Hybrid Solution BCS Search Duet for Enterprises Read/write access to external data from lineof-business (LOB) systems Security trimmed Search results from both Sharepoint Online & On premise Extend the reach of.
Download ReportTranscript Hybrid Solution BCS Search Duet for Enterprises Read/write access to external data from lineof-business (LOB) systems Security trimmed Search results from both Sharepoint Online & On premise Extend the reach of.
Hybrid Solution BCS Search Duet for Enterprises Read/write access to external data from lineof-business (LOB) systems Security trimmed Search results from both Sharepoint Online & On premise Extend the reach of your SAP data into the Microsoft cloud BCS Search Duet for Enterprises Read/write access to external data from lineof-business (LOB) systems, Web services, databases Security trimmed Search results from both Sharepoint Online & On premises Extend the reach of your SAP data into the Microsoft cloud Customer network Microsoft data center Internet Microsoft Office 365 tenant Intranet SharePoint Server 2013 Farm Outbound SharePoint Online Local search results only SharePoint Site collection SharePoint Online cannot query SharePoint Server Inbound Primary web app Hybrid search results SharePoint Server can query SharePoint Online On-premises SharePoint Server 2013 Enterprise Search portal: Local and remote search results are available SharePoint Online search portal: Local search results are available Customer network Microsoft data center Internet Microsoft Office 365 tenant Perimeter network Intranet SharePoint Server 2013 Farm Outbound SharePoint SharePoint Online Hybrid search results Site collection SharePoint Online can query SharePoint Server Inbound Reverse proxy Primary web app Local search results only SharePoint Server cannot query SharePoint Online On-premises SharePoint Server 2013 Enterprise Search portal: Local search results are available SharePoint Online search portal: Local and remote search results are available Customer network Microsoft data center Internet Microsoft Office 365 tenant Perimeter network Intranet SharePoint Server 2013 Farm Outbound SharePoint SharePoint Online Hybrid search results Site collection SharePoint Online can query SharePoint Server Inbound Reverse proxy Primary web app Hybrid search results SharePoint Server can query SharePoint Online On-premises SharePoint Server 2013 Enterprise Search portal and SharePoint Online search portal: Local and remote search results are available. Results from Cloud Results from SharePoint On-Premise User Profile Service App Query Processing Component ? Authenticated User Index Component Index Component Index Component ? On Premises Search Center SharePoint Online Query Processing Component Index Component SharePoint On Premises Infrastructure Setup S2S Trust & Identity Management Search Service Integration Infrastructure Setup Directory Synchronisation S2S Trust & Identity Management Search Service Integration Customer network Microsoft data center Office 365 tenant Internet Perimeter network Intranet On Premises Infrastructure Identity Platform Federation Gateway ADFS Proxy ADFS Servers AD Servers User Profile Sync Service DirSync Server Azure AD Directory Service SharePoint Secure Store Target App SharePoint SharePoint STS Reverse Proxy ACS Trust Azure AD Tenant Azure AD Proxy Customer network Microsoft data center Office 365 tenant Internet Perimeter network Intranet On Premises Infrastructure Identity Platform Federation Gateway AD Servers User Profile Sync Service DirSync Server with Password Sync Azure AD Directory Service SharePoint SharePoint SharePoint STS ACS Trust Azure AD Tenant Azure AD Proxy Cloud Identity Directory & Password Synchronization* Federated Identity Single identity in the cloud Suitable for small organizations with no integration to onpremises directories Single identity suitable for medium and large organizations without federation* Single federated identity and credentials suitable for medium and large organizations Cloud Identity Directory & Password Synchronization* Federated Identity Single identity in the cloud Suitable for small organizations with no integration to onpremises directories Single identity suitable for medium and large organizations without federation* Single federated identity and credentials suitable for medium and large organizations Windows Azure Active Directory Directory Synchronization AD Cloud Identity Ex: [email protected] On-Premises Identity Ex: Domain\Alice User Activate Add Domain TXT or MX records Install & Configure Sync Activate Users For detailed configuration see: http://technet.microsoft.com/en-us/library/hh967642.aspx √ Infrastructure Setup S2S Trust & Identity Management Replace SP STS Token Signing Certificate ACS Trust Setup Validate UPA Search Service Integration For Remote Index to work we need to establish an OAuth Trust with ACS between SharePoint On-Premises and Online. This enables S2S Authentication. 1. Replace the security token signing certificate across all SharePoint servers in on- premises farm 2. Deploy Windows Azure AD powershell with the pre-requisite of Microsoft Sign-in Assistant 3. Establish trust between on-premises SP Farm and SP Online by replacing certificate 4. Add service principal name for the on-premises domain. (Eg.00000003-0000-0ff1- ce00-000000000000“/*.spc.spocloud.com) 5. Register SP Online application principal as a trusted provider in SP on-premises 6. Set authentication realm for SP 7. Configure a proxy in the on-premise farm for Azure AD RECOMMENDED: SUPPORTED: DOES NOT WORK: On the SharePoint on-premises farm validate: UP Service Application is configured and running User Profiles are synced with AD for the same set of users as specified for DirSync Validate user profile attributes are correctly populated, key ones are: Customer network Microsoft data center Office 365 tenant Internet Perimeter network Intranet On Premises Infrastructure Identity Platform Federation Gateway AD Servers User Profile Sync Service DirSync Server with Password Sync Azure AD Directory Service SharePoint SharePoint SharePoint STS ACS Trust Azure AD Tenant Azure AD Proxy √ Infrastructure Setup √ S2S Trust & Identity Management Search Service Integration Configure Result Source Create a Query Rule Validate Search Configuration With all components in place you will see Search results form both verticals. Results from Cloud Results from Cloud Results Results from from SharePoint SharePoint On-Premise On-Premise Monday Tuesday Outbound Search (most common) Outbound from customers network (SharePoint on premises) to SharePoint Online User that is in the customers network, on corpnet, searches from on premises. There is an outbound request to SPO to return results. Results from both are shown Inbound Search Inbound from SharePoint Online to customers network (SharePoint on premises) User that is not on customers network, but signed into SPO, searches. There is an inbound request to customers network - SharePoint on prem to return results. Results from both are shown Two-way Search Search is setup both inbound and outbound as described above. Both scenarios are supported in that case – whether user is on premises on corpnet, or only signed in to SharePoint Online Guidance: Start small with outbound search first. Then as needed, add inbound search Hybrid Key • • • • • Hybrid Key • • • Sponsored by