SlideShare a Scribd company logo

Supporting architecture for office 365 spo

Download as PPTX, PDF
Jethro Seghers
Jethro Seghers
1 of 38
1. MS Online IDs 2. MS Online IDs + Dir Sync 3. Federated IDs + Dir Sync Appropriate for Appropriate for Appropriate for • Smaller organizations without • Orgs with AD on-premise • Larger enterprise organizations AD on-premise with AD on-premise Pros Pros • Users and groups mastered on- Pros • No servers required on- premise • SSO with corporate cred premise • Enables co-existence scenarios • Users and groups mastered on- premise Cons • Password policy controlled on- Cons • No SSO premise • No SSO • No 2FA • 2FA solutions possible • No 2FA (strong authentication) • 2 sets of credentials to manage • Enables co-existence scenarios • 2 sets of credentials to with differing password policies manage with differing • Single server deployment Cons password policies • High availability server • Users and groups mastered in deployments required the cloud
Microsoft Office 365 Services Bronze Sky customer premises Trust Federation Exchange Gateway Online Active Directory Authentication Federation Server platform SharePoint 2.0 IdP Online IdP MS Online Directory Provisioning Sync Directory Lync AD platform Store Online Service connector Admin Portal
Federated vs. Non-Federated Summary Office 2010, or Office ActiveSync, POP, Outlook Outlook Outlook 2007 or Outlook Web 2007 SP2 IMAP, Entourage 2010 2007 2010 Application SharePoint Online Win 7 Win 7 Vista/XP Win 7/Vista/XP MS Online IDs Online ID Online ID Online ID Online ID Online ID Online ID Federated IDs, domain joined AD credentials
DirSync Active Directory METAVERSE
Identity Co-Existence
Application Co-Existence
Application Co-Existence
lD85BkxzEE2NilRewNm0CQ==
Authentication flow (passive profile) Customer Microsoft Office 365 Active Directory AD FS 2.0 Server Federation Gateway ` Client Exchange Online (joined to CorpNet)
Authentication flow (active profile) Customer Microsoft Office 365 Active Directory AD FS 2.0 Server Federation Gateway ` Client Exchange Online (joined to CorpNet)
AD FS 2.0 deployment options Active Directory AD FS 2.0 AD FS 2.0 AD FS 2.0 Server Server Server Proxy AD FS 2.0 Server Proxy Internal user Enterprise DMZ
Active Directory AD FS 2.0 AD FS 2.0 AD FS 2.0 Server Server Server Proxy AD FS 2.0 Server Proxy Internal user Enterprise DMZ
Active Active Directory Directory AD FS 2.0 AD FS 2.0 AD FS 2.0 AD FS 2.0 Server Server Server Server Internal External user Enterprise user IAAS
Active Active Directory Directory AD FS 2.0 AD FS 2.0 Server Server Internal External user Enterprise user IAAS
Active Directory AD FS 2.0 AD FS 2.0 AD FS 2.0 Server Server Server LB ENDPOINT IP SEC GATEWAY AD FS 2.0 DEVICE Server CLOUD SERVICE Enterprise Windows Azure
Active Directory AD FS 2.0 AD FS 2.0 Server Server Internal External IAAS user
W.A.A.D. Already used in:
W.A.A.D. W.A.A.D. W.A.A.D.
Supporting architecture for office 365 spo
Supporting architecture for office 365 spo

Recommended

Office 365 identity
Office 365 identityOffice 365 identity
Office 365 identityMotty Ben Atia
 
Office 365 Identity Management options
Office 365 Identity Management options Office 365 Identity Management options
Office 365 Identity Management options Microsoft TechNet - Belgium and Luxembourg
 
Troubleshooting Federation, ADFS, and More
Troubleshooting Federation, ADFS, and More Troubleshooting Federation, ADFS, and More
Troubleshooting Federation, ADFS, and More Microsoft TechNet - Belgium and Luxembourg
 
Deploying Exchange 2013 in Hybrid Mode
Deploying Exchange 2013 in Hybrid ModeDeploying Exchange 2013 in Hybrid Mode
Deploying Exchange 2013 in Hybrid ModeMicrosoft TechNet - Belgium and Luxembourg
 
Adfs azure
Adfs azureAdfs azure
Adfs azureJethro Seghers
 
Adfs Shib Interop Um Oxford
Adfs Shib Interop Um OxfordAdfs Shib Interop Um Oxford
Adfs Shib Interop Um Oxfordguestd9aa5
 
