A hybrid SharePoint environment is composed of an on-premises deployment of SharePoint Server 2013/2016 and a SharePoint Online tenant in Microsoft Office365. A hybrid Search approach enables end users to get and view search results across all environments. In this session, learn about pre-requisite considerations when configuring hybrid search deployment and what you will need to know about Hybrid Search when planning for a deployment.
5. On-premises SharePoint
•2013 SP1, or
•2016
•Office Online Server
Identity
•AD
•AADS
•Azure AD Connect
•Federation service(s), O365
Network
•Reverse proxy
•Network data mgmt
•Service accounts
Azure
•Active service setup
Office 365 tenant
•SPO Online
Solution pre-requisites
Service configuration
•Search vertical
•Information architecture
•Business information flow
Roles and profiles
•Internal
•Support
•External
Locations and access
•Device access scenarios
•Network source locations
•Service access mgmt
Operational mgmt
•Business administration
•Service desk escalation
•Business user enablement
Solution design
•Service configuration
•UX design
6. High level steps
1. Plan authentication > http://bit.ly/1S9lrIG
2. Review prerequisites
3. Outline all steps
4. Run configurations
5. Test
6. Repeat 2-5
7. How do you want users to login?
• Directory Synchronisation
• On Premises users are synced to
online
• Can also sync password
• They still get prompted to login
when going to Office365
• Uses Azure Active Directory
Connect
http://bit.ly/1S9lrIG
• Federated aka SSO
• A user logs on to their on-premises
environment with their user account.
• On Office 365, they are either logged on
automatically
• Or log on using the same credentials as
on premises
• Uses Azure Active Directory Connect
• Uses ADFS (Active Directory Federation
Services)
8. Before doing Hybrid
•Prerequisites
•Active Directory on premises
• Windows Server 2008, 2008 R2
• Windows Server 2012, 2012 R2 forest functional level
• Check your AD for pre-requisites and fix with the IDFix Tool >
http://bit.ly/1LSBOZb
•An operational SharePoint Server 2013/2016 Enterprise
farm
•Office365 Tenant
• E1 supports Display hybrid federated search results in SharePoint Server 2013
only, E3, or E4
9. Before doing Hybrid
•STS Certificates in SharePoint
•Relates to > SharePoint Server Security Token Service (STS)
•Server to server authentication of on premises SharePoint
to Office365
• The default STS certificate in the SharePoint farm doesn’t work in a
SharePoint hybrid topology.
• a self-signed certificate (if using for a pilot/dev/test) or
• a certificate that’s issued by a public certification authority in Production
• This certificate must have at least 2048 bit encryption
10. Before doing Hybrid
•Primary web application
•must have a SSL certificate
•must be Integrated Windows authentication using NTLM
• extend existing web app or
• create a new web app
•An A record in your public domain’s DNS zone
(https://externalportal.abc.org.nz)
•This enables Office 365 to send requests to the external
endpoint on the reverse proxy device that’s configured for
hybrid
17. So lets unpack the design
Azure
Farm build
Search service
Cloud SSA
Networking
Search service
Combined Index
18. Lets unpack what happens with index and crawl
Corporate LAN
SP,
FS,
BCS
ACL
mapping
Content
processing
Item
queue
19. Database
Crawl DB
Analytics DB
Search admin DB
Link DB
Query processing
Analytics
Content processing
Crawl
Admin
App Server
Index
What’s the Cloud search setup?
What’s in the bridge: Cloud SSA and OOS
What’s the Cloud
SSA look like?
SP Farm build
Office Online server
Search service
Cloud SSA
Networking
AD Director Connect
Azure AD
Search result sources
Hybrid configuration
Combined Index
809