Alexandre Verkinderen, profile picture
Uploaded byAlexandre Verkinderen
PPTX, PDF725 views

Multi-Factor Authentication for your clouds

The document discusses the Windows Azure Pack (WAP) and its authentication processes, focusing on Microsoft Azure Active Directory (AD), multi-factor authentication, and Active Directory Federation Service (ADFS). It details the out-of-the-box authentication mechanisms, user synchronization, and integration with external identity providers. The conclusion emphasizes the flexibility of WAP and recommends utilizing Azure's various authentication features for enhanced security.

Embed presentation

Downloaded 27 times
Windows Azure Pack - Authentication for your Clouds Alexandre Verkinderen Inovativ BE SCCDM MVP @AlexVerkinderen Christopher Keyaert Inovativ BE SCCDM MVP @KeyaertC
What is this all about?  Introduction  Out of the box Authentication process  Microsoft Azure Active Directory  Introduction to MAAD  Azure Active Directory Synchronization Services  Multi-factor authentication  Active Directory Federation Service  ADFS with external identity providers  Conclusion
Introduction
Windows Azure Pack – CloudOS vision
Windows Azure Pack - Authentication  WAP => .Net Repository  WAP => Microsoft Azure Active Directory  WAP => MAAD with Multi-Factor Authentication  WAP => ADFS -> On premise Active Directory  WAP => ADFS -> Azure ACS -> Facebook, Twitter, …
Out of the box Authentication Process
Windows Azure Pack - Authentication  WAP => .Net Repository  WAP => Microsoft Azure Active Directory  WAP => MAAD with Multi-Factor Authentication  WAP => ADFS -> On premise Active Directory  WAP => ADFS -> Azure ACS -> Facebook, Twitter, …
Default Authentication Process  Users have to be provisioned manually  Users are not synced from another repository  WAP is using a .Net Repository -> Stored in the SQL => Your tenants/users have to use and maintain an extra set of credentials
Out of the box Authentication Process Demo
Microsoft Azure Active Diretory Introduction to MAAD
Windows Azure Pack - Authentication  WAP => .Net Repository  WAP => Microsoft Azure Active Directory  WAP => MAAD with Multi-Factor Authentication  WAP => ADFS -> On premise Active Directory  WAP => ADFS -> Azure ACS -> Facebook, Twitter, …
Microsoft Azure Active Directory  Identity and access management in the cloud  Your organization’s cloud directory  Used by o Windows Azure o Office 365 o Windows Intune  Can be integrated with on-premises AD  Integration with cloud applications o Single sign-on experience  App hosted in cloud  Users authenticate with corporate credentials
Authentication Process 1 - User connects to a SaaS Application 2 - User authenticates to Azure AD 3 - Azure AD returns a token 4 - Token is sent to the SaaS application 5 - Application validates token
Microsoft Azure Active Diretory Synchronization
Synchronization  Synchronize users from On-Premise to Online  User Management is done on-prem  Password Synchronization o A digest of the Windows Active Directory password hash is used for the transmission between the on-premises AD and Azure Active Directory. o The digest of the password hash cannot be used to access resources in the customer's on- premises environment.  Users have 1 set of credentials across on-prem and online o But 2 accounts
AAD Sync Services tool reached RTM  ADD Sync Services is now RTM o Self Service Password Reset write back to Windows AD o Multi-forest identity synchronization o Download: http://www.microsoft.com/en- us/download/details.aspx?id=44225 o Documentation: http://msdn.microsoft.com/en- us/library/azure/dn790204.aspx  DirSync / AAD Sync / FIM Tools Feature Comparison : http://msdn.microsoft.com/en-us/library/azure/dn798669.aspx
Azure Active Directory and WAP User connects to a SaaS Application User authenticates to Azure Azure AD returns a token Token is sent to the SaaS application Application validates token User connects to to Windows Azure Pack Portal User is redirected to Azure AD Authentication Portal User authenticates with Username and Password Azure Authentication redirects to Windows Azure Pack Portal User is authenticated in Windows Azure Pack Portal
