subject:"Office 365 and AD synchronization"

Re: Office 365 and AD synchronization

2012-06-28 Thread Steve Kradel

I will vigorously agree with this... a cluster for handling ADFS2 load for
basic sign-on to SaaS is very rarely necessary, but you almost always do
want to be able to patch and reboot without making unavailable all the
stuff that now absolutely depends on federation/SSO.

--Steve

On Thu, Jun 28, 2012 at 11:52 AM, Brian Desmond wrote:

>  *I think 99.99% is overdoing it. I’m pretty sure there is more than .01%
> of customers who want HA for their AuthN to email, IM, SharePoint, partner
> apps, etc. *
>
> * *
>
> *Thanks,*
>
> *Brian Desmond*
>
> *br...@briandesmond.com*
>
> * *
>
> *w – 312.625.1438 | c   – 312.731.3132*
>
> * *
>
> *From:* Michael B. Smith [mailto:mich...@smithcons.com]
> *Sent:* Wednesday, June 27, 2012 4:29 PM
>
> *To:* NT System Admin Issues
> *Subject:* RE: Office 365 and AD synchronization
>
>  ** **
>
> You don’t need a separate machine for either dirsync or adfs. It is,
> indeed, recommended. It’s also recommend to have a load-balanced adfs
> proxy, but for 99.99% of clients, that is just bollocks.
>
> ** **
>
> *From:* Christopher Bodnar [mailto:christopher_bod...@glic.com]
> *Sent:* Wednesday, June 27, 2012 10:28 AM
> *To:* NT System Admin Issues
> *Subject:* Office 365 and AD synchronization
>
> ** **
>
> Getting ready to migrate a small office environment to office 365. Domain
> is 2008 R2, only 10 users. I'm reading through all the documentation and
> specifically looking at the requirement for a separate machine to host the
> Directory Synchronization tool. Anyone here do this yet with a small
> office? Just curious as to the load on the box. I'm going to create a VM
> for this but see that the minimum requirements are 4G RAM and 70G of disk
> space. That seems high to me for something like this in a very small
> environment. Curious to hear what others have seen after doing this in a
> similar environment.
>
> Also just starting to read about single sign-on. So using the AD Sync tool
> doesn't give you single-sign on? It just gets your users and groups up to
> Office 365? For what purpose, if the credentials are synched? That's what I
> don't understand yet, but I'm not done reading yet, so maybe that will
> come. So if you need AD FS for single sign-on, how was the process?
>
> Thanks, ** **
>
> *Christopher Bodnar*
> Enterprise Achitect I, Corporate Office of Technology:Enterprise
> Architecture and Engineering Services 
>
> Tel 610-807-6459
> 3900 Burgess Place, Bethlehem, PA 18017
> christopher_bod...@glic.com 
>
>
> *
> The Guardian Life Insurance Company of America*
> *
> *www.guardianlife.com 
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin<>

RE: Office 365 and AD synchronization

2012-06-28 Thread Michael B. Smith

:-P

From: Brian Desmond [mailto:br...@briandesmond.com]
Sent: Thursday, June 28, 2012 11:52 AM
To: NT System Admin Issues
Subject: RE: Office 365 and AD synchronization

I think 99.99% is overdoing it. I'm pretty sure there is more than .01% of 
customers who want HA for their AuthN to email, IM, SharePoint, partner apps, 
etc.

Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>

w - 312.625.1438 | c   - 312.731.3132

From: Michael B. Smith 
[mailto:mich...@smithcons.com]<mailto:[mailto:mich...@smithcons.com]>
Sent: Wednesday, June 27, 2012 4:29 PM
To: NT System Admin Issues
Subject: RE: Office 365 and AD synchronization

You don't need a separate machine for either dirsync or adfs. It is, indeed, 
recommended. It's also recommend to have a load-balanced adfs proxy, but for 
99.99% of clients, that is just bollocks.

From: Christopher Bodnar 
[mailto:christopher_bod...@glic.com]<mailto:[mailto:christopher_bod...@glic.com]>
Sent: Wednesday, June 27, 2012 10:28 AM
To: NT System Admin Issues
Subject: Office 365 and AD synchronization

Getting ready to migrate a small office environment to office 365. Domain is 
2008 R2, only 10 users. I'm reading through all the documentation and 
specifically looking at the requirement for a separate machine to host the 
Directory Synchronization tool. Anyone here do this yet with a small office? 
Just curious as to the load on the box. I'm going to create a VM for this but 
see that the minimum requirements are 4G RAM and 70G of disk space. That seems 
high to me for something like this in a very small environment. Curious to hear 
what others have seen after doing this in a similar environment.

Also just starting to read about single sign-on. So using the AD Sync tool 
doesn't give you single-sign on? It just gets your users and groups up to 
Office 365? For what purpose, if the credentials are synched? That's what I 
don't understand yet, but I'm not done reading yet, so maybe that will come. So 
if you need AD FS for single sign-on, how was the process?

Thanks,
Christopher Bodnar
Enterprise Achitect I, Corporate Office of Technology:Enterprise Architecture 
and Engineering Services

Tel 610-807-6459
3900 Burgess Place, Bethlehem, PA 18017
christopher_bod...@glic.com

[cid:image001.jpg@01CD5574.1BD78990]

The Guardian Life Insurance Company of America

www.guardianlife.com<http://www.guardianlife.com/>

- This message, and any attachments to 
it, may contain information that is privileged, confidential, and exempt from 
disclosure under applicable law. If the reader of this message is not the 
intended recipient, you are notified that any use, dissemination, distribution, 
copying, or communication of this message is strictly prohibited. If you have 
received this message in error, please notify the sender immediately by return 
e-mail and delete the message and any attachments. Thank you.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin<>

RE: Office 365 and AD synchronization

2012-06-28 Thread Brian Desmond

I think 99.99% is overdoing it. I'm pretty sure there is more than .01% of 
customers who want HA for their AuthN to email, IM, SharePoint, partner apps, 
etc.

