o365 saturday: how to (remote) control office 365 with windows azure-slideshare
DESCRIPTION
Se how you can use Windows Azure to do a lot of provisioning and Automation stuff around Office 365. We Show here for what purposes you can use Automation, and provide examples around Graph API, WAAD, SharePoint REST, CSOM, Exchange managed API.TRANSCRIPT
Welcome to Office 365 Saturday
Europe
#O365EUHosts: Matthew Hughes & Rene Modery
Martina GromMVP Office 365
@magrom, atwork.at
Toni PohlMVP Client Development
@atwork, atwork.at
How to (Remote) Control Office 365 with Windows Azure
3
Vienna/Austria
We are from…
Our MISSION
Agenda
• Scenarios• Prerequisites• Authentication/Identities• User Provisioning• Office 365 Demo
User - Azure WEB – Authorize - Office 365
Authenticateas entitled userfor the individual service
Authenticateas entitled userfor our web portal
Decide what the user may execute in your app
Prerequisites
• Office 365 TenantGet a free one month trial:http://office.microsoft.com/ • Windows Azure
Get a 90 day free trial:http://www.windowsazure.com/en-us/pricing/free-trial/ • Visual Studio 2013 RC• Some libraries (see later)
AuthenticationHow to authenticate against WAAD/Office 365
App
STSAuthorit
y
Resource
1. Request Token withApp-ID + Secret or Username + Password 2. Get Token
3. Use Token
Federated Authentication
LIVE DEMOWeb Project with Office 365 Authentication
ADAL for .net
• Active Directory Authentication Library (ADAL) v1 for .NET – General Availability!(Vittorio Bertocci)http://www.cloudidentity.com/blog/2013/09/12/active-directory-authentication-library-adal-v1-for-net-general-availability/ • ADAL 1.0 and Windows Store Apps
(Alex Simons) – coming soonhttp://social.msdn.microsoft.com/Forums/en-US/faf520ce-1653-4eac-b398-c4bfcbc5c7fe/adal-10-and-windows-store-apps
Integrating Applications in Windows Azure Active DirectoryAccess Level Type Description
Single Sign-On
Default permission. The app is enabled for single sign-on with Azure AD, and the user token will contain claims such as the user’s User Principal Name, First and Last Name and unique identifiers.
Single Sign-On, Read Directory Data
Single sign-on plus the ability to read directory data using the Graph API. This allows querying of company, user and group information.
Single Sign-On, Read and Write Directory Data
Single sign-on plus the ability to read and write directory data using the Graph API. This allows querying and writing of company, user, and group information, but does not allow deleting users or groups.
Office 365How to control Office 365
Access Services
• WAAD -> Graph API, PowerShell• SPO -> CSOM, REST, PowerShell• Exchange Online -> Managed API, PowerShell• Lync Online -> SDK, PowerShell
LIVE DEMORemote Control Office 365 servcies
16
What to use when in Azure
Access method Azure Website$
Azure Cloud Service$$$
WAAD
Exchange EWS
Exchange PowerShell
SharePoint CSOM
SharePoint REST
SharePoint PowerShell
Lync SDK
Lync PowerShell
Summary
• Use Federated Authorization (OAuth2)• Use GraphAPI for WAAD manipulations• Use Office 365 services
• Build great solutions with Office 365!
Call 2 Action
• Download this presentation and the sample code atblog.atwork.at
• If you´re interested in a ready to use Office 365 product portalhttp://delegate365.com
THANK YOU!
Martina Grom@magrom
Toni Pohl@atwork
Download:blog.atwork.at
Graph API Links
• Windows Azure Graph APIhttp://code.msdn.microsoft.com/Graph-API-Authenticate-and-53c6cb92/view/SourceCode
• GraphAPI Explorerhttps://graphexplorer.cloudapp.net/
• MVC Sample App for Windows Azure Active Directory Graphhttp://code.msdn.microsoft.com/windowsazure/Write-Sample-App-for-79e55502
• Adding Sign-On to Your Web Application Using Windows Azure ADhttp://msdn.microsoft.com/en-us/library/windowsazure/dn151790.aspx
• Group & Role Claims: Use the Graph API …http://www.cloudidentity.com/blog/2013/01/22/group-amp-role-claims-use-the-graph-api-to-get-back-isinrole-and-authorize-in-windows-azure-ad-apps/
SharePoint Links
• SharePoint Online Management Shell (PS) http://www.microsoft.com/en-us/download/details.aspx?id=30359• OAuth and remote apps for SharePoint
http://msdn.microsoft.com/en-us/library/office/apps/fp179932.aspx• Office365ClaimsConnector
http://www.codeproject.com/Articles/637378/How-to-Create-a-Windows-8-App-for-SharePoint-Part • OAuth authentication and authorization flow for apps that ask for
access permissions on the fly in SharePoint 2013 http://msdn.microsoft.com/en-us/library/office/apps/jj687470.aspx • Helper for:
http://json2csharp.com/
Exchange Links
• Microsoft Exchange Web Services Managed API 2.0 http://www.microsoft.com/en-us/download/details.aspx?id=35371• Getting started with the EWS Managed API
http://msdn.microsoft.com/en-us/library/dd633626(v=exchg.80).aspx • Connect to Exchange Online Using Remote PowerShell
http://technet.microsoft.com/en-us/library/jj984289(v=exchg.150).aspx
Lync Links
• Lync 2013 SDK (only for WPF)http://www.microsoft.com/en-us/download/details.aspx?id=36824• Windows PowerShell Module for Lync Online
http://www.microsoft.com/en-us/download/details.aspx?id=39366• Lync PowerShell
http://blogs.office.com/b/office365tech/archive/2013/08/19/remote-powershell-for-lync-online.aspx • Using Windows PowerShell to Manage Lync Online
http://technet.microsoft.com/en-us/library/dn362831.aspx
Thanks for Attending
Office 365 SaturdayEurope