SlideShare a Scribd company logo

Integrating your on-premises Active Directory with Azure and Office 365

Download as PPTX, PDF
N
nelmedia

How's and Why's of integrating on-premises AD with Azure & Office 365

Technology
1 of 63
Integrating Your On-Premises Active Directory with Azure and Office 365 Mike Nelson Solutions Architect - nGenX Level: Intermediate
Who Is This Guy? • Solutions Architect – nGenX • 25 years in tech • CTP - vExpert - MCSE-PC • mike.nelson@ngenx.com • Twitter - @nelmedia Mike Nelson 2014
What Are We Going To Talk About? • Azure Active Directory & Office 365 • Integration, Synchronization & Migration • Administration & Troubleshooting • Tools / Tips Mike Nelson 2014
What Are We Going To Do? • Create a new local AD • Create a new Azure AD Instance • Setup Sync • Play around a bit Mike Nelson 2014
Updates I like to draw ;-) Updated slides, drawings, etc. http://1drv.ms/1oHyZz0 Mike Nelson 2014
Prerequisites • Get a Live ID account – http://signup.live.com • Get an Azure Trial & VHD - http://aka.ms/R2 – Select “Windows 2012 R2 Datacenter on Azure” (also have pre-config’d copies to distribute) • Pick a domain name (variant of “contoso” is recommended – ex. contoso611.onmicrosoft.com • You must have a hypervisor installed/enabled on your laptop to run a lab VM Mike Nelson 2014
Prerequisites • Hypervisors (download trials if needed) – For Win 8.x, use Hyper-V role or VMware Workstation – For Win 7.x, use VMware Workstation – For Mac, use Fusion • Image provided on the DVD’s or USB drives – Server 2012 R2 Datacenter VHD file & OVF package – You can also build your own 2012 R2 VM or use an existing one you have with no AD role installed Mike Nelson 2014
Import VM • Need 7GB free for disk file • OVF file can be imported for VMware – VMware Fusion - http://bit.ly/1lCLNjO – VMware Workstation - http://bit.ly/1jNSW1h • Hyper-V import VHD as IDE - http://bit.ly/1rpoQZi • Administrator – P@ssw0rd Mike Nelson 2014
Mike Nelson 2014
Let’s Talk AD, AAD & O365 Windows Server Active Directory Azure Active Directory Free Azure Active Directory Tenant Azure Active Directory Premium Mike Nelson 2014
• Scenario 1 Subscriptions • No Azure subscription & no Office 365 subscription • Sign up for Azure first as an Organization – https://account.windowsazure.com/organization • Add your domain to Azure AD & then sign up for Office 365 using org account • Scenario 2 • Office 365 subscription, but no Azure subscription • You already have an AAD Tenant • Sign up for Azure using your org account
• Scenario 3 Subscriptions • Office 365 subscription with Org Account & Azure subscription with Microsoft ID • Already have AAD Tenant, but must be joined via org account • Sign in to Azure with org account • Add LiveID to Azure AD • Sign in to Azure with LiveID • Go to Settings and Edit Directory • Set default directory to Org directory • Add org account as Co-Administrator
Windows Azure AD vs AD on Windows Azure IaaS On Premise VM w/ AD on Azure IaaS
Identity for Microsoft cloud services Microsoft Account Microsoft Azure Active Directory Microsoft Account Ex: alice@outlook.com User Organizational Account Ex: alice@contoso.com User
Office 365 Identity Models
Identity Synchronization and Federation WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API
Cloud identity model
Synchronized identity model
Identities Everywhere Windows Azure Active Directory
What Else Uses Identity?
It’s All About Sync S S O Single SignOn Requires ADFS – seamless experience Same SignOn Second credential entry – a compromise
SSO and Office 365 • Admin View – Single Credential to manage – Single place to manage polices – on-premises workstation restrictions etc – IDP is your AD • User View – I have a single credential – I may be prompted to enter it more than once, but is always the same credential
SSO Alternatives & SAML • Pros, Cons, Needs, and Wants Centrify OneLogin Okta PingFederate Optimal IDM IBM Tivoli FIM PacketOne SiteMinder
• • • • • Directory Integration options Microsoft Dynamics CRM Passwords
Sync Options
Directory Sync - AADSync
Password Sync • Synchronizes user password hash from your on-premises Active Directory to Azure Active Directory (pretty secure) – mainly for Self-Service reset • Doesn’t require something to be installed on all DC’s • Users can use the same credentials to login into both on-premises • No additional infrastructure required on premises • No dependency on on-premises infrastructure for authentication • Password Write-Back is coming in AADSync – in latest DirSync now
Password Sync** • Password complexity policies configured in the on-premises AD apply in the cloud, i.e. you mange them on-premises. • Cloud password is set to ‘Never Expire’ • Users cannot change their password in the cloud except via self-service mechanism • Admins can reset user’s password on the cloud*
AADConnect
ADFS • Not Multi-Forest • Parent & Child domains
ADFS • Plan for capacity • More infrastructure - SQL or WID, WAAP, multiple ADFS servers • More administration - service accounts, DBA, certificates, Claims, etc.
Use Sync As Backup for ADFS http://bit.ly/1lQvPmm http://social.technet.microsoft.com/wiki/contents/articles/17857.dirsync-how-to- switch-from-single-sign-on-to-password-sync.aspx
Typical AD FS deployment on-premises…
…Compromise when moving to Azure
Password Sync vs. Single Sign-On Password Sync Single Sign-On (ADFS) Same password to access resources X X Control password policies on-premises X X Support for multi-factor authentication X * X No password re-entry if on premises X Authentication occurs in on premises directory X Client access filtering X * Limited Support
AD Deployment Models in Azure • AD Forest in Azure • Static IP via PowerShell • AD Extended from On-Premises Network • Azure VNet w/P2P or S2S required • Static IP via PowerShell • Azure AD As A Service • Commercial providers • Directory Services As A Service
AD Forest in Isolated Azure VNet Data-Tier 10.2.2.0/24 Backend 10.2.1.0/24 Microsoft Azure Virtual Network - 10.2.x fe2 fe1 SharePoint SQL contoso.corp Collab-Tier 10.2.3.0/24 Frontend 10.2.4.0/24 Availability Set Availability Set dc1/dns 10.2.1.4/24 dc2/dns 10.2.1.5/24 Load-Balancer fe3 Availability Set © 2014 Yung Chou. 43
Hybrid Cloud with Azure VNet and P2S Microsoft Azure Virtual Network Site Backend 10.2.1.0/24 Availability SharePoint SQL Microsoft Azure Virtual Network - 10.2.x contoso.cor p Point-to-Site VPN Data-Tier 10.2.2.0/24 Collab-Tier 10.2.3.0/24 Frontend 10.2.4.0/24 Set fe2 fe1 dc1/dns 10.2.1.4/24 dc2/dns 10.2.1.5/24 Load-Balancer fe3 Availability Set © 2014 Yung Chou. Point-to-Site VPN 44
Hybrid Cloud with Azure VNet and Microsoft Azure Virtual Network Site SharePoint SQL Microsoft Azure Virtual Network - 10.2.x contoso.corp Windows Server 2012 R2 as a VPN gateway On-premises Active Directory establishment Site-to-Site VPN Point-to-Site VPN Data-Tier 10.2.2.0/24 Collab-Tier 10.2.3.0/24 Backend 10.2.1.0/24 Availability Frontend 10.2.4.0/24 Set fe2 fe1 dc1/dns 10.2.1.4/24 dc2/dns 10.2.1.5/24 Load-Balancer fe3 Availability Set © 2014 Yung Chou. S2S/P2S 45
What About Virtualizing AD? Is it safe to do? Yes, but you need to plan carefully The role The network The disk The clock Mike Nelson 2014
What About WAADMS?
First Things First • Plan for AAD Sync & manually check AD • DNS – Lower your TTL • UPN suffixes must exist! • Add & verify all SMTP domains • Set Password Expiration flag via PowerShell • Run idfix
First Things First • Use the VM Readiness Assessment tool! • ADModify (codeplex) to bulk modify AD • Use PowerShell to provide info & delete if your gutsy!
Tools for Administration • Azure Portal • Office365 Admin Center • Local AD Tools • PowerShell! Mike Nelson 2014
Tools for Troubleshooting • idFix • Microsoft RCA (web / client) https://testconnectivity.microsoft.com/ • Troubleshooting AAD Sync http://support.microsoft.com/kb/2684395 Mike Nelson 2014
Tools for Troubleshooting • PowerShell • MsiiClient for AAD Sync • ADSI Edit • ADPlus.vbs • On-Ramp (O365 setup) Mike Nelson 2014
Tips • Always create a Company Administrator (formerly Global Administrator) account that is “In Cloud” • Rollback from Federated domain to Standard requires O365 password reset • ADFS – Parent certificate covers children Mike Nelson 2014
Tips • Use Sync as backup for ADFS • Update the ADFS Relying Party Metadata periodically – Update-MSOLFederatedDomain –DomainName:<domain name> – Use –supportmultipledomain switch if needed – Scheduled task script • ADFS – Parent certificate covers children – Using the –supportmultipledomains switch is required when multiple top-level domains are federated by using the same AD FS federation service • Testing ADFS – https://<adfs_url>/adfs/ls/idpinitiatedsignon.aspx Mike Nelson 2014 –supportmultipledomains
Sync Tips • AAD Sync runs every 3 hours, Password sync runs every 2 minutes. Both can be forced via PoSH – Start-OnlineCoexistenceSync -FullSync • Online portal can take a very long time to update • “Technical Contact” will get all the emails • To determine Sync version – PowerShell (GP 'hklm:SOFTWAREMicrosoftWindowsCurrentVersionUninstallMicro soft Online Directory Sync').DisplayVersion Mike Nelson 2014
Sync Tips • When filtering OU’s in Sync, remove unused Run Steps • Always use latest version of Sync • Upgrade is painless – Local SQL, just run the install – Standalone SQL, need to connect to DB & upgrade • When in doubt – Force a Sync • PoSH module – import-module DirSync Mike Nelson 2014
Demo Lab Setup • Get a Live ID account – http://signup.live.com • Get an Azure Trial - http://bit.ly/1zaeXB4 • Add & configure Azure AD • Create local AD – Import pre-made 2012R2 server VM – Add AD role Mike Nelson 2014
The Lab • Power on the VM • Login as administrator – P@ssw0rd • Add the AD role – don’t worry about DNS messages • Once role installed, configure it. The AD Forest should be “corp.com” • Reboot the VM once AD config is complete Mike Nelson 2014
The Lab • Login as <domain>administrator – P@ssw0rd • Right-click on PowerShell icon in taskbar and click Run As Administrator • Enter “set-executionpolicy unrestricted” and hit enter • Open Explorer and go to C:scripts • Right-click and edit “createusers.ps1” (should open in ISE) Mike Nelson 2014
The Lab • Change domain name to your domain name (You can also do these steps manually via the MMC if you wish) • Save the file and run it. A new OU called O365Users should be created in your AD • With ISE still open, open the “createusers.ps1” file. Change the domain name to your domain name. • Save the file and run it. Users should now appear in that O365Users OU. • Close ISE Mike Nelson 2014
The Lab • Open a browser on your local machine and create your MS Live ID account • Go to fasttrack.office.com and sign up for a Enterprise demo. Pick a domain name. Highly recommended to pick a variant of “contoso.com” (ex. contoso611.com) • Once signup is complete, login to Office365 with new credentials • Create Azure account using same credentials Mike Nelson 2014
The Lab • Back in the VM, in Explorer, double click the C:Deployment ToolsLdfixLdfix.exe • Query your domain • Fix any issues • Install DirSync • Configure DirSync • Sync objects Mike Nelson 2014

