Solved

Office 365 with 2008 SBS Federation services

Posted on 2014-02-14
11
1,071 Views
Last Modified: 2014-03-03
I'm having a tough time setting up active directory sync with Office 365 on an 2008 SBS. It seems like there are so many guides with countless variables that it's just not working for me. Can someone point me to a solid step by step guide particaluarly demonstrating  installation using a windows 2008 SBS?

Thanks.
0
Comment
Question by:finkeltron
  • 5
  • 4
  • 2
11 Comments
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 39860938
It is almost unheard of to implement federation in a network small enough to handle SBS. the administrative overhead to manage ADFS almost always outstrips what it takes to manage accounts manually through the portal or implement dirsync. Are you sure you WANT federation?? If you follow the official ADFS guidance on technet (not SBS specific) where are you confused or getting stuck?
0
 

Author Comment

by:finkeltron
ID: 39860980
honestly I have no idea what's best for me. I just would like on prem user accounts to sync with our Office 365 accounts. Single sign on I guess. The easiest method of course.
0
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 39860988
Then you probably should consider dirsync instead of ADFS.
0
 

Author Comment

by:finkeltron
ID: 39860993
ok great. how do I implement this on windows 2008 SBS?
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 39861005
You can't implement it on SBS 2008.  DirSync requires one of the following OS's:

64-bit edition of Windows Server 2008 Datacenter
64-bit edition of Windows Server 2008 R2 Standard or Enterprise, Windows Server 2008 R2 Datacenter
64-bit edition of Windows Server 2012 Standard or Datacenter
64-bit edition of Windows Server 2012 R2 Standard or Datacenter

You must follow the DirSync Roadmap found here:
http://technet.microsoft.com/en-us/library/hh967642.aspx

You probably want to include the Password Sync stuff, but ignore the SSO portions because that is ADFS
0
 

Author Comment

by:finkeltron
ID: 39861015
so what you're saying is I'm SOL because I didn't have one of those severs? I only have an SBS 2008 server.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 39861031
If you want to run DirSync, then you need to have one of those.  

I wouldn't suggest that you do it if you don't already have another server.  Because since you now are not using your SBS's Exchange Server it may be time to upgrade and switch over to Server 2012 Essentials which includes an Office365 Password Sync module that works quite well.

Jeff
0
 

Author Comment

by:finkeltron
ID: 39861481
Thats a real job. May I could just setup a quick virtual machine? Wouldn't need to allocate much memory.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 39861660
Virtual is the only way to go for a dirsync server in my opinion.  You're right, you don't need much memory -- but you still need a license for the server -- which will run you TWICE the cost of Server 2012 Essentials license.

Then you need something to host it on.  I don't recommend installing a VM on top of SBS 2008 -- way too much to deal with there.

Jeff
0
 

Author Comment

by:finkeltron
ID: 39861745
Well I do have an extra 2008 r2 license I can use. Funny 2008 SBS includes Hyper V but you still don't think it's wise to utilize it?
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 500 total points
ID: 39862153
Please remember that SBS 2008 contains a FULL version of Server 2008, so yes, the Hyper-V role is there, but it is not able to be used as a parent server and definitely not a supported scenario:
http://blogs.technet.com/b/sbs/archive/2009/08/07/you-cannot-install-the-hyper-v-role-on-the-sbs-2008-primary-server.aspx

If you do have a license for Server 2008 R2, then the proper way to have a virtual machine running with SBS is to first install Server 2008 R2 hypervisor role only and then you can install both the SBS and second Server 2008 R2 as virtual machines:

SBS 2008 Virtualization
This would require that you P2V the SBS to a temporary location and then move it back onto the current server after its reconfigured.  

You need to also make sure that the current server has appropriate resources to handle this -- I would never do it with less than 24GB of RAM.

This whole process is rather complex, which is why my suggestion still stands to replace your current SBS 2008 with Server 2012 Essentials -- which you can probably get with a reasonably equipped server for about $1,800.00 -- no CALS are needed and overall management of the new server will take much less time and effort than the current one.  Not to mention that your current server may be out of warranty or close to it, and the cost of renewing that warranty could be about half of the above.

Jeff
0

Join & Write a Comment

Suggested Solutions

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now