Ad fs
Ad fsAd fs
Ad fsIván Sanchez Vera
 
Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13Gus Fraser
 

Recommended

Office 365 identity
Office 365 identityOffice 365 identity
Office 365 identityMotty Ben Atia
 
Office 365 Identity Management options
Office 365 Identity Management options Office 365 Identity Management options
Office 365 Identity Management options Microsoft TechNet - Belgium and Luxembourg
 
Troubleshooting Federation, ADFS, and More
Troubleshooting Federation, ADFS, and More Troubleshooting Federation, ADFS, and More
Troubleshooting Federation, ADFS, and More Microsoft TechNet - Belgium and Luxembourg
 
Deploying Exchange 2013 in Hybrid Mode
Deploying Exchange 2013 in Hybrid ModeDeploying Exchange 2013 in Hybrid Mode
Deploying Exchange 2013 in Hybrid ModeMicrosoft TechNet - Belgium and Luxembourg
 
Adfs azure
Adfs azureAdfs azure
Adfs azureJethro Seghers
 
Adfs Shib Interop Um Oxford
Adfs Shib Interop Um OxfordAdfs Shib Interop Um Oxford
Adfs Shib Interop Um Oxfordguestd9aa5
 
Ad fs
Ad fsAd fs
Ad fsIván Sanchez Vera
 
Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13Gus Fraser
 
Azure Active Directory - An Introduction for Developers
Azure Active Directory - An Introduction for DevelopersAzure Active Directory - An Introduction for Developers
Azure Active Directory - An Introduction for DevelopersJohn Garland
 
Leveraging SharePoint for Extranets
Leveraging SharePoint for ExtranetsLeveraging SharePoint for Extranets
Leveraging SharePoint for ExtranetsAvtex
 
2. Day 2 - Identify and SSO
2. Day 2 - Identify and SSO2. Day 2 - Identify and SSO
2. Day 2 - Identify and SSOHuy Pham
 
The Who, What, Why and How of Active Directory Federation Services (AD FS)
The Who, What, Why and How of Active Directory Federation Services (AD FS)The Who, What, Why and How of Active Directory Federation Services (AD FS)
The Who, What, Why and How of Active Directory Federation Services (AD FS)Jay Simcox
 
Directory Synchronization Single Sign-On in Office 365
Directory Synchronization Single Sign-On in Office 365Directory Synchronization Single Sign-On in Office 365
Directory Synchronization Single Sign-On in Office 365InnoTech
 
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...Brian Culver
 
Office 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsOffice 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsamitchachra
 
AD FS Workshop | Part 1 | Quick Overview
AD FS Workshop | Part 1 | Quick OverviewAD FS Workshop | Part 1 | Quick Overview
AD FS Workshop | Part 1 | Quick OverviewGranikos GmbH & Co. KG
 
How to deploy SharePoint 2010 to external users?
How to deploy SharePoint 2010 to external users?How to deploy SharePoint 2010 to external users?
How to deploy SharePoint 2010 to external users?rlsoft
 
HAD05: Collaborating with Extranet Partners on SharePoint 2010
HAD05: Collaborating with Extranet Partners on SharePoint 2010HAD05: Collaborating with Extranet Partners on SharePoint 2010
HAD05: Collaborating with Extranet Partners on SharePoint 2010Michael Noel
 
IdP, SAML, OAuth
IdP, SAML, OAuthIdP, SAML, OAuth
IdP, SAML, OAuthDan Brinkmann
 
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365Microsoft TechNet - Belgium and Luxembourg
 
Create a Uniform Login Experience with a Centralized Cloud Authentication Sys...
Create a Uniform Login Experience with a Centralized Cloud Authentication Sys...Create a Uniform Login Experience with a Centralized Cloud Authentication Sys...
Create a Uniform Login Experience with a Centralized Cloud Authentication Sys...Xamarin
 
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...Brian Culver
 
Building business applications using business connectivity services using sha...
Building business applications using business connectivity services using sha...Building business applications using business connectivity services using sha...
Building business applications using business connectivity services using sha...Chakkaradeep Chandran
 
Extending SharePoint 2010 to your customers and partners
Extending SharePoint 2010 to your customers and partnersExtending SharePoint 2010 to your customers and partners
Extending SharePoint 2010 to your customers and partnersCorey Roth
 
Identity and o365 on Azure
Identity and o365 on AzureIdentity and o365 on Azure
Identity and o365 on AzureMostafa
 
Preparing for Office 365
Preparing for Office 365Preparing for Office 365
Preparing for Office 365Jan Egil Ring
 
