SlideShare a Scribd company logo

Collaborating with Extranet Partners Using SharePoint 2010

Download as PPTX, PDF
Michael Noel
Michael Noel
Technology
1 of 42
Collaborating with Extranet Partners Using SharePoint 2010 Michael Noel @MichaelTNoel
Michael Noel • Author of SAMS Publishing titles “SharePoint 2010 Unleashed,” “SharePoint 2007 Unleashed,” “SharePoint 2003 Unleashed”, “Teach Yourself SharePoint 2003 in 10 Minutes,” “Windows Server 2008 R2 Unleashed,” “Exchange Server 2010 Unleashed”, “ISA Server 2006 Unleashed”, and many other titles . • Partner at Convergent Computing (www.cco.com / +1(510)444-5700) – San Francisco Bay Area based Infrastructure/Security specialists for SharePoint, AD, Exchange, Security
What we’ll cover • Why an Extranet? • SharePoint 2010 Extranets • Extranet Architecture Options • Claims-based Authentication • Forefront Unified Access Gateway (UAG) for extranets • Forefront Identity Manager for Identity Management in an Extranet
Why an Extranet?
Why an Extranet? • Security Isolation – Isolation of Data – Less Exposure, Perimeter Network Scenarios • Partner Collaboration – Share SP Content with External Partners – Control Partner Accounts Anonymous Customer Scenarios are not Extranets
SharePoint 2010 Extranets • Claims-based Authentication Support • Multiple Authentication Providers • Better Scalability (Services Architecture) – Goodbye SSP! – Server Groups – Services Applications • Multiple Authentication Types per Web Application
Sample Extranet Architecture
Design around Security Requirements • Scenario 1: Extranet and Internal Users in Single Farm – 1A: Single Web App / Single Site Collection – 1B: Single Web App / Separate Site Collections – 1C: Multiple Web Apps / Content DBs Less Security – 1D: Separate App Pool / Service App Group • Scenario 2: Extranet and Internal Users in Single Farm / Separate Trusted Forests • Scenario 3: Extranet and Internal Users in Multiple Farms / One- Way Trust • Scenario 4: Extranet an Internal Users in Separate Farms / Claims- based Auth for Internal Access to Extranet More Security • Scenario 5: Extranet an Internal Users in Separate Farms / No Access for Internal Accounts to Extranet • Scenario 6: Separate Farms / AD FS Federation for Extranet Auth
Extranet Scenario 1: Extranet and Internal Users in Single Farm 1A: Single Web App / Single Site Collection 1B: Single Web App / Separate Site Collections 1C: Multiple Web Apps / Content DBs 1D: Separate App Pool / Service App Group
Extranet Scenario 2: Extranet and Internal Users in Single Farm / Separate Trusted Forests
Extranet Scenario 3: Extranet and Internal Users in Multiple Farms and Perimeter Network / One-Way Trust
Extranet Scenario 4: Extranet an Internal Users in Separate Farms / Claims-based Auth Provider for Internal Auth to Extranet
Extranet Scenario 5: Extranet an Internal Users in Separate Farms / No Access for Internal Accounts to Extranet
Extranet Scenario 6: Separate Farms / AD FS Federation for Extranet Auth
Extranet Notes
One-Way Trust Scenarios • People Picker needs to be configured to crawl domain if it doesn’t trust the domain where the SharePoint farm is installed. • Only with STSADM (Rare exception when you can’t use PowerShell) • Example Syntax: – stsadm.exe -o setapppassword -password AnyPassw0rd – stsadm.exe -o setproperty -pn peoplepicker-searchadforests -pv "domain:companyabc.com,COMPANYABCsvc_sppplpick,Password1;domain:e xtranetabc.com" -url https://extranet.companyabc.com – stsadm.exe -o setproperty -pn peoplepicker-searchadforests -pv "domain:companyabc.com,COMPANYABCsvc_sppplpick,Password1;domain:e xtranetabc.com" -url https://spcaext.companyabc.com • Syntax is critical • Run against all web apps
Design for Clientless Access to SharePoint • Services Applications for Extranet Clients: – Word Services – Excel Services – Visio Services – Access Services – InfoPath Forms Services • Allows ‘Clientless’ access to SharePoint content, for Extranet partners without Office
Standard Requirements Apply to Extranets as well • SharePoint-aware Antivirus – i.e. Forefront Protection for SharePoint • SharePoint-aware Backup and Restore – i.e. System Center Data Protection Manager (DPM) 2010 • Rights Management? – Active Directory Rights Management Services (AD RMS)
Content Deployment with Extranets
Claims-based Authentication
Claims-Based Auth • SharePoint doesn’t actually Authenticate Users, it relies on IIS or other providers • SharePoint 2010 Allows for Classic and Claims-based Auth Scenarios • Classic Authentication is similar to SharePoint 2007 • Claims based Auth adds the following key benefits: – Allows for Multiple Authentication Types per Web Application Zone – Removes SharePoint from the Authentication Provider – Allows for federation between organizations (AD FS, etc.) scenarios – Does not require Kerberos Delegation • Current limitations with Claims-based auth involve SQL Reporting Services, PowerPivot, PerformancePoint, and other SQL tools that require delegation. These appear to be fixed in SQL 2012. • Remember the difference between Authentication and Authorization…
Classic vs. Claims-based Auth Classic-mode Claims-based Type authentication authentication Windows NTLM Kerberos Yes Yes Anonymous Basic Digest Forms-based authentication LDAP SQL database or other database No Yes Custom or third-party membership and role providers SAML token-based authentication AD FS 2.0 No Yes Third-party identity provider LDAP
Mixed-Mode vs. Multi-Authentication
Example: Partner Environment with Multiple Auth Types on single W.A.
Forefront Unified Access Gateway
UAG Architecture Data Center / Corporate Network Exchange CRM Mobile SharePoint IIS based IBM, SAP, Oracle Home / Friend / Kiosk Layer3 VPN Terminal / Remote HTTPS (443) Internet Desktop Services DirectAccess Non web Business Partners / AD, ADFS, Sub-Contractors RADIUS, LDAP…. NPS, ILM Employees Managed Machines
What about TMG? (New ISA) Capability TMG 2010 UAG 2010 Publish Web applications using HTTPS X X Publish internal mobile applications to roaming mobile devices X X Layer 3 firewall X X* Outbound scenarios support X X* Array support X Globalization and administration console localization X Wizards and predefined settings to publish SharePoint sites and Exchange X X Wizards and predefined settings to publish various applications X Active Directory Federation Services (ADFS) support X Rich authentication (for example, one-time password, forms-based, smart card) X X Application protection (Web application firewall) Basic Full Endpoint health detection X Information leakage prevention X Granular access policy X Unified Portal X
Forefront Identity Manager
Identity and Access Management Secure Messaging Secure Collaboration Secure Endpoint Information Protection Identity and Access Management Active Directory Federation Services ®
Manage SharePoint Identities • Create Multiple Authentication Providers for SharePoint Farms – AD DS Forests (Extranet forests) – AD LDS Authentication Providers – SQL Table (FBA) Authentication Sources – LDAP Providers – Etc… • Keep those Authentication Providers Managed
Identity Management User provisioning for SharePoint and other Applications • Policy-based identity lifecycle management system • Built-in workflow for identity management • Automatically synchronize all user information to different directories across the enterprise • Automates the process of on-boarding users Active Directory Extranet Forest Workflow User Enrollment Test Forest FIM HR System FBA Table Approval LOB User provisioned on all allowed systems App Manager VPN
Identity Management User de-provisioning • Automated user de-provisioning • Built-in workflow for identity management • Real-time de-provisioning from all systems to prevent unauthorized access and information leakage Active Directory Extranet Forest Workflow User de-provisioned Test Forest FIM HR System FBA Table LOB User de-provisioned or disabled on all systems App VPN
Identity Synchronization and Consistency Identity synchronization across multiple directories Attribute HR givenName Samantha Ownership System sn Dearing FIM title mail FirstName employeeID 007 LastName telephone EmployeeID GivenName givenName Samantha sn Dearing title Coordinator Internal givenName Samara mail someone@example.com AD sn title Darling Coordinator employeeID 007 telephone 555-0129 mail Title employeeID 007 telephone Identity Extranet Data givenName Sam AD sn Dearing title Intern E-Mail mail employeeID someone@example.com 007 Aggregation telephone LDAP givenName Sammy sn Dearling title mail Telephone employeeID 008 telephone 555-0129
Identity Synchronization and Consistency Identity consistency across multiple directories Attribute HR givenName Samantha Ownership System sn Dearing FIM title mail FirstName employeeID 007 LastName telephone EmployeeID givenName Samantha Bob sn Dearing title Coordinator Internal givenName Samara mail someone@example.com someone@example.com AD sn title Darling Coordinator employeeID 007 telephone 555-0129 mail Title employeeID 007 telephone Identity Extranet Data givenName Sam AD sn title Dearing Intern E-Mail mail employeeID someone@example.com 007 Brokering telephone (Convergence) LDAP givenName Sammy sn Dearling title mail Telephone employeeID 007 telephone 555-0129
Customizable Identity Portal SharePoint-based Identity Portal for Management and Self Service How you extend it Add your own portal pages or web parts Build new custom solutions Expose new attributes to manage by extending FIM schema Choose SharePoint theme to customize look and feel
Strong Authentication—Certificate Authority • Streamline deployment by enrolling user and computer certificates without user intervention • Simplify certificate and SmartCard management using Forefront Identity Manager (FIM) • Can be used to automate Certificate management for dual factor auth approaches to SharePoint logins End User SmartCard User is validated using multi- FIM policy triggers request for factor authentication FIM CM to issue certificate or Certificate is issued to user and SmartCard written to either machine or smart card FIM CM End User SmartCard FIM HR System FIM Certificate Management (CM) requests certificate User ID and User Enrollment and AD CS creation from Authentication request sent by Password HR System Active Directory Certificate Services (AD CS)
FIM for Extranet Forest Mgmt • Internal AD DS Forest • DMZ Extranet AD DS Forest • FIM Auto-provisions certain user accounts in Extranet forest and keeps Passwords in Sync to allow Internal users to access/collaborate with Partners • FIM allows Self-Service Portal Access for Extranet user accounts in the partner forest • Two-factor Auth scenarios, to automate provisioning of user accounts AND certificates to systems
FIM for Role Based Access Control • FIM is central to RBAC Strategy • Can auto-add users to Groups based on RBAC Criteria • HR Defines a user’s access based on their role • FIM auto-adds that user to specific Role Groups in AD DS, which are tied to SharePoint Groups that have the rights that that role group requires. User1 Role SharePoint Group Group User2
Session Summary • Understand the Extranet Design Options for 2010 • Keep Extranet Accounts out of local AD • Determine how Identities will be Managed • Use FIM for Identity Management, Self-Service, and Provisioning/Deprovisioning of Extranet Accounts • Use UAG to secure inbound access to extranets/intranets
Your Feedback is Important Please fill out a session evaluation form drop it off at the conference registration desk. Thank you!
Michael Noel Twitter: @MichaelTNoel www.cco.com Slides: slideshare.net/michaeltnoel