Thanks,
Brian Desmond
br...@briandesmond.com

w - 312.625.1438 | c   - 312.731.3132

From: Michael B. Smith [mailto:mich...@smithcons.com]
Sent: Wednesday, June 27, 2012 4:29 PM
To: NT System Admin Issues
Subject: RE: Office 365 and AD synchronization

You don't need a separate machine for either dirsync or adfs. It is, indeed, 
recommended. It's also recommend to have a load-balanced adfs proxy, but for 
99.99% of clients, that is just bollocks.

From: Christopher Bodnar 
[mailto:christopher_bod...@glic.com]<mailto:[mailto:christopher_bod...@glic.com]>
Sent: Wednesday, June 27, 2012 10:28 AM
To: NT System Admin Issues
Subject: Office 365 and AD synchronization

Getting ready to migrate a small office environment to office 365. Domain is 
2008 R2, only 10 users. I'm reading through all the documentation and 
specifically looking at the requirement for a separate machine to host the 
Directory Synchronization tool. Anyone here do this yet with a small office? 
Just curious as to the load on the box. I'm going to create a VM for this but 
see that the minimum requirements are 4G RAM and 70G of disk space. That seems 
high to me for something like this in a very small environment. Curious to hear 
what others have seen after doing this in a similar environment.

Also just starting to read about single sign-on. So using the AD Sync tool 
doesn't give you single-sign on? It just gets your users and groups up to 
Office 365? For what purpose, if the credentials are synched? That's what I 
don't understand yet, but I'm not done reading yet, so maybe that will come. So 
if you need AD FS for single sign-on, how was the process?

Thanks,
Christopher Bodnar
Enterprise Achitect I, Corporate Office of Technology:Enterprise Architecture 
and Engineering Services

Tel 610-807-6459
3900 Burgess Place, Bethlehem, PA 18017
christopher_bod...@glic.com

[cid:image001.jpg@01CD551C.102248E0]

The Guardian Life Insurance Company of America

www.guardianlife.com<http://www.guardianlife.com/>



- This message, and any attachments to 
it, may contain information that is privileged, confidential, and exempt from 
disclosure under applicable law. If the reader of this message is not the 
intended recipient, you are notified that any use, dissemination, distribution, 
copying, or communication of this message is strictly prohibited. If you have 
received this message in error, please notify the sender immediately by return 
e-mail and delete the message and any attachments. Thank you.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin<>

Re: Office 365 and AD synchronization

2012-06-27 Thread Steve Ens

LOL, that is what I told the Office 365 guys at tech ed last week
tooBOLLOCKs!  but they still gave me an invite to their reception

On Wed, Jun 27, 2012 at 2:28 PM, Michael B. Smith wrote:

>  You don’t need a separate machine for either dirsync or adfs. It is,
> indeed, recommended. It’s also recommend to have a load-balanced adfs
> proxy, but for 99.99% of clients, that is just bollocks.
>
> ** **
>
> *From:* Christopher Bodnar [mailto:christopher_bod...@glic.com]
> *Sent:* Wednesday, June 27, 2012 10:28 AM
>
> *To:* NT System Admin Issues
> *Subject:* Office 365 and AD synchronization
>
> ** **
>
> Getting ready to migrate a small office environment to office 365. Domain
> is 2008 R2, only 10 users. I'm reading through all the documentation and
> specifically looking at the requirement for a separate machine to host the
> Directory Synchronization tool. Anyone here do this yet with a small
> office? Just curious as to the load on the box. I'm going to create a VM
> for this but see that the minimum requirements are 4G RAM and 70G of disk
> space. That seems high to me for something like this in a very small
> environment. Curious to hear what others have seen after doing this in a
> similar environment.
>
> Also just starting to read about single sign-on. So using the AD Sync tool
> doesn't give you single-sign on? It just gets your users and groups up to
> Office 365? For what purpose, if the credentials are synched? That's what I
> don't understand yet, but I'm not done reading yet, so maybe that will
> come. So if you need AD FS for single sign-on, how was the process?
>
> Thanks, ** **
>
> *Christopher Bodnar*
> Enterprise Achitect I, Corporate Office of Technology:Enterprise
> Architecture and Engineering Services 
>
> Tel 610-807-6459
> 3900 Burgess Place, Bethlehem, PA 18017
> christopher_bod...@glic.com 
>
>
> *
> The Guardian Life Insurance Company of America*
> *
> *www.guardianlife.com 
>
>
> - This message, and any
> attachments to it, may contain information that is privileged,
> confidential, and exempt from disclosure under applicable law. If the
> reader of this message is not the intended recipient, you are notified that
> any use, dissemination, distribution, copying, or communication of this
> message is strictly prohibited. If you have received this message in error,
> please notify the sender immediately by return e-mail and delete the
> message and any attachments. Thank you. 
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin<>

RE: Office 365 and AD synchronization

2012-06-27 Thread Michael B. Smith

You don't need a separate machine for either dirsync or adfs. It is, indeed, 
recommended. It's also recommend to have a load-balanced adfs proxy, but for 
99.99% of clients, that is just bollocks.

From: Christopher Bodnar [mailto:christopher_bod...@glic.com]
Sent: Wednesday, June 27, 2012 10:28 AM
To: NT System Admin Issues
Subject: Office 365 and AD synchronization

Getting ready to migrate a small office environment to office 365. Domain is 
2008 R2, only 10 users. I'm reading through all the documentation and 
specifically looking at the requirement for a separate machine to host the 
Directory Synchronization tool. Anyone here do this yet with a small office? 
Just curious as to the load on the box. I'm going to create a VM for this but 
see that the minimum requirements are 4G RAM and 70G of disk space. That seems 
high to me for something like this in a very small environment. Curious to hear 
what others have seen after doing this in a similar environment.

