Upload
kathy-benney
View
224
Download
3
Tags:
Embed Size (px)
Citation preview
Partner
Platinum Sponsor
Office 365 and SharePoint 2013 Hybrid Environments
Rene Modery
Singapore
1
2
What will we talk about today?
What are Hybrid EnvironmentsWhy implement one?What are the requirements?How to implement it
3
Who am I?
Rene Modery
German
More than 6 years in Singapore
Expertise: SharePoint
Office 365 MVP
http://modery.net
@modery
4
Hybrid Overview
5
SharePoint 2013 Office 365
Hybrid Environment
6
Why do we want/need a hybrid?
Moving to the cloud to Reduce Costs Increase Flexibility
Temporary Hybrid
Collaboration with Externals
Scalable
Separation of workloads
7
Preparing for a hybrid – Planning and Governance
8
People Processes
Governance
It’s not about the technology!
9
Partitioning: What goes where
User Type
Organisation
Workload
Date
10
When and what to migrate?
Content - Gradual migration By department By Location By Type
Solutions Identify what can be migrated Test it in the cloud
Services
11
Who gets access to what?
Permanent access
On-demand accessProjects; temporary workloadsApproval processRegular verification if still needed
12
How do I know where I am?
13
How do I know where I am?
14
Setting up a Hybrid Environment
What’s possible - General Requirements - SharePoint Requirements
15
What is possible?
Scenario Works Out of Box?
SharePoint: Search Yes
SharePoint: BCS Yes
SharePoint: Duet Online Yes
SharePoint: other services No
Exchange integration Limited
Lync integration Yes
Source: Microsoft, SPC12
16
Not without your own Domain
Needed forUPNDNSCertificates (SSL, STS)Reverse Proxy…
17
Active Directory Requirements
Single ForestYou need to able to verify every domainUsers need proper UPN
[email protected] won’t work! [email protected] is what we
need
18
Active Directory Federation Services (ADFS)
Sign-In on local server instead of MSOLRecommendation: 2 ADFS servers, 2 ADFS
proxies
19
DirSync
Synchronise your AD users with Office 365Allow your users to log in to Office 365 with the
same usernameCannot be installed on a Domain ControllerAD Synchronisation also needs to be activated in
Office 365 UIDoesn’t grant access, still need to add licenses
20
DirSync
21
Other tools
Powershell & Microsoft Online / Office 365 cmdlets
Single-Sign On Assistant
22
Reverse Proxy Only needed if Office 365 needs to consume on-prem data Only selected reverse proxy servers supported
23
SharePoint 2013
Any flavorFoundation / Standard / Enterprise
Any location In-houseHostedAzure / AWS …
24
Configure trust with ACS 1/3
Install Office 365 Sign-on Assistant & PowerShell cmdlets
Replace default STS Certificate Issued by public Certification Authority
(recommended) or self-signedSP: Set-SPSecurityTokenServiceConfig
25
Configure trust with ACS 2/3
Upload certificate to Office 365 (PS) MSOL: New-MsolServicePrincipalCredential
Add host-name of SP server to SP principal object of Office 365 tenancy (PS) MSOL: Set-MsolServicePrincipal
Register SPO S2S principal object with on-prem SP STS SP: Register-SPAppPrincipal
26
Configure trust with ACS 3/3
Set SharePoint authentication realm to context ID of Office 365 tenant SP: Register-SPAppPrincipal
Configure on-prem ACS proxy and set up trust with ACS SP: New-SPAzureAccessControlServiceApplicationProxy SP: New-SPTrustedSecurityTokenIssuer
27
Configure Search
Create a Result Source
28
Configure Search
Create a Query Rule
29
Configure Search
Configure search results page(s)
Hybrid overview & search demo
demo
31
I want my own hybrid environment!
Lots of good content from MS available on Hybrid in general One-way setup Two-way setup BCS
Whitepapers from Axceler, Quest, …
http://hybridoffice365.com
32
Evaluate!
Evaluate this session and all others at
http://tinyurl.com/spcsea
33
Connect!
We are here
Meet speakers here
Thank you to our sponsors 34