In a cloud world, Single-Sign-On is becoming increasingly important, as users want to sign in to their applications with a single set of credentials, whether inside or outside of the firewall. Active Directory Federation Services is the glue that allows you to connect your on-premises Active Directory with Office 365 and Windows Azure. While extraordinarily powerful, it can also serve as a single point of failure if your deployment is not properly designed. More and more, we have seen Partners and Customers looking at options for scaling ADFS to the cloud. With the introduction of Windows Azure Virtual Machines, customers who require Active Directory federation have another Microsoft-supported choice for hosting these services.
Running infrastructure components in Windows Azure has multiple benefits that include:
Integrating Office 365 with your existing on-premises platforms requires careful planning, regardless of whether they’re implemented on-premises or in Windows Azure. Planning the implementation and management of these infrastructure components in the cloud is almost identical to the on-premises infrastructure.
The excellent Deploying Office 365 Single Sign-On using Windows Azure white paper was written for system architects and IT professionals who want to understand the architecture and deployment options for extending the on-premises Active Directory infrastructure with Windows Azure Virtual Machines to implement directory synchronization and single sign-on for Office 365. Topics covered include:
1 Executive Summary. 5
2 Introduction.. 6
3 Deployment Scenarios. 7
3.1 Introduction. 7
3.2 Before you start–is this right for your organization?. 7
3.3 Windows Azure Active Directory. 8
3.4 High-level design considerations. 9
3.5 Scenario 1: Office 365 directory integration components deployed on-premises. 11
3.6 Scenario 2: Office 365 directory integration components deployed in Windows Azure. 13
3.7 Scenario 3: Office 365 directory integration components deployed in Windows Azure for disaster recovery. 16
3.8 Checkpoint: key requirements. 20
3.9 Risks and mitigations. 22
4 Deployment Considerations. 25
4.1 Costs associated with Windows Azure. 25
4.2 Virtual Machine operating system requirements. 25
4.3 Virtual Machine sizing. 26
4.4 VPN network requirements. 27
4.5 IP Addressing and name resolution. 27
4.6 Active Directory Domain Services. 28
4.7 Directory synchronization server. 29
4.8 Deployment to multiple Windows Azure data centers. 30
5 Operational Considerations.33
Download here: Deploying Office 365 Single Sign-On using Windows Azure
For more information about AD FS, see the Active Directory Federation Services TechCenter web page (http://go.microsoft.com/fwlink/?LinkId=194245).
Hi, can we do SSO using shibboleth between web application that run on Linux to office365 cloud?