Saml vs Oauth : Which one should I use?
Saml vs Oauth : Which one should I use?Saml vs Oauth : Which one should I use?
Saml vs Oauth : Which one should I use?Anil Saldanha
 
The bits and pieces of Azure AD B2C
The bits and pieces of Azure AD B2CThe bits and pieces of Azure AD B2C
The bits and pieces of Azure AD B2CAnton Staykov
 
Office 365 Saturday Europe - Yammer, Office 365, SharePoint (yOS) : hybrid ar...
Office 365 Saturday Europe - Yammer, Office 365, SharePoint (yOS) : hybrid ar...Office 365 Saturday Europe - Yammer, Office 365, SharePoint (yOS) : hybrid ar...
Office 365 Saturday Europe - Yammer, Office 365, SharePoint (yOS) : hybrid ar...Patrick Guimonet
 
13-11-2016 - Microsoft Office 365 Solution at BarcampSaigon 2016.
13-11-2016 - Microsoft Office 365 Solution at BarcampSaigon 2016.13-11-2016 - Microsoft Office 365 Solution at BarcampSaigon 2016.
13-11-2016 - Microsoft Office 365 Solution at BarcampSaigon 2016.NamPhmHoi1
 

More Related Content

What's hot

Azure Active Directory - An Introduction for Developers
Azure Active Directory - An Introduction for DevelopersAzure Active Directory - An Introduction for Developers
Azure Active Directory - An Introduction for DevelopersJohn Garland
 
Leveraging SharePoint for Extranets
Leveraging SharePoint for ExtranetsLeveraging SharePoint for Extranets
Leveraging SharePoint for ExtranetsAvtex
 
2. Day 2 - Identify and SSO
2. Day 2 - Identify and SSO2. Day 2 - Identify and SSO
2. Day 2 - Identify and SSOHuy Pham
 
The Who, What, Why and How of Active Directory Federation Services (AD FS)
The Who, What, Why and How of Active Directory Federation Services (AD FS)The Who, What, Why and How of Active Directory Federation Services (AD FS)
The Who, What, Why and How of Active Directory Federation Services (AD FS)Jay Simcox
 
Directory Synchronization Single Sign-On in Office 365
Directory Synchronization Single Sign-On in Office 365Directory Synchronization Single Sign-On in Office 365
Directory Synchronization Single Sign-On in Office 365InnoTech
 
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...Brian Culver
 
Office 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsOffice 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsamitchachra
 
AD FS Workshop | Part 1 | Quick Overview
AD FS Workshop | Part 1 | Quick OverviewAD FS Workshop | Part 1 | Quick Overview
AD FS Workshop | Part 1 | Quick OverviewGranikos GmbH & Co. KG
 
How to deploy SharePoint 2010 to external users?
How to deploy SharePoint 2010 to external users?How to deploy SharePoint 2010 to external users?
How to deploy SharePoint 2010 to external users?rlsoft
 
HAD05: Collaborating with Extranet Partners on SharePoint 2010
HAD05: Collaborating with Extranet Partners on SharePoint 2010HAD05: Collaborating with Extranet Partners on SharePoint 2010
HAD05: Collaborating with Extranet Partners on SharePoint 2010Michael Noel
 
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365Microsoft TechNet - Belgium and Luxembourg
 
Create a Uniform Login Experience with a Centralized Cloud Authentication Sys...
Create a Uniform Login Experience with a Centralized Cloud Authentication Sys...Create a Uniform Login Experience with a Centralized Cloud Authentication Sys...
Create a Uniform Login Experience with a Centralized Cloud Authentication Sys...Xamarin
 
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...Brian Culver
 
Building business applications using business connectivity services using sha...
Building business applications using business connectivity services using sha...Building business applications using business connectivity services using sha...
Building business applications using business connectivity services using sha...Chakkaradeep Chandran
 
Extending SharePoint 2010 to your customers and partners
Extending SharePoint 2010 to your customers and partnersExtending SharePoint 2010 to your customers and partners
Extending SharePoint 2010 to your customers and partnersCorey Roth
 
Identity and o365 on Azure
Identity and o365 on AzureIdentity and o365 on Azure
Identity and o365 on AzureMostafa
 
Preparing for Office 365
Preparing for Office 365Preparing for Office 365
Preparing for Office 365Jan Egil Ring
 
Saml vs Oauth : Which one should I use?
Saml vs Oauth : Which one should I use?Saml vs Oauth : Which one should I use?
Saml vs Oauth : Which one should I use?Anil Saldanha
 
