SlideShare ist ein Scribd-Unternehmen logo

Spsnj case study 2014

•Als PPTX, PDF herunterladen•
•
J
Joseph Karam

SharePoint 2010 with ADFS

Technologie
1 von 18
Case Study: Transitioning to using Active Directory Federation Services with SharePoint 2010 Joe Karam Princeton University Office of Information Technology SharePoint Saturday New Jersey 2014
New Jersey SharePoint user group • Different SharePoint discussions each month on various topics. Announced on meetup.com • Meets 4th Tuesday of every month • 6pm – 8pm • Microsoft Office (MetroPark) • 101 Wood Ave, Iselin, NJ 08830 • http://www.njspug.com
Thank You Event Sponsors • Diamond & Platinum sponsors have tables here in the Fireside Lounge • Please visit them and inquire about their products & services • Also to be eligible for prizes make sure to get your bingo card stamped
Agenda • introduction to SharePoint & ADFS @Princeton • advantages and concerns with transitioning to ADFS • configuration considerations with ADFS and SharePoint 2010 • issues with migrating data between NTLM and ADFS SharePoint environments • issues with using ADFS and AD Groups • cookie options with ADFS and impact on Office applications • troubleshooting issues with ADFS and user profile services • summary
Princeton SharePoint Implementation • Using SharePoint 2007 since 2008 • Currently migrating to SharePoint 2010 (over 80% complete) • Mostly used for internal department collaborations • Very little student use • Approximately 110 department sites • Approximately 750GB farm size • Some customized sites • Decentralized administration
What is Active Directory Federation Service (ADFS)? • Provides single sign-on to authenticate users to multiple web applications in a single session using token claims. • Allows organizations to provide access to trusted users from different domains. • Domain users and groups are encoded to claim identities • READ: How claims encoding works in SharePoint 2010
Why did Princeton choose ADFS for SP 2010? • Consistent authentication experience for a variety of clients using SharePoint 2010 from on-campus to all over the world • Improve security for authentication with SharePoint • Planning for the future migrating to Office 365 and using with other SSO applications. • Microsoft “encouragement” to use claims based authentication and providing limited support for classic authentication
Princeton SharePoint 2010 Environment • Two virtual ADFS servers • Three virtual SharePoint 2010 front-end servers • Two virtual SharePoint 2010 application servers • SQL Cluster backend with SAN storage • F5 Load Balancer • Firewall • AvePoint DocAve management
Is it an F5 issue? An ADFS issue? A SharePoint issue? • Our first experience with ADFS, SharePoint 2010, and F5 • Microsoft technical support going back and forth between ADFS and SharePoint teams for troubleshooting • Finding a trusted expert to assist us with integrating these services
ADFS Configuration Recommendations • Many useful resources are available • Primarily used Steve Peschka’s guide for configuring ADFS & SharePoint farm • Official Microsoft documentation • Expiration time of token signing certificate between ADFS and SharePoint (x509 certificate) • Determine ADFS session cookie timeout to work properly with SharePoint cookie timeout • Learn how the ForeFront Identity Manager interacts with the User Profile Sync Service in SharePoint 2010
ADFS ClaimsViewer Example
Migrating data between ADFS (SP 2010) and NTLM (SP 2007) • Microsoft AD Claims mapping scripts & tools • Third Party Tools – AvePoint DocAve • Mapping users and groups properly • DOMAINUSER to i:0ǵ.t|adfs 2.0|USER • DOMAINGROUP to c:0-.t|adfs 2.0|GROUP • Ensure AD Groups are listed as “Domain Group”
General Concerns #1 • Search Service Application requires an NTLM web application, but make sure you do not put search site in the Intranet zone. Use extranet, internet, or custom. Outlook uses intranet zone first as default when connecting to SharePoint. • Set session cookies to false (default) to ensure Office applications do not need to re-authenticate (use persistent cookies) • Investigate whether F5 should use source IP address or cookie based persistent type • Test Explorer View and Access DataSheet views to ensure they work properly (hotfix for Access)
General Concerns #2 • Built-in People Picker does not work effectively with ADFS. Build custom people picker or try open source people picker. • InfoPath is not fully supported with ADFS • Incoming email requires changes to properly map users with trusted identity provider • Test email-enabled AD Groups to ensure alerts work properly • “Sign In as Different User” does not work unless closing browser, run-as, or in-private browsing? • Test Macintosh Microsoft Document Connection • Meeting Attendee lists require full email address
Summary • Test, Test, Test – all clients, internal networks, internet, all critical functions • Monitor end-to-end validating ADFS and SharePoint are authenticating users properly • SharePoint 2013 does resolve many issues (especially with cookies) • Just found: A good summary experience from Red Cross
Next Steps? • Upgrading to SharePoint 2013 and Office 365 • Continue the discussion: • jkaram@Princeton.edu • LinkedIn (jkaram) • Yammer (jkaram) • Twitter (@jkaram)
Appendix: Incoming email Commands • Need to have latest CU installed for SP 2010 • Can run either: $w = Get-SPWebApplication $w.Properties["disable-active-directory-resolve"] = "true" $w.Properties["enable-trusted-resolve"] = "true" $w.Update() OR $farm = Get-SPFarm $farm.Properties["disable-active-directory-resolve"] = "true" $farm.Properties["enable-trusted-resolve"] = "true" $farm.Update()
Useful Security Powershell Commands • Get-SPTrustedIdentityTokenIssuer • Get-SPTrustedServiceTokenIssuer • Get-SPClaimProvider • Adding a new relying party trust to existing provider