Also just starting to read about single sign-on. So using the AD Sync tool 
doesn't give you single-sign on? It just gets your users and groups up to 
Office 365? For what purpose, if the credentials are synched? That's what I 
don't understand yet, but I'm not done reading yet, so maybe that will come. So 
if you need AD FS for single sign-on, how was the process?

Thanks,
Christopher Bodnar
Enterprise Achitect I, Corporate Office of Technology:Enterprise Architecture 
and Engineering Services

Tel 610-807-6459
3900 Burgess Place, Bethlehem, PA 18017
christopher_bod...@glic.com

[cid:image001.jpg@01CD548A.4CC80790]

The Guardian Life Insurance Company of America

www.guardianlife.com<http://www.guardianlife.com/>

- This message, and any attachments to 
it, may contain information that is privileged, confidential, and exempt from 
disclosure under applicable law. If the reader of this message is not the 
intended recipient, you are notified that any use, dissemination, distribution, 
copying, or communication of this message is strictly prohibited. If you have 
received this message in error, please notify the sender immediately by return 
e-mail and delete the message and any attachments. Thank you.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin<>

Re: Which Office 365 version - was Office 365 and AD synchronization

2012-06-27 Thread Don Kuhlman

Thanks Chris.  Sounds like with E3 you don't need a backend SBS server or other, just a domain to login?PS - Sorry all about my last reply - my fonts exploded so that reply came through in huge text.Don KFrom: Christopher Bodnar  To: NT System Admin Issues   Sent: Wednesday,
 June 27, 2012 12:44 PM Subject: Re: Which Office 365 version - was Office 365 and AD synchronization   
Sure no problem. Going to go with E3 specifically
because of this:

Please note: with E1 you can only view
Word, Excel, PowerPoint, and OneNote files online. With E3 you can both
edit and view these files online.

This was a big selling point for the
E3 plan. Also in our situation the client is non-profit, so the prices
are significantly reduced. 





Christopher Bodnar 
Enterprise Achitect I, Corporate Office of Technology:Enterprise Architecture
and Engineering Services 

Tel 610-807-6459  
3900 Burgess Place, Bethlehem, PA 18017 
christopher_bod...@glic.com






The Guardian Life Insurance Company of America

www.guardianlife.com









From:      
 Don Kuhlman 
To:      
 "NT System Admin
Issues" 
Date:      
 06/27/2012 10:51 AM
Subject:    
   Which Office
365 version - was Office 365 and AD synchronization




Hi Chris, do you mind me asking what plan
you're looking at?   I was thinking the same for a small business
client, moving them from internally hosted SBS 2008 to 365 Plan E1 ($8/month/per
user).  I see the P1 or E3 plans too, but not sure if E3 is worth
it for about 18 users.

Thanks

Don K


From: Christopher Bodnar 
To: NT System Admin Issues 

Sent: Wednesday, June 27, 2012 9:27 AM
Subject: Office 365 and AD synchronization

Getting ready to migrate a small office
environment to office 365. Domain is 2008 R2, only 10 users. I'm reading
through all the documentation and specifically looking at the requirement
for a separate machine to host the Directory Synchronization tool. Anyone
here do this yet with a small office? Just curious as to the load on the
box. I'm going to create a VM for this but see that the minimum requirements
are 4G RAM and 70G of disk space. That seems high to me for something like
this in a very small environment. Curious to hear what others have seen
after doing this in a similar environment.


Also just starting to read about single sign-on. So using the AD Sync tool
doesn't give you single-sign on? It just gets your users and groups up
to Office 365? For what purpose, if the credentials are synched? That's
what I don't understand yet, but I'm not done reading yet, so maybe that
will come. So if you need AD FS for single sign-on, how was the process?


Thanks, 



Christopher Bodnar 
Enterprise Achitect I, Corporate Office of Technology:Enterprise Architecture
and Engineering Services 

Tel 610-807-6459  
3900 Burgess Place, Bethlehem, PA 18017 
christopher_bod...@glic.com





The Guardian Life Insurance Company of America

www.guardianlife.com




- This message, and any attachments
to it, may contain information that is privileged, confidential, and exempt
from disclosure under applicable law. If the reader of this message is
not the intended recipient, you are notified that any use, dissemination,
distribution, copying, or communication of this message is strictly prohibited.
If you have received this message in error, please notify the sender immediately
by return e-mail and delete the message and any attachments. Thank you.

~ Finally, powerful endpoint security
that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>
 ~

---
To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource
hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>
 ~

---
To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Office 365 and AD synchronization

2012-06-27 Thread Christopher Bodnar

Mike thanks for the reply. Can you give me a little more on that? 
Specifically when you say that you need 100% uptime and that it's over the 
top, what do you mean? Our plan is to put all the user documents in Office 
365 SharePoint specifically so they can have access to them from anywhere. 
On paper it sounds pretty good. 

Thanks,


Christopher Bodnar 
Enterprise Achitect I, Corporate Office of Technology:Enterprise 
Architecture and Engineering Services 
Tel 610-807-6459 
3900 Burgess Place, Bethlehem, PA 18017 
christopher_bod...@glic.com 




The Guardian Life Insurance Company of America

www.guardianlife.com 







From:   Mike Hoffman 
To: "NT System Admin Issues" 
Date:   06/27/2012 11:26 AM
Subject:        RE: Office 365 and AD synchronization



You should not be looking at SSO for just 10 users with office 365 as you 
really need a 100% uptime connection (not 99.99%). We looked at this with 
small clients and putting in a separate server for the sync component is 
over the top. The build in sync tool is a complete solution build for big 
enterprises.
 
If you simply want 10 users to be able to do email and share logon 
passwords for both services (Local AD and O365) then SBS Essentials has a 
plugin which is a much simpler solution.
 
