Exchange 2010 Federation

8/2/2019 Exchange 2010 Federation

1/20


2/20

AGENDA

Introduction

Microsoft Federation Gateway

Federation Trusts

Organization Relationships

Sharing Policies


3/20

INTRODUCTION

This presentation will walk us through as to howone can share the Calendar and contact

information with external recipients


4/20

TRUSTS WITHOUT TRUSTS

The two companies had been collaborating more &more in recent months. There is a desire to sharethe following

Free/Busy Information

Contacts

Calendar

o There are rules in place that they cannot breaksuch as

No Trust relationships are to be made between thetwo organizations

No VPN connections between the two organizations canbe made.


5/20

UNDERSTANDINGTHEFEDERATION

Federation involves creating a federation trust notwith other organizations but with the MicrosoftFederation Gateway.

Federation Gateway is an identity service in thecloud over the internet & beyond the corporatedomain

MS Federation Gateway becomes a Trust broker.

Once you are trusted by the Federation Gateway, you

can create Federated delegations with otherorganizations that are also federated.


6/20

MICROSOFTFEDERATIONGATEWAY


7/20

Pre- Requisites: Domain used should be resolved from the internet. e.g.

that organization should receives email through theinternet.

An X.509 certification issued by a third partyCertification Authority(one that is trusted by the MSFederation Gateway)

Federation Trust creation - EMC or EMS EMC New Federation Trust wizard can be used.

EMS New-FederationTrust. Once the trust is in place, add federated

domains(obviously you can only connect to othertrusted organizations)

CREATINGFEDERATIONTRUST


8/20

CREATINGFEDERATIONTRUSTINEMS

In order to locate the certificate that we knew it is in server then usefollowing command:Get-ExchangeCertificate | where {$_.IsSelfSignedeq $false} |fl


9/20

CREATINGFEDERATIONTRUSTINEMS

Once you received the thumbprint then run createfederation trust using following command:

New-FederationTrustName My Federarion Trust -Thumbprint 2376____ -verbose


10/20

APPIDOFACCEPTEDDOMAIN

Logically we are federated with other organizationwhich are already connected with MS federatedgateway.

Microsoft is broker who authorize the organizationwhich is federated with MS Federation Gateway.This would provide the App ID.


11/20

MANAGE FEDERATION


12/20

MANAGE FEDERATION


13/20

ORGANIZATIONRELATIONSHIPSVS. SHARING

POLICIES

Organization relationships allow you to enable federated delegationwith another federated organization for the purpose of sharingcalendar free/busy information between users in both organizations.Organization relationships are one-to-one relationships between twoorganizations. Both organizations are required to establish only onefederation trust with the Microsoft Federation Gateway and toconfigure their federated organization identifier prior to configuringthe organization relationship with each other.

When you create an organization relationship with an externalorganization, users in the external organization can access yourusers' free/busy information. No replication of GAL information isrequired. With this configuration in place, Outlook 2010 and

Office Outlook Web App users can simply enter the SMTP address ofan external recipient when scheduling meetings.


14/20

CREATING ORGANIZATION RELATIONSHIP


15/20



16/20



17/20

SHARING POLICY

Sharing Policy enable user-established, people-to-people

sharing of both calendar and contact information with differenttypes of external users. Sharing polices allow your users toshare both their free/busy and contact information (includingthe Calendar and Contacts folders) with recipients in otherexternal federated organizations.

In Sharing policy external recipients they want to collaboratewith. Using Outlook 2010 or Outlook Web App, users caninvite external recipients in other federated domains to accesstheir Calendar or Contacts folder and also request that theyshare theirs in return.


18/20

DEFAULT SHARING POLICY


19/20

NEW SHARING POLICY


20/20

WHAT WELEARNEDIN THIS SESSION

Documents

Exchange 2010 Federation