42 min read

Windows Azure Pack Authentication Part 3 – Using a Third Party IdP

In the previous installments of this series we looked at how Windows Azure Pack authenticates users and how it’s configured out of the box for federation. This time around we’re going to look at how you can configure federation with a third party IdP. Microsoft designed Windows Azure Pack the right way. It supports federation…

20 min read

Windows Azure Pack Authentication Part 2

Last time we looked at how Windows Azure Pack authenticates users in the Admin Portal. In this post we are going to look at how authentication works in the Tenant Portal. Authentication in the Tenant Portal works exactly the same way authentication in the Admin Portal works. Detailed and informative explanation, right? Actually, with any luck…

16 min read

Windows Azure Pack Authentication Part 1

Recently Microsoft released their on-premise Private Cloud offering called Windows Azure Pack for Windows Server. Windows Azure Pack for Windows Server is a collection of Windows Azure technologies, available to Microsoft customers at no additional cost for installation into your data center. It runs on top of Windows Server 2012 R2 and System Center 2012…

5 min read

Whitepaper: Active Directory from on-premises to the cloud

A new whitepaper was released last Friday (Jan 11/2013) that discusses all the various options for dealing with identity in cloud, on-premise, and hybrid environments: Active Directory from on-premises to the cloud. It takes a look at how Windows Azure Active Directory is making a play for cloud identity, as well as how it works…

17 min read

Windows Azure Active Directory Federation In Depth (Part 2)

In my last post I talked a little bit about the provisioning and federation processes for Office 365 and Windows Azure Active Directory (WAAD). This time around I want to talk a little bit about how the various pieces fit together when federating an on premise Active Directory environment with WAAD and Office 365. You…

11 min read

Strongly Typed Claims

Sometimes it’s a pain in the neck working with Claims. A lot of times you need to look for particular claim and that usually means looping through the claims collection and parsing the value to a particular type. This little dance is the trade-off for having such a simple interface to a potentially arbitrary collection…

13 min read

The Importance of Elevating Privilege

The biggest detractor to Single Sign On is the same thing that makes it so appealing – you only need to prove your identity once. This scares the hell out of some people because if you can compromise a users session in one application it’s possible to affect other applications. Congratulations: checking your Facebook profile…

5 min read

SAML Protocol Extension CTP for Windows Identity Foundation

Earlier this morning the Geneva (WIF/ADFS) Product Team announced a CTP for supporting the SAML protocol within WIF.  WIF has supported SAML tokens since it’s inception, however it hasn’t supported the SAML protocol until now.  According to the team: This WIF extension allows .NET developers to easily create claims-based SP-Lite compliant Service Provider applications that…

1 min read

Windows Azure Access Control Services v2 RTW

So how do you know when Windows Azure Access Control Services has upgraded to V2?  You get federation metadata… Or you follow the Windows Azure App Fabric team blog! I have been waiting MONTHS for this release, begging and pleading with Microsoft to get more information on when the big day would come.  Needless to…

11 min read

Windows Domain Authentication on Windows Phone 7

One of the projects that’s been kicking around in the back of my head is how to make Windows Phone 7 applications able to authenticate against a Windows domain.  This is a must have for enterprise developers if they want to use the new platform. There were a couple ways I could do this, but…