Ten most common Mistakes with AD FS and Hybrid Identity. Sander Berkouwer MVP, DirTeam.com
|
|
- Bethany Benson
- 6 years ago
- Views:
Transcription
1 Ten most common Mistakes with AD FS and Hybrid Identity Sander Berkouwer MVP, DirTeam.com
2 Agenda Federation A small primer on the open protocols used today for federating identity and achieving hybrid identity Most common mistakes when planning, deploying and operating AD FS and how to avoid them to get the most out of hybrid identity
3 Federation On claims, identity providers and relying party trusts
4 Why we need federation NTLM and Kerberos Kerberos (1993) was designed for safe networks NTLM and Kerberos have serious problems Active Directory Active Directory domain memberships are typically Windows-only Domain trusts leak information and scale badly Granular device-agnostic authentication We need device-agnostic, open protocols, designed for the web We need multi-factor authentication
5 Under the hood Active Directory Federation Services (acting as STS) claim Active Directory Domain Services 2 Colleague Claims-aware App 1 7
6 Behind the Hybrid Identity mist Colleague Azure Active Directory integrated Application Active Directory Domain Services 6 5 Active Directory Federation Services Active Directory Federation Trust (WS-FED) Azure Active Directory On Premises Azure AD Sync Internet
7 Federation benefits SAML and Oauth2 are Internet-ready Transport over Universal Firewall Bypass Protocol (TCP443) Tickets are compressed, optionally encrypted Relying Party trusts are very flexible Ticket content and authentication is defined per RPT Relying party trusts are flexible and scalable Multi-factor authentication AD FS in Windows Server 2012 R2 is extensible Extensions are configurable per relying party trust, per network
8 Common mistakes and how to avoid them
9 1. Planning for AD FS, when you don t need it Some organizations need their own AD FS infrastructure Local authentication requirements (legal, multi-factor auth) Local authentication possibilities (claims issuance, transformation) Azure Active Directory with Password Sync SaaS apps in the Azure Active Directory App Gallery Easily configure Single Sign-On and user account management Azure Active Directory Azure Active Directory Free may contain up to 500,000 accounts Federating with up to 5 apps is free. Online accounts may suffice
10 Who uses AD FS, and who doesn t?
11 2. Build upon an unhealthy Active Directory Attribute integrity and lingering objects Objects, attributes on some Domain Controllers, not on others Resulting in unpredictable AD FS authentication Private top level domains DNS Domain Name for domains ending with.local,.int User Principal Name (UPN) needs to be added and changed UPN syntax mismatches Critical for solutions with Directory Sync Tool / Azure AD Sync Use the IdFix DirSync Error Remediation Tool
12 3. Misconfiguring the AD FS Service Account Password changes, security implications AD FS is usually Internet-facing, so it benefits from extra security We want regular password changes, host restrictions, etc. group Managed Service Accounts (gmsas) gmsas solve the service account problem for farms, AD FS supported gmsas offer Automatic SPN and password management Windows Server 2008 DFL 2008 Domain Functional Level offers automatic SPN management Windows 8 and Windows Server 2012 (and up) offer Cmdlets
13 4. Not designing the right AD FS infrastructure AD FS Server Farms AD FS can easily be deployed highly available, with Windows NLB AD FS Proxies / Web App Proxies deployed in perimeter networks Windows Internal Database or SQL Server A WID farm has a limit of five federation servers, only master is writable, and does not support token replay detection or artifact resolution SQL Server High Availability Take advantage of your existing SQL Server investments Take advantage of database mirroring, failover clustering,and monitoring
14 5. Let time take its toll on your AD FS Time Sync within an Active Directory environment W32time follows Active Directory hierarchy and sites configuration Set the time for an environment through the PDCe Time Sync within Virtual Machines Virtual machines always sync time with host on boot Continuous time sync is configured with VMware tools, Hyper-V ICs, etc. Time Sync within Perimeter Networks Could be virtual machine time sync, could be an external source Will be none, if you don t configure it
15 6. Certificate distrust and distress Three non-cng certificates in use by AD FS Token-signing and token-decryption certificates (internally) Service communication certificate (externally) Certificates with 1024bit key length Certificates under 1024bits key length are blocked Request and use certificates with 2048bits key length in the chain Certificates with SHA-1 hash algorithm SHA-1 is deprecated in most browsers and operating systems Request and use certs with SHA-2 hash algorithms throughout the chain
