Office 2013客户端Modern认证功能从内部预览版转向公共预览版

时间:2020-02-21
阅读:

微软3月24日宣布Office 2013客户端Modern认证功能从内部预览版转向公共预览版。Modern认证带来了基于Active Directory Authentication Library(ADAL)的Office 2013 Windows客户端登录。现在,所有使用Office 2013并且安装了2015年3月最新更新的用户都可以尝试这一版本。

以下是这一版本的可运行脚本,更加详细地描述了基于ADAL的认证情况:

• Office 2013客户端应用多重因素认证(MFA)

• 基于SAML的第三方身份提供商登录

• 智能卡和基于证书的认证

• Outlook不再要求基本认证协议

Office 2013客户端应用登录到Office 365服务可以获得Exchange Online电子邮件、SharePoint Online文件、连接到Skype for Business Online(原Lync Online)以及激活Office客户端许可。

来源及原文:

Today’s post was written by Paul Andrew, technical product manager for Identity Management on the Office 365 team.

Today we are pleased to announce that Office 2013 client modern authentication features have moved from private preview to public preview. This means the program is easier to join and production support is included for participants. Modern authentication brings Active Directory Authentication Library (ADAL)-based sign in to Office 2013 Windows clients. Previously, this was only available as a private preview for testing. Now modern authentication is available to any customer running the March 2015 or later update for Office 2013. It will continue to be off by default in the client, but can be enabled on Windows machines by participants in the public preview.

Modern authentication for Office 2013 Windows client

Office 2013 client applications sign in to the Office 365 service to gain access to Exchange Online email, to access files on SharePoint Online, to connect to Skype for Business Online (formerly Lync Online), and to activate the Office client license. This update enables IT administrators to configure new security scenarios for sign in with Office 365.

Here are some scenarios that are enabled, which are described in more detail in the previous post about ADAL-based authentication:

Multi-factor authentication (MFA) for Office 2013 client applications

SAML-based third-party identity provider sign in

Smart card and certificate-based authentication

Outlook no longer requiring the basic authentication protocol

There are still some limitations where the public preview does not yet contain all the functionality that we plan to include. For each of these limitations, we have details of what doesn’t work as expected and how to work around it in the TechNet Article, Office 2013 and Office 365 ProPlus modern authentication: Things to know before onboarding. Please review these details before joining the preview.

Use of Azure Rights Management Service

AD FS Client Access Filtering Policies

Skype for Business (formerly Lync) client is not MFA enabled

External Sharing in SharePoint Online

Multiple mismatched tenants connected from Outlook

Smart card as primary sign in needs additional configuration

The public preview works with all Microsoft identity integration models including the cloud-based identity model, the synchronized identity model, and the federated identity model with AD FS. You can read about these identity models on a previous post here.

Join the program now

The preview involves a change to your Office 365 tenant and a change to each Windows machine that Office 2013 runs on.

To join the public preview program follow these steps:

Sign up on Microsoft Connect to the public preview here.

Wait to hear back while your tenant is enabled.

Apply the registry setting to enable modern authentication on your Windows client machines. Details about these updates are published here.

To exit the public preview program follow these steps:

Remove the registry setting to disable modern authentication on your Windows client machines. Details about these updates are published here.

Users can sign in as before with the Microsoft Online Sign-In Assistant.

You do not need to have modern authentication disabled in your tenant.

The public preview update for Office 2013 clients includes Office 2013 and Office 365 ProPlus. Office 2013 requires the March 2015 update patch that is described here.

For Office 365 administrators, we have documentation on enabling MFA here.

For Office 365 users, we have documentation on using MFA here.

Modern authentication on other platforms

Modern authentication on an iPad.

返回顶部
顶部