SlideShare a Scribd company logo

Adfs azure

Jethro Seghers
Jethro Seghers
1 of 34
Download to read offline
1. MS Online IDs 2. MS Online IDs + Dir Sync 3. Federated IDs + Dir Sync Appropriate for Appropriate for Appropriate for • Smaller organizations without • Orgs with AD on-premise • Larger enterprise organizations AD on-premise with AD on-premise Pros Pros • Users and groups mastered on- Pros • No servers required on- premise • SSO with corporate cred premise • Enables co-existence scenarios • Users and groups mastered on- premise Cons • Password policy controlled on- Cons • No SSO premise • No SSO • No 2FA • 2FA solutions possible • No 2FA (strong authentication) • 2 sets of credentials to manage • Enables co-existence scenarios • 2 sets of credentials to with differing password policies manage with differing • Single server deployment Cons password policies • High availability server • Users and groups mastered in deployments required the cloud
Microsoft Office 365 Services Bronze Sky customer premises Trust Federation Exchange Gateway Online Active Directory Authentication Federation Server platform SharePoint 2.0 IdP Online IdP MS Online Directory Provisioning Sync Directory Lync AD platform Store Online Service connector Admin Portal
Federated vs. Non-Federated Summary Office 2010, or Office ActiveSync, POP, Outlook Outlook Outlook 2007 or Outlook Web 2007 SP2 IMAP, Entourage 2010 2007 2010 Application SharePoint Online Win 7 Win 7 Vista/XP Win 7/Vista/XP MS Online IDs Online ID Online ID Online ID Online ID Online ID Online ID Federated IDs, domain joined AD credentials
Authentication flow (passive profile) Customer Microsoft Office 365 Active Directory AD FS 2.0 Server Federation Gateway ` Client Exchange Online (joined to CorpNet)
Authentication flow (active profile) Customer Microsoft Office 365 Active Directory AD FS 2.0 Server Federation Gateway ` Client Exchange Online (joined to CorpNet)
AD FS 2.0 deployment options Active Directory AD FS 2.0 AD FS 2.0 AD FS 2.0 Server Server Server Proxy AD FS 2.0 Server Proxy Internal user Enterprise DMZ
Identity Co-Existence
Architecture
Architecture - Client
Architecture - Client
VPN Active Directory AD FS 2.0 AD FS 2.0 Active Server Server Directory IaaS Enterprise
AD FS 2.0 Server IP SEC DirSync GATEWAY LB ENDPOINT DEVICE AD FS 2.0 Server CLOUD SERVICE Windows Azure Enterprise
Adfs azure
Adfs azure

Recommended

Adfs Shib Interop Um Oxford
Adfs Shib Interop Um OxfordAdfs Shib Interop Um Oxford
Adfs Shib Interop Um Oxfordguestd9aa5
 
Directory Synchronization Single Sign-On in Office 365
Directory Synchronization Single Sign-On in Office 365Directory Synchronization Single Sign-On in Office 365
Directory Synchronization Single Sign-On in Office 365InnoTech
 
Office 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsOffice 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsamitchachra
 
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365Microsoft TechNet - Belgium and Luxembourg
 
Office 365 Identity Management options
Office 365 Identity Management options Office 365 Identity Management options
Office 365 Identity Management options Microsoft TechNet - Belgium and Luxembourg
 
OFM AIA FP Implementation View and Case Study
OFM AIA FP Implementation View and Case StudyOFM AIA FP Implementation View and Case Study
OFM AIA FP Implementation View and Case StudySreenivasa Setty
 
Troubleshooting Federation, ADFS, and More
Troubleshooting Federation, ADFS, and More Troubleshooting Federation, ADFS, and More
Troubleshooting Federation, ADFS, and More Microsoft TechNet - Belgium and Luxembourg
 
Ad fs
Ad fsAd fs
Ad fsIván Sanchez Vera
 

Recommended

Adfs Shib Interop Um Oxford
Adfs Shib Interop Um OxfordAdfs Shib Interop Um Oxford
Adfs Shib Interop Um Oxfordguestd9aa5
 
Directory Synchronization Single Sign-On in Office 365
Directory Synchronization Single Sign-On in Office 365Directory Synchronization Single Sign-On in Office 365
Directory Synchronization Single Sign-On in Office 365InnoTech
 