16 7. Forget about Device Registration in certs AD FS in Windows Server 2012 R2 Many new features! Workplace Join Device-agnostic silent Single Sign-On (SSO) Employees verify devices, enroll a certificate, get cookie EnterpriseRegistration WorkPlace Join AutoDiscover requires DNS Record per UPN Suffix Use enterpriseregistration.domain.tld as Subject Alternative Name
17 8. Windows updates, anyone? AD FS is regularly updated on Patch Tuesdays Security updates, like MS Scalability and stability updates, but also security updates AD FS uses Windows Update AD FS updates don t require you to configure Microsoft Update, but AD FS updates only light up after installing the Server Role Wait or test, then deploy updates Wait two weeks before deploying updates, or deploy updates to a test network before production (difficult, I know)
18 9. Overlooking the Best Practices Analyzers Best Practices Analyzers Part of Server Manager in Windows Server 2008 R2, and up Avoid 90% of situations that result in data or functionality loss AD FS Best Practices Analyzer Checks the Active Directory Federation service Will be updated with additional checks in the future Other BPAs of use: Active Directory Domain Services Best Practices Analyzer Active Directory Certificate Services Best Practices Analyzer
19 10. Processes, processes, processes Monitoring of the AD FS Service Check the availability and/or usage of the AD FS infrastructure Use Systems Center Operations Manager (with GSM), Operations Management Suite and/or Azure AD Connect Health for Federation Auditing of the AD FS Service AD FS offers built-in auditing and logging of errors and warnings Auditing of claims issuance Logging of success and failure audits Log suspicious or unintended activity
20 Concluding
21 Avoid these mistakes and you ll be fine 1. Don t plan for and build AD FS when you don t need to 2. Don t implement Hybrid Identity upon an unhealthy Active Directory 3. Use gmsas instead of ordinary service accounts for AD FS 4. Design the right infrastructure; pick the right database and plan for HA 5. Take care of adequate time synchronization 6. Use non-cng certificates with 2048+bit key length and SHA-2 algorithm 7. Don t forget to plan for Device Registration 8. Don t forget to install Windows Updates 9. Don t forget to use the built-in Best Practice Analyzers once in a while 10. Monitor, audit and backup the AD FS infrastructure
22 Rules of thumb AD FS is an extension to Active Directory Make sure Active Directory is healthy, run Idfix Rename, migrate or restructure.local domains Plan your AD FS implementation Set requirements, plan accordingly, deploy securely Take care of adequate time synchronization Don t forget to manage AD FS Use the built-in Best Practices Analyzers (BPAs) Take care of monitoring, auditing and backup
23 Thank you!
Tracking changes in Hybrid Identity environments with both Active Directory and Azure Active Directory
Tracking changes in Hybrid Identity environments with both Active Directory and Azure Active Directory Presenters: Sander Berkouwer Senior Consultant at SCCT 10-fold Microsoft MVP Active Directory aficionado
More informationOffice 365 and Azure Active Directory Identities In-depth
Office 365 and Azure Active Directory Identities In-depth Jethro Seghers Program Director SkySync #ITDEVCONNECTIONS ITDEVCONNECTIONS.COM Agenda Introduction Identities Different forms of authentication
More informationSingle Sign-On Showdown
Single Sign-On Showdown ADFS vs Pass-Through Authentication Max Fritz Solutions Architect SADA Systems #ITDEVCONNECTIONS Azure AD Identity Sync & Auth Timeline 2009 2012 DirSync becomes Azure AD Sync 2013
More informationDATACENTER MANAGEMENT Goodbye ADFS, Hello Modern Authentication! Osman Akagunduz
Goodbye ADFS, Hello Modern Authentication! Osman Akagunduz Osman Akagunduz Consultant @ InSpark Microsoft Country Partner Of The Year Twitter: @Osman_Akagunduz What s in this session The role of Azure
More informationConfiguring Advanced Windows Server 2012 Services (412)
Configuring Advanced Windows Server 2012 Services (412) Configure and manage high availability Configure Network Load Balancing (NLB) Install NLB nodes, configure NLB prerequisites, configure affinity,
More informationIdentity with Windows Server 2016 (742)
Identity with Windows Server 2016 (742) Install and Configure Active Directory Domain Services (AD DS) Install and configure domain controllers This objective may include but is not limited to: Install
More informationMOC 20417C: Upgrading Your Skills to MCSA Windows Server 2012
MOC 20417C: Upgrading Your Skills to MCSA Windows Server 2012 Course Overview This course provides students with the knowledge and skills to upgrade to MCSA Windows Server 2012. Course Introduction Course
More informationNET EXPERT SOLUTIONS PVT LTD
Module 1: Implementing Advanced Network Services In this module students will be able to configure advanced features for Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS), and configure
More informationMCSA Windows Server A Success Guide to Prepare- Microsoft Configuring Advanced Windows Server 2012 Services. edusum.
