Diese Präsentation wurde erfolgreich gemeldet.
Die SlideShare-Präsentation wird heruntergeladen. ×

SharePoint In The Cloud: Evaluating Impact, Pros, and Cons - SPLive360


Hier ansehen

1 von 109 Anzeige

Weitere Verwandte Inhalte

Diashows für Sie (20)

Andere mochten auch (17)


Ähnlich wie SharePoint In The Cloud: Evaluating Impact, Pros, and Cons - SPLive360 (20)

Weitere von Richard Harbridge (20)


Aktuellste (20)

SharePoint In The Cloud: Evaluating Impact, Pros, and Cons - SPLive360

  1. 1. SharePoint In The Cloud Evaluating Impact, Pros, and Cons Richard Harbridge Sr. SharePoint Architect/Evangelist Level: Beginner/Intermediate
  2. 2. SharePoint In The Cloud Evaluating Impact, Pros, and Cons Presented By: Richard Harbridge #SPLive360 @RHarbridge #SPLive360 @RHarbridge
  3. 3. Who am I? Boston Washington #SPLive360 @RHarbridge
  4. 4. Our Goal Today… From Here To Here #SPLive360 @RHarbridge
  5. 5. #SPLive360 @RHarbridge
  6. 6. #SPLive360 @RHarbridge
  7. 7. What Will We Cover Today? • Why is SharePoint in the Cloud? • What is SharePoint in the Cloud? • What is Office 365? • Concerns in the Cloud? • Evaluating Cloud Providers #SPLive360 @RHarbridge
  8. 8. Why is SharePoint in the Cloud? #SPLive360 @RHarbridge
  9. 9. More Customizations Important Concepts Software as a Service (SaaS) Less Complexity Platform as a Service (PaaS) Infrastructure as a Service (IaaS) #SPLive360 @RHarbridge
  10. 10. Minimal Entry Cost #SPLive360 @RHarbridge
  11. 11. Pay Per Use #SPLive360 @RHarbridge
  12. 12. Shift From CAPEX to OPEX #SPLive360 @RHarbridge
  13. 13. Providers Leverage Scale for Discounts #SPLive360 @RHarbridge
  14. 14. The Outcome Cloud enables on-demand computing resources to be rapidly provisioned with minimal management effort. #SPLive360 @RHarbridge
  15. 15. What to watch out for… While cloud is for everyone, it is not for everything (until solutions, usage and standards mature). #SPLive360 @RHarbridge
  16. 16. What is SharePoint in the Cloud? #SPLive360 @RHarbridge
  17. 17. SharePoint Cloud Models Trusted Un-trusted All-in Hybrid Hybrid SharePoint 2010 Collaboration Scenarios Exchange 2010 Doc Management Exchange 2010 Lync 2010 MySites Lync 2010 Extranet Extranet Public Facing Websites Public Facing Websites Demo/Dev/Test/Prod Demo/Dev/Test/Prod Demo/Dev/Test External Identity Provider Single Sign On (ADFS) External Identity Provider Dedicated/Shared #SPLive360 @RHarbridge Dedicated/Shared Dedicated/Shared
  18. 18. Stuff we manage in our SharePoint Containment Hierarchy Dedicated SharePoint cloud. Farm Servers Services Stuff we manage in our Web Applications Shared SharePoint cloud. Databases Site Collections Sites Libraries and Lists Folders and Document Sets #SPLive360 @RHarbridge Documents, Items and Pages
  19. 19. SharePoint Extranet On Premise Hosted Externally Hosted Environment Environment You Manage Firewall They Manage Firewall Exceptions/Access to Exceptions (most cases fully Environment public facing)/Access to Environment. You provision a new identity They provision an identity store. You manage two store. You still may manage identity stores. aspects of it based on business need. You support the environment They typically support the infrastructure. environment infrastructure. You plan for and invest in You pay for what you use sizable up front costs installing under their planned structures and configuring the (typically OPEX vs CAPEX). environment. #SPLive360 @RHarbridge
  20. 20. Amazon and SharePoint #SPLive360 @RHarbridge
  21. 21. Azure and SharePoint #SPLive360 @RHarbridge
  22. 22. What is Office 365? (Standard/Shared Hosting) #SPLive360 @RHarbridge
  23. 23. Getting Office 365 (or BPOS) Dedicated Evaluation Criteria • Do you have less than 5000 people? Not for you.  #SPLive360 @RHarbridge
  24. 24. But You Still Want Dedicated? • SPLA (Server Provider License Agreement) – Means hosting companies can offer competitive ‘dedicated’ hosting scenarios at lower costs. This is for you.  #SPLive360 @RHarbridge
  25. 25. Office 365 Marketing? #SPLive360 @RHarbridge
  26. 26. What does moving to Office365 mean? • Single Architecture • Initial deploy is still required to migrate data to Office 365 • AD clean up and network upgrade is often required • Hybrid phasing is often prolonged period of discomfort. • Balance between continuous innovations and minimize change • Customer controls IT policies but not feature availability • Understand your internal security and privacy requirements #SPLive360 @RHarbridge
  27. 27. Office 365 Feature Parity (Before 2013) Now Available with some caveats… • No external data search • No rich client integration • No profile pages • No direct connectivity to SQL Azure without a WCF endpoint. #SPLive360 @RHarbridge
  28. 28. More Stuff Missing? (Before 2013) • Project Server • Power Pivot • Secure Store Service • Full Trust Solutions • Not all Sandbox Solutions work? * #SPLive360 @RHarbridge - * Maurice Prather http://www.bluedoglimited.com/SharePointThoughts/ViewPost.aspx?ID=331
  29. 29. SharePoint Online Grows up in in the coming release Gest BCS Links Translation Improvem eDiscovery Workflow ents 2013 Services (Direct to SQL Azure) deep exchange online, lync online & New Cloud link office subscription UX app Hybrid model Search Power all new Shell features Quick SkyDrive + Records designed for Preview Pro Center the Cloud MDS PowerPiv Quick ot / Edit Power Mobile View apps Dev OData Site Site Project Mailbox refiners Online … and more. #SPLive360 @RHarbridge
  30. 30. So What is Still Different in 2013? SharePoint Online SharePoint 2013 Analytics, BI Excel Services, Power View, PowerPivot PerformancePoint Deep refinement, Search People/Expertise, hover card, enterprise search enhance relevancy Developer Cloud app model, Sandbox, CSOM, BCS Full-trust code, BCS+ Admin Tenant-level, PowerShell, IRM, Recycle Bin Central Administration Cross-site scripting, Internet Public Website, Design Manager, apps/store content by search eDiscovery, Records Center, Site Mailbox, Mobile, Newsfeed, Follow, #, @ ECM / Social dot dot dot #SPLive360 @RHarbridge
