Microsoft Office Tutorials and References
In Depth Information
Chapter 3: Active Directory Federation Services
CHAPTER 3
Active Directory Federation Services
Different types of user accounts .................... 71
Integrating Active Directory with Office 365 .......... 73
Active Directory Federation Services ................ 82
Removing Active Directory Federation Services ...... 122
Microsoft Active Directory Federation Services (AD FS) provides single sign-on
(SSO) by using token-based authentication. With SSO, a service will trust the
authentication token of a user who has successfully logged on to a disparate but
trusted network. As such, the service will grant access without requiring the user to
authenticate again. For example, if a user has already been authenticated by Active Directory (AD)
and if SSO is configured, Office 365 will provide access to the user without a challenged
logon.
SSO through AD FS is not mandatory for Office 365, but enterprise customers usually
implement it because of the need or desire to leverage existing identity management
solutions such as AD. Remember, too, that we said the user is the most important part of the
equation. SSO optimizes the users’ experience because they don’t need to provide
credentials multiple times.
AD FS is commonly considered and discussed together with directory synchronization,
which is covered in Chapter 4, “Directory Synchronization.”
Note
Office 365 SSO is not available for Office 365 for professionals and small businesses or
for Office 365 Small Business Premium Preview. For more information, see KB article
2662960 at http://support.microsoft.com/kb.2662960 . SSO is available only for Office 365
Enterprise Suites.
Different types of user accounts
Before we dive into AD FS, we need to introduce the different types of user accounts and
authentication methods available in Office 365.
As with any computer system, a user needs an account to access Office 365. This chapter
covers the different ways in which user accounts can be created and maintained. We also
describe the user experience when accessing Office 365 based on the different account
types.
71
Search JabSto ::




Custom Search