Download - Ad.Ppt
![Page 1: Ad.Ppt](https://reader036.vdocument.in/reader036/viewer/2022062616/54b561f84a795900388b464f/html5/thumbnails/1.jpg)
![Page 2: Ad.Ppt](https://reader036.vdocument.in/reader036/viewer/2022062616/54b561f84a795900388b464f/html5/thumbnails/2.jpg)
Connecting Active Directory To Microsoft Services
Lynn AyresProgram ManagerIdentity Services
Tore SundelinProgram ManagerIdentity Services
BB29
![Page 3: Ad.Ppt](https://reader036.vdocument.in/reader036/viewer/2022062616/54b561f84a795900388b464f/html5/thumbnails/3.jpg)
Microsoft Identity Software + ServicesOne identity model that puts users in control of their identities
“Geneva” Framework
Live Framework
Windows CardSpace “Geneva”
Active Directory
“Geneva” Server
Microsoft Services
Connector
Soft
war
eSe
rvic
es Claims-Based Access
Standards BasedEnhances Developer ProductivityFlexibility via Choice
Live IDMicrosoft
Federation Gateway
.Net Access Control Service
![Page 4: Ad.Ppt](https://reader036.vdocument.in/reader036/viewer/2022062616/54b561f84a795900388b464f/html5/thumbnails/4.jpg)
Microsoft Identity Software + Services One identity model that puts users in control of their identities
Live Framework
Standards BasedEnhances Developer Productivity
Live ID.Net Access
Control Service
“Geneva” Framework
Windows CardSpace “Geneva”
“Geneva” Server
Microsoft Federation Gateway
Microsoft Services
Connector
Active DirectorySoft
war
eSe
rvic
es Claims-Based Access
Flexibility via Choice
![Page 5: Ad.Ppt](https://reader036.vdocument.in/reader036/viewer/2022062616/54b561f84a795900388b464f/html5/thumbnails/5.jpg)
Why Are We Here?
Services Revolution
![Page 6: Ad.Ppt](https://reader036.vdocument.in/reader036/viewer/2022062616/54b561f84a795900388b464f/html5/thumbnails/6.jpg)
Identity can be a barrier enabler
Different security zones
Multiple islands
Identity Challenges
Identity can be a barrier
![Page 7: Ad.Ppt](https://reader036.vdocument.in/reader036/viewer/2022062616/54b561f84a795900388b464f/html5/thumbnails/7.jpg)
1. Switch from a server (Exchange) to a cloud service
2. Adopt a new service3. Move an on-premises app to a
cloud service
Scenarios
How does a business use services without changing their on-premises identity infrastructure? (ex: Active Directory)
![Page 8: Ad.Ppt](https://reader036.vdocument.in/reader036/viewer/2022062616/54b561f84a795900388b464f/html5/thumbnails/8.jpg)
Enterprise Software And Service Topology
DesktopExchange
Azure Services Platform
ISV Apps Microsoft Online
Microsoft Dynamics
CRM Online
Windows Live
Browser
Office
Apps ISV Apps SharePoint
EnterpriseApps
LiveMesh
Cloud
Live Identity Service
Active Directory
Enterprise On-Premises
![Page 9: Ad.Ppt](https://reader036.vdocument.in/reader036/viewer/2022062616/54b561f84a795900388b464f/html5/thumbnails/9.jpg)
IT admin
Employees
Developers
Solution Must Satisfy:
![Page 10: Ad.Ppt](https://reader036.vdocument.in/reader036/viewer/2022062616/54b561f84a795900388b464f/html5/thumbnails/10.jpg)
Federation is the solution, but we need to do more
Microsoft will offer a free tool that greatly simplifies on-boarding to cloud services
Federation Is Industry Endorsed Solution
![Page 11: Ad.Ppt](https://reader036.vdocument.in/reader036/viewer/2022062616/54b561f84a795900388b464f/html5/thumbnails/11.jpg)
Federation hub brokers access for Cloud services: Microsoft cloud applications Developers using Azure Services Platform Other businesses using the Gateway
Manage one relationship to connect to any service
Solution: Microsoft Federation Gateway
![Page 12: Ad.Ppt](https://reader036.vdocument.in/reader036/viewer/2022062616/54b561f84a795900388b464f/html5/thumbnails/12.jpg)
Free download for quick and easy setup
Connects Active Directory to the Gateway and cloud services and applications
Protects corporate account security
Solution: Microsoft Services Connector
![Page 13: Ad.Ppt](https://reader036.vdocument.in/reader036/viewer/2022062616/54b561f84a795900388b464f/html5/thumbnails/13.jpg)
Enterprise Software And Service Topology
Desktop
Azure Services Platform
ISV Apps
Browser
Office
Apps
EnterpriseApps
Microsoft Federation Gateway
Live Identity Service
Exchange ISV Apps SharePoint
ActiveDirectory
Enterprise On-PremisesMicrosoft Services
Connector
Microsoft Online
Microsoft Dynamics
CRM Online
Windows Live
LiveMesh
Cloud
![Page 14: Ad.Ppt](https://reader036.vdocument.in/reader036/viewer/2022062616/54b561f84a795900388b464f/html5/thumbnails/14.jpg)
Microsoft Services Connector Gurbinder Microsoft Partner
demo
![Page 15: Ad.Ppt](https://reader036.vdocument.in/reader036/viewer/2022062616/54b561f84a795900388b464f/html5/thumbnails/15.jpg)
Registers the enterprise’s domain, sign-in endpoint, and a token signing key
Enterprise asserts domain ownership via an SSL cert issued by a trusted CA
Ongoing management is automatic
What Happened: Setup
Enterprise
Server Apps
Microsoft Services
Connector
ActiveDirectory
Microsoft Federation Gateway
Microsoft CloudApplications
Developer Services
![Page 16: Ad.Ppt](https://reader036.vdocument.in/reader036/viewer/2022062616/54b561f84a795900388b464f/html5/thumbnails/16.jpg)
What Happened: Accessing Services User clicks link for service
Desktop
Browser
Office
Apps
Enterprise
Server Apps
Microsoft Services
Connector
ActiveDirectory
Microsoft Federation Gateway
Microsoft Cloud
Connector validates credentials with Active Directory Connector issues a login token and redirects to Microsoft Federation Gateway
Federation Gateway validates token and transforms claims
Federation Gateway issues service token and redirects to requested service
User accesses service User taken to Microsoft Services Connector for authentication
Applications
Developer Services
![Page 17: Ad.Ppt](https://reader036.vdocument.in/reader036/viewer/2022062616/54b561f84a795900388b464f/html5/thumbnails/17.jpg)
Businesses federate once to connect to any service
Services federate once to connect to any business
Hub and spoke model abstracts complexity: Endpoint changes, key rollovers, protocol
changes, etc.
Drill Down: Microsoft Federation Gateway
![Page 18: Ad.Ppt](https://reader036.vdocument.in/reader036/viewer/2022062616/54b561f84a795900388b464f/html5/thumbnails/18.jpg)
For businesses: Microsoft Services Connector, “Geneva” Works for businesses without AD Protocols: WS-*, SAML Tokens: SAML
Drill Down: Microsoft Federation Gateway
For relying services: Frameworks: .NET, “Geneva”, Live Messaging: WS-*, SAML , Live Tokens: SAML, Live
![Page 19: Ad.Ppt](https://reader036.vdocument.in/reader036/viewer/2022062616/54b561f84a795900388b464f/html5/thumbnails/19.jpg)
Supports range of network infrastructures:
Single server, server farm, proxy server
Active Directory: single domain, single forest, multiple forests
Automates Complex Management Tasks
Drill Down: Microsoft Services Connector
![Page 20: Ad.Ppt](https://reader036.vdocument.in/reader036/viewer/2022062616/54b561f84a795900388b464f/html5/thumbnails/20.jpg)
Flexible and customizable end user experience
Architecture consistent with “Geneva”
Microsoft has an internal deployment
Drill Down: Microsoft Services Connector
![Page 21: Ad.Ppt](https://reader036.vdocument.in/reader036/viewer/2022062616/54b561f84a795900388b464f/html5/thumbnails/21.jpg)
Businesses adding services to their existing IT infrastructure
Identity must be an enabler
Solution is available today
Why Are We Here?
![Page 22: Ad.Ppt](https://reader036.vdocument.in/reader036/viewer/2022062616/54b561f84a795900388b464f/html5/thumbnails/22.jpg)
Microsoft Services Connector Preview available today:
www.microsoft.com/servicesconnector Beta in early 2009
Microsoft Federation Gateway Released, available today Whitepaper On-boarding documentation
We want your feedback! Forum
How You Get It
![Page 23: Ad.Ppt](https://reader036.vdocument.in/reader036/viewer/2022062616/54b561f84a795900388b464f/html5/thumbnails/23.jpg)
© 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market
conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.