Online Talk: Security integration with the cloud using Active Directory Federation Services (ADFS). 22-March at 14:00 GMT (07:00 PST)


I’ll be covering how to set up ADFS 2.0 for authenticating to Windows Azure apps and Office 365. The talk is basically in 2 sections – integration with Windows Azure and integration with Office 365. So it’ll go:

ADFS ==> App Fab ACS ==> Azure App.

ADFS ==> MFG ==> Office 365.

I’ll talk about the protocols and message flows, and do demos of authenticating in both environments so you can see what a working configuration looks like.

If you’d like to attend, please register here. It says the presenters are Simon May and Andrew Fryer – but don’t be confused: you are in the right registration page – I will be presenting despite what it says…

There are other online (and in-person, if you can get to the UK!) sessions available here, at the UK TechDays 2011 site.

image

 

Planky – GBR-257

Comments (6)

  1. Stephen says:

    Is there such a thing as:

    ADFS ==> App Fab ACS ==> Office365.

    -or-

    3rd party SAML IDP  ==> App Fab ACS ==> Office365.

    We had a discussion before on whether MFG can talk to a non-ADFS SAML IDP.  The conclusion there is probably not.  ACS is definitely generic enough to handle any 3rd party SAML IDP.  Seems like AppFab ACS is not used in conjunction with Office365?  Just need a confirmation.  (I do wish it does ……)

  2. plankytronixx says:

    Hi.

    No – the federation provider (that's what ACS is in App Fab) for Ofice 365 is called the "Microsoft Federation Gateway" (MFG).

    So it goes:

    ADFS ==> MFG ==> Office 365.

    I have a couple of posts you'll find interesting on this topic. One is a "whiteboard" video. The other is a demo of how to set up Office 365 to work with the MFG and ADFS:

    blogs.msdn.com/…/whiteboard-video-how-adfs-and-the-microsoft-federation-gateway-work-together-up-in-the-office-365-cloud.aspx

    blogs.msdn.com/…/video-screencast-complete-setup-details-for-federated-identity-access-from-on-premise-ad-to-office-365.aspx

    Have fun.

    Planky

  3. Akshaya says:

    If ADFS 2.0 is configured with ACS 2.0 and Office 365 separately, is there a possibility that we can do a SSO between an application hosted on Azure (that uses ACS for authentication) and Sharepoint Online (in Office 365)?

    If yes, can you provide some guidelines or samples that I can go through?

    Thanks

    Akshaya

  4. LordAkshaya says:

    If ADFS 2.0 is configured with ACS 2.0 and Office 365 separately, is there a possibility that we can do a SSO between an application hosted on Azure (that uses ACS for authentication) and Sharepoint Online (in Office 365)?

    If yes, can you provide some guidelines or samples that I can go through?

    Thanks

    Akshaya

  5. LordAkshaya says:

    If ADFS 2.0 is configured with ACS 2.0 and Office 365 separately, is there a possibility that we can do a SSO between an application hosted on Azure (that uses ACS for authentication) and Sharepoint Online (in Office 365)?

    If yes, can you provide some guidelines or samples that I can go through?

    Thanks

    Akshaya

  6. plankytronixx says:

    Hi Akshaya,

    If you want to use AD as the source of authenticated credentials – yes definitely. You'd configure Office 365 to use AD. THen you'd configure your clud app to use ACS and in turn configure the cloud app to use AD. Therefore you'd authenticate to AD and that would be consumed by both the cloud app (vis ACS) and Office 365 (via the MFG).

    If you can't use AD, then you are a bit stuck at the moment. The federation component in Office 265 (the MS Federaiton Gateway or MFG) is hard-wired to only federate with AD. You can't use ACS with Office 365.

    I'm doing a talk about both Office 365 and Azure AD integration at TechDays next week. uktechdays.cloudapp.net

    Planky