Microsoft CEO Satya Nadella says: “The core products of this company are Windows, Office 365, and Azure. From a business model, those are the three big things we are very focused on. We ask how our effort is accruing to those things.”
Small, medium and large businesses have all started either migrating or are considering moving to Office 365, this is due to Microsoft investing heavily in Office 365 and also showing the benefits of migration from traditional on-premises Exchange and Sharepoint to cloud-based Office 365.
At Centrify, we are immediately seeing the benefits of this, as the majority of our discussions with our customers revolve around Office 365 initiatives. If you want to federate and provision to Office 365, you can do so using ADFS and AAD Sync, etc. — but it might take several days before making any headway. This is where customers are looking to Centrify for a solution. With Centrify Identity Service, federating Office 365 domains is even easier than it was before. You can provide single sign-on for Office 365 to your users without needing to install anything extra. In addition, Centrify for Office 365 + provisioning can now synchronize and provision users from your directory.
Since we announced support for federating and provisioning Office 365, we continue to focus on greatly enhancing the solution. Here is a quick summary of capabilities we have added in the last few months:
Granular Licensing for Office 365
When using Centrify for provisioning accounts in Office 365, we can now do fine-grain licensing of the components within a license. For example, if you are using Microsoft’s E1 Plan, you can now choose which applications you wish to include a license for through provisioning.
License Summary for Office 365
The Centrify for Office 365 app has been updated with new provisioning settings that can display current license availability and usage in a central location, and without having to login separately to the Office 365 admin portal.
Fine-Grain Access Control for Rich Clients
We have added a sample policy for blocking external access to Office 365 rich clients, e.g. Outlook, ActiveSync, Lync, etc. This is IP-based blocking. We also provide another script showing how to block by time constraints (business hours, etc.)
When using Centrify for provisioning accounts in Office 365, the Office 365 admin can update a user’s attributes in AD, the Cloud or in the target application. This can lead to some confusion for the app administrator if the attributes get out of alignment. With the force sync option, we wipe all of the attributes in the target application and overwrite them with the attributes that we pass.
Office 365 + LDAP
We have added support for LDAP as an identity source into Centrify Identity Platform. With that, we now have support for three directories (AD, LDAP and Centrify Cloud Directory). This truly flexes the possibility of hybrid identity support. With this support, we now enable provisioning of users from LDAP directory into O365.
VPN-less SSO to On-premises Sharepoint
Saving the best for the last— in the process of migration to Office 365, some organizations choose to maintain a hybrid environment with some critical components kept on-premises. For example, some organizations choose to keep their SharePoint server on-premises because they are concerned about the cost and security implications of migrating sensitive data into the cloud. For such migrations, Centrify Identity Service solution makes it easy by offering On-Premises App Gateway capability. App Gateway provides 1-click remote SSO to applications hosted behind the corporate firewall —without the complexity of setting up a VPN. With this solution, end-users get secure one-click access to SharePoint whether onsite or remote, and IT doesn’t have to hassle with VPN clients, concentrators, or configuration.
The list doesn’t stop here, we have more coming up in the future … so stay tuned.
To learn more about about the solution and how we can help, please visit: