PowerPoint Presentation

Deploying Office 365 in Production: Part 1October 201310/4/20131Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.Session Overview2Session OverviewThis session details the options and considerations when expanding a pilot Office 365 environment into a production deployment. Unlike on-premises implementations, IT professionals can scale out their Office 365 tenants with ease. However, with added scale, it is important to start to automate user provisioning, add a production domain and set up the desired workloadsStep 2: Deployment Overview4

Optional integrationExtend in weeksMeet business needsCustomized to landscape Core onboardingDeploy in daysCompanywide cloud useIT led migrationFull Office 365 servicePilot in hoursPersist to deploymentUser led migration

First use in hours, Onboarding in daysExchange, SharePoint, Lync, Office 365 ProPlus, WA Active Directory

Pilot completeDeploy CompleteWhatOffice 365 ServiceExchange, SharePoint, Lync, Office Web Apps, Office 365 ProPlus, Mobile

How

Service domainCloud IdentityWeb Client

Office clientSelf Service

WhatAll Pilot Features +Shared namespace, simple coexistence, external sitesHow

Pilot +IT led migration *Customer domainDirectory sync

Password syncAdmin migrationsOnRampWhatDeploy +Federation, Hybrid Delegation, and more

How

Deploy+ *Configure adv. featuresFederated IdentityExchange HybridCorporate app store

SharePoint HybridLync Hybrid3rd party migration toolsAdopt new features

Deploy Enhance Pilot123

TechReady 16 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.10/4/20135Sign-onIntegrated identity managementSign-on with the same user and password as on premisesMailIntegrated mail flow and migrationGlobal address list Full mail content migration mail, calendar, contactsCollaborationSharing and working with othersLync business partner federationSite governance and provisioning supportSetup of Apps for Office corporate app catalogClientsIT managed client productivityOffice 365 ProPlus deployed to user desktop via IT processMobileManaged mobile connectivitySend and receive mail from mobile device as on-prem emailAdministrationControl & monitorData loss prevention configuration (limited)Exchange Online Protection mail protection configuration (limited)Setup in daysAdds on-premises integrationPilot user and info is sustainedIT driven migrationMail migration that best fits environment

From EX 2010 Mail ServersManaged mail moves (MRS)Free/busy cross premisesUse existing OSTFrom EX 2007/03 Mail Servers Staged mail migrationNew mail file downloadFrom OthersUser migration (PST import) or IMAP MigrationNew mail fileDeploy Experience whats added10/4/20136Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.IdentityWhats RequiredDirectory Sync server/sAD meets service requirements for hygieneSame password on-prem and in cloud via password syncNetworkWhat you need to connectNetwork access to service from client end pointsNetwork bandwidth availabilityAccess to maintain DNS entries for share domainsClientsRequired to connect and deployWeb client minimum browserOffice 365 Pro Plus clients running Windows 7 +Unique requirements per mail platformDedicated customer IT teamChange management readiness

MailRequired to setup and migrateAdmin accessFrom EX 2010 Mail ServersExchange 2010 SP3Certificates - publicFrom EX 2007/03 Mail Servers Outlook Anywhere AccessFrom OthersPST requirementDeploy whats requiredCloud IdentitySingle identity in the cloud

Windows Azure Active DirectoryOn-Premises IdentityDirsync & Password SyncDirectory & Password SynchronizationSingle identity without federation

Windows Azure Active DirectoryFederated IdentityOn-Premises IdentityFederationSingle federated identity and credentials

Windows Azure Active DirectoryDirectory SyncDeploy Identity Scenario Deploy Enhance Pilot123

8AgendaWhat is DirSync?Purpose What does it do?Understanding SynchronizationUnderstanding CoexistenceUnderstanding MigrationsSelf ServiceAdmin leadMigration OptionsPST migrationsIMAP migrationsStaged Exchange migrations

What is DirSync?10What is DirSync?Application that synchronizes on-premises Active Directory with Office 365Designed as a software based applianceSet it and forget itx64 version based on FIM 2010Bundled with SQL Server 2008 R2 Express Edition

