Okta Directory Integration for Microsoft Office365 - from Atidan
OKTA DATASHEET:DIRECTORY INTEGRATION EDITION FOR OFFICE 365Purpose-Built Active Directory Integration for Office 365Single sign-on and automated user management that is simple, scalable, and reliableOffice 365 SSO and User ManagementActive Directory HomepageOffice 365 for Your OrganizationMicrosoft Office 365 is quickly becoming one of the most popular on-demandcollaboration platforms on the market. As a successor to Microsoft BusinessProductivity Online Standard Suite, Office 365 delivers Exchange Online, SharePointOnline, and Lync Online as a subscription service—offering access to email, webconferencing, documents, and calendar to all an organization’s users. With thisgrowth comes the need to ensure these users have seamless access via single sign-on(SSO) and that their Office 365 accounts are created, updated, and deactivatedon an integrated cycle with the rest of the systems in IT.Active Directory & Office 365For many Office 365 customers, Microsoft Active Directory (AD) is a core pieceof the identity management infrastructure. With AD serving as the enterprise directory,user authentication and application access policies around on-premises applicationsare often tied to users and security groups in AD. Similarly, the ideal Office 365deployment should be able to tightly integrate with AD. Office 365 accounts shouldbe created based on AD user profiles and security groups. And users should be ableto leverage their AD credentials when accessing Office 365.Microsoft offers an integrated solution that requires organizations to deploy andmanage their own Directory Synchronization tool (DirSync) and Active DirectoryFederation Services (ADFS). Without this heavyweight integration, administratorsmust create Office 365 accounts manually for each user by copying AD user profileinformation to Office 365. Any subsequent user profile changes, such as first nameor email address, also require manual updates. When users leave the organization,their AD account might be disabled while their Office 365 account is still active—unless administrators manually deactivate the account in a timely manner. Thesemanual processes are inefficient and extremely error-prone; and the hassle extendsto users, who must deal with yet another set of credentials stored in Office 365.Users struggle to manage their passwords and administrators end up spendingcountless cycles managing password resets.As a result, user productivity is affected—and the risk of exposinginappropriate access increases.Okta Directory Integration Edition for Office 365Okta is a 100-percent on-demand, turnkey solution that automates user managementand SSO with cloud and web applications. Okta Directory Integration Edition for Office365 offers a complete, robust, and easy-to-use AD integration with Office 365 thatprovides a seamless authentication experience for Office 365 users and automatedprovisioning and deprovisioning of Office 365 accounts based on AD users andsecurity groups without the heavy baggage of ADFS and DirSync.
firstname.lastname@example.org | 1-888-722-7871Okta Inc. 301 Brannan Street, Suite 300, San Francisco CA, 94107About OktaOkta is an enterprise grade identity management service, built from the ground upin the cloud and delivered with an unwavering focus on customer success. The Oktaservice provides directory services, single sign-on, strong authentication, provisioning,workflow, and built in reporting. Enterprises everywhere are using Okta to manageaccess across any application, person or device to increase security, make peoplemore productive, and maintain compliance.The hundreds of enterprises, thousands of cloud application vendors and millions ofpeople using Okta today also form the foundation for the industry’s fastest growing,vendor neutral Enterprise Identity Network.The Okta team has built and deployed many of the world’s leading on-demandand enterprise software solutions from companies including Salesforce.com,PeopleSoft, Microsoft, BMC, Arcsight, Sun, and HP. Okta is backed by premiere ventureinvestors Andreessen Horowitz, Greylock Partners, Khosla Ventures and Sequoia Capital.For more information, visit us at www.okta.com or follow us on www.okta.com/blog.OKTA DATASHEET:DIRECTORY INTEGRATION EDITION FOR OFFICE 365• Automated provisioning in Office 365 is basedon AD user profile and security groups.• Users can log in to Office 365 with their AD credentials.• Users can experience true SSO with Windows domainthrough Integrated Windows Authentication (IWA).• Automated Office 365 account deprovisioningis triggered directly from AD.Easy to install & ConfigureOkta Directory Integration Edition for Office 365 is a purpose-built solution that seamlessly integrates Office 365 with ActiveDirectory. With the click of a button, you can download theOkta Active Directory agent and install it on any WindowsServer that has access to a Domain Controller. No networkor firewall configuration is required.Enabling automated user management for Office 365 isequally simple. Through the Office 365 User Managementconfiguration in Okta, administrators can complete integrationin minutes to enable account provisioning and deprovisioningbetween AD and your Office 365 instance.Delegated Authentication & Desktop SSOWith the AD integration completed, Office 365 customerscan quickly enable delegated authentication with Okta toallow users to log in to Office 365 with their AD credentialswithout the need to install ADFS. Office 365 delegates userauthentication to Okta where user credentials are entered andverified via the Okta Active Directory agent with the AD server.There’s no need for users to remember another password orreset their Office 365 password, because their AD passwordis their Office 365 password. For users who have alreadyauthenticated to the Windows domain with their Windowsnetwork login, Okta’s support for IWA provides a true singlesign-on experience to your Office 365 account whetherthey are accessing Exchange Online or SharePoint Online.Automated User ManagementOkta Directory Integration Edition for Office 365 integratesOffice 365 with Active Directory and your existing userlifecycle management around AD. Office 365 accounts areautomatically provisioned based on AD users and securitygroup membership. As changes are made in Active Directory,Okta ensures that synchronization between AD and Office 365occurs automatically at configurable intervals so access privilegesare always up to date. With Office 365 users authenticatingdirectly against AD, when users are disabled in AD, their accessto Office 365 is immediately revoked. Further, Okta will suspendthe Office 365 account to prevent access from any other clients ordevices—ensuring proper account deactivation in Office 365.Integrating AD with Office 365Secure IntegrationSecurity is a key component of the Okta Active Directory agent.Communication between the agent and Okta Directory IntegrationEdition for Office 365 is protected with SSL encryption. Man-in-the-middle attacks are prevented using server-side SSL certificates.The agent authenticates to the service by first using organization-specific credentials, then exchanging cryptographic keys used for allfuture communication. Further, any agent’s access can be revokedat any time from the service by deactivating its security token.