These are the slides from my Exploring Officer 365 Identity Management session at SPUnite 2017. A most excellent event that I heartily recommend people attend when it returns!
JAXSPUG January 2016 - Microsoft Cloud Identities in Azure and Office 365Scott Hoag
Looking to reduce the number of post-it notes you see stuck around the office? Seeking to automate your user creation processes for Office 365? Or maybe you’re interested in single sign-on for everything you host in the cloud? Are you questioning what a cloud identity is? This session will take you through the basics of identity in the Microsoft Cloud and show you how to set up and configure Office 365 with Azure Active Directory using the Azure Active Directory Synchronization Connect tools.
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365Scott Hoag
Looking to reduce the number of post-it notes you see stuck around the office? Seeking to automate your user creation processes for Office 365? Or maybe you're interested in single sign-on for everything you host in the cloud? Are you questioning what a cloud identity is?
This session will take you through the basics of identity in the Microsoft Cloud and show you to how to set up and configure Office 365 with Azure Active Directory using the Azure Active Directory Synchronization Connect tools.
SPIntersection 2016 - TO THE CLOUD! USING IAAS AS A HOSTING PROVIDER FOR SHAR...Scott Hoag
To the cloud! This phrase seems to come up more often for organizations look to reduce their SharePoint footprint and operational expenses in their on-premises datacenters. This session will provide a brief overview of a few of the premier Infrastructure as a Service hosting providers for SharePoint, how SharePoint in the cloud stacks up against Office 365 and how to quickly get your SharePoint system built in a repeatable fashion for development environments.
You will learn:
* Core Infrastructure as a Service (IaaS) providers.
* The complexities of what is involved with implementing SharePoint in a cloud hosted environment
* Some of the nuances and workarounds for hosting SharePoint in the cloud
SPSNL17 - Azure AD B2B - Safe collaboration has never been that easy!Anco Stuij
Safe and easy collaboration with third parties, it’s possible for every organization with Azure AD B2B. This solution is even more powerful through integration with Line of Business applications such as Salesforce, SAP, Exact and Dynamics 365. We will show you this during this interactive presentation. After adding a contact in Dynamics 365, a personalized invitation is automatically sent through an Azure Function that invokes the Microsoft Graph invitation manager. Upon acceptance of the invitation, the contact has access to a SharePoint Online customer portal with its own account. After this interactive presentation you have insight into account provisioning via Azure AD B2B in combination with Dynamics 365.
JAXSPUG January 2016 - Microsoft Cloud Identities in Azure and Office 365Scott Hoag
Looking to reduce the number of post-it notes you see stuck around the office? Seeking to automate your user creation processes for Office 365? Or maybe you’re interested in single sign-on for everything you host in the cloud? Are you questioning what a cloud identity is? This session will take you through the basics of identity in the Microsoft Cloud and show you how to set up and configure Office 365 with Azure Active Directory using the Azure Active Directory Synchronization Connect tools.
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365Scott Hoag
Looking to reduce the number of post-it notes you see stuck around the office? Seeking to automate your user creation processes for Office 365? Or maybe you're interested in single sign-on for everything you host in the cloud? Are you questioning what a cloud identity is?
This session will take you through the basics of identity in the Microsoft Cloud and show you to how to set up and configure Office 365 with Azure Active Directory using the Azure Active Directory Synchronization Connect tools.
SPIntersection 2016 - TO THE CLOUD! USING IAAS AS A HOSTING PROVIDER FOR SHAR...Scott Hoag
To the cloud! This phrase seems to come up more often for organizations look to reduce their SharePoint footprint and operational expenses in their on-premises datacenters. This session will provide a brief overview of a few of the premier Infrastructure as a Service hosting providers for SharePoint, how SharePoint in the cloud stacks up against Office 365 and how to quickly get your SharePoint system built in a repeatable fashion for development environments.
You will learn:
* Core Infrastructure as a Service (IaaS) providers.
* The complexities of what is involved with implementing SharePoint in a cloud hosted environment
* Some of the nuances and workarounds for hosting SharePoint in the cloud
SPSNL17 - Azure AD B2B - Safe collaboration has never been that easy!Anco Stuij
Safe and easy collaboration with third parties, it’s possible for every organization with Azure AD B2B. This solution is even more powerful through integration with Line of Business applications such as Salesforce, SAP, Exact and Dynamics 365. We will show you this during this interactive presentation. After adding a contact in Dynamics 365, a personalized invitation is automatically sent through an Azure Function that invokes the Microsoft Graph invitation manager. Upon acceptance of the invitation, the contact has access to a SharePoint Online customer portal with its own account. After this interactive presentation you have insight into account provisioning via Azure AD B2B in combination with Dynamics 365.