  31. 31. Hybrid Co-Existence Scenario Works Out of Box? SharePoint: Search Yes (Federated) SharePoint: BCS Yes (WCF Effort Required, No Profiles and BCS Search) SharePoint: Other Services No (Though Guidance Coming) (MMS, Workflow etc) Exchange Integration Limited (eDiscovery, Site Mailboxes, Task Synch – Read Documentation) Lync Integration Yes (Presence etc) #SPLive360 @RHarbridge
  32. 32. Configuration Overview (High Level) Office 365 Reverse Proxy and Certificate Auth UAG Dirsync MSOL Tools Identity Provider Dirsync and Tools Servers 2013 MSOL Tools ADFS Servers #SPLive360 @RHarbridge Config Secure Store oAuth Trust SharePoint Servers
  33. 33. Licensing Matters #SPLive360 @RHarbridge
  34. 34. Licensing Summary Name Price (Per User/Month) Details P – Professional $6.00 and Small Biz P = Limited toLync, SharePoint, Office users. Exchange, Apps less than 50 Web E1 – Enterprise $8.00 Exchange, Lync, SharePoint, Yammer Ent E2 – Enterprise $14.00 E1 + Office Web Apps E3 – Enterprise $20.00 E2 + Office Pro Plus, BCS, Excel Services, InfoPath Services, Visio Services, & Access Services E4 – Enterprise $22.00 E3 + Voice Capabilities (VOIP Stuff) K1 – Kiosk Worker $4.00 Exchange, SharePoint, Office Web Apps (View Only) K2 – Kiosk Worker $8.00 Exchange, SharePoint, Office Web Apps E/K - You can split your users (for cost savings). #SPLive360 @RHarbridge
  35. 35. Choosing Enterprise #SPLive360 @RHarbridge Only Enterprise has SSL (Both have it on sign in process.)
  36. 36. Quick Example 100 Users… Business Wants… • SharePoint 2010 Enterprise E3 - $20 per user per month… • Lync 2010 • Exchange 2010 $24,000.00 per year… • Office 2010 Professional Office 365 E3 Over 3 Years On Premises On Prem Costs (2010): Year 1 $24,000.00 Year 1 $88,708.00 • $3,500.00 in Services (Installation/Config) Year 2 $24,000.00 Year 2 $0.00 • $6,000.00 - Two Servers Year 3 $24,000.00 Year 3 $0.00 • $79,208.00 – Licensing Total $72,000.00 Total $88,708.00 Quick Total: $88,708.00 At +4 years = more expensive. Big investment? Consistent cost? More features/flexibility. #SPLive360 @RHarbridge *This is meant as only a simplified example scenario
  37. 37. What About SharePoint Standalone? Office 365 offers two Standalone plans for SharePoint. $4.00 $8.00 SP Online P1 Over 3 Years SP Standard On Premises On Prem Costs (2010): Year 1 $4,800.00 Year 1 $30,849.00 • $2,000.00 in Services • $6,000.00 - Two Servers Year 2 $4,800.00 Year 2 $0.00 • $22,849.00 – Max Licensing Year 3 $4,800.00 Year 3 $0.00 #SPLive360 $14,400.00 Total @RHarbridge Total $30,849.00 100 Users… *This is meant as only a simplified example scenario
  38. 38. External Users Subscription Licenses SharePoint Online Partner Access License The first 10,000 PAL licenses are free. Beyond this there are negotiated prices/sometimes exceptions are made, etc. SP Online Over 3 Years SP On Premises Year 1 $0.00 Year 1 $0.00 (2013) Year 2 $0.00 Year 2 $0.00 Year 3 $0.00 Year 3 $0.00 Total $0.00 Total $0.00 #SPLive360 @RHarbridge *This is meant as only a simplified example scenario
  39. 39. Understand Additional Costs Coming soon – Small Business Coming soon – Midmarket Coming soon – Enterprise Item In-Market - Enterprise 1-50 users 1-250 users 1-500,000+ users Base tenancy storage allocation 10 GB 10GB 10GB 10GB Storage per Standard E & P (allocated to tenant pool) 500 MB/user 500MB/user 500MB/user 500MB/user SkyDrive Pro (does not contribute to overall pool) 500 MB/user 7 GB 7 GB 7 GB Storage per Kiosk Worker 0 0 0 0 Storage per External User 0 0 0 0 Site Collection storage quotas Up to 100 GB Up to 100 GB Up to 100 GB Up to 100 GB Total max storage per tenant Up to 25 TB Up to 35GB Up to 1.25 TB Up to 25TB Maximum file upload size 250MB Designing for 2GB Designing for 2GB Designing for 2GB Site collections (total #)* 300 1 20 3,000 Additional storage $2.50 (per GB per month) $0.20/GB/month $0.20/GB/month $0.20/GB/month 0.20/GB/month* *Price lowered in the second service update of Office 365 SharePoint Online. #SPLive360 @RHarbridge
  40. 40. The Outcome We barely scratched the surface with SharePoint in the Cloud but have already seen many ‘trade off’ decision points we should be aware of. #SPLive360 @RHarbridge
  41. 41. What to watch out for… Without careful planning cloud providers can cause considerable cost due to new challenges such as migration and identity federation. #SPLive360 @RHarbridge
  42. 42. Concerns In The Cloud #SPLive360 @RHarbridge
  43. 43. BPOS to Office 365? Microsoft is responsible for any changes that happen in its 1. Customers will not have to migratedata; data. datacenters. Customers will not have to migrate any any however, customers will be responsible for making sure that 2. client software is have SharePoint 2010 their You need to compliant with the system requirements. See Office 365 system requirements compatible client software/systems. download.microsoft.com/download/A/6/4/A6479925-C7D2- 4C4C-A21B-48BCCF8887A9/FAQ_EN_101010.docx. 3. You have to train users on the new 2010 interface. Customers will also be responsible for end-user training and configuring any new features and capabilities that will be delivered by Office 365. #SPLive360 @RHarbridge http://www.microsoft.com/online/transition-center.aspx
  44. 44. Office 365 – 2013 Upgrade #SPLive360 @RHarbridge
  45. 45. Identity Options in the Cloud #SPLive360 @RHarbridge
  46. 46. Unique Development Challenges How do you deploy a site structure to #Office365? • Limited/No PowerShell • No Console Apps • No Content Database Copy Site Templates and Migration Tools Could Work… #SPLive360 @RHarbridge
  47. 47. Search Challenges (Before 2013) No search usage statistics? Remember! We #SPLive360 @RHarbridge .
