10/6: I want to get some hands-on practice with Active Directory Federation for Office 365. To get started, here is an overview of the Office 365 plans:
- Small Business ($5/month): hosted email.
- Small Business Premium ($12.50/month): all the desktop programs + hosted email.
- ProPlus ($12/month): all the desktop programs; used with on-premise email.
- Midsize Business ($15/month): same as SBP, but with a 300 user cap instead of 25; AD Federation.
- Exchange Online Plan 1 ($4/month): hosted email; AD Federation.
- Enterprise 1 ($8/month): hosted email + a bit more; AD Federation.
- Enterprise 3 ($20/month): EVERYTHING – hosted email, desktop programs, etc.
(link to difference between ProPlus and Small Business Premium)
Office 365 is not for terminal servers (you need a VLK instead).
Of course, you have to be able to endure the terrible aesthetics of Office 365.
10/11: Signed into a 30 day free trial of Office 365 for midsize businesses. Associated my domain name of trimideas.com. Spent about 50 minutes watching a TechEd video about ways to authenticate to O365: use their built-in onmicrosoft.com domain, manually build out accounts, use a directory sync tool, or use ADFS. I was going to use onramp.office365.com, but it seems to be an all or nothing approach - since I didn’t have my MX records pointing to it, it wasn’t interested in talking.
Signed up for an $11/year certificate from GeoTrust through NameCheap.com. Followed outstanding instructions at MessageOps to configure ADFS.
For small businesses, there’s very little value in ADFS w/ Office 365 since ADFS offers precisely two benefits: your own AD server remains the single point of authentication (so employee access can be swiftly terminated) and SSO (with a few caveats). You use the directory sync tool to populate your user accounts (and, optionally, password hashes) into the Azure Cloud. On workstations, the Windows 7 Credential Manager can cache your login and nearly eliminate any pain surrounding a lack of SSO from the end-user’s view. Thus ended my interest in ADFS.
Tried out the Office 365 app for iPhone. It seems decent and unremarkable. Also looked at Windows Azure – you can get a 30 day trial with $200 to spend on their services in that time. They offer virtual machines, websites, databases, etc.
Installing the Windows Azure Active Directory Sync Setup tool on a Server 2012 member server was difficult. Eventually resolved it by deleting the “SQL Server” directory in both “Program Files” directories. Bizzare, huh? After that, it worked fine.
Watched a good video about troubleshooting Windows 8.
