1 / 23

Connecting Active Directory To Microsoft Services

BB29. Connecting Active Directory To Microsoft Services.  Lynn Ayres Program Manager Identity Services.  Tore Sundelin Program Manager Identity Services. Microsoft Identity Software + Services One identity model that puts users in control of their identities. Flexibility via Choice.

elon
Télécharger la présentation

Connecting Active Directory To Microsoft Services

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. BB29 Connecting Active Directory To Microsoft Services  Lynn Ayres Program Manager Identity Services  Tore Sundelin Program Manager Identity Services

  2. Microsoft Identity Software + ServicesOne identity model that puts users in control of their identities Flexibility via Choice Enhances Developer Productivity • Standards Based Live ID Microsoft Federation Gateway .Net Access Control Service Services Claims-Based Access “Geneva” Server Microsoft Services Connector Windows CardSpace “Geneva” “Geneva” Framework Live Framework Software Active Directory

  3. Microsoft Identity Software + Services One identity model that puts users in control of their identities Flexibility via Choice Enhances Developer Productivity • Standards Based Live ID Microsoft Federation Gateway .Net Access Control Service Services Claims-Based Access “Geneva” Server Microsoft Services Connector Windows CardSpace “Geneva” “Geneva” Framework Live Framework Software Active Directory

  4. Why Are We Here? Services Revolution

  5. Identity Challenges • Different security zones • Multiple islands • Identity can be a barrier enabler • Identity can be a barrier

  6. Scenarios • Switch from a server (Exchange) to a cloud service • Adopt a new service • Move an on-premises app to a cloud service • How does a business use services without changing their on-premises identity infrastructure?(ex: Active Directory)

  7. Enterprise Software And Service Topology Cloud Enterprise Apps ISV Apps Windows Live Microsoft Online AzureServices Platform Live Mesh Microsoft Dynamics CRM Online Live Identity Service Enterprise On-Premises Browser Active Directory Office Desktop Apps ISV Apps SharePoint Exchange

  8. Solution Must Satisfy: • IT admin • Employees • Developers

  9. Federation Is Industry Endorsed Solution • Federation is the solution, but we need to do more • Microsoft will offer a free tool that greatly simplifies on-boarding to cloud services

  10. Solution: Microsoft Federation Gateway • Federation hub brokers access for Cloud services: • Microsoft cloud applications • Developers using AzureServices Platform • Other businesses using the Gateway • Manage one relationship to connect to any service

  11. Solution: Microsoft Services Connector • Free download for quick and easy setup • Connects Active Directory to the Gateway and cloud services and applications • Protects corporate account security

  12. Enterprise Software And Service Topology Cloud Enterprise Apps ISV Apps Windows Live Microsoft Online AzureServices Platform Live Mesh Microsoft Dynamics CRM Online Live Identity Service Microsoft Federation Gateway Microsoft Services Connector Enterprise On-Premises Browser Active Directory Office Desktop ISV Apps SharePoint Exchange Apps

  13. demo Microsoft Services Connector  Tore Sundelin Program Manager Identity Services

  14. What Happened: Setup • Registers the enterprise’s domain, sign-in endpoint, and a token signing key • Enterprise asserts domain ownership via an SSL cert issued by a trusted CA • Ongoing management is automatic Microsoft Cloud Microsoft Federation Gateway Microsoft Services Connector Enterprise Applications Developer Services Active Directory Server Apps

  15. What Happened: Accessing Services • User clicks link for service • Federation Gateway validates token and transforms claims • Connector issues a login token and redirects to Microsoft Federation Gateway • Connector validates credentials with Active Directory • Federation Gateway issues service token and redirects to requested service • User taken to Microsoft Services Connector for authentication • User accesses service Browser Office Desktop Apps Microsoft Cloud Microsoft Federation Gateway Microsoft Services Connector Enterprise Applications Developer Services Active Directory Server Apps

  16. Drill Down: Microsoft Federation Gateway • Businesses federate once to connect to any service • Services federate once to connect to any business • Hub and spoke model abstracts complexity: • Endpoint changes, key rollovers, protocol changes, etc.

  17. Drill Down: Microsoft Federation Gateway • For businesses: • Microsoft Services Connector, “Geneva” • Works for businesses without AD • Protocols: WS-*, SAML • Tokens: SAML • For relying services: • Frameworks: .NET, “Geneva”, Live • Messaging: WS-*, SAML , Live • Tokens: SAML, Live

  18. Drill Down: Microsoft Services Connector • Supports range of network infrastructures: • Single server, server farm, proxy server • Active Directory: single domain, single forest, multiple forests • Automates Complex Management Tasks

  19. Drill Down: Microsoft Services Connector • Flexible and customizable end user experience • Architecture consistent with “Geneva” • Microsoft has an internal deployment

  20. Why Are We Here? • Businesses adding services to their existing IT infrastructure • Identity must be an enabler • Solution is available today

  21. How You Get It • Microsoft Services Connector • Preview available today: www.microsoft.com/servicesconnector • Beta in early 2009 • Microsoft Federation Gateway • Released, available today • Whitepaper • On-boarding documentation • We want your feedback! • Forum

  22. © 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

More Related