11Purpose (#1)Enables coexistenceProvisions objects in Office 365 with same email addresses as the objects in the on-premises environmentProvides a unified Global Address List experience between on-premises and Office 365Objects hidden from the GAL on-premises are also hidden from the GAL in Office 365Enables coexistence for ExchangeWorks in both simple and hybrid deployment scenariosEnabler for mail routing between on-premises and Office 365 with a shared domain namespaceEnables coexistence for Microsoft Lync

12Purpose (#2)Enables run state administration and management of users, groups, and contactsSynchronizes adds/deletes/modifications of users, groups, and contacts from on-premise to Office 365Enabler for Single Sign-OnMandatory component for ADFS / Federated Identities deploymentsNot intended as a single use bulk upload tool

13Understanding Synchronization14SynchronizationSynchronize one (and only one) Active Directory forest with Office 365Entire Active Directory forest is scoped for synchronization (default)Filtering can be configured based on OU, AD domain, and user attributeWhat is synchronized?All user objectsAll group objectsMail-enabled contact objectsPasswords are not synchronized10/4/201315Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.SynchronizationMost Synchronization is from on-premises to Office 365In an Exchange Hybrid Deployment, DirSync is configured to write attributes back to the on-premises Active DirectorySynchronization occurs every 3 hours Use Start-OnlineCoexistenceSync cmdlet to force a sync outside of regular synchronization schedule

1610/4/201316Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.SynchronizationUser ObjectsMail-enabled/mailbox-enabled users are synchronized as mail-enabled users (not mailbox-enabled users)Visible in the Office 365 GAL (unless explicitly hidden from GAL)Logon enabled, but not automatically licensed to use servicesTarget address is synchronized for mail-enabled usersRegular NT users are synchronized as regular NT usersNot automatically provisioned as mail-enabled in Office 365Resource mailboxes are synchronized as resource mailboxesSynchronized users are not automatically assigned a license

17SynchronizationGroup ObjectsMail-enabled groups are synchronized as mail-enabledGroup memberships are synchronizedSecurity groups are synchronized as security groupsDynamic Distribution Groups are NOT synchronized

Contacts ObjectsOnly mail-enabled contacts are synchronizedTarget address is synchronized to Office 365

18SynchronizationNew user, group, and contact objects that are added to on-premises are added to Office 365Licenses are not automatically assignedExisting user, group, or contact objects attributes that are modified on-premises are modified in Office 365Not all on-premises AD attributes are synchronized

19SynchronizationExisting user, group, and contact objects that are deleted from on-premises are deleted from Office 365Existing user objects that are disabled on-premises are disabled in Office 365License is not automatically unassigned

20SynchronizationFirst synchronization cycle after installation is a full synchronizationMay be a time consuming process relative to the number of objects synchronizedApproximately 5000 objects every 45 to 60 minutesPlan ahead if synchronizing tens or hundreds of thousands of objectsSubsequent synchronization cycles are deltas only and much faster21On-premises

Synchronization22

ExchangeActive DirectoryOffice 365

Windows Azure Active Directory

Directory Synchronization

Provisioning Web ServiceLogon Enabled UserMail-Enabled (not mailbox-enabled)ProxyAddresses: SMTP: John.Doe@contoso.com smtp: John.Doe@contoso.onmicrosoft.com smtp: John.Doe@contoso.mail.onmicrosoft.comTargetAddress: SMTP: John.Doe@contoso.com

Exchange OnlineAuthentication PlatformSharePoint OnlineLync OnlineUser ObjectMailbox-EnabledProxyAddresses: SMTP: John.Doe@contoso.com

Sync Cycle Stage 3:Export Users, Groups, and Contacts to Office 365Sync Cycle Stage 2:Import Users, Groups, and Contacts from Office 365Sync Cycle Stage 1:Import Users, Groups,and Contacts from on-premisesSync Cycle Stage 4:Export Write Back attributes10/4/201322Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.SynchronizationOnce implemented, on-premises AD becomes the source of authority for synchronized objectsModifications to synchronized objects must occur in the on-premises ADSynchronized objects cannot be modified or deleted via the portal unless DirSync is disabled for the tenantScoping/FilteringCustom scoping of default management agents is officially supported

