We continue set of articles about interesting technology areas and solutions we have implemented or encountered in projects.
This article briefly describes our experience in development of synchronization solution between custom software service and Exchange and Office 365.
Our goal was to implement data synchronization between our service and Exchange Online and Office 365 accounts. Data were including calendars and events of people. Somewhat complex part was supporting of multiple Office 365 and Exchange online configurations, where they are joined by using Azure Active Directory. Therefore Azure Active Directory Graph API were used here.
Another challenge were supporting hybrid deployment of Exchange where on-premise exchange deployment is used in couple with Online exchange and Office 365.
- Powerful rule based configuration manager;
- Support MS Exchange hybrid deployment environment;
- Support multiple Windows domains, domain trees and domain forests;
- Integrate with CAS cluster;
- Support environment with up to 120,000 mailboxes;
- Handle up to 10,000 MS Exchange operations per seconds.
Azure Active Directory
Azure Active Directory is a comprehensive identity and access management cloud solution that provides a robust set of capabilities to manage users and groups and help secure access to applications including Microsoft online services like Office 365 and a world of non-Microsoft SaaS applications.
Azure Active Directory includes identity and access management (IAM) capabilities for on-premises, hybrid, and cloud environments. It is recently released collection of features for Microsoft’s Identity as a Service (IDaaS) platform – the identity backbone for all Microsoft Online Service products – that takes a large step towards making it a viable cloud partner to Windows Server Active Directory.
Azure AD Premium is a part of the Microsoft Enterprise Mobility Suite (EMS). EMS includes Windows Intune, Azure Active Directory Premium and Azure Rights Management Services.
The Azure Active Directory Graph API
The Azure Active Directory Graph API provides programmatic access to Azure AD through REST API endpoints. Applications can use the Graph API to perform create, read, update, and delete (CRUD) operations on directory data and objects. For example, the Graph API supports the following common operations for a user object: Create a new user in a directory; Get a user’s detailed properties, such as their groups; Update a user’s properties, such as their location and phone number, or change their password; Check a user’s group membership for role-based access; Disable a user’s account or delete it entirely.
Hybrid deployment of Exchange Online
A hybrid deployment provides a unified email experience for your Office 365 deployment. It enables users who have mailboxes in your on-premises Exchange Server environment and users who have Exchange Online mailboxes to find one another in the global address list (GAL), and to send, receive, and reply to email regardless of which system is hosting their mailbox.
Links we find useful
- Identity and Access Management for the Cloud
- Using the Graph API to Query Azure AD
- Plan an Exchange Online hybrid deployment in Office 365
- Exchange Server 2013 hybrid deployments
- Windows Azure Active Directory Graph API Access Using OAuth 2.0
- Outlook Synchronization Plugin