70-412 MCSA Windows Server 2012 A Success Guide to Prepare- Microsoft Configuring Advanced Windows Server 2012 Services edusum.com Table of Contents Introduction to 70-412 Exam on Configuring Advanced
More informationAAD Connect setup guide
AAD Connect setup guide Version 1.0 (11-07-2017) Nick Boszhard (2AT) Contents Introduction... 3 Step 1: Run the AAD Connect tool... 4 Step 2: Select your setup type... 5 Step 3: Install required components...
More informationUpgrading Your Skills to Windows Server 2016
Course 10983A: Upgrading Your Skills to Windows Server 2016 Course details Course Outline Module 1: Installing and Configuring Windows Server 2016 This module explains how to install and perform post installation
More informationEXPERTS LIVE SUMMER NIGHT. Close your datacenter and give your users-wings
EXPERTS LIVE SUMMER NIGHT Close your datacenter and give your users-wings Stefan van der Wiele Robbert van der Zwan TSP EMS Blackbelt TSP EMS Netherlands EXPERTS LIVE SUMMER NIGHT Stefan van der Wiele
More informationSEVENMENTOR TRAINING PVT.LTD
Configuring Advanced Windows Server 2012 Services Module 1: Implementing Advanced Network Services In this module students will be able to configure advanced features for Dynamic Host Configuration Protocol
More informationM20742-Identity with Windows Server 2016
M20742-Identity with Windows Server 2016 Course Number: M20742 Category: Technical Microsoft Duration: 5 days Certification: 70-742 Overview This five-day instructor-led course teaches IT Pros how to deploy
More informationInstall and Configure Active Directory Domain Services
Active Directory 101 Install and Configure Active Directory Domain Services Sander Berkouwer CTO at SCCT 10-fold Microsoft MVP Active Directory aficionado Daniel Goater Systems Engineer Netwrix Active
More informationCourse Outline 20742B
Course Outline 20742B Module 1: Installing and configuring domain controllers This module describes the features of AD DS and how to install domain controllers (DCs). It also covers the considerations
More information20742: Identity with Windows Server 2016
Course Content Course Description: This five-day instructor-led course teaches IT Pros how to deploy and configure Active Directory Domain Services (AD DS) in a distributed environment, how to implement
More informationIdentity with Windows Server 2016
Identity with Windows Server 2016 Course 20742B - 5 Days - Instructor-led, Hands on Introduction This five-day instructor-led course teaches IT Pros how to deploy and configure Active Directory Domain
More informationMETHODOLOGY This program will be conducted with interactive lectures, PowerPoint presentations, discussions and practical exercises.
CENTER OF KNOWLEDGE, PATH TO SUCCESS Website: IDENTITY WITH WINDOWS SERVER 2016 Course 20742: 5 days; Instructor-Led INTRODUCTION This five-day instructor-led course teaches IT Pros how to deploy and configure
More informationMOC 20417B: Upgrading Your Skills to MCSA Windows Server 2012
MOC 20417B: Upgrading Your Skills to MCSA Windows Server 2012 Course Overview This course explains new features and functionality in Windows Server 2012 around management, networking infrastructure, storage,
More informationIdentity with Windows Server 2016
Identity with Windows Server 2016 20742B; 5 days, Instructor-led Course Description This five-day instructor-led course teaches IT Pros how to deploy and configure Active Directory Domain Services (AD
More informationPlanning for and Managing Devices in the Enterprise: Enterprise Mobility Suite (EMS) & On- Premises Tools
Planning for and Managing Devices in the Enterprise: Enterprise Mobility Suite (EMS) & On- Premises Tools 20398BA - 5 Days - Instructor-led, Hands-on Introduction This five-day course teaches IT professionals
More informationConfiguring Claims-based Authentication for Microsoft Dynamics CRM Server. Last updated: May 2015
Configuring Claims-based Authentication for Microsoft Dynamics CRM Server Last updated: May 2015 This document is provided "as-is". Information and views expressed in this document, including URL and other
More informationLiferay Security Features Overview. How Liferay Approaches Security
Liferay Security Features Overview How Liferay Approaches Security Table of Contents Executive Summary.......................................... 1 Transport Security............................................
