via ITProPortal
Microsoft Office 365 brings with it a set of trusted communications and collaboration tools and services for the cloud including Office Professional Plus, Lync Online, Exchange Online, etc. Office 365 offers a multitude of identity based services in terms of user accounts, passwords, identity synchronization, identity federation, etc. This being the first part of a two part series, we shall be looking at the types of identities, user creation and login options.
There are two types of identities that Office 365 supports:
- Microsoft Online Service Cloud Ids: Users receive a set of credentials that are separate from their desktop or corporate credentials. These separate identities are also known as Cloud Identity. The password policy of the Cloud ID shall be stored in the Cloud with the Office 365 service.
- Federated Identity: Companies that have on-premises Active Directory setup can enable users to use their corporate identities to logon to the cloud services without the need of a separate set of credentials. The Active Directory Sever of the company shall store the user information, password policy information, etc.
Creation of User Accounts
Users can be created on Office 365 in four different ways (if federated identity is not utilised by company). The methods are:
- Administrator Console of Office 365: Administrators can use the online console of Office 365 to create user accounts and individually assign licenses as per their requirement. Once the users are created, further information like department, telephone, contact details, etc. can be added.
- Bulk User creation through .csv upload: Administrators can use the Bulk add user wizard to upload a .csv file with user data. Once the file is uploaded and users are created, either the administrator can view the new users’ password or send them to the individual users via email.
- Active Directory Synchronization Tool: With this tool administrators can completely replicate the Active Directory onto the Office 365 and in turn populate all the information as user attributes unlike the manual creation of users and subsequent entry of details. The master copy of the users stay on the on-premises server and hence online details cannot be edited in the Office 365 console.
- Simple Migration for Exchange: Users accounts and mailboxes will be created automatically if an organization wishes to migrate the entire email setup from on-premises Exchange 2007 or Exchange 2010 to the cloud. This particular method is called the simple migration or the cutover migration for Exchange.
Types of Authentication Supported by Microsoft Office 365
There are two modes of authentication that are supported by Office 365. First is the browser based and the second is the client based.
Under browser based authentication, users can either use the Cloud Identity or the Federated Identity depending upon the configuration their organization has chosen. In case of Federated Identity, the sign-in service provides user the option to on-premises Active Directory Federation Server for authentication.
Rich Client based authentication makes use of either the basic Basic/proxy authentication through SSL which involves both the Exchange Online as well as the on-premises Active Directory Federation Server 2.0. There is also the Office service Sign-in Assistant which is more or less a desktop based application that allows users to logon to the Office 365 using either their Cloud ID or the Federated ID.
In the next part we shall be looking at the Two Factor Authentication Supported by Office 365, Password Management and Active Directory Synchronization along with a few other topics.
Read more: http://www.itproportal.com/2011/06/24/microsoft-office-365-identity-services-part-i/#ixzz1QSakijpt