office 365 for it pros - sps michigan 2012
Post on 14-Dec-2014
2.406 Views
Preview:
DESCRIPTION
TRANSCRIPT
Office 365 for IT Pros
3 | SharePoint Saturday Michigan 2012
Housekeeping
Please turn off all electronic devices or set them to vibrate.
If you must take a phone call, please do so in the hall so as not to disturb others.
Wireless is available to all attendees with a valid Michigan ID, just find the nearest sign-up terminal
Follow SharePoint Saturday Michigan on Twitter @spsmi and hashtag #spsmi
Join us for SharePint after the closing
Chammps 301 West Big Beaver Road Troy, MI 48084
4 | SharePoint Saturday Michigan 2012
Outline
Office 365 Overview
IT and the Cloud
What we give up
What we get back
Pain points
5 | SharePoint Saturday Michigan 2012
Email and Calendaring
Websites and Collaboration
IM and Online Meetings
Office Client and Web Apps
Hosted by Microsoft – in the cloud!
6 | SharePoint Saturday Michigan 2012
Office 365 Overview
IT and the Cloud
What we give up
What we get back
Pain points
7 | SharePoint Saturday Michigan 2012
Did Someone say Cloud?
8 | SharePoint Saturday Michigan 2012
What’s Your Perspective?
9 | SharePoint Saturday Michigan 2012
Office 365’s impact on IT
No more deep platform management
Less control over functionality
More Identity Management
Hybrid challenges
10 | SharePoint Saturday Michigan 2012
Office 365 Overview
IT and the Cloud
What we give up
What we get back
Pain points
11 | SharePoint Saturday Michigan 2012
Changing the perspective
Your Environment
12 | SharePoint Saturday Michigan 2012
Losing Control
No tweaking
No fine customization
No server installs
No storage management
No patching
No networking
No upgrades
*
13 | SharePoint Saturday Michigan 2012
Office 365 Overview
IT and the Cloud
What we give up
What we get back
Pain points
14 | SharePoint Saturday Michigan 2012
What we get back
Who can do what?
Accounts and Subscriptions
How do you manage Identity?
Remember the client
Maintaining the connection
15 | SharePoint Saturday Michigan 2012
Subscriptions
No more CALs
Now you have USLs
Must assign licenses
Dynamic assignment
17 | SharePoint Saturday Michigan 2012
Office 365 user roles
End Users
Service administrators
Exchange Online
SharePoint Online
Lync Online
Office 365 administrators
External users
18 | SharePoint Saturday Michigan 2012
Office 365 admin roles
Global administrator
Billing administrator
Password administrator
Services administrator
User management administrator
Delegated administrator
See the Office 365 Support Services Description document for more info:
http://tinyurl.com/o365SvcDescrs
19 | SharePoint Saturday Michigan 2012
Identity: who gets in?
Where do your Office 365 user accounts live?
What is needed to use them?
What can they do?
What are the limitations of the approach?
20 | SharePoint Saturday Michigan 2012
Identity Options 1. Microsoft Online (MSO) IDs
2. MSO IDs + Directory Synchronization
3. Single Sign On + Directory Synchronization
Your Environment
AD
MS Online Directory Sync
Identity Services
Provisioning platform
Lync Online
SharePoint Online
Exchange Online
Active Directory Federation Services 2.0
Trust
IdP Directory
Store
Admin Portal/ PowerShell
Authentication platform
Office 365 Desktop Setup
Microsoft Online Services
IdP
21 | SharePoint Saturday Michigan 2012
What can they do?
