA2013 - It’s Me, and Here’s My ProofIdentity & Authentication in SharePoin...
SPCA2013 - It’s Me, and Here’s My ProofIdentity & Authentication in SharePoin...NCCOMMS
 
Implementing Public-Key-Infrastructures
Implementing Public-Key-InfrastructuresImplementing Public-Key-Infrastructures
Implementing Public-Key-InfrastructuresOliver Pfaff
 
Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13Gus Fraser
 
O365Con19 - A Life Without Passwords Dream or Reality - Sander Berkouwer
O365Con19 - A Life Without Passwords Dream or Reality - Sander BerkouwerO365Con19 - A Life Without Passwords Dream or Reality - Sander Berkouwer
O365Con19 - A Life Without Passwords Dream or Reality - Sander BerkouwerNCCOMMS
 
CTU June 2011 - Windows Azure App Fabric
CTU June 2011 - Windows Azure App FabricCTU June 2011 - Windows Azure App Fabric
CTU June 2011 - Windows Azure App FabricSpiffy
 
SPSLisbon 2017 Office 365 Multi-factor Authentication with Microsoft Azure Ac...
SPSLisbon 2017 Office 365 Multi-factor Authentication with Microsoft Azure Ac...SPSLisbon 2017 Office 365 Multi-factor Authentication with Microsoft Azure Ac...
SPSLisbon 2017 Office 365 Multi-factor Authentication with Microsoft Azure Ac...Nuno Árias Silva
 
Azure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDKAzure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDKPeter Selch Dahl
 
Understanding Claim based Authentication
Understanding Claim based AuthenticationUnderstanding Claim based Authentication
Understanding Claim based AuthenticationMohammad Yousri
 
OAuth in the Real World featuring Webshell
OAuth in the Real World featuring WebshellOAuth in the Real World featuring Webshell
OAuth in the Real World featuring WebshellCA API Management
 
O365con14 - moving from on-premises to online, the road to follow
O365con14 - moving from on-premises to online, the road to followO365con14 - moving from on-premises to online, the road to follow
O365con14 - moving from on-premises to online, the road to followNCCOMMS
 
Oauth Nightmares Abstract OAuth Nightmares
Oauth Nightmares Abstract OAuth Nightmares Oauth Nightmares Abstract OAuth Nightmares
Oauth Nightmares Abstract OAuth Nightmares Nino Ho
 
API Security in a Microservice Architecture
API Security in a Microservice ArchitectureAPI Security in a Microservice Architecture
API Security in a Microservice ArchitectureMatt McLarty
 
Symposium Cloud En Grid Computing Microsoft Online Strategy - 21-4-2009
Symposium Cloud En Grid Computing Microsoft Online Strategy - 21-4-2009Symposium Cloud En Grid Computing Microsoft Online Strategy - 21-4-2009
Symposium Cloud En Grid Computing Microsoft Online Strategy - 21-4-2009Peter de Haas
 
App viewx cert+
App viewx cert+App viewx cert+
App viewx cert+AppViewX
 
Kerberos Security in Distributed Systems
Kerberos Security in Distributed SystemsKerberos Security in Distributed Systems
Kerberos Security in Distributed SystemsIRJET Journal
 

Similar a Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with windows technologies (20)

Ch12 Cryptographic Protocols and Public Key Infrastructure
Ch12 Cryptographic Protocols and Public Key InfrastructureCh12 Cryptographic Protocols and Public Key Infrastructure
Ch12 Cryptographic Protocols and Public Key Infrastructure
 
SAML and Other Types of Federation for Your Enterprise
SAML and Other Types of Federation for Your EnterpriseSAML and Other Types of Federation for Your Enterprise
SAML and Other Types of Federation for Your Enterprise
 
Why Cant I Access The Portal
Why Cant I Access The PortalWhy Cant I Access The Portal
Why Cant I Access The Portal
 