Azure Active Directory and WAP Demo
Microsoft Azure Active Diretory Multi-Factor Authentication
Windows Azure Pack - Authentication  WAP => .Net Repository  WAP => Microsoft Azure Active Directory  WAP => MAAD with Multi-Factor Authentication  WAP => ADFS -> On premise Active Directory  WAP => ADFS -> Azure ACS -> Facebook, Twitter, …
Multi-Factor Authentication
Multi-Factor Authentication  Could be enable in Azure Active Directory  Authentication Process o Text Message (SMS) o Automated Phone Call o Multi-Factor Authentication Apps (IOS, Android and WP)  Two billing options o Per User o Per Authentication
Multi-Factor Authentication Demo
Active Directory Federation Service
Windows Azure Pack - Authentication  WAP => .Net Repository  WAP => Microsoft Azure Active Directory  WAP => MAAD with Multi-Factor Authentication  WAP => ADFS -> On premise Active Directory  WAP => ADFS -> Azure ACS -> Facebook, Twitter, …
Active Directory Federation Service  Authenticate users on third party systems o Another Company’s extranet o Service hosted by a cloud provider  Federate identity management between partner organizations  Claims based authorization  User Authentication o Form-base authentication o Windows Integrated Authentication
ADFS, on premise AD and WAP User connects to a SaaS Application User authenticates to ADFS - AD ADFS returns a token Token is sent to the SaaS application Application validates token User connects to to Windows Azure Pack Portal User is redirected to ADFS Authentication Portal User authenticates with on premise Username and Password ADFS Authentication Portal redirects to WAP Portal User is authenticated in Windows Azure Pack Portal
Active Directory Federation Service Demo
ADFS Authentication with external Identity Providers
Windows Azure Pack - Authentication  WAP => .Net Repository  WAP => Microsoft Azure Active Directory  WAP => MAAD with Multi-Factor Authentication  WAP => ADFS -> On premise Active Directory  WAP => ADFS -> Azure ACS -> Facebook, Google, Twitter, …
ADFS Authentication with external Identity Providers  New Claims Providers -Trust o On-prem ADFS trusts External ADFS o On-prem ADFS trusts Azure Access Control Service  Azure Active Directory  Google / MS Live / Facebook / …. Accounts ₋ “Design Interface” customization http://technet.microsoft.com/en-us/library/dn280950.aspx
ADFS Authentication with external Identity Providers - Demo
Conclusion
Windows Azure Pack - Authentication  WAP gives you a lot of flexibilities  Don’t keep the OOB Authentication process, go for o Microsoft Azure Active Directory o Active Directory Federation Service o Multi-Factor Authentication ‒ Try Microsoft Azure – 90 days free trial with 150€/month http://azure.microsoft.com/en-us/pricing/free-trial/  WAP is available at no additional cost http://www.microsoft.com/en-us/server-cloud/products/windows-azure-pack/
Feedback  Session feedback  SCU session planner  http://planning.systemcenteruniverse.ch  SCU WP app  Overall Conference feedback  Link sent by email after the conference  Remember: we will donate for every feedback we receive!
Our Other Sessions  PowerBI for System Center ( Kurt Van Hoecke & Alexandre Verkinderen)  18/09 09h15, Room: Sidney  Speedlab: Deploy a System Center 2012 Environment (Alexandre Verkinderen & Christopher Keyaert)  19/09 09h15, Room: Singapore  Savision BSM in the private Cloud (Alexandre Verkinderen)  19/09 12h00, Room: Miami
Windows Azure Pack - Authentication for your Clouds Christopher Keyaert Inovativ BE http://www.vnext.be @KeyaertC Alexandre Verkinderen Inovativ BE http://scug.be/scom @AlexVerkinderen

More Related Content

PDF
Understanding Azure AD
byNew Horizons Ireland
 
PPTX
Azure AD Presentation - @ BITPro - Ajay
byAnoop Nair
 
PPTX
Windows Azure Active Directory
byKrunal Trivedi
 
PPTX
ADFS + IAM
byRichard Harvey
 
PPTX
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On
byPeter Selch Dahl
 
PPTX
Microsoft Azure Identity and O365
byKris Wagner
 
PDF
Using Windows Azure for Solving Identity Management Challenges (Visual Studio...
byMichael Collier
 