The bits and pieces of Azure AD B2C
The bits and pieces of Azure AD B2CThe bits and pieces of Azure AD B2C
The bits and pieces of Azure AD B2CAnton Staykov
 

What's hot (20)

Azure Active Directory - An Introduction for Developers
Azure Active Directory - An Introduction for DevelopersAzure Active Directory - An Introduction for Developers
Azure Active Directory - An Introduction for Developers
 
Leveraging SharePoint for Extranets
Leveraging SharePoint for ExtranetsLeveraging SharePoint for Extranets
Leveraging SharePoint for Extranets
 
2. Day 2 - Identify and SSO
2. Day 2 - Identify and SSO2. Day 2 - Identify and SSO
2. Day 2 - Identify and SSO
 
The Who, What, Why and How of Active Directory Federation Services (AD FS)
The Who, What, Why and How of Active Directory Federation Services (AD FS)The Who, What, Why and How of Active Directory Federation Services (AD FS)
The Who, What, Why and How of Active Directory Federation Services (AD FS)
 
Directory Synchronization Single Sign-On in Office 365
Directory Synchronization Single Sign-On in Office 365Directory Synchronization Single Sign-On in Office 365
Directory Synchronization Single Sign-On in Office 365
 
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...
 
Office 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsOffice 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfs
 
AD FS Workshop | Part 1 | Quick Overview
AD FS Workshop | Part 1 | Quick OverviewAD FS Workshop | Part 1 | Quick Overview
AD FS Workshop | Part 1 | Quick Overview
 
How to deploy SharePoint 2010 to external users?
How to deploy SharePoint 2010 to external users?How to deploy SharePoint 2010 to external users?
How to deploy SharePoint 2010 to external users?
 
HAD05: Collaborating with Extranet Partners on SharePoint 2010
HAD05: Collaborating with Extranet Partners on SharePoint 2010HAD05: Collaborating with Extranet Partners on SharePoint 2010
HAD05: Collaborating with Extranet Partners on SharePoint 2010
 
IdP, SAML, OAuth
IdP, SAML, OAuthIdP, SAML, OAuth
IdP, SAML, OAuth
 
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365
 
Create a Uniform Login Experience with a Centralized Cloud Authentication Sys...
Create a Uniform Login Experience with a Centralized Cloud Authentication Sys...Create a Uniform Login Experience with a Centralized Cloud Authentication Sys...
Create a Uniform Login Experience with a Centralized Cloud Authentication Sys...
 
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
 
Building business applications using business connectivity services using sha...
Building business applications using business connectivity services using sha...Building business applications using business connectivity services using sha...
Building business applications using business connectivity services using sha...
 
Extending SharePoint 2010 to your customers and partners
Extending SharePoint 2010 to your customers and partnersExtending SharePoint 2010 to your customers and partners
Extending SharePoint 2010 to your customers and partners
 
Identity and o365 on Azure
Identity and o365 on AzureIdentity and o365 on Azure
Identity and o365 on Azure
 
Preparing for Office 365
Preparing for Office 365Preparing for Office 365
Preparing for Office 365
 
Saml vs Oauth : Which one should I use?
Saml vs Oauth : Which one should I use?Saml vs Oauth : Which one should I use?
Saml vs Oauth : Which one should I use?
 
The bits and pieces of Azure AD B2C
The bits and pieces of Azure AD B2CThe bits and pieces of Azure AD B2C
The bits and pieces of Azure AD B2C
 

Viewers also liked

Office 365 Saturday Europe - Yammer, Office 365, SharePoint (yOS) : hybrid ar...
Office 365 Saturday Europe - Yammer, Office 365, SharePoint (yOS) : hybrid ar...Office 365 Saturday Europe - Yammer, Office 365, SharePoint (yOS) : hybrid ar...
Office 365 Saturday Europe - Yammer, Office 365, SharePoint (yOS) : hybrid ar...Patrick Guimonet
 
13-11-2016 - Microsoft Office 365 Solution at BarcampSaigon 2016.
13-11-2016 - Microsoft Office 365 Solution at BarcampSaigon 2016.13-11-2016 - Microsoft Office 365 Solution at BarcampSaigon 2016.
13-11-2016 - Microsoft Office 365 Solution at BarcampSaigon 2016.NamPhmHoi1
 
SharePoint Information Architecture Best Practices
SharePoint Information Architecture Best PracticesSharePoint Information Architecture Best Practices
SharePoint Information Architecture Best PracticesStephanie Lemieux
 