Empfohlen

MindSurf 2013 - Improving Business Productivity with SharePoint 2013
MindSurf 2013 - Improving Business Productivity with SharePoint 2013MindSurf 2013 - Improving Business Productivity with SharePoint 2013
MindSurf 2013 - Improving Business Productivity with SharePoint 2013
Don Donais
 
Training – Introduction to SharePoint Online for Collaboration and Document M...
Training – Introduction to SharePoint Online for Collaboration and Document M...Training – Introduction to SharePoint Online for Collaboration and Document M...
Training – Introduction to SharePoint Online for Collaboration and Document M...
Suhail Jamaldeen
 
Webinar: The Slippery Slope of Migrating to SharePoint Online or On-Premise
Webinar: The Slippery Slope of Migrating to SharePoint Online or On-PremiseWebinar: The Slippery Slope of Migrating to SharePoint Online or On-Premise
Webinar: The Slippery Slope of Migrating to SharePoint Online or On-Premise
WithumSmith+Brown, formerly Portal Solutions
 
JAXSPUG April 2016 - Staying in the Know with Office 365
JAXSPUG April 2016 - Staying in the Know with Office 365JAXSPUG April 2016 - Staying in the Know with Office 365
JAXSPUG April 2016 - Staying in the Know with Office 365
Scott Hoag
 
The Future of SharePoint - SharePoint 2016
The Future of SharePoint - SharePoint 2016The Future of SharePoint - SharePoint 2016
The Future of SharePoint - SharePoint 2016
Don Donais
 
What's New and Different in SharePoint 2013
What's New and Different in SharePoint 2013What's New and Different in SharePoint 2013
What's New and Different in SharePoint 2013
Noorez Khamis
 
2012 MindSurf - Augmenting Business Process with SharePoint
2012 MindSurf - Augmenting Business Process with SharePoint2012 MindSurf - Augmenting Business Process with SharePoint
2012 MindSurf - Augmenting Business Process with SharePoint
Don Donais
 
2014 TechFuse - Findability Within SharePoint 2013
2014 TechFuse - Findability Within SharePoint 20132014 TechFuse - Findability Within SharePoint 2013
2014 TechFuse - Findability Within SharePoint 2013
Don Donais
 

Empfohlen

MindSurf 2013 - Improving Business Productivity with SharePoint 2013
MindSurf 2013 - Improving Business Productivity with SharePoint 2013MindSurf 2013 - Improving Business Productivity with SharePoint 2013
MindSurf 2013 - Improving Business Productivity with SharePoint 2013
Don Donais
 
Training – Introduction to SharePoint Online for Collaboration and Document M...
Training – Introduction to SharePoint Online for Collaboration and Document M...Training – Introduction to SharePoint Online for Collaboration and Document M...
Training – Introduction to SharePoint Online for Collaboration and Document M...
Suhail Jamaldeen
 
Webinar: The Slippery Slope of Migrating to SharePoint Online or On-Premise
Webinar: The Slippery Slope of Migrating to SharePoint Online or On-PremiseWebinar: The Slippery Slope of Migrating to SharePoint Online or On-Premise
Webinar: The Slippery Slope of Migrating to SharePoint Online or On-Premise
WithumSmith+Brown, formerly Portal Solutions
 
JAXSPUG April 2016 - Staying in the Know with Office 365
JAXSPUG April 2016 - Staying in the Know with Office 365JAXSPUG April 2016 - Staying in the Know with Office 365
JAXSPUG April 2016 - Staying in the Know with Office 365
Scott Hoag
 
