SlideShare a Scribd company logo
IDENTITY MANAGEMENT OVER THE
HORIZON:
WHAT’S NEW AND WHAT’S NEXT
Agenda
• Introduction
• What IdM means
• Microsoft’s evolution of IdM
• Preparing for next-gen IdM
• The cloudy hazy future
Introduction
INTRODUCTION
• Identity management (IdM) has always been
a core enterprise service
• If you’re using Active Directory, you’re doing IdM!
• IdM services and tools are at the core of
Microsoft’s cloud strategy
• To stay relevant in the IT world you must
• Understand what Microsoft is doing
• Understand why Microsoft’s doing it
• Level up your skills to match what the world will
need
Introduction
• Identity management (IdM) has always been a core
enterprise service
• If you’re using Active Directory, you’re doing IdM!
• IdM services and tools are at the core of Microsoft’s cloud
strategy
• To stay relevant in the IT world you must
• Understand what Microsoft is doing
• Understand why Microsoft’s doing it
• Level up your skills to match what the world will need
WHY IS IdM SO IMPORTANT?
• Every organization depends on identities
– Who is “inside” the organization?
– What are they allowed to do?
– What information do we know about them?
– Who are our trusted partners / customers / vendors and what can they do?
• Identity powers every significant enterprise application
– Email, collaboration, communications
– CRM, ERP, ERM
– Payroll, AP/AR, forecasting
• Organizations want to have a single source for
the truth
6
IDENTITY MANAGEMENT
• Managing the lifecycle of these identities
is a critical business requirement
– CRUD
– Answering authN and authZ
questions
– Selectively sharing and federating
identity data
– Consuming federated identities from
partners / service providers
7
QUESTIONS IdM CAN ANSWER
• Should I authenticate this person?
• What resources is this person authorized
to use?
• What groups is this person a member of
(and what does that membership grant
access to?)
• What else can you tell me about the
specified person?
– Depends on which attributes you make
visible
8
?
CURRENT TRENDS IN IdM
Use a single directory for multiple applications
Eliminate multiple credentials
– Thus improving both security and convenience
Outsource authentication
– Between multiple cloud services
– From cloud services to your on-prem directory
Understanding Microsoft’s IdM strategy
ACTIVE DIRECTORY: LONG LIVE THE KING
• We have had on-prem Windows AD since
1999
• We will probably have it for at least another
15-20 years
• …let that thought sink in for a minute!
• It is overwhelmingly the dominant on-prem
IdM environment
• Good points
• Mature
• Well-understood
• Very large support ecosystem (people, training,
tools, etc.)
11
AZURE ACTIVE DIRECTORY
• Azure Active Directory is the
heir apparent for on-prem AD
• It offers a similar set of IdM
features
• It’s not an exact 1:1
replacement for on-prem AD
• E.g. currently no support for
GPOs, file/print, etc.
12
AZURE ACTIVE DIRECTORY
Read between the lines at
azure.microsoft.com/en-us/services/active-directory
comprehensive identity and access
management cloud solution”
“ Enable single sign-on to simplify user
access to thousands of cloud
applications”
“
Extend Active Directory... to Azure
Active Directory to enable single sign-on
for all cloud-based applications”
“ …offers developers an effective way to
integrate identity management into
their applications”
“
AZURE AD AND OFFICE 365
• Sign up for O365 and you get “invisible AAD”
• It’s really called AAD Free
• Logical target for dirsync operations
• Basic IdM operations only: no extensibility
• Upgrade at no cost to AAD Basic
• Extensibility and application integration (“so what?” you ask…)
• More supported objects
• Better reporting
AZURE AD PREMIUM
• Azure AD Premium adds a bunch of features
• Multi-factor application for your own apps (not just
O365)
• MFA for on-prem apps
• Self-service group management
• Extended writeback
• Larger object capacities
• Much more customization and extensibility
• Includes MIM licenses
• AAD Connect Health
• Mobile device auto-enrollment
• Often sold as part of Enterprise Mobility Suite
• $6/user/month MSRP
DO YOU NEED AAD PREMIUM?
• Microsoft hopes so!
• Getting you to buy it is a key part of their
strategy
• What’s worth getting depends on your
needs
• MFA for on-prem / cloud apps
• Integration with Salesforce, PeopleSoft, etc.
• Desire to be a guinea pig
EVOLUTION AND MICROSOFT TOOLS
• High rate of change
• Core AAD features aren’t going to change
• Lots of enhancements / small nibbles
going forward
• Documentation often lags
• Support tools are trying to catch up
• Overall platform direction is clearly “to
the cloud!”
AN EXAMPLE OF EVOLUTION
• Microsoft’s primary supported dirsync
tool is the new AADConnect
– Combines dirsync, federation prep,
troubleshooting in one tool
– RTM’d in early July 2015; already had 2
updates
– Latest in a long line of FIM descendants
– Shows its heritage
– Still missing a few things
18
WHAT’S IN IT FOR ME?
IdM SKILL EVOLUTION
ACTIVE DIRECTORY
• Design it once, operate it forever…
at least until new versions
• Need for AD-specific skills:
schema management, etc.
• High premium on troubleshooting
skills
• Lots of 3rd-party tools to “deskill”
tasks such as group management
AZURE AD
• No design, no operations (e.g.
patching servers, updating
schema)
• Skills shift towards integration
• Troubleshooting requirements
shift
• New emphasis on remote
monitoring / health checks
• Microsoft is doing its own
deskilling
IdM SKILL EVOLUTION
• Every Exchange / Skype / SharePoint / AD admin
needs the following
• PowerShell fluency: be comfortable in the CLI, be able to
read others’ scripts
• Basic management for dirsync and federation
• Knowledge / comfort with Office 365/Azure support model
• Sometimes “I don’t know” is the best you’ll get
• Cross-boundary product knowledge
• E.g. Exchange folks, you need to have basic SPO knowledge,
and vice versa
• This is the minimum set of requirements!
IdM SKILL EVOLUTION++
• To set yourself apart, you need to be able to
• Write / debug your own PowerShell scripts
• Pick apart business processes and adapt them to
Office 365
• Perform advanced troubleshooting of multiple O365
workloads
• Expand beyond the traditional boundaries of whatever
workload you manage
• Take on new workloads
• Communicate fluently, in writing and verbally, about
AAD and O365
• Advocate its value inside the organization
• Understand and be able to articulate its shortcomings
without bashing
IdM: THE FUTURE
• Microsoft is not going to back off its emphasis on
AAD
• It powers Office 365
• They want it to power more and more on-prem workloads
• Expect significant new capabilities in Windows Server 2016
• It is unlikely that another challenger will appear
• Competitors exist for specific AAD capabilities (e.g. Ping /
Okta for federation)
• No one except Amazon seems interested in spending
required to compete for on-prem replacement
NO GOING BACK
IdM: THE FUTURE
• Tons of training and prep material exists
• Free Microsoft Virtual Academy / MSDN / Channel 9 resources
• Excellent online courses from Pluralsight and others
• Try-before-you-buy Azure plans
• Azure credits in MSDN
• Your employer isn’t going to necessarily provide these
skills for you
• But when they want them, you’d better have them handy!
Q & A

More Related Content

What's hot

Comparing forefront identity manager vs. other identity managers
Comparing forefront identity manager vs. other identity managersComparing forefront identity manager vs. other identity managers
Comparing forefront identity manager vs. other identity managers
InfraMatix Inc.
 
A Pragmatic Approach to Identity and Access Management
A Pragmatic Approach to Identity and Access ManagementA Pragmatic Approach to Identity and Access Management
A Pragmatic Approach to Identity and Access Management
hankgruenberg
 
IDENTITY ACCESS MANAGEMENT
IDENTITY ACCESS MANAGEMENTIDENTITY ACCESS MANAGEMENT
IDENTITY ACCESS MANAGEMENT
Prof. Jacques Folon (Ph.D)
 
50 data principles for loosely coupled identity management v1 0
50 data principles for loosely coupled identity management v1 050 data principles for loosely coupled identity management v1 0
50 data principles for loosely coupled identity management v1 0
Ganesh Prasad
 
Identity Management for the 21st Century IT Mission
Identity Management for the 21st Century IT MissionIdentity Management for the 21st Century IT Mission
Identity Management for the 21st Century IT Mission
CA API Management
 
Paradigmo specialised in Identity & Access Management
Paradigmo specialised in Identity & Access ManagementParadigmo specialised in Identity & Access Management
Paradigmo specialised in Identity & Access Management
Julie Beuselinck
 
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies
 
Digital documents & e-discovery
Digital documents & e-discovery Digital documents & e-discovery
Digital documents & e-discovery
Prof. Jacques Folon (Ph.D)
 
Identity & access management
Identity & access managementIdentity & access management
Identity & access management
Vandana Verma
 
Building an Effective Identity Management Strategy
Building an Effective Identity Management StrategyBuilding an Effective Identity Management Strategy
Building an Effective Identity Management Strategy
NetIQ
 
Identity & Access Management - Securing Your Data in the 21st Century Enterprise
Identity & Access Management - Securing Your Data in the 21st Century EnterpriseIdentity & Access Management - Securing Your Data in the 21st Century Enterprise
Identity & Access Management - Securing Your Data in the 21st Century Enterprise
Lance Peterman
 
Identity and Access Management (IAM)
Identity and Access Management (IAM)Identity and Access Management (IAM)
Identity and Access Management (IAM)
Jack Forbes
 
Identity Governance: Not Just For Compliance
Identity Governance: Not Just For ComplianceIdentity Governance: Not Just For Compliance
Identity Governance: Not Just For Compliance
IBM Security
 
Identity and Access Management (IAM)
Identity and Access Management (IAM)Identity and Access Management (IAM)
Identity and Access Management (IAM)
Identacor
 
Evolveum: All you need to know about identity & access management
Evolveum: All you need to know about identity & access managementEvolveum: All you need to know about identity & access management
Evolveum: All you need to know about identity & access management
Evolveum
 
Mt26 identity management as a service
Mt26 identity management as a serviceMt26 identity management as a service
Mt26 identity management as a service
Dell World
 
CIS13: Avoiding the Pitfalls of Managing IAM for a Hybrid Environment
CIS13: Avoiding the Pitfalls of Managing IAM for a Hybrid EnvironmentCIS13: Avoiding the Pitfalls of Managing IAM for a Hybrid Environment
CIS13: Avoiding the Pitfalls of Managing IAM for a Hybrid Environment
CloudIDSummit
 
Mr. desmond cloud security_format
Mr. desmond cloud security_formatMr. desmond cloud security_format
Mr. desmond cloud security_format
MULTIMATICS_ID
 
Intel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management JourneyIntel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management Journey
Intel IT Center
 
Sailpoint Online Training on IAM overview
Sailpoint Online Training on IAM overviewSailpoint Online Training on IAM overview
Sailpoint Online Training on IAM overview
ITJobZone.biz
 

What's hot (20)

Comparing forefront identity manager vs. other identity managers
Comparing forefront identity manager vs. other identity managersComparing forefront identity manager vs. other identity managers
Comparing forefront identity manager vs. other identity managers
 
A Pragmatic Approach to Identity and Access Management
A Pragmatic Approach to Identity and Access ManagementA Pragmatic Approach to Identity and Access Management
A Pragmatic Approach to Identity and Access Management
 
IDENTITY ACCESS MANAGEMENT
IDENTITY ACCESS MANAGEMENTIDENTITY ACCESS MANAGEMENT
IDENTITY ACCESS MANAGEMENT
 
50 data principles for loosely coupled identity management v1 0
50 data principles for loosely coupled identity management v1 050 data principles for loosely coupled identity management v1 0
50 data principles for loosely coupled identity management v1 0
 
Identity Management for the 21st Century IT Mission
Identity Management for the 21st Century IT MissionIdentity Management for the 21st Century IT Mission
Identity Management for the 21st Century IT Mission
 
Paradigmo specialised in Identity & Access Management
Paradigmo specialised in Identity & Access ManagementParadigmo specialised in Identity & Access Management
Paradigmo specialised in Identity & Access Management
 
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
 
Digital documents & e-discovery
Digital documents & e-discovery Digital documents & e-discovery
Digital documents & e-discovery
 
Identity & access management
Identity & access managementIdentity & access management
Identity & access management
 
Building an Effective Identity Management Strategy
Building an Effective Identity Management StrategyBuilding an Effective Identity Management Strategy
Building an Effective Identity Management Strategy
 
Identity & Access Management - Securing Your Data in the 21st Century Enterprise
Identity & Access Management - Securing Your Data in the 21st Century EnterpriseIdentity & Access Management - Securing Your Data in the 21st Century Enterprise
Identity & Access Management - Securing Your Data in the 21st Century Enterprise
 
Identity and Access Management (IAM)
Identity and Access Management (IAM)Identity and Access Management (IAM)
Identity and Access Management (IAM)
 
Identity Governance: Not Just For Compliance
Identity Governance: Not Just For ComplianceIdentity Governance: Not Just For Compliance
Identity Governance: Not Just For Compliance
 
