Archive

Posts Tagged ‘active directory’

Synergy 2015 – A condensed recap of everything you need to know – via @gkuruvilla, #Citrix, #CitrixSynergy

This is a great summary recap that George Kuruvill has done of Citrix Synergy 2015! Great work and enjoy this blog post!

For those of you who were not able to attend Citrix Synergy this year & dont have the time to sit through the key note recordings, I decided to put together a condensed version of some of the key announcements. So here goes!

Citrix Workspace Cloud

  • Citrix hosted control plane that enables customers to deliver a comprehensive mobile workspace to end users.
  • Gives customers the flexibility to host workloads on premises, in public or private clouds.
  • Control plane also provides end to end monitoring of user connections.
  • Evergreen infrastructure since Citrix maintains all core infrastructure components.
  • Workspace Cloud Connector installed on premises on a Win 2k12 server that establishes SSL communication between control plane and customer environment. Used to talk to infrastructure components like Active Directory and hypervisors hosting workload

I wrote a blog on CWC and the value proposition a month back that you can find here.

SYN 217 –  Workspace Cloud – Technical Overview [Video]

 

Citrix Lifecycle Management

  • Comprehensive cloud based service that can be used to design, deploy and manage both Citrix and other enterprise applications.
  • Based on the ScaleXtreme technology.
  • Lifecycle Management enables customers/partners to deploy infrastructure not only on premises but also public/private clouds (resource locations)
  • Customers/Partners have the ability to create blueprints to automate infrastructure deployments end to end. Examples of blueprints include a XD deployment for instance where you could not only install all the XD infrastructure but also automate the installation of all supporting infrastructure like Active Directory, SQL etc.
  • Vendors have the ability to create blueprints as well that can then be consumed by customers and partners alike.
  • Customers/Partners also have the ability to incorporate scripts (new/existing) into the deployment.
  • Once a blueprint is developed, its added to a library. Any resource within the library can then be deployed to a resource location (on premises, public/private cloud)
  • Another key benefit of the Lifecycle Management technology is the ability to automate application upgrades.

XenApp/XenDesktop

  • Xenapp 6.5 maintenance extended till end of 2017, EOL extended till 06/2018. Details here
  • New Feature Pack for XA 6.5 (enhance storage performance, Lync support enhancements, UPM enhancements, Director “Help Desk” troubleshooting”, Storefront 3.0, Receiver.next)
  • XenApp/XenDesktop 7.6 FP2  (End of Q2)
    • New Receiver X1
    • Lync 2013 on Mac
    • Touch ID Support
    • HDX with Framehawk
    • Native Receiver for Linux
    • Linux Apps and Desktops (Redhat and SUSE support)
    • Desktop Player for Mac 2.0 (June)
    • Desktop Player for Windows (Tech Preview)

SYN 233 – Whats new in XenApp and XenDesktop [Video]

SYN 319 – Tech Update for XenApp and XenDesktop  [Video]

Read more…

#Microsoft Desktop Hosting Reference Architecture Guides

October 28, 2013 Leave a comment

Wow, these are some compelling guides that Microsoft delivered!! Have a look at them! But of course there’s always something more U want! Let Service Providers provide DaaS services based on client OS’s as well!!!

Microsoft has released two papers related to Desktop Hosting. The first is called: “Desktop Hosting Reference Architecture Guide” and the second is called: “Windows Azure Desktop Hosting Reference Architecture Guide“. Both documents provide a blueprint for creating secure, scalable, multi-tenant desktop hosting solutions using Windows Server 2012 and System Center 2012 SP1 Virtual Machine Manager or using Windows Azure Infrastructure Services.

The documents are targeted to hosting providers which deliver desktop hosting via the Microsoft Service Provider Licensing Agreement (SPLA). Desktop hosting in this case is based on Windows Server with the Windows Desktop Experience feature enabled, and not Microsoft’s client Operating Systems like Windows 7 or Windows 8.

For some reason, Microsoft still doesn’t want service providers to provide Desktops as a Service (DaaS) running on top of a Microsoft Client OS, as outlined in the “Decoding Microsoft’s VDI Licensing Arcanum” paper which virtualization.info covered in September this year.

The Desktop Hosting Reference Architecture Guide provides the following sections:

  • Desktop Hosting Service Logical Architecture
  • Service Layer
    • Tenant Environment
    • Provider Management and Perimeter Environments
  • Virtualization Layer
    • Hyper-V and Virtual Machine Manager
    • Scale-Out File Server
  • Physical Layer
    • Servers
    • Network
  • Tenant On-Premises Components
    • Clients
    • Active Directory Domain Services

clip_image001

The Windows Azure Desktop Hosting Reference Architecture covers the following topics:

Connect #Office365 to #AD for Free, with #Okta

This is kind of cool! Check it out!

