sharepoint 2013 on-premises and yammer deployment guidance
Post on 04-Jan-2017
239 Views
Preview:
TRANSCRIPT
SharePoint 2013 on-premises and Yammer deployment guidance
Thomas MolbachArchitectEnterprise Social GP, Microsoft
OFC-B342
+
Session Objectives And TakeawaysSession ObjectivesUnderstand the steps involved in Yammer and on-premises SP2013 integrationGet an introduction to setting up single sign-on and dirsyncSee different ways of integrating Yammer in the SharePoint user experienceSearch integration
TakeawaysBest practices SSO and dirsync integrationArchitecture slides you can use with your customers
Yammer or SharePoint Social? On-premises or Cloud?
SharePoint on-premises and Yammer• Service Pack 1 & Yammer embed for SharePoint • Committed to another SP on-premises release• Continued hybrid improvements
SharePoint Social• Social capabilities will be maintained• Don’t plan on adding new features
Office 365 and Yammer
Go Yammer!• Immediate
adoption • Rapid innovation• Connect everyone
• Home of innovations for Enterprise Social
ScenariosSSO and DirSyncUX Integration Search Integration
Agenda
Social Integration Scenarios
Single sign-onDirectory synchronization User interface integration
Steps to integrate SharePoint and Yammer
Social Integration ScenariosExisting SP 2013 on-premises:
no Yammer networka single active Yammer Networkmultiple active Yammer Networksusing SharePoint Socialplus Office365 + Yammer
All scenarios are included in a TechNet article (soon to be published)
Existing SP 2013 on-premises, no Yammer network
AssumptionsSharePoint 2013 with SP1Not using SP2013 social featuresActive Directory with ADFS
TasksEstablish Yammer licensesCreate a Yammer networkConfigure single sign-on (SSO)Configure directory syncDisable SP2013 social featuresEnable Yammer as user experience in SPConfigure Yammer embed
SP2013 on-premises and a single active Yammer NetworkAssumptionsSharePoint 2013 with SP1No usage of SharePoint social or communitiesActive Directory with ADFSOne single Yammer Network with active users
TasksConfigure single sign-on Configure directory sync Disable SharePoint 2013 Social featuresEnable Yammer as social experience in SPConfigure Yammer Embed
SP2013 on-premises and multiple active Yammer Networks
AssumptionsSharePoint 2013 with SP1Not using SP2013 social featuresMultiple Yammer Networks
TasksMerge the multiple Yammer Networks Always start with SSOPrepare communications for usersImplement Yammer dir sync, initially in suspended mode, enabling adds and updates laterDisable SharePoint 2013 Social featuresConfigure Yammer Embed
+
SP2013 on-premises and using SP SocialAssumptionsSharePoint 2013 Using on-premises social features (Newsfeeds, Communities etc) Decided to switch to use Yammer
TasksInstall service pack 1 for SharePoint 2013Configure single sign-onImplement Yammer DSyncDiscuss migration approach with community site collection ownersEither keep or Yammer (preferred)Disable SP2013 on-premises social featuresConfigure Yammer Embed
SP2013 on-premises + Office365 + Yammer Assumptions
SharePoint 2013 with SP1(No usage of SharePoint social)
Active Directory and ADFSOne Yammer Network
TasksConfigure single sign-on Configure Yammer Directory Sync Disable SharePoint 2013 Social featuresEnable Yammer as the default social experience in SharePoint Configure Yammer Embed
Yammer SSODirectory sync
Big Picture – O365, Yammer, and SSO
SSO Service
Provider
YammerUsers
On-Premise Environment
ADFS STS
Yammer Directory
Sync
Active Directory
SSO
SSO Service
Provider
YammerUsers
Azure Active Directory
IdentityMapping
On-Premise Environment
ADFS STS
Yammer Directory
Sync
O365 Directory
Sync
Active Directory
SSO
SSO
Yammer UsersAlways belong to a home (canonical) networkSometimes users are members of an external networkGuests get direct access to other home networksExist in a limited number of states during lifetime After 90
days
Suspended
ActiveDeleted
Pending
Yammer Standalone Single Sign-On (SSO)Independent from O365 and Azure AD.The original SSO solution since before Microsoft acquired Yammer.Still needed in many customer environments, even when O365 with SSO in place.
Supports SAML 1.1 and SAML 2.0 Identity Providers.Email address, not UPN, is the unique identifier.Works with on-premises ADFS.Works with Azure AD as Identity Provider.Yammer Directory Sync does NOT work with Azure AD, only with on premise AD.http://blogs.technet.com/b/speschka/archive/2014/01/08/using-azure-active-directory-for-single-sign-on-with-yammer.aspx
Not self-service: requires Yammer Customer Support
Yammer Standalone Single Sign-On (SSO)Deployment
Provide identity provider metadata
Yammer Customer Support activates SSO
Yammer Directory SyncEntirely separate app from O365 Directory Sync.Syncs users, but does not sync security groups.Intended to easily onboard maximum number of users in a companyNot a moderation tool – it will not prevent users from accessing Yammer!