The Future of SharePoint - SharePoint 2016
The Future of SharePoint - SharePoint 2016The Future of SharePoint - SharePoint 2016
The Future of SharePoint - SharePoint 2016
Don Donais
 
What's New and Different in SharePoint 2013
What's New and Different in SharePoint 2013What's New and Different in SharePoint 2013
What's New and Different in SharePoint 2013
Noorez Khamis
 
2012 MindSurf - Augmenting Business Process with SharePoint
2012 MindSurf - Augmenting Business Process with SharePoint2012 MindSurf - Augmenting Business Process with SharePoint
2012 MindSurf - Augmenting Business Process with SharePoint
Don Donais
 
2014 TechFuse - Findability Within SharePoint 2013
2014 TechFuse - Findability Within SharePoint 20132014 TechFuse - Findability Within SharePoint 2013
2014 TechFuse - Findability Within SharePoint 2013
Don Donais
 
Leveraging microsoft’s e discovery platform in your organization
Leveraging microsoft’s e discovery platform in your organizationLeveraging microsoft’s e discovery platform in your organization
Leveraging microsoft’s e discovery platform in your organization
Don Donais
 
SharePoint 2016 : C’est quoi les nouveautés?
SharePoint 2016 : C’est quoi les nouveautés?SharePoint 2016 : C’est quoi les nouveautés?
SharePoint 2016 : C’est quoi les nouveautés?
Vlad Catrinescu
 
SharePoint Online vs. On-Premise
SharePoint Online vs. On-PremiseSharePoint Online vs. On-Premise
SharePoint Online vs. On-Premise
Evan Hodges
 
Exploring SharePoint 2013 by Chandu Raj
Exploring SharePoint 2013 by Chandu RajExploring SharePoint 2013 by Chandu Raj
Exploring SharePoint 2013 by Chandu Raj
chanduraj1984
 
SharePoint Online (365) vs SharePoint On-Premises
SharePoint Online (365) vs SharePoint On-PremisesSharePoint Online (365) vs SharePoint On-Premises
SharePoint Online (365) vs SharePoint On-Premises
Lior Zamir
 
Share point 2010_overview-day 1
Share point 2010_overview-day 1Share point 2010_overview-day 1
Share point 2010_overview-day 1
Narayana Reddy
 
OneDrive For Business - What's new for IT Administrators and End-users
OneDrive For Business - What's new for IT Administrators and End-usersOneDrive For Business - What's new for IT Administrators and End-users
OneDrive For Business - What's new for IT Administrators and End-users
Learning SharePoint
 
Build SharePoint Online Workflows and Customize Forms Using Nintex for Office...
Build SharePoint Online Workflows and Customize Forms Using Nintex for Office...Build SharePoint Online Workflows and Customize Forms Using Nintex for Office...
Build SharePoint Online Workflows and Customize Forms Using Nintex for Office...
Suhail Jamaldeen
 
Beginners SharePoint introduction
Beginners SharePoint introductionBeginners SharePoint introduction
Beginners SharePoint introduction
Melick Baranasooriya
 
Introduction and What is New: Microsoft SharePoint 2013
Introduction and What is New: Microsoft SharePoint 2013Introduction and What is New: Microsoft SharePoint 2013
Introduction and What is New: Microsoft SharePoint 2013
David J Rosenthal
 
SharePoint Workflows - SharePoint Saturday Twin Cities April 2012
SharePoint Workflows - SharePoint Saturday Twin Cities April 2012SharePoint Workflows - SharePoint Saturday Twin Cities April 2012
SharePoint Workflows - SharePoint Saturday Twin Cities April 2012
Don Donais
 
SharePoint Saturday Paris 2015 Validating SharePoint 2013 Farm Before Go-Live
SharePoint Saturday Paris 2015 Validating SharePoint 2013 Farm Before Go-LiveSharePoint Saturday Paris 2015 Validating SharePoint 2013 Farm Before Go-Live
SharePoint Saturday Paris 2015 Validating SharePoint 2013 Farm Before Go-Live
Chirag Patel
 
Introduction to SharePoint 2013 by Michael Blumenthal
Introduction to SharePoint 2013 by Michael BlumenthalIntroduction to SharePoint 2013 by Michael Blumenthal
Introduction to SharePoint 2013 by Michael Blumenthal
Michael Blumenthal (Microsoft MVP)
 
Sharepoint and office 365 hybrid configuration from A to Z #spstoronto 2015
Sharepoint and office 365 hybrid configuration from A to Z #spstoronto 2015Sharepoint and office 365 hybrid configuration from A to Z #spstoronto 2015
Sharepoint and office 365 hybrid configuration from A to Z #spstoronto 2015
Nicolas Georgeault
 
SharePoint 2010 for Document Compliance
SharePoint 2010 for Document ComplianceSharePoint 2010 for Document Compliance
SharePoint 2010 for Document Compliance
ntenany
 
SharePoint Overview
SharePoint OverviewSharePoint Overview
SharePoint Overview
Amy Phillips
 
Maximizing Your Office 365 Investments With OneDrive
Maximizing Your Office 365 Investments With OneDriveMaximizing Your Office 365 Investments With OneDrive
Maximizing Your Office 365 Investments With OneDrive
Netwoven Inc.
 
