How to Remove Document Management Hurdles with X-Docs?
Making your Cloud Initiatives Successful
1. Making your Cloud Initiatives
Successful
A Look into Active Directory - ADFS - Office365
2. S P E A K E R S
C H I P E P P S
Sr Director, Product Marketing
@onelogin
R O B C A P O Z Z I
Solutions Engineer
@onelogin
3. I want to move to cloud apps,
but I’ve got all this
Active Directory baggage.
4. My end users will find
workarounds, aka Shadow IT,
if I can’t get them the online
services they need.
5. I spend too much time
integrating new apps into our
Active Directory infrastructure,
especially cloud apps.
6. W H Y I D A A S ?
6
Security:
● 47% experienced data breaches
caused by internal incidents
● Avg cost of data breach increased 15%
YoY
Productivity:
● $10 per Help Desk call to address
access issues
● COTS provides 40% savings over BYO
7. / / / Extending Directory Services to Office 365
/ / / OneLogin for Office 365
/ / / Product Demo
/ / / Q & A
A G E N D A
10. ABOUT MICROSOFT AZURE AD
● One Component of Microsoft’s Cloud
Services Platform
● Core directory behind most of Microsoft’s
cloud services
● A free Azure AD tenant is
included/required with Office 365
● OneLogin eliminates the need for
customers to interact directly with Azure
AD (we use the Graph API)
M I C R O S O F T A Z U R E A C T I V E D I R E C T O R Y
11. G E T T I N G F R O M A D TO O 3 6 5
● Synchronized Identity
● Federated Identity
Azure AD
12. R E V I E W O F I D E N T I T Y M O D E L S
SYNCHRONIZED
IDENTITY
FEDERATED
IDENTITY
Same Password to Access Resources On-Premises & in the Cloud
Can Control Password Policies On-Premises
Real-Time Authentication Based on Active Directory
Desktop SSO (Integrated Windows Authentication)
Support for Multiple Forests or Mixed Directory Types
Sign-in Compliance Reporting
Restrict Access by IP Address
13. S Y N C H R O N I Z E D I D E N T I T Y
● One-way Sync between AD and O365
● Users have same username and password, but have to re-enter them
DirSync
Azure AD
USER ACCOUNTS
14. F E D E R A T E D I D E N T I T Y
● Leverages Desktop SSO (IWA)
● Users Don’t have to re-authenticate if they are on the Network
● Addresses complex directory infrastructures
● Supports more advanced compliance Reporting
DirSync
ADFS
Azure AD
AUTHENTICATION
USER ACCOUNTS
15. O N E L O G I N F E D E R A T E D I D E N T I T Y
● Provides powerful Active Directory integration with real-time sync, and supports Desktop SSO
● Powerful mapping engine accommodates multi-forest structures, and organizational
relationships
● Supports automated Provisioning & De-Provisioning, with entitlement mapping
● Cloud-based and highly available, with certified Data Centers (e.g. ISO 27001)
Azure AD
AD Connector
USER ACCOUNTS
AUTHENTICATION
16. R E Q U I R E M E N T S
Microsoft OneLogin
User Management DirSync/
AAD Sync
Authentication/Federation ADFS/
AAD Connect
Multi-Factor Authentication MFA
Directory Services Integration FIM
Provisioning Services integration PowerShell
High Availability Infrastructure- LB, etc
Professional Services
Hardware
Hardware
Hardware
Hardware
Hardware
17. OneLogin for Office 365
1. No More DirSync, ADFS, FIM and Servers to Maintain
2. Enable a High Availability Service, with Minimal Work on Your Part
3. Fast Precise Provisioning of Office 365 Users & License Pairing
4. Stronger Security & Compliance
18. Firewall
C O M P L E T E I D E N T I T Y S O L U T I O N
ACTIVE DIRECTORY
19. “With OneLogin, I rolled out Office 365
to 4,000+ users across 35 offices in half
an hour.”
C O L L I N H A C H W I
IT Infrastructure Manager, Disys
21. AD Integration
● Desktop SSO
App Setup- Office 365
● OneClick Configuration
Mapping Attributes, Groups, & Licenses
Provisioning
De-Provisioning
S E T T I N G T H E S T A G E
A D C O N N E C T O R
C L O U D
A P P S