Benutzerverzeichnisstandardisierung, so wird's gemacht!

5. Windows Server 2012+ &
Azure AD
Windows Server 2012+ &
Azure AD / Azure Services
On-Premises Outsourcing Hybrid Cloud
On-Premises Outsourcing Hybrid Cloud

6. http://www.mdmarra.com/2012/11/why-you-shouldnt-use-local-in-your.html
http://markparris.co.uk/2011/03/08/active-directory-local-domain-design-and-office-365/
https://technet.microsoft.com/en-us/library/cc738121(WS.10).aspx
www.microsoft.com/ipd

7. http://www.icann.org/de/groups/ssac/documents/sac-045-en.pdf
https://cabforum.org/internal-names/
https://cabforum.org/wp-content/uploads/Guidance-Deprecated-Internal-Names.pdf

9. https://technet.microsoft.com/en-us/library/dn765472.aspx

10. http://de.slideshare.net/digicomp/oliver-ryf-windows-day-active-directory-best-practices

16. https://support.office.com/de-de/article/Vorbereiten-von-Benutzern-auf-die-Bereitstellung-in-Office-365-
%c3%bcber-die-Verzeichnissynchronisierung-01920974-9e6f-4331-a370-13aea4e82b3e?ui=de-DE&rs=de-
DE&ad=DE

22. Self-service Single
sign on
•••••••••••
Username
Identity as the foundation
Azure AD
Connect
Cloud
SaaS
Azure
Office 365Public
cloud
Other
Directories
Windows Server
Active Directory
On-premises Microsoft Azure Active Directory

24. Azure AD Connect
Consolidated deployment
assistant for your identity
bridge components
• Express Settings
• Multi-forest support
• Password # Sync
• Streamlined fed setup with ADFS
• Configurable Sync settings
DirSync
Azure AD Sync
FIM+Azure AD
Connector
Sync Engine
On-boarding to Azure AD & Office 365
ADFS
http://blogs.technet.com/b/ad/archive/2014/12/15/azure-ad-connect-one-simple-fast-lightweight-tool-to-connect-active-directory-and-azure-active-directory.aspx
ADFS
ADFS is optional, can addresses complex
enterprise deployments
Domain Join SSO, Enforcement of AD login policy,
Smart Card or 3rd party MFA

25. Enable login to Azure AD/Office 365 or
other ADFS apps for users stored in
LDAP directories
Consolidate app authentication and
authorization across different account
stores
Supports any LDAP v3 directory
Support across sync and sign-in
coming to Azure AD Connect at a later
date
ADFS
ADDSLDAP
Directories
Azure AD
LOB Apps
Cloud
SaaS
Azure
Office 365
Partner
Resources

26.  


27. • Monitor ADFS service for reliable
& highly available authentication
• Email notification for critical
alerts
• Analyze ADFS logins for usage &
capacity planning based on app,
authentication, network location
& failures
• Perform forensic analysis on top
users with bad passwords
• Troubleshoot with easy access to
critical performance counters

29. On-Premises
applications
Introducing ‘Conditional Access Control’
Application
Business sensitivity
Other
Inside corp. network
Outside corp. network
Risk profile
Devices
Authenticated
MDM Managed (Intune)
Compliant with policies
Not lost/stolen
User attributes
User identity
Group memberships
Auth strength (MFA)
Conditional access
control

30. Discover & Authenticate
Device Registration with the Azure AD Device Registration Service
user @ device
Contoso
dan@contoso.com
Contoso
dan@contoso.com

31. •
•
•

32. 



•
•
•
•

36. Pull replication
using HTTP

38. ANK Business Services
hCloud Portfolio
Migration
Services
- Active Directory
- Exchange
- SharePoint
- Archive
- Fileshare
Business &
Strategy
- Workshops
- Concepts
- Network
Azure IaaS &
Hybrid Cloud
Solutions
- VM Hosting &
Management
- Backup / HA
- ADFS, AAD
Connect
- Managed
Services
Project
Support
- “as Is” on-Site
- Architecture
- Kick-Off
- Workshops
- Standardizing
__
__