More informationToday s workforce is Mobile. Cloud and SaaSbased. are being deployed and used faster than ever. Most applications are Web-based apps
Today s workforce is Mobile Most applications are Web-based apps Cloud and SaaSbased applications are being deployed and used faster than ever Hybrid Cloud is the new normal. % plan to migrate >50% of
More informationUser Directories. Overview, Pros and Cons
User Directories Overview, Pros and Cons Overview Secure ISMS can operate with one or more of the following user directories. Secure ISMS Users (ISMS) Internal users local to the Secure ISMS application
More informationCourse 20533B: Implementing Microsoft Azure Infrastructure Solutions
Course 20533B: Implementing Microsoft Azure Infrastructure Solutions Course details Course Outline Module 1: Introduction to Azure This module explains cloud computing, and compares cloud computing and
More informationIT professionals are grappling with
THE ESSENTIAL GUIDE TO Managing Access to SaaS Applications By Sean Deuby SPONSORED BY IT professionals are grappling with not one, but three revolutions at the same time. First, cloud computing provides
More informationPlanning for and Managing Devices in the Enterprise: Enterprise Mobility Suite (EMS) & On-Premises Tools
Planning for and Managing Devices in the Enterprise: Enterprise Mobility Suite (EMS) & On-Premises Tools OD20398B; On-Demand, Video-based Course Description This course teaches IT professionals how to
More informationActive Directory Services with Windows Server
Active Directory Services with Windows Server 10969B; 5 days, Instructor-led Course Description Get hands on instruction and practice administering Active Directory technologies in Windows Server 2012
More informationMobility Windows 10 Bootcamp
Mobility Windows 10 Bootcamp Length: 8 days Format: Bootcamp Time: Day About This Course This boot camp is designed to provide students with the knowledge and skills required to install and configure Windows
More informationMCSA Windows Server 2012 Configuring Advanced Services
Session 1 MCSA Windows Server 2012 Configuring Advanced Services Section A: Windows Server 412 70-412 Project Network Load Balancing Prerequisites for NLB Install NLB Cluster Configuration Unicast vs.
More informationExam Code: Exam Code: Exam Name:Managing Office 365 Identities and Requirements.
Exam Code:70-346 Number: 70-346 Passing Score: 800 Time Limit: 120 min File Version: 12.5 http://www.gratisexam.com/ Exam Code:70-346 Exam Name:Managing Office 365 Identities and Requirements Exam A QUESTION
More informationConfiguring Claims-based Authentication for Microsoft Dynamics CRM Server. Last updated: June 2014
Configuring Claims-based Authentication for Microsoft Dynamics CRM Server Last updated: June 2014 This document is provided "as-is". Information and views expressed in this document, including URL and
More informationPlanning for and Managing Devices in the Enterprise: Enterprise Management Suite (EMS) & On-Premises Tools
Enterprise Management Suite (EMS) & On-Premises Tools Page 1 of 7 Planning for and Managing Devices in the Enterprise: Enterprise Management Suite (EMS) & On-Premises Tools Course 20398A: 4 days; Instructor-Led
More informationMicrosoft AZ-101 Exam
Volume: 124 Questions Topic 1: Humongous Insurance 7 Questions Topic 2: Contoso Case Study A 5 Questions Topic 3: Mix Questions 108 Questions Topic 4: Contoso Case Study B 4 Questions Topic 1, Humongous
More informationBring Your Own Device Part I Yuqing Zhao 趙宇清 Protocol Test Suite Developer Microsoft Corporation
Bring Your Own Device Part I Yuqing Zhao 趙宇清 Protocol Test Suite Developer Microsoft Corporation What s BYOD Device Public Cloud Device Enterprise On-Premise Cloud BYOD Protocols and Test Design
More informationAD FS v3. Deployment Guide
Deployment Guide UPDATED: 15 November 2017 Copyright Notices Copyright 2002-2017 KEMP Technologies, Inc. All rights reserved. KEMP Technologies and the KEMP Technologies logo are registered trademarks
More informationConfiguration Guide - Single-Sign On for OneDesk
Configuration Guide - Single-Sign On for OneDesk Introduction Single Sign On (SSO) is a user authentication process that allows a user to access different services and applications across IT systems and
More informationActive Directory Services with Windows Server