2310/4/201323Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.SynchronizationOn-premises objectGuid AD attribute is assigned as the value for immutableID attribute during initial synchronization of an objectReferred to as a hard matchDirSync knows which Office 365 objects it is the source of authority for by examining sourceAnchor attributeDirSync can also match user objects created via the portal with on-premises objects if there is a match using the primary SMTP addressReferred to as a soft match24SynchronizationOn-premises proxyAddresses attribute values are synchronizedRequires a matching verified domainUpdates/modifications to on-premises proxyAddresses attribute are synchronized even after license assignment

25SynchronizationBy default, only the first 50,000 objects are synchronizedSTEVE TO ADDQuota limit can be increased by contacting technical supportSynchronization service will be stoppedEmail sent to technical contactDeleted objects count against quota for up to 30 days 26Synchronization10GB SQL Server 2012 Express Edition database file size is estimated to max out ~50,000 objects50,000+ total objects requires full SQL ServerAuthorization and synchronization occur via SSL

27SynchronizationSynchronization errors are emailed to the Technical Contact for the subscriptionRecommend using a distribution group as the Technical Contact email addressExample errors include:Synchronization health statusSent once a day if a synchronization cycle has not registered 24 hours after last successful synchronizationObjects whose attributes contain invalid charactersObjects with duplicate/conflicting email addressesSync quota limit exceeded

28Azure AD DirSync scoping optionsAbility to DirSync to Windows Azure AD only a subset of your usersOptions for FilteringOU Domain-based User attribute Step-by-step instructions available on TechNetTechEd 2013 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.10/4/2013 12:27 PM29Password SynchronizationScheduled to release in CY2013

New feature of Windows Azure Directory Sync as an alternative to Federated AuthenticationCustomer benefits:Customer can use a single set of credentials (same username and password) to access both on-premises and online resourcesThis single set of credentials is managed in the customers Active Directory and is synchronized with Office 365 (username + password)Password Sync is fully integrated in the DirSync appliance, no additional sw/hw, or changes to the on-premises AD are requiredNo requirement to deploy and maintain Active Directory Federation Services.Keeps the deployment simple and eliminates IT costs associated with ADFSTechEd 2013 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.10/4/2013 12:27 PM30Password Sync securityDoes not require nor access the plain text passwordNo requirement for AD reversible encrypted formatAD user password hash is hashed again using a non-reversible encryption function and digest is synchronized into Azure ADThe digest in Azure AD cannot be used to access resources in the customers on-premises environmentTechEd 2013 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.10/4/2013 12:27 PM31Password Sync key password policiesPassword Sync is one-way synchronization from on-premises to the cloudPassword Complexity Policy implemented in the on-premises AD is the master policyPassword Expiration Policy on the Azure AD is set to Never Expire Password expiration and sync to Azure AD is driven by on-premises eventsTechEd 2013 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.10/4/2013 12:27 PM32Understanding Coexistence33What is Coexistence?Some users are provisioned in Office 365 while the remaining users are provisioned in the on-premises environmentOffice 365 users see the same objects in the Global Address List as the on-premises usersEmail messages are routed seamlessly from Office 365 users to on-premises users, and vice-versa10/4/201334Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.Simple Coexistence DeploymentUses Directory Synchronization for GAL synchronizationEnables mail routing between on-premises and Office 365 using a shared DNS namespaceProvides a unified GAL experienceCan be used with cloud identities or federated identitiesDoes not require an on-premises Hybrid server3510/4/201335Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.Hybrid DeploymentUses Directory Synchronization for GAL synchronizationEnables mail routing between on-premises and Office 365 using a shared DNS namespaceProvides a unified GAL experienceCan be used with cloud identities or federated identities

3610/4/201336Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.Office 365SEM Architecture37On-premises Exchange OrgUsers, Groups, Contacts via DirSyncMailbox Data via Outlook Anywhere (RPC over HTTP)

Exchange 2003 or 2007

Office 365 Directory SynchronizationApp10/4/201337Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.Mail Routing: Pre-Coexistence38On-premisesMessage FilteringMX Record:contoso.com

User ObjectMailbox-EnabledProxyAddresses: SMTP: John.Doe@contoso.com

ExchangeActive Directory

10/4/201338Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.Mail Routing: On-Premises To Office 36539On-premisesMessage FilteringMX Record:contoso.com

ExchangeActive DirectoryOffice 365MX Record:contoso.onmicrosoft.comcontoso.mail.onmicrosoft.comExchange Online Protection