A Developer's Introduction to Azure Active Directory B2CJohn Garland
Adding personalized experiences is often a critical part of creating an application, and the key to personalization is being able to identify your users. However, properly managing user identities can be difficult, and getting it wrong can cost you users due to usability problems, or worse, can expose your users to harm if their identity information is not properly protected. Azure Active Directory B2C provides you the ability to integrate a ready-made identity platform into your application, with options for integration with social identity providers, application-local accounts, customized workflows, and a user interface that can integrate into your app's layout and design. In this talk you will learn how you can integrate Azure Active Directory B2C into a variety of applications, and several of the ways you can customize the experience to best support both your users' and your application's needs.
Running Regulated Workloads on Azure PaaS services (DogFoodCon 2018)Jeremy Gray
This is a presentation given at DogFoodCon 2018 on running regulated financial workloads in the cloud. There were over 100 people in attendance and all were amazed at the skill of the presenter and the power of Azure, also Albert Einstein showed up for a cameo.
JAXSPUG April 2016 - Staying in the Know with Office 365Scott Hoag
Office 365 is so much more than just email, instant messaging and file storage. When your data is combined with cloud-driven intelligence and analytics you can discover new, relevant information and people based on who you work with and the content you work on. With personalized insights into how you interact with your data and those around you day-to-day, Office 365 can deliver the right information to you automatically.
Join us as we explore the power of the Office Graph and Microsoft Delve for end users. We’ll discuss how the features of Delve can not only surface data for your users, but also act as a gateway to other Office 365 services such as search, Yammer, and Office 365 Video.
SPSVB - Office 365 and Cloud Identity - What Does It Mean for Me?Scott Hoag
Office 365 brings a host of productivity options, but one of the most overlooked components is how we'll authenticate to the Cloud. With Azure Active Directory (AAD) driving access and authentication to our Office 365 tenants, it is important to understand how we can interact with it. Join us as we explore Cloud Identity, Identity Federation, Directory Synchronization and most importantly Azure and its impacts on user experience and access of Office 365. Throughout this session, we'll answer the questions that impact you and how your decisions around identity shape your Office 365 experiences.
Engage in effective collaboration with Azure AD B2BAnco Stuij
In this time of disruption companies focus more and more on their core business, so the need to partner with other businesses increases. Companies need to easily and securely share access to corporate applications with their partners to engage in effective collaboration. That’s why Azure Active Directory B2B is designed. In this session you will learn everything you need to know about this exciting new feature of Azure Active Directory. In the demo we will share a hybrid SharePoint environment with external partners via Azure AD B2B and compare it with the standard external sharing feature of SharePoint. Afterwards, you will be able to apply this technique with your customers. By using this simple, safe and free solution your customers will be able to collaborate more effectively with their partners. A must have in this cloud and mobile-first era!
Developing custom claim providers to enable authorization in share point an...AntonioMaio2
Developing Custom Claim Providers to Enable Authorization in SharePoint - Antonio Maio.
With the release of SharePoint 2010, Microsoft introduced the concepts of Claims Based Authentication and Authorization. SharePoint 2013 went a step further making Claims Based Authentication the default method for authenticating users when they login. Claims, and identities in general, are playing a bigger role in the security capabilities of systems like SharePoint, enabling us to solve some new and exciting security challenges. Typically we authorize the content that users have access to using SharePoint permissions, however authentication scenarios can be extended in new and interesting ways by developing a custom component called a Custom Claim Provider. This session will introduce the concepts of Claims Based Authentication and Authorization in SharePoint and provide step by step instructions on how to develop and deploy Custom Claim Providers. The session will also walk through several examples of how custom Claim Providers can enhance SharePoint security and authorization.
SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?Scott Hoag
Office 365 brings a host of productivity options, but one of the most overlooked components is how we'll authenticate to The Cloud™. With Microsoft Azure Active Directory driving access and authentication to our Office 365 tenants, it is important to understand how we can interact with it. Join us as we explore Cloud Identity, identity federation, directory synchronisation, and most importantly Azure and its impacts on user experience and access Office 365. Throughout this session, we'll answer the questions that impact you and how your decisions around identity shape your Office 365 experience.
A Developer's Introduction to Azure Active Directory B2CJohn Garland
Adding personalized experiences is often a critical part of creating an application, and the key to personalization is being able to identify your users. However, properly managing user identities can be difficult, and getting it wrong can cost you users due to usability problems, or worse, can expose your users to harm if their identity information is not properly protected. Azure Active Directory B2C provides you the ability to integrate a ready-made identity platform into your application, with options for integration with social identity providers, application-local accounts, customized workflows, and a user interface that can integrate into your app's layout and design. In this talk you will learn how you can integrate Azure Active Directory B2C into a variety of applications, and several of the ways you can customize the experience to best support both your users' and your application's needs.
Running Regulated Workloads on Azure PaaS services (DogFoodCon 2018)Jeremy Gray
This is a presentation given at DogFoodCon 2018 on running regulated financial workloads in the cloud. There were over 100 people in attendance and all were amazed at the skill of the presenter and the power of Azure, also Albert Einstein showed up for a cameo.
JAXSPUG April 2016 - Staying in the Know with Office 365Scott Hoag
Office 365 is so much more than just email, instant messaging and file storage. When your data is combined with cloud-driven intelligence and analytics you can discover new, relevant information and people based on who you work with and the content you work on. With personalized insights into how you interact with your data and those around you day-to-day, Office 365 can deliver the right information to you automatically.
Join us as we explore the power of the Office Graph and Microsoft Delve for end users. We’ll discuss how the features of Delve can not only surface data for your users, but also act as a gateway to other Office 365 services such as search, Yammer, and Office 365 Video.
SPSVB - Office 365 and Cloud Identity - What Does It Mean for Me?Scott Hoag
Office 365 brings a host of productivity options, but one of the most overlooked components is how we'll authenticate to the Cloud. With Azure Active Directory (AAD) driving access and authentication to our Office 365 tenants, it is important to understand how we can interact with it. Join us as we explore Cloud Identity, Identity Federation, Directory Synchronization and most importantly Azure and its impacts on user experience and access of Office 365. Throughout this session, we'll answer the questions that impact you and how your decisions around identity shape your Office 365 experiences.
Engage in effective collaboration with Azure AD B2BAnco Stuij
In this time of disruption companies focus more and more on their core business, so the need to partner with other businesses increases. Companies need to easily and securely share access to corporate applications with their partners to engage in effective collaboration. That’s why Azure Active Directory B2B is designed. In this session you will learn everything you need to know about this exciting new feature of Azure Active Directory. In the demo we will share a hybrid SharePoint environment with external partners via Azure AD B2B and compare it with the standard external sharing feature of SharePoint. Afterwards, you will be able to apply this technique with your customers. By using this simple, safe and free solution your customers will be able to collaborate more effectively with their partners. A must have in this cloud and mobile-first era!
Developing custom claim providers to enable authorization in share point an...AntonioMaio2
Developing Custom Claim Providers to Enable Authorization in SharePoint - Antonio Maio.
With the release of SharePoint 2010, Microsoft introduced the concepts of Claims Based Authentication and Authorization. SharePoint 2013 went a step further making Claims Based Authentication the default method for authenticating users when they login. Claims, and identities in general, are playing a bigger role in the security capabilities of systems like SharePoint, enabling us to solve some new and exciting security challenges. Typically we authorize the content that users have access to using SharePoint permissions, however authentication scenarios can be extended in new and interesting ways by developing a custom component called a Custom Claim Provider. This session will introduce the concepts of Claims Based Authentication and Authorization in SharePoint and provide step by step instructions on how to develop and deploy Custom Claim Providers. The session will also walk through several examples of how custom Claim Providers can enhance SharePoint security and authorization.
SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?Scott Hoag
Office 365 brings a host of productivity options, but one of the most overlooked components is how we'll authenticate to The Cloud™. With Microsoft Azure Active Directory driving access and authentication to our Office 365 tenants, it is important to understand how we can interact with it. Join us as we explore Cloud Identity, identity federation, directory synchronisation, and most importantly Azure and its impacts on user experience and access Office 365. Throughout this session, we'll answer the questions that impact you and how your decisions around identity shape your Office 365 experience.
SYDSP - Office 365 and Cloud Identity - What does it mean for me?Scott Hoag
Office 365 brings a host of productivity options, but one of the most overlooked components is how we'll authenticate to The Cloud™. With Microsoft Azure Active Directory driving access and authentication to our Office 365 tenants, it is important to understand how we can interact with it. Join us as we explore Cloud Identity, identity federation, directory synchronisation, and most importantly Azure and its impacts on user experience and access Office 365. Throughout this session, we'll answer the questions that impact you and how your decisions around identity shape your Office 365 experience.
Global Azure Bootcamp 2016 completed recently across the world with a great success and I got an opportunity to deliver a session on this great event hosted in Chennai, India. Uploaded the Session slide deck for you.
What small businesses need to know about Azure AD premiumMiguel Tena
In this session I reflect on what Azure AD brings to the table for small businesses an do an introduction of key services in each tier of the identity platform to improve your security posture, improve onboarding/offboarding and enhance productivity through governance.
CoLabora - Identity in a World of Cloud - June 2015CoLaboraDK
CoLabora UC User Group Meeting - June 2015.
Topic about: Identity in a World of Cloud - June 2015
Speaker: Jakob Østergaard Nielsen (www.mistercloudtech.com)
How to (remote) control Office 365 with Azure (SharePoint Konferenz ppEDV Erd...atwork
How to (remote) control Office 365 with Azure
by Martina Grom, MVP Office 365, und
Toni Pohl, MVP Windows Platform Development
SharePoint Konferenz ppEDV in Erding, March 2015
atwork information technology, atwork.at
Overview of Azure AD
Deployment lessons from the real world
Outline items that can accelerate your deployment
Avoid things that can slow you down
Deep Dive on common technical challenges and how to overcome them
Exploring conditional access to content stored in Office 365 - SPS HelsinkiPaul Hunt
The slides from my session on Conditional Access, presented at SPS Helsinki. This deck includes slides around entitlement packages and terms of use that old decks don't have.
Exploring conditional access to content stored in Office 365Paul Hunt
Aug 2019 - The latest slides for my Conditional Access in Office 365 session, covering ADFS, O365 E1/E3/E5, EM+S E3/E5 and the various capabilties of each.
#SPSLondon - Session 2 JSLink for IT ProsPaul Hunt
These are the slides from my second session at SPSLondon, there's a little cross over between the two sessions if you went to both!
This one covers an introduction to Display Templates for IT Pros, show the what, why and how of Display Templates in List View Web Parts with an IT Pro focus.
#SPSLondon - Session 1 - Building an faq for end usersPaul Hunt
These are the slides to accompany my first session on building an FAQ in SharePoint. It follows the evolution of the idea from a basic single site/list implementation through to an enterprise focussed application.
Creating an FAQ for end users, An evolution of an idea - SharePoint Saturday ...Paul Hunt
These are the slides of my second session at SharePoint Saturday Jersey in which I look at evolving the creation of an FAQ from the basic list, through to a fully search integrated enterprise offering.
SUGUK Cambridge - Display Templates & JSLink for IT ProsPaul Hunt
This is another evolution of my Display Templates session. A few of the slides have been updated. The key differences between each session however is the demos.
These slides do contain the links called out during the session however.
These are the slides from my #SPSBE session #SPSBE23 on Display Templates and JSLink for IT Pros. This is a slightly amended version of the session that I've uploaded for SPSUK and SPSSTHLM as a result of feedback from those earlier sessions.
As a result of conversations from this session and a twitter jam during the journey home, I'll announcing some great news about a community effort to make Display Template samples from many great speakers around the world available in one location.
Watch twitter using hashtag #SPCSR for more info as we announce it.
SPSSTHLM - Using JSLink and Display Templates for ITProsPaul Hunt
These are the slides from my session at SharePoint Saturday Stockholm, where I look at JavaScript Display Templates and how ITPros doing first and second tier development can use the JSLink functionality to implement them.
This session focussed on List View Web Parts and looked at the way we previously visualised data in old version of SharePoint and how we would approach that now in SharePoint 2013.
Please note: The upload of the pptx is failing for some reason, so I've added the slides as a PDF which doesn't include the notes on some of the slides. if you do have any questions, please reach out to me on twitter (@cimares) with any questions.
My session slides from SharePoint Saturday UK IT Pro track. See my blog for more details and the demonstration videos. http://www.myfatblog.co.uk/index.php/2013/11/sharepoint-saturday-uk-wrap-up/
Iw411 migrating content by search from 2010 into 2013 - minifiedPaul Hunt
IW411 This is my slide deck from the SharePoint Evolutions 2013 Conference where I looked at content by search in 2010, then migrating and building from scratch in 2013.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
10. In the Office 365 Scenario
Trusted Identity
Accounts are stored in
Azure Active Directory
and authenticated by
Microsoft.
Federated Identity
Microsoft detects a
federated domain and
redirects the user with a
claim that needs to be
authenticated.
38. • Skype for Business client applications
are not supported (inc 2016)
• Be aware of the Smart Lockout
feature and ensure your AD lockout
settings are greater than Azure AD.
85. Many options - For Example
http://bit.ly/fedthirdparties
86. PFE – AD FS Deep Dive (Planning)
AD FS Topology Design Guide
Customizing the AD FS sign-in pages
Customising the Office 365 sign-in pages
Running the Office 365 IdFix tool
Microsoft Group Licensing Docs
Useful Links
Editor's Notes
I also do woodturning, It’s cheaper than therapy!! SharePoint can be a lot like woodturning.. If you don’t pay attention to what you’re doing, it’s easy to make a mistake and go through the bottom of the bowl!
In the enterprise, the authentication is generally handled by Active Directory.
The user logs on with a username and password, and AD authenticates them.
At this stage, we’re not interested in what they’re allowed to do.. Just that they are who they say they are.
When someone knocks at your door, you generally take a peek through the spy hole to see who it is.
This is our friend Jane, popping round to study for the Office 365 MCSE!
We know Jane and she’s someone we trust, so we open the door and let her in.
When the gas man turns up to fix a problem, we don’t know him.
We recognise the uniform and the ID though, and we TRUST the gas company to verify that person.
If we choose to, we can validate his claim to be who he says by calling his company.
We’ll cover each of these scenarios in depth.
Adding wharf-consulting.co.uk
Note the fact that it picks up your registrar if it can! This provides step-by-step instructions for that specific provider!
Once you add the new MS value, you will need to wait for DNS to propagate. This can take some time (up to 12-24 hours, though I’ve never seen it take that long!), so be patient.
Once validated, you can configure DNS..
If you skip the verification, the domain will show set-up errors (but this can be ignored in a later step)
This will be shown unless all of the DNS entries are corrected for Office 365
However if you’re not using O365 for Skype or E-mail, you may want to ignore this.
So by re-running the check DNS wizard, we can then ignore failures.
This sets the domain to set-up complete.
Creating a user with the new UPN is simple.
And on the same screen, you can apply roles and licenses. (Manual licensing!.. We’ll talk more about licensing after the next 2 methods!)
And now users can sign in with their domain name..
At this point, we recommend you ensure that their UPN matches their E-mail
At this point, we recommend you ensure that their UPN matches their E-mail, this makes it much easier for users to remember.
*Assuming UPN is correct and Password Sync is in use.
Requires Domain to be added as per previous configuration
Note: Inbound comms travels back down the outbound established connection.. No external publishing!
I’m paraphrasing the important ones.. But check http://bit.ly/aadctopologies
You can sync to multiple AAD, but you must ensure objects are only synchronised to one! Not recommended
In this instance, the organisation may have two domains that are distinct from each other.
Users exist only in one domain, this is the example we’re looking at today.
More advanced scenarios do exist. I recommend reading the supported topologies document.
Especially for Hybrid Exchange/Skype and in Resource domain situations
Some key takeaways:
Only a single AAD Connect server allowed per Azure AD (Except for staging)
An Active Directory Object can only be synced to ONE Azure AD (Multiple AD sync to separate Azure AD is permitted, but must be syncing separate portions of Active Directory)
Again, check your scenario against the whole Azure document. http://bit.ly/aadctopologies
A staging server is fully installed as a separate AAD Connect server in the environment.
This is activated manually using the wizard and you MUST shutdown or change the other server to staging mode
A robust build process and a fresh VM is probably better!
Connector is registered via outbound HTTPS request. Auth requests travel back down this reply route.
You can run addition connectors on additional servers (Only one per server)
Registered through PowerShell.
The workarounds for the above is to ensure that you synchronised password hashes to Azure AD.
Demoing the Wizard, and the MIIS client, Portal sync status
Install Video and demo for Pass through
PowerShell and the Sync commands
Adding this slide in because EVERYONE needs these commands at some point!
Get-ADSyncScheduler
Start-ADSyncSyncCycle -PolicyType Delta or Initial
MIIS Client
Note: This requires Synchronised Identity to be configured FIRST!
Company.com can be our on-premises environment, Azure or a third party federation service
The basic requirements are:
ADFS Server / WAP Proxy
Split DNS – Internal/External resolution should be different
Published endpoint and matching SSL cert (wildcards are ok!)
All communications are over HTTPS/443
(If planning on using Workplace Join, then additional SAN entries are required on the certs)
See https://technet.microsoft.com/en-us/library/dn554247(v=ws.11).aspx for more info.
For resilience, we can load balance the ADFS and WAP servers
And I would hope you have more than one DC!!
Using Windows internal database you’re limited to 30! Adfs servers
Clustering is supported, but I prefer HW Load Balancers as they can use health rules to monitor status
*not required for ADFS scenarios
https://technet.microsoft.com/en-us/library/ee913581(v=ws.11).aspx
WID Limits you to 30 ADFS servers and limits some ADFS functions.
https://technet.microsoft.com/en-us/library/gg982489(v=ws.11).aspx
ADFS 4.0 on Server 2016 – Sizing spreadsheet - http://adfsdocs.blob.core.windows.net/adfs/ADFSCapacity2016.xlsx
The primary server can be changed using PowerShell.
Get-ADFSSyncProperties (Will show Primary computer, or sync details)
Set-ADFSSyncProperties –Role PrimaryComputer (Will make the current server the primary.)
Then run Set-ADFSSyncProperties –Role SecondaryComputer –PrimaryComputerName <FQDN of Primary>
Note: This can take up to 1 hour!
This will remove all entities from ADFS relating to that domain.
As previous, this can take up to an hour to take effect!
This will leave all of the ADFS configuration in place. Which isn’t a problem if your ADFS is in flames..
Demoing Peter Falk resetting his password, Eventvwr events etc
This has been a long time coming and was one of the primary reasons people went to Okta and similar.
Should be available to E3 and above at GA.
You can do it with cloud identities, but it’s lots of portal switching and not worth it.
What’s the difference?
Why both?
Demoing Group based licensing.
http://www.myfatblog.co.uk/index.php/2017/03/azure-ad-group-based-licensing-in-office-365/
http://www.myfatblog.co.uk/index.php/2017/03/azure-ad-group-based-licensing-remediation-of-errors/
Video linked in these.
This was posted in the Technical Communities Forum.
We define single sign-on as “The user signs into the device once and is automatically authenticated into everything else from that point on.”
We define single sign-on as “The user signs into the device once and is automatically authenticated into everything else from that point on.”
When you log into portals like Portal.office.com, or Powerbi.Microsoft.com, Office 365 doesn’t know who you are or what tenant you’re connecting to. So you must choose an identity.
Comments on the launch blog state that MS are working on this. (Which hopefully has happened by the time this session runs!)
https://blogs.technet.microsoft.com/enterprisemobility/2017/08/02/the-new-azure-ad-signin-experience-is-now-in-public-preview/
Covering the Home realm discovery, direct links and ADFS
https://technet.microsoft.com/en-us/library/dn280950(v=ws.11).aspx
https://azure.microsoft.com/en-gb/documentation/articles/active-directory-add-company-branding/
This is due to the nature of how your users may connect. Generic Portal URLs are unable to ascertain your domain until a username is added.
1 – The large image can be changed.. Note: It compresses and enlarges from the top left!
2 – Company logo can be applied
3 – Sign-on instructions can be amended (Note: This is visible to the public, so don’t put anything sensitive here!)
4 – Keep me signed in can be turned off (BUT this can adversely affect some apps!)
This logon will be automatically shown when going to service specific URLs, such as www.outlook.com/?realm=wharfconsulting.co.uk but strangely NOT Wharfconsulting.sharepoint.com
1 - Company logo
2 - Sign-in image
3 – Page description
4 – Home and privacy links
Covering Office365/Azure service and ADFS if time!
http://bit.ly/fedthirdparties
Some may require AAD Connect for the write-back elements.
2 that I’ve worked with.
All publish good guides to working with Office 365
But don’t cover all scenarios, e.g. write back for Exchange, so you may still need AAD Connect.
They do add some value, such as license management by AD group.
Deep Dive Planning - https://blogs.technet.microsoft.com/askpfeplat/2014/11/23/adfs-deep-dive-planning-and-design-considerations/
Design Guide - https://technet.microsoft.com/en-us/library/dn554245(v=ws.11).aspx
ADFS Sign-in pages - https://technet.microsoft.com/en-us/library/dn280950(v=ws.11).aspx
Office 365 Signin pages - https://azure.microsoft.com/en-gb/documentation/articles/active-directory-add-company-branding/
Running the ID Fix tool - https://support.office.com/en-gb/article/Install-and-run-the-Office-365-IdFix-tool-f4bd2439-3e41-4169-99f6-3fabdfa326ac