Webinar: Securing Your SharePoint 2013 Extranet
Azure External Identities
Azure External Identities
Have a question?
Tuesday, February 25, 2014
2:00 - 3:00 PM EST
Emailing documents and tasks back and forth in a group is not an effective way to collaborate. Building team or project sites in SharePoint is an ideal way to achieve this. Sharing this externally as an Extranet to work with your partners, customers, vendors, volunteers, etc. is the topic of this presentation.
SharePoint Extranets can be built in either the on premise version of SharePoint, or in Office 365 / SharePoint Online. In both scenarios the first decision is where to keep the external users. Internal users should use their internal AD accounts. Options for the external users include
DMZ Active Directory
Microsoft Account (Live ID)
Partner's Active Directory
Social Identity (Facebook, LinkedIn, etc.)
Next up is how to setup and manage those users and questions around that:
Can external users self-register, or do they need to be invited?
Who approves them, and are there different approvers for different parts of the Extranet?
At a minimum the management and approval should be delegated to the internal business users, but should it also be delegated to the external organizations?
How do they manage their passwords? Do they expire, and can they reset forgotten ones?
Do they need two-factor authentication, and what are our options?
How are they licensed?
For Office 365, options for Extranets have been fairly limited. Microsoft's external sharing option allows for up to 10,000 external users to come into the Extranet using Microsoft accounts. For organizations looking to have greater control over the account creation and login experience, we can now also use ADFS or Thinktecture Identity Server with our Extranet User Manager product and Office 365 to give more choices on how external users come into your Extranet.
For SharePoint on premises, there are many more decisions:
Should we have a DMZ or just use a reverse proxy?
What are our proxy options now that Microsoft has discontinued Forefront UAG and TMG?
Can we leverage the new Web Application Proxy feature in Windows Server 2012 R2?
How do our internal users authenticate into my DMZ Extranet? One way trust, LDAP lookup, or ADFS?
What about my external users?
What are the implications on firewall ports?
Learn about all of the above and more for SharePoint 2013 on premise and in the cloud, and how to build a rich user experience for your staff and external partners in your Extranet.