Office 365 Service Overview with a focus on Identity Federation and Directory Synchronization Jono Luk, Program Manager jluk@microsoft.com Presented on July 6, 2011 at Seattle Windows Networking User Group
Overview What is Office 365? Office 365 Services Administering Office 365 Demos Identity Directory Synchronization Exchange Hybrid Deployments On-boarding
What is Office 365? 2 nd generation subscription-based services offering from Microsoft Was Business Productivity Online Services (BPOS) SharePoint 2007 Exchange 2007 http://www.office365.com
Office 365 Services SharePoint 2010 Full integration with Office 2010, Office 2007 SP2+, Windows Phone 7 Exchange 2010 Lync 2010 Office 2010 Subscription (Office ProPlus) URLs: O365 domain or bring your own! Services offered in 38 countries (see appendix)
Administering Office 365 2 main admin experiences: UI ( Portal ) and Powershell Customer sign-up for Office 365 Customers purchase Subscriptions which are sets of licenses Users are assigned licenses to access functionality Users can be managed via UI or Powershell
Demos
Demos Microsoft Office 365 Administrator Console Licensing Experience (UI) Exchange (email) SharePoint (collaboration) Office Web apps Open in Client
Identity Brokered by Microsoft Online ID O365-specific version of Windows Live ID Logins can be managed or federated (new in Office 365) Managed Identities Username/passwords managed in the cloud Federated Identities Logins are managed on-premise, based on Active Directory user accounts Requires Directory Synchronization
Identity Federated Identity requires an on-premise ADFS v2.0 deployment For federated identities, register your domains with Office 365 (i.e. contoso.com) Can switch from managed to federated identity
Identity Federated Identities means you can control password & logon policies from your on-premise AD Users on intranet don t need to provide credentials Users not on intranet provide their at work credentials
Directory Synchronization Microsoft Online Services Directory Synchronization Tool Enables Identity & Application Co-existence ILM 2007-based sync tool that keeps the Office 365 service in sync with on-premise Active Directory* Deployed as appliance, scales from small companies to MSFT (900K user, group & contact objects) Server-side processing automatically creates login accounts for users *Currently only supports single forest source
Directory Synchronization Can have on-premise GAL available to users in the cloud Uses UPN value for login username (used to be primary SMTP account) Full, consistent Address Book available across all O365 services Exchange Online users can receive mail at any of their (valid) on-premise Proxy Addresses Conf Room support (Outlook Room Finder)
Exchange Hybrid Deployments Enables customers to partially adopt Office 365 some users with Exchange on-premise, others onpremise Users have Exchange on-premise, but Lync in the cloud Enables staged migrations of mailboxes to the cloud
On-boarding Walk then run approach: create users, groups, contacts through admin UI for pilot experience Set up Federation to try things out License users Pilot functionality Happy? Configure full user set in Office 365 Bulk upload Powershell Directory Sync
On-boarding Migrate your mailboxes Simple Exchange Migration (SEM) Mailbox Replication Service
Appendix
Supported Countries Austria Germany Malaysia Singapore Belgium Greece Mexico Spain Canada Hong Kong SAR Netherlands Sweden Colombia Hungary New Zealand Switzerland Costa Rica India Norway Trinidad and Tobago Cyprus Ireland Peru United Kingdom Czech Republic Israel Poland United States Denmark Italy Portugal Finland Japan Puerto Rico France Luxembourg Romania
Resources Office 365 site http://www.office365.com Community site (questions, answers, more information) http://community.office365.com