Recommended

Leveraging SharePoint for Extranets
Leveraging SharePoint for ExtranetsLeveraging SharePoint for Extranets
Leveraging SharePoint for ExtranetsAvtex
 
SharePoint 2010 anywhere access uag vs dmz
SharePoint 2010 anywhere access uag vs dmz SharePoint 2010 anywhere access uag vs dmz
SharePoint 2010 anywhere access uag vs dmz Kjell-Sverre Jerijærvi
 
Deploying an Extranet on SharePoint
Deploying an Extranet on SharePointDeploying an Extranet on SharePoint
Deploying an Extranet on SharePointAlan Marshall
 
Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13Gus Fraser
 
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...Brian Culver
 
How to deploy SharePoint 2010 to external users?
How to deploy SharePoint 2010 to external users?How to deploy SharePoint 2010 to external users?
How to deploy SharePoint 2010 to external users?rlsoft
 
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...Brian Culver
 
Troubleshooting Federation, ADFS, and More
Troubleshooting Federation, ADFS, and More Troubleshooting Federation, ADFS, and More
Troubleshooting Federation, ADFS, and More Microsoft TechNet - Belgium and Luxembourg
 

Recommended

Leveraging SharePoint for Extranets
Leveraging SharePoint for ExtranetsLeveraging SharePoint for Extranets
Leveraging SharePoint for ExtranetsAvtex
 
SharePoint 2010 anywhere access uag vs dmz
SharePoint 2010 anywhere access uag vs dmz SharePoint 2010 anywhere access uag vs dmz
SharePoint 2010 anywhere access uag vs dmz Kjell-Sverre Jerijærvi
 
Deploying an Extranet on SharePoint
Deploying an Extranet on SharePointDeploying an Extranet on SharePoint
Deploying an Extranet on SharePointAlan Marshall
 
Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13Gus Fraser
 
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...Brian Culver
 
How to deploy SharePoint 2010 to external users?
How to deploy SharePoint 2010 to external users?How to deploy SharePoint 2010 to external users?
How to deploy SharePoint 2010 to external users?rlsoft
 
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...Brian Culver
 
Troubleshooting Federation, ADFS, and More
Troubleshooting Federation, ADFS, and More Troubleshooting Federation, ADFS, and More
Troubleshooting Federation, ADFS, and More Microsoft TechNet - Belgium and Luxembourg
 
SEASPC 2011 - Collaborating with Extranet Partners on SharePoint 2010
SEASPC 2011 - Collaborating with Extranet Partners on SharePoint 2010 SEASPC 2011 - Collaborating with Extranet Partners on SharePoint 2010
SEASPC 2011 - Collaborating with Extranet Partners on SharePoint 2010 Michael Noel
 
SharePoint Saturday The Conference 2011 - Extranets & Claims Authentication
SharePoint Saturday The Conference 2011 - Extranets & Claims AuthenticationSharePoint Saturday The Conference 2011 - Extranets & Claims Authentication
SharePoint Saturday The Conference 2011 - Extranets & Claims AuthenticationBrian Culver
 
TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010
TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010
TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010Michael Noel
 
