Connecting Active Directory To Microsoft Services<br />	Lynn Ayres<br />	Program Manager<br />	Identity Services<br />	T...
Microsoft Identity Software + ServicesOne identity model that puts users in control of their identities<br />Standards Bas...
Microsoft Identity Software + Services One identity model that puts users in control of their identities<br />Standards Ba...
Why Are We Here?<br />Services Revolution<br />
<ul><li>Identity can be a barrier enabler</li></ul>Different security zones<br />Multiple islands<br />Identity Challenges...
IT admin <br />Employees<br />Developers  <br />Solution Must Satisfy:<br />
Federation Is Industry Endorsed Solution<br />Federation is the solution, but we need to do more<br />Microsoft will offer...
Solution:  Microsoft Federation Gateway<br />Federation hub brokers access for Cloud services: <br />Microsoft cloud appli...
Free download for quick and easy setup<br />Connects Active Directory to the Gateway and cloud services and applications <...
Enterprise Software And Service Topology<br />Cloud<br />ISV Apps<br />Enterprise<br />Apps<br />Microsoft Online<br />Win...
Microsoft Services Connector<br /><ul><li>Gurbinder
Microsoft Partner</li></ul>demo <br />
Registers the enterprise’s domain, sign-in endpoint, and a token signing key<br />Enterprise asserts domain ownership via ...
What Happened:  Accessing Services<br />User clicks link for service<br /><ul><li>Connector validates credentials with Act...
Connector issues a login token and redirects to Microsoft Federation Gateway
Federation Gateway validates token and transforms claims
Federation Gateway issues service token and redirects to requested service
User accesses service
User taken to Microsoft Services Connector for authentication</li></ul>Browser<br />Office<br />Desktop<br />Apps<br />Mic...
Drill Down:  Microsoft Federation Gateway<br />Businesses federate once to connect to any service<br />Services federate o...
Drill Down:  Microsoft Federation Gateway <br />For businesses:<br />Microsoft Services Connector, “Geneva” <br />Works fo...
Frameworks:  .NET, “Geneva”, Live
Upcoming SlideShare
Loading in …5
×

Ad.Ppt

834 views
807 views

Published on

Active directory is the back bone of server however its not the security app but part of security subsystem.

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
834
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
7
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • SLIDE FOR EVERY IDENTITY DECK
  • SLIDE FOR EVERY IDENTITY DECK
  • Ad.Ppt

