Office 365 & Custom SAML Single Sign-On | AgileConnect

Active Directory Federation Services (ADFS) extends on-premise Enterprise Identity Management (Active Directory) Single Sign-On (SSO) with cloud-based service providers such as Office 365 and other SAML services using users existing Active Directory credentials.

AgileConnect is a fixed-price solution that delivers Single Sign-On (SSO) for other web platforms that support SAML 2.0 with no third party middleware by using your local Active Directory infrastructure built in to Windows Server 2008 R2 & 2012.

When considering ADFS, you need to be sure that the company you partner with is skilled and experienced in configuring ADFS. Our identity and security management experts have years of experience in configuring ADFS and SSO for Office 365 and other SAML providers such as Google Apps, SalesForce, and Cisco WebEx. And as a Microsoft Identity and Security Gold Competency Partner, Agile IT is proven as a best-in-class provider of ADFS and Identity Management.

Microsoft ADFS Federation with SAML

 


Office 365 ADFS SAML Federation

Why Implement an ADFS & SAML Federation using AgileConnect Fixed Price Deployment Solution?

The benefits of ADFS Single Sign-On with enterprise Active Directory infrastructure
From a user perspective, there is a clear benefit to using SSO: seamless access to Office 365 and other Cloud services that your company has subscribed to. Users don’t have to sign in to each one separately or remember multiple passwords.

Benefits of ADFS FederationFor the IT Administrator, there are numerous benefits:

  • Standards based — SAML is based on a standard, which ensures interoperability across identity providers and gives enterprises the freedom to choose a cloud providers without needing to worry about additional management.
  • Policy control: Through Active Directory, administrators can manage password policies, workstation restrictions, lock-out controls, and more, without having to perform additional tasks in the cloud.
  • Reduced support calls: Forgotten passwords are a common source of support calls in all companies. If users have fewer passwords to remember, they are less likely to forget them.
  • Enterprise Security: Based on strong digital signatures for authentication and integrity, SAML user identities and information are protected because all of the servers and services used in single sign-on are mastered and controlled on-premises.

For organizations subject to compliance or who require enhanced security, ADFS allows for the use of two-factor authentication (2FA) or smartcards with Office 365. With deep experience of ADFS Proxy and Microsoft’s Universal Access Gateway (UAG), Agile IT has all the experience and skills required to implement two-factor authentication or smartcards for Office 365 within your organization.

Experts in Enterprise Office 365 Hybrid/Rich Coexistence with OnPremises Exchange Server

Office 365 Hybrid Deployment is extremely useful both for very large migrations and where organizations wish to split their users permanently into a hybrid configuration, where some users are provisioned in the Office 365 service and some remain on premises. The basic idea behind the solution is that users shouldn’t need to know where their mailbox is located and instead should just be able to access mail, arrange meetings and see availability data for everyone, regardless of their location.

With years of experience in Exchange 2003, 2007, 2010 and 2013 and Office 365, Agile IT is the premier provider of Office 365 Hybrid Deployment Solutions.

Active Directory Federation ADFS SAML

Implement Office 365 Hybrid Deployment with our AgileConnect ADFS solution.  Additional ADFS SAML providers are as low as $1,000 in addition to our fixed price AgileConnect consulting services.

SAML is more than Office 365. Check out additional SAML providers supported by AgileConnect ADFS solution

AgileConnect is not just about Office 365 Federation.  Agile IT has helped dozens of enterprises wishing to take advantage of ADFS and Single Sign-On with other SAML providers, such as:

  • ADP Portal
  • SalesForce.com
  • Cisco Webex
  • Workday
  • Google Apps
  • Zendesk
  • Shibboleth
  • Box.com
  • IBM LotusLive
  • SugarCRM

  • Yammer
  • Marketo
  • Microsoft SharePoint
  • ServiceNow
  • NetSuite
  • Zoho
  • Concur
  • Zimbra
  • Zoho
  • OpenText

Interoperability gives SAML a huge advantage over proprietary SSO mechanisms, which require the Identity Provider (IdP) and Service Provider (SP) to both implement the same software. For an enterprise, proprietary SSO means each new connection potentially requires new and different software implementation.

With SAML, a single SAML implementation can support SSO connections with many different federation partners. Some large organizations, particularly those who have already gone through the pain of supporting multiple proprietary SSO implementations, are now mandating the use of SAML for Internet SSO with Software-as-a-Service (SaaS) applications and other external service providers.

Add additional cloud providers easily with ADFS with our AgileConnect SAML solution.  Additional ADFS SAML providers are as low as $1,000 in addition to our fixed price AgileConnect consulting services.

Cross-Organizational ADFS Federation Scenarios

One of the biggest challenges faced by an IT Department is when identities need to cross company boundaries, for example, if you need to allow customers or partners to access resources on your side.  For Administrators this creates a dilemma – they don’t want to be give administrative rights to people outside their organization, but do want to be able to use your current Active Directory environment to provide single sign on.

Active Directory Federation Services (ADFS) has a number of features that allow you to securely share digital identities across enterprise boundaries. Cross-Organizational ADFS Federation will even work with different service providers, for example Microsoft to SAML Federation.

Cross Organizational or Forest ADFS Federation

Implement Cross-Organizational ADFS with our AgileConnect SAML solution.  Additional ADFS SAML providers are as low as $1,000 in addition to our fixed price AgileConnect consulting services.

 AgileConnect Fixed Price ADFS Solution Packages

With easy fixed-pricing consulting solutions, years of experience and recognized best-in-class expertise, Agile IT is your best choice for guiding your enterprise to the ADFS & SAML cloud identity nirvana.