Mike 
 
From: David Lum [mailto:david@nwea.org] 
Sent: 27 June 2012 16:00
To: NT System Admin Issues
Subject: RE: Office 365 and AD synchronization
 
“So if you need AD FS for single sign-on, how was the process?”
 
This will be a poor technical explanation, but hopefully helpful:
 
We use SSO for our expense reporting, and how it works for us is we have 
an IIS server that handles the SSO function via certificate with us and 
our vendor. The cert sits on our IIS server and the corresponding cert 
sits in the “target” environment. The IIS server is in our “trusted sites” 
zone which allows the domain credentials to get passed to the IIS server. 
The target side trusts our IIS server (trust is misleading here because 
it’s the cert that allows access not a domain trust, but I digress..).
 
The user experience is they go to our SSO website and they have a dropdown 
of what SSO site to connect to click connect and away they go, no 
prompting for credentials. 
 
Dave
 
From: Christopher Bodnar [mailto:christopher_bod...@glic.com] 
Sent: Wednesday, June 27, 2012 7:28 AM
To: NT System Admin Issues
Subject: Office 365 and AD synchronization
 
Getting ready to migrate a small office environment to office 365. Domain 
is 2008 R2, only 10 users. I'm reading through all the documentation and 
specifically looking at the requirement for a separate machine to host the 
Directory Synchronization tool. Anyone here do this yet with a small 
office? Just curious as to the load on the box. I'm going to create a VM 
for this but see that the minimum requirements are 4G RAM and 70G of disk 
space. That seems high to me for something like this in a very small 
environment. Curious to hear what others have seen after doing this in a 
similar environment. 

Also just starting to read about single sign-on. So using the AD Sync tool 
doesn't give you single-sign on? It just gets your users and groups up to 
Office 365? For what purpose, if the credentials are synched? That's what 
I don't understand yet, but I'm not done reading yet, so maybe that will 
come. So if you need AD FS for single sign-on, how was the process? 

Thanks, 

Christopher Bodnar 
Enterprise Achitect I, Corporate Office of Technology:Enterprise 
Architecture and Engineering Services 
Tel 610-807-6459 
3900 Burgess Place, Bethlehem, PA 18017 
christopher_bod...@glic.com 


The Guardian Life Insurance Company of America

www.guardianlife.com 


- This message, and any 
attachments to it, may contain information that is privileged, 
confidential, and exempt from disclosure under applicable law. If the 
reader of this message is not the intended recipient, you are notified 
that any use, dissemination, distribution, copying, or communication of 
this message is strictly prohibited. If you have received this message in 
error, please notify the sender immediately by return e-mail and delete 
the message and any attachments. Thank you. 
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that

RE: Office 365 and AD synchronization

2012-06-27 Thread David Lum

No worries, I am Varsity at providing occasionally useless information ☺

From: Christopher Bodnar [mailto:christopher_bod...@glic.com]
Sent: Wednesday, June 27, 2012 10:48 AM
To: NT System Admin Issues
Subject: RE: Office 365 and AD synchronization

Sorry Dave, should have clarified. Not really looking for a technical 
explanation of single sign-on. Very familiar with what it is and how it works. 
We have PING for SAML and use it with a few different external partners, so I'm 
familiar with the process. Was looking for people who have experienced setting 
up AD FS with Office 365. That I haven't done before.

Christopher Bodnar
Enterprise Achitect I, Corporate Office of Technology:Enterprise Architecture 
and Engineering Services

Tel 610-807-6459
3900 Burgess Place, Bethlehem, PA 18017
christopher_bod...@glic.com

[cid:image001.jpg@01CD5453.0D152240]

The Guardian Life Insurance Company of America

www.guardianlife.com<http://www.guardianlife.com/>

From:David Lum mailto:david@nwea.org>>
To:"NT System Admin Issues" 
mailto:ntsysadmin@lyris.sunbelt-software.com>>
Date:06/27/2012 11:01 AM
Subject:    RE: Office 365 and AD synchronization

“So if you need AD FS for single sign-on, how was the process?”

This will be a poor technical explanation, but hopefully helpful:

We use SSO for our expense reporting, and how it works for us is we have an IIS 
server that handles the SSO function via certificate with us and our vendor. 
The cert sits on our IIS server and the corresponding cert sits in the “target” 
environment. The IIS server is in our “trusted sites” zone which allows the 
domain credentials to get passed to the IIS server. The target side trusts our 
IIS server (trust is misleading here because it’s the cert that allows access 
not a domain trust, but I digress..).

The user experience is they go to our SSO website and they have a dropdown of 
what SSO site to connect to click connect and away they go, no prompting for 
credentials.

Dave

From: Christopher Bodnar [mailto:christopher_bod...@glic.com]
Sent: Wednesday, June 27, 2012 7:28 AM
To: NT System Admin Issues
Subject: Office 365 and AD synchronization

Getting ready to migrate a small office environment to office 365. Domain is 
2008 R2, only 10 users. I'm reading through all the documentation and 
specifically looking at the requirement for a separate machine to host the 
Directory Synchronization tool. Anyone here do this yet with a small office? 
Just curious as to the load on the box. I'm going to create a VM for this but 
see that the minimum requirements are 4G RAM and 70G of disk space. That seems 
high to me for something like this in a very small environment. Curious to hear 
what others have seen after doing this in a similar environment.

Also just starting to read about single sign-on. So using the AD Sync tool 
doesn't give you single-sign on? It just gets your users and groups up to 
Office 365? For what purpose, if the credentials are synched? That's what I 
don't understand yet, but I'm not done reading yet, so maybe that will come. So 
if you need AD FS for single sign-on, how was the process?

Thanks,
Christopher Bodnar
Enterprise Achitect I, Corporate Office of Technology:Enterprise Architecture 
and Engineering Services

Tel 610-807-6459
3900 Burgess Place, Bethlehem, PA 18017
christopher_bod...@glic.com

[cid:image001.jpg@01CD5453.0D152240]

The Guardian Life Insurance Company of America

www.guardianlife.com<http://www.guardianlife.com/>

- This message, and any attachments to 
it, may contain information that is privileged, confidential, and exempt from 
disclosure under applicable law. If the reader of this message is not the 
intended recipient, you are notified that any use, dissemination, distribution, 
copying, or communication of this message is strictly prohibited. If you have 
received this message in error, please notify the sender immediately by return 
e-mail and delete the message and any attachments. Thank you.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

- This me

Re: Office 365 and AD synchronization

2012-06-27 Thread Don Kuhlman

Does that mean you need to buy SBS essentials and set up that with the plugin ?I'm seeing prices < $1000 for SBS 2011 with one of the HP Micro servers - http://www.cdw.com/shop/products/HP-ProLiant-MicroServer-Turion-II-Neo-N40L-1.5-GHz/2502916.aspxAnd I see the SBS 2011 Essentials at $545 retail.What does the SSO option with separate server for sync price at?Don KFrom: Mike Hoffman To: NT System Admin Issues Sent: Wednesday, June 27, 2012 10:25 AM Subject: RE: Office 365 and AD synchronization
You should not be looking at SSO for just 10 users with office 365 as you really need a 100% uptime connection (not 99.99%). We looked at this with small clients and putting in a separate server for the sync component is over the top. The build in sync tool is a complete solution build for big enterprises. If you simply want 10 users to be able to do email and share logon passwords for both services (Local AD and O365) then SBS Essentials has a plugin which is a much simpler solution. Mike From: David Lum [mailto:david@nwea.org] Sent: 27 June 2012 16:00To: NT System Admin IssuesSubject: RE: Office 365 and AD synchronization “So if you need AD FS for single sign-on, how was the process?” This will be a poor technical explanation, but hopefully helpful: We use SSO for our expense reporting, and how it works for us is we have an IIS server that handles the SSO function via certificate with us
and our vendor. The cert sits on our IIS server and the corresponding cert sits in the “target” environment. The IIS server is in our “trusted sites” zone which allows the domain credentials to get passed to the IIS server. The target side trusts our IIS server (trust is misleading here because it’s the cert that allows access not a domain trust, but I digress..). The user experience is they go to our SSO website and they have a dropdown of what SSO site to connect to click connect and away they go, no prompting for credentials. Dave From: Christopher Bodnar [mailto:christopher_bod...@glic.com] Sent: Wednesday, June 27, 2012 7:28 AMTo: NT System Admin IssuesSubject: Office 365 and AD synchronization Getting ready to migrate a small office environment to office 365. Domain is 2008 R2, only 10 users. I'm reading through all the documentation and specifically looking at the requirement for a separate machine to host the Directory Synchronization tool. Anyone here do this yet with a small office? Just curious as to the load on the box. I'm going to create a VM for this but see that the minimum requirements are 4G RAM and 70G of disk space. That seems high to me for something like this in a very small environment. Curious to hear what others have seen after doing this in a similar environment. Also just starting to read about single sign-on. So using the AD Sync tool doesn't
give you single-sign on? It just gets your users and groups up to Office 365? For what purpose, if the credentials are synched? That's what I don't understand yet, but I'm not done reading yet, so maybe that will come. So if you need AD FS for single sign-on, how was the process? Thanks, Christopher Bodnar Enterprise Achitect I, Corporate Office of Technology:Enterprise Architecture and Engineering Services Tel 610-807-6459 3900 Burgess Place, Bethlehem, PA 18017 christopher_bod...@glic.com The Guardian Life Insurance Company of Americawww.guardianlife.com - This message, and any attachments to it, may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are notified that any use, dissemination, distribution, copying, or communication of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately by return e-mail and delete the message and any attachments. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~~ ~---To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/or send an email to listmana...@lyris.sunbeltsoftware.comwith the body: unsubscribe ntsysadmin~ Finally, powerful endpoint security that ISN'T a resource hog! ~~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~---To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/or send an email to listmana...@lyris.sunbeltsoftware.comwith the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~

---
To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog!

RE: Office 365 and AD synchronization

2012-06-27 Thread Christopher Bodnar

Sorry Dave, should have clarified. Not really looking for a technical 
explanation of single sign-on. Very familiar with what it is and how it 
works. We have PING for SAML and use it with a few different external 
partners, so I'm familiar with the process. Was looking for people who 
have experienced setting up AD FS with Office 365. That I haven't done 
before. 



Christopher Bodnar 
Enterprise Achitect I, Corporate Office of Technology:Enterprise 
Architecture and Engineering Services 
Tel 610-807-6459 
3900 Burgess Place, Bethlehem, PA 18017 
christopher_bod...@glic.com 




The Guardian Life Insurance Company of America

www.guardianlife.com 







From:   David Lum 
To: "NT System Admin Issues" 
Date:   06/27/2012 11:01 AM
Subject:        RE: Office 365 and AD synchronization



“So if you need AD FS for single sign-on, how was the process?”
 
This will be a poor technical explanation, but hopefully helpful:
 
We use SSO for our expense reporting, and how it works for us is we have 
an IIS server that handles the SSO function via certificate with us and 
our vendor. The cert sits on our IIS server and the corresponding cert 
sits in the “target” environment. The IIS server is in our “trusted sites” 
zone which allows the domain credentials to get passed to the IIS server. 
The target side trusts our IIS server (trust is misleading here because 
it’s the cert that allows access not a domain trust, but I digress..).
 
The user experience is they go to our SSO website and they have a dropdown 
of what SSO site to connect to click connect and away they go, no 
prompting for credentials. 
 
Dave
 
From: Christopher Bodnar [mailto:christopher_bod...@glic.com] 
Sent: Wednesday, June 27, 2012 7:28 AM
To: NT System Admin Issues
Subject: Office 365 and AD synchronization
 
Getting ready to migrate a small office environment to office 365. Domain 
is 2008 R2, only 10 users. I'm reading through all the documentation and 
specifically looking at the requirement for a separate machine to host the 
Directory Synchronization tool. Anyone here do this yet with a small 
office? Just curious as to the load on the box. I'm going to create a VM 
for this but see that the minimum requirements are 4G RAM and 70G of disk 
space. That seems high to me for something like this in a very small 
environment. Curious to hear what others have seen after doing this in a 
similar environment. 

Also just starting to read about single sign-on. So using the AD Sync tool 
doesn't give you single-sign on? It just gets your users and groups up to 
Office 365? For what purpose, if the credentials are synched? That's what 
I don't understand yet, but I'm not done reading yet, so maybe that will 
come. So if you need AD FS for single sign-on, how was the process? 

Thanks, 

Christopher Bodnar 
Enterprise Achitect I, Corporate Office of Technology:Enterprise 
Architecture and Engineering Services 
Tel 610-807-6459 
3900 Burgess Place, Bethlehem, PA 18017 
christopher_bod...@glic.com 


The Guardian Life Insurance Company of America

www.guardianlife.com 


- This message, and any 
attachments to it, may contain information that is privileged, 
confidential, and exempt from disclosure under applicable law. If the 
reader of this message is not the intended recipient, you are notified 
that any use, dissemination, distribution, copying, or communication of 
this message is strictly prohibited. If you have received this message in 
error, please notify the sender immediately by return e-mail and delete 
the message and any attachments. Thank you. 
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
<><>

Re: Which Office 365 version - was Office 365 and AD synchronization

2012-06-27 Thread Christopher Bodnar

Sure no problem. Going to go with E3 specifically because of this:

Please note: with E1 you can only view Word, Excel, PowerPoint, and 
OneNote files online. With E3 you can both edit and view these files 
online.

This was a big selling point for the E3 plan. Also in our situation the 
client is non-profit, so the prices are significantly reduced. 



Christopher Bodnar 
Enterprise Achitect I, Corporate Office of Technology:Enterprise 
Architecture and Engineering Services 
Tel 610-807-6459 
3900 Burgess Place, Bethlehem, PA 18017 
christopher_bod...@glic.com 




The Guardian Life Insurance Company of America

www.guardianlife.com 







From:   Don Kuhlman 
To: "NT System Admin Issues" 
Date:   06/27/2012 10:51 AM
Subject:Which Office 365 version - was Office 365 and AD 
synchronization



Hi Chris, do you mind me asking what plan you're looking at?   I was 
thinking the same for a small business client, moving them from internally 
hosted SBS 2008 to 365 Plan E1 ($8/month/per user).  I see the P1 or E3 
plans too, but not sure if E3 is worth it for about 18 users.

Thanks

Don K

From: Christopher Bodnar 
To: NT System Admin Issues  
Sent: Wednesday, June 27, 2012 9:27 AM
Subject: Office 365 and AD synchronization

Getting ready to migrate a small office environment to office 365. Domain 
is 2008 R2, only 10 users. I'm reading through all the documentation and 
specifically looking at the requirement for a separate machine to host the 
Directory Synchronization tool. Anyone here do this yet with a small 
office? Just curious as to the load on the box. I'm going to create a VM 
for this but see that the minimum requirements are 4G RAM and 70G of disk 
space. That seems high to me for something like this in a very small 
environment. Curious to hear what others have seen after doing this in a 
similar environment. 

Also just starting to read about single sign-on. So using the AD Sync tool 
doesn't give you single-sign on? It just gets your users and groups up to 
Office 365? For what purpose, if the credentials are synched? That's what 
I don't understand yet, but I'm not done reading yet, so maybe that will 
come. So if you need AD FS for single sign-on, how was the process? 

Thanks, 

Christopher Bodnar 
Enterprise Achitect I, Corporate Office of Technology:Enterprise 
Architecture and Engineering Services 
Tel 610-807-6459 
3900 Burgess Place, Bethlehem, PA 18017 
christopher_bod...@glic.com 



The Guardian Life Insurance Company of America

www.guardianlife.com 


- This message, and any 
attachments to it, may contain information that is privileged, 
confidential, and exempt from disclosure under applicable law. If the 
reader of this message is not the intended recipient, you are notified 
that any use, dissemination, distribution, copying, or communication of 
this message is strictly prohibited. If you have received this message in 
error, please notify the sender immediately by return e-mail and delete 
the message and any attachments. Thank you. 
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin<><>

RE: Which Office 365 version - was Office 365 and AD synchronization

2012-06-27 Thread Mike Hoffman

If a client is used to an SBS solution then they will expect something other 
than public forum based support. We put clients on E-plans even for a single 
mailbox for just that reason. Also you cannot migrate from a P to an E, so if 
they think they might grow then they need an E plan.

E3 includes Microsoft Office Pro Plus - so if you already have Office 2010 then 
you do not need it. If you have Office 2003 then you do as you need the latest 
version for the full functionality. You can get away with 2007 for lots of 
features, but when 15 comes out then they will need to upgrade.

Mike

From: Don Kuhlman [mailto:drkuhl...@yahoo.com]
Sent: 27 June 2012 15:51
To: NT System Admin Issues
Subject: Which Office 365 version - was Office 365 and AD synchronization

Hi Chris, do you mind me asking what plan you're looking at?   I was thinking 
the same for a small business client, moving them from internally hosted SBS 
2008 to 365 Plan E1 ($8/month/per user).  I see the P1 or E3 plans too, but not 
sure if E3 is worth it for about 18 users.