Pricing and Revenue Projection in a Cloud-Centric World
Pricing and Revenue Projection in a Cloud-Centric WorldPricing and Revenue Projection in a Cloud-Centric World
Pricing and Revenue Projection in a Cloud-Centric WorldMichele Leroux Bustamante
 
Citrix Day 2012: ShareFile
Citrix Day 2012: ShareFileCitrix Day 2012: ShareFile
Citrix Day 2012: ShareFileDigicomp Academy AG
 
A Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise ApplicationsA Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise ApplicationsSafeNet
 
CIS13: Introduction to OAuth 2.0
CIS13: Introduction to OAuth 2.0CIS13: Introduction to OAuth 2.0
CIS13: Introduction to OAuth 2.0CloudIDSummit
 
"Oracle Insight for Investors" Educational Webcast - Oracle Fusion Middleware
"Oracle Insight for Investors" Educational Webcast - Oracle Fusion Middleware"Oracle Insight for Investors" Educational Webcast - Oracle Fusion Middleware
"Oracle Insight for Investors" Educational Webcast - Oracle Fusion Middlewareinvestorrelation
 
Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103Brian Culver
 
Adfs azure
Adfs azureAdfs azure
Adfs azureJethro Seghers
 
Office 365: Planning and Automating for Hybrid Identity Scenarios in the Clou...
Office 365: Planning and Automating for Hybrid Identity Scenarios in the Clou...Office 365: Planning and Automating for Hybrid Identity Scenarios in the Clou...
Office 365: Planning and Automating for Hybrid Identity Scenarios in the Clou...Microsoft TechNet - Belgium and Luxembourg
 
Workshop: Advanced Federation Use-Cases with PingFederate
Workshop: Advanced Federation Use-Cases with PingFederateWorkshop: Advanced Federation Use-Cases with PingFederate
Workshop: Advanced Federation Use-Cases with PingFederateCraig Wu
 
Introducing DirectReader
Introducing DirectReaderIntroducing DirectReader
Introducing DirectReaderDirectReader
 
Extending SharePoint 2010 to your customers and partners
Extending SharePoint 2010 to your customers and partnersExtending SharePoint 2010 to your customers and partners
Extending SharePoint 2010 to your customers and partnersCorey Roth
 
APIC/DataPower security
APIC/DataPower securityAPIC/DataPower security
APIC/DataPower securityShiu-Fun Poon
 
Claims Based Authentication A Beginners Guide
Claims Based Authentication A Beginners GuideClaims Based Authentication A Beginners Guide
Claims Based Authentication A Beginners GuidePhuong Nguyen
 
SSO Strategy Implementation Considerations
SSO Strategy Implementation ConsiderationsSSO Strategy Implementation Considerations
SSO Strategy Implementation ConsiderationsJohn Bauer
 
P hallam baker_keynote
P hallam baker_keynoteP hallam baker_keynote
P hallam baker_keynoteshindeshekhar
 
Compliance and Governance Through Complex Entitlement Management
Compliance and Governance Through Complex Entitlement ManagementCompliance and Governance Through Complex Entitlement Management
Compliance and Governance Through Complex Entitlement ManagementNoam Bunder
 
Understanding Claim based Authentication
Understanding Claim based AuthenticationUnderstanding Claim based Authentication
Understanding Claim based AuthenticationMohammad Yousri
 
HAD05: Collaborating with Extranet Partners on SharePoint 2010
HAD05: Collaborating with Extranet Partners on SharePoint 2010HAD05: Collaborating with Extranet Partners on SharePoint 2010
HAD05: Collaborating with Extranet Partners on SharePoint 2010Michael Noel
 
Planning Extranet Environments with SharePoint 2010
Planning Extranet Environments with SharePoint 2010Planning Extranet Environments with SharePoint 2010
Planning Extranet Environments with SharePoint 2010Michael Noel
 

More Related Content

What's hot

SEASPC 2011 - Collaborating with Extranet Partners on SharePoint 2010
SEASPC 2011 - Collaborating with Extranet Partners on SharePoint 2010 SEASPC 2011 - Collaborating with Extranet Partners on SharePoint 2010
SEASPC 2011 - Collaborating with Extranet Partners on SharePoint 2010 Michael Noel
 
SharePoint Saturday The Conference 2011 - Extranets & Claims Authentication
SharePoint Saturday The Conference 2011 - Extranets & Claims AuthenticationSharePoint Saturday The Conference 2011 - Extranets & Claims Authentication
SharePoint Saturday The Conference 2011 - Extranets & Claims AuthenticationBrian Culver
 
TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010
TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010
TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010Michael Noel
 
Pricing and Revenue Projection in a Cloud-Centric World
Pricing and Revenue Projection in a Cloud-Centric WorldPricing and Revenue Projection in a Cloud-Centric World
Pricing and Revenue Projection in a Cloud-Centric WorldMichele Leroux Bustamante
 
A Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise ApplicationsA Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise ApplicationsSafeNet
 
CIS13: Introduction to OAuth 2.0
CIS13: Introduction to OAuth 2.0CIS13: Introduction to OAuth 2.0
CIS13: Introduction to OAuth 2.0CloudIDSummit
 
"Oracle Insight for Investors" Educational Webcast - Oracle Fusion Middleware
"Oracle Insight for Investors" Educational Webcast - Oracle Fusion Middleware"Oracle Insight for Investors" Educational Webcast - Oracle Fusion Middleware
"Oracle Insight for Investors" Educational Webcast - Oracle Fusion Middlewareinvestorrelation
 
Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103Brian Culver
 
Office 365: Planning and Automating for Hybrid Identity Scenarios in the Clou...
Office 365: Planning and Automating for Hybrid Identity Scenarios in the Clou...Office 365: Planning and Automating for Hybrid Identity Scenarios in the Clou...
Office 365: Planning and Automating for Hybrid Identity Scenarios in the Clou...Microsoft TechNet - Belgium and Luxembourg
 
Workshop: Advanced Federation Use-Cases with PingFederate
Workshop: Advanced Federation Use-Cases with PingFederateWorkshop: Advanced Federation Use-Cases with PingFederate
Workshop: Advanced Federation Use-Cases with PingFederateCraig Wu
 
Introducing DirectReader
Introducing DirectReaderIntroducing DirectReader
Introducing DirectReaderDirectReader
 
Extending SharePoint 2010 to your customers and partners
Extending SharePoint 2010 to your customers and partnersExtending SharePoint 2010 to your customers and partners
Extending SharePoint 2010 to your customers and partnersCorey Roth
 
APIC/DataPower security
APIC/DataPower securityAPIC/DataPower security
APIC/DataPower securityShiu-Fun Poon
 
Claims Based Authentication A Beginners Guide
Claims Based Authentication A Beginners GuideClaims Based Authentication A Beginners Guide
Claims Based Authentication A Beginners GuidePhuong Nguyen
 
SSO Strategy Implementation Considerations
SSO Strategy Implementation ConsiderationsSSO Strategy Implementation Considerations
SSO Strategy Implementation ConsiderationsJohn Bauer
 
P hallam baker_keynote
P hallam baker_keynoteP hallam baker_keynote
P hallam baker_keynoteshindeshekhar
 
Compliance and Governance Through Complex Entitlement Management
Compliance and Governance Through Complex Entitlement ManagementCompliance and Governance Through Complex Entitlement Management
Compliance and Governance Through Complex Entitlement ManagementNoam Bunder
 