Infrastructure Saturday 2011 - Understanding PKI and Certificate Services
Infrastructure Saturday 2011 - Understanding PKI and Certificate ServicesInfrastructure Saturday 2011 - Understanding PKI and Certificate Services
Infrastructure Saturday 2011 - Understanding PKI and Certificate Services
 
SPCA2013 - It’s Me, and Here’s My ProofIdentity & Authentication in SharePoin...
SPCA2013 - It’s Me, and Here’s My ProofIdentity & Authentication in SharePoin...SPCA2013 - It’s Me, and Here’s My ProofIdentity & Authentication in SharePoin...
SPCA2013 - It’s Me, and Here’s My ProofIdentity & Authentication in SharePoin...
 
Implementing Public-Key-Infrastructures
Implementing Public-Key-InfrastructuresImplementing Public-Key-Infrastructures
Implementing Public-Key-Infrastructures
 
Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13
 
AzureAAD
AzureAADAzureAAD
AzureAAD
 
O365Con19 - A Life Without Passwords Dream or Reality - Sander Berkouwer
O365Con19 - A Life Without Passwords Dream or Reality - Sander BerkouwerO365Con19 - A Life Without Passwords Dream or Reality - Sander Berkouwer
O365Con19 - A Life Without Passwords Dream or Reality - Sander Berkouwer
 
CTU June 2011 - Windows Azure App Fabric
CTU June 2011 - Windows Azure App FabricCTU June 2011 - Windows Azure App Fabric
CTU June 2011 - Windows Azure App Fabric
 
SPSLisbon 2017 Office 365 Multi-factor Authentication with Microsoft Azure Ac...
SPSLisbon 2017 Office 365 Multi-factor Authentication with Microsoft Azure Ac...SPSLisbon 2017 Office 365 Multi-factor Authentication with Microsoft Azure Ac...
SPSLisbon 2017 Office 365 Multi-factor Authentication with Microsoft Azure Ac...
 
Azure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDKAzure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDK
 
Understanding Claim based Authentication
Understanding Claim based AuthenticationUnderstanding Claim based Authentication
Understanding Claim based Authentication
 
OAuth in the Real World featuring Webshell
OAuth in the Real World featuring WebshellOAuth in the Real World featuring Webshell
OAuth in the Real World featuring Webshell
 
O365con14 - moving from on-premises to online, the road to follow
O365con14 - moving from on-premises to online, the road to followO365con14 - moving from on-premises to online, the road to follow
O365con14 - moving from on-premises to online, the road to follow
 
Oauth Nightmares Abstract OAuth Nightmares
Oauth Nightmares Abstract OAuth Nightmares Oauth Nightmares Abstract OAuth Nightmares
Oauth Nightmares Abstract OAuth Nightmares
 
API Security in a Microservice Architecture
API Security in a Microservice ArchitectureAPI Security in a Microservice Architecture
API Security in a Microservice Architecture
 
Symposium Cloud En Grid Computing Microsoft Online Strategy - 21-4-2009
Symposium Cloud En Grid Computing Microsoft Online Strategy - 21-4-2009Symposium Cloud En Grid Computing Microsoft Online Strategy - 21-4-2009
Symposium Cloud En Grid Computing Microsoft Online Strategy - 21-4-2009
 
App viewx cert+
App viewx cert+App viewx cert+
App viewx cert+
 
Kerberos Security in Distributed Systems
Kerberos Security in Distributed SystemsKerberos Security in Distributed Systems
Kerberos Security in Distributed Systems
 

Más de Nordic Infrastructure Conference

Kent Agerlund - Via monstra part 4 become the hero of the day, master configm...
Kent Agerlund - Via monstra part 4 become the hero of the day, master configm...Kent Agerlund - Via monstra part 4 become the hero of the day, master configm...
Kent Agerlund - Via monstra part 4 become the hero of the day, master configm...Nordic Infrastructure Conference
 
