Microsoft Office Tutorials and References
In Depth Information
In this chapter, we undertook and implemented SSO, a key component that is unique to
enterprises and available only in the Office 365 Enterprise (A1/G1/E1, A3/G3/E3, or A4/G4/
E4) suite offerings. There are many technologies that made this possible, the most
important of which is a healthy Active Directory.
With most enterprise Office 365 deployments, we advocate an Active Directory health
assessment. As a reminder, the Microsoft Office 365 Deployment Readiness Toolkit will
analyze your AD for Office 365 readiness. The most important thing is to ensure that your
forest has a routable UPN suffix that you will assign to the users in the forest. This is also a
requirement for directory synchronization (Directory Sync), which we will cover Chapter 4,
“Directory Synchronization.” The planning work you did in Chapter 2, “Planning and
preparing to deploy Office 365,” should have prepared your environment and made the tasks in
this chapter less daunting.
It is also important to stress that when you turn on SSO, you are in fact deferring
authentication to your on-premises AD FS farm. Therefore, if the AD FS farm is unreachable for
whatever reason, Office 365 services will be unavailable for users who are not yet
authenticated. Invest in the time and architecture to build a robust AD FS farm and consider
alternative and redundant options such as Windows Azure IaaS to supplement your AD FS farm.