View
445
Download
1
Category
Preview:
DESCRIPTION
TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern by Toni Pohl
Citation preview
Wie Sie Office 365 mit Windows Azure steuern
Toni Pohl, MVP Client Development
Über mich
Toni PohlCTO
atwork Vienna/Austriawww.atwork.at
@atworktp@atwork.at
Ziel dieser Session
Agenda
EinsatzgebieteVoraussetzungenAuthentifizierung und IdentitiesUser Provisionierung DemoOffice 365 Demo
Einsatzgebiete, Delegation, Automation
Voraussetzungen
• Office 365 TenantEröffnen Sie einen freien 1-Monat Test:http://office.microsoft.com/ • Windows Azure
90-Tage freier Test:http://www.windowsazure.com/de-de/pricing/free-trial/ • Visual Studio 2013• Ein paar Bibliotheken…
Authentifizierung und Identities
Authentifizierung als berechtigter Benutzer/App für das jeweilige Service
Authentifizierung als berechtigter Benutzer in unserem Web Portal
Was darf der Benutzer in unserer App?
Authentifizierunggegen WAAD/Office 365
Federated Authentication
App
STSAuthorit
y
Resource
1. Request Token mitApp-ID + Secret oder
Username + Password 2. Get Token
3. Use Token
Live DemoASP.NET Web Projekt mit Office 365 Authentifizierung
ADAL for .net
• Active Directory Authentication Library (ADAL) v1 for .NET – General Availability! (Vittorio Bertocci)http://www.cloudidentity.com/blog/2013/09/12/active-directory-authentication-library-adal-v1-for-net-general-availability/ • Windows Azure Authentication Library (AAL) for Windows Store: a Deep
Dive (Vittorio Bertocci)http://www.cloudidentity.com/blog/2013/04/22/windows-azure-authentication-library-aal-for-windows-store-a-deep-dive/ • ADAL 1.0 and Windows Store Apps
(Alex Simons) – coming soonhttp://social.msdn.microsoft.com/Forums/en-US/faf520ce-1653-4eac-b398-c4bfcbc5c7fe/adal-10-and-windows-store-apps
11
Office 365Services verwenden
Wie auf Office 365 zugreifen?
• WAAD -> Graph API, PowerShell• SPO -> CSOM, REST, PowerShell• Exchange Online -> Managed API, PowerShell• Lync Online -> SDK, PowerShell
13
Live DemoFernsteuerung von Office 365
Integrating Applications in Windows Azure Active Directory
15
Access Level Type Description
Single Sign-On
Default permission. The app is enabled for single sign-on with Azure AD, and the user token will contain claims such as the user’s User Principal Name, First and Last Name and unique identifiers.
Single Sign-On, Read Directory Data
Single sign-on plus the ability to read directory data using the Graph API. This allows querying of company, user and group information.
Single Sign-On, Read and Write Directory Data
Single sign-on plus the ability to read and write directory data using the Graph API. This allows querying and writing of company, user, and group information, but does not allow deleting users or groups.
http://msdn.microsoft.com/en-us/library/windowsazure/b08d91fa-6a64-4deb-92f4-f5857add9ed8.aspx#BKMK_AccessLevels
Was kann in Windows Azure verwendet werden?Access method Azure Website
$Azure Cloud Service
$$$
WAAD
Exchange EWS
Exchange PowerShell
SharePoint CSOM
SharePoint REST
SharePoint PowerShell
Lync SDK
Lync PowerShell
16
Zusammenfassung
• Verwenden Sie Federated Authorization (OAuth2)• Verwenden Sie GraphAPI für WAAD Manipulationen• Verwenden Sie Office 365 Services
• Entwicklen Sie tolle Lösungen mit Office 365!
Call 2 Action
• Laden Sie diese Präsentation und den Beispielcode:http://blog.atwork.at
• Interessiert an einer fertigen Office 365 Produktlösung?http://delegate365.com
18
DANKE! & VIEL SPASS BEIM GET TOGETHER!
19
Toni Pohl@atwork
Downloads:blog.atwork.at
Graph API Links• Windows Azure Graph API
http://code.msdn.microsoft.com/Graph-API-Authenticate-and-53c6cb92/view/SourceCode
• GraphAPI Explorerhttps://graphexplorer.cloudapp.net/
• MVC Sample App for Windows Azure Active Directory Graphhttp://code.msdn.microsoft.com/windowsazure/Write-Sample-App-for-79e55502
• Adding Sign-On to Your Web Application Using Windows Azure ADhttp://msdn.microsoft.com/en-us/library/windowsazure/dn151790.aspx
• Group & Role Claims: Use the Graph API …http://www.cloudidentity.com/blog/2013/01/22/group-amp-role-claims-use-the-graph-api-to-get-back-isinrole-and-authorize-in-windows-azure-ad-apps/
20
SharePoint Links
• SharePoint Online Management Shell (PS) http://www.microsoft.com/en-us/download/details.aspx?id=30359• OAuth and remote apps for SharePoint
http://msdn.microsoft.com/en-us/library/office/apps/fp179932.aspx• Office365ClaimsConnector
http://www.codeproject.com/Articles/637378/How-to-Create-a-Windows-8-App-for-SharePoint-Part • OAuth authentication and authorization flow for apps that ask for access
permissions on the fly in SharePoint 2013 http://msdn.microsoft.com/en-us/library/office/apps/jj687470.aspx • Helper for:
http://json2csharp.com/
21
Exchange Links
• Microsoft Exchange Web Services Managed API 2.0 http://www.microsoft.com/en-us/download/details.aspx?id=35371• Getting started with the EWS Managed API
http://msdn.microsoft.com/en-us/library/dd633626(v=exchg.80).aspx • Connect to Exchange Online Using Remote PowerShell
http://technet.microsoft.com/en-us/library/jj984289(v=exchg.150).aspx
22
Lync Links
• Lync 2013 SDK (only for WPF)http://www.microsoft.com/en-us/download/details.aspx?id=36824• Windows PowerShell Module for Lync Online
http://www.microsoft.com/en-us/download/details.aspx?id=39366• Lync PowerShell
http://blogs.office.com/b/office365tech/archive/2013/08/19/remote-powershell-for-lync-online.aspx • Using Windows PowerShell to Manage Lync Online
http://technet.microsoft.com/en-us/library/dn362831.aspx 23
Recommended