Understanding Claim based Authentication
Understanding Claim based AuthenticationUnderstanding Claim based Authentication
Understanding Claim based AuthenticationMohammad Yousri
 

What's hot (20)

SEASPC 2011 - Collaborating with Extranet Partners on SharePoint 2010
SEASPC 2011 - Collaborating with Extranet Partners on SharePoint 2010 SEASPC 2011 - Collaborating with Extranet Partners on SharePoint 2010
SEASPC 2011 - Collaborating with Extranet Partners on SharePoint 2010
 
SharePoint Saturday The Conference 2011 - Extranets & Claims Authentication
SharePoint Saturday The Conference 2011 - Extranets & Claims AuthenticationSharePoint Saturday The Conference 2011 - Extranets & Claims Authentication
SharePoint Saturday The Conference 2011 - Extranets & Claims Authentication
 
TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010
TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010
TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010
 
Pricing and Revenue Projection in a Cloud-Centric World
Pricing and Revenue Projection in a Cloud-Centric WorldPricing and Revenue Projection in a Cloud-Centric World
Pricing and Revenue Projection in a Cloud-Centric World
 
Citrix Day 2012: ShareFile
Citrix Day 2012: ShareFileCitrix Day 2012: ShareFile
Citrix Day 2012: ShareFile
 
A Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise ApplicationsA Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise Applications
 
CIS13: Introduction to OAuth 2.0
CIS13: Introduction to OAuth 2.0CIS13: Introduction to OAuth 2.0
CIS13: Introduction to OAuth 2.0
 
"Oracle Insight for Investors" Educational Webcast - Oracle Fusion Middleware
"Oracle Insight for Investors" Educational Webcast - Oracle Fusion Middleware"Oracle Insight for Investors" Educational Webcast - Oracle Fusion Middleware
"Oracle Insight for Investors" Educational Webcast - Oracle Fusion Middleware
 
Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103
 
Adfs azure
Adfs azureAdfs azure
Adfs azure
 
Office 365: Planning and Automating for Hybrid Identity Scenarios in the Clou...
Office 365: Planning and Automating for Hybrid Identity Scenarios in the Clou...Office 365: Planning and Automating for Hybrid Identity Scenarios in the Clou...
Office 365: Planning and Automating for Hybrid Identity Scenarios in the Clou...
 
Workshop: Advanced Federation Use-Cases with PingFederate
Workshop: Advanced Federation Use-Cases with PingFederateWorkshop: Advanced Federation Use-Cases with PingFederate
Workshop: Advanced Federation Use-Cases with PingFederate
 
Introducing DirectReader
Introducing DirectReaderIntroducing DirectReader
Introducing DirectReader
 
Extending SharePoint 2010 to your customers and partners
Extending SharePoint 2010 to your customers and partnersExtending SharePoint 2010 to your customers and partners
Extending SharePoint 2010 to your customers and partners
 
APIC/DataPower security
APIC/DataPower securityAPIC/DataPower security
APIC/DataPower security
 
Claims Based Authentication A Beginners Guide
Claims Based Authentication A Beginners GuideClaims Based Authentication A Beginners Guide
Claims Based Authentication A Beginners Guide
 
SSO Strategy Implementation Considerations
SSO Strategy Implementation ConsiderationsSSO Strategy Implementation Considerations
SSO Strategy Implementation Considerations
 
P hallam baker_keynote
P hallam baker_keynoteP hallam baker_keynote
P hallam baker_keynote
 
Compliance and Governance Through Complex Entitlement Management
Compliance and Governance Through Complex Entitlement ManagementCompliance and Governance Through Complex Entitlement Management
Compliance and Governance Through Complex Entitlement Management
 
Understanding Claim based Authentication
Understanding Claim based AuthenticationUnderstanding Claim based Authentication
Understanding Claim based Authentication
 

Similar to Collaborating with Extranet Partners Using SharePoint 2010

HAD05: Collaborating with Extranet Partners on SharePoint 2010
HAD05: Collaborating with Extranet Partners on SharePoint 2010HAD05: Collaborating with Extranet Partners on SharePoint 2010
HAD05: Collaborating with Extranet Partners on SharePoint 2010Michael Noel
 
Planning Extranet Environments with SharePoint 2010
Planning Extranet Environments with SharePoint 2010Planning Extranet Environments with SharePoint 2010
Planning Extranet Environments with SharePoint 2010Michael Noel
 
Planning and Configuring Extranets in SharePoint 2010 by Geoff Varosky - SPTe...
Planning and Configuring Extranets in SharePoint 2010 by Geoff Varosky - SPTe...Planning and Configuring Extranets in SharePoint 2010 by Geoff Varosky - SPTe...
Planning and Configuring Extranets in SharePoint 2010 by Geoff Varosky - SPTe...SPTechCon
 
Planning and Configuring Extranets in SharePoint 2010
Planning and Configuring Extranets in SharePoint 2010Planning and Configuring Extranets in SharePoint 2010
Planning and Configuring Extranets in SharePoint 2010Geoff Varosky
 
A great api is hard to find
A great api is hard to findA great api is hard to find
A great api is hard to findDan Diephouse
 
Citrix Day 2014: ShareFile Enterprise
Citrix Day 2014: ShareFile EnterpriseCitrix Day 2014: ShareFile Enterprise
Citrix Day 2014: ShareFile EnterpriseDigicomp Academy AG
 
Hitachi ID Identity and Access Management Suite
Hitachi ID Identity and Access Management SuiteHitachi ID Identity and Access Management Suite
Hitachi ID Identity and Access Management SuiteHitachi ID Systems, Inc.
 
“Secure Portal” or WebSphere Portal – Security with Everything
“Secure Portal” or WebSphere Portal – Security with Everything“Secure Portal” or WebSphere Portal – Security with Everything
“Secure Portal” or WebSphere Portal – Security with EverythingDave Hay
 
Deploy, Scale and Manage your Microsoft Investments with AWS
Deploy, Scale and Manage your Microsoft Investments with AWSDeploy, Scale and Manage your Microsoft Investments with AWS
Deploy, Scale and Manage your Microsoft Investments with AWSAmazon Web Services
 
Building and packaging highly scalable services for maximum market penetratio...
Building and packaging highly scalable services for maximum market penetratio...Building and packaging highly scalable services for maximum market penetratio...
Building and packaging highly scalable services for maximum market penetratio...Ontico
 
Design a share point 2013 architecture – the basics
Design a share point 2013 architecture – the basicsDesign a share point 2013 architecture – the basics
Design a share point 2013 architecture – the basicsAlexander Meijers
 
Common DataPower use cases, incl Caching with XC-10 appliance.
Common DataPower use cases, incl Caching with XC-10 appliance.Common DataPower use cases, incl Caching with XC-10 appliance.
Common DataPower use cases, incl Caching with XC-10 appliance.sflynn073
 
SwiftKnowledge Multitenancy
SwiftKnowledge MultitenancySwiftKnowledge Multitenancy
SwiftKnowledge MultitenancyPivotLogix
 
Getting SharePoint 2010 Deployment Right final
Getting SharePoint 2010 Deployment Right finalGetting SharePoint 2010 Deployment Right final
Getting SharePoint 2010 Deployment Right finalvmaximiuk
 