Appropriate for • Smaller orgs without
AD on-premise
Pros • No servers required on-
premise
Cons • No SSO • No 2FA • 2 sets of credentials to
manage with differing password policies
• IDs mastered in the cloud
Appropriate for • Medium/Large orgs with
AD on-premise
Pros • Users and groups
mastered on-premise • Enables co-existence
scenarios Cons • No SSO • No 2FA • 2 sets of credentials to
manage with differing password policies
• Single server deployment
Appropriate for • Larger enterprise orgs
with AD on-premise Pros • SSO with corporate cred • IDs mastered on-premise • Password policy
controlled on-premise • 2FA solutions possible • Enables co-existence
scenarios Cons • High availability server
deployments required
22 | SharePoint Saturday Michigan 2012
Sign On Experience *SSO vs. Online IDs Summary
Win7/Vista/XP
SSO IDs (domain joined)
MS Online IDs
Outlook Web Application
SharePoint Web Application
ActiveSync, POP, IMAP, Entourage
Outlook 2007 or 2010
Online ID Online ID Online ID
Win 7/Vista/XP
Office 2010, or Office 2007 SP2
Online ID
Win7/Vista/XP
Lync Online
Online ID
AD credentials AD credentials AD credentials AD credentials AD credentials
SSO IDs (non-domain joined) AD credentials AD credentials AD credentials AD credentials AD credentials
*Requires AD FS 2.0
23 | SharePoint Saturday Michigan 2012
Your Environment
AD
MS Online Directory Sync
Identity Services
Lync Online
SharePoint Online
Exchange Online
Active Directory Federation Services 2.0
Trust
IdP Directory
Store
Authentication platform
Office 365 Desktop Setup
Microsoft Online Services
Active Directory Federation Services (AD FS)
24 | SharePoint Saturday Michigan 2012
How does AD FS work?
Claims authentication
Think of it like a passport
Passport Application
Visa Application
Submit for authorization
Allowed access
25 | SharePoint Saturday Michigan 2012
AD FS’s Authentication flow
`
Client
(joined to CorpNet)
Authentication platformAD FS 2.0 Server
Exchange Online or
SharePoint Online
Active Directory
Your Environment Microsoft Online Services
Logon (SAML 1.1) Token UPN:user@contoso.com Source User ID: ABC123
Auth Token UPN:user@contoso.com Unique ID: 254729
26 | SharePoint Saturday Michigan 2012
AD FS 2.0 deployment options 1. Single server configuration
2. AD FS 2.0 server farm and load-balancer
3. AD FS 2.0 proxy server or UAG/TMG (External Users, Active Sync, Outlook)
Enterprise
DMZ
AD FS 2.0 Server Proxy
External user Internal
user
Active Directory
AD FS 2.0 Server
AD FS 2.0 Server
AD FS 2.0 Server Proxy
28 | SharePoint Saturday Michigan 2012
Directory Synchronization
One-way copy of accounts to Office 365
Required for SSO/AD FS
But can be used without AD FS
Required for Hybrid scenarios
Think of it as an appliance, always running
29 | SharePoint Saturday Michigan 2012
Your Environment
AD
MS Online Directory Sync
Identity Services
Lync Online
SharePoint Online
Exchange Online
Active Directory Federation Services 2.0
Trust
IdP Directory
Store
Authentication platform
Office 365 Desktop Setup
Microsoft Online Services
IdP
How DirSync Fits in
30 | SharePoint Saturday Michigan 2012
Getting to know DirSync
It’s actually Forefront Identity Manager
Copies AD accounts into Office 365
But not back down
Doesn’t sync passwords
Filtering now available
Can have sizing issues
Upload sizing
Database sizing
FIM: no touchy! (maybe)
31 | SharePoint Saturday Michigan 2012
We still have those silly users…
OS compatibility
Office compatibility
Single sign on
Training
Transitions
Mobile
32 | SharePoint Saturday Michigan 2012
None of this works without…
What kind of connection do you have?
How big is it?
How reliable is it?
Is it redundant?
33 | SharePoint Saturday Michigan 2012
Office 365 Overview
IT and the Cloud
What we give up
What we get back
Pain points
34 | SharePoint Saturday Michigan 2012
Are you supportive? Know what you get
What are you responsible for?
Who are you dealing with?
Does it meet your requirements?
35 | SharePoint Saturday Michigan 2012
Where did it go?
36 | SharePoint Saturday Michigan 2012
No upgrades?
37 | SharePoint Saturday Michigan 2012
Managing Identity in Office 365
AD FS is complex
And important!
PowerShell is your friend
Remember your internet connection?
Office 365 is constantly changing
38 | SharePoint Saturday Michigan 2012
Did someone say PowerShell?
39 | SharePoint Saturday Michigan 2012
A tale of two shells
(soon three)
40 | SharePoint Saturday Michigan 2012
Troubleshooting Tools
Microsoft Online Diagnostics and Logging tool (MOSDAL)
Microsoft Remote Connectivity Analyzer: HTTP://testexchangeconnectivity.com
Fiddler
WireShark/Netmon
Office 365 Expert Discussion Series: http://tinyurl.com/o365ExptDisc
41 | SharePoint Saturday Michigan 2012
Tie IT All Together
43 | SharePoint Saturday Michigan 2012
Event
Exhibit
Web
top related