1. Key Considerations in Architecting Active Directory Federation Alexander Yim WSHFC NCSHA, Nashville on Sept 28 th, 2015

2. Running your AD in Cloud for your domain: Current status of Office365 Need for SSO (Single Sign On) Microsoft Azure server vs. AWS (Amazon Web Services) ADFS (AD Federation Service) running on Azure server Preparations for the ADFS Migration MessageOps script for SSO Other options: Using F5’s BIG-IP APM solution for ADFS Other concerns..

3. SSO (Single Sign On) Cloud AD server running outside the FireWall Issues with Microsoft’s earlier version of ADFS Major improvement in recent years Renamed: from DirSync to Azure AD Sync Tool Has M/S ever been hacked? Do we know? Any time, Any where, on Any devices

4. Microsoft Azure Server for SaaS Office365 Dynamic SQL SharePoint vs. AWS (Amazon Web Services) Virtualization vs. SaaS (Software as a Service)

5. Preparations for Azure ADFS Migration Identify and Resolve errors in the on-premise AD Use IdFix DirSync Error Remediation Tool Change UPN (User Principal Name) to match Email Addresses in Office365: e.g. jeffsmith > jeff.smith@abc.com Fix the List of Errors:.local, etc Microsoft added ADFS running on Azure in Admin of O365 One chance to make the right decision

6. Vendor script for Password Sync Tiny script by MessageOps using PowerShell Works great until it breaks..

7. Kg$2Ebi%*9

8. Other options: F5 Networks’ BIG5-IP APM appliance (Access Policy Management) Able to change passwords outside the F/W Email a temp password Two-Factor or Multi-Factor Authentication using SMS, iPhone, etc.

9. F5 APM solution:

10. Thank you!