What is ADFS?
Active Directory Federation Services. Duh. But what is it and how does it work with the Cloud? From its inception, it is a component of Windows Server 2008 R2. It shares digital identity information (attributes of any business-crucial data within even the smallest company) and entitlement rights (can be name, key, identity, privilege, group) very securely across technological boundaries. What does that mean in regards to Office 365 and the Cloud? It means that when you bring the Cloud to co-exist with an on-premise solution, on which most companies use Active Directory, you can now sleep at night knowing the hierarchical structure of digital permissions within your organization is standing strong within the cloud as well.
Now let’s take a step back, you may be asking what does “digital identity information” and “digital permissions” mean. Basically companies have different tiers of information that their employees are permitted to see. Some lower level employees may only have access to certain documents, while the President of that company needs to have access to everything. Active Directory allows you to set these “digital permissions” so to protect the integrity of a company’s data. ADFS just lets you integrate these permissions with the cloud.
Within Office 365, the real benefit of ADFS is called SINGLE SIGN-ON (SSO). A by-product of transferring the Active Directory permission’s structure to the cloud is that users don’t need to authorize themselves every time they log into a new Web application. Again, this is called Single Sign-on and is the term to explain the benefits of syncing an organization’s current domain network with the Microsoft Cloud. So the customer supports the servers on their end (physical or virtual) that when they make changes too will immediately sync up with the Microsoft Cloud. Thus, ADFS is primarily used to create a single identity for end-users within a hybrid environment of Office 365 and an on-premise environment.
It’s important to note that using ADFS with Office 365 is a highly sought-after environment. Users do not have to bother with remembering multiple sets of passwords or re-logging on every time they venture into their Sharepoint portal or onto Lync Online. This is also a huge benefit for those companies that already have an on-premise environment but are moving to Office 365 as the end-users within the organization do not have to create different accounts for themselves within 365. It is the next generation data center (the cloud) coexisting (INTEGRATING) with those antiquated on-premise servers (who even HAS THOSE anymore!)
With Lync Online (the instant-messaging component of Office 365), the same principle applies but in a slightly more specific context. As aforementioned, ADFS capitalizes on its ability to securely connect between two different and separate domain networks. What does that mean? Well it allows someone running on Lync within the confines of their corporate offices to reach out to individuals outside of their organization who may be using Google Chat, Yahoo Chat, or some other IM client.
That is a 30,000-foot view of what Active Directory Federation Services is in relation to the Microsoft Cloud. Just remember that the features of ADFS differ depending upon whether or not you’re looking at the Cloud or solely an on-premise solution. A reminder for all you customers, if ADFS comes into your conversation about Office 365, then you’re talking about a hybrid environment. Another note to remember for those customers, prepare to be wowed.