Wally Mead - Overview of system center 2012 r2 configuration manager
Wally Mead - Overview of system center 2012 r2 configuration managerWally Mead - Overview of system center 2012 r2 configuration manager
Wally Mead - Overview of system center 2012 r2 configuration managerNordic Infrastructure Conference
 
Wally Mead - Managing mobile devices with system center 2012 r2 configuration...
Wally Mead - Managing mobile devices with system center 2012 r2 configuration...Wally Mead - Managing mobile devices with system center 2012 r2 configuration...
Wally Mead - Managing mobile devices with system center 2012 r2 configuration...Nordic Infrastructure Conference
 
Wally Mead - Deploying a system center 2012 r2 configuration manager environm...
Wally Mead - Deploying a system center 2012 r2 configuration manager environm...Wally Mead - Deploying a system center 2012 r2 configuration manager environm...
Wally Mead - Deploying a system center 2012 r2 configuration manager environm...Nordic Infrastructure Conference
 
Ståle Hansen - Understand how lync integrates with exchange
Ståle Hansen - Understand how lync integrates with exchangeStåle Hansen - Understand how lync integrates with exchange
Ståle Hansen - Understand how lync integrates with exchangeNordic Infrastructure Conference
 
Scott Schnoll - Exchange server 2013 virtualization best practices
Scott Schnoll - Exchange server 2013 virtualization best practicesScott Schnoll - Exchange server 2013 virtualization best practices
Scott Schnoll - Exchange server 2013 virtualization best practicesNordic Infrastructure Conference
 
Scott Schnoll - Exchange server 2013 high availability and site resilience
Scott Schnoll - Exchange server 2013 high availability and site resilienceScott Schnoll - Exchange server 2013 high availability and site resilience
Scott Schnoll - Exchange server 2013 high availability and site resilienceNordic Infrastructure Conference
 
Ståle Hansen - Understand how video works in lync and how video interoperabil...
Ståle Hansen - Understand how video works in lync and how video interoperabil...Ståle Hansen - Understand how video works in lync and how video interoperabil...
Ståle Hansen - Understand how video works in lync and how video interoperabil...Nordic Infrastructure Conference
 
Robert Waldinger - How to recover active directory if disaster should occur
Robert Waldinger - How to recover active directory if disaster should occurRobert Waldinger - How to recover active directory if disaster should occur
Robert Waldinger - How to recover active directory if disaster should occurNordic Infrastructure Conference
 
Peter De Tender - The roadmap to deploying office365 pro plus
Peter De Tender - The roadmap to deploying office365 pro plusPeter De Tender - The roadmap to deploying office365 pro plus
Peter De Tender - The roadmap to deploying office365 pro plusNordic Infrastructure Conference
 

Más de Nordic Infrastructure Conference (20)

Mike Resseler - Using hyper-v replica in your environment
Mike Resseler - Using hyper-v replica in your environmentMike Resseler - Using hyper-v replica in your environment
Mike Resseler - Using hyper-v replica in your environment
 
Mike Resseler - Deduplication in windows server 2012 r2
Mike Resseler - Deduplication in windows server 2012 r2Mike Resseler - Deduplication in windows server 2012 r2
Mike Resseler - Deduplication in windows server 2012 r2
 
Andy Malone - The new office 365 for it pro's
Andy Malone - The new office 365 for it pro'sAndy Malone - The new office 365 for it pro's
Andy Malone - The new office 365 for it pro's
 
Andy Malone - Migrating to office 365
Andy Malone - Migrating to office 365Andy Malone - Migrating to office 365
Andy Malone - Migrating to office 365
 
Andy Malone - Microsoft office 365 security deep dive
Andy Malone - Microsoft office 365 security deep diveAndy Malone - Microsoft office 365 security deep dive
Andy Malone - Microsoft office 365 security deep dive
 
Kent Agerlund - Via monstra part 4 become the hero of the day, master configm...
Kent Agerlund - Via monstra part 4 become the hero of the day, master configm...Kent Agerlund - Via monstra part 4 become the hero of the day, master configm...
Kent Agerlund - Via monstra part 4 become the hero of the day, master configm...
 