  48. 48. A Few Problems After 2013… #SPLive360 @RHarbridge
  49. 49. #SPLive360 @RHarbridge
  50. 50. Cost Modeling #SPLive360 @RHarbridge
  51. 51. Security Can be an issue, but most of the time is not. The real issue is lack of standards and accountability… If it’s a bigger and more respectable hosting provider expect a better level of accountability and security planning/activity. #SPLive360 @RHarbridge
  52. 52. Security Program “We ended up with around 800 preventive, detective and corrective controls that were physical, administrative and technical. Then we took the defense-in-depth approach and put the controls throughout the stack.” #SPLive360 @RHarbridge - John Howie, Microsoft
  53. 53. Privacy Program #SPLive360 @RHarbridge
  54. 54. What is more reliable? #SPLive360 @RHarbridge
  55. 55. #SPLive360 @RHarbridge
  56. 56. What is the Offline Story? #SPLive360 @RHarbridge
  57. 57. Service Level Agreements #SPLive360 @RHarbridge
  58. 58. Support Is Important As an example Microsoft provides 24/7 support. Google also provides 24/7 support. However Google Apps has a rule where only system critical events that affect more than 50% of users can use their phone support. Don’t forget that with all cloud based providers – you are also adding another layer between IT and the business users. Example Issue: Can a you put a stop to a providers maintenance schedule so that a #SPLive360 @RHarbridge finish a critical deliverable without interruption? business team can
  59. 59. Termination/Suspension of Service #SPLive360 @RHarbridge
  60. 60. Other Issues? • Since the startup costs are lower organizations can run the risk of not doing enough planning. • Migrating content can be extremely difficult depending on what options are provided by the ‘cloud provider’. #SPLive360 @RHarbridge
  61. 61. On Integration #SPLive360 @RHarbridge
  62. 62. LAN vs WAN #SPLive360 @RHarbridge
  63. 63. The Outcome Offloading some management activities to another provider results in additional planning and consideration. #SPLive360 @RHarbridge
  64. 64. What to watch out for… Challenges and concerns are different for every cloud provider. #SPLive360 @RHarbridge
  65. 65. Evaluating Cloud Providers #SPLive360 @RHarbridge
  66. 66. Questions To Ask Security • How do I know if my cloud is secure? • Who will have access to my sensitive data? • Do I have full ownership of my data? • What type of employee / contractor screening you do, before you hire them? • How do you detect if an application is being attacked (hacked), and how is that reported to me and my employees? • How do you control administrator access to the service? • What firewalls are in place? • What anti-virus technology is in place? • Can I get virtual layer 2 networking and a stateful virtual firewall? #SPLive360 @RHarbridge Evaluating Cloud Providers
  67. 67. Questions To Ask Storage • Where will my data be stored? • Will my data be replicated to any other datacenters around the world (If yes, then which ones)? • What controls do you have in place to ensure safety for my data while it is stored in your environment? • Can you tell me where my data physically resides? • Data Center Location? • How many live copies of my data are there? • What happens to my data if I cancel my service? #SPLive360 @RHarbridge Evaluating Cloud Providers
  68. 68. Questions To Ask Identity & Access • Do you offer single sign-on for your services? • Can I get flexible role-based access control synchronized with my enterprise directory? • Do all of my users have to rely on solely web based tools? • Can users work offline? • Do you offer a way for me to run your application locally and how quickly I can revert to the local installation? #SPLive360 @RHarbridge Evaluating Cloud Providers
  69. 69. Questions To Ask Reliability & Support • What is your Disaster Recovery and Business Continuity strategy? • How do you back up data? • What is the retention period and recovery granularity? • Is your Cloud Computing service SAS70 compliant? • What measures do you provide to assist compliance and minimize legal risk? • Who do I contact for support? • What types of support do you offer? • Are there additional support options available to me? #SPLive360 @RHarbridge Evaluating Cloud Providers
  70. 70. Questions To Ask Performance • How fast is the local network? • What is the storage architecture? • Usually storage will be the slowest link. • How can I ensure global consistency across cloud service providers? • How many locations do you have and how are they connected? • How many IOPS can I expect at each I/O performance level? • How does your memory access score on the STREAM benchmark? • How does your virtualization system score on the SPECvirt benchmark? #SPLive360 @RHarbridge Evaluating Cloud Providers
  71. 71. Questions To Ask Flexibility (Part 1) • Am I able to load my own VMs? • Am I able to install software? • What virtualization technology is being used? • Are there additional abstraction layers? • Can I dynamically add memory and CPU to a cloud VM while it’s running? • How can I ensure CPU and memory are guaranteed? • What access protocols are available? • RDP, VNC, ICA, Console, SSH… • Over non standard ports? #SPLive360 @RHarbridge Evaluating Cloud Providers
  72. 72. Questions To Ask Flexibility (Part 2) • What configuration options do I have? • Can I add memory? • Can I add storage? • Can I use public IPs? • What domain name mapping options do I have? • Can I have multiple environments per user? • Can I archive environments? • What supporting tools are there? • Active directory integration • User management #SPLive360 @RHarbridge Evaluating Cloud Providers
  73. 73. Questions To Ask Flexibility (Part 3) • Do you offer on-premise, web-based, or mixed environments? • Will the solution work with what I have in place today? • What pricing, licensing, and payment options are available to me? • What are the client requirements? • How often do these change? Example: Must I upgrade my browser to take advantage of new features? #SPLive360 @RHarbridge Evaluating Cloud Providers
  74. 74. Questions To Ask Costs • Can I get predictable service costs that still allow me to scale when I need to? • How can I get the cost benefits of multi-tenancy but still access dedicated infrastructure when I need it? • How do you define a processor / virtual core / Compute Unit? • What are your SLAs and how do you compensate when it is not met? • During maintenance windows? Planned vs surprises • What happens when there is over subscription? • Can I leverage my existing Agreements? #SPLive360 @RHarbridge Evaluating Cloud Providers