AgileConnect Fixed Price Office 365 ADFS Federation Solutions

Microsoft ADFS Directory Synchronization

Choose the AgileConnect solution that is right for you:

AgileConnect Bronze synchronizes your accounts to allow auto-provisioning of account details with Office 365 (without password synchronization). Agile IT’s expert staff will assist your IT team configure Identity Management with Office 365 on a Windows Server 2008 R2 or 2012 (64 bit) Virtual Machine, with all Windows Updates installed, as follows:

  • Perform an Active Directory Health check
  • Prepare the Active Directory environment
  • Install and configure Active Directory Federation Services
  • Test account synchronization

Note – AgileConnect Bronze requires separate password for cloud services when used from your Windows/Active Directory network.

AgileConnect Silver provides full Single Sign-On (SSO) capabilities with Office 365. Agile IT’s expert staff will configure SSO with Office 365, as follows:

  • Perform an Active Directory Health check
  • Prepare the Active Directory environment
  • Install and configure the ADFS and Synchronization server with the Microsoft Online Federation Gateway
  • Configure and Test Office 365 Single Sign-On with Active Directory

AgileConnect Silver requires that the customer supplies and installs OS and virtual machines for:

  • Windows Server 2008 R2 or 2012 (ADFS Server)
  • Windows Server 2008 R2 or 2012 (Synchronization Server)
  • Additional servers if required for High-Availability

Note – Disaster Recovery ADFS Site (with Replication) is also available as an additional service.

AgileConnect Gold provides full Account Synchronization and Single Sign-On (SSO) capabilities with Office 365 and on-premise Exchange 2010 or 2013. Agile IT’s expert staff will configure Hybrid ADFS with Office 365, as follows:

  • Perform an Active Directory Health check
  • Prepare the Active Directory environment
  • Install and configure on-premise Exchange Server 2010 or 2013 Hybrid Edition for integration with Office 365 (Mail flow, OWA redirection, message tracking, free-busy, journaling mailbox, retention policies)
  • Configure the ADFS and Synchronization server with the Microsoft Online Federation Gateway
  • Configure and Test Office 365 Sign-On with Active Directory

AgileConnect Gold requires that the customer supplies and installs OS and virtual machines for:

  • Up to 3 x Windows Server 2008 R2 or 2012 Standard Servers (for ADFS NLB Cluster). A single server used if NLB is not required.
  • Up to 3 x Windows Server 2008 R2 or 2012 Standard Servers (for ADFS Proxy NLB Cluster). A single server used if NLB is not required.
  • Windows Server 2008 R2 or 2012 server for Directory Synchronization
  • Windows Server 2008 R2 or 2012 server for Exchange Server 2010 or 2013 Hybrid Edition

Note – Disaster Recovery Site (with Replication) is also available as an additional service.

Learn how Agile IT can make your transition to the cloud seamless with our fixed price AgileAscend Office 365 Migration solution
AgileConnect ADFS SAML Federation (Non-Office 365) Solutions

SAML ADFS Relying Party Trust

Choose the AgileConnect solution that is right for you:

AgileConnect Silver provides full Single Sign-On (SSO) capabilities with your SAML service provider. Agile IT’s expert staff will configure SSO with your SAML provider, as follows:

  • Perform an Active Directory Health check
  • Prepare the Active Directory environment
  • Install and configure the ADFS and Synchronization server
  • Configure and Test SAML Single Sign-On with Active Directory

AgileConnect Silver requires that the customer supplies and installs OS and virtual machines for:

  • Windows Server 2008 R2 or 2012 (ADFS Server)
  • Windows Server 2008 R2 or 2012 (Synchronization Server)
  • Additional servers if required for High-Availability

Note – Disaster Recovery ADFS Site (with Replication) is also available as an additional service.

AgileConnect Gold provides full Single Sign-On (SSO)with your SAML provider, along with Clustering, Load-Balancing and High Availability capabilities as follows:

  • Perform an Active Directory Health check
  • Prepare the Active Directory environment
  • Install and configure Clustering, Load-Balancing and High Availability components and services
  • Test Clustering, Load-Balancing and High Availability
  • Test SAML Single Sign-On and synchronization with Active Directory

AgileConnect Gold requires that the customer supplies and installs OS and virtual machines for:

  • Up to 3 x Windows Server 2008 R2 or 2012 Standard Servers (for ADFS NLB Cluster). A single server used if NLB is not required.
  • Up to 3 x Windows Server 2008 R2 or 2012 Standard Servers (for ADFS Proxy NLB Cluster). A single server used if NLB is not required.
  • Windows Server 2008 R2 or 2012 server for Directory Synchronization

Note – Disaster Recovery Site (with Replication) is also available as an additional service.

Learn how Agile IT can make your Enterprise Identity Management seamless and introduce redundancy with our fixed price AgileConnect SAML services and consulting.

[/tab][/tabs]

[/bullets][/one_half_last]

[/toggle]

AgileConnect ADFS Multi-Site Disaster Recovery Option

In the event that your on-premise ADFS server fails or loses internet connectivity, SSO will be unavailable for the duration of the outage.  Users that are logged in to an SSO resource will remain logged in until they log out or the session expires.  To ensure continuity in the event of an ADFS failure, Agile IT recommends AgileConnect Disaster Recovery.

With AgileConnect Disaster Recovery, your ADFS server will be replicated in your off-site Disaster Recovery facility, or our secure Cloud Data Center, ensuring that users can continue to work and access services wherever they are located. For one low fixed-price, Agile IT will provision the standby DR facility and configure SQL replication with your ADFS primary site.  We then configure and test SSO at the DR facility to give you complete peace-of-mind.

 
Connect with the Identity Experts help you with your next step
We know moving to the cloud can provide a lot of choice. Call Agile IT today to find out how to make online migration of your data and processes the right fit for your company’s future.