Sharepointarchitecturereal worldscenariofundamentals-150419043032-conversion-...
Sharepointarchitecturereal worldscenariofundamentals-150419043032-conversion-...Sharepointarchitecturereal worldscenariofundamentals-150419043032-conversion-...
Sharepointarchitecturereal worldscenariofundamentals-150419043032-conversion-...
BIWUG
 
SharePoint 2013 features overview
SharePoint 2013 features overviewSharePoint 2013 features overview
SharePoint 2013 features overview
Qasim Mehmood MBA-PM
 
Getting Started with Site Designs and Site Scripts - SPSChi
Getting Started with Site Designs and Site Scripts - SPSChiGetting Started with Site Designs and Site Scripts - SPSChi
Getting Started with Site Designs and Site Scripts - SPSChi
Drew Madelung
 
Photography post processing examples
Photography post processing examplesPhotography post processing examples
Photography post processing examples
benrodol
 
Las vitaminas
Las vitaminasLas vitaminas
Las vitaminas
miguelgamer
 

Weitere ähnliche Inhalte

Was ist angesagt?

SharePoint Online vs. On-Premise
SharePoint Online vs. On-PremiseSharePoint Online vs. On-Premise
SharePoint Online vs. On-Premise
Evan Hodges
 
Exploring SharePoint 2013 by Chandu Raj
Exploring SharePoint 2013 by Chandu RajExploring SharePoint 2013 by Chandu Raj
Exploring SharePoint 2013 by Chandu Raj
chanduraj1984
 
Share point 2010_overview-day 1
Share point 2010_overview-day 1Share point 2010_overview-day 1
Share point 2010_overview-day 1
Narayana Reddy
 
OneDrive For Business - What's new for IT Administrators and End-users
OneDrive For Business - What's new for IT Administrators and End-usersOneDrive For Business - What's new for IT Administrators and End-users
OneDrive For Business - What's new for IT Administrators and End-users
Learning SharePoint
 
Beginners SharePoint introduction
Beginners SharePoint introductionBeginners SharePoint introduction
Beginners SharePoint introduction
Melick Baranasooriya
 
Introduction and What is New: Microsoft SharePoint 2013
Introduction and What is New: Microsoft SharePoint 2013Introduction and What is New: Microsoft SharePoint 2013
Introduction and What is New: Microsoft SharePoint 2013
David J Rosenthal
 
SharePoint 2010 for Document Compliance
SharePoint 2010 for Document ComplianceSharePoint 2010 for Document Compliance
SharePoint 2010 for Document Compliance
ntenany
 

Was ist angesagt? (20)

Leveraging microsoft’s e discovery platform in your organization
Leveraging microsoft’s e discovery platform in your organizationLeveraging microsoft’s e discovery platform in your organization
Leveraging microsoft’s e discovery platform in your organization
 
SharePoint 2016 : C’est quoi les nouveautés?
SharePoint 2016 : C’est quoi les nouveautés?SharePoint 2016 : C’est quoi les nouveautés?
SharePoint 2016 : C’est quoi les nouveautés?
 
SharePoint Online vs. On-Premise
SharePoint Online vs. On-PremiseSharePoint Online vs. On-Premise
SharePoint Online vs. On-Premise
 
Exploring SharePoint 2013 by Chandu Raj
Exploring SharePoint 2013 by Chandu RajExploring SharePoint 2013 by Chandu Raj
Exploring SharePoint 2013 by Chandu Raj
 
SharePoint Online (365) vs SharePoint On-Premises
SharePoint Online (365) vs SharePoint On-PremisesSharePoint Online (365) vs SharePoint On-Premises
SharePoint Online (365) vs SharePoint On-Premises
 
Share point 2010_overview-day 1
Share point 2010_overview-day 1Share point 2010_overview-day 1
Share point 2010_overview-day 1
 
OneDrive For Business - What's new for IT Administrators and End-users
OneDrive For Business - What's new for IT Administrators and End-usersOneDrive For Business - What's new for IT Administrators and End-users
OneDrive For Business - What's new for IT Administrators and End-users
 
Build SharePoint Online Workflows and Customize Forms Using Nintex for Office...
Build SharePoint Online Workflows and Customize Forms Using Nintex for Office...Build SharePoint Online Workflows and Customize Forms Using Nintex for Office...
Build SharePoint Online Workflows and Customize Forms Using Nintex for Office...
 
