Skip Ribbon Commands
Skip to main content
Skip Navigation LinksHome What's New B2B Blog BlogPost

  • Identity Management Options with Office 365 for Education
    30 August 2012
    5:47 PM

    Category:Cloud Services
    Post By:AvePointSA

    fingerprint-mdques_small.pngNow that Office 365 is readily available for education, many institutions will begin the process of preparing the move from Live@Edu to Office 365. After numerous conversations with several different education institutions, one of the most common concerns we heard about moving from Live@edu to Office 365 is "what about identity management?" Organizations want to know what federation is and where ILM/FIM fit into the new picture. In part three of this blog series, we break those identity questions out and answer each one individually.

    What are my login options in Office 365?

    Office 365 allows for three different user login (or identity) options. From simplest to most complex, the options are Separate Sign-On, Same Sign-on, and Single Sign-on

      1. Separate Sign-On: In the case of separate sign-on, end users have a completely separate identity in the cloud. This option has not changed from Live@edu. A separate user ID and password is provisioned and maintained for each user. There is no synchronization between the cloud and on-premise systems. Identities must be managed in two locations using different tools. End-users must keep up with an additional cloud ID.

      2. Same Sign-On: This is another carry over from Live@edu, with some significant changes. This functionality was provided through ILM or FIM in the Live@edu world. ILM/FIM have been replaced by a free product called DirSync in Office 365. DirSync will synchronize users from your on-premise AD, but does NOT support password synchronization. Users will need to maintain and/or manually sync passwords. If password synchronization is required, you may add federation to your identity solution (see option 3) or purchase a 3rd party product.

      3. Single Sign-On: Also referred to as Active Directory Federation or Federation because it is achieved by deploying Active Directory Federation Services and federating on-premise Active Directory with Office 365. Deploying ADFS provides users with a single sign-on experience using their on-premise user ID/password to access Office 365 (email, Lync, and SharePoint). 

    Where does ILM/FIM fit with Office 365?

    As of today, ILM/FIM cannot be used to synchronize your on-premise Active Directory domain(s) with Office 365. Only DirSync can be used. If you require Single Sign-on or Same Sign-on, we recommend that you build out ADFS (federation) and Dirsync prior to your move to Office 365. You would then move to the new identity solution as part of the cut-over.

Skip Navigation LinksHome What's New B2B Blog BlogPost