As SSO integrators, we tend to talk a lot about cloud connections and migrations. Sometimes, though, your organization isn’t ready to move everything into the cloud yet. Your on-premise apps have become deeply entrenched over the years, and your budget and time are too thin to migrate just now. That’s why TechJutsu is here for you to provide on-premise Okta integrations on the budget and time that fits your needs.
Take Microsoft Outlook, for example. Integrating Okta and your organization’s Outlook OWA is a great way to provide extra convenience and security to your Outlook users. However, this integration can also be more challenging than many of the cloud applications that your organization may be used to integrating, since you need to configure both Exchange settings and the web.config files to use WS-Federation with Okta. On top of that, e-mail is a high-visibility integration, meaning that you can’t afford to have your production integration go wrong.
There are some ways you can make this integration more manageable, though. Here are some of the tips that we at TechJutsu have learned along the way to help you set your integration up for success.
1. Know your environment
What versions of .Net, Exchange, and Windows Server are you using? Do you have a proxy in front of your mail service? Are your servers in a DMZ? The answers to these questions will affect what configuration paths are available to you and what work you must do to get your integration up and running.
Before you start working on your integration, you should make sure you know what software versions are running on your servers, where your servers fit into your network topography, and how any proxies may affect your routing. For best results, you should ensure that all your Exchange servers run the same versions of all components and that any proxies or gateways aren’t rewriting your URIs. Which brings us to:
2. Make sure your URIs are ready for WS-FED
Routing matters. And when you start bringing modern authentication and WS-FED into the mix, some of the routing schemas you use may change. For example- remember trailing slashes? You can set up your URIs with or without them in Exchange, but for integrating to Okta, you need those trailing slashes! Get those in place before you start thinking about an OWA integration, and you will find it’s a much smoother process.
3. Get testing!
Testing is critical for high-value integrations such as Outlook OWA. A well-tested, robust integration path will make the integration experience smoother for your IT teams and your users.
We always recommend having a test environment for any changes that is reflective of your production environment. If you don’t have one, though, it’s time to get creative. You may be able to run your tests in a free trial environment from Microsoft. Some of our clients have also used their DR or performance testing environment to ensure a smooth rollout in production.
4. Don't go it alone
Even for Okta experts, integrating Outlook OWA can be challenging. There are many configurations to pull together, and it takes a holistic view of Okta and Exchange to get OWA working. Working with the right consulting team sets you up for success.
Your Next Steps
If you're looking for that right consulting team, book a meeting with us for a personalized conversation. We can help you get your Outlook OWA integration right the first time, and so much more!