One of the common misconceptions about “the cloud” is that it can reduce a company’s IT overhead and expenses. That’s not to say that an organization can’t or won’t save money by going to a cloud service like Office 365, but there are a lot of times when the amount of effort involved in making that move is not immediately apparent. This session will provide attendees with an overview of the most common activities that organizations will find require technical expertise and knowledge when taking their business “to the Cloud!” with Office 365. It will also explore the technical details of those activities, providing IT Pros with an understanding of how they can be executed as well as tips and tricks to help ensure a successful deployment.
3. Housekeeping
Please turn off all electronic devices or set them to vibrate.
If you must take a phone call, please do so in the hall so as
not to disturb others.
Wireless is available to all attendees with a valid Michigan ID,
just find the nearest sign-up terminal
Follow SharePoint Saturday Michigan on Twitter @spsmi and
hashtag #spsmi
Join us for SharePint after the closing
Chammps
301 West Big Beaver Road
T MI 48084
roy,
3 | SharePoint Saturday Michigan 2012
4. Outline
Office 365 Overview
IT and the Cloud
What we give up
What we get back
Pain points
4 | SharePoint Saturday Michigan 2012
5. Email and Calendaring
Websites and Collaboration
IM and Online Meetings
Office Client and Web Apps
Hosted by Microsoft – in the cloud!
5 | SharePoint Saturday Michigan 2012
6. Office 365 Overview
IT and the Cloud
What we give up
What we get back
Pain points
6 | SharePoint Saturday Michigan 2012
9. Office 365’s impact on IT
No more deep platform
management
Less control over functionality
More Identity Management
Hybrid challenges
9 | SharePoint Saturday Michigan 2012
10. Office 365 Overview
IT and the Cloud
What we give up
What we get back
Pain points
10 | SharePoint Saturday Michigan 2012
12. Losing Control
No tweaking
No fine customization
No server installs
No storage management
No patching
No networking
No upgrades *
12 | SharePoint Saturday Michigan 2012
13. Office 365 Overview
IT and the Cloud
What we give up
What we get back
Pain points
13 | SharePoint Saturday Michigan 2012
14. What we get back
Who can do what?
Accounts
and Subscriptions
How do you
manage Identity?
Remember the client
Maintaining the connection
14 | SharePoint Saturday Michigan 2012
15. Subscriptions
No more CALs
Now you have USLs
Must assign licenses
Dynamic assignment
15 | SharePoint Saturday Michigan 2012
17. Office 365 admin roles
Global administrator
Billing administrator
Password administrator
Services administrator
User management administrator
Delegated administrator
See the Office 365 Support Services Description document for more info:
http://tinyurl.com/o365SvcDescrs
18 | SharePoint Saturday Michigan 2012
18. Identity: who gets in?
Where do your Office 365
user accounts live?
What is needed to use them?
What can they do?
What are the limitations
of the approach?
