1 / 7

Micro BOF on Office365 & SAML

Micro BOF on Office365 & SAML. Talking points from lunch (internal conversation only). SAML & Microsoft. Scope: Office365 online service Related but not in scope only as it is ‘Microsoft’: sharepoint on premises Want:

cissy
Download Presentation

Micro BOF on Office365 & SAML

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Micro BOF on Office365 & SAML Talking points from lunch (internal conversation only)

  2. SAML & Microsoft • Scope: Office365 online service • Related but not in scope only as it is ‘Microsoft’: sharepoint on premises • Want: • Implementation blueprint for our participants to make it easier to integrate via federation • Why: • MSFT product line contains the ‘killer’ productivity apps • Can set tone of client engagement • Should be straight forward right? • Here’s what we have…

  3. Live@edu Federated Identity (circa Nov2010 coc202.pptx) Configure & Manage Federated Identity Windows Live Services (e.g. SkyDrive) Outlook Live Live@edu Service Management Portal Microsoft Federation Gateway (Windows Live ID) Windows Live ID Login to Windows Live ID Web Clients Web Clients & SAML 2.0 Enhanced Client/Proxy (ECP) SAML 2.0 WS-Federation/WS-Trust Fabrikam.edu Contoso.edu Email Rich Clients Email Rich Clients Active Directory Non-AD Directory ADFS 2.0 Shibboleth 2.x Email rich client support requires the Shibboleth IdP ECP Extension Other Rich Clients

  4. Observations • This is SAML+ECP • MSFT chooses a gateway approach vs enhancing their apps (excel/word/sharepoint[online]…) • Ok, but is it the best way? • Today MSFT has entity record, not signed, and not in any fed metadata (right? live@edu) • Hidden topic, but is LARGE->Provisioning is crucial • Like it used to be pre-sharepoint2010

  5. Mixed messages • SAML Federated MSFT ‘way’ moving target • Read this as: responding to the marketgood! • Started as ADFS through and through & sync all records AND passwords to O365 online • Went to SAML assertion gets minted into ADFS claims • Used for on premises MSFT products consuming SAML • Seems to be at live@EDU model now • Feels better, but doesn’t feel like the right end state.

  6. Mixed Messages pt 2 • Vendor contact points have pricing and technical availability differences that materially impact us • Alignment on pricing • Alignment on technical availability. • Alignment on direction is hard to pin down, even geographically.

  7. What next?

More Related