Recommended

Azure Active Directory - An Introduction
Azure Active Directory - An IntroductionAzure Active Directory - An Introduction
Azure Active Directory - An IntroductionVenkatesh Narayanan
 
All Plans Comparison - Office 365 and Microsoft 365 Plans
All Plans Comparison - Office 365 and Microsoft 365 PlansAll Plans Comparison - Office 365 and Microsoft 365 Plans
All Plans Comparison - Office 365 and Microsoft 365 PlansGetMax DMCC
 
Azure 101
Azure 101Azure 101
Azure 101Korry Lavoie
 
Azure active directory
Azure active directoryAzure active directory
Azure active directoryRaju Kumar
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active DirectoryDavid J Rosenthal
 
Understanding Azure AD
Understanding Azure ADUnderstanding Azure AD
Understanding Azure ADNew Horizons Ireland
 
Introduction to Azure
Introduction to AzureIntroduction to Azure
Introduction to AzureRobert Crane
 
Microsoft Active Directory
Microsoft Active DirectoryMicrosoft Active Directory
Microsoft Active Directorythebigredhemi
 

Recommended

Azure Active Directory - An Introduction
Azure Active Directory - An IntroductionAzure Active Directory - An Introduction
Azure Active Directory - An IntroductionVenkatesh Narayanan
 
All Plans Comparison - Office 365 and Microsoft 365 Plans
All Plans Comparison - Office 365 and Microsoft 365 PlansAll Plans Comparison - Office 365 and Microsoft 365 Plans
All Plans Comparison - Office 365 and Microsoft 365 PlansGetMax DMCC
 