  75. 75. Tools You Can Use #SPLive360 @RHarbridge
  76. 76. Service Management Index Carnegie Mellon launched an initiative for standardized risk and benefit comparisons. It’s called the Cloud Service Measurement Initiative Consortium (CSMIC) #SPLive360 @RHarbridge Service Management Index
  77. 77. Cloud Sleuth Viewers #SPLive360 @RHarbridge Global Provider View Cloud Performance Analyzer
  78. 78. Cloud Harmony Benchmarks #SPLive360 @RHarbridge
  79. 79. Consensus Assessments Initiative #SPLive360 @RHarbridge
  80. 80. The Outcome You now have an arsenal of key questions/tools you can use to evaluate a cloud provider effectively. #SPLive360 @RHarbridge
  81. 81. What to watch out for… Trust but verify. Carefully review policies, terms, conditions, and agreements. #SPLive360 @RHarbridge
  82. 82. Thank You Organizers, Sponsors and You for Making this Possible. Questions? Ideas? Feedback? Contact me:  Twitter: @RHarbridge  Blog: http://www.RHarbridge.com  Email: Richard@RHarbridge.com  Resources: 700+ SharePoint IA Slides at.. PracticalIntranet.com 130+ SharePoint Standards at.. SPStandards.com 15 Pages of Important Questions at.. SharePointDiagnostics.com #SPLive360 @RHarbridge
  83. 83. Appendix/Resources #SPLive360 @RHarbridge
  84. 84. Main SharePoint Online marketing site: http://sharepoint.microsoft.com/en-us/SharePoint-Online/Pages/default.aspx Primary Office 365 marketing site: http://www.office365.com Trials, 100-200 level customer-facing info Contains info about BPOS suite and SPO 30-Day trial SharePoint Online developer resource center (MSDN): http://go.microsoft.com/fwlink/?LinkId=203983 SharePoint Online Administration resource center (TechNet): http://technet.microsoft.com/sharepoint/gg144571.aspx ‘Help and How-to’ for SharePoint Online (Office.com): http://office.microsoft.com/redir/FX102052854.aspx #SPLive360 @RHarbridge
  85. 85. Microsoft Privacy Guidelines for Developing Software Products and Services http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=16048 Cloud Computing Security Considerations paper (by Microsoft) can be found here: http://go.microsoft.com/?linkid=9708479 Office 365: Addressing Cloud Computing Security Considerations http://download.microsoft.com/download%2F2%2F2%2F0%2F220AE513-4A01-4D95- 9275-11E71215A0C2%2FCloudSecurityConsiderations_MicrosoftOffice365.pdf Pain Point: http://community.office365.com/en-us/f/148/t/3388.aspx #SPLive360 @RHarbridge
  86. 86. Sign Up For Office365 Developer Site (2013) http://msdn.microsoft.com/en-us/library/fp179924%28v=office.15%29.aspx Office and SharePoint App Development: http://msdn.microsoft.com/en-us/library/jj220038%28v=office.15%29.aspx Available on TechNet - http://aka.ms/oht1dx On-premises -> SPO configuration steps Additional details for non-SharePoint steps Identity provider and SSO DirSync MSOL Sign-In Assistant MSOL Module for Windows PowerShell #SPLive360 @RHarbridge
  87. 87. Evolution? #SPLive360 @RHarbridge Elasticity is not cloud computing…
  88. 88. Evolution? #SPLive360 @RHarbridge Elasticity is not cloud computing…
  89. 89. Evolution? #SPLive360 @RHarbridge Elasticity is not cloud computing…
  90. 90. Cloud = Hosting (Not New) #SPLive360 @RHarbridge
  91. 91. #SPLive360 @RHarbridge
  92. 92. Transitioning to the Cloud • • • • • #SPLive360 @RHarbridge
  93. 93. SharePoint 2013 Features #SPLive360 @RHarbridge
  94. 94. SharePoint – Intranet - Feature Tiering #SPLive360 @RHarbridge
  95. 95. Reverse Proxy and Authentication* When using hybrid features o365 sends requests from Office 365 sites in the cloud to your on-prem farm You need to establish a reverse proxy for these calls to be channeled through to secure the process Those requests can be authenticated at the reverse UAG proxy before they are forwarded to SharePoint SharePoint supports using a certificate for Dirsync and Tools Servers authenticating to the reverse proxy server when ADFS Servers sending a request SharePoint Servers #SPLive360 @RHarbridge
  96. 96. Reverse Proxy Requirements Office 365 A reverse proxy used for hybrid must support the following requirements: 2 network cards - one connected to the Internet and the other to the internal company network UAG Route inbound SSL traffic to the on-premises SharePoint farm without rewriting packet headers Support SSL termination Dirsync and Tools Servers We currently support two reverse proxy servers: ADFS Servers Microsoft - Forefront Unified Access Gateway (UAG) SharePoint Servers F5 - Big IP We plan to add more as they are tested for compatibility #SPLive360 @RHarbridge
  97. 97. Reverse Proxy Configuration These are the high level steps for configuring UAG for Office 365 hybrid: Configure the network in UAG using the Getting Started Wizard Add an HTTPS trunk Install an SSL certificate for the endpoint; it must: UAG Support the names for both the public HTTPS trunk and SharePoint site Use 2048 bit length encryption; shorter lengths WILL NOT WORK! Dirsync and Tools Servers Add the PFX in the UAG’s local certificate store Publish the SharePoint site collection; use the SharePoint Server ADFS Servers 2010 Web type SharePoint Servers See your Reverse Proxy s/w documentation for full details #SPLive360 @RHarbridge
  98. 98. Identity Provider Office 365 In order to have a single-sign on experience, you need a federated identity provider like ADFS This requires the following: 2 or more load balanced ADFS servers UAG An SSL certificate for the ADFS site A proxy device, like the ADFS proxy server For details on planning and implementation options see Dirsync and Tools Servers http://technet.microsoft.com/en-us/library/jj151794 ADFS Servers All users must have a UPN of a registered domain (i.e. SharePoint Servers “.local” or similar suffixes will not work) #SPLive360 @RHarbridge
  99. 99. MSOL Tools You will need tools from MS Online (MSOL) in order to Office 365 complete the next set of tasks: Microsoft Online Services Sign-In Assistant Microsoft Online Services Module for Windows PowerShell (MSOL PS) UAG The Directory Synchronization Tool (dirsync) NOTE: This cannot be installed on a domain controller You will need to run these on a SharePoint server to Dirsync and Tools Servers configure trust with ACS ADFS Servers Setting up dirsync and SSO trust is typically done on its SharePoint Servers own server #SPLive360 @RHarbridge
