Making Identity and Access Management Real – The Early Days Brian Lauge Pedersen Senior Technology Specialist.

Slides:

Advertisements

Similar presentations

What is Infrastructure Optimisation and Why should you care?

Advertisements

Rick Claus IT Pro Advisor Microsoft Canada Rodney Buike IT Pro Advisor Microsoft Canada

Active Directory Fundamentals

Auditing Microsoft Active Directory

Windows Server ® 2008 and Windows Server ® 2008 R2 Active Directory ® Domain Services Infrastructure Planning and Design Published: February 2008 Updated:

Understanding Group Policy Part 1 of 3 Rick Claus IT Pro Advisor Microsoft Canada

Microsoft ® System Center Configuration Manager 2007 R3 and Forefront ® Endpoint Protection Infrastructure Planning and Design Published: October 2008.

Building an Optimized Infrastructure

Module 14: Implementing an Active Directory Infrastructure.

Practice Test Tour | The Simulation Item Type Getting Started - Microsoft Simulations Item Type Selecting the Item Type in Learn Mode Walk through a Simulation.

Welcome ITPROEXC-113. Pablo Vernocchi MVP Exchange Server Leandro Amore MVP Directory Services Disaster.

Understanding Group Policy on Windows Server 2003 Michael J. Murphy TechNet Presenter

Windows Server ® 2008 Active Directory ® Domain Services Infrastructure Planning and Design Series Published: February 2008 Updated: July 2009.

A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

4/17/2017 7:22 AM ©2005 Microsoft Corporation. All rights reserved.

Today’s challenges Deliver applications to mobile platforms (BYOD) Respond to dynamic business requirements for IT: Seasonal/temporary workers Vendors.

Windows Server 2008 Network Access Protection (NAP) Technical Overview.

Identity and Access Management

Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst IT Pro Evangelist Microsoft India

Excel Services Overview. Broad sharing of spreadsheets Business intelligence capabilities Excel services architecture What Will We Cover?

TNT Welcome to this TechNet Event We would like to bring your attention to the key elements of the TechNet programme; the central information and.

Understanding Active Directory

Unit Eight IT CAREER CERTIFICATION 1.Passage One. Microsoft Certifications.

A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.

Windows Server 2012 Certification and Training June 2012.

Demi Albuz SENIOR PRODUCT MARKETING MANAGER Samim Erdogan PRINCIPAL ENGINEERING MANAGER Thomas Willingham TECHNICAL PRODUCT MANAGER.

PKI Enhancement in Windows Vista® and Windows Server 2008.

Module 1: Installing Active Directory Domain Services

Clinic Security and Policy Enforcement in Windows Server 2008.

MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 3: Introducing Active Directory.

Small Business Server 2003 Technical Overview Part 1.

Tim Vander Kooi Systems

Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.

Designing Active Directory for Security

TNT Welcome to this evening’s TechNet Event We would like to bring your attention to the key elements of the TechNet programme; the central information.

Active Directory Harikrishnan V G 18 March Presentation titlePage 2 Agenda ► Introduction – Active Directory ► Directory Service ► Benefits of Active.

Sudha Iyer Principal Product Manager Oracle Corporation.

1 Windows 2008 Configuring Server Roles and Services.

Managing Windows Server 2003 and Active Directory Best Practices ธนินทร์ น้อยรังษี Tanin Noirungsee Technology Specialist Microsoft (Thailand)

PCIT313. Today’s challenges Deliver applications to mobile platforms (BYOD) Respond to dynamic business requirements for IT: Seasonal/temporary workers.

Planning a Microsoft Windows 2000 Administrative Structure Designing default administrative group membership Designing custom administrative groups local.

Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Alessandro Cardoso Microsoft MVP | Readify National Manager |

Office 365: Identity and Access Solutions Suresh Menon Technology Specialist – Office 365 Microsoft Corporation India.

Module 4 Planning for Group Policy. Module Overview Planning Group Policy Application Planning Group Policy Processing Planning the Management of Group.

AUTOMATING DAAS DESKTOPS WITH CITRIX CORTEX Tony Sanchez WW Alliances Solutions Architecture Citrix Systems Inc SESSION CODE: CLI415 (c) 2011 Microsoft.

Microsoft Management Seminar Series SMS 2003 Change Management.

Security Configuration Wizard Keith D Miller Microsoft European Support Readiness Manager.

Implementing Server Security on Windows 2000 and Windows Server 2003 Fabrizio Grossi.

Welcome. Welcome to this TechNet Event URL for on-line feedback is in your reminder No Planned Fire Drills Please turn your Mobile Phones off To.

Active Directory design recommended practices Mark Cribben Consultant.

Group Policy in Windows Vista. Group Policy Administration Group Policy with Windows Vista QoS Policies What Will We Cover?

Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.

Managing Office 365 Identities and Requirements Question Answer

Module 2: IT Professionals in an Enterprise. IT Professional Roles IT Management and Processes Professional Development for IT Professionals.

Windows Server 2012 Certification and Training

Administering Windows Server 2012 Question Answer.

Secure Connected Infrastructure

City-wide Active Directory Project Town Hall II

Implementing Active Directory Domain Services

Imaging and Deployment

Microsoft Exam Study Material - Microsoft Exam Dumps Dumps4Download.us

Windows Server 2008 Administration

Windows Active Directory Environment

Preparing for the Windows 8.1 MCSA

IT Management, Simplified

IT Management, Simplified

Presentation transcript:

Making Identity and Access Management Real – The Early Days Brian Lauge Pedersen Senior Technology Specialist

The Infrastructure Optimization Model Customer Challenges Implementing Solutions What Will We Cover?