Office 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsOffice 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsamitchachra
 
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365Microsoft TechNet - Belgium and Luxembourg
 
Office 365 Identity Management options
Office 365 Identity Management options Office 365 Identity Management options
Office 365 Identity Management options Microsoft TechNet - Belgium and Luxembourg
 
OFM AIA FP Implementation View and Case Study
OFM AIA FP Implementation View and Case StudyOFM AIA FP Implementation View and Case Study
OFM AIA FP Implementation View and Case StudySreenivasa Setty
 
Troubleshooting Federation, ADFS, and More
Troubleshooting Federation, ADFS, and More Troubleshooting Federation, ADFS, and More
Troubleshooting Federation, ADFS, and More Microsoft TechNet - Belgium and Luxembourg
 
Ad fs
Ad fsAd fs
Ad fsIván Sanchez Vera
 
The Who, What, Why and How of Active Directory Federation Services (AD FS)
The Who, What, Why and How of Active Directory Federation Services (AD FS)The Who, What, Why and How of Active Directory Federation Services (AD FS)
The Who, What, Why and How of Active Directory Federation Services (AD FS)Jay Simcox
 
Office 365 identity
Office 365 identityOffice 365 identity
Office 365 identityMotty Ben Atia
 
Supporting architecture for office 365 spo
Supporting architecture for office 365 spoSupporting architecture for office 365 spo
Supporting architecture for office 365 spoJethro Seghers
 
SharePoint 2013 and ADFS
SharePoint 2013 and ADFSSharePoint 2013 and ADFS
SharePoint 2013 and ADFSNatallia Makarevich
 
Deploying Exchange 2013 in Hybrid Mode
Deploying Exchange 2013 in Hybrid ModeDeploying Exchange 2013 in Hybrid Mode
Deploying Exchange 2013 in Hybrid ModeMicrosoft TechNet - Belgium and Luxembourg
 
Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13Gus Fraser
 
Get your site microsoft edge ready
Get your site microsoft edge readyGet your site microsoft edge ready
Get your site microsoft edge readyMostafa
 
DD105 Multi Tenancy in SharePoint 2010
DD105 Multi Tenancy in SharePoint 2010DD105 Multi Tenancy in SharePoint 2010
DD105 Multi Tenancy in SharePoint 2010Spencer Harbar
 
Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with ...
Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with ...Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with ...
Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with ...Nordic Infrastructure Conference
 
DD109 Claims Based AuthN in SharePoint 2010
DD109 Claims Based AuthN in SharePoint 2010DD109 Claims Based AuthN in SharePoint 2010
DD109 Claims Based AuthN in SharePoint 2010Spencer Harbar
 
AD FS Workshop | Part 1 | Quick Overview
AD FS Workshop | Part 1 | Quick OverviewAD FS Workshop | Part 1 | Quick Overview
AD FS Workshop | Part 1 | Quick OverviewGranikos GmbH & Co. KG
 
Identity and o365 on Azure
Identity and o365 on AzureIdentity and o365 on Azure
Identity and o365 on AzureMostafa
 
It112 SharePoint 2010 Mythbusters
It112 SharePoint 2010 MythbustersIt112 SharePoint 2010 Mythbusters
It112 SharePoint 2010 MythbustersSpencer Harbar
 
SPIntersection 2016 - TO THE CLOUD! USING IAAS AS A HOSTING PROVIDER FOR SHAR...
SPIntersection 2016 - TO THE CLOUD! USING IAAS AS A HOSTING PROVIDER FOR SHAR...SPIntersection 2016 - TO THE CLOUD! USING IAAS AS A HOSTING PROVIDER FOR SHAR...
SPIntersection 2016 - TO THE CLOUD! USING IAAS AS A HOSTING PROVIDER FOR SHAR...Scott Hoag
 
2. Day 2 - Identify and SSO
2. Day 2 - Identify and SSO2. Day 2 - Identify and SSO
2. Day 2 - Identify and SSOHuy Pham
 
Kerberos part 2
Kerberos part 2Kerberos part 2
Kerberos part 2Spencer Harbar
 
Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...SPC Adriatics
 
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365Scott Hoag
 
Office 365: Do’s and Don’ts, Lessons learned from the field
Office 365: Do’s and Don’ts, Lessons learned from the fieldOffice 365: Do’s and Don’ts, Lessons learned from the field
Office 365: Do’s and Don’ts, Lessons learned from the fieldMicrosoft TechNet - Belgium and Luxembourg
 
