(#)http://eit.co
Extranet User ManagerV4 Release Webinar
September 14, 20171-2 PM
(#)http://eit.co
Introductions
(#)http://eit.co
• President, Envision IT
• SharePoint MVP
• Partner Seller, Microsoft Canada
• http://blog.petercarson.ca
• www.extranetusermanager.com
• Twitter @carsonpeter
• VP Toronto SharePoint User Group
Peter Carson
(#)http://eit.co
Envision IT built custom Extranet solution
Productization of code
base begins
Extranet User Manager (EUM)
Installer created Azure B2B support
Channel Partner
program launched
2008
2009
2010
2011
2012
2014
2015
2016
2017
EUM Brand and Website
launched
Office 365 support
(#)http://eit.co
Customers around the Globe
75+ Customers Deployed Globally
(#)http://eit.co
Agenda
Introductions
Poll
History of EUM V4
EUM Features
Licensing
Demo
Customer Implementations
(#)http://eit.co
Poll 1
Which Version of SharePoint are you currently using?
• Office 365
• SharePoint Server 2013
• SharePoint Server 2010
• SharePoint Foundation (2010 or 2013)
• MOSS 2007 or WSS 3.0
(#)http://eit.co
IntroducingEUM V4
(#)http://eit.co
Why a new EUM?
• User interface for EUM V2 and V3 dates back to 2012
• ASP.NET Web Forms technology it is built on is outdated
• V2 and V3 both have partially implemented REST APIs
• Client side HTML and REST APIs are the modern trend
• Better decoupling of presentation and back end code
• Easier incremental upgrade path
• Large pool of skilled web stack developers understand this dev approach
• Customizing forms was difficult
• Required Visual Studio coding skills
• Minor version upgrades were difficult to deploy
• Required recompiling and deploying the customizations
• WS-Federation is an aging mechanism for single sign-on that doesn’t support all the workloads
(#)http://eit.co
EUM V4 Highlights
• Entire EUM functionality is exposed as a REST API
• All pages are now HTML and jQuery for easy customization
• Single sign-on authentication has been upgraded to support Open ID Connect
• Still supports WS-Federation as well
• Built with Bootstrap and modern jQuery components
• Mobile support
• Better UX
• Simpler development
• Dramatically simplified branding and customization
• EUM forms can be embedded in portal applications like SharePoint or custom apps
• Underlying EUM version can be upgraded without rebuilding customizations
(#)http://eit.co
EUM V4 History
• Redesign of the UI and full REST API implementation have been on the backlog for some time
• Fall 2016 began design work on a new site for OntarioMD
• www.ontariomd.ca
• Registration and user management requirements were very complex
• Decision was made to do the new EUM build in parallel
• WS-Federation SSO was problematic
• Added the Open ID Connect implementation mid-stream
• Launched the OntarioMD site May 2017
• Summer 2017 spent refining the implementation for the full EUM product
(#)http://eit.co
Extranet User Manager Features
(#)http://eit.co
• SharePoint 2016 sample site at https://productdemov4.envisionit.com
• EUM installed at https://loginv4.eumdemo.com
• AD FS for internal users
• External users
• In a separate AD or SQL Database
• Authenticating through Identity Server
• Managed with the Envision IT Extranet User Manager
• OntarioMD public website and Extranet at https://www.ontariomd.ca
Demo Scenarios
(#)http://eit.co
• Register
• Set Password
• Manage your profile
• Change your password
• Reset forgotten password
End User Components
(#)http://eit.co
• Delegated access for the business owners and external users
• Search, add, edit, and import users and groups
• Used by administrators to configure the system
• General settings
• Open ID Connect and WS-Federation
• Email templates
• Office 365
• Azure AD B2B
Admin Components
(#)http://eit.co
Branded Experience
• Maintain your corporate brand throughout the entire user experience• Registration• All end-user pages
• EUM pages can be branded• EUM applets can be embedded in
portal experience
(#)http://eit.co
Single Sign-On
• Users sign in once• As they move to other systems,
they are automatically logged in• Securely managed through WS-
Federation or Open ID Connect
(#)http://eit.co
Open ID Connect
• Authentication layer built on top of OAuth 2.0
• Published in February 2014
• Authorization server (EUM) performs authentication
• Supports a variety of authentication scenarios
• Web apps
• Web apps with underlying Web APIs (double hop)
• JavaScript apps
• Native / Mobile apps
• Server to Server
(#)http://eit.co
Web Application AuthenticationIdentity ProviderClient (Web App) Active Directory / ASPNETDB
Browse app
Not authenticated
Redirected to IP
Authenticate
User
Query for user attributesReturn JWT Identity Token
Return pageand cookie
Send Token
IT
IT
Download key material from IDP Discovery Document or use cached key to validate JWT
(#)http://eit.co
Self-Registration
• Fully customizable registration experience
• Self service profile page• Fields can be added or removed• Can be integrated into back-end
systems• Customizable approval workflow
(#)http://eit.co
Adaptive Design
• Leverages the Bootstrap framework
• All end-user pages adapt to smartphone, tablet, or desktop experiences
(#)http://eit.co
Licensing
(#)http://eit.co
Extranet User Manager Licensing
• Full pricing details available at https://www.extranetusermanager.com/Pricing
Version On Premise Hosted
Standard Edition$8,000 $850 / month
Enterprise Edition$13,000 $1,070 / month
Annual Software Assurance
20% Included
(#)http://eit.co
Upgrade Path
• All clients current on Software Assurance are eligible to upgrade
• Can be a hosted or on premises implementation
• Existing EUM database is upgraded automatically
• Existing users and groups are retained
• No need for users to update their passwords
• EUM V3 upgrade is a simple replace
• No changes needed for permissions in SharePoint
• EUM V2 upgrade requires PowerShell script to update the user and group permissions in SharePoint
• Customizations will need redevelopment / rework
(#)http://eit.co
Demo – SharePoint 2016Registration through to Login
(#)http://eit.co
Demo Scenario
• SharePoint 2016 sample site at https://productdemov4.envisionit.com
• EUM installed at https://loginv4.eumdemo.com
• AD FS for internal users
• External users
• In a separate AD or SQL Database
• Authenticating through Identity Server
• Managed with the Envision IT Extranet User Manager
(#)http://eit.co
Customer Implementations
(#)http://eit.co
Customer Case Study: OntarioMD goes to the cloud with Extranet User Manager
OntarioMD is a government funded NFP for
14K Ontario physicians
www.ontariomd.ca
The Challenge:
• Reduce the cost of current hosting
• Easy to maintain site and update for 14,000 physicians and staff
• Seamless migration of content, functionality and user accounts
• Hosted and managed solution
• Needed a new corporate website and portal.
(#)http://eit.co
Customer Case Study: OntarioMD goes to the cloud with Extranet User Manager
The Solution:
Azure Web Site
AuthenticatedOntario MD User
OntarioMDContent Authors
Web ContentDocuments
Images
AnonymousUser
Azure
Search
(#)http://eit.co
The Result
(#)http://eit.co
The Result - Login
(#)http://eit.co
The Result – Account Management
(#)http://eit.co
Links
• www.extranetusermanager.com
• www.ontariomd.ca
• Full case studies on both the Extranet and the Azure publishing
• OntarioMD uses Extranet User Manager and Azure Websites to Launch Their Public Website
• OntarioMD uses Office 365 and Azure Websites to Launch Their Public Website
(#)http://eit.co
Upcoming Events
December 7-8, 2017Chicago
www.sharepointfest.com/Chicago/
September 25-29, 2017Orlando, FL
eum.co/events
(#)http://eit.co
Thank you
Questions?