SA
Uploaded bySimon Angling
PPTX, PDF185 views

Hybrid Identity for M365

Hybrid identity allows users to sign in with the same credentials to access on-premises and cloud-based applications and resources. There are a few main options to configure hybrid identity for Microsoft 365: Password hash synchronization replicates password hashes from on-premises Active Directory to Azure Active Directory. Pass-through authentication redirects authentication requests to on-premises Active Directory without replicating passwords. Federation uses AD FS to issue security tokens for single sign-on. Azure AD Connect or Azure AD Connect Cloud Sync can be used to configure the connectivity and synchronize on-premises directories with Azure AD. Topologies can involve connecting one or multiple on-premises forests. Rules specify that each Azure AD

Embed presentation

Downloaded 16 times
Hybrid Identify for M365 Simon Angling Lead Cloud Solutions Architect, Liquid Intelligent Technologies
Simon Angling Lead Cloud Solutions Architect, Liquid Intelligent Technologies simon@simonangling.com http://simonangling.com 25+ years IT experience MCT since 2007
Identityis theNewControl Plane
What is Hybrid Identity? Single sign-on Self-service Simple connection On-premises Other directories Windows Server Active Directory SaaS Azure Public cloud Cloud Microsoft Azure Active Directory
Planning for Hybrid Decisions, Decisions
Chose Authentication Method • Password hash synchronization (PHS) • Pass-through authentication (PTA) • Federation (AD FS)
Password Hash vs Pass-Through AZURE AD PASSWORD HASH SYNCHRONIZATION (PHS) AZURE AD PASS-THROUGH AUTHENTICATION (PTA)
Password Hash vs Pass-Through AZURE AD PASSWORD HASH SYNCHRONIZATION (PHS) AZURE AD PASS-THROUGH AUTHENTICATION (PTA)
Azure AD Connect vs AAD Connect Sync AZURE AD CONNECT • Connect to LDAP directories • Support for device objects • Synchronize customer defined AD attributes (directory extensions) • Support for Pass-Through Authentication • Device and Group Writeback • Azure AD Domain Services Support AZURE AD CONNECT CLOUD SYNC • Connect to multiple disconnected on-premises AD forests • Lightweight agent installation mode • Multiple active agents for high availability • Max 150,000 object per domain
Topology and Setup
Azure AD Connect Rules • AAD Connect instance can sync with a single AAD Instance and vis versa • An AD object can be replicated either by AADCS or one AAD Connect instance
Sample Topologies
Demo
Exchange Hybrid
ExchangeHybrid
Turn of your last Exchange Server? • You have migrated all mailboxes and public folders to Exchange Online • Use AD for recipient management and Azure AD Connect for synchronization • You don't use/require the on-premises Exchange admin center or Exchange Role- Based Access Control (RBAC) • Are comfortable with using only Windows PowerShell for recipient management • You don't require auditing or logging of recipient management activity • You are running only one Exchange server and only for recipient management purposes • Want to manage recipients without running any Exchange servers.
and Discusss…

More Related Content

PDF
Introduction to Microsoft Azure Cloud
byDinesh Kumar Wickramasinghe
 
PPTX
Azure active directory
byRaju Kumar
 
PPTX
What is Microsoft Enterprise Mobility Suite and how to deploy it
byPeter De Tender
 
PPTX
Azure Overview Arc
byrajramab
 
PDF
Azure security architecture
byKarl Ots
 
PPTX
Active directory
bykuldeep singh shishodia
 
PPTX
Pertemuan Ke-12 - Sistem Operasi -Mesin Virtual (VM).pptx
byYaya610291
 
PPTX
Introduction to GCP (Google Cloud Platform)
byPulkit Gupta
 
Introduction to Microsoft Azure Cloud
byDinesh Kumar Wickramasinghe
 
Azure active directory
byRaju Kumar
 
What is Microsoft Enterprise Mobility Suite and how to deploy it
byPeter De Tender
 
Azure Overview Arc
byrajramab
 
Azure security architecture
byKarl Ots
 
Active directory
bykuldeep singh shishodia
 
Pertemuan Ke-12 - Sistem Operasi -Mesin Virtual (VM).pptx
byYaya610291
 
Introduction to GCP (Google Cloud Platform)
byPulkit Gupta
 

What's hot

PDF
Amazon Cognito를 활용한 모바일 인증 및 보안, 자원 접근 제어 기법 - AWS Summit Seoul 2017
byAmazon Web Services Korea
 
PPTX
Azure Active Directory - An Introduction
byVenkatesh Narayanan
 
PPTX
Introduction to Microsoft Azure
byMartyn Coupland
 
PDF
Azure vmware solutions para partners
byskadobayashi
 
PPTX
Hybrid Cloud Journey - Maximizing Private and Public Cloud
byRyan Lynn
 
PPTX
Oracle Cloud Infrastructure.pptx
byGarvitNTT
 
PPTX
Microsoft Azure Big Data Analytics
byMark Kromer
 
PPTX
Google cloud
byvipin ojha
 
PDF
おさらいActive directory 130330
bywintechq
 
PPTX
Google Cloud Platform (GCP)
byChetan Sharma
 
PPTX
Microsoft Graph: The API for Microsoft 365
byMayur Tendulkar
 
PDF
A cloud readiness assessment framework
byCarlo Colicchio
 
PDF
Mobile App Testing Strategy by RapidValue Solutions
byRapidValue
 
PDF
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
byDavid J Rosenthal
 
PPTX
Planning Your Migration to SharePoint Online #SPBiz60
byChristian Buckley
 
PPTX
Pooja shift left 1.0
byXebia India
 
PPTX
Cloud robotics
bySiddharth Awasthi
 
PPTX
Configuration testing
byPrecise Testing Solution
 
PPTX
Google Cloud Platform
byFrancesco Marchitelli
 
DOC
Systems administrator resume
byDattu Gujjari
 
Amazon Cognito를 활용한 모바일 인증 및 보안, 자원 접근 제어 기법 - AWS Summit Seoul 2017
byAmazon Web Services Korea
 
Azure Active Directory - An Introduction
byVenkatesh Narayanan
 
Introduction to Microsoft Azure
byMartyn Coupland
 
Azure vmware solutions para partners
byskadobayashi
 
Hybrid Cloud Journey - Maximizing Private and Public Cloud
byRyan Lynn
 
Oracle Cloud Infrastructure.pptx
byGarvitNTT
 
Microsoft Azure Big Data Analytics
byMark Kromer
 
Google cloud
byvipin ojha
 
おさらいActive directory 130330
bywintechq
 
Google Cloud Platform (GCP)
byChetan Sharma
 
Microsoft Graph: The API for Microsoft 365
byMayur Tendulkar
 
A cloud readiness assessment framework
byCarlo Colicchio
 
Mobile App Testing Strategy by RapidValue Solutions
byRapidValue
 
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
byDavid J Rosenthal
 
Planning Your Migration to SharePoint Online #SPBiz60
byChristian Buckley
 
Pooja shift left 1.0
byXebia India
 
Cloud robotics
bySiddharth Awasthi
 
Configuration testing
byPrecise Testing Solution
 
Google Cloud Platform
byFrancesco Marchitelli
 
Systems administrator resume
byDattu Gujjari
 

Similar to Hybrid Identity for M365

PPTX
Understanding Identity Management with Office 365
byPerficient, Inc.
 
PDF
Microsoft 365 products and services descrption
byKamelAbouSaleh1
 
DOCX
Azure active directory connect to a single domain
byIntelice Solutions LLC
 
PPTX
Azure AD and Office 365 - Deja Vu All Over Again
bySean Deuby
 
PDF
Office 365 identity
byMotty Ben Atia
 
PDF
Access Security - Hybrid Identity
byEng Teong Cheah
 
PDF
2018 09-03 aOS Aachen - SharePoint demystified - Thomas Vochten
byaOS Community
 
PDF
SharePoint Hybrid Search - What is it really?
byChandima Kulathilake
 
PDF
SharePoint MeetUp - hybrid search - 121016
byJonathan Stuckey
 
PPTX
Office 365 hybride - Swiss SharePoint Club
byJoris Faure
 
DOCX
Hybrid identity by Sandeep Kumar Seeram
bySandeep Kumar Seeram
 
Understanding Identity Management with Office 365
byPerficient, Inc.
 
Microsoft 365 products and services descrption
byKamelAbouSaleh1
 
Azure active directory connect to a single domain
byIntelice Solutions LLC
 
Azure AD and Office 365 - Deja Vu All Over Again
bySean Deuby
 
Office 365 identity
byMotty Ben Atia
 
Access Security - Hybrid Identity
byEng Teong Cheah
 
2018 09-03 aOS Aachen - SharePoint demystified - Thomas Vochten
byaOS Community
 
SharePoint Hybrid Search - What is it really?
byChandima Kulathilake
 
SharePoint MeetUp - hybrid search - 121016
byJonathan Stuckey
 
Office 365 hybride - Swiss SharePoint Club
byJoris Faure
 
Hybrid identity by Sandeep Kumar Seeram
bySandeep Kumar Seeram
 

Recently uploaded

PDF
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
PDF
ElyriaSoftware — Powering the Future with Blockchain Innovation
byElyria Software
 
PDF
Unlocking the Power of Salesforce Architecture: Frameworks for Effective Solu...
byvarsha30tiwari
 
PDF
Security Technologys: Access Control, Firewall, VPN
byShielaLasala
 
PDF
The year in review - MarvelClient in 2025
bypanagenda
 
PDF
Igniting the Future: Copilot trends, agentic transformation and product roadm...
byUni Systems S.M.S.A.
 
PDF
Generative AI in UiPath: Mastering the Generative Extractor for Intelligent D...
byDianaGray10
 
PDF
eResource Scheduler Enterprise Resource Management and Scheduling Software.pdf
byeResource Scheduler
 
PDF
Zero Trust & Defense-in-Depth: The Future of Critical Infrastructure Security
byYasir Naveed Riaz
 
PDF
Knowing and Doing: Knowledge graphs, AI, and work
bymarainglezakis1
 
PDF
Guided Substation Engineering with CoMPAS: Simplifying IEC 61850
byDanBrown980551
 
PPTX
The Future of IT Service Management AI Automation & Beyond.pptx
byChetu
 
PDF
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
PDF
How Mobile Apps Are Shaping the Future of Digital Innovation
byWilliam Taylor
 
PPTX
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
PDF
The Ultimate Guide to Problem Management Dashboards for IT Teams.pdf
byomnex systems
 
PDF
TrustArc Webinar - Assessing AI Risk with Confidence
byTrustArc
 
PPTX
Combining Induction and Transduction for Abstract Reasoning.pptx
byallen578468
 
PDF
AI and Computer Architecture: 200 Years Together
byDmitry Zinoviev
 
PDF
TPPmark2025 Kenta Inoue's answer 12/04/2025
byKenta Inoue
 
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
ElyriaSoftware — Powering the Future with Blockchain Innovation
byElyria Software
 
Unlocking the Power of Salesforce Architecture: Frameworks for Effective Solu...
byvarsha30tiwari
 
Security Technologys: Access Control, Firewall, VPN
byShielaLasala
 
The year in review - MarvelClient in 2025
bypanagenda
 
Igniting the Future: Copilot trends, agentic transformation and product roadm...
byUni Systems S.M.S.A.
 
Generative AI in UiPath: Mastering the Generative Extractor for Intelligent D...
byDianaGray10
 
eResource Scheduler Enterprise Resource Management and Scheduling Software.pdf
byeResource Scheduler
 
Zero Trust & Defense-in-Depth: The Future of Critical Infrastructure Security
byYasir Naveed Riaz
 
Knowing and Doing: Knowledge graphs, AI, and work
bymarainglezakis1
 
Guided Substation Engineering with CoMPAS: Simplifying IEC 61850
byDanBrown980551
 
The Future of IT Service Management AI Automation & Beyond.pptx
byChetu
 
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
How Mobile Apps Are Shaping the Future of Digital Innovation
byWilliam Taylor
 
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
The Ultimate Guide to Problem Management Dashboards for IT Teams.pdf
byomnex systems
 
TrustArc Webinar - Assessing AI Risk with Confidence
byTrustArc
 
Combining Induction and Transduction for Abstract Reasoning.pptx
byallen578468
 
AI and Computer Architecture: 200 Years Together
byDmitry Zinoviev
 
TPPmark2025 Kenta Inoue's answer 12/04/2025
byKenta Inoue
 

Hybrid Identity for M365

  • 1.
    Hybrid Identify forM365 Simon Angling Lead Cloud Solutions Architect, Liquid Intelligent Technologies
  • 2.
    Simon Angling Lead CloudSolutions Architect, Liquid Intelligent Technologies simon@simonangling.com http://simonangling.com 25+ years IT experience MCT since 2007
  • 3.
  • 4.
    What is HybridIdentity? Single sign-on Self-service Simple connection On-premises Other directories Windows Server Active Directory SaaS Azure Public cloud Cloud Microsoft Azure Active Directory
  • 5.
  • 6.
    Chose Authentication Method •Password hash synchronization (PHS) • Pass-through authentication (PTA) • Federation (AD FS)
  • 7.
    Password Hash vsPass-Through AZURE AD PASSWORD HASH SYNCHRONIZATION (PHS) AZURE AD PASS-THROUGH AUTHENTICATION (PTA)
  • 8.
    Password Hash vsPass-Through AZURE AD PASSWORD HASH SYNCHRONIZATION (PHS) AZURE AD PASS-THROUGH AUTHENTICATION (PTA)
  • 10.
    Azure AD Connectvs AAD Connect Sync AZURE AD CONNECT • Connect to LDAP directories • Support for device objects • Synchronize customer defined AD attributes (directory extensions) • Support for Pass-Through Authentication • Device and Group Writeback • Azure AD Domain Services Support AZURE AD CONNECT CLOUD SYNC • Connect to multiple disconnected on-premises AD forests • Lightweight agent installation mode • Multiple active agents for high availability • Max 150,000 object per domain
  • 12.
  • 13.
    Azure AD ConnectRules • AAD Connect instance can sync with a single AAD Instance and vis versa • An AD object can be replicated either by AADCS or one AAD Connect instance
  • 14.
  • 27.
  • 28.
  • 29.
  • 30.
    Turn of yourlast Exchange Server? • You have migrated all mailboxes and public folders to Exchange Online • Use AD for recipient management and Azure AD Connect for synchronization • You don't use/require the on-premises Exchange admin center or Exchange Role- Based Access Control (RBAC) • Are comfortable with using only Windows PowerShell for recipient management • You don't require auditing or logging of recipient management activity • You are running only one Exchange server and only for recipient management purposes • Want to manage recipients without running any Exchange servers.
  • 31.

Editor's Notes

  • #12 https://docs.microsoft.com/en-us/azure/active-directory/cloud-sync/what-is-cloud-sync#comparison-between-azure-ad-connect-and-cloud-sync