19 | SharePoint Saturday Michigan 2012
19. Identity Options
1. Microsoft Online (MSO) IDs
2. MSO IDs + Directory Synchronization
3. Single Sign On + Directory Synchronization Microsoft Online Services
Identity Services
Exchange
Your Environment Trust Authentication
Online
platform
Active Directory Admin Portal/
Federation PowerShell IdP SharePoint
Services 2.0 Online
IdP MS Online Provisioning
Directory Lync
AD Directory Sync platform Store Online
Office 365
Desktop Setup
20 | SharePoint Saturday Michigan 2012
20. What can they do?
Appropriate for
Appropriate for • Medium/Large orgs with Appropriate for
• Smaller orgs without AD on-premise • Larger enterprise orgs
AD on-premise with AD on-premise
Pros
Pros • Users and groups Pros
• No servers required on- mastered on-premise • SSO with corporate cred
premise • Enables co-existence • IDs mastered on-premise
scenarios • Password policy
Cons controlled on-premise
• No SSO Cons • 2FA solutions possible
• No 2FA • No SSO • Enables co-existence
• 2 sets of credentials to • No 2FA scenarios
manage with differing • 2 sets of credentials to
password policies manage with differing Cons
• IDs mastered in the password policies • High availability server
cloud • Single server deployments required
deployment
21 | SharePoint Saturday Michigan 2012
21. Sign On Experience *
SSO vs. Online IDs Summary
Outlook Web
Application ActiveSync,
Outlook 2007 or SharePoint Web Office 2010, or POP, IMAP,
Lync Online 2010 Application Office 2007 SP2 Entourage
Win7/Vista/XP Win7/Vista/XP Win 7/Vista/XP
MS Online IDs Online ID Online ID Online ID Online ID Online ID
SSO IDs
(domain
AD credentials AD credentials AD credentials AD credentials AD credentials
joined)
SSO IDs
(non-domain
AD credentials AD credentials AD credentials AD credentials AD credentials
joined)
*Requires AD FS 2.0 22 | SharePoint Saturday Michigan 2012
22. Active Directory
Federation Services (AD FS)
Microsoft Online Services
Identity Services
Exchange
Your Environment Trust Authentication
Online
platform
Active Directory
Federation SharePoint
Services 2.0 Online
IdP MS Online
Directory Lync
AD Directory Sync Store Online
Office 365
Desktop Setup
23 | SharePoint Saturday Michigan 2012
23. How does AD FS work?
Claims authentication
Think of it like a passport
Passport Application
Visa Application
Submit for authorization
Allowed access
24 | SharePoint Saturday Michigan 2012
24. AD FS’s Authentication flow
Your Environment Microsoft Online Services
Active Directory
AD FS 2.0 Server (SAML 1.1) Token
Logon
UPN:user@contoso.com
Authentication platform
Source User ID: ABC123
Auth Token
UPN:user@contoso.com
Unique ID: 254729
`
Exchange Online or
Client
SharePoint Online
(joined to CorpNet)
25 | SharePoint Saturday Michigan 2012
25. AD FS 2.0 deployment options
1. Single server configuration
2. AD FS 2.0 server farm and load-balancer
3. AD FS 2.0 proxy server or UAG/TMG
(External Users, Active Sync, Outlook)
Active
Directory
AD FS 2.0 AD FS 2.0 AD FS 2.0
Server Server Server
Proxy
AD FS 2.0
Server
Proxy External
Internal Enterprise user
user DMZ
26 | SharePoint Saturday Michigan 2012
26. Directory Synchronization
One-way copy of accounts
to Office 365
Required for SSO/AD FS
But can be used without AD FS
Required for Hybrid scenarios
Think of it as an appliance,
always running
28 | SharePoint Saturday Michigan 2012
27. How DirSync Fits in
Microsoft Online Services
Identity Services
Exchange
Your Environment Trust Authentication
Online
platform
Active Directory
Federation IdP SharePoint
Services 2.0 Online
IdP MS Online
Directory Lync
AD Directory Sync Store Online
Office 365
Desktop Setup
29 | SharePoint Saturday Michigan 2012
28. Getting to know DirSync
It’s actually Forefront Identity Manager
Copies AD accounts into Office 365
But not back down
Doesn’t sync passwords
Filtering now available
Can have sizing issues
Upload sizing
Database sizing
FIM: no touchy! (maybe) 30 | SharePoint Saturday Michigan 2012
29. We still have those silly users…
OS compatibility
Office compatibility
Single sign on
Training
Transitions
Mobile
31 | SharePoint Saturday Michigan 2012
30. None of this works without…
What kind of connection do you have?
How big is it?
How reliable is it?
Is it redundant?
32 | SharePoint Saturday Michigan 2012
31. Office 365 Overview
IT and the Cloud
What we give up
What we get back
Pain points
33 | SharePoint Saturday Michigan 2012
32. Are you supportive?
Know what you get
What are you responsible for?
Who are you dealing with?
Does it meet your
requirements?
34 | SharePoint Saturday Michigan 2012
33. Where did it go?
35 | SharePoint Saturday Michigan 2012
34. No upgrades?
36 | SharePoint Saturday Michigan 2012
35. Managing Identity in Office 365
AD FS is complex
And important!
PowerShell is your friend
Remember your internet
connection?
Office 365 is constantly
changing
37 | SharePoint Saturday Michigan 2012
36. Did someone say PowerShell?
38 | SharePoint Saturday Michigan 2012
37. A tale of two shells (soon three)
39 | SharePoint Saturday Michigan 2012