Home » hybrid » Hybrid SharePoint computing is built on trusted communications

Hybrid SharePoint computing is built on trusted communications

Approximately 2.5 minutes into the 2nd of 13 video tutorials included in a set on hybrid SharePoint computing, Fabian Williams, a SharePoint Server MVP introduces a definition of hybrid SharePoint computing. The title of the video tutorial is Defining SharePoint 2013 Hybrid. This definition emphasizes the importance of full trusted communications as a mission-critical essential prerequisite to any attempt to implement a hybrid computing architecture for SharePoint server, on-premises, and SharePoint Online, Office 365:

  • “A SharePoint Server 2013 hybrid environment enables identity management and trusted communications between SharePoint Online and SharePoint Server 2013.

Fabian points out how this full trusted framework equips SharePoint Server on-premises, and a SharePoint Online tenant in Microsoft’s Office 365 cloud SaaS, to exchange data as various hybrid computing components (Search, Yammer, OneDrive for Business, etc) are consumed by users. Without the framework (user identity management is included within it) this would not be possible. The method of implementing the framework includes the use of certificates (an SSL public authority certificate along with STS self signing certificate), which Fabian spends sometime presenting, in detail, to his audience.

This video tutorial is intended for an audience of SharePoint administrators. Fabian offers assessments of the difficulty of successfully implementing a hybrid computing architecture for SharePoint at numerous points across the first 2 video tutorials in the set. From his perspective, simply the task of building the full trust framework, which provides the topic for the first few moments of this tutorial, is “really, really involved”.

Next, Fabian presents the concept of “the integrated functionality of services” (“services” is used, collectively, for Search, and for Business Connectivity Services). This work will include getting involved with “secure store”, “business applications”, etc.

Hybrid topologies include “one-way outbound”, (which amounts to connecting to SharePoint Online, Office 365, from SharePoint Server 2013, on-premises), “one-way inbound” (connecting to SharePoint Server 2013, on-premises, from SharePoint Online, Office 365), and “two-way (bidirectional)”. Fabian emphasizes the security imperative for this type of computing. He notes the second topology, “one-way inbound”, exposes information specific to a unique organization to access from the wide are and, therefore, should be locked down with tools like “reverse proxy” servers, etc.

Fabian identifies the objective of the “one-way outbound” topology as a method of producing “federated results”. He also provides a caveat: the “one-way outbound topology” is designed for the Search service, only and should not be expected to work for business connectivity services. Finally, this topology does not permit SharePoint Online “to query the SharePoint server on-premises”.

It is possible to consume Search services from the SharePoint 2013 server, on-premises in the 2nd topology, namely “one-way inbound”.

©2014, Ira Michael Blonder & Rehmani Consulting, Inc. All Rights Reserved