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft CloudEuropean Collaboration Summit
 
Office 365: Planning and Automating for Hybrid Identity Scenarios in the Clou...
Office 365: Planning and Automating for Hybrid Identity Scenarios in the Clou...Office 365: Planning and Automating for Hybrid Identity Scenarios in the Clou...
Office 365: Planning and Automating for Hybrid Identity Scenarios in the Clou...Microsoft TechNet - Belgium and Luxembourg
 
Preparing for Office 365
Preparing for Office 365Preparing for Office 365
Preparing for Office 365Jan Egil Ring
 

More Related Content

What's hot

The Who, What, Why and How of Active Directory Federation Services (AD FS)
The Who, What, Why and How of Active Directory Federation Services (AD FS)The Who, What, Why and How of Active Directory Federation Services (AD FS)
The Who, What, Why and How of Active Directory Federation Services (AD FS)Jay Simcox
 
Supporting architecture for office 365 spo
Supporting architecture for office 365 spoSupporting architecture for office 365 spo
Supporting architecture for office 365 spoJethro Seghers
 
Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13Gus Fraser
 
Get your site microsoft edge ready
Get your site microsoft edge readyGet your site microsoft edge ready
Get your site microsoft edge readyMostafa
 
DD105 Multi Tenancy in SharePoint 2010
DD105 Multi Tenancy in SharePoint 2010DD105 Multi Tenancy in SharePoint 2010
DD105 Multi Tenancy in SharePoint 2010Spencer Harbar
 
Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with ...
Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with ...Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with ...
Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with ...Nordic Infrastructure Conference
 
DD109 Claims Based AuthN in SharePoint 2010
DD109 Claims Based AuthN in SharePoint 2010DD109 Claims Based AuthN in SharePoint 2010
DD109 Claims Based AuthN in SharePoint 2010Spencer Harbar
 
AD FS Workshop | Part 1 | Quick Overview
AD FS Workshop | Part 1 | Quick OverviewAD FS Workshop | Part 1 | Quick Overview
AD FS Workshop | Part 1 | Quick OverviewGranikos GmbH & Co. KG
 
Identity and o365 on Azure
Identity and o365 on AzureIdentity and o365 on Azure
Identity and o365 on AzureMostafa
 
It112 SharePoint 2010 Mythbusters
It112 SharePoint 2010 MythbustersIt112 SharePoint 2010 Mythbusters
It112 SharePoint 2010 MythbustersSpencer Harbar
 
SPIntersection 2016 - TO THE CLOUD! USING IAAS AS A HOSTING PROVIDER FOR SHAR...
SPIntersection 2016 - TO THE CLOUD! USING IAAS AS A HOSTING PROVIDER FOR SHAR...SPIntersection 2016 - TO THE CLOUD! USING IAAS AS A HOSTING PROVIDER FOR SHAR...
SPIntersection 2016 - TO THE CLOUD! USING IAAS AS A HOSTING PROVIDER FOR SHAR...Scott Hoag
 
2. Day 2 - Identify and SSO
2. Day 2 - Identify and SSO2. Day 2 - Identify and SSO
2. Day 2 - Identify and SSOHuy Pham
 
Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...SPC Adriatics
 
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365Scott Hoag
 
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft CloudEuropean Collaboration Summit
 

What's hot (20)

The Who, What, Why and How of Active Directory Federation Services (AD FS)
The Who, What, Why and How of Active Directory Federation Services (AD FS)The Who, What, Why and How of Active Directory Federation Services (AD FS)
The Who, What, Why and How of Active Directory Federation Services (AD FS)
 
Office 365 identity
Office 365 identityOffice 365 identity
Office 365 identity
 
Supporting architecture for office 365 spo
Supporting architecture for office 365 spoSupporting architecture for office 365 spo
Supporting architecture for office 365 spo
 
SharePoint 2013 and ADFS
SharePoint 2013 and ADFSSharePoint 2013 and ADFS
SharePoint 2013 and ADFS
 
Deploying Exchange 2013 in Hybrid Mode
Deploying Exchange 2013 in Hybrid ModeDeploying Exchange 2013 in Hybrid Mode
Deploying Exchange 2013 in Hybrid Mode
 
Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13
 
Get your site microsoft edge ready
Get your site microsoft edge readyGet your site microsoft edge ready
Get your site microsoft edge ready
 
DD105 Multi Tenancy in SharePoint 2010
DD105 Multi Tenancy in SharePoint 2010DD105 Multi Tenancy in SharePoint 2010
DD105 Multi Tenancy in SharePoint 2010
 
Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with ...
Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with ...Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with ...
Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with ...
 
