Date post: | 05-Apr-2018 |
Category: |
Documents |
Upload: | david-john |
View: | 219 times |
Download: | 0 times |
of 20
8/2/2019 Exchange 2010 Federation
1/20
8/2/2019 Exchange 2010 Federation
2/20
AGENDA
Introduction
Microsoft Federation Gateway
Federation Trusts
Organization Relationships
Sharing Policies
8/2/2019 Exchange 2010 Federation
3/20
INTRODUCTION
This presentation will walk us through as to howone can share the Calendar and contact
information with external recipients
8/2/2019 Exchange 2010 Federation
4/20
TRUSTS WITHOUT TRUSTS
The two companies had been collaborating more &more in recent months. There is a desire to sharethe following
Free/Busy Information
Contacts
Calendar
o There are rules in place that they cannot breaksuch as
No Trust relationships are to be made between thetwo organizations
No VPN connections between the two organizations canbe made.
8/2/2019 Exchange 2010 Federation
5/20
UNDERSTANDINGTHEFEDERATION
Federation involves creating a federation trust notwith other organizations but with the MicrosoftFederation Gateway.
Federation Gateway is an identity service in thecloud over the internet & beyond the corporatedomain
MS Federation Gateway becomes a Trust broker.
Once you are trusted by the Federation Gateway, you
can create Federated delegations with otherorganizations that are also federated.
8/2/2019 Exchange 2010 Federation
6/20
MICROSOFTFEDERATIONGATEWAY
8/2/2019 Exchange 2010 Federation
7/20
Pre- Requisites: Domain used should be resolved from the internet. e.g.
that organization should receives email through theinternet.
An X.509 certification issued by a third partyCertification Authority(one that is trusted by the MSFederation Gateway)
Federation Trust creation - EMC or EMS EMC New Federation Trust wizard can be used.
EMS New-FederationTrust. Once the trust is in place, add federated
domains(obviously you can only connect to othertrusted organizations)
CREATINGFEDERATIONTRUST
8/2/2019 Exchange 2010 Federation
8/20
CREATINGFEDERATIONTRUSTINEMS
In order to locate the certificate that we knew it is in server then usefollowing command:Get-ExchangeCertificate | where {$_.IsSelfSignedeq $false} |fl
8/2/2019 Exchange 2010 Federation
9/20
CREATINGFEDERATIONTRUSTINEMS
Once you received the thumbprint then run createfederation trust using following command:
New-FederationTrustName My Federarion Trust -Thumbprint 2376____ -verbose
8/2/2019 Exchange 2010 Federation
10/20
APPIDOFACCEPTEDDOMAIN
Logically we are federated with other organizationwhich are already connected with MS federatedgateway.
Microsoft is broker who authorize the organizationwhich is federated with MS Federation Gateway.This would provide the App ID.
8/2/2019 Exchange 2010 Federation
11/20
MANAGE FEDERATION
8/2/2019 Exchange 2010 Federation
12/20
MANAGE FEDERATION
8/2/2019 Exchange 2010 Federation
13/20
ORGANIZATIONRELATIONSHIPSVS. SHARING
POLICIES
Organization relationships allow you to enable federated delegationwith another federated organization for the purpose of sharingcalendar free/busy information between users in both organizations.Organization relationships are one-to-one relationships between twoorganizations. Both organizations are required to establish only onefederation trust with the Microsoft Federation Gateway and toconfigure their federated organization identifier prior to configuringthe organization relationship with each other.
When you create an organization relationship with an externalorganization, users in the external organization can access yourusers' free/busy information. No replication of GAL information isrequired. With this configuration in place, Outlook 2010 and
Office Outlook Web App users can simply enter the SMTP address ofan external recipient when scheduling meetings.
8/2/2019 Exchange 2010 Federation
14/20
CREATING ORGANIZATION RELATIONSHIP
8/2/2019 Exchange 2010 Federation
15/20
CREATING ORGANIZATION RELATIONSHIP
8/2/2019 Exchange 2010 Federation
16/20
CREATING ORGANIZATION RELATIONSHIP
8/2/2019 Exchange 2010 Federation
17/20
SHARING POLICY
Sharing Policy enable user-established, people-to-people
sharing of both calendar and contact information with differenttypes of external users. Sharing polices allow your users toshare both their free/busy and contact information (includingthe Calendar and Contacts folders) with recipients in otherexternal federated organizations.
In Sharing policy external recipients they want to collaboratewith. Using Outlook 2010 or Outlook Web App, users caninvite external recipients in other federated domains to accesstheir Calendar or Contacts folder and also request that theyshare theirs in return.
8/2/2019 Exchange 2010 Federation
18/20
DEFAULT SHARING POLICY
8/2/2019 Exchange 2010 Federation
19/20
NEW SHARING POLICY
8/2/2019 Exchange 2010 Federation
20/20
WHAT WELEARNEDIN THIS SESSION