Identity and Access Management (IAM)
Identity and Access Management (IAM)Identity and Access Management (IAM)
Identity and Access Management (IAM)
 
Evolveum: All you need to know about identity & access management
Evolveum: All you need to know about identity & access managementEvolveum: All you need to know about identity & access management
Evolveum: All you need to know about identity & access management
 
Mt26 identity management as a service
Mt26 identity management as a serviceMt26 identity management as a service
Mt26 identity management as a service
 
CIS13: Avoiding the Pitfalls of Managing IAM for a Hybrid Environment
CIS13: Avoiding the Pitfalls of Managing IAM for a Hybrid EnvironmentCIS13: Avoiding the Pitfalls of Managing IAM for a Hybrid Environment
CIS13: Avoiding the Pitfalls of Managing IAM for a Hybrid Environment
 
Mr. desmond cloud security_format
Mr. desmond cloud security_formatMr. desmond cloud security_format
Mr. desmond cloud security_format
 
Intel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management JourneyIntel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management Journey
 
Sailpoint Online Training on IAM overview
Sailpoint Online Training on IAM overviewSailpoint Online Training on IAM overview
Sailpoint Online Training on IAM overview
 

Similar to Identity Management Over the Horizon: What’s New and What’s Next

Mitigating Risk in a Complex Hybrid Directory Environment
Mitigating Risk in a Complex Hybrid Directory EnvironmentMitigating Risk in a Complex Hybrid Directory Environment
Mitigating Risk in a Complex Hybrid Directory Environment
Quest
 
cloud session uklug
cloud session uklugcloud session uklug
cloud session uklug
dominion
 
TechFuse 2012: What does Office 365 mean to your organization?
TechFuse 2012: What does Office 365 mean to your organization?TechFuse 2012: What does Office 365 mean to your organization?
TechFuse 2012: What does Office 365 mean to your organization?
Avtex
 
Shadow IT Risk and Reward
Shadow IT Risk and RewardShadow IT Risk and Reward
Shadow IT Risk and Reward
Chris Haddad
 
SharePoint Best Practice and the Cloud
SharePoint Best Practice and the CloudSharePoint Best Practice and the Cloud
SharePoint Best Practice and the Cloud
Application Performance Ltd
 
DaaS/IaaS Forum Moscow - Rick Dehlinger
DaaS/IaaS Forum Moscow - Rick DehlingerDaaS/IaaS Forum Moscow - Rick Dehlinger
DaaS/IaaS Forum Moscow - Rick Dehlinger
Denis Gundarev
 
Office 365 Disruption - Metalogix Roadshow - 20th October 2016
Office 365 Disruption - Metalogix Roadshow - 20th October 2016Office 365 Disruption - Metalogix Roadshow - 20th October 2016
Office 365 Disruption - Metalogix Roadshow - 20th October 2016
Alistair Pugin
 
SharePoint Online vs. On-Premise
SharePoint Online vs. On-PremiseSharePoint Online vs. On-Premise
SharePoint Online vs. On-Premise
Evan Hodges
 
Proven Practices for Office 365 Deployment, Security and Management
Proven Practices for Office 365 Deployment, Security and ManagementProven Practices for Office 365 Deployment, Security and Management
Proven Practices for Office 365 Deployment, Security and Management
Perficient, Inc.
 
Office365 security in depth
Office365 security in depthOffice365 security in depth
Office365 security in depth
Alberto Pascual
 
O365 Tools for Building a Digital Workplace
O365 Tools for Building a Digital WorkplaceO365 Tools for Building a Digital Workplace
O365 Tools for Building a Digital Workplace
Jeff Fried
 
How to grow to a modern workplace in 16 steps with microsoft 365
How to grow to a modern workplace in 16 steps with microsoft 365How to grow to a modern workplace in 16 steps with microsoft 365
How to grow to a modern workplace in 16 steps with microsoft 365
Tim Hermie ☁️
 
What is Microsoft Enterprise Mobility Suite and how to deploy it
What is Microsoft Enterprise Mobility Suite and how to deploy itWhat is Microsoft Enterprise Mobility Suite and how to deploy it
What is Microsoft Enterprise Mobility Suite and how to deploy it
Peter De Tender
 
Cloud technology for msme sector sujit panigrahi v2
Cloud technology for msme sector   sujit panigrahi v2Cloud technology for msme sector   sujit panigrahi v2
Cloud technology for msme sector sujit panigrahi v2
Sequoia Fitness and Sports Technology Pvt. Ltd.
 