SharePoint 5000 Item List view Threshold Checklist and Best Practices
SharePoint 5000 Item List view Threshold Checklist and Best PracticesSharePoint 5000 Item List view Threshold Checklist and Best Practices
SharePoint 5000 Item List view Threshold Checklist and Best PracticesGregory Zelfond
 
Designing a great SharePoint Online intranet in Office 365
Designing a great SharePoint Online intranet in Office 365Designing a great SharePoint Online intranet in Office 365
Designing a great SharePoint Online intranet in Office 365Danny Burlage
 
Introduction to SharePoint Information Architecture
Introduction to SharePoint Information ArchitectureIntroduction to SharePoint Information Architecture
Introduction to SharePoint Information ArchitectureGregory Zelfond
 

Viewers also liked (6)

Office 365 Saturday Europe - Yammer, Office 365, SharePoint (yOS) : hybrid ar...
Office 365 Saturday Europe - Yammer, Office 365, SharePoint (yOS) : hybrid ar...Office 365 Saturday Europe - Yammer, Office 365, SharePoint (yOS) : hybrid ar...
Office 365 Saturday Europe - Yammer, Office 365, SharePoint (yOS) : hybrid ar...
 
13-11-2016 - Microsoft Office 365 Solution at BarcampSaigon 2016.
13-11-2016 - Microsoft Office 365 Solution at BarcampSaigon 2016.13-11-2016 - Microsoft Office 365 Solution at BarcampSaigon 2016.
13-11-2016 - Microsoft Office 365 Solution at BarcampSaigon 2016.
 
SharePoint Information Architecture Best Practices
SharePoint Information Architecture Best PracticesSharePoint Information Architecture Best Practices
SharePoint Information Architecture Best Practices
 
SharePoint 5000 Item List view Threshold Checklist and Best Practices
SharePoint 5000 Item List view Threshold Checklist and Best PracticesSharePoint 5000 Item List view Threshold Checklist and Best Practices
SharePoint 5000 Item List view Threshold Checklist and Best Practices
 
Designing a great SharePoint Online intranet in Office 365
Designing a great SharePoint Online intranet in Office 365Designing a great SharePoint Online intranet in Office 365
Designing a great SharePoint Online intranet in Office 365
 
Introduction to SharePoint Information Architecture
Introduction to SharePoint Information ArchitectureIntroduction to SharePoint Information Architecture
Introduction to SharePoint Information Architecture
 

Similar to Supporting architecture for office 365 spo

Office 365: Planning and Automating for Hybrid Identity Scenarios in the Clou...
Office 365: Planning and Automating for Hybrid Identity Scenarios in the Clou...Office 365: Planning and Automating for Hybrid Identity Scenarios in the Clou...
Office 365: Planning and Automating for Hybrid Identity Scenarios in the Clou...Microsoft TechNet - Belgium and Luxembourg
 
Office 365 for IT Pros - SPS Michigan 2012
Office 365 for IT Pros - SPS Michigan 2012Office 365 for IT Pros - SPS Michigan 2012
Office 365 for IT Pros - SPS Michigan 2012John Ferringer
 
Office 365 in a hybrid world
Office 365 in a hybrid worldOffice 365 in a hybrid world
Office 365 in a hybrid worldatwork
 
Tutorial: SharePoint 2013 Admin in the Hybrid World by Jason Himmelstein - SP...
Tutorial: SharePoint 2013 Admin in the Hybrid World by Jason Himmelstein - SP...Tutorial: SharePoint 2013 Admin in the Hybrid World by Jason Himmelstein - SP...
Tutorial: SharePoint 2013 Admin in the Hybrid World by Jason Himmelstein - SP...SPTechCon
 
Understanding Office 365’s Identity Solutions: Deep Dive - EPC Group
Understanding Office 365’s Identity Solutions: Deep Dive - EPC GroupUnderstanding Office 365’s Identity Solutions: Deep Dive - EPC Group
Understanding Office 365’s Identity Solutions: Deep Dive - EPC GroupEPC Group
 
Sql Server 2012 Reporting-Services is Now a SharePoint Service Application
Sql Server 2012 Reporting-Services is Now a SharePoint Service ApplicationSql Server 2012 Reporting-Services is Now a SharePoint Service Application
Sql Server 2012 Reporting-Services is Now a SharePoint Service ApplicationInnoTech
 
SharePoint 2010 Training Session 1
SharePoint 2010 Training Session 1SharePoint 2010 Training Session 1
SharePoint 2010 Training Session 1Usman Zafar Malik
 