Beginners SharePoint introduction
Beginners SharePoint introductionBeginners SharePoint introduction
Beginners SharePoint introduction
 
Introduction and What is New: Microsoft SharePoint 2013
Introduction and What is New: Microsoft SharePoint 2013Introduction and What is New: Microsoft SharePoint 2013
Introduction and What is New: Microsoft SharePoint 2013
 
SharePoint Workflows - SharePoint Saturday Twin Cities April 2012
SharePoint Workflows - SharePoint Saturday Twin Cities April 2012SharePoint Workflows - SharePoint Saturday Twin Cities April 2012
SharePoint Workflows - SharePoint Saturday Twin Cities April 2012
 
SharePoint Saturday Paris 2015 Validating SharePoint 2013 Farm Before Go-Live
SharePoint Saturday Paris 2015 Validating SharePoint 2013 Farm Before Go-LiveSharePoint Saturday Paris 2015 Validating SharePoint 2013 Farm Before Go-Live
SharePoint Saturday Paris 2015 Validating SharePoint 2013 Farm Before Go-Live
 
Introduction to SharePoint 2013 by Michael Blumenthal
Introduction to SharePoint 2013 by Michael BlumenthalIntroduction to SharePoint 2013 by Michael Blumenthal
Introduction to SharePoint 2013 by Michael Blumenthal
 
Sharepoint and office 365 hybrid configuration from A to Z #spstoronto 2015
Sharepoint and office 365 hybrid configuration from A to Z #spstoronto 2015Sharepoint and office 365 hybrid configuration from A to Z #spstoronto 2015
Sharepoint and office 365 hybrid configuration from A to Z #spstoronto 2015
 
SharePoint 2010 for Document Compliance
SharePoint 2010 for Document ComplianceSharePoint 2010 for Document Compliance
SharePoint 2010 for Document Compliance
 
SharePoint Overview
SharePoint OverviewSharePoint Overview
SharePoint Overview
 
Maximizing Your Office 365 Investments With OneDrive
Maximizing Your Office 365 Investments With OneDriveMaximizing Your Office 365 Investments With OneDrive
Maximizing Your Office 365 Investments With OneDrive
 
Sharepointarchitecturereal worldscenariofundamentals-150419043032-conversion-...
Sharepointarchitecturereal worldscenariofundamentals-150419043032-conversion-...Sharepointarchitecturereal worldscenariofundamentals-150419043032-conversion-...
Sharepointarchitecturereal worldscenariofundamentals-150419043032-conversion-...
 
SharePoint 2013 features overview
SharePoint 2013 features overviewSharePoint 2013 features overview
SharePoint 2013 features overview
 
Getting Started with Site Designs and Site Scripts - SPSChi
Getting Started with Site Designs and Site Scripts - SPSChiGetting Started with Site Designs and Site Scripts - SPSChi
Getting Started with Site Designs and Site Scripts - SPSChi
 

Andere mochten auch

Las vitaminas
Las vitaminasLas vitaminas
Las vitaminas
miguelgamer
 
Silabus eksponen
Silabus eksponenSilabus eksponen
Silabus eksponen
Trya Wulanabi
 
CV-Atif_Ashraf-4
CV-Atif_Ashraf-4CV-Atif_Ashraf-4
CV-Atif_Ashraf-4
Atif Ashraf
 
Future of UX in 10 Years
Future of UX in 10 YearsFuture of UX in 10 Years
Future of UX in 10 Years
Kamaria Campbell
 
5 ALWAN
5 ALWAN5 ALWAN
5 ALWAN
Ibn Sooq
 
14984836 information-system-of-mcb
14984836 information-system-of-mcb14984836 information-system-of-mcb
14984836 information-system-of-mcb
Wasim Khan
 

Andere mochten auch (20)

Photography post processing examples
Photography post processing examplesPhotography post processing examples
Photography post processing examples
 
Las vitaminas
Las vitaminasLas vitaminas
Las vitaminas
 
De Rojas Sanchez, Xavier
De Rojas Sanchez, XavierDe Rojas Sanchez, Xavier
De Rojas Sanchez, Xavier
 
