340 likes | 446 Views
Office 365 and SharePoint 2013 Hybrid Environments. Rene Modery Singapore. What will we talk about today?. What are Hybrid Environments Why implement one? What are the requirements? How to implement it. Who am I?. Rene Modery German More than 6 years in Singapore Expertise: SharePoint
E N D
Office 365 and SharePoint 2013 Hybrid Environments Rene Modery Singapore
What will we talk about today? • What are Hybrid Environments • Why implement one? • What are the requirements? • How to implement it
Who am I? • Rene Modery • German • More than 6 years in Singapore • Expertise: SharePoint • Office 365 MVP • http://modery.net • @modery
Hybrid Environment SharePoint 2013 Office 365
Why do we want/need a hybrid? • Moving to the cloud to • Reduce Costs • Increase Flexibility Temporary Hybrid • Collaboration with Externals • Separation of workloads • Scalable
It’s not about the technology! People Processes Governance
Partitioning: What goes where User Type Workload Organisation Date
When and what to migrate? • Content - Gradual migration • By department • By Location • By Type • Solutions • Identify what can be migrated • Test it in the cloud • Services
Who gets access to what? • Permanent access • On-demand access • Projects; temporary workloads • Approval process • Regular verification if still needed
What’s possible - General Requirements - SharePoint Requirements Setting up a Hybrid Environment
What is possible? Source: Microsoft, SPC12
Not without your own Domain • Needed for • UPN • DNS • Certificates (SSL, STS) • Reverse Proxy • …
Active Directory Requirements • Single Forest • You need to able to verify every domain • Users need proper UPN • john@MyAwesomeCompany.local won’t work! • john@MyAwesomeCompany.com.sg is what we need
Active Directory Federation Services (ADFS) • Sign-In on local server instead of MSOL • Recommendation: 2 ADFS servers, 2 ADFS proxies
DirSync • Synchronise your AD users with Office 365 • Allow your users to log in to Office 365 with the same username • Cannot be installed on a Domain Controller • AD Synchronisation also needs to be activated in Office 365 UI • Doesn’t grant access, still need to add licenses
Other tools • Powershell & Microsoft Online / Office 365 cmdlets • Single-Sign On Assistant
Reverse Proxy • Only needed if Office 365 needs to consume on-prem data • Only selected reverse proxy servers supported
SharePoint 2013 • Any flavor • Foundation / Standard / Enterprise • Any location • In-house • Hosted • Azure / AWS • …
Configure trust with ACS 1/3 • Install Office 365 Sign-on Assistant & PowerShell cmdlets • Replace default STS Certificate • Issued by public Certification Authority (recommended) or self-signed • SP: Set-SPSecurityTokenServiceConfig
Configure trust with ACS 2/3 • Upload certificate to Office 365 (PS) • MSOL: New-MsolServicePrincipalCredential • Add host-name of SP server to SP principal object of Office 365 tenancy (PS) • MSOL: Set-MsolServicePrincipal • Register SPO S2S principal object with on-prem SP STS • SP: Register-SPAppPrincipal
Configure trust with ACS 3/3 • Set SharePoint authentication realm to context ID of Office 365 tenant • SP:Register-SPAppPrincipal • Configure on-prem ACS proxy and set up trust with ACS • SP:New-SPAzureAccessControlServiceApplicationProxy • SP:New-SPTrustedSecurityTokenIssuer
Configure Search Create a Result Source
Configure Search Create a Query Rule
Configure Search Configure searchresults page(s)
demo Hybrid overview & search demo
I want my own hybrid environment! • Lots of good content from MS available on • Hybrid in general • One-way setup • Two-way setup • BCS • Whitepapers from Axceler, Quest, … http://hybridoffice365.com
Evaluate! Evaluate this session and all others at http://tinyurl.com/spcsea
Connect! Meet speakers here We are here