Azure 101
Azure 101Azure 101
Azure 101Korry Lavoie
 
Azure active directory
Azure active directoryAzure active directory
Azure active directoryRaju Kumar
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active DirectoryDavid J Rosenthal
 
Understanding Azure AD
Understanding Azure ADUnderstanding Azure AD
Understanding Azure ADNew Horizons Ireland
 
Introduction to Azure
Introduction to AzureIntroduction to Azure
Introduction to AzureRobert Crane
 
Microsoft Active Directory
Microsoft Active DirectoryMicrosoft Active Directory
Microsoft Active Directorythebigredhemi
 
Visualizing Big Data Insights with Amazon QuickSight
Visualizing Big Data Insights with Amazon QuickSightVisualizing Big Data Insights with Amazon QuickSight
Visualizing Big Data Insights with Amazon QuickSightAmazon Web Services
 
Microsoft Azure Overview Class 1
Microsoft Azure Overview Class 1Microsoft Azure Overview Class 1
Microsoft Azure Overview Class 1MH Muhammad Ali
 
SharePoint Overview
SharePoint OverviewSharePoint Overview
SharePoint OverviewAmy Phillips
 
SCCM Intune Windows 10 Co Management Architecture Decisions
SCCM Intune Windows 10 Co Management Architecture DecisionsSCCM Intune Windows 10 Co Management Architecture Decisions
SCCM Intune Windows 10 Co Management Architecture DecisionsAnoop Nair
 
Azure storage
Azure storageAzure storage
Azure storageAdam Skibicki
 
Active directory and application
Active directory and applicationActive directory and application
Active directory and applicationaminpathan11
 
Active Directory
Active DirectoryActive Directory
Active DirectorySmall World Group L.L.C
 
Introducing Azure Arc
Introducing Azure ArcIntroducing Azure Arc
Introducing Azure ArcMohamed Wali
 
3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AAD3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AADAndrew Bettany
 
Compliant Collaboration In Microsoft 365
Compliant Collaboration In Microsoft 365Compliant Collaboration In Microsoft 365
Compliant Collaboration In Microsoft 365Richard Harbridge
 
Managing iOS with Microsoft Intune
Managing iOS with Microsoft IntuneManaging iOS with Microsoft Intune
Managing iOS with Microsoft IntuneSimon May
 
Office 365 overview
Office 365 overviewOffice 365 overview
Office 365 overviewCarefreeIT
 
Az 104 session 5: Azure networking
Az 104 session 5: Azure networkingAz 104 session 5: Azure networking
Az 104 session 5: Azure networkingAzureEzy1
 
Migrate to Microsoft Azure with Confidence
Migrate to Microsoft Azure with ConfidenceMigrate to Microsoft Azure with Confidence
Migrate to Microsoft Azure with ConfidenceDavid J Rosenthal
 
Cloud Migration - CCS Technologies (P) Ltd.
Cloud Migration - CCS Technologies (P) Ltd.Cloud Migration - CCS Technologies (P) Ltd.
Cloud Migration - CCS Technologies (P) Ltd.CCS Technologies (P) Ltd.
 
Introduction to Microsoft 365 Business
Introduction to Microsoft 365 BusinessIntroduction to Microsoft 365 Business
Introduction to Microsoft 365 BusinessRobert Crane
 
Office 365 migration
Office 365 migrationOffice 365 migration
Office 365 migrationMotty Ben Atia
 
Microsoft AZ-900 Dumps Questions
Microsoft AZ-900 Dumps QuestionsMicrosoft AZ-900 Dumps Questions
Microsoft AZ-900 Dumps QuestionsBraindumps4IT
 
Azure-AD.pptx
Azure-AD.pptxAzure-AD.pptx
Azure-AD.pptxssuser9dddf7
 
Azure Storage
Azure StorageAzure Storage
Azure StorageMustafa
 
Azure Active Directory, Practical Guide
Azure Active Directory, Practical GuideAzure Active Directory, Practical Guide
Azure Active Directory, Practical GuideSasha Rosenbaum
 
A Developer's Introduction to Azure Active Directory B2C
A Developer's Introduction to Azure Active Directory B2CA Developer's Introduction to Azure Active Directory B2C
A Developer's Introduction to Azure Active Directory B2CJohn Garland
 

More Related Content

What's hot

Visualizing Big Data Insights with Amazon QuickSight
Visualizing Big Data Insights with Amazon QuickSightVisualizing Big Data Insights with Amazon QuickSight
Visualizing Big Data Insights with Amazon QuickSightAmazon Web Services
 
Microsoft Azure Overview Class 1
Microsoft Azure Overview Class 1Microsoft Azure Overview Class 1
Microsoft Azure Overview Class 1MH Muhammad Ali
 
SharePoint Overview
SharePoint OverviewSharePoint Overview
SharePoint OverviewAmy Phillips
 
SCCM Intune Windows 10 Co Management Architecture Decisions
SCCM Intune Windows 10 Co Management Architecture DecisionsSCCM Intune Windows 10 Co Management Architecture Decisions
SCCM Intune Windows 10 Co Management Architecture DecisionsAnoop Nair
 
Active directory and application
Active directory and applicationActive directory and application
Active directory and applicationaminpathan11
 
Introducing Azure Arc
Introducing Azure ArcIntroducing Azure Arc
Introducing Azure ArcMohamed Wali
 
3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AAD3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AADAndrew Bettany
 
Compliant Collaboration In Microsoft 365
Compliant Collaboration In Microsoft 365Compliant Collaboration In Microsoft 365
Compliant Collaboration In Microsoft 365Richard Harbridge
 
Managing iOS with Microsoft Intune
Managing iOS with Microsoft IntuneManaging iOS with Microsoft Intune
Managing iOS with Microsoft IntuneSimon May
 
Office 365 overview
Office 365 overviewOffice 365 overview
Office 365 overviewCarefreeIT
 
Az 104 session 5: Azure networking
Az 104 session 5: Azure networkingAz 104 session 5: Azure networking
Az 104 session 5: Azure networkingAzureEzy1
 
Migrate to Microsoft Azure with Confidence
Migrate to Microsoft Azure with ConfidenceMigrate to Microsoft Azure with Confidence
Migrate to Microsoft Azure with ConfidenceDavid J Rosenthal
 
Introduction to Microsoft 365 Business
Introduction to Microsoft 365 BusinessIntroduction to Microsoft 365 Business
Introduction to Microsoft 365 BusinessRobert Crane
 
Microsoft AZ-900 Dumps Questions
Microsoft AZ-900 Dumps QuestionsMicrosoft AZ-900 Dumps Questions
Microsoft AZ-900 Dumps QuestionsBraindumps4IT
 