Exchange OnlineOnline Directory

DirSync

DirSync Web ServiceLogon Enabled UserMailbox-EnabledProxyAddresses: SMTP: John.Doe@contoso.com smtp: John.Doe@contoso.onmicrosoft.com smtp: John.Doe@contoso.mail.onmicrosoft.comUser ObjectMail-Enabled (not mailbox-enabled)ProxyAddresses: SMTP: John.Doe@contoso.comTargetAddresses: SMTP: John.Doe@contoso.mail.onmicrosoft.com

10/4/201339Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.Mail Routing: Office 365 To On-Premises40On-premisesMessage FilteringMX Record:contoso.com

ExchangeActive DirectoryOffice 365MX Record:contoso.onmicrosoft.comcontoso.mail.onmicrosoft.comExchange Online Protection

Exchange OnlineOnline Directory

DirSync

DirSync Web ServiceLogon Enabled UserMail-Enabled (not mailbox-enabled)ProxyAddresses: SMTP: Jane.Doe@contoso.com smtp: Jane.Doe@contoso.onmicrosoft.com smtp: Jane.Doe@contoso.mail.onmicrosoft.comTargetAddresses: SMTP: Jane.Doe@contoso.comUser ObjectMailbox-EnabledProxyAddresses: SMTP: Jane.Doe@contoso.com

10/4/201340Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.Hybrid DeploymentEnables DirSync Write BackEasily move mailboxes back to on-premise (off-boarding)Enables Safelist Aggregation (a.k.a. Filtering Coexistence)Enables cloud archiveRequires on-premises Hybrid Server deployment

41AttributeFeatureSafeSendersHashBlockedSendersHashSafeRecipientHashSafelist Aggregation (a.k.a. Filtering Coexistence )enables on-premise filtering using cloud safe/blocked sender infomsExchArchiveStatusCloud ArchiveAllows users to archive mail to the Office 365 serviceProxyAddresses (cloudLegDN)Mailbox off-boardingEnables off-boarding of mailboxes back to on-premisecloudmsExchUCVoiceMailSettingsVoicemail Co-ExistenceUsed for Exchange Unified Messaging-Microsoft Lync Server 2010 integration to indicate to on-premises Lync Server that the user has voice mail in the cloud10/4/201341Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.Understanding Migrations42Migration Option Decision Factors43 | Microsoft ConfidentialDEPLOYMENT PLANMigration solution is part of the planSource ServerExchangeIMAPLotus NotesGoogleSizeLargeMediumSmallIdentity ManagementIn-CloudOn-PremiseSingle Sign-OnProvisioningDirSyncManual/Bulk ProvisioningCoexistenceRequirementSimpleRich43Time to ValueSelf serve or Admin DrivenFeatures by user typeCloud or on- premises tools43Additional Onboarding Options44ControlDeployment TypeDescriptionSelf ServiceNew mailboxUser receives new green field mailbox i.e. user is onboarded to without data migration.New mailbox + Outlook PSTUser receives new mailbox and either attaches or imports PST files for access to pre-Office 365 data.New mailbox + Connected AccountsUser receives new mailbox and configures connected accounts via OWA.Admin-DrivenNew mailbox + PST ImportUser receives a new mailbox and admin uses PST Export features of Exchange and 3rd Party tools to import PST data into the users Exchange Online mailbox.44PST Migration IMAP migrationStaged migrationHybridExchange 5.5XXExchange 2000XXExchange 2003XXXExchange 2007XXXExchange 2010XXXExchange 2013XXXNotes/DominoXXGroupWiseXXOtherXX* Additional options available with tools from migration partnersFastTrack Step 2 Migration OptionsMigrationPST MigrationImport of Archived/Offline MailIMAP migrationSupports wide range of email platformsEmail only (no calendar, contacts, or tasks)Staged Exchange migrationNo server required on-premisesIdentity federation with on-premises directoryHybridHybrid deploymentManage users on-premises and onlineEnables cross-premises calendaring, smooth migration, and easy off-boarding45Migration OptionsIMAP Migrations

10/4/201347Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.IMAP Features and BenefitsWorks with a large number of source mail systemsWorks with on-premises or hosted systemsUsers can be migrated in batchesOn-premises migration tool is not required