Software as a services
Software as a servicesSoftware as a services
Software as a services
Quang Nguyen
 
August 2011 The Business Value of Office 365 for SharePoint users
August 2011 The Business Value of Office 365 for SharePoint usersAugust 2011 The Business Value of Office 365 for SharePoint users
August 2011 The Business Value of Office 365 for SharePoint users
Knowledge Management Associates, LLC
 
Moving Oracle Applications to the Cloud - Which Cloud is Right for Me?
 Moving Oracle Applications to the Cloud - Which Cloud is Right for Me? Moving Oracle Applications to the Cloud - Which Cloud is Right for Me?
Moving Oracle Applications to the Cloud - Which Cloud is Right for Me?
Datavail
 
Maximizing Your Office 365 Investments With OneDrive
Maximizing Your Office 365 Investments With OneDriveMaximizing Your Office 365 Investments With OneDrive
Maximizing Your Office 365 Investments With OneDrive
Netwoven Inc.
 
Office 365 smb guidelines for pure bookkeeping (slideshare)
Office 365 smb guidelines for pure bookkeeping (slideshare)Office 365 smb guidelines for pure bookkeeping (slideshare)
Office 365 smb guidelines for pure bookkeeping (slideshare)
DavidNicholls52
 
Identity Management: What Solution is Right for You?
Identity Management: What Solution is Right for You?Identity Management: What Solution is Right for You?
Identity Management: What Solution is Right for You?
C/D/H Technology Consultants
 

Similar to Identity Management Over the Horizon: What’s New and What’s Next (20)

Mitigating Risk in a Complex Hybrid Directory Environment
Mitigating Risk in a Complex Hybrid Directory EnvironmentMitigating Risk in a Complex Hybrid Directory Environment
Mitigating Risk in a Complex Hybrid Directory Environment
 
cloud session uklug
cloud session uklugcloud session uklug
cloud session uklug
 
TechFuse 2012: What does Office 365 mean to your organization?
TechFuse 2012: What does Office 365 mean to your organization?TechFuse 2012: What does Office 365 mean to your organization?
TechFuse 2012: What does Office 365 mean to your organization?
 
Shadow IT Risk and Reward
Shadow IT Risk and RewardShadow IT Risk and Reward
Shadow IT Risk and Reward
 
SharePoint Best Practice and the Cloud
SharePoint Best Practice and the CloudSharePoint Best Practice and the Cloud
SharePoint Best Practice and the Cloud
 
DaaS/IaaS Forum Moscow - Rick Dehlinger
DaaS/IaaS Forum Moscow - Rick DehlingerDaaS/IaaS Forum Moscow - Rick Dehlinger
DaaS/IaaS Forum Moscow - Rick Dehlinger
 
Office 365 Disruption - Metalogix Roadshow - 20th October 2016
Office 365 Disruption - Metalogix Roadshow - 20th October 2016Office 365 Disruption - Metalogix Roadshow - 20th October 2016
Office 365 Disruption - Metalogix Roadshow - 20th October 2016
 
SharePoint Online vs. On-Premise
SharePoint Online vs. On-PremiseSharePoint Online vs. On-Premise
SharePoint Online vs. On-Premise
 
Proven Practices for Office 365 Deployment, Security and Management
Proven Practices for Office 365 Deployment, Security and ManagementProven Practices for Office 365 Deployment, Security and Management
Proven Practices for Office 365 Deployment, Security and Management
 
Office365 security in depth
Office365 security in depthOffice365 security in depth
Office365 security in depth
 
O365 Tools for Building a Digital Workplace
O365 Tools for Building a Digital WorkplaceO365 Tools for Building a Digital Workplace
O365 Tools for Building a Digital Workplace
 
How to grow to a modern workplace in 16 steps with microsoft 365
How to grow to a modern workplace in 16 steps with microsoft 365How to grow to a modern workplace in 16 steps with microsoft 365
How to grow to a modern workplace in 16 steps with microsoft 365
 
What is Microsoft Enterprise Mobility Suite and how to deploy it
What is Microsoft Enterprise Mobility Suite and how to deploy itWhat is Microsoft Enterprise Mobility Suite and how to deploy it
What is Microsoft Enterprise Mobility Suite and how to deploy it
 