Azure Storage
Azure StorageAzure Storage
Azure StorageMustafa
 

What's hot (20)

Visualizing Big Data Insights with Amazon QuickSight
Visualizing Big Data Insights with Amazon QuickSightVisualizing Big Data Insights with Amazon QuickSight
Visualizing Big Data Insights with Amazon QuickSight
 
Microsoft Azure Overview Class 1
Microsoft Azure Overview Class 1Microsoft Azure Overview Class 1
Microsoft Azure Overview Class 1
 
SharePoint Overview
SharePoint OverviewSharePoint Overview
SharePoint Overview
 
SCCM Intune Windows 10 Co Management Architecture Decisions
SCCM Intune Windows 10 Co Management Architecture DecisionsSCCM Intune Windows 10 Co Management Architecture Decisions
SCCM Intune Windows 10 Co Management Architecture Decisions
 
Azure storage
Azure storageAzure storage
Azure storage
 
Active directory and application
Active directory and applicationActive directory and application
Active directory and application
 
Active Directory
Active DirectoryActive Directory
Active Directory
 
Introducing Azure Arc
Introducing Azure ArcIntroducing Azure Arc
Introducing Azure Arc
 
3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AAD3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AAD
 
Compliant Collaboration In Microsoft 365
Compliant Collaboration In Microsoft 365Compliant Collaboration In Microsoft 365
Compliant Collaboration In Microsoft 365
 
Managing iOS with Microsoft Intune
Managing iOS with Microsoft IntuneManaging iOS with Microsoft Intune
Managing iOS with Microsoft Intune
 
Office 365 overview
Office 365 overviewOffice 365 overview
Office 365 overview
 
Az 104 session 5: Azure networking
Az 104 session 5: Azure networkingAz 104 session 5: Azure networking
Az 104 session 5: Azure networking
 
Migrate to Microsoft Azure with Confidence
Migrate to Microsoft Azure with ConfidenceMigrate to Microsoft Azure with Confidence
Migrate to Microsoft Azure with Confidence
 
Cloud Migration - CCS Technologies (P) Ltd.
Cloud Migration - CCS Technologies (P) Ltd.Cloud Migration - CCS Technologies (P) Ltd.
Cloud Migration - CCS Technologies (P) Ltd.
 
Introduction to Microsoft 365 Business
Introduction to Microsoft 365 BusinessIntroduction to Microsoft 365 Business
Introduction to Microsoft 365 Business
 
Office 365 migration
Office 365 migrationOffice 365 migration
Office 365 migration
 
Microsoft AZ-900 Dumps Questions
Microsoft AZ-900 Dumps QuestionsMicrosoft AZ-900 Dumps Questions
Microsoft AZ-900 Dumps Questions
 
Azure-AD.pptx
Azure-AD.pptxAzure-AD.pptx
Azure-AD.pptx
 
Azure Storage
Azure StorageAzure Storage
Azure Storage
 

Viewers also liked

Azure Active Directory, Practical Guide
Azure Active Directory, Practical GuideAzure Active Directory, Practical Guide
Azure Active Directory, Practical GuideSasha Rosenbaum
 
A Developer's Introduction to Azure Active Directory B2C
A Developer's Introduction to Azure Active Directory B2CA Developer's Introduction to Azure Active Directory B2C
A Developer's Introduction to Azure Active Directory B2CJohn Garland
 
Windows Azure Active Directory
Windows Azure Active DirectoryWindows Azure Active Directory
Windows Azure Active DirectoryPavel Revenkov
 
Windows Azure Active Directory: Identity Management in the Cloud
Windows Azure Active Directory: Identity Management in the CloudWindows Azure Active Directory: Identity Management in the Cloud
Windows Azure Active Directory: Identity Management in the CloudChris Dufour
 
Azure Active Directory
Azure Active DirectoryAzure Active Directory
Azure Active DirectorySovelto
 
Implementing Azure Active Directory Connect and more
Implementing Azure Active Directory Connect and moreImplementing Azure Active Directory Connect and more
Implementing Azure Active Directory Connect and moreJason Himmelstein
 
Getting the most out of RDS (Terminal Services)
Getting the most out of RDS (Terminal Services)Getting the most out of RDS (Terminal Services)
Getting the most out of RDS (Terminal Services)Amit Gatenyo
 
DevOps in Azure : Puppetize the Cloud
DevOps in Azure : Puppetize the CloudDevOps in Azure : Puppetize the Cloud
DevOps in Azure : Puppetize the CloudUtkarsh Pandey
 
Server 2012 r2 remote desktop services
Server 2012 r2 remote desktop servicesServer 2012 r2 remote desktop services
Server 2012 r2 remote desktop servicesNihat ALTINMAKAS
 
DevOps With Chef and Azure
DevOps With Chef and AzureDevOps With Chef and Azure
DevOps With Chef and AzureMatt Stratton
 
Azure Active Directory : on fait le point
Azure Active Directory : on fait le pointAzure Active Directory : on fait le point
Azure Active Directory : on fait le pointMaxime Rastello
 
Remote Desktop Services - Who Needs It?
Remote Desktop Services - Who Needs It?Remote Desktop Services - Who Needs It?
Remote Desktop Services - Who Needs It?Aventis Systems, Inc.
 
Hacking Microsoft Remote Desktop Services for Fun and Profit
Hacking Microsoft Remote Desktop Services for Fun and ProfitHacking Microsoft Remote Desktop Services for Fun and Profit
Hacking Microsoft Remote Desktop Services for Fun and ProfitAlisa Esage Шевченко
 
Lumagate Microsoft Azure RemoteApp Webinar
Lumagate Microsoft Azure RemoteApp WebinarLumagate Microsoft Azure RemoteApp Webinar
Lumagate Microsoft Azure RemoteApp WebinarMorgan Simonsen
 
Migrating Legacy On-Premise Applications to SharePoint Online and Windows Azure
Migrating Legacy On-Premise Applications to SharePoint Online and Windows AzureMigrating Legacy On-Premise Applications to SharePoint Online and Windows Azure
Migrating Legacy On-Premise Applications to SharePoint Online and Windows AzureEric Shupps
 
Hybrid SharePoint - Office 365 & On-prem SharePoint 2013 -part2
Hybrid SharePoint - Office 365 & On-prem SharePoint 2013 -part2Hybrid SharePoint - Office 365 & On-prem SharePoint 2013 -part2
Hybrid SharePoint - Office 365 & On-prem SharePoint 2013 -part2WinWire Technologies Inc
 

Viewers also liked (20)

Azure Active Directory, Practical Guide
Azure Active Directory, Practical GuideAzure Active Directory, Practical Guide
Azure Active Directory, Practical Guide
 
A Developer's Introduction to Azure Active Directory B2C
A Developer's Introduction to Azure Active Directory B2CA Developer's Introduction to Azure Active Directory B2C
A Developer's Introduction to Azure Active Directory B2C
 
SSAS Azure RemoteApp
SSAS Azure RemoteAppSSAS Azure RemoteApp
SSAS Azure RemoteApp
 
Windows Azure Active Directory
Windows Azure Active DirectoryWindows Azure Active Directory
Windows Azure Active Directory
 
Windows Azure Active Directory: Identity Management in the Cloud
Windows Azure Active Directory: Identity Management in the CloudWindows Azure Active Directory: Identity Management in the Cloud
Windows Azure Active Directory: Identity Management in the Cloud
 
Azure Active Directory
Azure Active DirectoryAzure Active Directory
Azure Active Directory
 
Implementing Azure Active Directory Connect and more
Implementing Azure Active Directory Connect and moreImplementing Azure Active Directory Connect and more
Implementing Azure Active Directory Connect and more
 
Getting the most out of RDS (Terminal Services)
Getting the most out of RDS (Terminal Services)Getting the most out of RDS (Terminal Services)
Getting the most out of RDS (Terminal Services)
 
DevOps in Azure : Puppetize the Cloud
DevOps in Azure : Puppetize the CloudDevOps in Azure : Puppetize the Cloud
DevOps in Azure : Puppetize the Cloud
 
Building Azure Remoteapp
Building Azure RemoteappBuilding Azure Remoteapp
Building Azure Remoteapp
 
DevOps for Azure
DevOps for AzureDevOps for Azure
DevOps for Azure
 
Server 2012 r2 remote desktop services
Server 2012 r2 remote desktop servicesServer 2012 r2 remote desktop services
Server 2012 r2 remote desktop services
 
DevOps With Chef and Azure
DevOps With Chef and AzureDevOps With Chef and Azure
DevOps With Chef and Azure
 
Azure Active Directory : on fait le point
Azure Active Directory : on fait le pointAzure Active Directory : on fait le point
Azure Active Directory : on fait le point
 
Azure AD Connect
Azure AD ConnectAzure AD Connect
Azure AD Connect
 
Remote Desktop Services - Who Needs It?
Remote Desktop Services - Who Needs It?Remote Desktop Services - Who Needs It?
Remote Desktop Services - Who Needs It?
 
Hacking Microsoft Remote Desktop Services for Fun and Profit
Hacking Microsoft Remote Desktop Services for Fun and ProfitHacking Microsoft Remote Desktop Services for Fun and Profit
Hacking Microsoft Remote Desktop Services for Fun and Profit
 
Lumagate Microsoft Azure RemoteApp Webinar
Lumagate Microsoft Azure RemoteApp WebinarLumagate Microsoft Azure RemoteApp Webinar
Lumagate Microsoft Azure RemoteApp Webinar
 
Migrating Legacy On-Premise Applications to SharePoint Online and Windows Azure
Migrating Legacy On-Premise Applications to SharePoint Online and Windows AzureMigrating Legacy On-Premise Applications to SharePoint Online and Windows Azure
Migrating Legacy On-Premise Applications to SharePoint Online and Windows Azure
 
Hybrid SharePoint - Office 365 & On-prem SharePoint 2013 -part2
Hybrid SharePoint - Office 365 & On-prem SharePoint 2013 -part2Hybrid SharePoint - Office 365 & On-prem SharePoint 2013 -part2
Hybrid SharePoint - Office 365 & On-prem SharePoint 2013 -part2
 

Similar to Integrating your on-premises Active Directory with Azure and Office 365

Directory Synchronization Single Sign-On in Office 365
Directory Synchronization Single Sign-On in Office 365Directory Synchronization Single Sign-On in Office 365
Directory Synchronization Single Sign-On in Office 365InnoTech
 
Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure Jethro Seghers
 
Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure Jethro Seghers
 
Understanding Azure AD Webinar Presentation
Understanding Azure AD Webinar PresentationUnderstanding Azure AD Webinar Presentation
Understanding Azure AD Webinar PresentationNew Horizons Ireland
 
Deploying asp.net and mvc applications to azure
Deploying asp.net and mvc applications to azureDeploying asp.net and mvc applications to azure
Deploying asp.net and mvc applications to azureGlyn Darkin
 
Moving from SBS to Azure
Moving from SBS to AzureMoving from SBS to Azure
Moving from SBS to AzureRobert Crane
 
Navigating the turbulence on takeoff: Setting up SharePoint on Azure IaaS the...
Navigating the turbulence on takeoff: Setting up SharePoint on Azure IaaS the...Navigating the turbulence on takeoff: Setting up SharePoint on Azure IaaS the...
Navigating the turbulence on takeoff: Setting up SharePoint on Azure IaaS the...Jason Himmelstein
 
Best Practices for Integrating Active Directory with AWS Workloads
Best Practices for Integrating Active Directory with AWS WorkloadsBest Practices for Integrating Active Directory with AWS Workloads
Best Practices for Integrating Active Directory with AWS WorkloadsAmazon Web Services
 
Deploy, Scale and Manage your Microsoft Investments with AWS
Deploy, Scale and Manage your Microsoft Investments with AWSDeploy, Scale and Manage your Microsoft Investments with AWS
Deploy, Scale and Manage your Microsoft Investments with AWSAmazon Web Services
 
Microsoft Azure Hybrid Cloud - Getting Started For Techies
Microsoft Azure Hybrid Cloud - Getting Started For TechiesMicrosoft Azure Hybrid Cloud - Getting Started For Techies
Microsoft Azure Hybrid Cloud - Getting Started For TechiesAidan Finn
 
Amazon WorkSpaces - Fully Managed Desktops in the Cloud
Amazon WorkSpaces - Fully Managed Desktops in the Cloud Amazon WorkSpaces - Fully Managed Desktops in the Cloud
Amazon WorkSpaces - Fully Managed Desktops in the Cloud Amazon Web Services
 
Using Windows Azure for Solving Identity Management Challenges
Using Windows Azure for Solving Identity Management ChallengesUsing Windows Azure for Solving Identity Management Challenges
Using Windows Azure for Solving Identity Management ChallengesMichael Collier
 
Deploy, Scale and Manage your Microsoft Investments with AWS
Deploy, Scale and Manage your Microsoft Investments with AWSDeploy, Scale and Manage your Microsoft Investments with AWS
Deploy, Scale and Manage your Microsoft Investments with AWSAmazon Web Services
 