Appraisal method
Appraisal methodAppraisal method
Appraisal method
 
PPIT Lecture 18
PPIT Lecture 18PPIT Lecture 18
PPIT Lecture 18
 
DQ 'Oreo Blizzard' Styleframes
DQ 'Oreo Blizzard' StyleframesDQ 'Oreo Blizzard' Styleframes
DQ 'Oreo Blizzard' Styleframes
 
Mechanical/HVAC Engineer
Mechanical/HVAC EngineerMechanical/HVAC Engineer
Mechanical/HVAC Engineer
 
Silabus eksponen
Silabus eksponenSilabus eksponen
Silabus eksponen
 
Warm up (1Âş 2Âş eso)
Warm up (1Âş 2Âş eso)Warm up (1Âş 2Âş eso)
Warm up (1Âş 2Âş eso)
 
CV-Atif_Ashraf-4
CV-Atif_Ashraf-4CV-Atif_Ashraf-4
CV-Atif_Ashraf-4
 
Future of UX in 10 Years
Future of UX in 10 YearsFuture of UX in 10 Years
Future of UX in 10 Years
 
De Rojas Sanchez, Xavier
De Rojas Sanchez, XavierDe Rojas Sanchez, Xavier
De Rojas Sanchez, Xavier
 
5 ALWAN
5 ALWAN5 ALWAN
5 ALWAN
 
Bcfbigpicturepresentation 140911053445-phpapp01(1)
Bcfbigpicturepresentation 140911053445-phpapp01(1)Bcfbigpicturepresentation 140911053445-phpapp01(1)
Bcfbigpicturepresentation 140911053445-phpapp01(1)
 
Impacto ambiental
Impacto ambientalImpacto ambiental
Impacto ambiental
 
14984836 information-system-of-mcb
14984836 information-system-of-mcb14984836 information-system-of-mcb
14984836 information-system-of-mcb
 
PPIT Lecture 20
PPIT Lecture 20PPIT Lecture 20
PPIT Lecture 20
 
Offer cue The marketplace that changes everything
Offer cue The marketplace that changes everythingOffer cue The marketplace that changes everything
Offer cue The marketplace that changes everything
 
Never give up
Never give upNever give up
Never give up
 
Media power point on inception
Media power point on inception Media power point on inception
Media power point on inception
 

Ähnlich wie Spsnj case study 2014

AAK_Resume
AAK_ResumeAAK_Resume
AAK_Resume
Ashraf Khan
 
Practical Tips for Migrating SharePoint Customizations to Office 365
Practical Tips for Migrating SharePoint Customizations to Office 365Practical Tips for Migrating SharePoint Customizations to Office 365
Practical Tips for Migrating SharePoint Customizations to Office 365
Haniel Croitoru
 
Suresh_Kumar_Mahala [10729857]
Suresh_Kumar_Mahala [10729857]Suresh_Kumar_Mahala [10729857]
Suresh_Kumar_Mahala [10729857]
sureshmahala
 
Prepare for SharePoint 2016 - IT Pro best practices for managing your SharePo...
Prepare for SharePoint 2016 - IT Pro best practices for managing your SharePo...Prepare for SharePoint 2016 - IT Pro best practices for managing your SharePo...
Prepare for SharePoint 2016 - IT Pro best practices for managing your SharePo...
Toni Frankola
 
Ayana_4 years in Sharepoint
Ayana_4 years in SharepointAyana_4 years in Sharepoint
Ayana_4 years in Sharepoint
Ayana Banerjee
 
Anatomy of a mail app
Anatomy of a mail appAnatomy of a mail app
Anatomy of a mail app
SharePoint Saturday New Jersey
 

Ähnlich wie Spsnj case study 2014 (20)

AAK_Resume
AAK_ResumeAAK_Resume
AAK_Resume
 
Envision it SharePoint Extranet Webinar Series - Federation and Office 365
Envision it SharePoint Extranet Webinar Series - Federation and Office 365Envision it SharePoint Extranet Webinar Series - Federation and Office 365
Envision it SharePoint Extranet Webinar Series - Federation and Office 365
 
Introduction and What’s new in SharePoint 2013
Introduction and What’s new in SharePoint 2013Introduction and What’s new in SharePoint 2013
Introduction and What’s new in SharePoint 2013
 
Envision it SharePoint Extranet Webinar Series - Federation and SharePoint On...
Envision it SharePoint Extranet Webinar Series - Federation and SharePoint On...Envision it SharePoint Extranet Webinar Series - Federation and SharePoint On...
Envision it SharePoint Extranet Webinar Series - Federation and SharePoint On...
 
