TechEd 2013 11/24/2018 4:00 PM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Overview of Microsoft Office 365 Identity Management 11/24/2018 4:00 PM OUC-B211 Overview of Microsoft Office 365 Identity Management Paul Andrew © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

1 2 3 Agenda Identity Management Overview Recently Announced… Identity Integration Options 1 2 3

Identity management overview

Identity management Authentication Authorization Identity management deals with identifying individuals in a system and controlling access to the resources in that system Integral components of identity and access management Authentication Authorization Verifying that a user, device, or service such as an application provided on a network server is the entity that it claims to be. Determining which actions an authenticated entity is authorized to perform on the network

Microsoft cloud services Microsoft Account Windows Azure Active Directory User Microsoft Account Ex: alice@outlook.com Organizational Account Ex: alice@contoso.com User

Common identity platform for organizational accounts Windows Azure Active Directory is the underlying identity platform for various cloud services that use Organizational Accounts Directory store Authentication platform Windows Azure Active Directory Your App

Office 365 Identity Cloud Identity Federated Identity Single identity in the cloud Suitable for small organizations with no integration to on-premises directories Windows Azure Active Directory On-Premises Identity Directory Sync Directory Synchronization  Single identity suitable for medium and large organizations without federation Windows Azure Active Directory Federated Identity On-Premises Identity Federation Single federated identity and credentials suitable for medium and large organizations Windows Azure Active Directory Directory Sync

Recently announced

More Details on TechNet: http://aka.ms/sync Microsoft Lync 11/24/2018 Windows Azure Active Directory Sync Tool - Update The tool is downloaded from the Office 365 admin portal. Only a one way hash of the password will be synchronized to WAAD such that the original password cannot be reconstructed from it. Synchronizes user passwords from on-premises AD to Azure AD (Office 365). Respects on-premises password policies. Can’t sync passwords for Federated Users, but can co-exist. SAML2 Identity Provider More Details on TechNet: http://aka.ms/sync © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Directory Sync Tool or Active Directory Federation Services Password Sync SSO with AD FS Same password to access resources Can control password policies on-premises Support for two factor authentication * No password re-entry if on premises Client access filtering Authentication occurs in on premises directory * Azure AD offers some basic 2FA features that are available with ADFS deployment on-premises. ADFS can support a larger set of 2FA/Strong Authentication options.

Demo Password Sync 11/24/2018 4:00 PM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Active Authentication: Why Multi-Factor Build 2012 11/24/2018 Active Authentication: Why Multi-Factor Your data and applications are under attack Passwords are easily compromised Consumerization of IT has only increased the scope of vulnerability Strengthening regulatory requirements call for strongly authenticating access © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

 Mobile Apps Phone Calls Text Messages Build 2012 11/24/2018 Enterprise authentication using any phone Mobile Apps Phone Calls Text Messages  Out-of-Band Push One-Time-Passcode Out-of-Band Text One-Time Passcode Out-of-Band Call © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Build 2012 11/24/2018 Architecture 1 Users sign in from any device using their existing username/password. Custom LOB Apps Microsoft Apps Windows Azure Active Directory Credentials are checked in Windows Azure AD. Then Active Authentication is triggered for additional verification. ISV/CSV Apps Active Authentication Custom LOB Apps Users must also authenticate using their phone or mobile device before access is granted. 2 © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Demo Active Authentication

Windows Azure Active Directory Provisioning Updates Azure Active Directory GRAPH API REST API for programmatic access to data in Azure AD Can build multi-tenant applications, or custom LOB Apps Azure Active Directory Connector for FIM 2010 R2 Can be used for multi-forest synchronization and non-AD sources Public Beta starts on Connect later in June

Identity integration options

Identity integration options 1 2 3 4 5 6 Cloud Identity Directory Sync Password Sync Graph API FIM Single Sign-On Org size Small All Large Control of attributes in directory Least control Full control via on-premises directory Can control core attributes and select optional Source of authority Cloud On-premises On-Premises Hardware requirements No on-premises hardware required Windows Server OS for DirSync appliance Machine to run Powershell jobs on Federated Identity Manager with office 365 Connector DirSync appliance ADFS (or other STS) deployment Login experience Disjoint username, password for on-premises and cloud Enter credentials twice Same username, password for on-premises and cloud Login once if on-premises

