2013-09-12 - sugdc - office 365 and hybrid solutions
TRANSCRIPT
Agenda
#SUGDC
Who are we? Scott Hoag @ciphertxt Applied Information Sciences Infrastructure Consultant [email protected]
Dan Usher @binarybrewery Booz Allen Hamilton Incorporated Lead Associate [email protected]
#SUGDC
Phones silenced, phasers set to stun Ask questions
Housekeeping
#SUGDC
Planning SKU Overview and Licensing SLA Authentication Security & Compliance
Office 365 Overview
#SUGDC
Office 365 Software Description http://www.office365sd.com
Office 365 Deployment Guide http://technet.microsoft.com/en-us/library/hh852466.aspx
Office 365 Advanced Deployment Guide http://technet.microsoft.com/en-us/library/hh852483.aspx
Deployment Readiness Tool https://onramp.office365.com/onramp/
Planning
#SUGDC
SKU Overview and Licensing
#SUGDC
SKU Overview and Licensing
#SUGDC
Office 365 is treated as a component of Microsoft’s online services 5 day prior notification for scheduled maintenance 99.9% Uptime Percentage Pods and Failover Service Credits
Service Level Agreement
http://www.microsoftvolumelicensing.com/Downloader.aspx?DocumentId=6535
#SUGDC
“Any period of time when users are unable to read or write any portion of a SharePoint site collection for which they have appropriate permissions.”
What is considered downtime?
#SUGDC
Cloud Identity Directory and Password Synchronization Federation
Authentication Options in The Cloud™
#SUGDC
Identity Scenarios
Cloud Identity
Single identity in the cloud with no integration to on-premises directories
Directory & Password Synchronization
Single identity and credentials
Federated Identity
Single federated identity and credentials
#SUGDC
Certified for ISO 27001 EU Model Clauses Data processing agreement HIPAA Business Associate Agreement FISMA Moderate Family Educational Rights and Privacy Act
Security & Compliance
Office 365 Trust Center
#SUGDC
What is included? Social
SkyDrive Pro, Newsfeeds, Community Sites/Portals External Users
Sites Project Sites, Collaboration Sites/Portal
eDiscovery
Search Business Intelligence Apps Workflow
#SUGDC
Application Development Apps! Apps! Apps! Use SharePoint components Surface remote data Offload business logic Access SharePoint list data Make SharePoint a portal for other applications Integrate SharePoint with Office applications and services
Apps for SharePoint overview
#SUGDC
Authentication All in The Cloud™ Hybrid Cloud™ and on-premises
#SUGDC
Branding Design Manager Change the Look Dynamic Navigation Search Engine Optimization
#SUGDC
Enterprise Metadata Taxonomies and Folksonomies are not shared Information architecture dictates where content lives
Similar content can (and should) be managed together Customizations & Dashboards for targeted content should be managed in a single environment Think segmented, not shared
#SUGDC
Information Rights Management Applied to files at the list and library level Relies on the Windows Azure Active Directory Rights Management (Windows Azure AD RM) IRM applies only to files that are attached to list items, not the actual list items. Encryption is supported for
PDF The 97-2003 file formats Word, Excel, and PowerPoint The Office Open XML formats for Word, Excel, and PowerPoint The XML Paper Specification (XPS) format
#SUGDC
User Profiles Each environment could host a User Profile and My Site for each user
Recommend that users have a single My Site and a single User Profile.
DirSync is unidirectional Leverage Trusted Host Locations Tags and Notes are unique to each environment
#SUGDC
SharePoint 2010 and Office 365 Search Not possible to share indexes Limited options
One search center with side-by-side results Two search centers with separate results
Best bets can help (point to external sources) Not possible to consume O365 Federated results on-premises It is possible to browse to the raw federated results feed from an O365 Search Center
#SUGDC
SharePoint 2013 and Office 365 Search Authentication Topologies
Supported Functionality
One-way outbound SharePoint Server 2013 Search services can query SharePoint Online site collections and return federated results to SharePoint Server 2013 Search
One-way inbound SharePoint Online Search services can query SharePoint Server 2013 site collections and return federated results to SharePoint Online Search
Two-way (bidirectional) Both SharePoint Server 2013 and SharePoint Online Search services can query site collections in the other environment and return federated results
#SUGDC
SharePoint 2013 and Office 365 Search
#SUGDC
SharePoint 2013 and Office 365 Search
#SUGDC
SharePoint 2013 and Office 365 Search
#SUGDC
Reverse Proxy Requirements The device must support
Certificate authentication using a wildcard or SAN X.509 certificate as the client certificate Allow pass through of OAuth 2.0 redirection-based authentication Preservation of request headers
If the internal and external URLs of your on-premises SharePoint Server 2013 are different, the device must support path mapping and link translation. Forefront Threat Management Gateway (TMG) 2010 is the only reverse proxy device for which specific configuration guidance is available. Microsoft Unified Access Gateway (UAG) is not supported for use as a reverse proxy device in hybrid environments that require certificate authentication.
#SUGDC
SharePoint 2013 and Office 365 Search On-premises AD DS domain in a forest that has a Windows Server 2008/Windows Server 2008 R2/Windows Server 2012 forest functional level An on-premises server for
AD FS 2.0 Microsoft Online Services Directory Synchronization tool
An operational on-premises SharePoint Server 2013 farm that has each of the following: An Enterprise Search site collection configured with a public external URL An SSL certificate issued by a public root authority An App Management Service Proxy A Subscription Settings service application A Search service application
An Office 365 Enterprise plan (E1/E3) A reverse proxy device with an Internet connection that permits unsolicited inbound traffic An Internet domain and access to DNS records for the domain
#SUGDC
Business Intelligence Topologies
One-way inbound Two-way (bidirectional)
Use App or External list to access data from SPO to your on-premises environment BCS Service brokers OData service endpoints Can be configured to support full CRUDQ functionality
#SUGDC
Autohosted Apps Contains one or more Windows Azure Web Sites SharePoint provisions and deploys for you Launched from a SharePoint 2013 host web May also include
SharePoint components on an app web Windows Azure SQL Server database
Windows Azure Access Control Services (ACS) brokers OAuth Requests
#SUGDC
Migration Tips SharePoint Migration Tools
Out in the hallway… be sure to ask about full fidelity of metadata Migration Techniques and Strategies
Phased typically works better… Fab 40 - not available… don’t try
Let the Exchange folks go first J
questions
#SUGDC
Who are we again? Scott Hoag @ciphertxt Applied Information Sciences Infrastructure Consultant [email protected]
Dan Usher @binarybrewery Booz Allen Hamilton Lead Associate [email protected]