DD109 Claims Based AuthN in SharePoint 2010
DD109 Claims Based AuthN in SharePoint 2010DD109 Claims Based AuthN in SharePoint 2010
DD109 Claims Based AuthN in SharePoint 2010
 
AD FS Workshop | Part 1 | Quick Overview
AD FS Workshop | Part 1 | Quick OverviewAD FS Workshop | Part 1 | Quick Overview
AD FS Workshop | Part 1 | Quick Overview
 
Identity and o365 on Azure
Identity and o365 on AzureIdentity and o365 on Azure
Identity and o365 on Azure
 
It112 SharePoint 2010 Mythbusters
It112 SharePoint 2010 MythbustersIt112 SharePoint 2010 Mythbusters
It112 SharePoint 2010 Mythbusters
 
SPIntersection 2016 - TO THE CLOUD! USING IAAS AS A HOSTING PROVIDER FOR SHAR...
SPIntersection 2016 - TO THE CLOUD! USING IAAS AS A HOSTING PROVIDER FOR SHAR...SPIntersection 2016 - TO THE CLOUD! USING IAAS AS A HOSTING PROVIDER FOR SHAR...
SPIntersection 2016 - TO THE CLOUD! USING IAAS AS A HOSTING PROVIDER FOR SHAR...
 
2. Day 2 - Identify and SSO
2. Day 2 - Identify and SSO2. Day 2 - Identify and SSO
2. Day 2 - Identify and SSO
 
Kerberos part 2
Kerberos part 2Kerberos part 2
Kerberos part 2
 
Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...
 
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
 
Office 365: Do’s and Don’ts, Lessons learned from the field
Office 365: Do’s and Don’ts, Lessons learned from the fieldOffice 365: Do’s and Don’ts, Lessons learned from the field
Office 365: Do’s and Don’ts, Lessons learned from the field
 
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
 

Similar to Adfs azure

Office 365: Planning and Automating for Hybrid Identity Scenarios in the Clou...
Office 365: Planning and Automating for Hybrid Identity Scenarios in the Clou...Office 365: Planning and Automating for Hybrid Identity Scenarios in the Clou...
Office 365: Planning and Automating for Hybrid Identity Scenarios in the Clou...Microsoft TechNet - Belgium and Luxembourg
 
Preparing for Office 365
Preparing for Office 365Preparing for Office 365
Preparing for Office 365Jan Egil Ring
 
Office 365 in a hybrid world
Office 365 in a hybrid worldOffice 365 in a hybrid world
Office 365 in a hybrid worldatwork
 
Office 365 for IT Pros - SPS Michigan 2012
Office 365 for IT Pros - SPS Michigan 2012Office 365 for IT Pros - SPS Michigan 2012
Office 365 for IT Pros - SPS Michigan 2012John Ferringer
 
Sql Server 2012 Reporting-Services is Now a SharePoint Service Application
Sql Server 2012 Reporting-Services is Now a SharePoint Service ApplicationSql Server 2012 Reporting-Services is Now a SharePoint Service Application
Sql Server 2012 Reporting-Services is Now a SharePoint Service ApplicationInnoTech
 
Tutorial: SharePoint 2013 Admin in the Hybrid World by Jason Himmelstein - SP...
Tutorial: SharePoint 2013 Admin in the Hybrid World by Jason Himmelstein - SP...Tutorial: SharePoint 2013 Admin in the Hybrid World by Jason Himmelstein - SP...
Tutorial: SharePoint 2013 Admin in the Hybrid World by Jason Himmelstein - SP...SPTechCon
 
HAD05: Collaborating with Extranet Partners on SharePoint 2010
HAD05: Collaborating with Extranet Partners on SharePoint 2010HAD05: Collaborating with Extranet Partners on SharePoint 2010
HAD05: Collaborating with Extranet Partners on SharePoint 2010Michael Noel
 