Windows Azure Active Directory Microsoft Office 11/24/2018 1 Cloud identity Windows Azure Active Directory Rich experience with Office Apps Ease of deployment, management and support Lower cost as no additional servers are required On-Premises High availability and reliability as all Identities and Services are managed in the cloud Cloud Identity Ex: alice@contoso.com User © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Windows Azure Active Directory Microsoft Office 11/24/2018 2 Directory Synchronization Windows Azure Active Directory Rich experience with Office Apps Directory synchronization between on- premises and online Identities are created and managed on-premises and synchronized to the cloud Single identity and credentials but no single Sign-On for on-premises and office 365 services Reuse existing directory implementation on- premises Directory Synchronization AD Cloud Identity Ex: alice@contoso.com On-Premises Identity Ex: Domain\Alice User © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Windows Azure Active Directory Microsoft Office 11/24/2018 3 Password Synchronization Windows Azure Active Directory Rich experience with Office Apps Directory synchronization between on- premises and online Identities are created and managed on-premises and synchronized to the cloud Single identity and password credentials but no single Sign-On for on-premises and office 365 services Reuse existing directory implementation on- premises Directory Synchronization with one way Password Hash AD Cloud Identity Ex: alice@contoso.com On-Premises Identity Ex: Domain\Alice User © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Scoping and Filtering for Synchronization Microsoft Office365 11/24/2018 Scoping and Filtering for Synchronization Customers can exclude objects from synchronizing to Office 365. Scoping can be done at the following levels: AD Domain-based Organizational Unit-based User Attribute based Additional filtering capabilities will become available with the O365 Connector. Preventing the synchronization of specific attributes is not supported. © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Windows Azure Active Directory Microsoft Office 11/24/2018 Multi-forest AD Windows Azure Active Directory Multi-forest AD support is available through Microsoft-led deployments Multi-forest DirSync appliance supports multiple dis-joint account forests FIM 2010 Office 365 connector supports complex multi-forest topologies Federation using ADFS DirSync on FIM AD AD AD On-Premises Identity Ex: Domain\Alice User © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Multi-forest decision flowchart TechEd 2013 11/24/2018 4:00 PM Start Multi-forest decision flowchart Number Active Directory forests Need on-premises org consolidation After consolidation Single (1) Multiple (>1) Want to consolidate single forest? No Yes See consolidation whitepaper After consolidation Use Single Forest DirSync Number Exchange Orgs “Disjoint” Account Forests? Multiple (>1) None (0) No Single (1) Yes “Disjoint” account forests and exchange org accessed by accounts in the same forest? Yes Use Multi Forest DirSync Use Office 365 Connector No © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Powershell / Graph REST API TechEd 2013 11/24/2018 4:00 PM 4 Powershell / Graph REST API Suitable for small/medium size organizations with AD or Non-AD Performance limitations apply with PowerShell and Graph API provisioning PowerShell requires scripting experience PowerShell option can be used where the customer/partner may have wrappers around PowerShell scripts (eg: Self Service Provisioning) © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Office 365 Connector for Forefront Identity Manager Suitable for large organizations with certain AD and Non-AD scenarios Complex multi-forest AD scenarios Non-AD synchronization through Microsoft premier deployment support Requires Forefront Identity Manager and additional software licenses

Windows Azure Active Directory Federated identity Microsoft Office 11/24/2018 6 Single identity and sign-on for on- premises and office 365 services Identities mastered on-premises with single point of management Directory synchronization to synchronize directory objects into Office 365 Secure Token based authentication Client access control based on IP address with ADFS Strong factor authentication options for additional security with ADFS Windows Azure Active Directory Federation Directory Synchronization AD or Non-AD On-Premises Identity Ex: Domain\Alice User © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Federation options ADFS Third-party STS Shibboleth (SAML) Works with AD Third-party STS Works with Office 365 - Identity Shibboleth (SAML) Works with AD & Non-AD Suitable for medium, large enterprises including educational organizations Recommended option for Active Directory (AD) based customers Single sign-on Secure token based authentication Support for web and rich clients Microsoft supported Works for Office 365 Hybrid Scenarios Requires on-premises servers, licenses & support Suitable for medium, large enterprises including educational organizations Recommended where customers may use existing non-ADFS Identity systems with AD or Non-AD Single sign-on Secure token based authentication Support for web and rich clients Third-party supported Works for Office 365 Hybrid Scenarios Requires on-premises servers, licenses & support Verified through ‘works with Office 365’ program Suitable for educational organizations Recommended where customers may use existing non-ADFS Identity systems Single sign-on Secure token based authentication Support for web clients and outlook (ECP) only Microsoft supported for integration only, no shibboleth deployment support Requires on-premises servers & support Works with AD and other directories on-premises