Connect Office365 to AD for Free, with Okta

  • Simple Set Up and Configuration – Enabling AD integration is a simple, wizard driven process. With the click of a button from the Okta administrative console you can download the Okta Active Directory agent and install it on any Windows Server that has access to your Domain Controller.
  • Intelligent User Synchronization – Once the agent is installed and the initial user import takes place Okta intelligently processes the results.
  • Robust Delegated Authentication – Okta’s AD integration also allows you to delegate the authentication into Okta, to your on-premises AD Domain.
  • Integrated Desktop Single Sign-On – Okta leverages Microsoft’s Integrated Windows Authentication to seamlessly authenticate users to Okta that are already authenticated with their Windows domain.

ACTIVE DIRECTORY OVERVIEW

How-To Series: Active Directory Overview

#Windows #Azure Active Directory steps out of the shadows

I’ve blogged about this release before with some info but here is another good article about how it can assist you in managing user authentication in the cloud.

Microsoft recently announced the general availability of Windows Azure Active Directory, a cloud-based service that lets admins manage multiple user identities and access. Although it’s been lurking in the background of other Microsoft products for some time — and still requires work to make it a fully useful tool — it’s a step in the right direction.

At its core, Windows Azure Active Directory is essentially a copy of Active Directory held in the cloud that provides basic authorization and authentication when users access cloud services. Ideally, admins use it to centralize the database of authorized users for cloud services, which then lets them authorize employees and contractors to work in certain applications. This allowance includes both Microsoft and third-party applications that accept authentication through common industry standards.

Through synchronization with an on-premises Active Directory deployment, you can also deploy single sign-on, so users don’t have to remember multiple passwords or enter them more than once to access cloud applications. More importantly, it provides a better way to remove access to cloud services for users who have left the company — a previous weak link in the cloud identity management story.

Windows Azure Active Directory: Not exactly new

True to Microsoft’s history of dogfooding its own products, Windows Azure Active Directory had been in use for nearly a year before its current general release. Few actually knew that all Office 365 accounts have been using a preview release of Windows Azure Active Directory for some time. Users of the general Windows Azure service, Dynamics CRM andWindows Intune also have their details stored in private Windows Azure Active Directory accounts.

According to Microsoft, since just after the beginning of the 2013 calendar year, “Windows Azure AD has processed over 65 billion authentication requests while maintaining 99.97% or better monthly availability.” Windows Azure Active Directory is a distributed service running across 14 of Microsoft’s data centers all over the globe.

User interface improvements

One improvement that happened between the preview release of Windows Azure Active Directory and the Web version release is the user interface, which was basically nonexistent before. Now you can access a clean section of the modern-looking Windows Azure control panel to create and manage instances of Windows Azure Active Directory (Figure 1).

Create and manage instances of Windows Azure Active Directory

You can add these instances to your Windows Azure subscription by logging into your Microsoft account, which…

Continue reading here!

//Richard

Windows Azure Active Directory (AD) has reached General Availability!

April 9, 2013 1 comment

This is cool! And I think that it’s a great step in the right direction for many companies! 🙂

Windows Azure Active Directory

Windows Azure Active Directory (Windows Azure AD) is a modern, REST-based service that provides identity management and access control capabilities for your cloud applications. Now you have one identity service across Windows Azure, Microsoft Office 365, Dynamics CRM Online, Windows Intune and other 3rd party cloud services. Windows Azure Active Directory provides a cloud-based identity provider that easily integrates with your on-premises AD deployments and full support of third party identity providers.

Use Windows Azure AD to:

Integrate with your on-premises active directory

Quickly extend your existing on-premises Active Directory to apply policy and control and authenticate users with their existing corporate credentials to Windows Azure and other cloud services.

Offer access control for you applications

Easily manage access to your applications based on centralized policy and rules. Ensure consistent and appropriate access to your organizations applications is maintained to meet critical internal security and compliance needs. Windows Azure AD Access Control provides developers centralized authentication and authorization for applications in Windows Azure using either consumer identity providers or your on-premises Windows Server Active Directory

Build social connections across the enterprise

Windows Azure AD Graph is an innovative social enterprise graph providing an easy RESTful interface for accessing objects such as Users, Groups, and Roles with an explorer view for easily discovering information and relationships.

Provide single sign-on across your cloud applications

Provide your users with a seamless, single sign-on experience across Microsoft Online Services, third party cloud services and applications built on Windows Azure with popular web identity providers like Microsoft Account, Google, Yahoo!, and Facebook.

Read more about the service here!

Pricing

Access Control

Access Control is available at no charge. Historically, we have charged for Access Control based on the number of transactions. We are now making it a free benefit of using Windows Azure.

Directory

The base directory, Tenant, User & Group Management, Single Sign On, Graph API, Cloud application provisioning, Directory Synchronization and Directory Federation, is available at no charge. Certain additional capabilities such as Azure AD Rights Management will be available as a separately priced option.

Read more about pricing here!

//Richard

%d bloggers like this: