Saa S Apps Active Directory Users are more
- Slides: 34
Saa. S Apps Active Directory Users are more productive by having a single sign-on to all their resources. IT can provide users with a common identity across on-premises or cloudbased services, leveraging Windows Server Active Directory and Azure Active Directory. Users get access through accounts in Azure Active Directory to Azure, Office 365, and third-party applications. Files Active Directory Web Apps LOB Apps Developers can build applications that leverage the common identity model.
On-premises Active Directory Identity Bridge Azure AD Connect Sync, Sign-In AD DS Microsoft Azure Active Directory Your apps FIM/MIM Sync LOB Office 365 and Saa. S Providers Salesforce Box Drop. Box Google Concur ….
Ø Ø Tight AD integration • Desktop SSO from domain joined machines • Honor AD login policies (e. g. work hours) • Integration with AD lockout with support for independent ‘soft’ lockout for extranet • Alternate login ID Strong Authentication Conditional Access Security Policy • Policy prevents any AD credential to be synced to public cloud • Client Access Policies to control extranet access to applications • Conditional access based on devices (workplace join) • Inbox support for AD cert authentication (e. g. Smart. Cards) • Support for Azure MFA server or 3 rd party MFA vendors (RSA, Safe. Net, Login. People, In. Webo, Gemalto…) that a customer already has
Active Directory ADFS Start Firewall Azure Active Directory Web Application Proxy
Active Directory ADFS Firewall Azure Active Directory Web Application Proxy Start
Deployment Security • Use Windows 2012 R 2 • Co-locate ADFS on domain controllers (no IIS needed) • You don’t need SQL unless you are greater than 90 K users! • Use self-signed token signing certificates. • Enable extranet soft account lockout • Enable MFA with smartcards, Azure MFA or 3 rd party MFA (Safe. Net, RSA, Gemalto, Login. People …) • Enable client access policies in the prescribed manner. Network • Deploy Web Application Proxy. Current Outlook/EAS need this to work. • AAD uses federation metadata endpoint that is internet accessible to keep token signing cert information up to date. • Don’t use sticky sessions on your Load Balancer • Configure SNI on load balancer or use HTTP health probes (MS 14 -08) Sign-In Experience • Ensure that SPN (HOST/adfs. contoso. com) is set on ADFS service account • Customize illustration & logo to have a great end user experience • Enable ‘Keep Me Signed In’ option for better SSO
Tue, Oct 28 3: 15 PM-4: 30 PM EM-B 214 Privileged Access Management for Active Directory Wed, Oct 29 8: 30 AM-9: 45 AM EM-B 316 Directory Integration: Creating One Directory with Active Directory and Azure Active Directory Wed, Oct 29 3: 15 PM-4: 30 PM EM-B 319 Microsoft Identity Manager v. Next Overview Wed, Oct 29 3: 15 PM-4: 30 PM CDP-B 210 Cloud Identity: Microsoft Azure Active Directory Explained Wed, Oct 29 5: 00 PM-6: 15 PM EM-B 318 Free Your Apps: Introducing Microsoft Azure Active Directory Application Proxy and Windows Server Web Application Proxy Thu, Oct 30 10: 15 AM-11: 30 AM CDP-B 312 Microsoft Azure Active Directory Premium, in Depth Fri, Oct 31 2: 45 PM-4: 00 PM EM-B 313 Microsoft Azure Multi-Factor Authentication Deep Dive: Securing Access on Premises and in the Cloud Thu, Oct 30 12: 00 PM-1: 15 PM EM-B 310 Active Directory + BYOD = Peace of Mind Thu, Oct 30 5: 00 PM-6: 15 PM DEV-B 322 Building Web Apps and Mobile Apps Using Microsoft Azure Active Directory for Identity Management Fri, Oct 31 8: 30 AM-9: 45 AM CDP-B 207 Securing Organizations: Azure Active Directory Intelligence as a Differentiator
http: //aka. ms/enterprise mobilitysuite http: //aka. ms/microsoftintune http: //aka. ms/configmgr http: //aka. ms/hi http: //aka. ms/aip http: //aka. ms/virtualdesktop
http: //channel 9. msdn. com/Events/Tech. Ed www. microsoft. com/learning http: //microsoft. com/technet http: //developer. microsoft. com
- More more more i want more more more more we praise you
- More more more i want more more more more we praise you
- Insidan region jh
- Consumer apps vs enterprise apps
- Active directory logo
- Lab 5: manage active directory accounts (module 4)
- Active directory fundamentals
- 3schools sql
- Active directory design document
- Nagios active directory monitoring
- Active directory two way trust
- Active directory sites and services
- Samba ad domain controller
- Introduction to active directory
- Advantages and disadvantages of active directory
- Administering active directory
- Active directory infrastructure design
- Vittorio bertocci
- Soisk
- Active directory disaster recovery best practices
- Controladores de domínio do active directory
- Kerberos silver ticket
- Active directory consolidation best practices
- Active directory fundamentals
- Gestione utenti active directory
- Exchange best practices
- Active directory grundlagen
- Active directory site topology
- Active directory replication troubleshooting
- Active directory alapok
- Acm
- Operator access workstation
- Active directory dynamic access control
- Unc active directory
- Active directory cleanup