Adds and Invitations
Custom invite and welcome emails
Yammer Directory SyncCore Functions
Suspensions
Suspend users when they are disabled or deleted in AD
Profile Updates
Prepopulate user profile fields
Overwrite upon update to AD
Installs on a single server.No database required.AD and LDAP expertise required to configure custom filters (queries).First sync sends all data, subsequent syncs are incremental, only for newly added or changed users.
Yammer Directory SyncDeployment
Install Directory Sync
Connect to Yammer
Connect to AD
Validate user queries
Enable syncs
Keep these simple.Filters are automatically added for objectCategory and objectClass.Difficult to exclude users - avoid filters with custom attributes, Distribution Groups, and Security Groups
Yammer Directory SyncLDAP Queries
// A good startmail=*@contoso.com
// Multiple domains, merged network(&(mail=*@contoso.com)(mail=*@contoso.co.uk))
// Redundant query(&(objectCategory=person)(objectClass=user)(mail=*))
// Not what you expect! Don’t do this!(&(mail=*@contoso.com)(customAttribute=true))
Create a query for each OU with a GUID identifier.Specify an LDAP filter.Provide a naming context for each OU.Set ShowDeleted to false.
Yammer Directory SyncMultiple OUs
"Queries": [ { "Id": "a92b0946-5ea9-42c3-9541-736863f39d29", "Filter": "mail=*@consoso.com", "OverrideRootNamingContext": "OU=France,DC=contoso,DC=com", "ShowDeleted": false }, { "Id": "6bb94cbb-f9bb-46ab-a78b-58eae0f23836", "Filter": "mail=*@contoso.com", "OverrideRootNamingContext": "OU=Germany,DC=contoso,DC=com", "ShowDeleted": false }, { "Id": "33bf59b3-ecfe-41cb-899f-7d85e1eb0dee", "Filter": "", "OverrideRootNamingContext": "<WKGUID=xxxxxxx,DC=contoso,DC=com>", "ShowDeleted": true }]
ou=legal,DC=contoso,DC=com
Moving user out of monitored OU does NOT remove user from Yammer; user is no longer monitored at all.In this example, User still has access to Yammer.
Yammer Directory SyncCommon Mistakes
ou=sales,DC=contoso,DC=com
Monitored by Directory Sync
Not Monitored by Directory Sync
Changing value of monitored attributes does NOT remove user from Yammer; user is no longer monitored at all.If custom attribute yammerUser set to false, user still has access to Yammer.Same problem with Distribution Groups and Security Groups.
Yammer Directory SyncCommon Mistakes
(&(mail=*@contoso.com)(yammerUser=true))
Monitored by Directory Sync
Yammer front end integration
New in SharePoint 2013 – service pack 1SharePoint SP1 brings new integration optionsNew applet to manage O365 integrationCentrally manage the integration of YammerOnce activated:
“Newsfeed” in the top nav bar is replaced with “Yammer”“All Company” newsfeed is removed from My Site hostWhen you click on it you will need to log into Yammer (o365 user mapping does not apply)It does not add the Yammer app to your farmIt does not do anything to team site feeds
Yammer Integration OptionsYammer SharePoint AppSimpleLimited functionalityNo UX customizations
Yammer EmbedConfigurable JavaScriptLimited UX customizations
Yammer Open Graph REST APIFull programmatic flexibilityOffers full UX customizations
Open Graph API OverviewWhat is Yammer’s Open Graph API?Open Graph is a light weight protocol that facilitates integrating data from different social apps into what we call the social graph.Yammer's Open Graph API allows developers to write activity from their app into Yammer.
Yammer’s Open Graph API AllowsRich metadata around an object identified by a URL.Discussion mirroring between an application and Yammer through comment feeds.Aggregation of all conversations around an object in Yammer.
Examples of Uses for Yammer’s Open Graph APIIn a customer relationship management (CRM) app, a sales rep updates an opportunity’s probability of closing to a lower number.In a scheduling app, an employee creates a lunch meeting.
