programming4us
           
 
 
Applications Server

Exchange Server 2010 : Federation Scenarios (part 3) - Federating with Online Services

- Free product key for windows 10
- Free Product Key for Microsoft office 365
- Malwarebytes Premium 3.7.1 Serial Keys (LifeTime) 2019
12/12/2010 9:14:42 AM

3. Federating with Online Services

Federation and federated delegation are also used in a cross-premises scenario where an organization hosts some mailboxes on-site and hosts others in the Exchange Online service. Federated delegation via the MFG provides for free/busy sharing, full calendar sharing, and mailbox moves between on-site Exchange servers and Exchange online. Single Sign-On (SSO) capability for mailboxes hosted in Exchange Online with your on-site Active Directory credentials is provided via the MFG by deploying AD FS version 2.0 on-site, in addition to the Microsoft Federation Gateway federation trust configured in Exchange Server 2010. The relationship between the various components of federation and Exchange Online is depicted in Figure 5.

Figure 5. Federation and Exchange Online

Another point to keep in mind is that the configuration of DNS for proof of ownership for federation is separate from that required when you create an accepted domain for your Exchange Online tenant organization. Even if you have proven ownership for that domain when configuring it as an accepted domain for Exchange Online, your DNS must still be updated with a TXT record for that domain for the purposes of federation.

Configuring an organization relationship with your Exchange Online tenant organization is similar to configuring one with any other external organization. When you create the organization relationship with the New-OrganizationRelationship cmdlet, the Exchange Online tenant domain that you specify must be configured in the federation organization identifier for the Exchange Online tenant organization. You must also configure an organization relationship in the Exchange Online tenant organization for your on-premise organization before federated delegation can be used between your on-premises organization and the Exchange Online tenant; this is the same requirement as for establishing federated delegation between your organization and any other external Exchange organization.

Inside Track: Federation Trust and the Federated Organization Identifier for Cross-Premises Scenarios

Matthias Leibmann

Program Manager, Microsoft, Redmond, WA

For federation with Exchange Online in cross-premises scenarios, we recommend that you utilize a sub-domain of "exchangedelegation.<your primary SMTP domain>" using the Set-FederatedOrganizationIdentifier cmdlet with the AccountNamespace parameter to avoid namespace conflicts with the Exchange Online tenant namespace. Then add <your primary SMTP domain> as an additional URI to the federated organization identifier using the Add-FederatedDomain cmdlet. You would set your account namespace as shown in this example:

Set-FederatedOrganizationIdentifier -AccountNamespace exchangedelegation.
fabrikam.com -DelegationFederationTrust "name_of_trust"

Then you configure your primary SMTP domain, as shown in this example:

Add-FederatedDomain -DomainName fabrikam.com

Keep in mind that both your primary SMTP domain and the sub-domain configured with the AccountNamespace parameter require a TXT record for proof of ownership.

As with configuring any other organization relationship, you can retrieve the necessary information from the tenant organization via AutoDiscover and use it to create the relationship with the Exchange Online tenant organization by piping the output of the Get-FederationInformation cmdlet to the New-OrganizationRelationship cmdlet as the following example shows:


Get-FederationInformation -DomainName <tenant domain> | New-OrganizationRelationship
-Name "Tenant Domain"
If the preceding command fails, Autodiscover may not be configured for the Exchange Online tenant organization. In that case, you can try configuring the organization relationship using the New-OrganizationRelationship cmdlet with the –TargetAutodiscoverEpr parameter. If this is not successful, and the causes for AutoDiscover not working are not possible to fix, as a last resort you may have to specify the –TargetSharingEpr and –TargetApplicationUri parameters manually to successfully create the organization relationship.

Creating the organization relationship in the Exchange Online tenant organization for your on-premises organization is similar to the above; again, the easiest approach is to obtain the information for the relationship with the Get-FederationInformation cmdlet and pipe it to the New OrganizationRelationship cmdlet as the following example shows:

Get-FederationInformation -DomainName <on-premises domain> | New
OrganizationRelationship -Name "OnPremisesDomain"
Other -----------------
- Active Directory Domain Services 2008: View Settings Defined in Password Settings Objects
- Active Directory Domain Services 2008: Delete Password Settings Objects
- Active Directory Domain Services 2008: Create Password Settings Objects
- Exchange Server 2010 : Fundamentals and Components of Federated Delegation (part 4)
- Exchange Server 2010 : Fundamentals and Components of Federated Delegation (part 3) - Organization Relationships
- Exchange Server 2010 : Fundamentals and Components of Federated Delegation (part 2)
- Exchange Server 2010 : Fundamentals and Components of Federated Delegation (part 1)
- Introduction to Federated Delegation in Exchange Server 2010
- BizTalk Server 2009 : Service-oriented endpoint patterns (part 2)
- BizTalk Server 2009 : Service-oriented endpoint patterns (part 1)
- Exchange Server 2010 : Office Communication Server 2007 R2 Integration (part 3) - Deploying Instant Messaging for OWA
- Exchange Server 2010 : Office Communication Server 2007 R2 Integration (part 2) - Deploying UM and OCS 2007 R2 Integration
- Exchange Server 2010 : Office Communication Server 2007 R2 Integration (part 1) - Integrating OCS 2007 R2 in Exchange 2010 Architecture
- Exchange Server 2010 : Managing Unified Messaging (part 1) - Testing Unified Messaging Functionality
- Exchange Server 2010 : Managing Unified Messaging (part 1)
- Exchange Server 2010 : International Considerations of Unified Messaging
- BizTalk Server 2009 : Service-oriented schema patterns (part 6) - Exploiting generic schemas
- BizTalk Server 2009 : Service-oriented schema patterns (part 5) - Node feature mapping for service clients
- BizTalk Server 2009 : Service-oriented schema patterns (part 4) - Node data type conversion for service clients
- BizTalk Server 2009 : Service-oriented schema patterns (part 3) - Building and applying reusable schema components
 
 
 
Top 10
 
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
- First look: Apple Watch

- 3 Tips for Maintaining Your Cell Phone Battery (part 1)

- 3 Tips for Maintaining Your Cell Phone Battery (part 2)
programming4us programming4us