0

I would like to setup a Sharepoint 2010 solution on a cloud based Windows Server 2008 R2. Preferably I would like the ability to use a company's existing user accounts and passwords. Therefore my question is..

Is it possible to either:

  1. Have the cloud solution join the domain controller of an existing network on a remote site with reasonable efficiency?

  2. OR at a minimum I would like some way to synchronise user accounts and passwords - is there another solution to achieve this?

Seth
  • 127
  • 1
  • 6

1 Answers1

4

The currently recommended solutions, in the order I prefer:

  1. Look into ADFS (Federation Services) to accomplish logons
  2. Utilize a password sync tool to move passwords between sites. Microsoft's ForeFront Identity Manager and it has this capability. You can also utilize a Password Filter in Active Directory to capture password changes and then perform certain actions with them, such as pass them to a web service on your remote machine.
  3. Setup a one-way read-only domain trust
Brent Pabst
  • 6,069
  • 2
  • 24
  • 36
  • Will solution number 1 still allow for a user to login to the sharepoint site using the AD credentials however still being external from the intranet? – Seth Jun 05 '12 at 13:04
  • Yep! It's a security token provider, commonly called STS. Essentially it helps with SSO based sign-on for any of your resources that you chose to implement it with. The nice thing is that you never really sync the password to the remote server which improves security. Instead when the user requests access to your cloud sharepoint site sharepoint will temporarily redirect them back to your servers to authentication and then will return a token that the sharepoint site knows to trust. If you need a good example of how it all works check out Office 365, it heavily relies on ADFS for auth. – Brent Pabst Jun 05 '12 at 13:33