  100. 100. SSO with o365 Office 365 Install the MSOL PS snap-in to a local server; can be the same server being used for dirsync Set up a federation trust between o365 and ADFS using MSOL PS Use the Connect-MsolService cmdlet to authenticate and connect to o365 UAG Use the New-MsolFederatedDomain to start the process to establish the trust Update DNS as instructed by the cmdlet Or alternatively: Dirsync and Tools Servers Use the Office 365 Admin web page to create a new domain trust – follow the instructions in the domains section ADFS Servers Use MSOL PS to run the Convert-MsolDomainToFederated cmdlet For more info see http://technet.microsoft.com/en- SharePoint Servers us/library/jj151794 #SPLive360 @RHarbridge
  101. 101. DirSync with o365 Office 365 UAG Dirsync and Tools Servers • Grant accounts licenses to SharePoint, etc. ADFS Servers • Log out then login as an Active Directory user using your Identity Provider (i.e. SharePoint Servers ADFS) http://technet.microsoft.com/en- us/library/hh967642.aspx #SPLive360 @RHarbridge
  102. 102. SharePoint Configuration Tasks These things need to be configured in SharePoint to support hybrid: New SharePoint STS Token Signing Certificate Configure a trust between SharePoint on-prem and ACS Configure Secure Store Configure UPA Try out Search or BCS! #SPLive360 @RHarbridge
  103. 103. New SharePoint STS Token Signing Certificate You need to replace the default token signing certificate for the SharePoint STS because Access Control Service (ACS) will not trust it You can replace it with: A certificate issued by a public certificate authority like Verisign, GoDaddy, Thawte, etc. – RECOMMENDED A new self-signed certificate that you can create in the IIS Manager Domain-issued certificates DO NOT WORK Use the Set-SPSecurityTokenServiceConfig with the – ImportSigningCertificate flag to change the token signing certificate #SPLive360 @RHarbridge
  104. 104. Configure Trust Between SharePoint and ACS Previously you created a federated trust for users to sign into o365 Now you need to create an OAuth trust for applications to exchange data between o365 and on-prem Using MSOL PowerShell (on prem): Create an AppPrincipal using New-MsolServicePrincipalCredential Create a proxy to ACS using New-SPAzureAccessControlServiceApplicationProxy Complete the trust using New-SPTrustedSecurityTokenIssuer Complete detailed instructions are available in the documentation described at the end of this session #SPLive360 @RHarbridge
  105. 105. Configure Secure Store The Secure Store Service is used to create an application that stores the certificate used to authenticate with the UAG HTTPS trunk In o365 create a new Secure Store Service target application Save the Target Application ID name because you will use that when configuring a result source In the credentials field configure it as a Certificate Password Click the Set button for the Credentials Browse to the certificate CER file that was used for the UAG HTTPS trunk; leave the password fields blank Complete detailed instructions are available in the documentation described at the end of this session #SPLive360 @RHarbridge
  106. 106. Configure UPA It’s critically important that you: Have a UPA up and running Have it populated with current data from Active Directory We use the UPA on the local farm to determine what rights a user has – what claims they have, what groups they belong to, etc. With a hybrid solution, anything that you grant rights to needs to be in the profile system E.g., if you augment claims on-prem and use a custom claims provider to grant rights to content using those claims, an o365 user would not see that data because those custom claims are not added when you login to o365 More details at http://blogs.technet.com/b/speschka/archive/2012/08/15/oauth-and-the- rehydrated-user-in-sharepoint-2013-how-d-they-do-that-and-what-do-i-need- to-know.aspx #SPLive360 @RHarbridge
  107. 107. BCS Hybrid Scenario #SPLive360 @RHarbridge
  108. 108. #SPLive360 @RHarbridge
  109. 109. Thank You Organizers, Sponsors and You for Making this Possible. Questions? Ideas? Feedback? Contact me:  Twitter: @RHarbridge  Blog: http://www.RHarbridge.com  Email: Richard@RHarbridge.com  Resources: 700+ SharePoint IA Slides at.. PracticalIntranet.com 130+ SharePoint Standards at.. SPStandards.com 80+ Downloadable Presentations.. SlideShare.com/RHarbridge #SPLive360 @RHarbridge

Hinweis der Redaktion

  • Software as a Service (SaaS)- Finished Apps that customers rent and customize. Examples are Salesforce.com, Office365, etc.Infrastructure as a Service (IaaS) Standardized and virtualized infrastructure hardware, software and services that can operate any set of appsExamples: Amazons Elastic Cloud Computing (EC2) PlatformPlatform as a Service (PaaS)Standardized dev and app platform that abstracts the infrasturcture, OS, and middleware to drive dev productivity. Examples: Azure Services…
  • Keep your attention on traditional outsourcing models. Issues of technology maturity, security, legacy systems, licensing, data ownership, and weak or absent standards are still significant today, and these hurdles to cloud adoption will ensure a long life for traditional outsourced IT service delivery. Rapid changes in this space mean that IT services clients should consider cloud options now and in the future, but traditional service models will remain.
  • Early Adopter - Aggressively move ‘all’ content to the cloud ASAPRisk Averse - Sign up for SPO trial; Evaluate experience and ROITypical - Freeze on-premises site creation; Move some content
  • The way we use them now – ExtranetCreate Machines on DemandSpot Instances Allow For Bid On CapacitySpot Price HistoryExtremely Fast Provisioning of Machine < 10 MinutesFull Admin Rights (RDP)Random Unique Password GeneratedLatest Version of WindowsSQL Database ServicesLatest Version of SQLRemote Powershell EnabledCustom Firewall PortsIIS Enabled By DefaultIntegrated MonitoringDownload and Install Any AppVM Snapshots On DemandVM Snapshot Status
  • The way we use them now – ExtranetCreate Machines on DemandSpot Instances Allow For Bid On CapacitySpot Price HistoryExtremely Fast Provisioning of Machine < 10 MinutesFull Admin Rights (RDP)Random Unique Password GeneratedLatest Version of WindowsSQL Database ServicesLatest Version of SQLRemote Powershell EnabledCustom Firewall PortsIIS Enabled By DefaultIntegrated MonitoringDownload and Install Any AppVM Snapshots On DemandVM Snapshot Status
  • If you are over 5000 note that you can have Microsoft potentially be your SharePoint dedicated hosting provider. This however has a premium cost (with some advantages).
  • Microsoft® Office 365delivers the power of cloud productivity to businesses of all sizes, helping to save time, money and free up valued resources. Office 365 combines the familiar Office desktop suite with cloud-based versions of Microsoft’s next-generation communications and collaboration services: Exchange Online, SharePoint Online and Lync Online. Office 365 is simple to use and easy to administer – all backed by the robust security and guaranteed reliability you expect from a world-class service provider.Microsoft Office 365 Includes:Microsoft® Office Professional PlusThe world’s leading productivity tool now seamlessly connected and delivered with cloud services – for the best productivity experience across the PC, Phone and Browser.Exchange OnlineCloud-based email, calendar and contacts with always-up-to-date protection from viruses and spam.SharePoint OnlineCloud-based service for creating sites to connect colleagues, partners and customers.Lync OnlineCloud-based instant messaging, presence, and online meeting experiences with PC-audio, video conferencing and screen sharing. Key Microsoft Office 365 Benefits:Anywhere-access to email, documents, contacts, and calendars on nearly any device Work seamlessly with Microsoft Office and the other programs your users already count on everydayBusiness-class features including IT-level phone support,  guaranteed 99.9% uptime, geo-redundancy, and disaster recoveryPay-as-you-go pricing options which give you predictability and flexibility for all or part of your organizationLatest version of Business Productivity Online Suite (BPOS), which has millions of business users today Microsoft® Office 365 for small businesses offers an easy-to-use set of web-enabled tools for small businesses, independent consultants and professionals looking for business-class productivity services. Working with the tools people know and use today, Office 365 provides anywhere access to email, important documents, contacts, and calendars on nearly any device. It’s free for the first 30 days and then just $6 per user per month. Microsoft® Office 365 for enterprises brings together cloud versions of our trusted communications and collaboration software with our familiar Office Professional Plus desktop suite. It is designed to help meet your IT needs for robust security, 24/7 reliability, and user productivity.We have a variety of plans to meet the needs of businesses of all sizes and varying IT needs. Priced from $2 - $28 per month per user, each plan has the same 99.9% uptime guarantee and includes the security and support you expect from Microsoft. Office 365 offers great flexibility by allowing businesses to provide users access to only the services they need and pay-as-you-go pricing options.
  • $2.3B+ Investment in cloud infrastructureGeo-Redundant Data CentersLocations in North America, Europe, and Asia to provide optimal performance99.9% guaranteed uptime (99.95% actual) – ~9 hours a yearSecure Infrastructure – ISO27001 and SAS70 certifiedBuilt from the ground up to be environmentally sustainable
  • Office 365 Services Can Not Be Customized. As a standard service, Office 365 cannot accommodate change requests or customizations that deviate from our Office 365 service descriptions. If customizations are required to solve the business problem, an on-premises or partner-hosted solution might be a good customer fit.  Be Transparent with Customers Regarding Real Deployment Timelines and Migration Costs. While customers know to expect lower total overall IT costs with cloud services, they need to be better informed about cloud deployment costs. Office 365 deployments range from straightforward to highly complex, depending upon variables like the complexity of their environment. Office 365 Services Are Not the Sameas On-Premises Solutions.  Our world-class offerings provide customers with the best productivity experience across the PC, phone and browser. Office 365 services give customers access to the most commonly used business productivity features and capabilities, supported by standardized operational processes. This model achieves the economies of scale required to pass cost savings through to our service customers. 
  • ‘Unified’ Search results combining online and customer site sources. (Targeted for W15)FAST Search which includes features such as thumbnails, previews, contextual search, visual best bets, and deep search refinement. Targeted for W15.PerformancePoint Services. Targeted for W15.PowerPivot is unable to connect to external services. Targeted for release in FY12.Sandbox Solutions are targeted at the site collection level. Alternatives to higher-end custom solutions (full-trust code) are targeted for FY12 and W15.
  • Search Improvements (Federation) - Connector so query goes to both indexes.GEST Links (Cloud Only) - Only DocumentsPower Shell enhancementsImproved BCS - Direct to SQL AzureNative Mobile Apps (Windows Phone App - SP News Feed App from MS)Powerview and PowerPivot in SP OnlineProject Online!NAPA - Developer Site Collection (For Developer Scenarios)Anonymous Access - Public Sites - 1 Public Site Per TenantSkydrive Pro (Sync Personal Library, etc) - Will go to 7GB from 500MBBI - Powerview, PowerPivot, Excel Services - Issue is using these services on data stored off cloud... (this feature set basically doesn't work for online - based on transfer ratesPowerPivot Gallery (not supported).WCF EndPoint (Translation Talk Between Both) - Wiring Up BCS - Then Model for Talking to Source SystemBCS for Profile - BCS for search - both not in o365Site Collection Deletion can be restored by tenant now (no support call!)Promoted SitesSite Collection Recycling BinBetter External SharingAdjust User Profile Properties/Level Of Self-ManagementSend To Connections for RMWay More Search ManagementIRM... Self Service Site Creation...
  • Flexibility Note: Some Businesses are deploying MySites on Office365 in Trusted scenarios but having the primary document management and collaboration on premises.
  • ADFS get’s expensive fast. First you have 2-4 additional servers. You need 2 for availability and if your AD is being connected to any one elses AD you actually probably need 4 (though 2 of those might be paid for by the other party.)Next you need to understand and manage ADFS. Not a simple decision from an investment standpoint.Enteprise class feature etc.
  • These non-SharePoint things need to be configured to support hybrid:Reverse Proxy and certificate authentication*Identity Provider (ADFS or Shibboleth for o365)MSOL ToolsSSO with o365DirsyncOnly required if you are consuming on-prem data in o365 (Technically not 100% required, but the risk of DoS is there, so it would not make sense to not do this).
  • Going from Small Business to Enterprise…20 Users… Now 40 Users… Next Year 52 Users…Manual Migration?! You can split these. Example: Internal vs external can have different plans. E1 for external. E2, E3 for internal. Named licenses which means if you can have up to 500 users on a project you might need to scope for 500 licenses. 
  • SharePoint Server – $4926.00 + Windows Server $726.00 x 2 + Minimum of $7,171.00 SQL license and then $9,300.00 in Standard CAL licenses.
  • http://download.microsoft.com/download/6/8/9/68964284-864d-4a6d-aed9-f2c1f8f23e14/Assessing_SharePoint_Server_Licensing.docxEvery Office 365 SharePoint Online customer (at the tenant level, not per subscription) includes 50 Partner Access Licenses (PALs) that can be leveraged for external sharing. Customers are not currently required to obtain additional PALs for external sharing beyond 50 users with a limit of 1000 until the next major update of the Office 365 service at which time Microsoft may choose to make it available as a paid add-on.Microsoft supports invited external users signing in to the service using a Microsoft Online Services ID.External sharing also supports Windows Live ID, including @Live.com, @Hotmail.com and @MSN.com user names, plus regional derivations of LiveID user names.EasiID, the portion of LiveID that allows external users to associate their business email address (ex: user@contoso.com) to the LiveID system, is not supported at this time.
  • Upgrade for 2013 is by choice for existing customers. Site collection by site collection upgrades. Or powershell etc.Eval Site Collection Copy Available (Queue data not available yet)Mysite Upgrade process is part of the core upgrade (for the MySite host then it goes through the rest in a queue process)
  • Navigation has to be planned – how do we create consistency between the SharePoint environments?By default the Office 365 top bar provides some additional quick access functions, so you have to determine how you want to deal with that.Each environment must have a UPA/User Profiles – Now we do have synching so that helps keep them connected, however it is entirely possible that you have two sets of social data/my sites. …
  • 4… Result sets are in blocks, so due to ranking challenges and relevancy they are always treated as a block of results. Refiners etc all work, but still really a distinct set of results in a unified UI.5. Metadata is managed in one location, and with proxy/synching methods you can keep consistency, but this requires effort and planning.
  • Subscription costs do not include implementation costs.SharePoint is a platform. So it’s not just install and configure work that needs to be done. There are implementation costs of building out your site structure, or configuration work with the OOTB vanilla sites.Really you are just shifting the costs for handling cords and basic networking/infrastructure work. Not shifting the costs for permissions issues, authentication challenges, or recovering individual documents/items. Cost of storage is expensive (much higher than on premise).Enterprises are struggling with data growth and things like the Office 365 pricing model around storage.
  • Cost-effective security via economies of scale (multiple clients share the cost of enterprisesecurity controls)Look at their current clients, policies…
  • The Security Program takes a risk-based, multi-dimensional approach to putting in place the necessary & adequate safeguards across all aspects of a service. The Program aims to define security requirements applicable to people, processes and technology, and implement corresponding controls & capabilities across the services themselves, the supporting platform and infrastructure components, as well as the hosting facilities and the hardware residing within them. Role & Responsibility of the Security Program: Help ensure services are developed in a secure manner. Microsoft’s Secure Development Lifecycle plays a critical role here. Help ensure the services are operated in a secure environment. Security controls exist across and within all layers of a given service, which supports the principle of defense-in-depth.Help ensure that services and infrastructure are monitored for configuration errors, vulnerabilities, security events and anomalous behavior.Help ensure incidents are promptly detected and a mature incident management process not only addresses the immediate issue, but identifies and corrects the cause.Help ensure personnel are adequately prepared and trained to identify security issues and provide notification through the appropriate procedure.
  • Australia and New Zealand – Hosted data must be in the country. Germany.
  • What is more reliable?Safety?Consistency?Weather effects both…
  • When the pipe goes down how can we still be productive? What if a cloud provider company goes out of business? What if a cloud provider decides to up its rates for service or reduces its level of service? What happens if due to some circumstance, the cloud provider looses all data that it has saved (with out having a reliable backup?) What's to keep a cloud provider (or someone else) from looking at your data? Is there insurance to cover this yet?
  • Note that SLAs are often merely an indication of the consequences when the service fails and not the service's actual reliability. A great example of this is GoGrid's 10,000% Guaranteed SLA. In other words, GoGrid offers a 100% uptime guarantee. Should it fail to meet that level of availability, it will compensate the customer with 100 times the fee paid for the downtime.Recovery SLAsTwo streams – the large concern is the Recovery Time Objective – P plan is backed up every 24 hours. On E plan it’s every 6 hours. The recovery time is 12 hours on P plan, and E plan it’s 1 hour. It should go without saying that the starting point should be the business case and intended use of the service, and not any legal document, such as a service level agreement (SLA). Understand what business problem the service will be solving; the intended internal and external users; when, where and how the service will be accessed; whether or not the service is business-critical; the practical consequences if the service is down or degraded for any period of time; and how the use of the service may change over time. Then, ensure the SLA reflects your needs. Almost invariably, SLAs will address availability, planned outages, critical and noncritical outages, service credits and termination rights. Typically, the sole remedy in case of a breach of the SLA is a service credit, which is usually capped based on some percentage of fees paid during the previous 12-month period. Customers should ask whether the credit is simply window dressing or actually a meaningful economic remedy that would deter the vendor from breaching the SLA.
  • Don’t forget that with all cloud based providers – you are also adding another layer between IT and the attorneys and paralegals.Can a law firm put a stop to a providers maintenance schedule so that a trial team can finish preparing for a case without interruption?
  • Termination or suspension of service. The software application and/or the data running or housed in the cloud may be critical to your business. Continuity of access and use (to both the application and data), especially when both are on a third-party server, are of utmost importance. To that end, does the cloud vendor in each instance notify you when any of the terms of the agreement may have been violated, and are you given an opportunity to remedy each violation? There is, of course, a delicate balance to be struck here. In a setting where there are multiple customers (tenants), the cloud vendor will have competing obligations to the other customers, and, inasmuch as the actions of one tenant may degrade performance for another, some level of flexibility is required. One approach is to distinguish between the service and the data; in the case of suspension, for example, agree not to lock down access to the data.
  • Content MigrationManually using Explorer/WebDav… doesn’t scale well.This is a question few companies ask - until it's too late. Porting data between cloud service providers is a relatively new capability and only a small number of service providers have implemented what will become a very necessary service.
  • The responses also indicated that this was increasing for each SharePoint version (not decreasing).50% of companies find that development of custom SharePoint solutions require more effort than expected.Support of More Complex applications was cited by 59% as a major scaling issue… along with administration.One of the best outcomes to increasing numbers of software vendors’ adoption of open interfaces and API standards in their software is customers’ ability to make the systems their organizations rely on to operate as a single system, rather than a collection of desperate applications. New business capabilities like business intelligence were now possible. What if an organization wanted this capability but relied on hosted services for some of its systems? Let’s say that an organization had an internal Active Directory and mail system, but made use of one vendors hosted ecommerce service and another vendor’s hosted CRM service. Seems reasonable so far? The organization wants to to answer a simple question: how many customers who have purchased from the organization within the past 6 months have emailed their sales representative directly after a purchase? This question requires data from the AD, email, ecommerce, and CRM systems. Getting to that data is hard, because the CRM and ecommerce systems must be accessed over a WAN connection. This makes the processes of getting to the vast data the systems hold very painful. We also hope that there is some way to correlate the various data entities between the systems: orders, customers, email addresses, sales people, etc.
