This page contains some background information on the post that describes how to use Google as a identity provider for Microsoft Azure (Office 365).
The overall technical direction was pieced together using three sources and the practical experience gained from Roger Nixon at Wheatley Park School
https://github.com/IAmFrench/GSuite-as-identity-Provider-IdP-for-Office-365-or-Azure-Active-Directory
https://stackoverflow.com/questions/52945970/google-apps-the-idp-via-saml-for-office-365
https://support.google.com/a/answer/7365072?hl=en#o365grpprovap
The basic system of federation has no dependency on local devices or server infrastructure. You can work though the example using a trial Office365 tenacy and an associated G Suite account. You will need a spare DNS domain that you can assign to both platforms.
The Windows device logon will require a instance of Windows 10 running version 1809. Nothing earlier than this will work.
https://docs.microsoft.com/en-us/windows/whats-new/whats-new-windows-10-version-1809
You will also need InTune licences assigned to users in the Office 365 tenancy. Again you can get a 30 day trial of InTune once Office 365 is up and running.
The Windows 10 device must be Azure Domain joined and enrolled into InTune. The post doesn't cover this process but I do give an introduction to inTune management in other posts.
This may seem like a lot of prerequisites but considering Windows 7 support will expire date next year and moving to Windows 10 is an unavoidable task, this type of deployment is the model for the future.
It's also a future which is pretty much upon us.
The overall technical direction was pieced together using three sources and the practical experience gained from Roger Nixon at Wheatley Park School
https://github.com/IAmFrench/GSuite-as-identity-Provider-IdP-for-Office-365-or-Azure-Active-Directory
https://stackoverflow.com/questions/52945970/google-apps-the-idp-via-saml-for-office-365
https://support.google.com/a/answer/7365072?hl=en#o365grpprovap
The basic system of federation has no dependency on local devices or server infrastructure. You can work though the example using a trial Office365 tenacy and an associated G Suite account. You will need a spare DNS domain that you can assign to both platforms.
The Windows device logon will require a instance of Windows 10 running version 1809. Nothing earlier than this will work.
https://docs.microsoft.com/en-us/windows/whats-new/whats-new-windows-10-version-1809
You will also need InTune licences assigned to users in the Office 365 tenancy. Again you can get a 30 day trial of InTune once Office 365 is up and running.
The Windows 10 device must be Azure Domain joined and enrolled into InTune. The post doesn't cover this process but I do give an introduction to inTune management in other posts.
This may seem like a lot of prerequisites but considering Windows 7 support will expire date next year and moving to Windows 10 is an unavoidable task, this type of deployment is the model for the future.
It's also a future which is pretty much upon us.
No comments:
Post a Comment