VMworld 2013: Enhancing Workplace Mobility and BYOD with the VMware Mobile Se...
VMworld 2013: Enhancing Workplace Mobility and BYOD with the VMware Mobile Se...VMworld 2013: Enhancing Workplace Mobility and BYOD with the VMware Mobile Se...
VMworld 2013: Enhancing Workplace Mobility and BYOD with the VMware Mobile Se...VMworld
 
Security in the Cloud
Security in the CloudSecurity in the Cloud
Security in the CloudWSO2
 
sharepoint.microsoft.com
sharepoint.microsoft.comsharepoint.microsoft.com
sharepoint.microsoft.comwebhostingguy
 
IBM MobileFirst Reference Architecture 1512 v3 2015
IBM MobileFirst Reference Architecture 1512 v3 2015IBM MobileFirst Reference Architecture 1512 v3 2015
IBM MobileFirst Reference Architecture 1512 v3 2015Sreeni Pamidala
 

Similar to Collaborating with Extranet Partners Using SharePoint 2010 (20)

HAD05: Collaborating with Extranet Partners on SharePoint 2010
HAD05: Collaborating with Extranet Partners on SharePoint 2010HAD05: Collaborating with Extranet Partners on SharePoint 2010
HAD05: Collaborating with Extranet Partners on SharePoint 2010
 
Planning Extranet Environments with SharePoint 2010
Planning Extranet Environments with SharePoint 2010Planning Extranet Environments with SharePoint 2010
Planning Extranet Environments with SharePoint 2010
 
Planning and Configuring Extranets in SharePoint 2010 by Geoff Varosky - SPTe...
Planning and Configuring Extranets in SharePoint 2010 by Geoff Varosky - SPTe...Planning and Configuring Extranets in SharePoint 2010 by Geoff Varosky - SPTe...
Planning and Configuring Extranets in SharePoint 2010 by Geoff Varosky - SPTe...
 
Planning and Configuring Extranets in SharePoint 2010
Planning and Configuring Extranets in SharePoint 2010Planning and Configuring Extranets in SharePoint 2010
Planning and Configuring Extranets in SharePoint 2010
 
A great api is hard to find
A great api is hard to findA great api is hard to find
A great api is hard to find
 
Citrix Day 2014: ShareFile Enterprise
Citrix Day 2014: ShareFile EnterpriseCitrix Day 2014: ShareFile Enterprise
Citrix Day 2014: ShareFile Enterprise
 
Hitachi ID Identity and Access Management Suite
Hitachi ID Identity and Access Management SuiteHitachi ID Identity and Access Management Suite
Hitachi ID Identity and Access Management Suite
 
“Secure Portal” or WebSphere Portal – Security with Everything
“Secure Portal” or WebSphere Portal – Security with Everything“Secure Portal” or WebSphere Portal – Security with Everything
“Secure Portal” or WebSphere Portal – Security with Everything
 
Deploy, Scale and Manage your Microsoft Investments with AWS
Deploy, Scale and Manage your Microsoft Investments with AWSDeploy, Scale and Manage your Microsoft Investments with AWS
Deploy, Scale and Manage your Microsoft Investments with AWS
 
Building and packaging highly scalable services for maximum market penetratio...
Building and packaging highly scalable services for maximum market penetratio...Building and packaging highly scalable services for maximum market penetratio...
Building and packaging highly scalable services for maximum market penetratio...
 
Design a share point 2013 architecture – the basics
Design a share point 2013 architecture – the basicsDesign a share point 2013 architecture – the basics
Design a share point 2013 architecture – the basics
 
Common DataPower use cases, incl Caching with XC-10 appliance.
Common DataPower use cases, incl Caching with XC-10 appliance.Common DataPower use cases, incl Caching with XC-10 appliance.
Common DataPower use cases, incl Caching with XC-10 appliance.
 
SwiftKnowledge Multitenancy
SwiftKnowledge MultitenancySwiftKnowledge Multitenancy
SwiftKnowledge Multitenancy
 
Getting SharePoint 2010 Deployment Right final
Getting SharePoint 2010 Deployment Right finalGetting SharePoint 2010 Deployment Right final
Getting SharePoint 2010 Deployment Right final
 
Managing Windows RT devices in the Enterprise
Managing Windows RT devices in the Enterprise Managing Windows RT devices in the Enterprise
Managing Windows RT devices in the Enterprise
 
VMworld 2013: Enhancing Workplace Mobility and BYOD with the VMware Mobile Se...
VMworld 2013: Enhancing Workplace Mobility and BYOD with the VMware Mobile Se...VMworld 2013: Enhancing Workplace Mobility and BYOD with the VMware Mobile Se...
VMworld 2013: Enhancing Workplace Mobility and BYOD with the VMware Mobile Se...
 
Security in the Cloud
Security in the CloudSecurity in the Cloud
Security in the Cloud
 
Security in the Cloud
Security in the CloudSecurity in the Cloud
Security in the Cloud
 
sharepoint.microsoft.com
sharepoint.microsoft.comsharepoint.microsoft.com
sharepoint.microsoft.com
 
IBM MobileFirst Reference Architecture 1512 v3 2015
IBM MobileFirst Reference Architecture 1512 v3 2015IBM MobileFirst Reference Architecture 1512 v3 2015
IBM MobileFirst Reference Architecture 1512 v3 2015
 

More from Michael Noel

AI is Hacking You - How Cybercriminals Leveral Artificial Intelligence - DWCN...
AI is Hacking You - How Cybercriminals Leveral Artificial Intelligence - DWCN...AI is Hacking You - How Cybercriminals Leveral Artificial Intelligence - DWCN...
AI is Hacking You - How Cybercriminals Leveral Artificial Intelligence - DWCN...Michael Noel
 
IT Insecurity - Understanding the Threat of Modern Cyberattacks - DWCNZ 2024
IT Insecurity - Understanding the Threat of Modern Cyberattacks - DWCNZ 2024IT Insecurity - Understanding the Threat of Modern Cyberattacks - DWCNZ 2024
IT Insecurity - Understanding the Threat of Modern Cyberattacks - DWCNZ 2024Michael Noel
 
Combatting Cyberthreats with Microsoft Defender 365 - CollabDays Finland 2023
Combatting Cyberthreats with Microsoft Defender 365 - CollabDays Finland 2023Combatting Cyberthreats with Microsoft Defender 365 - CollabDays Finland 2023
Combatting Cyberthreats with Microsoft Defender 365 - CollabDays Finland 2023Michael Noel
 
IT Insecurity - ST Digital Brazzaville
IT Insecurity - ST Digital BrazzavilleIT Insecurity - ST Digital Brazzaville
IT Insecurity - ST Digital BrazzavilleMichael Noel
 
Securing IT Against Modern Threats with Microsoft Cloud Tools - #EUCloudSummi...
Securing IT Against Modern Threats with Microsoft Cloud Tools - #EUCloudSummi...Securing IT Against Modern Threats with Microsoft Cloud Tools - #EUCloudSummi...
Securing IT Against Modern Threats with Microsoft Cloud Tools - #EUCloudSummi...Michael Noel
 