  • WAN vs. LAN bandwidthHow much bandwidth do most organizations have on their LANs? Most have 1000 Mbps. How much bandwidth do these organizations have on their WANs? Usually less than 10 Mbps. That means that most organizations have roughly 100 times the bandwidth on the LANs as no their WANs. That’s important since the organizations’ users access cloud services through the WAN. Users will perceive even well-implemented cloud services as being much slower and unresponsive as compared to mediocrely implemented in0house services. The cloud service is slower, the problem lies with the users’ limited bandwidth in accessing the cloud service.WAN vs. LAN reliability How often does your LAN go down? How often does your WAN go down? Imagine losing access to all of your organization’s services in the event of an Internet connection loss? More is available in the previous section of this post titled “service availability”.
  • Unfortunately, not all clouds are created equal. It is very difficult to compare cloud service offerings as much of the detail is just not available. Take a look at the definitions of EC2 instance types and you will see terms like “virtual core”, EC2 Compute Unit (one EC2 Compute Unit provides the equivalent CPU capacity of a 1.0-1.2 GHz 2007 Opteron or 2007 Xeon processor. This is also the equivalent to an early-2006 1.7 GHz Xeon processor), and high/moderate/low I/O performance. These are less than precise measures. It makes it challenging to know what you are purchasing and even more difficult to compare with other providers.There are already several standards bodies involved in defining criteria and metrics for cloud computing. The wonderful thing about standards is that there are always plenty to choose from. Until they reach a consensus, the following list is an attempt at gathering enough information to be able to make a reasonable comparison between providers:The early cloud adopters have generally been software developers and other techies that don’t need much hand-holding. Today, enterprise officers need to know they can contact someone at their cloud provider when they experience problems. Some cloud providers bundle in support services while others offer various support tiers.
  • Keep in mind – if you have a matter team working late and against the clock – can you cancel/stop maintenance procedures from causing an interrupt?
  • A lot of this can seem daunting and I know one of the hardest things is figuring out how to do some of the things I have shown today. If you are interested in further training or assistance please let me know. Based on the number of people who are interested and the areas of interest we can schedule further training sessions to help everyone better use the SharePoint portal.It's our commitment to you that we will continue to hear your feedback and identify the issues. I encourage you to give us feedback during the coming months, and we will continue to deliver more and more functionality, more and more guidance to help you be successful with your application of SharePoint.Thank You for Reading/Listening
  • “75% of IT budget is spent on ‘keeping the lights on’ 25% is strategic growth/new solutions. The goal is to re-align this so that IT is focused on the business. (80/20 – apparently is another review – applications is the name for biz solution work).In Nick Carr’s famous book, Does IT Matter, he argued eloquently, providing copious examples, that most business infrastructure goes through a fairly common cycle.  This cycle is well-understood and more of a force of nature than anything else.  What we are seeing now with cloud computing is nothing more than this cycle replayed again with information technology (IT), just like it has with electricity, roads/highways, banking, and telecommunications before it.”
  • I’m not going to go into this matrix in detail right now, but whether you disagree with aspects or not, I’m certain you can see the trend occurring in the diagram.  Cloud computing definitely appears to be an evolution of the way that we create IT.
  • Which brings me to the basic argument.  If the following are true about cloud computing:It is something new …… developed by the giant web businesses in order to get to massive scale… and an evolution of how IT infrastructure is createdThen we have to look carefully at how and why an Amazon or Google did what they did.  The diagram I used to explain during my keynote:Large Internet business needed scale, cost-efficiency, and agility to be competitive.  Google is 1 Million servers.  Amazon.com releases new code thousands of times per day.  Microsoft runs 2,000 physical servers per headcount.  Google runs 10,000 per headcount and aspires for 100,000.  Google and Amazon use little or no ‘enterprise computing’ solutions.So what happened?  The causation resulted in high levels of automation, a devops culture, use of standardized commodity hardware, a focus on homogeneity, etc.  The end result is a system that lends itself to being turned into a utility (aka ‘utilitization‘.  Hence the arrival of public clouds.  One of the side-effects of using cloud computing techniques to build an IT infrastructure is that now those platforms or applications built on top of it can leverage the automation to get elasticity (benefit), pay-only-for-what-you-use with metering (benefit), and other autonomous functions (benefit).Again, these benefits are essentially side effects of cloud computing, not cloud computing itself.  The gray section labeled results above represents a number of the core aspects and features of cloud computing.  This is why the arguments about the existence of internal ‘private’ clouds can be so bitter[1].  From a public cloud provider perspective, an internal infrastructure cloud is simply an automated virtual server on-demand system, missing many of the aspects of cloud computing above.
  • An information worker logs on to their SharePoint Online tenancy and opens an app for SharePoint or external list that needs data from an on-premises OData data source.The external list creates a request for the data and sends it to Business Connectivity Services. BCS looks at the connection settings object and the external content type to see how to connect to the data source and what credentials to use.BCS retrieves the client SSL certificate from the Secure Store in SharePoint Online. This is used for SharePoint Online authentication to the reverse proxy. BCS retrieves an OAuth token from the Access Control Service. These are the user’s credentials used for user authentication to the SharePoint 2013 on-premises farm. The Access Control Service is part of every SharePoint Online subscription. It is a Security Token Service that manages security tokens for users of SharePoint Online. BCS sends an HTTPs request to the published endpoint for the data source. The request includes the client certificate from the Secure Store and the user’s OAuth security token as well as a request for the data. The reverse proxy authenticates the request by using the client certificate and forwards it to the CSOM pipeline of the on-premises SharePoint 2013 farm.The CSOM pipeline consults the User Profile Service to look for a mapping between the user’s OAuth security token from ACS and the user’s domain credentials from AD DS. If one exists, the user’s domain credentials are returned to the request.The user’s domain credentials are used to authenticate to the SharePoint on-premises site that receives Hybrid requests and the request is passed to the SharePoint on-premises BCS serviceThe SharePoint on-premises BCS retrieves the credentials that are used to authenticate to the external data source from the SharePoint on-premises Secure Store ServiceThe SharePoint on-premises BCS service passes the request for data along with the external data credentials to the OData service head which then performs the desired operations on the external data and returns the results to the SharePoint Online user.
  • A lot of this can seem daunting and I know one of the hardest things is figuring out how to do some of the things I have shown today. If you are interested in further training or assistance please let me know. Based on the number of people who are interested and the areas of interest we can schedule further training sessions to help everyone better use the SharePoint portal.It's our commitment to you that we will continue to hear your feedback and identify the issues. I encourage you to give us feedback during the coming months, and we will continue to deliver more and more functionality, more and more guidance to help you be successful with your application of SharePoint.Thank You for Reading/Listening