Practical Tips for Migrating SharePoint Customizations to Office 365
Practical Tips for Migrating SharePoint Customizations to Office 365Practical Tips for Migrating SharePoint Customizations to Office 365
Practical Tips for Migrating SharePoint Customizations to Office 365
 
What's New for IT Professionals in SharePoint Server 2013
What's New for IT Professionals in SharePoint Server 2013What's New for IT Professionals in SharePoint Server 2013
What's New for IT Professionals in SharePoint Server 2013
 
Moving to the cloud with Office 365
Moving to the cloud with Office 365Moving to the cloud with Office 365
Moving to the cloud with Office 365
 
Implementing and Managing Office 365 - Jacksonville IT Pro Camp 2017
Implementing and Managing Office 365 - Jacksonville IT Pro Camp 2017Implementing and Managing Office 365 - Jacksonville IT Pro Camp 2017
Implementing and Managing Office 365 - Jacksonville IT Pro Camp 2017
 
Thinakaran
ThinakaranThinakaran
Thinakaran
 
What's new in sharepoint 2016
What's new in sharepoint 2016What's new in sharepoint 2016
What's new in sharepoint 2016
 
Team Me Up Scotty SPSOslo w.Extending
Team Me Up Scotty SPSOslo w.ExtendingTeam Me Up Scotty SPSOslo w.Extending
Team Me Up Scotty SPSOslo w.Extending
 
How Atrium Health Implemented and Governs Office 365
How Atrium Health Implemented and Governs Office 365How Atrium Health Implemented and Governs Office 365
How Atrium Health Implemented and Governs Office 365
 
Suresh_Kumar_Mahala [10729857]
Suresh_Kumar_Mahala [10729857]Suresh_Kumar_Mahala [10729857]
Suresh_Kumar_Mahala [10729857]
 
MN Govt IT Symposium - SharePoint 2013 The Next Stage In Evolution
MN Govt IT Symposium - SharePoint 2013 The Next Stage In EvolutionMN Govt IT Symposium - SharePoint 2013 The Next Stage In Evolution
MN Govt IT Symposium - SharePoint 2013 The Next Stage In Evolution
 
HTF - Who Moved My SharePoint (to 2013)
HTF - Who Moved My SharePoint (to 2013)HTF - Who Moved My SharePoint (to 2013)
HTF - Who Moved My SharePoint (to 2013)
 
Prepare for SharePoint 2016 - IT Pro best practices for managing your SharePo...
Prepare for SharePoint 2016 - IT Pro best practices for managing your SharePo...Prepare for SharePoint 2016 - IT Pro best practices for managing your SharePo...
Prepare for SharePoint 2016 - IT Pro best practices for managing your SharePo...
 
What SharePoint is My Ferrari?
What SharePoint is My Ferrari? What SharePoint is My Ferrari?
What SharePoint is My Ferrari?
 
Ayana_4 years in Sharepoint
Ayana_4 years in SharepointAyana_4 years in Sharepoint
Ayana_4 years in Sharepoint
 
Replacing your fileshare with SharePoint 2013 Farm - SharePoint User Group UK...
Replacing your fileshare with SharePoint 2013 Farm - SharePoint User Group UK...Replacing your fileshare with SharePoint 2013 Farm - SharePoint User Group UK...
Replacing your fileshare with SharePoint 2013 Farm - SharePoint User Group UK...
 
Anatomy of a mail app
Anatomy of a mail appAnatomy of a mail app
Anatomy of a mail app
 

KĂźrzlich hochgeladen

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
Christopher Logan Kennedy
 

KĂźrzlich hochgeladen (20)

