Conferences & Events
Events for all Levels and InterestsStay
Jump Start Your Career GrowthStay
Get on the Higher Ed IT MapStay
Uncommon Thinking for the Common Good™Stay
Office 365 Provisioning and Federation Options
Hello IdM Community,
We are facing a couple of challenges here at the University of Colorado Denver | Anschutz Medical Campus that I anticipate some of you have worked to conclusion, and therefore would like to ask for your insights.
A bit of our environmental background is that we are an Oracle Identity Management (OIM) shop, focusing our energies on making that suite (OIM, OVD, OID, OIF, OAM) of products as productive as possible for us. We also rely heavily on Microsoft for messaging services, having a large majority of our constituency supported by Live@edu, and moving in the near future to Office 365, while also maintaining on premises exchange services for some portions of our constituency.
Now for the questions:
1) Given our environment, we believe that the simplest and most effective provisioning approach would be to use OIM to provision to O365 directly through either power shell or web-service calls. Have any of you accomplished this type of integration from OIM or another non Microsoft IAM product or system? If so, can you share some of your insights to getting that done in a way that is Microsoft supported? Theoretically this all sounds doable, but I am interested in the technical minutia of how to really make it work. (for the record, we are currently funneling this through AD and FIM)
2) Again, given our focus, we would prefer to implement federated authentication to O365, while not instantiating a huge Microsoft stack on our side. Have any of you done this using Shib or OIF to present a user directly to O365? What about proxying that connection through a local ADFS? Again, I think that these are theoretically possible, but am interested in hearing the challenges faced in getting this done.
My apologies if these topics have been covered (couldn’t find archival info, but could be the search strings used).
Thanks in advance for your assistance and insights.
Jeremiah Adams |Identity Management Architect