HYBRIDS: ON PREMISES & CLOUD
JAMES TRAMEL
tramel_jamesjamestrameljames.tramel
AGENDAReasons and History
Definitions
Flavors / Nuances
Demo/Tour/How to
Break?
Hybrid Apps
Demo
WHAT IS SHAREPOINT HYBRID
GEO AND HYBRID
WHY DOES HYBRID MATTER
User Reasons Search for content in both SharePoint Server 2013 and SharePoint Online at once Interact with on-premises business data from SharePoint Online Access corporate SAP systems from SharePoint Online Seamlessly access files and data in both SharePoint Server 2013 and SharePoint Online
Technical Reasons Standalone Application Farms (HR) – Connect to them A place for your apps / solutions (think event receivers) and your upgrade lifecycle
Dev Ops (Not ALM / CI – think middleware and hybrids) Regional storage legal requirements One code base for on-prem and hybrid!
WHAT’S NEW AND WHAT’S NOT New: SP1 (365 in on-prem!) Project Sienna (universal apps), Ibiza Ondrive BYO…X Power BI Azure apps ?
Not New: Hybrids: SharePoint 2010 had it: Full Trust Proxies, External Content Types, Custom
Workflow Activities Skydrive SPN / Cross Forest Trust / PCNS Excel
WHAT YOU DON’T GET
(you build)
IAAS VS PAAS VS SAAS
Page 8
HYBRID TYPES
One-way outbound: An outbound authentication topology lets the on-premises SharePoint Server 2013 farm make authenticated connections to SharePoint Online.
One-way inbound: An inbound authentication topology lets SharePoint Online make authenticated connections to the on-premises SharePoint Server 2013 farm.
Two-way: A two-way authentication topology lets SharePoint Online make authenticated connections to the on-premises SharePoint Server 2013 farm and lets the on-premises SharePoint Server 2013 farm make authenticated connections to SharePoint Online
HOW TO DO IT - GENERAL
HYBRID - SPECIFIC
ACS – ACCESS CONTROL SERVICES / S2S / STS
SHAREPOINT FARM ON AZURE – ON PREM, IAAS1. Register a DNS Server in Windows Azure
2. Define a Virtual Network in Windows Azure
3. Configure Windows Server Active Directory in a Windows Azure VM
4. Configure SQL Server 2012 in a Windows Azure VM
5. Configure SharePoint Server 2013 in a Windows Azure VM aa
DEMO – HYBRID SET UP
Powershell
Manual
DEMO – ONE DRIVE AND MY SITES One Drive Client
One Drive / My site redirections
ONE DRIVE AND HYBRID
HIGH TRUST VS LOW TRUST
High-trust apps High-trust apps run on stand-alone servers on your intranet and use a signing certificate to digitally sign the access tokens that the app generates. Typically server to server.
Low-Trust apps Low trust apps can run anywhere and run on an Oauth code flow to delegate limited rights to apps to act as users. SharePoint and client application must trust and communicate with an authentication provider such as azure active directory.
Page 17
TYPES OF APPS AND AUTH
Auto-hosted Auto hosted apps run as a web role in Windows Azure and use the Windows Azure Access Control Service (ACS) to obtain the access token.
Provider-hosted Provider-hosted apps run on their own servers on the Internet or your intranet, are registered with Windows Azure, and use ACS to obtain the access token*.
SharePoint-hosted SharePoint hosted apps run in an appweb, can have client side code but not server side code. Developer must use certificates or create their own trust
Page 18
IDENTITY
Page 19
TOKENS
TokenHelper (VS2012) -Checks tokenvs Context Token – (VS2013)-Switches ACS and S2S for you!
JSON Web Token
HYBRID APP
AUTH ON THE FLY
HYBRID APP
REFERENCES - @MICROSOFT
Page 24
http://technet.microsoft.com/en-us/library/dn607321(v=office.15).aspx
http://technet.microsoft.com/en-us/library/cc263199(v=office.14)
http://www.microsoft.com/en-us/download/details.aspx?id=36995
http://msdn.microsoft.com/en-us/library/ff798433.aspx
http://blogs.technet.com/b/devops/archive/2014/05/22/devops-session-highlights-from-teched-2014.aspx
http://www.sharepointnutsandbolts.com/2014/04/using-azure-instance-behind-your-office-365-tenant.html
http://www.sharepointnutsandbolts.com/2014/02/office-365-sharepoint-hybrid-what-you-do-and-do-not-get.html
http://technet.microsoft.com/en-us/library/dn607308(v=office.15).aspx
http://blogs.technet.com/b/tothesharepoint/archive/2013/04/16/get-your-head-in-the-cloud-hybrid-for-sharepoint-2013-office.aspx
http://technet.microsoft.com/en-us/library/dn607315(v=office.15).aspx
http://technet.microsoft.com/en-us/library/dn197169(v=office.15).aspx
http://technet.microsoft.com/en-us/library/dn197168(v=office.15).aspx
http://msdn.microsoft.com/en-us/library/gg185957.aspx
REFERENCES http://blogs.technet.com/b/devops/archive/2014/05/22/devops-session-highlights-from-teched-2014.aspx
http://blogs.technet.com/b/keithmayer/archive/2013/01/07/step-by-step-build-a-free-sharepoint-2013-lab-in-the-cloud-with-windows-azure-31-days-of-servers-in-the-cloud-part-7-of-31.aspx
http://www.microsoft.com/en-us/download/details.aspx?id=38428
http://technet.microsoft.com/en-us/library/dn197169(v=office.15).aspx
http://msdn.microsoft.com/en-us/library/office/dn155905(v=office.15).aspx
http://technet.microsoft.com/en-us/library/dn627526(v=office.15).aspx
http://blogs.technet.com/b/wbaer/archive/2014/03/24/one-way-outbound-hybrid-search-step-by-step-and-onedrive-for-business.aspx
http://bramdejager.wordpress.com/2014/05/08/developing-hybrid-sharepoint-apps-that-run-on-premise-and-in-the-cloud-espc-2014/
http://blogs.msdn.com/b/officeapps/archive/2013/11/07/announcing-the-new-sharepointcontext-helper-in-apps-for-sharepoint-2013.aspx
http://blogs.msdn.com/b/kaevans/archive/2013/04/05/inside-sharepoint-2013-oauth-context-tokens.aspx
http://openid.net/specs/draft-jones-json-web-token-07.html
http://msdn.microsoft.com/en-us/library/office/dn155905(v=office.15).aspx
http://msdn.microsoft.com/en-us/library/office/jj687470(v=office.15).aspx
http://bramdejager.wordpress.com/2014/05/08/developing-hybrid-sharepoint-apps-that-run-on-premise-and-in-the-cloud-espc-2014/
http://msdn.microsoft.com/en-us/library/office/dn155905(v=office.15).aspx