Kerberos: The Four Letter Word
Kerberos: The Four Letter WordKerberos: The Four Letter Word
Kerberos: The Four Letter WordKenneth Maglio
 
SharePoint in Clouds - Autoprovisioned apps with SharePoint 2013
SharePoint in Clouds - Autoprovisioned apps with SharePoint 2013SharePoint in Clouds - Autoprovisioned apps with SharePoint 2013
SharePoint in Clouds - Autoprovisioned apps with SharePoint 2013Adis Jugo
 
Understanding Office 365’s Identity Solutions: Deep Dive - EPC Group
Understanding Office 365’s Identity Solutions: Deep Dive - EPC GroupUnderstanding Office 365’s Identity Solutions: Deep Dive - EPC Group
Understanding Office 365’s Identity Solutions: Deep Dive - EPC GroupEPC Group
 
SharePoint 2010 Training Session 1
SharePoint 2010 Training Session 1SharePoint 2010 Training Session 1
SharePoint 2010 Training Session 1Usman Zafar Malik
 
SPS- Share Point 2010 and Windows Azure
SPS- Share Point 2010 and Windows AzureSPS- Share Point 2010 and Windows Azure
SPS- Share Point 2010 and Windows AzureShakir Majeed Khan
 
Microsoft Best Practices - AWS India Summit 2012
Microsoft Best Practices - AWS India Summit 2012Microsoft Best Practices - AWS India Summit 2012
Microsoft Best Practices - AWS India Summit 2012Amazon Web Services
 
What‘s new in Office 365
What‘s new in Office 365What‘s new in Office 365
What‘s new in Office 365SPC Adriatics
 
Cloud 101 & BPOS - Microsoft Webinar
Cloud 101 & BPOS - Microsoft WebinarCloud 101 & BPOS - Microsoft Webinar
Cloud 101 & BPOS - Microsoft WebinarPiyush Saggi
 
Collaborating with Extranet Partners on SharePoint 2010 - SharePoint Connecti...
Collaborating with Extranet Partners on SharePoint 2010 - SharePoint Connecti...Collaborating with Extranet Partners on SharePoint 2010 - SharePoint Connecti...
Collaborating with Extranet Partners on SharePoint 2010 - SharePoint Connecti...Michael Noel
 
SharePoint 2010 as a Development Platform
SharePoint 2010 as a Development PlatformSharePoint 2010 as a Development Platform
SharePoint 2010 as a Development PlatformAyman El-Hattab
 

Similar to Adfs azure (20)

Office 365: Planning and Automating for Hybrid Identity Scenarios in the Clou...
Office 365: Planning and Automating for Hybrid Identity Scenarios in the Clou...Office 365: Planning and Automating for Hybrid Identity Scenarios in the Clou...
Office 365: Planning and Automating for Hybrid Identity Scenarios in the Clou...
 
Preparing for Office 365
Preparing for Office 365Preparing for Office 365
Preparing for Office 365
 
Office 365 in a hybrid world
Office 365 in a hybrid worldOffice 365 in a hybrid world
Office 365 in a hybrid world
 
Office 365 for IT Pros - SPS Michigan 2012
Office 365 for IT Pros - SPS Michigan 2012Office 365 for IT Pros - SPS Michigan 2012
Office 365 for IT Pros - SPS Michigan 2012
 
Sql Server 2012 Reporting-Services is Now a SharePoint Service Application
Sql Server 2012 Reporting-Services is Now a SharePoint Service ApplicationSql Server 2012 Reporting-Services is Now a SharePoint Service Application
Sql Server 2012 Reporting-Services is Now a SharePoint Service Application
 
Tutorial: SharePoint 2013 Admin in the Hybrid World by Jason Himmelstein - SP...
Tutorial: SharePoint 2013 Admin in the Hybrid World by Jason Himmelstein - SP...Tutorial: SharePoint 2013 Admin in the Hybrid World by Jason Himmelstein - SP...
Tutorial: SharePoint 2013 Admin in the Hybrid World by Jason Himmelstein - SP...
 