Wally Mead - Overview of system center 2012 r2 configuration manager
Wally Mead - Overview of system center 2012 r2 configuration managerWally Mead - Overview of system center 2012 r2 configuration manager
Wally Mead - Overview of system center 2012 r2 configuration manager
 
Wally Mead - Managing mobile devices with system center 2012 r2 configuration...
Wally Mead - Managing mobile devices with system center 2012 r2 configuration...Wally Mead - Managing mobile devices with system center 2012 r2 configuration...
Wally Mead - Managing mobile devices with system center 2012 r2 configuration...
 
Travis Wright - PS WF SMA SCSM SP
Travis Wright - PS WF SMA SCSM SPTravis Wright - PS WF SMA SCSM SP
Travis Wright - PS WF SMA SCSM SP
 
Travis Wright - Complete it service management
Travis Wright - Complete it service managementTravis Wright - Complete it service management
Travis Wright - Complete it service management
 
Wally Mead - Deploying a system center 2012 r2 configuration manager environm...
Wally Mead - Deploying a system center 2012 r2 configuration manager environm...Wally Mead - Deploying a system center 2012 r2 configuration manager environm...
Wally Mead - Deploying a system center 2012 r2 configuration manager environm...
 
Ståle Hansen - Understand how lync integrates with exchange
Ståle Hansen - Understand how lync integrates with exchangeStåle Hansen - Understand how lync integrates with exchange
Ståle Hansen - Understand how lync integrates with exchange
 
Scott Schnoll - Exchange server 2013 virtualization best practices
Scott Schnoll - Exchange server 2013 virtualization best practicesScott Schnoll - Exchange server 2013 virtualization best practices
Scott Schnoll - Exchange server 2013 virtualization best practices
 
Scott Schnoll - Exchange server 2013 high availability and site resilience
Scott Schnoll - Exchange server 2013 high availability and site resilienceScott Schnoll - Exchange server 2013 high availability and site resilience
Scott Schnoll - Exchange server 2013 high availability and site resilience
 
Ståle Hansen - Understand how video works in lync and how video interoperabil...
Ståle Hansen - Understand how video works in lync and how video interoperabil...Ståle Hansen - Understand how video works in lync and how video interoperabil...
Ståle Hansen - Understand how video works in lync and how video interoperabil...
 
Sami laiho - What's new in windows 8.1
Sami laiho - What's new in windows 8.1Sami laiho - What's new in windows 8.1
Sami laiho - What's new in windows 8.1
 
Robert Waldinger - How to recover active directory if disaster should occur
Robert Waldinger - How to recover active directory if disaster should occurRobert Waldinger - How to recover active directory if disaster should occur
Robert Waldinger - How to recover active directory if disaster should occur
 
Peter De Tender - The roadmap to deploying office365 pro plus
Peter De Tender - The roadmap to deploying office365 pro plusPeter De Tender - The roadmap to deploying office365 pro plus
Peter De Tender - The roadmap to deploying office365 pro plus
 
Peter De Tender - How to efficiently license office 365
Peter De Tender - How to efficiently license office 365Peter De Tender - How to efficiently license office 365
Peter De Tender - How to efficiently license office 365
 
Sami Laiho - Black belt troubleshooting windows 8.1
Sami Laiho - Black belt troubleshooting windows 8.1Sami Laiho - Black belt troubleshooting windows 8.1
Sami Laiho - Black belt troubleshooting windows 8.1
 

Último

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 

Último (20)