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...Michael Noel
 
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...Michael Noel
 
Understanding the Tools and Features of Office 365 : DWT Africa 2018
Understanding the Tools and Features of Office 365 : DWT Africa 2018Understanding the Tools and Features of Office 365 : DWT Africa 2018
Understanding the Tools and Features of Office 365 : DWT Africa 2018Michael Noel
 
SPS Lisbon 2018 - Azure AD Connect Technical Deep Dive
SPS Lisbon 2018 - Azure AD Connect Technical Deep DiveSPS Lisbon 2018 - Azure AD Connect Technical Deep Dive
SPS Lisbon 2018 - Azure AD Connect Technical Deep DiveMichael Noel
 
Azure Active Directory Connect: Technical Deep Dive - DWCAU 2018 Melbourne
Azure Active Directory Connect: Technical Deep Dive - DWCAU 2018 MelbourneAzure Active Directory Connect: Technical Deep Dive - DWCAU 2018 Melbourne
Azure Active Directory Connect: Technical Deep Dive - DWCAU 2018 MelbourneMichael Noel
 
Azure Active Directory Connect: Technical Deep Dive - EU Collab Summit 2018
Azure Active Directory Connect: Technical Deep Dive - EU Collab Summit 2018Azure Active Directory Connect: Technical Deep Dive - EU Collab Summit 2018
Azure Active Directory Connect: Technical Deep Dive - EU Collab Summit 2018Michael Noel
 
Breaking Down the Tools and Features in Office 365 - EU Collab Summit 2018
Breaking Down the Tools and Features in Office 365 - EU Collab Summit 2018Breaking Down the Tools and Features in Office 365 - EU Collab Summit 2018
Breaking Down the Tools and Features in Office 365 - EU Collab Summit 2018Michael Noel
 
Understanding the Tools and Features of Office 365 - New Zealand Digital Work...
Understanding the Tools and Features of Office 365 - New Zealand Digital Work...Understanding the Tools and Features of Office 365 - New Zealand Digital Work...
Understanding the Tools and Features of Office 365 - New Zealand Digital Work...Michael Noel
 
Office 365; A Detailed Analysis - SPS Kampala 2017
Office 365; A Detailed Analysis - SPS Kampala 2017Office 365; A Detailed Analysis - SPS Kampala 2017
Office 365; A Detailed Analysis - SPS Kampala 2017Michael Noel
 
Office 365; une Analyse Détaillée
Office 365; une Analyse Détaillée Office 365; une Analyse Détaillée
Office 365; une Analyse Détaillée Michael Noel
 
AUDWC 2016 - Using SQL Server 20146 AlwaysOn Availability Groups for SharePoi...
AUDWC 2016 - Using SQL Server 20146 AlwaysOn Availability Groups for SharePoi...AUDWC 2016 - Using SQL Server 20146 AlwaysOn Availability Groups for SharePoi...
AUDWC 2016 - Using SQL Server 20146 AlwaysOn Availability Groups for SharePoi...Michael Noel
 
Breaking Down and Understanding Office 365 - SPSJHB 2015
Breaking Down and Understanding Office 365 - SPSJHB 2015Breaking Down and Understanding Office 365 - SPSJHB 2015
Breaking Down and Understanding Office 365 - SPSJHB 2015Michael Noel
 
Understanding Office 365 Service Offerings - O365 Saturday Sydney 2015
Understanding Office 365 Service Offerings - O365 Saturday Sydney 2015Understanding Office 365 Service Offerings - O365 Saturday Sydney 2015
Understanding Office 365 Service Offerings - O365 Saturday Sydney 2015Michael Noel
 
Ultimate SharePoint Infrastructure Best Practises Session - Isle of Man Share...
Ultimate SharePoint Infrastructure Best Practises Session - Isle of Man Share...Ultimate SharePoint Infrastructure Best Practises Session - Isle of Man Share...
Ultimate SharePoint Infrastructure Best Practises Session - Isle of Man Share...Michael Noel
 
SQL 2014 AlwaysOn Availability Groups for SharePoint Farms - SPS Sydney 2014
SQL 2014 AlwaysOn Availability Groups for SharePoint Farms - SPS Sydney 2014SQL 2014 AlwaysOn Availability Groups for SharePoint Farms - SPS Sydney 2014
SQL 2014 AlwaysOn Availability Groups for SharePoint Farms - SPS Sydney 2014Michael Noel
 

More from Michael Noel (20)

AI is Hacking You - How Cybercriminals Leveral Artificial Intelligence - DWCN...
AI is Hacking You - How Cybercriminals Leveral Artificial Intelligence - DWCN...AI is Hacking You - How Cybercriminals Leveral Artificial Intelligence - DWCN...
AI is Hacking You - How Cybercriminals Leveral Artificial Intelligence - DWCN...
 
IT Insecurity - Understanding the Threat of Modern Cyberattacks - DWCNZ 2024
IT Insecurity - Understanding the Threat of Modern Cyberattacks - DWCNZ 2024IT Insecurity - Understanding the Threat of Modern Cyberattacks - DWCNZ 2024
IT Insecurity - Understanding the Threat of Modern Cyberattacks - DWCNZ 2024
 
Combatting Cyberthreats with Microsoft Defender 365 - CollabDays Finland 2023
Combatting Cyberthreats with Microsoft Defender 365 - CollabDays Finland 2023Combatting Cyberthreats with Microsoft Defender 365 - CollabDays Finland 2023
Combatting Cyberthreats with Microsoft Defender 365 - CollabDays Finland 2023
 
IT Insecurity - ST Digital Brazzaville
IT Insecurity - ST Digital BrazzavilleIT Insecurity - ST Digital Brazzaville
IT Insecurity - ST Digital Brazzaville
 
Securing IT Against Modern Threats with Microsoft Cloud Tools - #EUCloudSummi...
Securing IT Against Modern Threats with Microsoft Cloud Tools - #EUCloudSummi...Securing IT Against Modern Threats with Microsoft Cloud Tools - #EUCloudSummi...
Securing IT Against Modern Threats with Microsoft Cloud Tools - #EUCloudSummi...
 
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...
 
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
 
Understanding the Tools and Features of Office 365 : DWT Africa 2018
Understanding the Tools and Features of Office 365 : DWT Africa 2018Understanding the Tools and Features of Office 365 : DWT Africa 2018
Understanding the Tools and Features of Office 365 : DWT Africa 2018
 
SPS Lisbon 2018 - Azure AD Connect Technical Deep Dive
SPS Lisbon 2018 - Azure AD Connect Technical Deep DiveSPS Lisbon 2018 - Azure AD Connect Technical Deep Dive
SPS Lisbon 2018 - Azure AD Connect Technical Deep Dive
 
Azure Active Directory Connect: Technical Deep Dive - DWCAU 2018 Melbourne
Azure Active Directory Connect: Technical Deep Dive - DWCAU 2018 MelbourneAzure Active Directory Connect: Technical Deep Dive - DWCAU 2018 Melbourne
Azure Active Directory Connect: Technical Deep Dive - DWCAU 2018 Melbourne
 
Azure Active Directory Connect: Technical Deep Dive - EU Collab Summit 2018
Azure Active Directory Connect: Technical Deep Dive - EU Collab Summit 2018Azure Active Directory Connect: Technical Deep Dive - EU Collab Summit 2018
Azure Active Directory Connect: Technical Deep Dive - EU Collab Summit 2018
 
Breaking Down the Tools and Features in Office 365 - EU Collab Summit 2018
Breaking Down the Tools and Features in Office 365 - EU Collab Summit 2018Breaking Down the Tools and Features in Office 365 - EU Collab Summit 2018
Breaking Down the Tools and Features in Office 365 - EU Collab Summit 2018
 
Understanding the Tools and Features of Office 365 - New Zealand Digital Work...
Understanding the Tools and Features of Office 365 - New Zealand Digital Work...Understanding the Tools and Features of Office 365 - New Zealand Digital Work...
Understanding the Tools and Features of Office 365 - New Zealand Digital Work...
 
