Presentation is loading. Please wait.

Presentation is loading. Please wait.

O365 & AD Integration January 2017.

Published byŁukasz Leśniak Modified over 5 years ago

Similar presentations

Presentation on theme: "O365 & AD Integration January 2017."— Presentation transcript:

1 O365 & AD Integration January 2017

2 Benefits of Office 365 for Education
Install Office on up to 5 PC’s/Macs + 5 tablets + 5 smartphones per user Access to Office Online OneDrive for Business 1 TB online personal storage

3 Benefits of Office 365 for Education
Sway (Report and presentation creator) SharePoint Sites Yammer (Social Networking) Skype for Business (Web conferencing, IM, Video, presence) 24\7 phone support from Microsoft

4 Sampl Slide 3

5 Office 365 Benefits Colleges even if they do not use Cloud Exchange.
Colleges using Gmail can now offer Microsoft Office Applications to all Faculty, Staff and Students. Cloud based and full Applications are available at no additional charge when the college maintains a Campus Agreement licensing 100% of the staff for office. * Office 365 can be deployed fully self-service without AD Integration.

6 A few answers and a lot of networking!
Pros and Cons of Office 365 Questions or Comments A few answers and a lot of networking!

7 Benefits of Active Directory Integration
AD Connect Access On Premise Applications and Cloud Services with Single Identity Single Tool for deployment

8 Synchronization of Specified Organizational Units from your on-premise Active Directory to the cloud. Allows synchronization of Specified AD Attributes Allows timed synchronizations, every 30 minutes is the default.

9 User Information and changes occur in only one location
User Information and changes occur in only one location. On-Premise Active Directory Usernames Passwords Addresses Groups Mail list Attributes

10 User Passwords can be set once for an Active Directory User and the change automatically occurs at Office 365. Office 365 uses local AD password policy. Passwords synchronize immediately Any AD Password Reset Server that resets the AD password can be used as the tool to reset AD integrated Office 365 Users.

11 Ease of Implementation
AD Connect runs on Windows 2008R2, 2012R2 or 2016 Dedicated Server on same vlan as at least one Domain Controller Be sure to physically and cyberly SECURE access to this server. It contains your AD Database. (Treat it like a domain controller.)

12 AD Connect server can be Virtual
(recommended to be virtual) Provision as follows: 100GB Disk (Thin Provisioned) 16GB RAM 2-4 CPU (Over 10,000 users, Less Ram and CPU will slow sync, Over 50,000 users should have 32GB+ Ram)

13 Installation and Configuration of AD Connect Discussion

14 How Azure AD works Azure AD is made up of 3 components
Azure AD is made up of 3 components The Synchronization Module Active Directory Federation Services (Optional) The Monitoring component

15 Azure Powershell vs Windows Powershell Windows Powershell
Windows PowerShell is a scripting platform. You can run various commands using it. You can also write scripts which are a set of commands. Those scripts are called Cmdlets. You can find a lot of Cmdlets written by others. For example, the Windows Azure team has written some Cmdlets, which they call Windows Azure PowerShell. So Windows Azure PowerShell is a set of scripts that rely on Windows PowerShell platform to run. But it also relies on the Windows Azure SDK, just like you can write your own PowerShell script that uses a third party SDK, thus the script requires both Windows PowerShell and that third party SDK (aka a Software Development Kit).

16 Windows Powershell Is installed as a part of Windows Server 2008R2 and newer Windows Server OS Location: C:\WINDOWS\system32\WindowsPowerShell\v1.0 Manages all Active Directory Attributes Create, Modify, Delete (some can only be modified via powershell) Can Manage other Applications with imported modules

17 Windows Powershell can and should be upgraded to the latest:
Windows Management Framework (4.0 at least) Should almost always be: Run as Administrator Can be automated with Task Scheduler Windows Powershell can manage most of the AD Connect components without installing Azure Powershell (AD Connect installation adds necessary SDK’s)

18 Windows Azure Active Directory Powershell
Best to install Windows AZURE Active Directory Powershell on AD Connect Server Also install Windows AZURE Active Directory Powershell on at least one Domain Controller (This server will run scheduled task involving both AD and O365…ie licensing O365 users by OU.)