Thanks

Don K


From: Christopher Bodnar 
mailto:christopher_bod...@glic.com>>
To: NT System Admin Issues 
mailto:ntsysadmin@lyris.sunbelt-software.com>>
Sent: Wednesday, June 27, 2012 9:27 AM
Subject: Office 365 and AD synchronization

Getting ready to migrate a small office environment to office 365. Domain is 
2008 R2, only 10 users. I'm reading through all the documentation and 
specifically looking at the requirement for a separate machine to host the 
Directory Synchronization tool. Anyone here do this yet with a small office? 
Just curious as to the load on the box. I'm going to create a VM for this but 
see that the minimum requirements are 4G RAM and 70G of disk space. That seems 
high to me for something like this in a very small environment. Curious to hear 
what others have seen after doing this in a similar environment.

Also just starting to read about single sign-on. So using the AD Sync tool 
doesn't give you single-sign on? It just gets your users and groups up to 
Office 365? For what purpose, if the credentials are synched? That's what I 
don't understand yet, but I'm not done reading yet, so maybe that will come. So 
if you need AD FS for single sign-on, how was the process?

Thanks,
Christopher Bodnar
Enterprise Achitect I, Corporate Office of Technology:Enterprise Architecture 
and Engineering Services

Tel 610-807-6459
3900 Burgess Place, Bethlehem, PA 18017
christopher_bod...@glic.com

[cid:image001.jpg@01CD5482.2A70A740]

The Guardian Life Insurance Company of America

www.guardianlife.com<http://www.guardianlife.com/>



- This message, and any attachments to 
it, may contain information that is privileged, confidential, and exempt from 
disclosure under applicable law. If the reader of this message is not the 
intended recipient, you are notified that any use, dissemination, distribution, 
copying, or communication of this message is strictly prohibited. If you have 
received this message in error, please notify the sender immediately by return 
e-mail and delete the message and any attachments. Thank you.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin<>

RE: Office 365 and AD synchronization

2012-06-27 Thread Mike Hoffman

You should not be looking at SSO for just 10 users with office 365 as you 
really need a 100% uptime connection (not 99.99%). We looked at this with small 
clients and putting in a separate server for the sync component is over the 
top. The build in sync tool is a complete solution build for big enterprises.

If you simply want 10 users to be able to do email and share logon passwords 
for both services (Local AD and O365) then SBS Essentials has a plugin which is 
a much simpler solution.

Mike

From: David Lum [mailto:david@nwea.org]
Sent: 27 June 2012 16:00
To: NT System Admin Issues
Subject: RE: Office 365 and AD synchronization

"So if you need AD FS for single sign-on, how was the process?"

This will be a poor technical explanation, but hopefully helpful:

We use SSO for our expense reporting, and how it works for us is we have an IIS 
server that handles the SSO function via certificate with us and our vendor. 
The cert sits on our IIS server and the corresponding cert sits in the "target" 
environment. The IIS server is in our "trusted sites" zone which allows the 
domain credentials to get passed to the IIS server. The target side trusts our 
IIS server (trust is misleading here because it's the cert that allows access 
not a domain trust, but I digress..).

The user experience is they go to our SSO website and they have a dropdown of 
what SSO site to connect to click connect and away they go, no prompting for 
credentials.

Dave

From: Christopher Bodnar 
[mailto:christopher_bod...@glic.com]<mailto:[mailto:christopher_bod...@glic.com]>
Sent: Wednesday, June 27, 2012 7:28 AM
To: NT System Admin Issues
Subject: Office 365 and AD synchronization

Getting ready to migrate a small office environment to office 365. Domain is 
2008 R2, only 10 users. I'm reading through all the documentation and 
specifically looking at the requirement for a separate machine to host the 
Directory Synchronization tool. Anyone here do this yet with a small office? 
Just curious as to the load on the box. I'm going to create a VM for this but 
see that the minimum requirements are 4G RAM and 70G of disk space. That seems 
high to me for something like this in a very small environment. Curious to hear 
what others have seen after doing this in a similar environment.

Also just starting to read about single sign-on. So using the AD Sync tool 
doesn't give you single-sign on? It just gets your users and groups up to 
Office 365? For what purpose, if the credentials are synched? That's what I 
don't understand yet, but I'm not done reading yet, so maybe that will come. So 
if you need AD FS for single sign-on, how was the process?

Thanks,
Christopher Bodnar
Enterprise Achitect I, Corporate Office of Technology:Enterprise Architecture 
and Engineering Services

Tel 610-807-6459
3900 Burgess Place, Bethlehem, PA 18017
christopher_bod...@glic.com

[cid:image001.jpg@01CD5481.62B6BD70]

The Guardian Life Insurance Company of America

www.guardianlife.com<http://www.guardianlife.com/>



- This message, and any attachments to 
it, may contain information that is privileged, confidential, and exempt from 
disclosure under applicable law. If the reader of this message is not the 
intended recipient, you are notified that any use, dissemination, distribution, 
copying, or communication of this message is strictly prohibited. If you have 
received this message in error, please notify the sender immediately by return 
e-mail and delete the message and any attachments. Thank you.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin<>

RE: Office 365 and AD synchronization

2012-06-27 Thread David Lum

"So if you need AD FS for single sign-on, how was the process?"

This will be a poor technical explanation, but hopefully helpful:

We use SSO for our expense reporting, and how it works for us is we have an IIS 
server that handles the SSO function via certificate with us and our vendor. 
The cert sits on our IIS server and the corresponding cert sits in the "target" 
environment. The IIS server is in our "trusted sites" zone which allows the 
domain credentials to get passed to the IIS server. The target side trusts our 
IIS server (trust is misleading here because it's the cert that allows access 
not a domain trust, but I digress..).

The user experience is they go to our SSO website and they have a dropdown of 
what SSO site to connect to click connect and away they go, no prompting for 
credentials.

Dave

From: Christopher Bodnar [mailto:christopher_bod...@glic.com]
Sent: Wednesday, June 27, 2012 7:28 AM
To: NT System Admin Issues
Subject: Office 365 and AD synchronization

Getting ready to migrate a small office environment to office 365. Domain is 
2008 R2, only 10 users. I'm reading through all the documentation and 
specifically looking at the requirement for a separate machine to host the 
Directory Synchronization tool. Anyone here do this yet with a small office? 
Just curious as to the load on the box. I'm going to create a VM for this but 
see that the minimum requirements are 4G RAM and 70G of disk space. That seems 
high to me for something like this in a very small environment. Curious to hear 
what others have seen after doing this in a similar environment.

Also just starting to read about single sign-on. So using the AD Sync tool 
doesn't give you single-sign on? It just gets your users and groups up to 
Office 365? For what purpose, if the credentials are synched? That's what I 
don't understand yet, but I'm not done reading yet, so maybe that will come. So 
if you need AD FS for single sign-on, how was the process?

Thanks,
Christopher Bodnar
Enterprise Achitect I, Corporate Office of Technology:Enterprise Architecture 
and Engineering Services

Tel 610-807-6459
3900 Burgess Place, Bethlehem, PA 18017
christopher_bod...@glic.com

[cid:image001.jpg@01CD5439.938EA2C0]

The Guardian Life Insurance Company of America

www.guardianlife.com<http://www.guardianlife.com/>



- This message, and any attachments to 
it, may contain information that is privileged, confidential, and exempt from 
disclosure under applicable law. If the reader of this message is not the 
intended recipient, you are notified that any use, dissemination, distribution, 
copying, or communication of this message is strictly prohibited. If you have 
received this message in error, please notify the sender immediately by return 
e-mail and delete the message and any attachments. Thank you.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin<>

Which Office 365 version - was Office 365 and AD synchronization

2012-06-27 Thread Don Kuhlman

Hi Chris, do you mind me asking what plan you're looking at? I was thinking the same for a small business client, moving them from internally hosted SBS 2008 to 365 Plan E1 ($8/month/per user). I see the P1 or E3 plans too, but not sure if E3 is worth it for about 18 users.ThanksDon KFrom: Christopher Bodnar To: NT System Admin Issues
Sent: Wednesday, June 27, 2012 9:27 AM Subject: Office 365 and AD synchronization
Getting ready to migrate a small office
environment to office 365. Domain is 2008 R2, only 10 users. I'm reading
through all the documentation and specifically looking at the requirement
for a separate machine to host the Directory Synchronization tool. Anyone
here do this yet with a small office? Just curious as to the load on the
box. I'm going to create a VM for this but see that the minimum requirements
are 4G RAM and 70G of disk space. That seems high to me for something like
this in a very small environment. Curious to hear what others have seen
after doing this in a similar environment.

Also just starting to read about single
sign-on. So using the AD Sync tool doesn't give you single-sign on? It
just gets your users and groups up to Office 365? For what purpose, if
the credentials are synched? That's what I don't understand yet, but I'm
not done reading yet, so maybe that will come. So if you need AD FS for
single sign-on, how was the process?

Thanks,

Christopher Bodnar
Enterprise Achitect I, Corporate Office of Technology:Enterprise Architecture
and Engineering Services

Tel 610-807-6459
3900 Burgess Place, Bethlehem, PA 18017
christopher_bod...@glic.com

The Guardian Life Insurance Company of America

www.guardianlife.com

-
This message, and any attachments to it, may contain information
that is privileged, confidential, and exempt from disclosure under
applicable law. If the reader of this message is not the intended
recipient, you are notified that any use, dissemination,
distribution, copying, or communication of this message is strictly
prohibited. If you have received this message in error, please
notify the sender immediately by return e-mail and delete the
message and any attachments. Thank you.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~

---
To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~

---
To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Office 365 and AD synchronization

2012-06-27 Thread Christopher Bodnar

Getting ready to migrate a small office environment to office 365. Domain 
is 2008 R2, only 10 users. I'm reading through all the documentation and 
specifically looking at the requirement for a separate machine to host the 
Directory Synchronization tool. Anyone here do this yet with a small 
office? Just curious as to the load on the box. I'm going to create a VM 
for this but see that the minimum requirements are 4G RAM and 70G of disk 
space. That seems high to me for something like this in a very small 
environment. Curious to hear what others have seen after doing this in a 
similar environment.

Also just starting to read about single sign-on. So using the AD Sync tool 
doesn't give you single-sign on? It just gets your users and groups up to 
Office 365? For what purpose, if the credentials are synched? That's what 
I don't understand yet, but I'm not done reading yet, so maybe that will 
come. So if you need AD FS for single sign-on, how was the process? 

Thanks,


Christopher Bodnar 
Enterprise Achitect I, Corporate Office of Technology:Enterprise 
Architecture and Engineering Services 
Tel 610-807-6459 
3900 Burgess Place, Bethlehem, PA 18017 
christopher_bod...@glic.com 




The Guardian Life Insurance Company of America

www.guardianlife.com 





-
This message, and any attachments to it, may contain information
that is privileged, confidential, and exempt from disclosure under
applicable law.  If the reader of this message is not the intended
recipient, you are notified that any use, dissemination,
distribution, copying, or communication of this message is strictly
prohibited.  If you have received this message in error, please
notify the sender immediately by return e-mail and delete the
message and any attachments.  Thank you.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin<>

Re: Office 365 and AD synchronization

RE: Office 365 and AD synchronization

RE: Office 365 and AD synchronization

Re: Office 365 and AD synchronization

RE: Office 365 and AD synchronization

Re: Which Office 365 version - was Office 365 and AD synchronization

RE: Office 365 and AD synchronization

RE: Office 365 and AD synchronization

Re: Office 365 and AD synchronization

RE: Office 365 and AD synchronization

Re: Which Office 365 version - was Office 365 and AD synchronization

RE: Which Office 365 version - was Office 365 and AD synchronization

RE: Office 365 and AD synchronization

RE: Office 365 and AD synchronization

Which Office 365 version - was Office 365 and AD synchronization

Office 365 and AD synchronization

16 matches

Site Navigation

Mail list logo

Footer information