[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1208
  • Last Modified:

Office 365 with 2008 SBS Federation services

I'm having a tough time setting up active directory sync with Office 365 on an 2008 SBS. It seems like there are so many guides with countless variables that it's just not working for me. Can someone point me to a solid step by step guide particaluarly demonstrating  installation using a windows 2008 SBS?

Thanks.
0
finkeltron
Asked:
finkeltron
  • 5
  • 4
  • 2
1 Solution
 
Cliff GaliherCommented:
It is almost unheard of to implement federation in a network small enough to handle SBS. the administrative overhead to manage ADFS almost always outstrips what it takes to manage accounts manually through the portal or implement dirsync. Are you sure you WANT federation?? If you follow the official ADFS guidance on technet (not SBS specific) where are you confused or getting stuck?
0
 
finkeltronAuthor Commented:
honestly I have no idea what's best for me. I just would like on prem user accounts to sync with our Office 365 accounts. Single sign on I guess. The easiest method of course.
0
 
Cliff GaliherCommented:
Then you probably should consider dirsync instead of ADFS.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
finkeltronAuthor Commented:
ok great. how do I implement this on windows 2008 SBS?
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
You can't implement it on SBS 2008.  DirSync requires one of the following OS's:

64-bit edition of Windows Server 2008 Datacenter
64-bit edition of Windows Server 2008 R2 Standard or Enterprise, Windows Server 2008 R2 Datacenter
64-bit edition of Windows Server 2012 Standard or Datacenter
64-bit edition of Windows Server 2012 R2 Standard or Datacenter

You must follow the DirSync Roadmap found here:
http://technet.microsoft.com/en-us/library/hh967642.aspx

You probably want to include the Password Sync stuff, but ignore the SSO portions because that is ADFS
0
 
finkeltronAuthor Commented:
so what you're saying is I'm SOL because I didn't have one of those severs? I only have an SBS 2008 server.
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
If you want to run DirSync, then you need to have one of those.  

I wouldn't suggest that you do it if you don't already have another server.  Because since you now are not using your SBS's Exchange Server it may be time to upgrade and switch over to Server 2012 Essentials which includes an Office365 Password Sync module that works quite well.

Jeff
0
 
finkeltronAuthor Commented:
Thats a real job. May I could just setup a quick virtual machine? Wouldn't need to allocate much memory.
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Virtual is the only way to go for a dirsync server in my opinion.  You're right, you don't need much memory -- but you still need a license for the server -- which will run you TWICE the cost of Server 2012 Essentials license.

Then you need something to host it on.  I don't recommend installing a VM on top of SBS 2008 -- way too much to deal with there.

Jeff
0
 
finkeltronAuthor Commented:
Well I do have an extra 2008 r2 license I can use. Funny 2008 SBS includes Hyper V but you still don't think it's wise to utilize it?
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Please remember that SBS 2008 contains a FULL version of Server 2008, so yes, the Hyper-V role is there, but it is not able to be used as a parent server and definitely not a supported scenario:
http://blogs.technet.com/b/sbs/archive/2009/08/07/you-cannot-install-the-hyper-v-role-on-the-sbs-2008-primary-server.aspx

If you do have a license for Server 2008 R2, then the proper way to have a virtual machine running with SBS is to first install Server 2008 R2 hypervisor role only and then you can install both the SBS and second Server 2008 R2 as virtual machines:

SBS 2008 Virtualization
This would require that you P2V the SBS to a temporary location and then move it back onto the current server after its reconfigured.  

You need to also make sure that the current server has appropriate resources to handle this -- I would never do it with less than 24GB of RAM.

This whole process is rather complex, which is why my suggestion still stands to replace your current SBS 2008 with Server 2012 Essentials -- which you can probably get with a reasonably equipped server for about $1,800.00 -- no CALS are needed and overall management of the new server will take much less time and effort than the current one.  Not to mention that your current server may be out of warranty or close to it, and the cost of renewing that warranty could be about half of the above.

Jeff
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

  • 5
  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now