Course Code: M10969 Vendor: Microsoft Course Overview Duration: 5 RRP: POA Active Directory Services with Windows Server Overview Get Hands on instruction and practice administering Active Directory technologies
More informationHybrid Identity de paraplu in de cloud
EXPERTS LIVE SUMMER NIGHT Hybrid Identity de paraplu in de cloud Robbert van der Zwan TSP EM+S Netherlands EXPERTS LIVE SUMMER NIGHT Robbert van der Zwan Robbert works as an Enterprise Mobility and Security
More information"Charting the Course... MOC B Active Directory Services with Windows Server Course Summary
Description Course Summary Get Hands on instruction and practice administering Active Directory technologies in Windows Server 2012 and Windows Server 2012 R2 in this 5-day Microsoft Official Course. You
More informationCloud Access Manager Configuration Guide
Cloud Access Manager 8.1.3 Configuration Guide Copyright 2017 One Identity LLC. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide
More information70-742: Identity in Windows Server Course Overview
70-742: Identity in Windows Server 2016 Course Overview This course provides students with the knowledge and skills to install and configure domain controllers, manage Active Directory objects, secure
More informationVendor: Microsoft. Exam Code: Exam Name: Managing Office 365 Identities and Requirements. Version: Demo
Vendor: Microsoft Exam Code: 70-346 Exam Name: Managing Office 365 Identities and Requirements Version: Demo Topic 1, Fabrikam, Inc OverView Fabrikam, inc is a financial services organization. Fabrikam
More informationExam : Implementing Microsoft Azure Infrastructure Solutions
Exam 70-533: Implementing Microsoft Azure Infrastructure Solutions Objective Domain Note: This document shows tracked changes that are effective as of January 18, 2018. Design and Implement Azure App Service
More informationMicrosoft MB Microsoft Dynamics CRM 2016 Installation. Download Full version :
Microsoft MB2-711 Microsoft Dynamics CRM 2016 Installation Download Full version : https://killexams.com/pass4sure/exam-detail/mb2-711 Answer: D QUESTION: 87 Which two components are required to enable
More informationMicrosoft Managing Office 365 Identities and Requirements. Download Full version :
Microsoft 70-346 Managing Office 365 Identities and Requirements Download Full version : http://killexams.com/pass4sure/exam-detail/70-346 B. Service requests C. Service health page D. Office 365 Service
More informationActive Directory Services with Windows Server
Active Directory Services with Windows Server Duration: 5 Days Course Code: 10969B About this course Get Hands on instruction and practice administering Active Directory technologies in Windows Server
More informationIdentity with Windows Server 2016 (20742)
Identity with Windows Server 2016 (20742) Formato do curso: Presencial Preço: 1630 Duração: 35 horas This five-day instructor-led course teaches IT Pros how to deploy and configure Active Directory Domain
More informationMCSE Server Infrastructure. This Training Program prepares and enables learners to Pass Microsoft MCSE: Server Infrastructure exams
MCSE Server Infrastructure This Training Program prepares and enables learners to Pass Microsoft MCSE: Server Infrastructure exams 1. MCSE: Server Infrastructure / Exam 70-413 (Designing and Implementing
More informationNews and Updates June 1, 2017
Microsoft Azure News and Updates June 1, 2017 Azure Backup for Windows Server System State Modern Backup Storage with Azure Backup Server v2 vcenter/esxi 6.5 support for Azure Backup Server Larger Disk
More informationMCSE- Windows Server 2012
COURSE CONTENT MCSE- Windows Server 2012 Course 20413C: Designing and Implementing a Server Infrastructure 1. Planning Server Upgrade and Migration Considerations for Upgrades and Migrations Creating a
More informationSingle Sign-On Architectures. Jan De Clercq Senior Member of Technical Staff Technology Leadership Group Hewlett-Packard
Single Sign-On Architectures Jan De Clercq Senior Member of Technical Staff Technology Leadership Group Hewlett-Packard Agenda Trusted Security Infrastructures SSO: What and Why? SSO Architectures Extending
More informationOverview What is Azure Multi-Factor Authentication? How it Works Get started Choose where to deploy MFA in the cloud MFA on-premises MFA for O365