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 

Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with windows technologies

  • 1. Bring Your Own Device Essentials with Windows Technology, Part 1 Raymond Comvalius & Sander Berkouwer
  • 2. Please take all the photos you like, but we would like to point out: Sharing is caring @NEXTXPERT @SanderBerkouwer @NICConf
  • 3. Introduction Sander Berkouwer MCSA, MCSE, MCITP Microsoft MVP since 2009 Blogger DirTeam.com/ActiveDir.org ServerCore.Net Microsoft Tech Lead OGD ict-diensten Since 2000 MVP
  • 4. Introduction Raymond Comvalius MCSA, MCSE, MCITP, MCT Microsoft MVP since 2011 Author Windows 7 for XP Professionals Updating Support Skills… Independent IT Architect Specialized in IT Infrastructure since1998 MVP
  • 6. Fact or Fiction… Domain Join is almost Legacy Kerberos and LDAP are for trusted networks only A mobile device can be an authentication factor HTTP(S) is the Universal Firewall Bypass Protocol Exchange ActiveSync was way ahead of its time Without PKI and certificates your out
  • 7. Reality 57% 18 67 51% of employees between the age of 21 and 32 years chooses to deliberately ignore corporate policies, when they apply to: 51% • Corporte use of privately-owned devices (BYOD) • Cloud storage • Wearable devices Source: Fortinet, October 22, 2013
  • 10. Bring Your Own Facilitating access to companny IT sources with devices owned by employees and other entities
  • 11. BYO Non-corporate Bring Your Own Device Data Corporate Application s
  • 12. Solid BYO Authentication Username + Password + ? = MFA Multi-Factor Authentication Policies Device is sufficiently secured Complies to minimum security policies Health Patch levels are up-to-date Not jailbroken or hacked by Anonymous
  • 13. Bring Your Own Building Blocks AD Domain Services Solid AD Federation Authenticatio Services n Windows Azure AD Solid Azure RMS Data Protection Workplace Join Solid WebAutorisation Application Proxy System Center Solid Management Windows Intune
  • 15. Current challenges Current protocols lack flexibility Kerberos tickets are encrypted, cannot split Kerberos tickets only contain SIDs Active Directory trusts provide too little flexibility Trusted domains share too much information Domain Trusts lack scalability Multi-Factor Authentication Verifying user identity is crucial Username and password is not good enough
  • 16. Current Authentication(Kerberos) KDC (Domain Controller) Client Resource May I acces your resources? Go get a ticket at the KDC May I have a Ticket? + Here is my TGT Here is a Service Ticket May I have access + Service Ticket Here are the resources
  • 18. Authentication with AD FS (SAML) STS (AD FS) Client Resource May I access your resources? Go get a token at the STS (redirect) May I have a token? + credentials Here is your (SAML) token May I have access + (SAML) token Here are the resources
  • 19. AD FS benefits SAML en OAuth2 are “web ready” Transport over SSL channel Tokens are optionally encrypted Relying Party trusts are very flexible Token contents is defined per Relying Party (RP) Trust Relying Party Trusts are scalable Multi-Factor Authentication AD FS authentication is “extensible” for third parties
  • 20. Claims vs Tickets Claim Tokens in stead of Tickets More flexibility with inbound and outbound filtering Web based protocol, optional encryption Relying Parties replace Domain Members en Trusts Relying Parties have fine grained definitions Less dependent, requires little information Rich authentication scenarios Even the authentication method is a claim Anything can be a authentication factor
  • 21. Claims vs. Tokens Encryption Transport Optional HTTP (TCP80) HTTPS (TCP443) Claims in SAML Claims in Kerberos Tokens Kerberos (TCP88) Kerberos (TCP88) Contents Limits Security XML-based Signing Replay Protection XML-based MaxTokenSize Ticket Lifetime Mutual Auth PAC Validation MaxTokenSize Ticket Lifetime Mutual Auth PAC Validation Authorization data