19 Azure powershell is a subset of scripts pre-populated specifically for managing Office 365
Set number of Deletions in a 24 hour period Manual Synchronizations Single Sign on and Federation of Tenant Many other management options Change User Principal Names Verify user information Proxy addresses Applied Licenses Apply Address Book separations Many more available options

20 Verification and Modification of AD or O365 object information
Export information via .csv or Examples of items for verification, modification and export Proxy addresses Licenses Address Book attributes Group Memberships User Counts per OU or Domain

21 Questions A few answers A lot of comments Powershell scripting is one item that could be discussed for weeks…months…. You can accomplish almost anything with a script 

22 AD and Office 365 Integration should be an extension of your Colleague Webadvisor and AD LDAP integration Colleague Webadvisor User creation drives creation of Active Directory Accounts. Accounts are placed in Active Directory OU’s based on Colleague Users HR.STATUS (Other options are available) SE or NULL becomes a Student, Everything else is an employee

23 Faculty\Staff go into a single OU: newemp
Once we distinguish between Students and Employees we can further divide into OU’s Faculty\Staff go into a single OU: newemp (users easily located to assign other AD rights and permissions then moved to proper OU) Students A B C etc (users are easily located to assign other AD rights and permissions then moved to proper OU) (based on first or last name, This will normally make the OU have less than 5000 objects, thus working around some LDAP limitations)

24 Once we have users in an OU we can proceed to manage things such as:
Type of O365 license Members of Groups can be based on OU Students_A, Students_B Eliminates the >5000 user send issue associated with most mail servers UPN (Universal Principal Name) ETC…!!!

25 A lot of NETWORKING (find some peer partners)
Lots of Discussion Maybe a few answers A lot of NETWORKING (find some peer partners) A great deal of food for thought! I like food….let’s have ice cream (my favorite…Heavenly Hash)

26 All cartoons thankfully copied from internet!
O365 and AD Integration Presentation to lead discussion Compiled by: Sherry Johnson EIS Data Systems, Inc. January 2017 All cartoons thankfully copied from internet! Thank you Google!

Download ppt "O365 & AD Integration January 2017."

Similar presentations

Agenda AD to Windows Azure AD Sync Options Federation Architecture

Agenda AD to Windows Azure AD Sync Options Federation Architecture
Core identity scenarios Federation and synchronization 2 3 Identity management overview 1 Additional features 4.

Core identity scenarios Federation and synchronization 2 3 Identity management overview 1 Additional features 4.
 This session details common scenarios for deploying Office 365 services. Office 365 provides a breadth of capability, but often there is a key scenario.

 This session details common scenarios for deploying Office 365 services. Office 365 provides a breadth of capability, but often there is a key scenario.
Configuring SharePoint 2013 and Office 365 Hybrid – Part 1

Configuring SharePoint 2013 and Office 365 Hybrid – Part 1
Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.

Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.
Administering Active Directory

Administering Active Directory
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
Module 2 Creating Active Directory ® Domain Services User and Computer Objects.

Module 2 Creating Active Directory ® Domain Services User and Computer Objects.
Office 365 Administration Ron Schindler See full Office 365 Admin course on Ron Schindler See.

Office 365 Administration Ron Schindler See full Office 365 Admin course on Ron Schindler See.
Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.

Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.
OUC204. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.

OUC204. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.
Timothy Heeney| Microsoft Corporation. Discuss the purpose of Identity Federation Explain how to implement Identity Federation Explain how Identity Federation.

Timothy Heeney| Microsoft Corporation. Discuss the purpose of Identity Federation Explain how to implement Identity Federation Explain how Identity Federation.
Verify Hardware Requirements Install Windows Server 2008 R2 Configure Active Directory Install SQL Server 2008 Install SharePoint Server 2010 Configure.

Verify Hardware Requirements Install Windows Server 2008 R2 Configure Active Directory Install SQL Server 2008 Install SharePoint Server 2010 Configure.
Deploying Chromebooks RICK NICHOLAS A.

Deploying Chromebooks RICK NICHOLAS A.
Julien “Superman” Stroheker and Nicolas “Batman” Georgeault Negotium

Julien “Superman” Stroheker and Nicolas “Batman” Georgeault Negotium
11 MANAGING AND DISTRIBUTING SOFTWARE BY USING GROUP POLICY Chapter 5.

11 MANAGING AND DISTRIBUTING SOFTWARE BY USING GROUP POLICY Chapter 5.
123456789101112…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.

…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.
Riva Managed Identity Integration for Active Directory and Novell ® GroupWise ® Aldo Zanoni CEO, Managing Director Omni Technology Solutions

Riva Managed Identity Integration for Active Directory and Novell ® GroupWise ® Aldo Zanoni CEO, Managing Director Omni Technology Solutions
Microsoft ® Official Course Module 13 Implementing Windows Azure Active Directory.

Microsoft ® Official Course Module 13 Implementing Windows Azure Active Directory.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Similar presentations

Ads by Google