Cloud technology for msme sector sujit panigrahi v2
Cloud technology for msme sector   sujit panigrahi v2Cloud technology for msme sector   sujit panigrahi v2
Cloud technology for msme sector sujit panigrahi v2
 
Software as a services
Software as a servicesSoftware as a services
Software as a services
 
August 2011 The Business Value of Office 365 for SharePoint users
August 2011 The Business Value of Office 365 for SharePoint usersAugust 2011 The Business Value of Office 365 for SharePoint users
August 2011 The Business Value of Office 365 for SharePoint users
 
Moving Oracle Applications to the Cloud - Which Cloud is Right for Me?
 Moving Oracle Applications to the Cloud - Which Cloud is Right for Me? Moving Oracle Applications to the Cloud - Which Cloud is Right for Me?
Moving Oracle Applications to the Cloud - Which Cloud is Right for Me?
 
Maximizing Your Office 365 Investments With OneDrive
Maximizing Your Office 365 Investments With OneDriveMaximizing Your Office 365 Investments With OneDrive
Maximizing Your Office 365 Investments With OneDrive
 
Office 365 smb guidelines for pure bookkeeping (slideshare)
Office 365 smb guidelines for pure bookkeeping (slideshare)Office 365 smb guidelines for pure bookkeeping (slideshare)
Office 365 smb guidelines for pure bookkeeping (slideshare)
 
Identity Management: What Solution is Right for You?
Identity Management: What Solution is Right for You?Identity Management: What Solution is Right for You?
Identity Management: What Solution is Right for You?
 

More from ENow Software

Are you ready for Exchange 2016
Are you ready for Exchange 2016Are you ready for Exchange 2016
Are you ready for Exchange 2016
ENow Software
 
Deploy exchange 2016 on prem hybrid final
Deploy exchange 2016 on prem hybrid finalDeploy exchange 2016 on prem hybrid final
Deploy exchange 2016 on prem hybrid final
ENow Software
 
Lync & Skype Interop V2 Deep Dive - By Johan Delimon
Lync & Skype Interop  V2 Deep Dive - By Johan DelimonLync & Skype Interop  V2 Deep Dive - By Johan Delimon
Lync & Skype Interop V2 Deep Dive - By Johan Delimon
ENow Software
 
Troubleshooting Exchange Hybrid Deployments
Troubleshooting Exchange Hybrid DeploymentsTroubleshooting Exchange Hybrid Deployments
Troubleshooting Exchange Hybrid Deployments
ENow Software
 
Top 10 Tips for Supporting & Troubleshooting Lync 2013
Top 10 Tips for Supporting & Troubleshooting Lync 2013Top 10 Tips for Supporting & Troubleshooting Lync 2013
Top 10 Tips for Supporting & Troubleshooting Lync 2013
ENow Software
 
What Exchange Administrators Need to Know About Hybrid Deployments
What Exchange Administrators Need to Know About Hybrid DeploymentsWhat Exchange Administrators Need to Know About Hybrid Deployments
What Exchange Administrators Need to Know About Hybrid Deployments
ENow Software
 

More from ENow Software (6)

Are you ready for Exchange 2016
Are you ready for Exchange 2016Are you ready for Exchange 2016
Are you ready for Exchange 2016
 
Deploy exchange 2016 on prem hybrid final
Deploy exchange 2016 on prem hybrid finalDeploy exchange 2016 on prem hybrid final
Deploy exchange 2016 on prem hybrid final
 
Lync & Skype Interop V2 Deep Dive - By Johan Delimon
Lync & Skype Interop  V2 Deep Dive - By Johan DelimonLync & Skype Interop  V2 Deep Dive - By Johan Delimon
Lync & Skype Interop V2 Deep Dive - By Johan Delimon
 
Troubleshooting Exchange Hybrid Deployments
Troubleshooting Exchange Hybrid DeploymentsTroubleshooting Exchange Hybrid Deployments
Troubleshooting Exchange Hybrid Deployments
 
Top 10 Tips for Supporting & Troubleshooting Lync 2013
Top 10 Tips for Supporting & Troubleshooting Lync 2013Top 10 Tips for Supporting & Troubleshooting Lync 2013
Top 10 Tips for Supporting & Troubleshooting Lync 2013
 
What Exchange Administrators Need to Know About Hybrid Deployments
What Exchange Administrators Need to Know About Hybrid DeploymentsWhat Exchange Administrators Need to Know About Hybrid Deployments
What Exchange Administrators Need to Know About Hybrid Deployments
 