  • 24. Introducing Azure Active Directory Modern Identity Mangement Free REST-based web service for authentication Identity and Access Managment for cloud services Cloud Identity Management Identity and Access Management for Windows Azure, Office 365, CRM Online, Windows Intune, etc. 100% interoperability Based on open standards, like SAML en WS-Fed Full support for 3rd party identity providers
  • 25. Integration options for Azure AD Scenarios for identity Portal Complexity Requirements Integration PowerShell / Graph API DirSync met Cloud identities DirSync met Password Sync DirSync met Federation Low complexity Medium complexity Low complexity Low complexity High complexity No need for extra hardware No need for extra hardware Windows Server required Windows Server required Requires extra Windows Servers Separate credentials, 2x logon Same username, other password, 2x logon Same username and password, 2x logon Same username and wachtwoord, SSO on-prem, MF Auth Separate credentials, 2x logon
  • 26. Advanced Authentication to Azure AD 8 Colleague 7 Azure Active Directory 2 Integrated Application 4 6 3 Active Directory Federation Trust 5 Active Directory Domain Services 1 Active Directory Federation Services Directory Synchronization Tool Azure Active Directory Access Control Service Azure Active Directory Azure Management API Active Directory On Premises
  • 27. Current challenges Smart Cards for MFA with Active Directory Smart Card readers never became a commodity Smart Cards require extra hardware Smart Cards require PKI Expensive with a public Certificate Authority Kerberos or Browser authentication User Friendliness Is a smart card convenient for BYOD We now have alternatives for a card
  • 29. Multi-Factor Authentication with AD FS Extensible Authentication Model API for 3rd party extensions Default support for Smart Cards Azure PhoneFactor Simple implementation Phone Call, Text Message, App or OATH passcode Not just PhoneFactor Multiple vendors support AD FS MFA
  • 31.
  • 32. Join us for Part 2! Part 1 and Part 2 There’s a lot to cover in terms of Bring Your Own (BYO). We’re only half way now… This Part We’ve discussed Solid Authentication You now know why Kerberos is going away. Part 2 There’s another hour of BYO Goodness coming! This afternoon from 13:40 to 14:40 ½
  • 35. Sessions of Interest Today Adventures in Underland: What Passwords Do When No One Is Watching Paula Januszkiewicz, Auditorium 6, 12:20 - 13:20 Managing Mobile Devices with System Center 2012 R2 ConfigMgr and Windows Intune Wally Mead, Auditorium 3, 13:40 - 14:40 Identity and Directory Synchronization with Office 365 and Windows Azure AD Brian Desmond, Auditorium 1, 15:00 - 16:00
  • 37. Bring Your Own Device Essentials with Windows Technology, Part 2 Raymond Comvalius & Sander Berkouwer
  • 38. Please take all the photos you like, but we would like to point out: Sharing is caring @NEXTXPERT @SanderBerkouwer @NICConf
  • 39. Introduction Sander Berkouwer MCSA, MCSE, MCITP Microsoft MVP since 2009 Blogger DirTeam.com/ActiveDir.org ServerCore.Net Microsoft Tech Lead OGD ict-diensten Since 2000 MVP
  • 40. Introduction Raymond Comvalius MCSA, MCSE, MCITP, MCT Microsoft MVP since 2011 Author Windows 7 for XP Professionals Updating Support Skills… Independent IT Architect Specialized in IT Infrastructure since1998 MVP
  • 42. Current challenges Group membership is too strict Based on a single attribute Becomes uncontrollable very fast Token bloat A ticket with too many SIDs is not accepted Causes inconsistencies during logon Cross organization access Organizations must trust each other a lot Connections are not always stable
  • 43. Claims for rich authorization scenarios Rich authorization Claims can be based on Group Membership or on: • Any property of a user account (i.e. Department) • Or occurrence of the user the in the address list • Or the location of the computer … or combinations of the above … or external claims.
  • 45. Claims in Tokens and/or Kerberos Tickets Claims in SAML/OAuth2 and/or Kerberos Claims in SAML via Federation Services Claims in Kerberos via Dynamic Access Control Benefits of Claims in SAML/OAuth2 Kerberos and LDAP are not web based protocols Active Directory is not a web based product Benefits of Claims in Kerberos Claims can be based on any attribute Authorisation in ACLs exceeds user status
