Configure Federated Delegation in the Cloud

 

Applies to: Office 365 for enterprises, Live@edu

Topic Last Modified: 2011-12-19

Federated delegation, also known as federated sharing, uses the Microsoft Federation Gateway, a cloud-based identity service offered by Microsoft, as the trust broker between your on-premises Exchange Server 2010 organization and your cloud-based e-mail organization.

With federated delegation, end users in one cloud-based organization can share information with end users in another cloud-based organization. For example, after you have enabled and configured federated delegation, users in one organization can view the free/busy information for users in the cloud-based organization of a business partner, if the partner has also enabled and configured federated delegation.

Configure federated delegation between two organizations in the cloud

The infrastructure of the cloud-based e-mail service is already federated with Microsoft Federation Gateway. All you need to do to enable federated delegation is create a new organizational relationship with another cloud-based e-mail organization.

By default, calendar sharing between users in other organizations that are federated with Microsoft Federation Gateway is enabled. This means that users with mailboxes in your cloud-based e-mail service can create individual calendar sharing invitations to users in other organizations who are federated with Microsoft Federation Gateway. To disable this default policy, see Disable a Sharing Policy.

By default, free/busy access isn't enabled between organizations that are federated with Microsoft Federation Gateway. This topic explains how to enable free/busy access with another cloud-based e-mail organization.

Before you begin

Because federated delegation uses the Autodiscover information in your domain to configure the federated relationship, you must make sure that the CNAME Autodiscover records for both organizations for which you are enabling federated delegation are configured in DNS. See Use a CNAME Record to Enable Outlook to Connect.

You use Windows PowerShell to configure federated delegation.

To learn how to install and configure Windows PowerShell and connect to the service, see Use Windows PowerShell in Exchange Online.

Create a new organizational relationship

To enable free/busy sharing between two cloud-based organizations, run the following command:

Get-FederationInformation -DomainName <the other cloud-based organization> | New-OrganizationRelationship -Name <the other tenant domain> -FreeBusyAccessEnabled $true -FreeBusyAccessLevel LimitedDetails

Here's an example of what the command would look like in the Contoso scenario, where the administrator for the Contoso organization configures an organizational relationship with Fabrikam College: 

Get-FederationInformation -DomainName fabrikam.edu | New-OrganizationRelationship -Name Fabrikam -FreeBusyAccessEnabled $true -FreeBusyAccessLevel LimitedDetails
Configure federated delegation between your on-premises and cloud-based organizations

To learn how to configure federated delegation between your on-premises organization and your cloud-based e-mail organization, see Understanding Federated Delegation and the Exchange Calendar Sharing FAQ.

For an example of implementation of a cross-premises federated delegation scenario, see Set up Federated Free/Busy and Calendar Sharing between Exchange 2010 SP1 and Outlook Live.

noteNote:
The third-party Web site information in this topic is provided to help you find the technical information you need. The URLs are subject to change without notice.

If users have problems viewing free/busy information after you’ve configured federated delegation between your on-premises organization and your cloud-based e-mail organization, see Troubleshooting Free/Busy Issues With Exchange Online When Using Exchange Federation.

 
Related help topics
Loading...
No resources were found.