hybrid sharepoint - office 365 & on-prem sharepoint 2013 -part2
TRANSCRIPT
Office 365 and On-Premise
SharePoint 2013 - Part 2
Notes:
If you experience audio issues during the webinar, you can dial in through telephone
details provided to you in your registration confirmation email.
Please feel free to post questions in the questions dialog and we will try to answer as
many as we can at the end.
Recording of this session will be shared in next 24-48 hours.
You can also write to us at [email protected] for any clarifications or information.
© 2010 WinWire Technologies
Agenda
WHAT,WHY, Hybrid?
Considerations
Recap of previous webinar
Configure identity management for a hybrid topology in
SharePoint Server 2013
What are some limitations and considerations when moving to the
cloud?
Who We are?
IT solutions company
making information
actionable for the
enterprises in the
mobile-cloud world
Collaborative and
Analytics solutions
leveraging pre-built
solution accelerators
Cloud,
Collaboration &
Analytics Technologies
Mobility,
Who We Are
© 2010 WinWire Technologies
Recap of our previous Webinar
Hybrid SharePoint Offers benefits of moving to the cloud quickly with a
reduced time to market with lower risk and increased flexibility.
Strategies for Adoption:• Migrate or coexist
• Split Workloads or Split User base
Key considerations • Split Workloads & Split User functions
• Environment Management
• Data privacy
• Customizations
Hybrid is the new reality as it provides the “ best of both worlds” and allow
organizations to scale to meet changing business needs.
© 2010 WinWire Technologies
Hybrid Identity Management Infrastructure
SharePoint 2013
On premise
Identity Management
Solution
SharePoint
Office 365
For SharePoint 2013 On premise to be aware of SharePoint Office 365 environment, an
identity management solution needs to be configured
© 2010 WinWire Technologies
Preparing the Identity Architecture : Office 365
WinWire Customer
Premises
1. Microsoft Online IDs
ADMicrosoft
Online
Directory Sync
Identity Platform
Provisioning
Platform Lync
Online
SharePoint
Online
Exchange
Online
Federation
Gateway
AD FS 2.0
Trust
IdPDirectory
Store
Admin Portal
Authentication
Platform IdP
Office 365
Desktop Setup
Microsoft Online Services
2. Microsoft Online IDs and DirSync
3. Federated IDs and DirSync
© 2010 WinWire Technologies
Configuring Identity Management Infrastructure
Configure SSO or Password Sync
Synchronize your on-premises users to Office 365
Configure server-to-server authentication between SharePoint Server 2013
and SharePoint Online
For SharePoint 2013 On premise to be aware of your SharePoint Office 365
environment, an identity management solution needs to be configured.
© 2010 WinWire Technologies
Setting Up Active Directory Federation Services :
Office365
Set Up
ADFS Servers
Set Up
ADFS Proxies
Implement Load
BalancingRegister DNS
Directory synchronization is done with the
Azure Active Directory Sync tool.
© 2010 WinWire Technologies
Configure SSO or Password Sync
Step 1: Prepare for single sign-on
Step 2: Set up your on-
premises security token
service
• Active Directory Federation Services (AD FS)
• Other third-party identity providers
• https://msdn.microsoft.com/en-
us/library/azure/jj679342.aspx
Step 3: Verify single sign-on
• From a domain-joined computer
• From a non-domain-joined computer inside the corporate
network
• From a roaming domain-joined computer outside the
corporate network
• From the different operating systems that you use in your
company
• From a home computer
• From an Internet kiosk (test access to the cloud service
through a browser only)
• From a smart phone (for example, a smart phone that uses
Microsoft Exchange ActiveSync)
© 2010 WinWire Technologies
Server-to-Server Authentication(SharePoint Server 2013 and SharePoint Online)
Configure the Security
Token Service (STS) in
SharePoint Server 2013:
• Create a new STS certificate.
• Replace the default STS
certificate on each server in
your SharePoint Server 2013
farm.
Install online service
management tools on a
web server in your
SharePoint Server 2013
farm.
Configure server-to-server
authentication
• Set variables
• Upload the new on-premises STS
certificate to SharePoint Online.
• Add a Service Principal Name (SPN) to
Azure.
• Register the SharePoint Online
application principal object ID with on-
premises SharePoint Server 2013.
• Configure a common authentication
realm between your on-premises
SharePoint Server 2013 farm and
SharePoint Online.
• Configure an Azure Active Directory
application proxy on-premises.
https://technet.microsoft.com/en-us/library/dn197169.aspx
© 2010 WinWire Technologies
Preparing the Identity Architecture : Office 365
WinWire Customer
Premises
1. Microsoft Online IDs
ADMicrosoft
Online
Directory Sync
Identity Platform
Provisioning
Platform Lync
Online
SharePoint
Online
Exchange
Online
Federation
Gateway
AD FS 2.0
Trust
IdPDirectory
Store
Admin Portal
Authentication
Platform IdP
Office 365
Desktop Setup
Microsoft Online Services
2. Microsoft Online IDs and DirSync
3. Federated IDs and DirSync
© 2010 WinWire Technologies
Authentication Options : Office 365
Federated IDs Microsoft Online IDs
End user sign-in experience
• Users sign in with corporate ID
• Authentication takes place
on-premises
• Users have a single
credential to provide SSO
for on-premises and cloud
services
• Users get true SSO
• Microsoft Online IDs• Users sign in with cloud identity
• Authentication takes place in
the cloud
• Users have two IDs—one to
access on-premises services
& one for cloud services
• Users prompted for credentials
© 2010 WinWire Technologies
SharePoint 2013 Migration Made Easy
Upcoming Webinar
March 25th at 8AM to 9AM PT
© 2010 WinWire TechnologiesWinWire Technologies, Inc. ConfidentialWinWire Technologies, Inc. Confidential
Thank You
© 2010 WinWire Technologies
Considerations for Office 365
Advantages Disadvantages
Package of solutions included (Exchange, Lync and
SharePoint). If you are migrating other solutions, moving
SharePoint to Office 365 will be very easy to use
There is no way to know where your data is
stored, making it potentially susceptible to
other countries’ laws. Private and sensitive
data resides outside your firewall.
Reduced time to market. Difficult migration from on premise to Office
365 without 3rd party tools.
Accessible anytime and anywhere the Internet is available
because it is cloud-based.
Difficult to integrate with 3rd party software
that requires server installation
Excellent performance and reliability. Office 365 offers
99.9% uptime on their services, which means you don’t
have to worry about your site going down.
Developers are limited to Sandbox solutions,
restricting them to a single site collection.
No maintenance required, everything is taken care of by
Microsoft.
Full Enterprise features of SharePoint are not
available and therefore key items like metrics
and usage analysis are impossible to do at
the site level.
Pay as you go model. This allows you to be up and
running quickly without the high cost of infrastructure.
© 2010 WinWire Technologies
Considerations for On-Premise
Advantages Disadvantages
The hardware belongs to you. The hardware belongs to you. If problems
occur, they are your responsibility.
Easier to integrate with external systems
that will work with SharePoint (e.g. SAP,
etc.)
Costs for hardware and licenses (SQL
Servers, SharePoint Servers, Client Access).
You control where your data is stored. Server maintenance is required.
Restart, backup, shutdown and update
servers anytime at your convenience.
Additional IT skills required to support the
servers and infrastructure. SharePoint can
touch AD, SQL, DNS, IIS and of course
SharePoint itself.
Developers have full access; no limitations.
Enhanced performance thanks to server
proximity. No slow internet connections.