HAD05: Collaborating with Extranet Partners on SharePoint 2010
HAD05: Collaborating with Extranet Partners on SharePoint 2010HAD05: Collaborating with Extranet Partners on SharePoint 2010
HAD05: Collaborating with Extranet Partners on SharePoint 2010
 
Kerberos: The Four Letter Word
Kerberos: The Four Letter WordKerberos: The Four Letter Word
Kerberos: The Four Letter Word
 
SharePoint in Clouds - Autoprovisioned apps with SharePoint 2013
SharePoint in Clouds - Autoprovisioned apps with SharePoint 2013SharePoint in Clouds - Autoprovisioned apps with SharePoint 2013
SharePoint in Clouds - Autoprovisioned apps with SharePoint 2013
 
Understanding Office 365’s Identity Solutions: Deep Dive - EPC Group
Understanding Office 365’s Identity Solutions: Deep Dive - EPC GroupUnderstanding Office 365’s Identity Solutions: Deep Dive - EPC Group
Understanding Office 365’s Identity Solutions: Deep Dive - EPC Group
 
SharePoint 2010 Training Session 1
SharePoint 2010 Training Session 1SharePoint 2010 Training Session 1
SharePoint 2010 Training Session 1
 
SPS- Share Point 2010 and Windows Azure
SPS- Share Point 2010 and Windows AzureSPS- Share Point 2010 and Windows Azure
SPS- Share Point 2010 and Windows Azure
 
Microsoft Best Practices - AWS India Summit 2012
Microsoft Best Practices - AWS India Summit 2012Microsoft Best Practices - AWS India Summit 2012
Microsoft Best Practices - AWS India Summit 2012
 
What‘s new in Office 365
What‘s new in Office 365What‘s new in Office 365
What‘s new in Office 365
 
Blaze Ds Slides
Blaze Ds SlidesBlaze Ds Slides
Blaze Ds Slides
 
3 022
3 0223 022
3 022
 
Cloud 101 & BPOS - Microsoft Webinar
Cloud 101 & BPOS - Microsoft WebinarCloud 101 & BPOS - Microsoft Webinar
Cloud 101 & BPOS - Microsoft Webinar
 
Collaborating with Extranet Partners on SharePoint 2010 - SharePoint Connecti...
Collaborating with Extranet Partners on SharePoint 2010 - SharePoint Connecti...Collaborating with Extranet Partners on SharePoint 2010 - SharePoint Connecti...
Collaborating with Extranet Partners on SharePoint 2010 - SharePoint Connecti...
 
Lotus Notes to SharePoint Migration
Lotus Notes to SharePoint MigrationLotus Notes to SharePoint Migration
Lotus Notes to SharePoint Migration
 
SharePoint 2010 as a Development Platform
SharePoint 2010 as a Development PlatformSharePoint 2010 as a Development Platform
SharePoint 2010 as a Development Platform
 

More from Jethro Seghers

Protect your online with IRMS
Protect your online with IRMSProtect your online with IRMS
Protect your online with IRMSJethro Seghers
 
SharePoint 2013 in a hybrid world
SharePoint 2013 in a hybrid worldSharePoint 2013 in a hybrid world
SharePoint 2013 in a hybrid worldJethro Seghers
 
Share point 2013 in a hybrid world
Share point 2013 in a hybrid worldShare point 2013 in a hybrid world
Share point 2013 in a hybrid worldJethro Seghers
 
Preparing for an Exchange 2013 Hybrid
Preparing for an Exchange 2013 HybridPreparing for an Exchange 2013 Hybrid
Preparing for an Exchange 2013 HybridJethro Seghers
 
Exchange Data Loss Prevention in Exchange 2013 - Exchange Online
Exchange Data Loss Prevention in Exchange 2013 - Exchange OnlineExchange Data Loss Prevention in Exchange 2013 - Exchange Online
Exchange Data Loss Prevention in Exchange 2013 - Exchange OnlineJethro Seghers
 
SPEDUC: SharePoint on Premises vs Online for Education
SPEDUC: SharePoint on Premises vs Online for EducationSPEDUC: SharePoint on Premises vs Online for Education
SPEDUC: SharePoint on Premises vs Online for EducationJethro Seghers
 
Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure Jethro Seghers
 
Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure Jethro Seghers
 
SharePoint 2013 in a hybrid world
SharePoint 2013 in a hybrid worldSharePoint 2013 in a hybrid world
SharePoint 2013 in a hybrid worldJethro Seghers
 

More from Jethro Seghers (10)

Protect your online with IRMS
Protect your online with IRMSProtect your online with IRMS
Protect your online with IRMS
 
SharePoint 2013 in a hybrid world
SharePoint 2013 in a hybrid worldSharePoint 2013 in a hybrid world
SharePoint 2013 in a hybrid world
 
Office365 BI
Office365 BIOffice365 BI
Office365 BI
 
Share point 2013 in a hybrid world
Share point 2013 in a hybrid worldShare point 2013 in a hybrid world
Share point 2013 in a hybrid world
 
Preparing for an Exchange 2013 Hybrid
Preparing for an Exchange 2013 HybridPreparing for an Exchange 2013 Hybrid
Preparing for an Exchange 2013 Hybrid
 
Exchange Data Loss Prevention in Exchange 2013 - Exchange Online
Exchange Data Loss Prevention in Exchange 2013 - Exchange OnlineExchange Data Loss Prevention in Exchange 2013 - Exchange Online
Exchange Data Loss Prevention in Exchange 2013 - Exchange Online
 
SPEDUC: SharePoint on Premises vs Online for Education
SPEDUC: SharePoint on Premises vs Online for EducationSPEDUC: SharePoint on Premises vs Online for Education
SPEDUC: SharePoint on Premises vs Online for Education
 
Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure
 
Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure
 
SharePoint 2013 in a hybrid world
SharePoint 2013 in a hybrid worldSharePoint 2013 in a hybrid world
SharePoint 2013 in a hybrid world
 

Adfs azure

  • 1.
  • 2.
  • 3.
  • 4.
  • 5. 1. MS Online IDs 2. MS Online IDs + Dir Sync 3. Federated IDs + Dir Sync Appropriate for Appropriate for Appropriate for • Smaller organizations without • Orgs with AD on-premise • Larger enterprise organizations AD on-premise with AD on-premise Pros Pros • Users and groups mastered on- Pros • No servers required on- premise • SSO with corporate cred premise • Enables co-existence scenarios • Users and groups mastered on- premise Cons • Password policy controlled on- Cons • No SSO premise • No SSO • No 2FA • 2FA solutions possible • No 2FA (strong authentication) • 2 sets of credentials to manage • Enables co-existence scenarios • 2 sets of credentials to with differing password policies manage with differing • Single server deployment Cons password policies • High availability server • Users and groups mastered in deployments required the cloud
  • 6. Microsoft Office 365 Services Bronze Sky customer premises Trust Federation Exchange Gateway Online Active Directory Authentication Federation Server platform SharePoint 2.0 IdP Online IdP MS Online Directory Provisioning Sync Directory Lync AD platform Store Online Service connector Admin Portal
  • 7. Federated vs. Non-Federated Summary Office 2010, or Office ActiveSync, POP, Outlook Outlook Outlook 2007 or Outlook Web 2007 SP2 IMAP, Entourage 2010 2007 2010 Application SharePoint Online Win 7 Win 7 Vista/XP Win 7/Vista/XP MS Online IDs Online ID Online ID Online ID Online ID Online ID Online ID Federated IDs, domain joined AD credentials
  • 8.
  • 9. Authentication flow (passive profile) Customer Microsoft Office 365 Active Directory AD FS 2.0 Server Federation Gateway ` Client Exchange Online (joined to CorpNet)
  • 10. Authentication flow (active profile) Customer Microsoft Office 365 Active Directory AD FS 2.0 Server Federation Gateway ` Client Exchange Online (joined to CorpNet)
  • 11. AD FS 2.0 deployment options Active Directory AD FS 2.0 AD FS 2.0 AD FS 2.0 Server Server Server Proxy AD FS 2.0 Server Proxy Internal user Enterprise DMZ
  • 12.
  • 13.
  • 14.
  • 16.
  • 17.
  • 21.
  • 22.
  • 23.
  • 24.
  • 25.
  • 26. VPN Active Directory AD FS 2.0 AD FS 2.0 Active Server Server Directory IaaS Enterprise
  • 27.
  • 28.
  • 29.
  • 30.
  • 31.
  • 32. AD FS 2.0 Server IP SEC DirSync GATEWAY LB ENDPOINT DEVICE AD FS 2.0 Server CLOUD SERVICE Windows Azure Enterprise

Editor's Notes

  1. - how many 2K8 R2?How many want 64-bit? STUCK on 32-bit?
  2. Complexity/time – SG memberships heavier, recursive membership