Deploy, Scale and Manage your Microsoft Investments with AWS
Deploy, Scale and Manage your Microsoft Investments with AWS Deploy, Scale and Manage your Microsoft Investments with AWS
Deploy, Scale and Manage your Microsoft Investments with AWS Amazon Web Services
 
Geek Sync | Taking Your First Steps to the Cloud—Building a Hybrid Model
Geek Sync | Taking Your First Steps to the Cloud—Building a Hybrid ModelGeek Sync | Taking Your First Steps to the Cloud—Building a Hybrid Model
Geek Sync | Taking Your First Steps to the Cloud—Building a Hybrid ModelIDERA Software
 
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...Amazon Web Services
 
Office 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsOffice 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsamitchachra
 
Što danas zamjenjuje Small Business Server?
Što danas zamjenjuje Small Business Server?Što danas zamjenjuje Small Business Server?
Što danas zamjenjuje Small Business Server?Tomislav Lulic
 
Should I move my database to the cloud?
Should I move my database to the cloud?Should I move my database to the cloud?
Should I move my database to the cloud?James Serra
 
Share point 2013 in a hybrid world
Share point 2013 in a hybrid worldShare point 2013 in a hybrid world
Share point 2013 in a hybrid worldJethro Seghers
 

Similar to Integrating your on-premises Active Directory with Azure and Office 365 (20)

Directory Synchronization Single Sign-On in Office 365
Directory Synchronization Single Sign-On in Office 365Directory Synchronization Single Sign-On in Office 365
Directory Synchronization Single Sign-On in Office 365
 
Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure
 
Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure
 
Understanding Azure AD Webinar Presentation
Understanding Azure AD Webinar PresentationUnderstanding Azure AD Webinar Presentation
Understanding Azure AD Webinar Presentation
 
Deploying asp.net and mvc applications to azure
Deploying asp.net and mvc applications to azureDeploying asp.net and mvc applications to azure
Deploying asp.net and mvc applications to azure
 
Moving from SBS to Azure
Moving from SBS to AzureMoving from SBS to Azure
Moving from SBS to Azure
 
Navigating the turbulence on takeoff: Setting up SharePoint on Azure IaaS the...
Navigating the turbulence on takeoff: Setting up SharePoint on Azure IaaS the...Navigating the turbulence on takeoff: Setting up SharePoint on Azure IaaS the...
Navigating the turbulence on takeoff: Setting up SharePoint on Azure IaaS the...
 
Best Practices for Integrating Active Directory with AWS Workloads
Best Practices for Integrating Active Directory with AWS WorkloadsBest Practices for Integrating Active Directory with AWS Workloads
Best Practices for Integrating Active Directory with AWS Workloads
 
Deploy, Scale and Manage your Microsoft Investments with AWS
Deploy, Scale and Manage your Microsoft Investments with AWSDeploy, Scale and Manage your Microsoft Investments with AWS
Deploy, Scale and Manage your Microsoft Investments with AWS
 
Microsoft Azure Hybrid Cloud - Getting Started For Techies
Microsoft Azure Hybrid Cloud - Getting Started For TechiesMicrosoft Azure Hybrid Cloud - Getting Started For Techies
Microsoft Azure Hybrid Cloud - Getting Started For Techies
 
Amazon WorkSpaces - Fully Managed Desktops in the Cloud
Amazon WorkSpaces - Fully Managed Desktops in the Cloud Amazon WorkSpaces - Fully Managed Desktops in the Cloud
Amazon WorkSpaces - Fully Managed Desktops in the Cloud
 
Using Windows Azure for Solving Identity Management Challenges
Using Windows Azure for Solving Identity Management ChallengesUsing Windows Azure for Solving Identity Management Challenges
Using Windows Azure for Solving Identity Management Challenges
 
Deploy, Scale and Manage your Microsoft Investments with AWS
Deploy, Scale and Manage your Microsoft Investments with AWSDeploy, Scale and Manage your Microsoft Investments with AWS
Deploy, Scale and Manage your Microsoft Investments with AWS
 
Deploy, Scale and Manage your Microsoft Investments with AWS
Deploy, Scale and Manage your Microsoft Investments with AWS Deploy, Scale and Manage your Microsoft Investments with AWS
Deploy, Scale and Manage your Microsoft Investments with AWS
 
Geek Sync | Taking Your First Steps to the Cloud—Building a Hybrid Model
Geek Sync | Taking Your First Steps to the Cloud—Building a Hybrid ModelGeek Sync | Taking Your First Steps to the Cloud—Building a Hybrid Model
Geek Sync | Taking Your First Steps to the Cloud—Building a Hybrid Model
 
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
 
Office 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsOffice 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfs
 
Što danas zamjenjuje Small Business Server?
Što danas zamjenjuje Small Business Server?Što danas zamjenjuje Small Business Server?
Što danas zamjenjuje Small Business Server?
 
Should I move my database to the cloud?
Should I move my database to the cloud?Should I move my database to the cloud?
Should I move my database to the cloud?
 
Share point 2013 in a hybrid world
Share point 2013 in a hybrid worldShare point 2013 in a hybrid world
Share point 2013 in a hybrid world
 

Recently uploaded

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 

Recently uploaded (20)

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 

Integrating your on-premises Active Directory with Azure and Office 365

  • 1. Integrating Your On-Premises Active Directory with Azure and Office 365 Mike Nelson Solutions Architect - nGenX Level: Intermediate
  • 2. Who Is This Guy? • Solutions Architect – nGenX • 25 years in tech • CTP - vExpert - MCSE-PC • mike.nelson@ngenx.com • Twitter - @nelmedia Mike Nelson 2014
  • 3. What Are We Going To Talk About? • Azure Active Directory & Office 365 • Integration, Synchronization & Migration • Administration & Troubleshooting • Tools / Tips Mike Nelson 2014
  • 4. What Are We Going To Do? • Create a new local AD • Create a new Azure AD Instance • Setup Sync • Play around a bit Mike Nelson 2014
  • 5. Updates I like to draw ;-) Updated slides, drawings, etc. http://1drv.ms/1oHyZz0 Mike Nelson 2014
  • 6. Prerequisites • Get a Live ID account – http://signup.live.com • Get an Azure Trial & VHD - http://aka.ms/R2 – Select “Windows 2012 R2 Datacenter on Azure” (also have pre-config’d copies to distribute) • Pick a domain name (variant of “contoso” is recommended – ex. contoso611.onmicrosoft.com • You must have a hypervisor installed/enabled on your laptop to run a lab VM Mike Nelson 2014
  • 7. Prerequisites • Hypervisors (download trials if needed) – For Win 8.x, use Hyper-V role or VMware Workstation – For Win 7.x, use VMware Workstation – For Mac, use Fusion • Image provided on the DVD’s or USB drives – Server 2012 R2 Datacenter VHD file & OVF package – You can also build your own 2012 R2 VM or use an existing one you have with no AD role installed Mike Nelson 2014
  • 8. Import VM • Need 7GB free for disk file • OVF file can be imported for VMware – VMware Fusion - http://bit.ly/1lCLNjO – VMware Workstation - http://bit.ly/1jNSW1h • Hyper-V import VHD as IDE - http://bit.ly/1rpoQZi • Administrator – P@ssw0rd Mike Nelson 2014
  • 10. Let’s Talk AD, AAD & O365 Windows Server Active Directory Azure Active Directory Free Azure Active Directory Tenant Azure Active Directory Premium Mike Nelson 2014
  • 11.
  • 12. • Scenario 1 Subscriptions • No Azure subscription & no Office 365 subscription • Sign up for Azure first as an Organization – https://account.windowsazure.com/organization • Add your domain to Azure AD & then sign up for Office 365 using org account • Scenario 2 • Office 365 subscription, but no Azure subscription • You already have an AAD Tenant • Sign up for Azure using your org account
  • 13. • Scenario 3 Subscriptions • Office 365 subscription with Org Account & Azure subscription with Microsoft ID • Already have AAD Tenant, but must be joined via org account • Sign in to Azure with org account • Add LiveID to Azure AD • Sign in to Azure with LiveID • Go to Settings and Edit Directory • Set default directory to Org directory • Add org account as Co-Administrator
  • 14. Windows Azure AD vs AD on Windows Azure IaaS On Premise VM w/ AD on Azure IaaS
  • 15. Identity for Microsoft cloud services Microsoft Account Microsoft Azure Active Directory Microsoft Account Ex: alice@outlook.com User Organizational Account Ex: alice@contoso.com User
  • 17. Identity Synchronization and Federation WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API
  • 20. Identities Everywhere Windows Azure Active Directory
  • 21. What Else Uses Identity?
  • 22. It’s All About Sync S S O Single SignOn Requires ADFS – seamless experience Same SignOn Second credential entry – a compromise
  • 23. SSO and Office 365 • Admin View – Single Credential to manage – Single place to manage polices – on-premises workstation restrictions etc – IDP is your AD • User View – I have a single credential – I may be prompted to enter it more than once, but is always the same credential
  • 24. SSO Alternatives & SAML • Pros, Cons, Needs, and Wants Centrify OneLogin Okta PingFederate Optimal IDM IBM Tivoli FIM PacketOne SiteMinder
  • 25. • • • • • Directory Integration options Microsoft Dynamics CRM Passwords
  • 27. Directory Sync - AADSync
  • 28. Password Sync • Synchronizes user password hash from your on-premises Active Directory to Azure Active Directory (pretty secure) – mainly for Self-Service reset • Doesn’t require something to be installed on all DC’s • Users can use the same credentials to login into both on-premises • No additional infrastructure required on premises • No dependency on on-premises infrastructure for authentication • Password Write-Back is coming in AADSync – in latest DirSync now
  • 29. Password Sync** • Password complexity policies configured in the on-premises AD apply in the cloud, i.e. you mange them on-premises. • Cloud password is set to ‘Never Expire’ • Users cannot change their password in the cloud except via self-service mechanism • Admins can reset user’s password on the cloud*
  • 31. ADFS • Not Multi-Forest • Parent & Child domains
  • 32. ADFS • Plan for capacity • More infrastructure - SQL or WID, WAAP, multiple ADFS servers • More administration - service accounts, DBA, certificates, Claims, etc.
  • 33.
  • 34.
  • 35.
  • 36.
  • 37. Use Sync As Backup for ADFS http://bit.ly/1lQvPmm http://social.technet.microsoft.com/wiki/contents/articles/17857.dirsync-how-to- switch-from-single-sign-on-to-password-sync.aspx
  • 38. Typical AD FS deployment on-premises…
  • 40. Password Sync vs. Single Sign-On Password Sync Single Sign-On (ADFS) Same password to access resources X X Control password policies on-premises X X Support for multi-factor authentication X * X No password re-entry if on premises X Authentication occurs in on premises directory X Client access filtering X * Limited Support
  • 41.
  • 42. AD Deployment Models in Azure • AD Forest in Azure • Static IP via PowerShell • AD Extended from On-Premises Network • Azure VNet w/P2P or S2S required • Static IP via PowerShell • Azure AD As A Service • Commercial providers • Directory Services As A Service
  • 43. AD Forest in Isolated Azure VNet Data-Tier 10.2.2.0/24 Backend 10.2.1.0/24 Microsoft Azure Virtual Network - 10.2.x fe2 fe1 SharePoint SQL contoso.corp Collab-Tier 10.2.3.0/24 Frontend 10.2.4.0/24 Availability Set Availability Set dc1/dns 10.2.1.4/24 dc2/dns 10.2.1.5/24 Load-Balancer fe3 Availability Set © 2014 Yung Chou. 43
  • 44. Hybrid Cloud with Azure VNet and P2S Microsoft Azure Virtual Network Site Backend 10.2.1.0/24 Availability SharePoint SQL Microsoft Azure Virtual Network - 10.2.x contoso.cor p Point-to-Site VPN Data-Tier 10.2.2.0/24 Collab-Tier 10.2.3.0/24 Frontend 10.2.4.0/24 Set fe2 fe1 dc1/dns 10.2.1.4/24 dc2/dns 10.2.1.5/24 Load-Balancer fe3 Availability Set © 2014 Yung Chou. Point-to-Site VPN 44
  • 45. Hybrid Cloud with Azure VNet and Microsoft Azure Virtual Network Site SharePoint SQL Microsoft Azure Virtual Network - 10.2.x contoso.corp Windows Server 2012 R2 as a VPN gateway On-premises Active Directory establishment Site-to-Site VPN Point-to-Site VPN Data-Tier 10.2.2.0/24 Collab-Tier 10.2.3.0/24 Backend 10.2.1.0/24 Availability Frontend 10.2.4.0/24 Set fe2 fe1 dc1/dns 10.2.1.4/24 dc2/dns 10.2.1.5/24 Load-Balancer fe3 Availability Set © 2014 Yung Chou. S2S/P2S 45
  • 46. What About Virtualizing AD? Is it safe to do? Yes, but you need to plan carefully The role The network The disk The clock Mike Nelson 2014
  • 47.
  • 49. First Things First • Plan for AAD Sync & manually check AD • DNS – Lower your TTL • UPN suffixes must exist! • Add & verify all SMTP domains • Set Password Expiration flag via PowerShell • Run idfix
  • 50. First Things First • Use the VM Readiness Assessment tool! • ADModify (codeplex) to bulk modify AD • Use PowerShell to provide info & delete if your gutsy!
  • 51. Tools for Administration • Azure Portal • Office365 Admin Center • Local AD Tools • PowerShell! Mike Nelson 2014
  • 52. Tools for Troubleshooting • idFix • Microsoft RCA (web / client) https://testconnectivity.microsoft.com/ • Troubleshooting AAD Sync http://support.microsoft.com/kb/2684395 Mike Nelson 2014
  • 53. Tools for Troubleshooting • PowerShell • MsiiClient for AAD Sync • ADSI Edit • ADPlus.vbs • On-Ramp (O365 setup) Mike Nelson 2014
  • 54. Tips • Always create a Company Administrator (formerly Global Administrator) account that is “In Cloud” • Rollback from Federated domain to Standard requires O365 password reset • ADFS – Parent certificate covers children Mike Nelson 2014
  • 55. Tips • Use Sync as backup for ADFS • Update the ADFS Relying Party Metadata periodically – Update-MSOLFederatedDomain –DomainName:<domain name> – Use –supportmultipledomain switch if needed – Scheduled task script • ADFS – Parent certificate covers children – Using the –supportmultipledomains switch is required when multiple top-level domains are federated by using the same AD FS federation service • Testing ADFS – https://<adfs_url>/adfs/ls/idpinitiatedsignon.aspx Mike Nelson 2014 –supportmultipledomains
  • 56. Sync Tips • AAD Sync runs every 3 hours, Password sync runs every 2 minutes. Both can be forced via PoSH – Start-OnlineCoexistenceSync -FullSync • Online portal can take a very long time to update • “Technical Contact” will get all the emails • To determine Sync version – PowerShell (GP 'hklm:SOFTWAREMicrosoftWindowsCurrentVersionUninstallMicro soft Online Directory Sync').DisplayVersion Mike Nelson 2014
  • 57. Sync Tips • When filtering OU’s in Sync, remove unused Run Steps • Always use latest version of Sync • Upgrade is painless – Local SQL, just run the install – Standalone SQL, need to connect to DB & upgrade • When in doubt – Force a Sync • PoSH module – import-module DirSync Mike Nelson 2014
  • 58. Demo Lab Setup • Get a Live ID account – http://signup.live.com • Get an Azure Trial - http://bit.ly/1zaeXB4 • Add & configure Azure AD • Create local AD – Import pre-made 2012R2 server VM – Add AD role Mike Nelson 2014
  • 59. The Lab • Power on the VM • Login as administrator – P@ssw0rd • Add the AD role – don’t worry about DNS messages • Once role installed, configure it. The AD Forest should be “corp.com” • Reboot the VM once AD config is complete Mike Nelson 2014
  • 60. The Lab • Login as <domain>administrator – P@ssw0rd • Right-click on PowerShell icon in taskbar and click Run As Administrator • Enter “set-executionpolicy unrestricted” and hit enter • Open Explorer and go to C:scripts • Right-click and edit “createusers.ps1” (should open in ISE) Mike Nelson 2014
  • 61. The Lab • Change domain name to your domain name (You can also do these steps manually via the MMC if you wish) • Save the file and run it. A new OU called O365Users should be created in your AD • With ISE still open, open the “createusers.ps1” file. Change the domain name to your domain name. • Save the file and run it. Users should now appear in that O365Users OU. • Close ISE Mike Nelson 2014
  • 62. The Lab • Open a browser on your local machine and create your MS Live ID account • Go to fasttrack.office.com and sign up for a Enterprise demo. Pick a domain name. Highly recommended to pick a variant of “contoso.com” (ex. contoso611.com) • Once signup is complete, login to Office365 with new credentials • Create Azure account using same credentials Mike Nelson 2014
  • 63. The Lab • Back in the VM, in Explorer, double click the C:Deployment ToolsLdfixLdfix.exe • Query your domain • Fix any issues • Install DirSync • Configure DirSync • Sync objects Mike Nelson 2014

Editor's Notes

  1. Topics- Azure Active Directory & Office 365 - Discuss the basics and architecture of Azure, Azure AD, and Office 365 Discuss how to initiate a subscription, and administrate the environments via the portal and PowerShell for the duration of the session Integration, Synchronization & Migration Single SignOn and Same SignOn DirSync, ADFS, AADConnect, AADSync On-Premise to/from Off-Premise architecture How sync works How to modify sync How to migrate “In cloud” users to “Synched with Active Directory” Administration & troubleshooting Tools & Tips Cleaning up your AD Azure Portal Office 365 Admin Center PowerShell Troubleshooting sync Troubleshooting Tools
  2. A client side hypervisor is required for the lab. The server image is supplied for the lab.
  3. A client side hypervisor is required for the lab. The server image is supplied for the lab.
  4. Microsoft has cloud services they need to authenticate users to which needs to be able to be independent of any on-premise AD for cloud-only scenarios or customers without AD. Microsoft took their knowledge of AD and enhanced this service to fit best for a cloud environment and this is called Windows Azure AD. [click] The challenge is many customers already have an on-premise AD which they would like users to be able to seamlessly authenticate. There are a number of methods to synchronize these two, but it is outside of the scope of this presentation. [click] Windows Azure AD must be used to authenticate to many of Microsoft’s cloud services, regardless of whether or not you synchronize with your on-premise AD [click] The topic of this presentation today covers running the Active Directory role on a VM inside of Windows Azure IaaS. This is NOT the same thing as Windows Azure AD.
  5. Credit: TechEd 2014
  6. Directory Sync – Enables on-premises directory data to be projected into the cloud Only synchronizes from single AD forest Groups, contacts and users ~ 150 properties Provides for a delta sync of changes - Sync timeframe is every 3 hours Links on-prem object to cloud object using ‘SourceAnchor’ – unique on-prem ID (By default: ObjectGUID) On-prem master for all objects and properties Proactively reports errors via email: “No news is good news” Provides for rich integration experiences Office Hybrid scenarios, requires two way sync for some properties Hybrid is only way data gets written back (Exchange data now – passwords soon)
  7. Multiple iterations of SHA256 encryption on hash
  8. http://social.technet.microsoft.com/wiki/contents/articles/17857.dirsync-how-to-switch-from-single-sign-on-to-password-sync.aspx
  9. USN Bubbles
  10. Tasks to be done for prep and execution of Demo Lab
  11. Tasks to be done for prep and execution of Demo Lab
  12. Tasks to be done for prep and execution of Demo Lab
  13. Tasks to be done for prep and execution of Demo Lab
  14. Tasks to be done for prep and execution of Demo Lab
  15. Tasks to be done for prep and execution of Demo Lab