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 

Spsnj case study 2014

  • 1. Case Study: Transitioning to using Active Directory Federation Services with SharePoint 2010 Joe Karam Princeton University Office of Information Technology SharePoint Saturday New Jersey 2014
  • 2. New Jersey SharePoint user group • Different SharePoint discussions each month on various topics. Announced on meetup.com • Meets 4th Tuesday of every month • 6pm – 8pm • Microsoft Office (MetroPark) • 101 Wood Ave, Iselin, NJ 08830 • http://www.njspug.com
  • 3. Thank You Event Sponsors • Diamond & Platinum sponsors have tables here in the Fireside Lounge • Please visit them and inquire about their products & services • Also to be eligible for prizes make sure to get your bingo card stamped
  • 4. Agenda • introduction to SharePoint & ADFS @Princeton • advantages and concerns with transitioning to ADFS • configuration considerations with ADFS and SharePoint 2010 • issues with migrating data between NTLM and ADFS SharePoint environments • issues with using ADFS and AD Groups • cookie options with ADFS and impact on Office applications • troubleshooting issues with ADFS and user profile services • summary
  • 5. Princeton SharePoint Implementation • Using SharePoint 2007 since 2008 • Currently migrating to SharePoint 2010 (over 80% complete) • Mostly used for internal department collaborations • Very little student use • Approximately 110 department sites • Approximately 750GB farm size • Some customized sites • Decentralized administration
  • 6. What is Active Directory Federation Service (ADFS)? • Provides single sign-on to authenticate users to multiple web applications in a single session using token claims. • Allows organizations to provide access to trusted users from different domains. • Domain users and groups are encoded to claim identities • READ: How claims encoding works in SharePoint 2010
  • 7. Why did Princeton choose ADFS for SP 2010? • Consistent authentication experience for a variety of clients using SharePoint 2010 from on-campus to all over the world • Improve security for authentication with SharePoint • Planning for the future migrating to Office 365 and using with other SSO applications. • Microsoft “encouragement” to use claims based authentication and providing limited support for classic authentication
  • 8. Princeton SharePoint 2010 Environment • Two virtual ADFS servers • Three virtual SharePoint 2010 front-end servers • Two virtual SharePoint 2010 application servers • SQL Cluster backend with SAN storage • F5 Load Balancer • Firewall • AvePoint DocAve management
  • 9. Is it an F5 issue? An ADFS issue? A SharePoint issue? • Our first experience with ADFS, SharePoint 2010, and F5 • Microsoft technical support going back and forth between ADFS and SharePoint teams for troubleshooting • Finding a trusted expert to assist us with integrating these services
  • 10. ADFS Configuration Recommendations • Many useful resources are available • Primarily used Steve Peschka’s guide for configuring ADFS & SharePoint farm • Official Microsoft documentation • Expiration time of token signing certificate between ADFS and SharePoint (x509 certificate) • Determine ADFS session cookie timeout to work properly with SharePoint cookie timeout • Learn how the ForeFront Identity Manager interacts with the User Profile Sync Service in SharePoint 2010
  • 12. Migrating data between ADFS (SP 2010) and NTLM (SP 2007) • Microsoft AD Claims mapping scripts & tools • Third Party Tools – AvePoint DocAve • Mapping users and groups properly • DOMAINUSER to i:0Çľ.t|adfs 2.0|USER • DOMAINGROUP to c:0-.t|adfs 2.0|GROUP • Ensure AD Groups are listed as “Domain Group”
  • 13. General Concerns #1 • Search Service Application requires an NTLM web application, but make sure you do not put search site in the Intranet zone. Use extranet, internet, or custom. Outlook uses intranet zone first as default when connecting to SharePoint. • Set session cookies to false (default) to ensure Office applications do not need to re-authenticate (use persistent cookies) • Investigate whether F5 should use source IP address or cookie based persistent type • Test Explorer View and Access DataSheet views to ensure they work properly (hotfix for Access)
  • 14. General Concerns #2 • Built-in People Picker does not work effectively with ADFS. Build custom people picker or try open source people picker. • InfoPath is not fully supported with ADFS • Incoming email requires changes to properly map users with trusted identity provider • Test email-enabled AD Groups to ensure alerts work properly • “Sign In as Different User” does not work unless closing browser, run-as, or in-private browsing? • Test Macintosh Microsoft Document Connection • Meeting Attendee lists require full email address
  • 15. Summary • Test, Test, Test – all clients, internal networks, internet, all critical functions • Monitor end-to-end validating ADFS and SharePoint are authenticating users properly • SharePoint 2013 does resolve many issues (especially with cookies) • Just found: A good summary experience from Red Cross
  • 16. Next Steps? • Upgrading to SharePoint 2013 and Office 365 • Continue the discussion: • jkaram@Princeton.edu • LinkedIn (jkaram) • Yammer (jkaram) • Twitter (@jkaram)
  • 17. Appendix: Incoming email Commands • Need to have latest CU installed for SP 2010 • Can run either: $w = Get-SPWebApplication $w.Properties["disable-active-directory-resolve"] = "true" $w.Properties["enable-trusted-resolve"] = "true" $w.Update() OR $farm = Get-SPFarm $farm.Properties["disable-active-directory-resolve"] = "true" $farm.Properties["enable-trusted-resolve"] = "true" $farm.Update()
  • 18. Useful Security Powershell Commands • Get-SPTrustedIdentityTokenIssuer • Get-SPTrustedServiceTokenIssuer • Get-SPClaimProvider • Adding a new relying party trust to existing provider