Solved

Office 365 with 2008 SBS Federation services

Posted on 2014-02-14
11
1,090 Views
Last Modified: 2014-03-03
I'm having a tough time setting up active directory sync with Office 365 on an 2008 SBS. It seems like there are so many guides with countless variables that it's just not working for me. Can someone point me to a solid step by step guide particaluarly demonstrating  installation using a windows 2008 SBS?

Thanks.
0
Comment
Question by:finkeltron
  • 5
  • 4
  • 2
11 Comments
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 39860938
It is almost unheard of to implement federation in a network small enough to handle SBS. the administrative overhead to manage ADFS almost always outstrips what it takes to manage accounts manually through the portal or implement dirsync. Are you sure you WANT federation?? If you follow the official ADFS guidance on technet (not SBS specific) where are you confused or getting stuck?
0
 

Author Comment

by:finkeltron
ID: 39860980
honestly I have no idea what's best for me. I just would like on prem user accounts to sync with our Office 365 accounts. Single sign on I guess. The easiest method of course.
0
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 39860988
Then you probably should consider dirsync instead of ADFS.
0
 

Author Comment

by:finkeltron
ID: 39860993
ok great. how do I implement this on windows 2008 SBS?
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 39861005
You can't implement it on SBS 2008.  DirSync requires one of the following OS's:

64-bit edition of Windows Server 2008 Datacenter
64-bit edition of Windows Server 2008 R2 Standard or Enterprise, Windows Server 2008 R2 Datacenter
64-bit edition of Windows Server 2012 Standard or Datacenter
64-bit edition of Windows Server 2012 R2 Standard or Datacenter

You must follow the DirSync Roadmap found here:
http://technet.microsoft.com/en-us/library/hh967642.aspx

You probably want to include the Password Sync stuff, but ignore the SSO portions because that is ADFS
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 

Author Comment

by:finkeltron
ID: 39861015
so what you're saying is I'm SOL because I didn't have one of those severs? I only have an SBS 2008 server.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 39861031
If you want to run DirSync, then you need to have one of those.  

I wouldn't suggest that you do it if you don't already have another server.  Because since you now are not using your SBS's Exchange Server it may be time to upgrade and switch over to Server 2012 Essentials which includes an Office365 Password Sync module that works quite well.

Jeff
0
 

Author Comment

by:finkeltron
ID: 39861481
Thats a real job. May I could just setup a quick virtual machine? Wouldn't need to allocate much memory.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 39861660
Virtual is the only way to go for a dirsync server in my opinion.  You're right, you don't need much memory -- but you still need a license for the server -- which will run you TWICE the cost of Server 2012 Essentials license.

Then you need something to host it on.  I don't recommend installing a VM on top of SBS 2008 -- way too much to deal with there.

Jeff
0
 

Author Comment

by:finkeltron
ID: 39861745
Well I do have an extra 2008 r2 license I can use. Funny 2008 SBS includes Hyper V but you still don't think it's wise to utilize it?
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 500 total points
ID: 39862153
Please remember that SBS 2008 contains a FULL version of Server 2008, so yes, the Hyper-V role is there, but it is not able to be used as a parent server and definitely not a supported scenario:
http://blogs.technet.com/b/sbs/archive/2009/08/07/you-cannot-install-the-hyper-v-role-on-the-sbs-2008-primary-server.aspx

If you do have a license for Server 2008 R2, then the proper way to have a virtual machine running with SBS is to first install Server 2008 R2 hypervisor role only and then you can install both the SBS and second Server 2008 R2 as virtual machines:

SBS 2008 Virtualization
This would require that you P2V the SBS to a temporary location and then move it back onto the current server after its reconfigured.  

You need to also make sure that the current server has appropriate resources to handle this -- I would never do it with less than 24GB of RAM.

This whole process is rather complex, which is why my suggestion still stands to replace your current SBS 2008 with Server 2012 Essentials -- which you can probably get with a reasonably equipped server for about $1,800.00 -- no CALS are needed and overall management of the new server will take much less time and effort than the current one.  Not to mention that your current server may be out of warranty or close to it, and the cost of renewing that warranty could be about half of the above.

Jeff
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

943 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now