Kerberos: The Four Letter Word
Kerberos: The Four Letter WordKerberos: The Four Letter Word
Kerberos: The Four Letter WordKenneth Maglio
 
SPS- Share Point 2010 and Windows Azure
SPS- Share Point 2010 and Windows AzureSPS- Share Point 2010 and Windows Azure
SPS- Share Point 2010 and Windows AzureShakir Majeed Khan
 
Integration SharePoint 2010 with CRM 2010 by Mai Omar Desouki
Integration SharePoint 2010 with CRM 2010 by Mai Omar DesoukiIntegration SharePoint 2010 with CRM 2010 by Mai Omar Desouki
Integration SharePoint 2010 with CRM 2010 by Mai Omar DesoukiMai Omar Desouki
 
What‘s new in Office 365
What‘s new in Office 365What‘s new in Office 365
What‘s new in Office 365SPC Adriatics
 
EPC Group - Comparing SharePoint 2010 Versions and Functionallity - SharePoin...
EPC Group - Comparing SharePoint 2010 Versions and Functionallity - SharePoin...EPC Group - Comparing SharePoint 2010 Versions and Functionallity - SharePoin...
EPC Group - Comparing SharePoint 2010 Versions and Functionallity - SharePoin...EPC Group
 
Collaborating with Extranet Partners on SharePoint 2010 - SharePoint Connecti...
Collaborating with Extranet Partners on SharePoint 2010 - SharePoint Connecti...Collaborating with Extranet Partners on SharePoint 2010 - SharePoint Connecti...
Collaborating with Extranet Partners on SharePoint 2010 - SharePoint Connecti...Michael Noel
 
What’s new in windows server 2012
What’s new in windows server 2012What’s new in windows server 2012
What’s new in windows server 2012Alex de Jong
 
Microsoft Best Practices - AWS India Summit 2012
Microsoft Best Practices - AWS India Summit 2012Microsoft Best Practices - AWS India Summit 2012
Microsoft Best Practices - AWS India Summit 2012Amazon Web Services
 

Similar to Supporting architecture for office 365 spo (20)

Office 365: Planning and Automating for Hybrid Identity Scenarios in the Clou...
Office 365: Planning and Automating for Hybrid Identity Scenarios in the Clou...Office 365: Planning and Automating for Hybrid Identity Scenarios in the Clou...
Office 365: Planning and Automating for Hybrid Identity Scenarios in the Clou...
 
Office 365 for IT Pros - SPS Michigan 2012
Office 365 for IT Pros - SPS Michigan 2012Office 365 for IT Pros - SPS Michigan 2012
Office 365 for IT Pros - SPS Michigan 2012
 
Office 365 in a hybrid world
Office 365 in a hybrid worldOffice 365 in a hybrid world
Office 365 in a hybrid world
 
Tutorial: SharePoint 2013 Admin in the Hybrid World by Jason Himmelstein - SP...
Tutorial: SharePoint 2013 Admin in the Hybrid World by Jason Himmelstein - SP...Tutorial: SharePoint 2013 Admin in the Hybrid World by Jason Himmelstein - SP...
Tutorial: SharePoint 2013 Admin in the Hybrid World by Jason Himmelstein - SP...
 
Office 365: Do’s and Don’ts, Lessons learned from the field
Office 365: Do’s and Don’ts, Lessons learned from the fieldOffice 365: Do’s and Don’ts, Lessons learned from the field
Office 365: Do’s and Don’ts, Lessons learned from the field
 
Understanding Office 365’s Identity Solutions: Deep Dive - EPC Group
Understanding Office 365’s Identity Solutions: Deep Dive - EPC GroupUnderstanding Office 365’s Identity Solutions: Deep Dive - EPC Group
Understanding Office 365’s Identity Solutions: Deep Dive - EPC Group
 
Sql Server 2012 Reporting-Services is Now a SharePoint Service Application
Sql Server 2012 Reporting-Services is Now a SharePoint Service ApplicationSql Server 2012 Reporting-Services is Now a SharePoint Service Application
Sql Server 2012 Reporting-Services is Now a SharePoint Service Application
 
SharePoint 2010 Training Session 1
SharePoint 2010 Training Session 1SharePoint 2010 Training Session 1
SharePoint 2010 Training Session 1
 
Lotus Notes to SharePoint Migration
Lotus Notes to SharePoint MigrationLotus Notes to SharePoint Migration
Lotus Notes to SharePoint Migration
 
Kerberos: The Four Letter Word
Kerberos: The Four Letter WordKerberos: The Four Letter Word
Kerberos: The Four Letter Word
 
