access control solutions claims-based applications and other resources located across organizational boundaries.
Download ReportTranscript access control solutions claims-based applications and other resources located across organizational boundaries.
access control solutions claims-based applications and other resources located across organizational boundaries
•
Access resources in a federation partner organization
Empowering People-centric IT
Users Devices Apps
Management. Access. Protection.
Data
Hybrid Identity
Unify your environment
Create a centralized identity across on-premises and cloud Use identity federation to maintain centralized authentication and securely share and collaborate with external users and businesses
Enable users
Provide users with self-service experiences to keep them productive Enable single sign-on for users across all the resources they need access to
Protect your data
Enforce strong authentication when users access resources and apply conditional access controls to sensitive company information Configure single sign-on across all company applications Ensure compliance with
governance, attestation and reporting
Providing Users with a Common Identity
IT can provide users with a common identity across on-premises or cloud based services, leveraging Windows Server Active Directory and Azure Active Directory.
Users are more productive by having a single sign-on to all their resources.
Users get access through accounts in Azure Active Directory to Azure, Office 365, and third-party applications.
Developers can build applications that leverage the common identity model.
Common Identity with Sync
Synchronization
*Write back of attributes to support cloud first and co-existence User attributes are synchronized including the password hash, Authentication can be completed against either Azure or Windows Server Active
Directory
Common Identity with Federation
Federation
AD FS provides conditional access to resources, Work Place Join for device registration and integrated
Multi-Factor Authentication
User attributes are synchronized,
Authentication is passed back through
federation and completed against
Windows Server Active Directory
Common Identity with Federation
Identity Federation
Organizations can connect to SaaS applications running in Azure, Office 365 and 3
rd party providers
Organizations can federate with partners and other organizations for seamless access to
shared resources
Enhancements to AD FS include simplified
deployment and management
Conditional access with multi factor authentication is provided on a per-application basis, leveraging user identity, device registration & network location
Published applications
•
Active Directory Federation Services Overview http://technet.microsoft.com/en-us/library/hh831502.aspx
Setup Geographic Redundancy with SQL Server Replication http://technet.microsoft.com/en-us/library/dn632406.aspx
AD FS Certificate Requirements http://technet.microsoft.com/en-us/library/dn554247.aspx#BKMK_1 Configuring AD FS Extranet Lockout http://technet.microsoft.com/en-us/library/dn486806.aspx
Configuring Alternate Login ID http://technet.microsoft.com/en-us/library/dn659436.aspx
Walkthrough Guide: Manage Risk with Additional Multi-Factor Authentication for Sensitive Applications http://technet.microsoft.com/en-us/library/dn280946.aspx
Configuring Authentication Policies http://technet.microsoft.com/en-us/library/dn486781.aspx
Developing Modern Applications using OAuth and AD FS http://msdn.microsoft.com/en-us/library/dn633593.aspx
Directory integration AD FS on Curah BYOD on Curah http://msdn.microsoft.com/en-us/library/azure/jj573653.aspx
http://curah.microsoft.com/51820/ad-fs-technet-content-map http://curah.microsoft.com/37111/bring-your-own-device-byod
http://channel9.msdn.com/Events/TechEd www.microsoft.com/learning http://microsoft.com/technet http://microsoft.com/msdn