Table of Contents Overview What is Azure Multi-Factor Authentication? How it Works Get started Choose where to deploy MFA in the cloud MFA on-premises MFA for O365 users Security best practices How to
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
ADV1591BU Delivering Virtual Desktops and Apps via the Digital Workspace with Workspace ONE and VMware Horizon VMworld 2017 Content: Not for publication Peter Bjork @thepeb & Matt Coppinger @mcopping #VMworld
More informationUse EMS to protect your mobile data and mobile app
Use EMS to protect your mobile data and mobile app Peter Daalmans Senior Consultant, Enterprise Mobility MVP CTGlobal. pds@ctglobalservices.com PETER DAALMANS Enterprise Mobility MVP @ CTGlobal Blog: https://peterdaalmans.com
More informationSingle Sign-on for Office 365, Microsoft Azure and On-Premises Environments:
Single Sign-on for Office 365, Microsoft Azure and On-Premises Environments: Configuring and Deploying Active Directory Federated Services in a Hybrid Architecture Single Sign-on for Office 365, Microsoft
More informationExam : Implementing a Cloud Based Infrastructure
Exam 70-414: Implementing a Cloud Based Infrastructure Course Overview This course teaches students about creating the virtualization infrastructure, planning and deploying virtual machines, monitoring,
More information20398: Planning for and Managing Devices in the Enterprise: Enterprise Mobility Suite (EMS) and On- Premises Tools
Let s Reach For Excellence! TAN DUC INFORMATION TECHNOLOGY SCHOOL JSC Address: 103 Pasteur, Dist.1, HCMC Tel: 08 38245819; 38239761 Email: traincert@tdt-tanduc.com Website: www.tdt-tanduc.com; www.tanducits.com
More informationIdentity as the core of enterprise mobility
The current reality Identity as the core of enterprise mobility Azure Active Directory as the control plane Windows Server Active Directory Customers Partners Other directories Self-service Single sign-on
More informationDeploying F5 with Microsoft Active Directory Federation Services
F5 Deployment Guide Deploying F5 with Microsoft Active Directory Federation Services This F5 deployment guide provides detailed information on how to deploy Microsoft Active Directory Federation Services
More informationWindows Server : Configuring Advanced Windows Server 2012 Services R2. Upcoming Dates. Course Description.
Windows Server 2012 20412: Configuring Advanced Windows Server 2012 Services R2 Gain the skills and knowledge necessary to perform advanced management and provisioning of services within Windows Server
More informationApp Gateway Deployment Guide
C E N T R I F Y D E P L O Y M E N T G U I D E App Gateway Deployment Guide Abstract Centrify provides mobile device management and single sign-on services that you can trust and count on as a critical
More informationCourse 10969: Active Directory services with Windows Server
Course 10969: Active Directory services with Windows Server Overview Get Hands on instruction and practice administering Active Directory technologies in Windows Server 2012 and Windows Server 2012 R2
More informationCourse 10993A: Integrating On-Premises Identity Infrastructure with Microsoft Azure
Course 10993A: Integrating On-Premises Identity Infrastructure with Microsoft Azure - Course details Course Outline Module 1: Introducing Azure AD This module describes the differences between Azure AD
More informationDeploying F5 with Microsoft Active Directory Federation Services
F5 Deployment Guide Deploying F5 with Microsoft Active Directory Federation Services This F5 deployment guide provides detailed information on how to deploy Microsoft Active Directory Federation Services
More informationAt Course Completion After completing this course, students will be able to:
Course Details Course Code: Duration: Notes: 20398B 5 days This course syllabus should be used to determine whether the course is appropriate for the students, based on their current skills and technical
More informationConfigMgr 2012 R2 & Intune
ConfigMgr 2012 R2 & Intune Step by Step explained from setting it up, to identity control (ADFS, DRS and Workplace Join) Tim De Keukelaere Kenny Buntinx #MMSMinnesota #MMSCMIntune About Kenny @KennyBuntinx
More informationTUT Integrating Access Manager into a Microsoft Environment November 2014