Office 365; A Detailed Analysis - SPS Kampala 2017
Office 365; A Detailed Analysis - SPS Kampala 2017Office 365; A Detailed Analysis - SPS Kampala 2017
Office 365; A Detailed Analysis - SPS Kampala 2017
 
Office 365; une Analyse Détaillée
Office 365; une Analyse Détaillée Office 365; une Analyse Détaillée
Office 365; une Analyse Détaillée
 
AUDWC 2016 - Using SQL Server 20146 AlwaysOn Availability Groups for SharePoi...
AUDWC 2016 - Using SQL Server 20146 AlwaysOn Availability Groups for SharePoi...AUDWC 2016 - Using SQL Server 20146 AlwaysOn Availability Groups for SharePoi...
AUDWC 2016 - Using SQL Server 20146 AlwaysOn Availability Groups for SharePoi...
 
Breaking Down and Understanding Office 365 - SPSJHB 2015
Breaking Down and Understanding Office 365 - SPSJHB 2015Breaking Down and Understanding Office 365 - SPSJHB 2015
Breaking Down and Understanding Office 365 - SPSJHB 2015
 
Understanding Office 365 Service Offerings - O365 Saturday Sydney 2015
Understanding Office 365 Service Offerings - O365 Saturday Sydney 2015Understanding Office 365 Service Offerings - O365 Saturday Sydney 2015
Understanding Office 365 Service Offerings - O365 Saturday Sydney 2015
 
Ultimate SharePoint Infrastructure Best Practises Session - Isle of Man Share...
Ultimate SharePoint Infrastructure Best Practises Session - Isle of Man Share...Ultimate SharePoint Infrastructure Best Practises Session - Isle of Man Share...
Ultimate SharePoint Infrastructure Best Practises Session - Isle of Man Share...
 
SQL 2014 AlwaysOn Availability Groups for SharePoint Farms - SPS Sydney 2014
SQL 2014 AlwaysOn Availability Groups for SharePoint Farms - SPS Sydney 2014SQL 2014 AlwaysOn Availability Groups for SharePoint Farms - SPS Sydney 2014
SQL 2014 AlwaysOn Availability Groups for SharePoint Farms - SPS Sydney 2014
 

Recently uploaded

Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Hyundai Motor Group
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 

Recently uploaded (20)

Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 

Collaborating with Extranet Partners Using SharePoint 2010

  • 1. Collaborating with Extranet Partners Using SharePoint 2010 Michael Noel @MichaelTNoel
  • 2. Michael Noel • Author of SAMS Publishing titles “SharePoint 2010 Unleashed,” “SharePoint 2007 Unleashed,” “SharePoint 2003 Unleashed”, “Teach Yourself SharePoint 2003 in 10 Minutes,” “Windows Server 2008 R2 Unleashed,” “Exchange Server 2010 Unleashed”, “ISA Server 2006 Unleashed”, and many other titles . • Partner at Convergent Computing (www.cco.com / +1(510)444-5700) – San Francisco Bay Area based Infrastructure/Security specialists for SharePoint, AD, Exchange, Security
  • 3. What we’ll cover • Why an Extranet? • SharePoint 2010 Extranets • Extranet Architecture Options • Claims-based Authentication • Forefront Unified Access Gateway (UAG) for extranets • Forefront Identity Manager for Identity Management in an Extranet
  • 5. Why an Extranet? • Security Isolation – Isolation of Data – Less Exposure, Perimeter Network Scenarios • Partner Collaboration – Share SP Content with External Partners – Control Partner Accounts Anonymous Customer Scenarios are not Extranets
  • 6. SharePoint 2010 Extranets • Claims-based Authentication Support • Multiple Authentication Providers • Better Scalability (Services Architecture) – Goodbye SSP! – Server Groups – Services Applications • Multiple Authentication Types per Web Application
  • 7. Sample Extranet Architecture
  • 8. Design around Security Requirements • Scenario 1: Extranet and Internal Users in Single Farm – 1A: Single Web App / Single Site Collection – 1B: Single Web App / Separate Site Collections – 1C: Multiple Web Apps / Content DBs Less Security – 1D: Separate App Pool / Service App Group • Scenario 2: Extranet and Internal Users in Single Farm / Separate Trusted Forests • Scenario 3: Extranet and Internal Users in Multiple Farms / One- Way Trust • Scenario 4: Extranet an Internal Users in Separate Farms / Claims- based Auth for Internal Access to Extranet More Security • Scenario 5: Extranet an Internal Users in Separate Farms / No Access for Internal Accounts to Extranet • Scenario 6: Separate Farms / AD FS Federation for Extranet Auth
  • 9. Extranet Scenario 1: Extranet and Internal Users in Single Farm 1A: Single Web App / Single Site Collection 1B: Single Web App / Separate Site Collections 1C: Multiple Web Apps / Content DBs 1D: Separate App Pool / Service App Group
  • 10. Extranet Scenario 2: Extranet and Internal Users in Single Farm / Separate Trusted Forests
  • 11. Extranet Scenario 3: Extranet and Internal Users in Multiple Farms and Perimeter Network / One-Way Trust
  • 12. Extranet Scenario 4: Extranet an Internal Users in Separate Farms / Claims-based Auth Provider for Internal Auth to Extranet
  • 13. Extranet Scenario 5: Extranet an Internal Users in Separate Farms / No Access for Internal Accounts to Extranet
  • 14. Extranet Scenario 6: Separate Farms / AD FS Federation for Extranet Auth
  • 16. One-Way Trust Scenarios • People Picker needs to be configured to crawl domain if it doesn’t trust the domain where the SharePoint farm is installed. • Only with STSADM (Rare exception when you can’t use PowerShell) • Example Syntax: – stsadm.exe -o setapppassword -password AnyPassw0rd – stsadm.exe -o setproperty -pn peoplepicker-searchadforests -pv "domain:companyabc.com,COMPANYABCsvc_sppplpick,Password1;domain:e xtranetabc.com" -url https://extranet.companyabc.com – stsadm.exe -o setproperty -pn peoplepicker-searchadforests -pv "domain:companyabc.com,COMPANYABCsvc_sppplpick,Password1;domain:e xtranetabc.com" -url https://spcaext.companyabc.com • Syntax is critical • Run against all web apps
  • 17. Design for Clientless Access to SharePoint • Services Applications for Extranet Clients: – Word Services – Excel Services – Visio Services – Access Services – InfoPath Forms Services • Allows ‘Clientless’ access to SharePoint content, for Extranet partners without Office
  • 18. Standard Requirements Apply to Extranets as well • SharePoint-aware Antivirus – i.e. Forefront Protection for SharePoint • SharePoint-aware Backup and Restore – i.e. System Center Data Protection Manager (DPM) 2010 • Rights Management? – Active Directory Rights Management Services (AD RMS)
  • 21. Claims-Based Auth • SharePoint doesn’t actually Authenticate Users, it relies on IIS or other providers • SharePoint 2010 Allows for Classic and Claims-based Auth Scenarios • Classic Authentication is similar to SharePoint 2007 • Claims based Auth adds the following key benefits: – Allows for Multiple Authentication Types per Web Application Zone – Removes SharePoint from the Authentication Provider – Allows for federation between organizations (AD FS, etc.) scenarios – Does not require Kerberos Delegation • Current limitations with Claims-based auth involve SQL Reporting Services, PowerPivot, PerformancePoint, and other SQL tools that require delegation. These appear to be fixed in SQL 2012. • Remember the difference between Authentication and Authorization…
  • 22. Classic vs. Claims-based Auth Classic-mode Claims-based Type authentication authentication Windows NTLM Kerberos Yes Yes Anonymous Basic Digest Forms-based authentication LDAP SQL database or other database No Yes Custom or third-party membership and role providers SAML token-based authentication AD FS 2.0 No Yes Third-party identity provider LDAP
  • 24. Example: Partner Environment with Multiple Auth Types on single W.A.
  • 26. UAG Architecture Data Center / Corporate Network Exchange CRM Mobile SharePoint IIS based IBM, SAP, Oracle Home / Friend / Kiosk Layer3 VPN Terminal / Remote HTTPS (443) Internet Desktop Services DirectAccess Non web Business Partners / AD, ADFS, Sub-Contractors RADIUS, LDAP…. NPS, ILM Employees Managed Machines
  • 27.
  • 28. What about TMG? (New ISA) Capability TMG 2010 UAG 2010 Publish Web applications using HTTPS X X Publish internal mobile applications to roaming mobile devices X X Layer 3 firewall X X* Outbound scenarios support X X* Array support X Globalization and administration console localization X Wizards and predefined settings to publish SharePoint sites and Exchange X X Wizards and predefined settings to publish various applications X Active Directory Federation Services (ADFS) support X Rich authentication (for example, one-time password, forms-based, smart card) X X Application protection (Web application firewall) Basic Full Endpoint health detection X Information leakage prevention X Granular access policy X Unified Portal X
  • 30. Identity and Access Management Secure Messaging Secure Collaboration Secure Endpoint Information Protection Identity and Access Management Active Directory Federation Services ®
  • 31. Manage SharePoint Identities • Create Multiple Authentication Providers for SharePoint Farms – AD DS Forests (Extranet forests) – AD LDS Authentication Providers – SQL Table (FBA) Authentication Sources – LDAP Providers – Etc… • Keep those Authentication Providers Managed
  • 32. Identity Management User provisioning for SharePoint and other Applications • Policy-based identity lifecycle management system • Built-in workflow for identity management • Automatically synchronize all user information to different directories across the enterprise • Automates the process of on-boarding users Active Directory Extranet Forest Workflow User Enrollment Test Forest FIM HR System FBA Table Approval LOB User provisioned on all allowed systems App Manager VPN
  • 33. Identity Management User de-provisioning • Automated user de-provisioning • Built-in workflow for identity management • Real-time de-provisioning from all systems to prevent unauthorized access and information leakage Active Directory Extranet Forest Workflow User de-provisioned Test Forest FIM HR System FBA Table LOB User de-provisioned or disabled on all systems App VPN
  • 34. Identity Synchronization and Consistency Identity synchronization across multiple directories Attribute HR givenName Samantha Ownership System sn Dearing FIM title mail FirstName employeeID 007 LastName telephone EmployeeID GivenName givenName Samantha sn Dearing title Coordinator Internal givenName Samara mail someone@example.com AD sn title Darling Coordinator employeeID 007 telephone 555-0129 mail Title employeeID 007 telephone Identity Extranet Data givenName Sam AD sn Dearing title Intern E-Mail mail employeeID someone@example.com 007 Aggregation telephone LDAP givenName Sammy sn Dearling title mail Telephone employeeID 008 telephone 555-0129
  • 35. Identity Synchronization and Consistency Identity consistency across multiple directories Attribute HR givenName Samantha Ownership System sn Dearing FIM title mail FirstName employeeID 007 LastName telephone EmployeeID givenName Samantha Bob sn Dearing title Coordinator Internal givenName Samara mail someone@example.com someone@example.com AD sn title Darling Coordinator employeeID 007 telephone 555-0129 mail Title employeeID 007 telephone Identity Extranet Data givenName Sam AD sn title Dearing Intern E-Mail mail employeeID someone@example.com 007 Brokering telephone (Convergence) LDAP givenName Sammy sn Dearling title mail Telephone employeeID 007 telephone 555-0129
  • 36. Customizable Identity Portal SharePoint-based Identity Portal for Management and Self Service How you extend it Add your own portal pages or web parts Build new custom solutions Expose new attributes to manage by extending FIM schema Choose SharePoint theme to customize look and feel
  • 37. Strong Authentication—Certificate Authority • Streamline deployment by enrolling user and computer certificates without user intervention • Simplify certificate and SmartCard management using Forefront Identity Manager (FIM) • Can be used to automate Certificate management for dual factor auth approaches to SharePoint logins End User SmartCard User is validated using multi- FIM policy triggers request for factor authentication FIM CM to issue certificate or Certificate is issued to user and SmartCard written to either machine or smart card FIM CM End User SmartCard FIM HR System FIM Certificate Management (CM) requests certificate User ID and User Enrollment and AD CS creation from Authentication request sent by Password HR System Active Directory Certificate Services (AD CS)
  • 38. FIM for Extranet Forest Mgmt • Internal AD DS Forest • DMZ Extranet AD DS Forest • FIM Auto-provisions certain user accounts in Extranet forest and keeps Passwords in Sync to allow Internal users to access/collaborate with Partners • FIM allows Self-Service Portal Access for Extranet user accounts in the partner forest • Two-factor Auth scenarios, to automate provisioning of user accounts AND certificates to systems
  • 39. FIM for Role Based Access Control • FIM is central to RBAC Strategy • Can auto-add users to Groups based on RBAC Criteria • HR Defines a user’s access based on their role • FIM auto-adds that user to specific Role Groups in AD DS, which are tied to SharePoint Groups that have the rights that that role group requires. User1 Role SharePoint Group Group User2
  • 40. Session Summary • Understand the Extranet Design Options for 2010 • Keep Extranet Accounts out of local AD • Determine how Identities will be Managed • Use FIM for Identity Management, Self-Service, and Provisioning/Deprovisioning of Extranet Accounts • Use UAG to secure inbound access to extranets/intranets
  • 41. Your Feedback is Important Please fill out a session evaluation form drop it off at the conference registration desk. Thank you!
  • 42. Michael Noel Twitter: @MichaelTNoel www.cco.com Slides: slideshare.net/michaeltnoel