Rules to Better Office 365
If you still need help, visit our Office 365 consulting page and book in a consultant.
Using Active Directory Federation Services (ADFS) lets you use one account to log into multiple systems, through Single Sign-On (SSO).
ADFS is built upon SAML 2.0 protocol (Security Assertion Markup Language), allowing secure exchange of authentication data.
With ADFS, you can use only one account (generally created on your on-premises Active Directory (AD) server) to log into multiple systems e.g. Dynamics 365 CRM, Office 365 and many others.
This implementation gives you security over which users are acessing which application with which accounts, and also reduces the surface for attacks on having many accounts with many different passwords:
- Figure: Good Example - Using one account on many systems
- ADFS also gives you a solution in other corner cases:
- 1. When you want to use Office 365 and not store your password on the cloud;
- 2. When you want the authentication to take place on-premises;
- 3. When you want to create a trust between SharePoint on-premises and Azure AD;
- 4. Amongst many others.
- Figure: Good Example - Using SSO to log into CRM with your on-premises account
If you have an on-premises Skype for Business (S4B) server, and you want to upgrade to Microsoft Teams, you need to setup S4B in Hybrid mode with your Office 365 tenant first.
Microsoft Teams is going to replace Skype and Skype for Business in the near future - which means an upgrade will be necessary soon.
1. To leverage the full features of Teams, you need to first setup Hybrid on your S4B on-premises server. This is no small task, and you can find the full instructions on how to do that here
2. After setting up a Hybrid environment, you will need to migrate all your users from S4B to Teams. This involves 2 steps (if you have an on-premises S4B):
a. Moving from S4B on-premises to S4B online (instructions);
b. Moving from S4B online to Teams. (instructions)