    1. 1.
    2. 2. Connecting Active Directory To Microsoft Services<br /> Lynn Ayres<br /> Program Manager<br /> Identity Services<br /> Tore Sundelin<br />Program Manager<br />Identity Services<br />BB29<br />
    3. 3. Microsoft Identity Software + ServicesOne identity model that puts users in control of their identities<br />Standards Based<br />Enhances Developer Productivity<br />Flexibility via Choice<br />Live ID<br />Microsoft Federation Gateway<br />.Net Access <br />Control <br />Service<br />Services<br />Claims-Based Access<br />“Geneva” Framework<br />Live Framework<br />Windows CardSpace “Geneva”<br />“Geneva” Server<br />Microsoft Services Connector<br />Software<br />Active Directory<br />
    4. 4. Microsoft Identity Software + Services One identity model that puts users in control of their identities<br />Standards Based<br />Enhances Developer Productivity<br />Flexibility via Choice<br />Live ID<br />.Net Access <br />Control <br />Service<br />Microsoft Federation Gateway<br />Services<br />Claims-Based Access<br />Live Framework<br />“Geneva” Framework<br />Windows CardSpace “Geneva”<br />“Geneva” Server<br />Microsoft Services Connector<br />Software<br />Active Directory<br />
    5. 5. Why Are We Here?<br />Services Revolution<br />
    6. 6. <ul><li>Identity can be a barrier enabler</li></ul>Different security zones<br />Multiple islands<br />Identity Challenges<br /><ul><li>Identity can be a barrier </li></li></ul><li>Switch from a server (Exchange) to a cloud service <br />Adopt a new service<br />Move an on-premises app to a cloud service<br />Scenarios<br /><ul><li>How does a business use services without changing their on-premises identity infrastructure?(ex: Active Directory) </li></li></ul><li>Enterprise Software And Service Topology<br />Cloud<br />ISV Apps<br />Microsoft Online<br />Windows Live<br />Enterprise<br />Apps<br />Azure Services Platform<br />Microsoft Dynamics CRM Online<br />Live<br />Mesh<br />Live Identity Service<br />Enterprise On-Premises<br />Browser<br />Active Directory<br />Office<br />Desktop<br />Apps<br />ISV Apps<br />SharePoint<br />Exchange<br />
    7. 7. IT admin <br />Employees<br />Developers <br />Solution Must Satisfy:<br />
    8. 8. Federation Is Industry Endorsed Solution<br />Federation is the solution, but we need to do more<br />Microsoft will offer a free tool that greatly simplifies on-boarding to cloud services<br />
    9. 9. Solution: Microsoft Federation Gateway<br />Federation hub brokers access for Cloud services: <br />Microsoft cloud applications<br />Developers using Azure Services Platform<br />Other businesses using the Gateway<br />Manage one relationship to connect to any service<br />
    10. 10. Free download for quick and easy setup<br />Connects Active Directory to the Gateway and cloud services and applications <br />Protects corporate account security<br />Solution: Microsoft Services Connector<br />
    11. 11. Enterprise Software And Service Topology<br />Cloud<br />ISV Apps<br />Enterprise<br />Apps<br />Microsoft Online<br />Windows Live<br />Azure Services Platform<br />Microsoft Dynamics CRM Online<br />Live<br />Mesh<br />Microsoft Federation Gateway<br />Live Identity Service<br />Microsoft <br />Services<br />Connector<br />Enterprise On-Premises<br />Browser<br />Active<br />Directory<br />Office<br />Desktop<br />ISV Apps<br />SharePoint<br />Exchange<br />Apps<br />
    12. 12. Microsoft Services Connector<br /><ul><li>Gurbinder
    13. 13. Microsoft Partner</li></ul>demo <br />
    14. 14. Registers the enterprise’s domain, sign-in endpoint, and a token signing key<br />Enterprise asserts domain ownership via an SSL cert issued by a trusted CA <br />Ongoing management is automatic<br />What Happened: Setup<br />Microsoft Cloud<br />Microsoft Federation Gateway<br />Microsoft <br />Services<br />Connector<br />Enterprise<br />Applications<br />Developer Services<br />Active<br />Directory<br />Server Apps<br />
    15. 15. What Happened: Accessing Services<br />User clicks link for service<br /><ul><li>Connector validates credentials with Active Directory
    16. 16. Connector issues a login token and redirects to Microsoft Federation Gateway
    17. 17. Federation Gateway validates token and transforms claims
    18. 18. Federation Gateway issues service token and redirects to requested service
    19. 19. User accesses service
    20. 20. User taken to Microsoft Services Connector for authentication</li></ul>Browser<br />Office<br />Desktop<br />Apps<br />Microsoft Cloud<br />Microsoft Federation Gateway<br />Microsoft <br />Services<br />Connector<br />Enterprise<br />Applications<br />Developer Services<br />Active<br />Directory<br />Server Apps<br />
    21. 21. Drill Down: Microsoft Federation Gateway<br />Businesses federate once to connect to any service<br />Services federate once to connect to any business<br />Hub and spoke model abstracts complexity:<br />Endpoint changes, key rollovers, protocol changes, etc. <br />
    22. 22. Drill Down: Microsoft Federation Gateway <br />For businesses:<br />Microsoft Services Connector, “Geneva” <br />Works for businesses without AD<br />Protocols: WS-*, SAML<br />Tokens: SAML<br /><ul><li>For relying services:
    23. 23. Frameworks: .NET, “Geneva”, Live
    24. 24. Messaging: WS-*, SAML , Live
    25. 25. Tokens: SAML, Live</li></li></ul><li>Supports range of network infrastructures:<br />Single server, server farm, proxy server<br />Active Directory: single domain, single forest, multiple forests<br />Automates Complex Management Tasks<br />Drill Down: Microsoft Services Connector<br />
    26. 26. Drill Down: Microsoft Services Connector<br />Flexible and customizable end user experience<br />Architecture consistent with “Geneva” <br />Microsoft has an internal deployment<br />
    27. 27. Businesses adding services to their existing IT infrastructure<br />Identity must be an enabler<br />Solution is available today <br />Why Are We Here?<br />
    28. 28. Microsoft Services Connector<br />Preview available today: www.microsoft.com/servicesconnector<br />Beta in early 2009<br />Microsoft Federation Gateway<br />Released, available today<br />Whitepaper<br />On-boarding documentation<br />We want your feedback! <br />Forum<br />How You Get It<br />
    29. 29. © 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.<br />The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.<br />

    ×