tips for building school wi-fi network in a simple … · g suite, office 365 with adfs steps for...

All for One, One for All

Light and Life

Tips for Building School Wi-Fi Network in a Simple and Easy Way

Single Sign-On (SSO)

10th December, 2016 (Saturday) |

Mr. Louis LUI, Assistant Principal, Munsang College

Agenda

1. What is SSO and Why SSO benefit to schools

2. Different Protocols in SSO

3. Demonstration in SSO with OAuth with google, MS,

moodle

4. Demonstration: HKEdCity's SSO

5. Discussion


Light and Life

Current Authentication

G Suite Office 365


Light and Life

Authenticate to multiple systems with

Many username and Many password 🔒 G Suite

Office 365

🔒

🔒

🔒

🔒

🔒

🔒

🔒

🔒

Current Authentication


Light and Life

Single Sign On –One Credential

Authenticate to multiple systems with

one username and one password 🔒 G Suite

Office 365

🔒

🔒

🔒

🔒

🔒

🔒

🔒

🔒All for One, One for All

Light and Life

Protocols for SSO

OAuth

OpenID

SAML

SCIM

XACML

and so on …


Light and Life

ADFS XAMPPNTLM

SharePoint PHPG Suite Office 365


Light and Life

G Suite, Office 365 with ADFS

auto sign on

once user signed on to their computer

in on-premises network (domain) with

their Active Directory account, G Suite

and Office 365 will be signed on

automatically.

https://outlook.office365.com/



Password for Internet

Username and Password will be

required if user sign on from Internet


sign on


Sign On tomultiple at once

Once you signed on into ADFS, all

other services will also be signed on

https://outlook.office365.com/https://outlook.office365.com/



Combines two independent

credentials, the password and the PIN

from your mobile phone

Multi-factor Authentication


ADFS Active

Directory

User

🌐🌐WAP / Proxy


What you needs

• Active Directory

• ADFS

• WAP

• Static public IP

• Third-party SSL certificate

• G Suite account

• Google Directory Sync

• Office 365 account

• Azure account

• Azure Active Directory Connect


Steps for G Suite

1. Make sure you have Active Directory, G Suite account and third-party

SSL certificate

2. Install Google Directory Sync

3. Set up and make sure accounts can be synchronized to G Suite

4. Install ADFS

5. Import SSL certificate to ADFS

6. Add trusted relying party

7. Enable SSO in G Suite

8. Upload Token-signing certificate to G Suite

9. Done


Steps for Office 365

1. Make sure you have Active Directory, Office 365 account, Azure

account and third-party SSL certificate

2. Install Azure Active Directory Connect

3. Set it up and make sure accounts can be synchronized to Azure AD

4. Install ADFS

5. Import SSL certificate to ADFS

6. Enable Federation Trust with Office 365

7. Done


what next?

Deploy licenses

Deploy services

Setup browser

SharePoint with NTLM

auto sign on

Can be used in on-premises network

with their Active Directory account




No more setup

Integrated with SharePoint, and all

user account will be created in

SharePoint automatically🎊


Active

Directory

DatabaseUser SharePoint


What you needs

Active Directory

SharePoint

1. Sign in to SharePoint Central

Administration

2. Enable Integrated Windows

authentication for your Zone

Steps

PHP

auto sign on

once user signed on to their computer

in on-premises network with their

Active Directory account, G Suite and

Office 365 will be signed on

automatically.


PHP

SSO with PHP


Light and Life

SSO with ADFS


Light and Life

SSO with SharePoint


Light and Life

SSO with HKEdcity


Light and Life

SSO with eClass


Light and Life

Add user accounts in Active Directory


Light and Life

Accounts in Active Directory


Light and Life

tips for building school wi-fi network in a simple … · g suite, office 365 with adfs steps for...

Documents