‘Works with Office 365 – Identity’ Program for third party on premises identity providers to interoperate with Office 365 Objective is to help customers that currently use Non-Microsoft identity solutions to adopt Office 365 On TechNet: http://aka.ms/SSOProviders Flexibility Confidence Coordinated Support Reuse Investments Qualified by Microsoft Partner + Microsoft Corporation. Internal Use Only.

‘Works with Office 365 – Identity’ Microsoft Office 11/24/2018 WS-Trust & WS-Federation ‘Works with Office 365 – Identity’ On Premises Security Token Services Active Directory with ADFS http://aka.ms/SSOProviders WS-Federation SAML-P © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Client access control Part of ADFS Limit access to Office 365 based on network connectivity (internet versus intranet) Block all external access to Office 365 based on the IP address of the external client Block all external access to Office 365 except Exchange Active Sync; all other clients such as Outlook are blocked. Block all external access to Office 365 except for passive browser based applications such as Outlook Web Access or SharePoint Online

Windows Azure Active Directory Microsoft Office 11/24/2018 WAAD Identity with other cloud services Cloud Identity Ex: alice@contoso.com Windows Azure Active Directory ISV apps or SAAS providers or Your App Identity managed in Windows Azure AD single sign-on for Office 365 and other cloud services federated with single cloud identity ISV Applications or SAAS providers can integrate using APIs on Windows Azure AD Cloud Identity Ex: alice@contoso.com User © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Summary Cloud Identities – Windows Azure Active Directory Directory Sync from On-Premises Directory Sync from On-Premises (with Password Sync) Graph API and Powershell Forefront Identity Manager Federation (or Single Sign-On) ADFS WS-Federation and WS-Trust Shibboleth SAML-P Active Authentication for multifactor Works with Office 365 – Identity

Related content Breakout Session OUC-B341 on Thursday in Room 353 11/24/2018 4:00 PM Related content Breakout Session OUC-B341 on Thursday in Room 353 Web http://aka.ms/ssoproviders http://aka.ms/sync Find Me Later At the TLC. Today 12:15-2:30, Tomorrow 12:34-3:15. © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Track resources Office 365 FastTrack: http://fasttrack.office.com// 11/24/2018 4:00 PM Track resources Office 365 Blog: http://blogs.office.com/b/microsoft_office_365_blog/ Office Technology Blog: http://blogs.office.com/b/office365tech/ Follow: https://twitter.com/Office365 Connect: http://www.linkedin.com/groups/Microsoft-Office-365-3724282 Check out: Garage Series for IT Pros: www.microsoft.com/garage Office 365 FastTrack: http://fasttrack.office.com// © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Resources Learning TechNet msdn http://channel9.msdn.com/Events/TechEd 11/24/2018 4:00 PM Resources Learning Sessions on Demand http://channel9.msdn.com/Events/TechEd Microsoft Certification & Training Resources www.microsoft.com/learning TechNet msdn Resources for IT Professionals http://microsoft.com/technet Resources for Developers http://microsoft.com/msdn © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Complete an evaluation on CommNet and enter to win! 11/24/2018 4:00 PM Complete an evaluation on CommNet and enter to win! © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

11/24/2018 4:00 PM Required Slide *delete this box when your slide is finalized Your MS Tag will be inserted here during the final scrub. Evaluate this session Scan this QR code to evaluate this session and be automatically entered in a drawing to win a prize © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

11/24/2018 4:00 PM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.