As reported earlier, Microsoft released Azure AD Connect to the public on June 24. The long-anticipated tool is the successor to Azure AD Sync and DirSync. But it’s much more than that.
Although a large part of Azure AD Connect still revolves around directory synchronization, I like to look at it more as a "Cloud Identity Enablement" — a solution rather than just a synchronization component. This is because Azure AD Connect not only allows you to deploy directory synchronization for almost every possible identity scenario you can dream of, but it also enables you to set up and configure identity federation through Active Directory Federation Services from within the same wizard.
Configuring identity federation for your Office 365 tenant consists of three key steps:
Azure AD Connect,
configuring identity federation
Yesterday, Microsoft announced the General Availability (GA) of Azure AD Connect. Azure AD Connect is consiered to be the successor to DirSync/AADSync. However, it is much more than just a synchronization engine. The tool allows customers to use a single wizard to configure various aspects of identity synchronization and authentication with Microsoft's Online Services.
The wizard - which shows similarities to the one used in AADSync - allows you to install and configure various Directory Synchronization options and now also includes the ability to automatically setup and configure Active Directory Federation Services. Before, you still had to manually enable a domain for federation after having isntalled and configured AD FS yourself. Now, the wizard allows you to "pick and choose"
which servers you are designating for AD FS and it will go out and perform the installation and configuration in Office 365 for the selected domains for you.
The biggest benefit of the tool is that it greatly simplifies the process so that administrators don't have to unnecessarily struggle with the entire process. After all, even though the sync and authentication process in itself are pretty straightforward, setup and configuration have proven to sometimes be quite challenging.
Next to these GA features, Azure AD Connect also includes the ability to preview features such as User- and Group Writeback; which Microsoft said to be releasing later.
For more information, have a look at the original announcment here or get started immediately and download the tool here.
Office 365 sign-in,
Office 365 authentication,
With Exchange 2016 fever in the air, many admins are left with looming questions about what changes this new iteration will bring.
ENow’s Microsoft Exchange Server MVP Michael Van Horenbeeck recently partnered with MSExchange.org to host a webinar that would clear up some lingering questions surrounding Exchange 2016 and beyond.
On June 16 2015, Microsoft released Cumulative Update 9 for Exchange Server 2013 along with Update Rollup 10 for Exchange Server 2010 and Update Rollup 17 (yes, that many already) for Exchange Server 2007.
Unfortunately for some, Update Rollup 9 looks like it's going to be another uneventful update —provided that no post-installation issues arise. Except for changing where Sent Items are stored when a message is sent as or on behalf of a Shared Mailbox, Microsoft reported no new features or changes in existing functionality. That is not too surprising, given that Exchange Server 2013 is now in its third year.
Imagine this scenario. You have in your hands a device that’s about five and a half inches from the top-left corner to the bottom right. It’s fairly thin, maybe a quarter of an inch. And it has a couple of ports and a decent battery life, yet it contains the entirety of your electronic world. You dock it when you need to get things done. You remove it from the dock and slip it in your pocket or handbag when you are ready to go out and about.
It might sound like I’m referring to a smartphone, but Microsoft’s vision of phones is morphing in concert with the release of Windows 10 to the point where a phone is not just a phone; it is a full-fledged computer, capable of everything your desktop or laptop could do with all the convenience and mobility of a smartphone. We got a preview of this at Microsoft Ignite and, frankly, I think it is the future of personal computing. It is called Continuum for Phones.
Continuum for Phones,
This blog post highlights the changes that Skype for Business have brought to Lync/Skype for Business to Skype (Consumer) Connectivity. It’s intended to correct and update the following articles to the current functionality:
In this article, we will discuss the following items:
- Federation with Skype IDs
- Skype Directory Search
- Skype Consumer and Skype for Business compatibility matrix
Skype for business,
Lync for business,
Skype Directory Search,
Yesterday, Microsoft issued its monthly security bulletin. This time around, the bulletin also includes a fix for a vulnerability that affects only Exchange 2013 environments.
Security and Compliance,
When designing for a migration to Exchange Server 2013, chances are you’ll have to deal with public folders. Given that Exchange 2013 has been around for a while, you might think such a task would be a proverbial walk in the park. Of course, if you are looking at a cookie-cutter environment, you might be right. However, in every design there are elements specific to the customer that require a different approach.
More specifically, consider the scenario in which you have public folders — possibly lots of them. For the sake of this article, let’s assume you have about 500GB worth in public folders spread over several thousand public folders across one or more replicas. For some customers, these numbers are much more than they have. For other customers, 500GB in public folders might just be a fraction of what they have to deal with. Regardless of your situation, public folders raise a rather interesting question: How do you plan for (a migration of) public folders to Exchange 2013?
Server role requirements
Office 365 allows for various authentication mechanisms, which includes federated authentication through Active Directory Federation Services. Federated authentication in Office 365 is configured per domain. However, if you register multiple subdomains in your Office 365 tenant, those subdomains will automatically inherit the authentication settings from the parent domain IF you registered the subdomains in the tenant after the parent domain.
For instance, if you have added child1.domain.com and child2.domain.com after registering domain.com, both subdomains will be converted to use federated authentication if you convert the parent domain.
Office 365 authentication,
Michael Van Horenbeeck
Topping 1,100 sessions and drawing in more than 23,000 attendees, Microsoft Ignite was a whirlwind of a week. Among the hundreds of sessions related to Azure, Office 365, Exchange, Windows, and many other Microsoft products, you might have some difficulty keeping all the information straight.
To recap the most memorable Exchange moments, experts Tony Redmond, Michael Van Hybrid, and Jeff Guillet gathered for The Ignite Debrief (Exchange Version) Podcast that’s now available to view. In this 25-minute podcast, the experts zero in on Exchange to provide their takes on several significant Exchange-related announcements from the conference.
Exchange Reporting & Monitoring,