This document summarizes a presentation about using OneLogin to deploy Office 365. OneLogin provides federated identity management that allows single sign-on access to Office 365 without having to manage Microsoft Azure Active Directory, directory synchronization, or on-premises AD FS servers. It integrates with on-premises Active Directories and provisions users and licenses to Office 365 in a single click. The presentation included a product demo and Q&A section.
Fast Track Office 365 with OneLogin's Federated Identity
1. FAST TRACK YOUR OFFICE 365
DEPLOYMENTS WITH ONELOGIN
Get to the Microsoft Cloud Without the Complexities of Using Microsoft Cloud
2. S P E A K E R S
C H I P E P P S
Sr Director, Product Marketing
@onelogin
M I C H A E L Y E E
Solutions Engineer
@onelogin
3. “We spent two months trying to deploy
ADFS and couldn’t get it to work properly.
OneLogin was able to set up and do the
initial configuration on a 60 minute call. ”
PARTNER
IT Manager
4. / / / Extending Directory Services to Office 365
/ / / OneLogin for Office 365
/ / / Product Demo
/ / / Q & A
A G E N D A
7. G E T T I N G F R O M A D TO O 3 6 5
● Cloud Identity
● Synchronized Identity
● Federated Identity
Azure AD
8. ABOUT MICROSOFT AZURE AD
● One Component of Microsoft’s Cloud
Services Platform
● Core directory behind most of Microsoft’s
cloud services
● A free Azure AD tenant is
included/required with Office 365
● OneLogin eliminates the need for
customers to interact directly with Azure
AD (we use the Graph API)
M I C R O S O F T A Z U R E A C T I V E D I R E C T O R Y
9. C L O U D I D E N T I T Y
● No on-premises Servers
● Create and manage Users from the Office 365 Admin Center, and store accounts in Azure AD
● Identity and authentication are handled completely in the Cloud
Azure AD
PowerShell
10. S Y N C H R O N I Z E D I D E N T I T Y
● One-way Sync between AD and O365
● Users have same username and password, but have to re-enter them
DirSync
Azure AD
USER ACCOUNTS
11. F E D E R A T E D I D E N T I T Y
● Leverages Desktop SSO (IWA)
● Users Don’t Have to re-authenticate if they are on the Network
● Addresses complex directory infrastructures
● Supports more advanced compliance Reporting
DirSync
ADFS
Azure AD
AUTHENTICATION
USER ACCOUNTS
12. R E V I E W O F I D E N T I T Y M O D E L S
CLOUD
IDENTITY
SYNCHRONIZED
IDENTITY
FEDERATED
IDENTITY
Same Password to Access Resources On-Premises & in the Cloud
Can Control Password Policies On-Premises
Real-Time Authentication Based on Active Directory
Desktop SSO (Integrated Windows Authentication)
Support for Multiple Forests or Mixed Directory Types
Sign-in Compliance Reporting
Restrict Access by IP Address
13. O N E L O G I N F E D E R A T E D I D E N T I T Y
● Provides powerful Active Directory integration with real-time sync, and supports Desktop SSO
● Powerful mapping engine accommodates multi-forest structures, and organizational
relationships
● Supports automated Provisioning & De-Provisioning, with entitlement mapping
● Cloud-based and highly available, with certified Data Centers (e.g. ISO 27001)
Azure AD
AD Connector
USER ACCOUNTS
AUTHENTICATION
14. 1. No More DirSync, AD FS, FIM and Servers to Maintain
2. Enable a High Availability Service, with Minimal Work on Your Part
3. Fast Precise Provisioning of Office 365 Users & License Pairing
4. Stronger Security & Compliance
16. “With OneLogin, I rolled out Office 365
to 4,000+ users across 35 offices in half
an hour.”
C O L L I N H A C H W I
IT Infrastructure Manager, Disys
18. AD Integration
● Desktop SSO
Setting Up Office 365
● OneClick Configuration
Mapping Attributes, Groups, & Licenses
Provisioning
De-Provisioning
S E T T I N G T H E S T A G E
A D C O N N E C T O R
C L O U D
A P P S