SPS- Share Point 2010 and Windows Azure
SPS- Share Point 2010 and Windows AzureSPS- Share Point 2010 and Windows Azure
SPS- Share Point 2010 and Windows Azure
 
Integration SharePoint 2010 with CRM 2010 by Mai Omar Desouki
Integration SharePoint 2010 with CRM 2010 by Mai Omar DesoukiIntegration SharePoint 2010 with CRM 2010 by Mai Omar Desouki
Integration SharePoint 2010 with CRM 2010 by Mai Omar Desouki
 
What‘s new in Office 365
What‘s new in Office 365What‘s new in Office 365
What‘s new in Office 365
 
EPC Group - Comparing SharePoint 2010 Versions and Functionallity - SharePoin...
EPC Group - Comparing SharePoint 2010 Versions and Functionallity - SharePoin...EPC Group - Comparing SharePoint 2010 Versions and Functionallity - SharePoin...
EPC Group - Comparing SharePoint 2010 Versions and Functionallity - SharePoin...
 
Blaze Ds Slides
Blaze Ds SlidesBlaze Ds Slides
Blaze Ds Slides
 
Server 2008 R2 Yeniliklər
Server 2008 R2 YeniliklərServer 2008 R2 Yeniliklər
Server 2008 R2 Yeniliklər
 
Collaborating with Extranet Partners on SharePoint 2010 - SharePoint Connecti...
Collaborating with Extranet Partners on SharePoint 2010 - SharePoint Connecti...Collaborating with Extranet Partners on SharePoint 2010 - SharePoint Connecti...
Collaborating with Extranet Partners on SharePoint 2010 - SharePoint Connecti...
 
What’s new in windows server 2012
What’s new in windows server 2012What’s new in windows server 2012
What’s new in windows server 2012
 
Office 2010 Programming
Office 2010 ProgrammingOffice 2010 Programming
Office 2010 Programming
 
Microsoft Best Practices - AWS India Summit 2012
Microsoft Best Practices - AWS India Summit 2012Microsoft Best Practices - AWS India Summit 2012
Microsoft Best Practices - AWS India Summit 2012
 

More from Jethro Seghers

Protect your online with IRMS
Protect your online with IRMSProtect your online with IRMS
Protect your online with IRMSJethro Seghers
 
SharePoint 2013 in a hybrid world
SharePoint 2013 in a hybrid worldSharePoint 2013 in a hybrid world
SharePoint 2013 in a hybrid worldJethro Seghers
 
Share point 2013 in a hybrid world
Share point 2013 in a hybrid worldShare point 2013 in a hybrid world
Share point 2013 in a hybrid worldJethro Seghers
 
Preparing for an Exchange 2013 Hybrid
Preparing for an Exchange 2013 HybridPreparing for an Exchange 2013 Hybrid
Preparing for an Exchange 2013 HybridJethro Seghers
 
Exchange Data Loss Prevention in Exchange 2013 - Exchange Online
Exchange Data Loss Prevention in Exchange 2013 - Exchange OnlineExchange Data Loss Prevention in Exchange 2013 - Exchange Online
Exchange Data Loss Prevention in Exchange 2013 - Exchange OnlineJethro Seghers
 
SPEDUC: SharePoint on Premises vs Online for Education
SPEDUC: SharePoint on Premises vs Online for EducationSPEDUC: SharePoint on Premises vs Online for Education
SPEDUC: SharePoint on Premises vs Online for EducationJethro Seghers
 
Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure Jethro Seghers
 
Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure Jethro Seghers
 
SharePoint 2013 in a hybrid world
SharePoint 2013 in a hybrid worldSharePoint 2013 in a hybrid world
SharePoint 2013 in a hybrid worldJethro Seghers
 

More from Jethro Seghers (10)

Protect your online with IRMS
Protect your online with IRMSProtect your online with IRMS
Protect your online with IRMS
 
SharePoint 2013 in a hybrid world
SharePoint 2013 in a hybrid worldSharePoint 2013 in a hybrid world
SharePoint 2013 in a hybrid world
 
Office365 BI
Office365 BIOffice365 BI
Office365 BI
 
Share point 2013 in a hybrid world
Share point 2013 in a hybrid worldShare point 2013 in a hybrid world
Share point 2013 in a hybrid world
 
Preparing for an Exchange 2013 Hybrid
Preparing for an Exchange 2013 HybridPreparing for an Exchange 2013 Hybrid
Preparing for an Exchange 2013 Hybrid
 
