« #Wortell Mailboxen worden naar #Office365 gemoved | Hoofdmenu | De Windows Phone 7 Microsoft Lync Client »

18 oktober 2011

Nieuwe #ADFS Rollup met betere #Office365 ondersteuning

Update Rollup 1 for Active Directory Federation Services (AD FS) 2.0 is beschikbaar. Voor Office 365 is deze update heel belangrijk aangezien ze twee nieuwe scenario's voor Office 365 ondersteund:

Ondersteuning voor meerdere UPN suffixes binnen dezelfde forest zonder hiervoor een tweede instantie van ADFS te hoeven implementeren (dus bijvoorbeeld UPN's die eindigen op wortell.com en wortell.nl kunnen nu middels 1 ADFS implementatie met Office 365 ondersteund worden).

Betere mogelijkheden om op basis van de locatie van een client toegang tot diensten af te schermen.

Hieronder de beschrijving vanaf de Microsoft Support site:

  • Multiple Issuer Support
    Previously, Microsoft Office 365 customers who require single sign-on (SSO) by using AD FS 2.0 and use multiple top level domains for users' user principal name (UPN) suffixes within their organization (for example, @contoso.us or @contoso.de) are required to deploy a separate instance of AD FS 2.0 Federation Service for each suffix. After you install this Update Rollup on all the AD FS 2.0 federation servers in the farm and follow the instructions of using this feature with Office 365, new claim rules will be set to dynamically generate token issuer IDs based on the UPN suffixes of the Office 365 users. As a result, you do not have to set up multiple instances of AD FS 2.0 federation server to support SSO for multiple top level domains in Office 365.
    For more information about the instructions, visit the following Microsoft website:

    General information about how to set up a trust by adding or converting a domain for SSO (http://onlinehelp.microsoft.com/en-us/office365-enterprises/ff652560.aspx#BKMK_CreateOrConvertADomain)

  • Client Access Policy Support

    Today, Office 365 customers do not have the capability to use AD FS 2.0 to restrict extranet access across all the endpoints to corporate resources within Office 365. Some organizations may want to create policies that limit access to Office 365 services that depend on the location of the client. For example, you might want to the following capabilities:
    • Block all extranet clients access to Office 365
    • Block all extranet clients access to Office 365, except for devices accessing Exchange Online for Exchange Active Sync

    Update Rollup 1 for AD FS 2.0 enables organizations to configure these kinds of policies. If Office 365 customers who use SSO require these policies, they can now use client access policy rules to restrict access based on the location of the computer or device that is making the request. Currently, customers who use Microsoft Office Online Services cloud IDs cannot implement these restrictions.
    For more information about how to use client access policy to limit access to Office 365 services that are depend on the location of the client, visit the following Microsoft website:

    General information about how to limit access to Office 365 services that depend on the location of the client (http://go.microsoft.com/fwlink/?LinkId=231155)

    For more information about how to plan for and deploy AD FS 2.0 for use with SSO, visit the following Microsoft website:

    General information about how to Plan for and deploy AD FS 2.0 for use with SSO (http://go.microsoft.com/fwlink/?LinkID=212852)

Het volledige artikel is hier te vinden: http://support.microsoft.com/kb/2607496

TrackBack

TrackBack URL van dit bericht:
http://www.typepad.com/services/trackback/6a010534dbe74a970c014e8c535aac970d

Listed below are links to weblogs that reference Nieuwe #ADFS Rollup met betere #Office365 ondersteuning:

Reacties

Feed You can follow this conversation by subscribing to the comment feed for this post.

De reacties op dit bericht zijn afgesloten.

Danny Burlage
MVP Office 365

MVP Office 365