Open Graph Activities
Format<Actor> <Action> <Object> on <App Name>: <Message>
Follow objects in Yammer
Search across Yammer & app
Publish to Yammer activity stream
Post, Like & Share
{ "activity":{ "actor":{ "name":"John Doe", "email":"john@seyammer.com" }, "action":"contosomedia:publish", "object": { "url":"https://media.contoso.com/34242", "title":“People enjoying lunch" }, “message":“New image from Getty”, users":[ {"name":"Jane Doe", "email":"jane@seyammer.com"} ] }}
Demo
Yammer integration in SharePoint
Yammer EmbedAddPostRenderCallback(ctx, function(){ SP.SOD.executeFunc("yammerembed.js", null, function() { yam.connect.embedFeed({ container: '#embedded-feed', network: 'microsoft.com', feedType: 'open-graph', objectProperties: {
url: newPath, title: newTitle, description: newDescription + " This document has these sections: " +
sectionNames},config: { header: false }
}); yam.connect.actionButton({
container: "#embedded-like",…
yam.connect.actionButton({container: "#embedded-follow",…
Yammer Open Graph REST APIfunction doSearch() {yam.getLoginStatus( function(response) { if (response.authResponse) { yam.platform.request({ url: "https://api.yammer.com/api/v1/search.json", //REST endpoints method: "GET", data: { //data object literal to specify parameters "search": response.user.full_name,
"page":"1", "num_per_page": "3"
}, success: displayItems, error: fail }); } else { console.log("Can't do search, user is not logged in"); } });}
Embedded group feed. Group created automatically for the team site as part of the team site provisioning.
SharePoint team site with Yammer integration
User profile and latest notifications
Team site with Yammer example
Latest user network activities
User profile and latest notifications
Communities and groups
User’s network
Personal messages feed directly in the front page of the Intranet or specific group feeds in the other sites
Create page specific discussions using OpenGraph option for specific URL
Portal with Yammer example
Search Integration
Search Demo
Current Search IntegrationExample of REST API Search Integration
Breakout SessionsOFC-B223 The Microsoft Roadmap for Enterprise Social – Tuesday @17:00 (8.0–D3)OFC-B219 Introducing Delve and the Office Graph – Wednesday @8:30 (8.0–D1)OFC-B342 Microsoft SharePoint Server 2013 on Premises and Yammer Deployment Guidance – Wednesday @15:15 (8.0–D3)OFC-B349 Yammer Identity and User Management – Thursday @17:00 (8.0-E7)
ResourcesEnterprise Social Resource Center http://enterprisesocial.com Office 365 Customer Success Center http://success.office.com Technical Resources http://aka.ms/yamtn Office 365 Public Roadmap http://office.microsoft.com/roadmap
Enterprise Social Related content
Find Me Later At Work Together booth & Ask the Experts!
Additional ResourcesSPC14 recording - Yammer SSO and Directory Synchttp://channel9.msdn.com/Events/SharePoint-Conference/2014/SPC368
Official docs – Yammer SSO and Directory Synchttps://about.yammer.com/success/activate/integrations/
Yammer site examples – blog postinghttp://blogs.msdn.com/b/vesku/archive/2014/03/30/getting-started-on-building-social-intranets-with-sharepoint-and-yammer.aspxhttps://github.com/OfficeDev/PnP
#worklikeanetwork
Sign up and get started with Yammer www.yammer.com1
Enterprise Social Resource Center http://enterprisesocial.com 2
Check out the Success Center http://success.office.com 3
Next Steps
Questions?
Technical NetworkJoin the conversation!
Share tips and best practices
with other Office 365 expertshttp://aka.ms/o365technetwork
ResourcesLearning
Microsoft Certification & Training Resourceswww.microsoft.com/learning
Developer Network
http://developer.microsoft.com
TechNetResources for IT Professionals
http://microsoft.com/technet
Sessions on Demandhttp://channel9.msdn.com/Events/TechEd
Additional ResourcesSPC14 recording - Yammer SSO and Directory Synchttp://channel9.msdn.com/Events/SharePoint-Conference/2014/SPC368
Official docs – Yammer SSO and Directory Synchttps://about.yammer.com/success/activate/integrations/
Yammer site examples – blog postinghttp://blogs.msdn.com/b/vesku/archive/2014/03/30/getting-started-on-building-social-intranets-with-sharepoint-and-yammer.aspxhttps://github.com/OfficeDev/PnP
Questions?
Managing Office 365 Identities and Services
5
Office 365Deploying Office 365 Services
Classroomtraining
Exams
+
Introduction to Office 365
Managing Office 365 Identities and Requirements
FLC
40041
Onlinetraining
Managing Office 365 Identities and ServicesOffice 365 Fundamentals
http://bit.ly/O365-Cert
http://bit.ly/O365-MVA
http://bit.ly/O365-Training
Get certified for 1/2 the price at TechEd Europe 2014!http://bit.ly/TechEd-CertDeal
MOC
20346 Designing for Office
365 Infrastructure
MOC
10968
3
EXAM
346EXAM
347
MVA MVA
Please Complete An Evaluation FormYour input is important!TechEd Schedule Builder CommNet station or PC
TechEd Mobile appPhone or Tablet
QR code
Evaluate this session
© 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
top related