Exchange Data Loss Prevention in Exchange 2013 - Exchange Online
Exchange Data Loss Prevention in Exchange 2013 - Exchange OnlineExchange Data Loss Prevention in Exchange 2013 - Exchange Online
Exchange Data Loss Prevention in Exchange 2013 - Exchange Online
 
SPEDUC: SharePoint on Premises vs Online for Education
SPEDUC: SharePoint on Premises vs Online for EducationSPEDUC: SharePoint on Premises vs Online for Education
SPEDUC: SharePoint on Premises vs Online for Education
 
Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure
 
Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure
 
SharePoint 2013 in a hybrid world
SharePoint 2013 in a hybrid worldSharePoint 2013 in a hybrid world
SharePoint 2013 in a hybrid world
 

Supporting architecture for office 365 spo

  • 1.
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8. 1. MS Online IDs 2. MS Online IDs + Dir Sync 3. Federated IDs + Dir Sync Appropriate for Appropriate for Appropriate for • Smaller organizations without • Orgs with AD on-premise • Larger enterprise organizations AD on-premise with AD on-premise Pros Pros • Users and groups mastered on- Pros • No servers required on- premise • SSO with corporate cred premise • Enables co-existence scenarios • Users and groups mastered on- premise Cons • Password policy controlled on- Cons • No SSO premise • No SSO • No 2FA • 2FA solutions possible • No 2FA (strong authentication) • 2 sets of credentials to manage • Enables co-existence scenarios • 2 sets of credentials to with differing password policies manage with differing • Single server deployment Cons password policies • High availability server • Users and groups mastered in deployments required the cloud
  • 9. Microsoft Office 365 Services Bronze Sky customer premises Trust Federation Exchange Gateway Online Active Directory Authentication Federation Server platform SharePoint 2.0 IdP Online IdP MS Online Directory Provisioning Sync Directory Lync AD platform Store Online Service connector Admin Portal
  • 10. Federated vs. Non-Federated Summary Office 2010, or Office ActiveSync, POP, Outlook Outlook Outlook 2007 or Outlook Web 2007 SP2 IMAP, Entourage 2010 2007 2010 Application SharePoint Online Win 7 Win 7 Vista/XP Win 7/Vista/XP MS Online IDs Online ID Online ID Online ID Online ID Online ID Online ID Federated IDs, domain joined AD credentials
  • 11.
  • 12.
  • 14.
  • 15.
  • 19.
  • 21.
  • 22.
  • 23. Authentication flow (passive profile) Customer Microsoft Office 365 Active Directory AD FS 2.0 Server Federation Gateway ` Client Exchange Online (joined to CorpNet)
  • 24. Authentication flow (active profile) Customer Microsoft Office 365 Active Directory AD FS 2.0 Server Federation Gateway ` Client Exchange Online (joined to CorpNet)
  • 25. AD FS 2.0 deployment options Active Directory AD FS 2.0 AD FS 2.0 AD FS 2.0 Server Server Server Proxy AD FS 2.0 Server Proxy Internal user Enterprise DMZ
  • 26. Active Directory AD FS 2.0 AD FS 2.0 AD FS 2.0 Server Server Server Proxy AD FS 2.0 Server Proxy Internal user Enterprise DMZ
  • 27. Active Active Directory Directory AD FS 2.0 AD FS 2.0 AD FS 2.0 AD FS 2.0 Server Server Server Server Internal External user Enterprise user IAAS
  • 28. Active Active Directory Directory AD FS 2.0 AD FS 2.0 Server Server Internal External user Enterprise user IAAS
  • 29. Active Directory AD FS 2.0 AD FS 2.0 AD FS 2.0 Server Server Server LB ENDPOINT IP SEC GATEWAY AD FS 2.0 DEVICE Server CLOUD SERVICE Enterprise Windows Azure
  • 30. Active Directory AD FS 2.0 AD FS 2.0 Server Server Internal External IAAS user
  • 31.
  • 32.
  • 33.
  • 34.

Editor's Notes

  1. Note: Passwords are NOT synced. If you want to use your on-premise passwords in Office 365/Azure, you will have to deploy ADFS.Future release of DirSync might support Password Synchronization** Functionality nor a release date have been confirmed by Microsoft. As far as I understood, this sync will not really sync the password, but it will rather use the password’s hash
  2. http://social.technet.microsoft.com/wiki/contents/articles/3286.ad-fs-2-0-how-to-use-fiddler-web-debugger-to-analyze-a-ws-federation-passive-sign-in.aspx