PPTX
Azure Global Bootcamp 2017 Azure AD Deployment
byAnthony Clendenen
 
Understanding Azure AD
byNew Horizons Ireland
 
Azure AD Presentation - @ BITPro - Ajay
byAnoop Nair
 
Windows Azure Active Directory
byKrunal Trivedi
 
ADFS + IAM
byRichard Harvey
 
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On
byPeter Selch Dahl
 
Microsoft Azure Identity and O365
byKris Wagner
 
Using Windows Azure for Solving Identity Management Challenges (Visual Studio...
byMichael Collier
 
Azure Global Bootcamp 2017 Azure AD Deployment
byAnthony Clendenen
 

What's hot

PPTX
Azure active directory
byRaju Kumar
 
PDF
Azure hands on lab
byAtanas Gergiminov
 
PPTX
Azure Active Directory - An Introduction for Developers
byJohn Garland
 
PPTX
Azure AD App Proxy Login Scenarios with an On Premises Applications - TSPUG
byRoy Kim
 
PPTX
Hitchhiker's Guide to Azure AD - SPS St Louis 2018
byMax Fritz
 
PPTX
Azure - Identity as a service
byBizTalk360
 
PPTX
AWS IAM and security
byErik Paulsson
 
PDF
Five Things You Didn't Know About Firebase Auth
byPeter Friese
 
PPTX
Windows Azure Platform
byDavid Chou
 
PPTX
Microsoft Azure ad in 10 slides
byAndre Debilloez
 
PDF
Colabora.dk - Azure PTA vs ADFS vs Desktop SSO
byPeter Selch Dahl
 
PPTX
Identity and o365 on Azure
byMostafa
 
PPTX
Azure Active Directory
byThurupathan Vijayakumar
 
PPTX
Developing Apps with Azure AD
bySharePointRadi
 
PPTX
Office 365-single-sign-on-with-adfs
byamitchachra
 
PPTX
Hitchhiker's Guide to Azure AD - SPSKC
byMax Fritz
 
DOCX
Infra Project report2
byjitendra sharma
 
PPTX
Identity in the cloud using Microsoft
byOrbit One - We create coherence
 
PPTX
SharePoint, ADFS and Claims Auth
byKashif Imran
 
Azure active directory
byRaju Kumar
 
Azure hands on lab
byAtanas Gergiminov
 
Azure Active Directory - An Introduction for Developers
byJohn Garland
 
Azure AD App Proxy Login Scenarios with an On Premises Applications - TSPUG
byRoy Kim
 
Hitchhiker's Guide to Azure AD - SPS St Louis 2018
byMax Fritz
 
Azure - Identity as a service
byBizTalk360
 
AWS IAM and security
byErik Paulsson
 
Five Things You Didn't Know About Firebase Auth
byPeter Friese
 
Windows Azure Platform
byDavid Chou
 
Microsoft Azure ad in 10 slides
byAndre Debilloez
 
Colabora.dk - Azure PTA vs ADFS vs Desktop SSO
byPeter Selch Dahl
 
Identity and o365 on Azure
byMostafa
 
Azure Active Directory
byThurupathan Vijayakumar
 
Developing Apps with Azure AD
bySharePointRadi
 
Office 365-single-sign-on-with-adfs
byamitchachra
 
Hitchhiker's Guide to Azure AD - SPSKC
byMax Fritz
 
Infra Project report2
byjitendra sharma
 
Identity in the cloud using Microsoft
byOrbit One - We create coherence
 
SharePoint, ADFS and Claims Auth
byKashif Imran
 

Similar to Multi-Factor Authentication for your clouds

PPTX
Microsoft Azure AD architecture and features
byssuser381403
 
PPTX
Azure-AD.pptx
byssuser9dddf7
 
PPTX
Azure_AD UNIT-3 .pptx
bychiefwardenmh1
 
PPTX
SC-900 Capabilities of Microsoft Identity and Access Management Solutions
byFredBrandonAuthorMCP
 
PPTX
Microsoft Azure Active Directory
byÖnder Değer
 
PPTX
What's new in Azure Active Directory and what's coming new ?
byVignesh Ganesan I Microsoft MVP
 
PPTX
Introduction to Azure AD and Azure AD B2C
byJoonas Westlin
 
PDF
Identity and Access Management from Microsoft and Razor Technology
byDavid J Rosenthal
 
PPTX
Análisis de riesgos en Azure y protección de la información
byPlain Concepts
 
PDF
Microsoft Azure Active Directory- The Complete Guide.pdf
byMultisoft Systems
 
PPTX
Azure from scratch part 2 By Girish Kalamati
byGirish Kalamati
 
PDF
Premier Webcast - Identity Management with Windows Azure AD
byuberbaum
 
PPTX
Windows Azure Active Directory: Identity Management in the Cloud
byChris Dufour
 
PPTX
JoTechies - Cloud identity
byJoTechies
 
PPSX
AzureAAD
byTonyHotko
 
PPTX
Using Windows Azure for Solving Identity Management Challenges
byMichael Collier
 
PPTX
Azure AD and Office 365 - Deja Vu All Over Again
bySean Deuby
 
PDF
Identity Security - Azure Active Directory
byEng Teong Cheah
 
PPTX
Understanding Office 365’s Identity Solutions: Deep Dive - EPC Group
byEPC Group
 
PPTX
What small businesses need to know about Azure AD premium
byMiguel Tena
 
Microsoft Azure AD architecture and features
byssuser381403
 
Azure-AD.pptx
byssuser9dddf7
 
Azure_AD UNIT-3 .pptx
bychiefwardenmh1
 
SC-900 Capabilities of Microsoft Identity and Access Management Solutions
byFredBrandonAuthorMCP
 
Microsoft Azure Active Directory
byÖnder Değer
 
What's new in Azure Active Directory and what's coming new ?
byVignesh Ganesan I Microsoft MVP
 
Introduction to Azure AD and Azure AD B2C
byJoonas Westlin
 
Identity and Access Management from Microsoft and Razor Technology
byDavid J Rosenthal
 
Análisis de riesgos en Azure y protección de la información
byPlain Concepts
 
Microsoft Azure Active Directory- The Complete Guide.pdf
byMultisoft Systems
 
Azure from scratch part 2 By Girish Kalamati
byGirish Kalamati
 
Premier Webcast - Identity Management with Windows Azure AD
byuberbaum
 
Windows Azure Active Directory: Identity Management in the Cloud
byChris Dufour
 
JoTechies - Cloud identity
byJoTechies
 
AzureAAD
byTonyHotko
 
Using Windows Azure for Solving Identity Management Challenges
byMichael Collier
 
Azure AD and Office 365 - Deja Vu All Over Again
bySean Deuby
 
Identity Security - Azure Active Directory
byEng Teong Cheah
 
Understanding Office 365’s Identity Solutions: Deep Dive - EPC Group
byEPC Group
 
What small businesses need to know about Azure AD premium
byMiguel Tena
 

More from Alexandre Verkinderen

PPTX
Microsoft azure pack overview
byAlexandre Verkinderen
 
PPTX
Expertslive azure site recovery
byAlexandre Verkinderen
 
PPTX
PowerShell Deployment Toolkit
byAlexandre Verkinderen
 
PPTX
Scu2016 Azure Best practices
byAlexandre Verkinderen
 
PPTX
Building Disaster Recovery as a Service:
byAlexandre Verkinderen
 
PPTX
Build cloud os in one day belgium
byAlexandre Verkinderen
 
PPTX
Scu 2014 pdt final
byAlexandre Verkinderen
 
PPTX
Scu2016 OMS and PowerBI
byAlexandre Verkinderen
 
PPTX
Getting Started with Orchestrator and Service Manager
byAlexandre Verkinderen
 
PPTX
SCU Asia System Center: Beyond orchestrator
byAlexandre Verkinderen
 
Microsoft azure pack overview
byAlexandre Verkinderen
 
Expertslive azure site recovery
byAlexandre Verkinderen
 
PowerShell Deployment Toolkit
byAlexandre Verkinderen
 
Scu2016 Azure Best practices
byAlexandre Verkinderen
 
Building Disaster Recovery as a Service:
byAlexandre Verkinderen
 
Build cloud os in one day belgium
byAlexandre Verkinderen
 
Scu 2014 pdt final
byAlexandre Verkinderen
 
Scu2016 OMS and PowerBI
byAlexandre Verkinderen
 
Getting Started with Orchestrator and Service Manager
byAlexandre Verkinderen
 
SCU Asia System Center: Beyond orchestrator
byAlexandre Verkinderen
 

Recently uploaded

PDF
Getting the Best of TrueDEM – January News & Updates
bypanagenda
 
PPTX
Coded Agents – with UiPath SDK + LlamaIndex.pptx
bysuhanisingh58689
 
PDF
apidays Australia 2025 | User Brainpower vs. AI Blind Spots in API Docs
byapidays
 
PDF
apidays Australia 2025 | The Strategic Role of APIs in Digital Transformation
byapidays
 
PDF
Deploying Windows Clients & Managing Identities
byVICTOR MAESTRE RAMIREZ
 
PDF
Why Are Cloud Migration Services Essential for Modern Business Growth?
byGeoPITS Global Pvt Ltd
 
PPTX
Mastering SQL Server Replication: Types, Setup & Troubleshooting
byGeoPITS Global Pvt Ltd
 
PDF
Teaching Robots how to Read 1/2: AI Center & Classic Document Understanding (...
byanabulhac
 
PPTX
AI Meets DBA Transforming Database Administration with Intelligence
byGeoPITS Global Pvt Ltd
 
PDF
Kubernetes Cloud Native Indonesia Meetup - January 2026
byPrasta Maha
 
PPTX
AI and Digital Transformation Solutions.
byBuildingblocks
 
PDF
Enterprise Data Services_ A Development Guide with Use Cases, Trends and Impl...
by2601harsh23
 
PPTX
AI in Marine Insurance Future of Smarter Risk, Faster Claims & Safer Shipping...
byAutomationEdge Technologies
 
PDF
Quick Learn Laravel for Beginner from Zero to Survive
byiDev Semarang
 
PDF
How PayPal Account Verification Works – Complete Guide for Online Businesses
byjhdhj3989
 
PDF
Safer’s Picks: Recent FME Enhancements with Big Everyday Impact
bySafe Software
 
PDF
Global Asset Tokenization Platforms – Summary (2026) - Garima Singh
byGarima Singh
 
PDF
Chapter 3 Cryptography and encryption techniques.pdf
byGetnet Tigabie Askale -(GM)
 
PDF
5G Explained! A High Level Overview [Introduction]
byLuciano Motta
 
PDF
Certified AI-Native Foundations Professional.pdf
byMarc Entsminger SPC6, RTE, SSM, SA, SDP
 
Getting the Best of TrueDEM – January News & Updates
bypanagenda
 
Coded Agents – with UiPath SDK + LlamaIndex.pptx
bysuhanisingh58689
 
apidays Australia 2025 | User Brainpower vs. AI Blind Spots in API Docs
byapidays
 
apidays Australia 2025 | The Strategic Role of APIs in Digital Transformation
byapidays
 
Deploying Windows Clients & Managing Identities
byVICTOR MAESTRE RAMIREZ
 
Why Are Cloud Migration Services Essential for Modern Business Growth?
byGeoPITS Global Pvt Ltd
 
Mastering SQL Server Replication: Types, Setup & Troubleshooting
byGeoPITS Global Pvt Ltd
 
Teaching Robots how to Read 1/2: AI Center & Classic Document Understanding (...
byanabulhac
 
AI Meets DBA Transforming Database Administration with Intelligence
byGeoPITS Global Pvt Ltd
 
Kubernetes Cloud Native Indonesia Meetup - January 2026
byPrasta Maha
 
AI and Digital Transformation Solutions.
byBuildingblocks
 
Enterprise Data Services_ A Development Guide with Use Cases, Trends and Impl...
by2601harsh23
 
AI in Marine Insurance Future of Smarter Risk, Faster Claims & Safer Shipping...
byAutomationEdge Technologies
 
Quick Learn Laravel for Beginner from Zero to Survive
byiDev Semarang
 
How PayPal Account Verification Works – Complete Guide for Online Businesses
byjhdhj3989
 
