MICROSOFT OFFICE 365 HIGH AVAILABILITY SSO (SINGLE SIGN-ON) SOLUTION IN AZURE Prepared for: St. Louis SharePoint User Group (StlSUG) Bruce Gagliolo Jr Cloud Practice Manager, Architect bgagliolo@mailctp.com
About Us 2004 Covenant Established 35+ Skilled Professionals In STL 400+ Successful Deployments 100% Client Satisfaction #1 St. Louis Microsoft Managed Partner
COVENANT TECHNOLOGY PARTNERS
WHY IS SSO FOR O365 IMPORTANT? For most organizations, the move to Office 365 (O365) is a leap forward in user experience, productivity, simplification, and savings. But organizations that fail to implement Single Sign-On (SSO) reliably can slip backwards in several key areas. Risk can actually increase and productivity suffer.
WHY IS SSO IN O365 IMPORTANT? For most organizations, the move to Office 365 (O365) is a leap forward in user experience, productivity, simplification, and savings. But organizations that fail to implement Single Sign-On (SSO) reliably can slip backwards in several key areas. Risk can actually increase and productivity suffer. Out of the box, O365 requires a separate user account
WHY IS SSO IN O365 IMPORTANT? For most organizations, the move to Office 365 (O365) is a leap forward in user experience, productivity, simplification, and savings. But organizations that fail to implement Single Sign-On (SSO) reliably can slip backwards in several key areas. Risk can actually increase and productivity suffer. Out of the box, O365 requires a separate user account IT maintaining duplicate accounts and group memberships
WHY IS SSO IN O365 IMPORTANT? For most organizations, the move to Office 365 (O365) is a leap forward in user experience, productivity, simplification, and savings. But organizations that fail to implement Single Sign-On (SSO) reliably can slip backwards in several key areas. Risk can actually increase and productivity suffer. Out of the box, O365 requires a separate user account IT maintaining duplicate accounts and group memberships
O365 BASIC FS SOLUTION Office 2013 Professional Plus DirSync Exchange Online Internet Cloud Services SharePoint Online Lync Online Microsoft Azure FS
O365 BASIC FS SOLUTION User Office 2013 Professional Plus User User DirSync Exchange Online Internet Cloud Services SharePoint Online Lync Online Microsoft Azure FS
O365 BASIC FS SOLUTION User Office 2013 Professional Plus User User DirSync Exchange Online Internet Cloud Services SharePoint Online Lync Online Microsoft Azure FS
WHY IS AZURE VALUABLE FOR SSO? Robust Highly Scalable Platform Quick Deployment Low Operating Cost Global Enterprise Solution without the Investment
WHY IS AZURE VALUABLE FOR SSO? Robust Highly Scalable Platform Quick Deployment Low Operating Cost Global Enterprise Solution without the Investment
CASE STUDY EXAMPLE Requirements Two locations (St. Louis and New York) SSO to Office 365 for SharePoint and Exchange Online SSO to Workday Enterprise SaaS Highly Redundant and Robust Infrastructure Assumptions Single Internet connection at each locations Single Active Directory Forest
HA FEDERATED SSO SOLUTION IN AZURE Microsoft Azure Central USA Microsoft Azure East USA Internet St. Louis New York
HA FEDERATED SSO SOLUTION IN AZURE Internet
HA FEDERATED SSO SOLUTION IN AZURE CUS-DMZ EUS-DMZ CUS-LAN FS FS EUS-LAN FS FS DirSync
HA FEDERATED SSO SOLUTION IN AZURE CUS-DMZ EUS-DMZ <Gateway> <ConnectionsToLocalNetwork> <LocalNetworkSiteRef name="cps-stl"> <Connection type="ipsec" /> CUS-LAN EUS-LAN </LocalNetworkSiteRef> <LocalNetworkSiteRef name="cus-dmz"> <Connection type="ipsec" /> </LocalNetworkSiteRef> FS FS </ConnectionsToLocalNetwork> </Gateway> DirSync FS FS
HA FEDERATED SSO SOLUTION IN AZURE CUS-DMZ EUS-DMZ Download the pre-shared keys for the VPN tunnels. Once your new tunnels have been added, use the PowerShell cmdlet Get-AzureVNetGatewayKey to get the IPsec/IKE pre-shared keys for each tunnel and Set-AzureVNetGatewayKey to apply the values. CUS-LAN EUS-LAN Value: tpsyihaqm45hbboxcgzdz6dcyvqq0ksh OperationDescription: Get-AzureVNetGatewayKey OperationId: 0d7efd8b-c4f5-0a49-90ef-0df7d6cb7a1b FS FS OperationStatus: Succeeded DirSync FS FS
HA FEDERATED SSO SOLUTION IN AZURE CUS-DMZ EUS-DMZ CUS-LAN FS FS EUS-LAN FS FS DirSync
HA FEDERATED SSO SOLUTION IN AZURE CUS-DMZ EUS-DMZ PowerShell commands Add-AzureInternalLoadBalancer Add-AzureEndpoint CUS-LAN FS FS EUS-LAN FS FS DirSync
HA FEDERATED SSO SOLUTION IN AZURE CUS-DMZ EUS-DMZ CUS-LAN FS FS EUS-LAN FS FS DirSync
TECHNOLOGY USED FOR SSO SOLUTION Microsoft Active Directory Federated Services Microsoft DirSync Utility Microsoft Azure Datacenter Virtual Network, Machines, Cloud Services, and Storage Multi-Gateway Virtual Routes Internal Virtual Network Load Balancers Traffic Manager
QUESTIONS Bruce Gagliolo Jr bgagliolo@mailctp.com (314) 445-5980 Office
THANK YOU!