Understanding Identity Management Challenges Implementing Active Directory Implementing Password Security Implementing Security Templates Agenda

Overview – The Core IO Model CROSS-MODEL ENABLERS IdentityIdentity Presence Presence Rights ManagementRights Management Network AccessNetwork Access Desktop, Device, and Server Management Security and Networking Identity and Access Management Data Protection and Recovery IT Management and Security Process

Identity and Access Management No common identity management model Identity management for user identification Centralized configuration and authentication, information protection infrastructure Centralized administration, federated identity management No server- based identity or access management Users operate in admin mode Limited or inconsistent use of passwords at the desktop Minimal enterprise access standards Active Directory for authentication and authorization Users have access to admin mode Security templates applied to standard images Desktops not managed by policy Policy and security templates used to manage desktops for security and settings Directory and certificate-based information protection infrastructure Certificate provisioning and authorization for mobile devices Centrally manage users provisioning across heterogeneous systems Federated identity management across organizational and platform boundaries

Contoso Identity Management Today User name Password

Key Challenges No single sign-on Non-standard computers and servers Passwords managed non-securely IT strained due to company growth

Provide single sign-on to network resources Enforce password security Implement scalable centralized management Our Goals: Optimize IDAM

Active Directory The Solution – Active Directory Provide single sign-on Enforce password security Implement scalable centralized management Robust replication Application- friendly Enforces security Simplified administration Scalable infrastructure

Understanding Identity Management Challenges Implementing Active Directory Implementing Password Security Implementing Security Templates Agenda

OU design DNS design Domain design Forest design Active Directory Planning

Active Directory Domains Boundary of Authentication Boundary of Policies Boundary of Replication CONTOSO.COM

Domain Design Options Single domain structure Regional domains structure

Additional Domain Considerations Management of multiple service administrator groups Group Policy consistency Access control and auditing settings consistency Increased likelihood of objects moving between domains Solution: Single domain structure

Organizational Units – An Overview CONTOSO.COM OU Admin Organized For: Administration Same Requirements Delegation Group Policy Configuration Security Organized For: Administration Same Requirements Delegation Group Policy Configuration Security OU Security OU Policy

Organizational Unit Design Delegation of administration Scope Group Policy application Delegation of administration Scope Group Policy application Contoso.com Administrative Workstations Users Desktops Laptops SQL Servers Exchange Servers Print Servers Standard Users Power Users Data Entry Users Servers

Active Directory Deployment Deployed first forest root domain controller Deployed second domain controller Configured and verified DNS Configured global catalog settings Reviewed operations master roles

Demo Reviewing the Organizational Unit Structure Review the OU Structure demonstration

Understanding Identity Management Challenges Implementing Active Directory Implementing Password Security Implementing Security Templates Agenda

Insufficient expiration policy Multiple passwords to remember Passwords written down Calls to helpdesk for password resets Username: aaronc Password: aaronc Username: aaronc Password: aaronc Password Challenges Weak passwords and desktop security Username: aaronc Password: abc123 Username: aaronc Password: abc123 Username: aaronc Password: P$7k#yZ Username: aaronc Password: P$7k#yZ Username: acon Password: password Username: acon Password: password

Password Security Solutions Solution: Group Policy Password policy Credential mapping Password synchronization Password reset Password change

Password Security Solutions - Notes Solution: Group Policy Password policy Credential mapping Password synchronization Password reset Password change

Password Security Solutions - Notes Solution: Group Policy Password policy Credential mapping Password synchronization Password reset Password change

Demo Setting Group Policy Password Options Configure Default Domain Policy Verify Group Policy Application demonstration

Understanding Identity Management Challenges Implementing Active Directory Implementing Password Security Implementing Security Templates Agenda

Group Policy Security Templates Compatws.inf Secure*.inf Hisec*.inf

Demo Implementing Security Templates Create Security Template Create Desktops GPO and Apply Security Template demonstration

What Have We Accomplished? Desktop, Device, and Server Management Security and Networking Identity and Access Management Data Protection and Recovery IT Management and Security Process CROSS-MODEL ENABLERS IdentityIdentity Presence Presence Rights ManagementRights Management Network AccessNetwork Access

Deployed Active Directory Implemented password security Configured security templates Session Summary

Visit TechNet at: Visit the following site for additional information: For More Information

For the latest titles, visit: Microsoft Press Publications

Self-study learning tool free to anyone Determines skills gaps Provides learning plans Post your score—see how you stack up Visit: Readiness with Skills Assessment

Become a Microsoft Certified Professional What are MCP certifications? Validation in performing critical IT functions. Why Certify? WW recognition of skills gained via experience. More effective deployments with reduced costs What Certifications are there for IT Pros? MCP, MCSE, MCSA, MCDST, MCDBA.

For more information please visit Introducing: TechNet Plus Direct! All the benefits of TechNet Plus for 30% less, TechNet Plus Direct subscribers receive… Online Benefits Portal – New! Immediate download access: software and betas – New! 2 free Professional Support Incidents Managed Newsgroups and Online Concierge The TechNet Library containing the KB, security updates, service packs, resource kits, and more …TechNet Plus Direct is available exclusively online without media shipments Available Now!

Live Events and Online Webcast series Microsoft Professional Blogs Directory Chats, Newsgroups, Forums and Virtual Labs Local Locator for Professional User Groups Where Else Can I Get Help?