Safer’s Picks: Recent FME Enhancements with Big Everyday Impact
bySafe Software
 
Global Asset Tokenization Platforms – Summary (2026) - Garima Singh
byGarima Singh
 
Chapter 3 Cryptography and encryption techniques.pdf
byGetnet Tigabie Askale -(GM)
 
5G Explained! A High Level Overview [Introduction]
byLuciano Motta
 
Certified AI-Native Foundations Professional.pdf
byMarc Entsminger SPC6, RTE, SSM, SA, SDP
 

Multi-Factor Authentication for your clouds

  • 1.
    Windows Azure Pack- Authentication for your Clouds Alexandre Verkinderen Inovativ BE SCCDM MVP @AlexVerkinderen Christopher Keyaert Inovativ BE SCCDM MVP @KeyaertC
  • 2.
    What is thisall about?  Introduction  Out of the box Authentication process  Microsoft Azure Active Directory  Introduction to MAAD  Azure Active Directory Synchronization Services  Multi-factor authentication  Active Directory Federation Service  ADFS with external identity providers  Conclusion
  • 3.
  • 4.
    Windows Azure Pack– CloudOS vision
  • 6.
    Windows Azure Pack- Authentication  WAP => .Net Repository  WAP => Microsoft Azure Active Directory  WAP => MAAD with Multi-Factor Authentication  WAP => ADFS -> On premise Active Directory  WAP => ADFS -> Azure ACS -> Facebook, Twitter, …
  • 7.
    Out of thebox Authentication Process
  • 8.
    Windows Azure Pack- Authentication  WAP => .Net Repository  WAP => Microsoft Azure Active Directory  WAP => MAAD with Multi-Factor Authentication  WAP => ADFS -> On premise Active Directory  WAP => ADFS -> Azure ACS -> Facebook, Twitter, …
  • 9.
    Default Authentication Process Users have to be provisioned manually  Users are not synced from another repository  WAP is using a .Net Repository -> Stored in the SQL => Your tenants/users have to use and maintain an extra set of credentials
  • 10.
    Out of thebox Authentication Process Demo
  • 11.
    Microsoft Azure ActiveDiretory Introduction to MAAD
  • 12.
    Windows Azure Pack- Authentication  WAP => .Net Repository  WAP => Microsoft Azure Active Directory  WAP => MAAD with Multi-Factor Authentication  WAP => ADFS -> On premise Active Directory  WAP => ADFS -> Azure ACS -> Facebook, Twitter, …
  • 13.
    Microsoft Azure ActiveDirectory  Identity and access management in the cloud  Your organization’s cloud directory  Used by o Windows Azure o Office 365 o Windows Intune  Can be integrated with on-premises AD  Integration with cloud applications o Single sign-on experience  App hosted in cloud  Users authenticate with corporate credentials
  • 14.
    Authentication Process 1 -User connects to a SaaS Application 2 - User authenticates to Azure AD 3 - Azure AD returns a token 4 - Token is sent to the SaaS application 5 - Application validates token
  • 15.
    Microsoft Azure ActiveDiretory Synchronization
  • 16.
    Synchronization  Synchronize usersfrom On-Premise to Online  User Management is done on-prem  Password Synchronization o A digest of the Windows Active Directory password hash is used for the transmission between the on-premises AD and Azure Active Directory. o The digest of the password hash cannot be used to access resources in the customer's on- premises environment.  Users have 1 set of credentials across on-prem and online o But 2 accounts
  • 17.
    AAD Sync Servicestool reached RTM  ADD Sync Services is now RTM o Self Service Password Reset write back to Windows AD o Multi-forest identity synchronization o Download: http://www.microsoft.com/en- us/download/details.aspx?id=44225 o Documentation: http://msdn.microsoft.com/en- us/library/azure/dn790204.aspx  DirSync / AAD Sync / FIM Tools Feature Comparison : http://msdn.microsoft.com/en-us/library/azure/dn798669.aspx
  • 18.
