Friday, September 05, 2014

What does "Federation" means in Office 365?

The term "Federation" refers to the relationship between two different Organizations, where they mutually agree up on some standards and decide to share their resources with each other.  This is a common term used in today's Technology and when it comes to Office 365 we have this used at various areas and its good to know what they are and how they work.


Federation with Office 365 as said above falls in to the 3 categories as shown below.
  • Identity Federation 
  • Federation Trust 
  • Lync Federation
When you are an On premises Exchange Customer and denote that your federation is not working, this will normally refer to the Free/Busy lookup not working with your partner Organization and the same applies to On premises Lync where this eventually point out to traditional Lync Federation issues with external partners. From my experience very rarely we will come across Identity Federation issues with ADFS or with any other equivalent identity platforms in a On premises environment. So, when we have all of these platforms available at one place bundled together with Office 365 and you use this phrase " Federation issue" its not clear to which one you point to and we need to be specific when we quote this here to make things clear on the other end.

Identity Federation

When it comes to Office 365 most of the Organizations prefer Single Sign-on along with some granular control over their Identity management and rely on ADFS. To accomplish this we enable Identity Federation with Office 365 and when we do this our Domain becomes federated and the source of Authority for Identity Management becomes your On premises and your ADFS servers becomes the most critical components in the Entire Environment to make things work with the Service.

Mostly when you say federation not working with Office 365, it refers to ADFS federation and below Office Blog post provides you more insight on this model. Also refer the Microsoft Knowledge base article that outlines how to repair and update the ADFS federation when you have issues.

Access here: Choosing a sign-in model for Office 365

MS KB : How to update or repair the settings of a federated domain in Office 365, Azure, or Windows Intune


Federation Trust

When we say Federation Trust it points out to the Free/busy Lookups between two different Organizations federated with Microsoft Federation Gateway, this implies to Hybrid deployment where you have this federation Trust established between your On premises Exchange Environment and Exchange Online.

When you setup your Hybrid deployment this Federation trust will get created automatically between your Organization and Exchange Online from Exchange 2010 SP2 and later versions, prior to this with SP1 this was configured manually and with the latest changes soon MFG will be discontinued and the new OAuth protocol will be used to setup this federation and Organization relationship.

Review here for more information : Configure Federated Sharing

Follow this below Microsoft Knowledge base article to troubleshoot when you have issues with federated sharing.

Free/busy lookups stop working for users in a cross-premises environment or in an Exchange hybrid deployment

Lync Federation :

Finally, we have our Lync Federation, Federation process with Lync Online is similar to On premises Lync Environment where we establish federation with External partners, Additionally, we can have Lync Federation established between our On premises Lync Environment and Lync Online in a Hybrid setup. Review the below TechNet article and my earlier blog post to know more.

Configure federation of Lync Server 2013 with Lync Online

Setting up Federation with Lync On-Premises and Lync Online

No comments:

Post a comment