<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2923012&amp;fmt=gif">
Rutter - Boston Area Managed IT, Cloud, Cybersecurity, Networking
Free Consultation

Considerations for Exchange Online (Part 2)

May 29, 2012 | By RNTblog | Virtualization and Storage
    

One key aspect of Exchange Online is the SSO experience. With single sign-on, also called identity federation, users can access services in Microsoft Office 365 for enterprises with their existing Active Directory corporate credentials (user name and password). Benefits of a native SSO experience include the reduction of support calls (forgotten passwords), and the means for administrators to manage account policies through their on-premise Active Directory ecosystem.
To get this level of fidelity, however, requires the adoption of Active Directory Federation Services (AD FS 2.0). Without diving into specifics, ADFS provides the means for SSO by securely sharing digital identity and entitlement rights (claims) across security and enterprise boundaries. So in a way, ADFS is your identity interface to the cloud (Office 365). So if your company values SSO as you move your mail to the cloud, ADFS would be needed if you are aiming for Exchange Online.

Though would only one ADFS instance suffice? What if your e-mail is migrated to the cloud and users could not log in? This scenario was front and center in the Microsoft TechEd session “Active Directory Federation Services 2.0 Deep Dive: Deploying a Highly Available Infrastructure.”

As this session stresses, your integration is with the cloud and is only as good as the availability of your ADFS farm. So in reality, many organizations shifting to Exchange Online would need to consider multiple ADFS farms to provide HA and site resiliency, in tandem with SQL (mirroring). These ADFS farms would also need to be paired with ADFS proxies if there are users connecting from outside the company’s network.
To know exactly how many ADFS instances would be recommended, Microsoft has published an ADFS 2.0 Capacity Planning spreadsheet. So what is counter intuitive in this scenario is many companies envision the reduction of on-premise servers as they move their e-mail services to the cloud. With Exchange Online once the decision has been made that a true SSO experience is a must for production users; pockets of ADFS farms must be planned and provisioned for claims based authentication to work.

For more information, please contact us at info@rutter-net.com

Check out our Website and learn more about our Directory & Messaging Solutions

Related Articles

Desktop Analytics: Modernizing Windows 10 Updates

June 2, 2021

What is Desktop Analytics?

Read More

Azure Cost Management: Orchestration Actions within Azure Budgets

June 2, 2021

Microsoft introduced Azure Budgets as a means to help companies plan for and drive organizational...

Read More

Microsoft Defender Antivirus: The Cons of Running Two Antivirus Software

May 24, 2021

Read More

Comments

Rutter Networking Technologies
10 High Street | Andover, Massachusetts 01810 | (978) 642-1000
Monday - Friday 8:00am - 5:00pm

Copyright 2024. All Rights Reserved.