    Azure Active Directoryand WAP User connects to a SaaS Application User authenticates to Azure Azure AD returns a token Token is sent to the SaaS application Application validates token User connects to to Windows Azure Pack Portal User is redirected to Azure AD Authentication Portal User authenticates with Username and Password Azure Authentication redirects to Windows Azure Pack Portal User is authenticated in Windows Azure Pack Portal
  • 19.
  • 20.
    Microsoft Azure ActiveDiretory Multi-Factor Authentication
  • 21.
    Windows Azure Pack- Authentication  WAP => .Net Repository  WAP => Microsoft Azure Active Directory  WAP => MAAD with Multi-Factor Authentication  WAP => ADFS -> On premise Active Directory  WAP => ADFS -> Azure ACS -> Facebook, Twitter, …
  • 22.
  • 23.
    Multi-Factor Authentication  Couldbe enable in Azure Active Directory  Authentication Process o Text Message (SMS) o Automated Phone Call o Multi-Factor Authentication Apps (IOS, Android and WP)  Two billing options o Per User o Per Authentication
  • 24.
  • 25.
  • 26.
    Windows Azure Pack- Authentication  WAP => .Net Repository  WAP => Microsoft Azure Active Directory  WAP => MAAD with Multi-Factor Authentication  WAP => ADFS -> On premise Active Directory  WAP => ADFS -> Azure ACS -> Facebook, Twitter, …
  • 27.
    Active Directory FederationService  Authenticate users on third party systems o Another Company’s extranet o Service hosted by a cloud provider  Federate identity management between partner organizations  Claims based authorization  User Authentication o Form-base authentication o Windows Integrated Authentication
  • 28.
    ADFS, on premiseAD and WAP User connects to a SaaS Application User authenticates to ADFS - AD ADFS returns a token Token is sent to the SaaS application Application validates token User connects to to Windows Azure Pack Portal User is redirected to ADFS Authentication Portal User authenticates with on premise Username and Password ADFS Authentication Portal redirects to WAP Portal User is authenticated in Windows Azure Pack Portal
  • 29.
  • 30.
    ADFS Authentication withexternal Identity Providers
  • 31.
    Windows Azure Pack- Authentication  WAP => .Net Repository  WAP => Microsoft Azure Active Directory  WAP => MAAD with Multi-Factor Authentication  WAP => ADFS -> On premise Active Directory  WAP => ADFS -> Azure ACS -> Facebook, Google, Twitter, …
  • 32.
    ADFS Authentication withexternal Identity Providers  New Claims Providers -Trust o On-prem ADFS trusts External ADFS o On-prem ADFS trusts Azure Access Control Service  Azure Active Directory  Google / MS Live / Facebook / …. Accounts ₋ “Design Interface” customization http://technet.microsoft.com/en-us/library/dn280950.aspx
  • 33.
    ADFS Authentication withexternal Identity Providers - Demo
  • 34.
  • 35.
    Windows Azure Pack- Authentication  WAP gives you a lot of flexibilities  Don’t keep the OOB Authentication process, go for o Microsoft Azure Active Directory o Active Directory Federation Service o Multi-Factor Authentication ‒ Try Microsoft Azure – 90 days free trial with 150€/month http://azure.microsoft.com/en-us/pricing/free-trial/  WAP is available at no additional cost http://www.microsoft.com/en-us/server-cloud/products/windows-azure-pack/
  • 36.
    Feedback  Session feedback SCU session planner  http://planning.systemcenteruniverse.ch  SCU WP app  Overall Conference feedback  Link sent by email after the conference  Remember: we will donate for every feedback we receive!
  • 37.
    Our Other Sessions PowerBI for System Center ( Kurt Van Hoecke & Alexandre Verkinderen)  18/09 09h15, Room: Sidney  Speedlab: Deploy a System Center 2012 Environment (Alexandre Verkinderen & Christopher Keyaert)  19/09 09h15, Room: Singapore  Savision BSM in the private Cloud (Alexandre Verkinderen)  19/09 12h00, Room: Miami
  • 38.
    Windows Azure Pack- Authentication for your Clouds Christopher Keyaert Inovativ BE http://www.vnext.be @KeyaertC Alexandre Verkinderen Inovativ BE http://scug.be/scom @AlexVerkinderen

Editor's Notes