TUT7189 - Integrating Access Manager into a Microsoft Environment November 2014 #BrainShare #NetIQ7189 Session Agenda Integrating Access Manager with Active Directory Federation Services (ADFS) ADFS Basics
More informationMOC 6232A: Implementing a Microsoft SQL Server 2008 Database
MOC 6232A: Implementing a Microsoft SQL Server 2008 Database Course Number: 6232A Course Length: 5 Days Course Overview This course provides students with the knowledge and skills to implement a Microsoft
More informationExtranets in SharePoint and SSO for Claims Apps. January 18, 2017
Extranets in SharePoint and SSO for Claims Apps January 18, 2017 Peter Carson President, Envision IT SharePoint MVP Partner Seller, Microsoft Canada peter.carson@extranetusermanager.com http://blog.petercarson.ca
More informationImplementing an Advanced Server Infrastructure
Implementing an Advanced Server Infrastructure Course 20414C 5 Days Instructor-led, Hands-on Introduction Get hands-on instruction and practice planning, designing and deploying a physical and logical
More informationSQL Server Security. Marek
SQL Server Security Marek Chmel Lead Database Administrator @ AT&T MVP: Data Platform MCSE: Data Management and Analytics MCT: Regional Lead Certified Ethical Hacker CEHv8 marek.chmel@technet.ms @MarekChmel
More informationACTIVE DIRECTORY SERVICES WITH WINDOWS SERVER
CENTER OF KNOWLEDGE, PATH TO SUCCESS Website: ACTIVE DIRECTORY SERVICES WITH WINDOWS SERVER Course: 10969A; Duration: 5 Days; Instructor-led WHAT YOU WILL LEARN Get hands-on instruction and practice administering
More information10969B: Active Directory Services with Windows Server
10969B: Active Directory Services with Windows Server Course Details Course Code: Duration: Notes: 10969B 5 days This course syllabus should be used to determine whether the course is appropriate for the
More informationMicrosoft Active Directory Services with Windows Server
1800 ULEARN (853 276) www.ddls.com.au Microsoft 10969 - Active Directory Services with Windows Server Length 5 days Price $4290.00 (inc GST) Version B Overview Get hands-on instruction and practice administering
More informationExtranet Identity Management and Authentication for SharePoint On Premise, Office 365 and Beyond
Extranet Identity Management and Authentication for SharePoint On Premise, Office 365 and Beyond Presented by Peter Carson President, Envision IT October 22, 2014 Peter Carson President, Envision IT SharePoint
More informationPCI DSS Compliance. White Paper Parallels Remote Application Server
PCI DSS Compliance White Paper Parallels Remote Application Server Table of Contents Introduction... 3 What Is PCI DSS?... 3 Why Businesses Need to Be PCI DSS Compliant... 3 What Is Parallels RAS?... 3
More informationCONDITIONAL ACCESS FROM A TO Z
CONDITIONAL ACCESS FROM A TO Z Peter Daalmans PeterDaalmans.com, pds@ctglobalservices.com, Senior Consultant CTGlobal Jörgen Nilsson Ccmexec.com, jorgen.nilsson@onevinn.se, Principal Consultant Onevinn
More information10969: Active Directory Services with Windows Server
Let s Reach For Excellence! TAN DUC INFORMATION TECHNOLOGY SCHOOL JSC Address: 103 Pasteur, Dist.1, HCMC Tel: 08 38245819; 38239761 Email: traincert@tdt-tanduc.com Website: www.tdt-tanduc.com; www.tanducits.com
More informationAzure Active Directory from Zero to Hero
Azure Active Directory from Zero to Hero Azure &.NET Meetup Freiburg, 2018 Esmaeil Sarabadani What we cover today Overview on Azure AD Differences between on-prem AD and Azure AD Azure AD usage scenarios
More informationExtranets in SharePoint and Office 365 May 17, 2017
Extranets in SharePoint and Office 365 May 17, 2017 Peter Carson President, Envision IT SharePoint MVP Partner Seller, Microsoft Canada peter.carson@extranetusermanager.com http://blog.petercarson.ca www.envisionit.com
More information20414C: Implementing an Advanced Server Infrastructure
20414C: Implementing an Advanced Server Course Details Course Code: Duration: Notes: 20414C 5 days This course syllabus should be used to determine whether the course is appropriate for the students, based
More informationConfiguring Advanced Windows Server 2012 Services
Configuring Advanced Windows Server 2012 Services Course 20412D - Five days - Instructor-led - Hands-on Introduction Get hands-on instruction and practice configuring advanced Windows Server 2012, including
More informationVMWARE HORIZON CLOUD WITH VMWARE IDENTITY MANAGER QUICK START GUIDE WHITE PAPER MARCH 2018
VMWARE HORIZON CLOUD WITH VMWARE IDENTITY MANAGER QUICK START GUIDE WHITE PAPER MARCH 2018 Table of Contents Introduction to Horizon Cloud with Manager.... 3 Benefits of Integration.... 3 Single Sign-On....3
More information[MS20414]: Implementing an Advanced Server Infrastructure
[MS20414]: Implementing an Advanced Server Infrastructure Length : 5 Days Audience(s) : IT Professionals Level : 300 Technology : Windows Server Delivery Method : Instructor-led (Classroom) Course Overview
More informationSharePoint 2019 and Extranet User Manager
SharePoint 2019 and Extranet User Manager Tuesday, June 5, 2018 12:00-1:00 PM http://eum.co (#) Agenda Introductions SharePoint 2019 Announcements SharePoint On Premises Extranets EUM Features and Licensing
More informationVendor: Microsoft. Exam Code: Exam Name: Configuring Advanced Windows Server 2012 Services. Version: Demo
Vendor: Microsoft Exam Code: 70-412 Exam Name: Configuring Advanced Windows Server 2012 Services Version: Demo DEMO QUESTION 1 Your network contains one Active Directory domain. The domain contains two
More informationCopyright
This video will look at the different Terminology that is used with Federation Services. This will give you a good indication of what components make up a Federation Service in Active Directory Federation
More informationUse Microsoft EMS. to Protect your Mobile Data and Mobile Apps. Chris Nackers Nackers Consulting
Use Microsoft EMS to Protect your Mobile Data and Mobile Apps Chris Nackers http://chrisnackers.com chris@nackersconsulting.com Nackers Consulting Peter Daalmans http://configmgrblog.com, peter@daalmans.com
More informationCONFIGURING AD FS AS A THIRD-PARTY IDP IN VMWARE IDENTITY MANAGER: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE
GUIDE MARCH 2019 PRINTED 28 MARCH 2019 CONFIGURING AD FS AS A THIRD-PARTY IDP IN VMWARE IDENTITY MANAGER: VMWARE WORKSPACE ONE VMware Workspace ONE Table of Contents Overview Introduction Audience AD FS
More informationCrash course in Azure Active Directory
Crash course in Azure Active Directory Crash course in Azure Active Directory Competing today requires a focus on digital transformation and empowering everyone to be creative and work together securely.
More informationArchitecture Assessment Case Study. Single Sign on Approach Document PROBLEM: Technology for a Changing World
Technology for a Changing World Architecture Assessment Case Study Single Sign on Approach Document PROBLEM: Existing portal has Sign on Capabilities based on the SQL Server database and it s not having
More informationSession: CEO206. Mike Crowley Planet Technologies
Session: CEO206 Mike Crowley Planet Technologies www.go-planet.com 1 Agenda Pilot definition Planning Technologies Rollback 2 Vocabulary Proof of Concept (POC) Pilot Demonstrate the service works May or
More informationWhat s in Installing and Configuring Windows Server 2012 (70-410):
What s in Installing and Configuring Windows Server 2012 (70-410): The course provides skills and knowledge necessary to implement a core Windows Server 2012 infrastructure in an existing enterprise environment.
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
ADV1591BE Delivering Virtual Desktops and Apps via the Digital Workspace with Workspace ONE and VMware Horizon VMworld 2017 Content: Not for publication Johan van Amersfoort & Stephane Padique #VMWORLD
More informationMCSE Productivity. A Success Guide to Prepare- Advanced Solutions of Microsoft Exchange Server edusum.com
70-342 MCSE Productivity A Success Guide to Prepare- Advanced Solutions of Microsoft Exchange Server 2013 edusum.com Table of Contents Introduction to 70-342 Exam on Advanced Solutions of Microsoft Exchange
More informationSix steps to control the uncontrollable
Six steps to control the uncontrollable Learn how to use Microsoft Enterprise Mobility Suite to protect cloud apps, manage devices, and guard against advanced threats today Introduction Employees today
More informationImplementing Microsoft Azure Infrastructure Solutions
Implementing Microsoft Azure Infrastructure Solutions OD20533C; On-Demand, Video-based Course Description This course is intended for IT professionals who are familiar with managing on-premises IT deployments
More information