Recently uploaded

Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying AheadDigital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Wask
 
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
Edge AI and Vision Alliance
 
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfHow to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
Chart Kalyan
 
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their MainframeDigital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Precisely
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
Jakub Marek
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
Tatiana Kojar
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
Zilliz
 
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
Zilliz
 
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3
FREE A4 Cyber Security Awareness  Posters-Social Engineering part 3FREE A4 Cyber Security Awareness  Posters-Social Engineering part 3
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3
Data Hops
 
WeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation TechniquesWeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation Techniques
Postman
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
Brandon Minnick, MBA
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Tosin Akinosho
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Safe Software
 
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - HiikeSystem Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
Hiike
 
5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
DanBrown980551
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
innovationoecd
 
GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)
Javier Junquera
 
SAP S/4 HANA sourcing and procurement to Public cloud
SAP S/4 HANA sourcing and procurement to Public cloudSAP S/4 HANA sourcing and procurement to Public cloud
SAP S/4 HANA sourcing and procurement to Public cloud
maazsz111
 
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup SlidesProgramming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
Zilliz
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
ssuserfac0301
 

Recently uploaded (20)

Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying AheadDigital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
 
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
 
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfHow to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
 
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their MainframeDigital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
 
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
 
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3
FREE A4 Cyber Security Awareness  Posters-Social Engineering part 3FREE A4 Cyber Security Awareness  Posters-Social Engineering part 3
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3
 
WeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation TechniquesWeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation Techniques
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
 
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - HiikeSystem Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
 
5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
 
GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)
 
SAP S/4 HANA sourcing and procurement to Public cloud
SAP S/4 HANA sourcing and procurement to Public cloudSAP S/4 HANA sourcing and procurement to Public cloud
SAP S/4 HANA sourcing and procurement to Public cloud
 
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup SlidesProgramming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
 