  • 46. Autorisation with Bring Your Own Claims-aware applications Active Directory Federation Services Relying Party (RP) processes the claims Windows-integrated web applications Web Application Proxy in Windows Server 2012 R2 Translate claims from SAML to Kerberos with KCD Data Work Folders allow for file server synchronisation SkyDrive Pro offers synchronisation with SharePoint
  • 48. Introducing Workplace Join Claims Employees verify devices Claims provided by Active Directory Federation Services Certificates Verified devices enroll a certificate from AD FS Per device an object in the Registered Devices container Service Discovery DNS Record (enterpriseregistration) for AutoDiscover DNS Record required per user domain
  • 49. Workplace Join Internals Certificate In local User Store from MS-Organization-Access Workplace Join requires working CRL for AD FS SSL Cert Active Directory msDS-Device object in Active Directory Tied to the user/device combination Cookies Permanent Cookie enables Single Sign-on
  • 52. Current Challenges Server Message Block (SMB) Discloses Windows-based file servers Not optimized for the web Remote Procedure Call (RPC) Discloses remote Windows functionality Not optimized for the web HTTP for everyting HTTP (with/without SSL) to be used as the standard protocol HTTP is the universal firewall bypass protocol
  • 54. Work Folders positioning Personal data Individual business data Team/Departe ment business data Personal devices SkyDrive Public Cloud SkyDrive Pro SharePoint and/or Office 365 Work Folders File Server Folder Redirection File Server
  • 55. Work Folders Internals HTTP-based file synchronisation DNS Record (workfolders) for AutoDiscovery Windows Authentication or AD FS (OAuth2) Standard Policies Password policy and device lock Policies cannot be customized Encryption and remote wipe Encryption based on EFS Enterprise Key Functional remote wipe initiated from Exchange / Intune
  • 56. Current Challenges TMG is End-of-Life We must have a Reverse Proxy Pre-authentication with Active Directory integration Groups are insufficient for autorization Client properties can be used for allow/deny access Existing web apps often not claims-aware Publish AD Federation Services on the Internet Disclosing Active Directory on the Internet is no option Internet accessible services in the Perimeter network
  • 58. Introducing Web Application Proxy Edge Role 1. AD FS Proxy configuration on the AD FS Server 2. Reverse Proxy for HTTPS with pre-authentication Kerberos Constraint Delegation Web App Proxy translates SAML to Kerberos Requires Service Principal Names (SPNs) Custom claims Configurable in AD Federation Services from multiple sources
  • 59. Internal access to a claims based app Active Directory Federation Services (acting as STS) 5 6 4 Active Directory Domain Services 3 Employee 2 1 Claims-based App On Premises 7
  • 60. BYO Access to a claims based app Active Directory Federation Services (acting as STS) 5 4 Active Directory Domain Services Colleague 6 ADFS Proxy 2 Reverse Proxy Claims-based Web App Proxy App On Premises 3 1 7
  • 61. BYO Access to a non-claims aware app Active Directory Federation Services (acting as STS) 5 4 Active Directory Domain Services Colleague 9 8 6 ADFS Proxy 2 10 Kerberos App Reverse Proxy Web App Proxy On Premises 3 1 7
  • 63. Managing Bring Your Own Not a single method to offer applications Organizations use multiple methods Unclear and hard to report Applications for multiple platforms Not just Windows, but also Mac OS Not just desktops, laptops, but also tablets, etc. Application distribution is hard Not all devices are connected to the network Not all devices can be connected to the network
  • 65. ConfigMgr with Windows Intune Employee System Center Configuration Manager 2012 R2 Windows Intune Central Management and Reporting On Premises
  • 68. Bring Your Own AD Domain Services Solid AD Federation authenticatio Services n Windows Azure AD Solid Azure RMS access Workplace Join Solid Webautorization Application Proxy System Center Solid management Windows Intune