4810/4/201348Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.IMAP Requirements and LimitationsAccess to IMAP ports (TCP/143/993)SMTP domains configured in O365 tenantUsers + mailboxes must be provisioned prior to migrationBulk provisioning, CSV parser, manual, etc.Gather user credentials or setup admin credentialsPrepare a CSV file with list of usersEmailAddress, UserName, PasswordMax of 50,000 rowsMax 10 MB in sizeVery limited data migration scope (mail items only)4910/4/201349Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.IMAP Data Migration ScopeMigratedMail messages (Inbox and other folders)Maximum of 500,000 itemsPossible to exclude specific folders from migration(e.g. Deleted Items, Junk E-Mail)Not MigratedContacts, Calendars, Tasks, etc.Excluded foldersFolders with a forward slash( / ) in the folder nameMessages larger than 25 MB5010/4/201350Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.Deltasync every 24 hoursMark migration as completeChange MXrecordGather IMAP creds, configure IMAP endpoint and prepare CSVIMAP Migration Flow51Provisionusers+mailboxesin O365

(license assigned)EAC Wizard:

Enter server settings and upload CSVInitial syncFinal sync and cleanup

10/4/201351Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.IMAP Migrations

Questions?

10/4/201352Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.StagedExchangeMigrations(SEM)

10/4/201353Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.SEM Features and BenefitsSimple and flexible migration solutionHigh-fidelity solution all mailbox content is migratedTypically best suited to medium and large organizationsUsers are provisioned with Directory Sync prior to migrationNo limit on the number of mailboxesUsers can be migrated in batches (up to 1000 per batch)Works with Exchange 2003 and 2007 only, on-premises or hostedIdentity management on-premisesOn-premises migration tool is not required5410/4/201354Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.SEM RequirementsOutlook Anywhere service on source system(must have SSL certificate issued by a public CA)Migration Account with Full Access or Receive-As permissions to all mailboxes that will be migratedSMTP domain(s) configured in O365 tenantDirectory Sync tool enabled in O365 tenant(i.e. requires simple coexistence)5510/4/201355Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.SEM LimitationsSEM is not supported with Exchange 2010 and 2013Only simple coexistence is available(no sharing of free/busy, calendar, etc.)5610/4/201356Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.SEM Accounts and PasswordsAccounts ProvisioningMigration tool relies on DirSync to do provisioningFor every on-premises mailbox to be migrated there needs to be a MEU or Mailbox in Office 365PasswordsTarget mailbox passwords must be specified for all usersAdministrators can force users to change passwords on first loginNote: Password management has been simplified with DirSync and password sync5710/4/201357Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.SEM Batch File FormatCSV formatEmailAddress, Password, ForceChangePasswordOne user per lineMax of 1000 users in each CSV Smart-check against the Office 365 directory 5810/4/201358Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.SEM Data Migration Scope59MigratedMail messages and foldersRules and categoriesCalendar (normal, recurring)Out-of-Office settingsContactsTasksDelegates and folder permsOutlook settings (e.g. favorites)Not MigratedSecurity Groups, DDLsSystem mailboxesDumpsterSend-As PermissionsMessages larger than 25 MB10/4/201359Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.SEM Data Migration ScopePartial migrations are not possible (no folder exclusion, no time range selection, etc.)Mailboxes enabled for Unified Messaging cannot be migratedHidden mailboxes (not visible to tool) cannot be migratedNew cloud mailbox is created (new GUID) and data is copiedExisting cached-mode files (OST files) cannot be preserved

6010/4/201360Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.SEM User ExperienceAdmin needs to distribute new passwords to usersUsers create their new Outlook profile using O365 username and new passwords (Autodiscover)All mail is downloaded from the Office 365 mailbox (i.e. the OST file must be recreated)

Note: IT Admins must convert on-premises mailbox-enable user to mail-enable user (which will delete on-premises content)6110/4/201361Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.Configure DirectorySyncEACWizard:

Enter server settings , admincreds, batch CSVDelete migration batch(optional)Change MXRecordSEM Migration Flow62Migrate Batch

Convert onprem mailboxes to MEU

License users

Configure Outlook Anywhere

Test using ExRCA

Assign migrationperms

10/4/201362Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.StagedExchangeMigrations

Questions?

10/4/201363Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

10/4/2013 12:29 PM64 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.