Identity Management Over the Horizon: What’s New and What’s Next

  • 1. IDENTITY MANAGEMENT OVER THE HORIZON: WHAT’S NEW AND WHAT’S NEXT
  • 2. Agenda • Introduction • What IdM means • Microsoft’s evolution of IdM • Preparing for next-gen IdM • The cloudy hazy future
  • 4. INTRODUCTION • Identity management (IdM) has always been a core enterprise service • If you’re using Active Directory, you’re doing IdM! • IdM services and tools are at the core of Microsoft’s cloud strategy • To stay relevant in the IT world you must • Understand what Microsoft is doing • Understand why Microsoft’s doing it • Level up your skills to match what the world will need
  • 5. Introduction • Identity management (IdM) has always been a core enterprise service • If you’re using Active Directory, you’re doing IdM! • IdM services and tools are at the core of Microsoft’s cloud strategy • To stay relevant in the IT world you must • Understand what Microsoft is doing • Understand why Microsoft’s doing it • Level up your skills to match what the world will need
  • 6. WHY IS IdM SO IMPORTANT? • Every organization depends on identities – Who is “inside” the organization? – What are they allowed to do? – What information do we know about them? – Who are our trusted partners / customers / vendors and what can they do? • Identity powers every significant enterprise application – Email, collaboration, communications – CRM, ERP, ERM – Payroll, AP/AR, forecasting • Organizations want to have a single source for the truth 6
  • 7. IDENTITY MANAGEMENT • Managing the lifecycle of these identities is a critical business requirement – CRUD – Answering authN and authZ questions – Selectively sharing and federating identity data – Consuming federated identities from partners / service providers 7
  • 8. QUESTIONS IdM CAN ANSWER • Should I authenticate this person? • What resources is this person authorized to use? • What groups is this person a member of (and what does that membership grant access to?) • What else can you tell me about the specified person? – Depends on which attributes you make visible 8 ?
  • 9. CURRENT TRENDS IN IdM Use a single directory for multiple applications Eliminate multiple credentials – Thus improving both security and convenience Outsource authentication – Between multiple cloud services – From cloud services to your on-prem directory
  • 11. ACTIVE DIRECTORY: LONG LIVE THE KING • We have had on-prem Windows AD since 1999 • We will probably have it for at least another 15-20 years • …let that thought sink in for a minute! • It is overwhelmingly the dominant on-prem IdM environment • Good points • Mature • Well-understood • Very large support ecosystem (people, training, tools, etc.) 11
  • 12. AZURE ACTIVE DIRECTORY • Azure Active Directory is the heir apparent for on-prem AD • It offers a similar set of IdM features • It’s not an exact 1:1 replacement for on-prem AD • E.g. currently no support for GPOs, file/print, etc. 12
  • 13. AZURE ACTIVE DIRECTORY Read between the lines at azure.microsoft.com/en-us/services/active-directory comprehensive identity and access management cloud solution” “ Enable single sign-on to simplify user access to thousands of cloud applications” “ Extend Active Directory... to Azure Active Directory to enable single sign-on for all cloud-based applications” “ …offers developers an effective way to integrate identity management into their applications” “
  • 14. AZURE AD AND OFFICE 365 • Sign up for O365 and you get “invisible AAD” • It’s really called AAD Free • Logical target for dirsync operations • Basic IdM operations only: no extensibility • Upgrade at no cost to AAD Basic • Extensibility and application integration (“so what?” you ask…) • More supported objects • Better reporting
  • 15. AZURE AD PREMIUM • Azure AD Premium adds a bunch of features • Multi-factor application for your own apps (not just O365) • MFA for on-prem apps • Self-service group management • Extended writeback • Larger object capacities • Much more customization and extensibility • Includes MIM licenses • AAD Connect Health • Mobile device auto-enrollment • Often sold as part of Enterprise Mobility Suite • $6/user/month MSRP
  • 16. DO YOU NEED AAD PREMIUM? • Microsoft hopes so! • Getting you to buy it is a key part of their strategy • What’s worth getting depends on your needs • MFA for on-prem / cloud apps • Integration with Salesforce, PeopleSoft, etc. • Desire to be a guinea pig
  • 17. EVOLUTION AND MICROSOFT TOOLS • High rate of change • Core AAD features aren’t going to change • Lots of enhancements / small nibbles going forward • Documentation often lags • Support tools are trying to catch up • Overall platform direction is clearly “to the cloud!”
  • 18. AN EXAMPLE OF EVOLUTION • Microsoft’s primary supported dirsync tool is the new AADConnect – Combines dirsync, federation prep, troubleshooting in one tool – RTM’d in early July 2015; already had 2 updates – Latest in a long line of FIM descendants – Shows its heritage – Still missing a few things 18
  • 19. WHAT’S IN IT FOR ME?
  • 20. IdM SKILL EVOLUTION ACTIVE DIRECTORY • Design it once, operate it forever… at least until new versions • Need for AD-specific skills: schema management, etc. • High premium on troubleshooting skills • Lots of 3rd-party tools to “deskill” tasks such as group management AZURE AD • No design, no operations (e.g. patching servers, updating schema) • Skills shift towards integration • Troubleshooting requirements shift • New emphasis on remote monitoring / health checks • Microsoft is doing its own deskilling
  • 21. IdM SKILL EVOLUTION • Every Exchange / Skype / SharePoint / AD admin needs the following • PowerShell fluency: be comfortable in the CLI, be able to read others’ scripts • Basic management for dirsync and federation • Knowledge / comfort with Office 365/Azure support model • Sometimes “I don’t know” is the best you’ll get • Cross-boundary product knowledge • E.g. Exchange folks, you need to have basic SPO knowledge, and vice versa • This is the minimum set of requirements!
  • 22. IdM SKILL EVOLUTION++ • To set yourself apart, you need to be able to • Write / debug your own PowerShell scripts • Pick apart business processes and adapt them to Office 365 • Perform advanced troubleshooting of multiple O365 workloads • Expand beyond the traditional boundaries of whatever workload you manage • Take on new workloads • Communicate fluently, in writing and verbally, about AAD and O365 • Advocate its value inside the organization • Understand and be able to articulate its shortcomings without bashing
  • 23. IdM: THE FUTURE • Microsoft is not going to back off its emphasis on AAD • It powers Office 365 • They want it to power more and more on-prem workloads • Expect significant new capabilities in Windows Server 2016 • It is unlikely that another challenger will appear • Competitors exist for specific AAD capabilities (e.g. Ping / Okta for federation) • No one except Amazon seems interested in spending required to compete for on-prem replacement NO GOING BACK
  • 24. IdM: THE FUTURE • Tons of training and prep material exists • Free Microsoft Virtual Academy / MSDN / Channel 9 resources • Excellent online courses from Pluralsight and others • Try-before-you-buy Azure plans • Azure credits in MSDN • Your employer isn’t going to necessarily provide these skills for you • But when they want them, you’d better have them handy!
  • 25. Q & A