SharePoint Hybrid worksheet
for a one-way outbound authentication topology
Use this worksheet if you are deploying a SharePoint hybrid environment using a one-way outbound authentication topology.
Table 1: User accounts
Info needed
Global Administrator
AD Domain Administrator
AD Enterprise Administrator
SharePoint Farm Administrator
Federated Users
Description
Office 365 account that has been
assigned to the Global
Administrator role for Office
365.
AD account in the Domain
Admins group of the onpremises domain.
AD account in the Enterprise
Admins group of the onpremises domain.
Member of the Farm
Administrators group of the onpremises SharePoint farm.
AD accounts that have been
synchronized with Office 365.
Value
Table 2: Choices
Info needed
Choice
Authentication topology
One-way outbound
Choose one of the following:
 One-way outbound
Identity management type
Choose one of the following:
 ADFS with SSO
 DirSync with Password Sync
Table 3: Public Domain Info
Info needed
Description
Public Internet Domain
name
Domain name of the public-facing
corporate DNS domain.
e.g. adventureworks.com
UPN Domain Suffix
The UPN domain suffix in your onpremises AD domain that matches the
public domain. e.g.
sharepoint.adventureworks.com
Value
Table 4a: STS Certificate
Info needed
STS Certificate Friendly Name
STS Certificate path\filename (*.pfx
file)
STS Certificate Password
STS Certificate path\filename (*.cer
file)
Subject Name
STS Certificate Start Date
(the date the certificate was issued)
STS Certificate End Date
(the certificate expiration date)
Value