office 365 – evaluating, deploying & migrating – notes from the field daryl gwyn office 365...
TRANSCRIPT
Office 365 – evaluating, Deploying & Migrating – Notes from the fieldDaryl GwynOffice 365 TSP (Technical Solutions Professional)Microsoft Corporation
OSP350
AgendaRunning Order
Office 365 OverviewIdentity
DirSyncADFS
ExchangeSharePointLyncPartners
…with some random facts splattered randomly throughout…
Nephophobia is…
A fear of clouds
Microsoft Office 365
Pay-as-you-go, per-user licensing
Complete Office experience with services
integration
Always the latest version of Office and Office Web
Apps
Familiar Office user experience
IM & Presence across firewalls
GAL search in SharePoint
Online meeting with desktop sharing
Windows Live federation
My Sites to manage and share documents
Access documents offline
Document-level permissions
Share documents securely with Extranet Sites
25Gb mailbox with voicemail & unified
messaging
Integrated personal archiving
Retention policies and legal hold
Free/busy coexistence
Office 365 OverviewWhat does Office 365 Consist of?
Office 365 Enterprise Service Descriptions
http://www.microsoft.com/en-us/download/details.aspx?id=13602
The two types of Enterprise worker
Information Worker
25GB mailbox500MB SharePoint storageLync rich clientRapid modular modelAdvanced Exchange and SharePoint capabilitiesOffice Professional PlusOn-premise access rights
Kiosk Worker
1GB mailboxOutlook Web AccessActiveSync email supportMessaging, Contacts and CalendarAnti-Virus / Anti-SpamSharePoint site search capabilitiesOffice Web Apps
K Plans
E Plans
Office 365 is on track
to be one of the fastest growing offers
in Microsoft history
Tenants & TrialsA few things to be aware of
www.office365.com Choose the right offering (Small Business vs Enterprise)
Use the proper tenant name (it can’t be changed)SharePoint URL (https://tenant.sharepoint.com)Lync Meetings
Add (EA) licenses to correct tenantVerifying your domains
DNS records are usedConsider using dummy domains if it’s a “throw-away” trial tenant
Raise an SR to increase trial users from 25 to 75 (and extend for 30 days)Moving from a trial to Production (powershell)
Find all users who have the trial licenses…#EDIT LINES ABOVE WITH APPROPRIATE SKU INFO From “Get-MsolAccountSku”
$oldLicensePack = "Microsoft Ltd:ENTERPRISEPACK"$newLicensePack = "Microsoft Ltd:DESKLESSPACK"
#Get all users that are currently licensed###$currentLicensedUsers = Get-MsolUser -All | ?{$_.islicensed -eq $true}
#create array to store users who match the OLD License Pack$arrayUsersWithMatchingLicenses = @()
# Step through each user and find those with the trial licenses$currentLicensedUsers | %{ $skuid = $_.licenses | Select-Object accountskuid if ($skuid.accountskuid -eq $oldLicensePack) { $arrayUsersWithMatchingLicenses += $_ }}
Change those user’s licenses…
#for each user, remove the trail and add the purchased license.
$arrayUsersWithMatchingLicenses | %{Set-MsolUserLicense -UserPrincipalName $_.UserPrincipalName -RemoveLicenses
$oldLicensePack -AddLicenses $newLicensePack }
Office 365 is now
commercially available in
88 markets
and 32 languages
around the world
Identity
Directory Synchronisation (DirSync)
ADFS 2.0
DirSyncConnecting your AD to the Cloud
Now available in 32 bit or 64bitBased on Identity Lifecycle Manager (ILM) and ForeFront Identity Manager (FIM)
Reads Active Directory objects and attributesCreates Office 365 Objects Flows attribute changes between on-premises and Office 365Simplified install specifically for Office 365
DirSyncThings to be aware of….
Make sure your AD is ‘clean’ before syncingLook for
Is AD the source of your GAL informationUnsupported charactersAny conflicts, or duplicationsEtc.
How many objects will be Sync’d?If less than 50k – you have the builtin SQL ExpressIf more than 50k – you need to use full SQL
Install DirSync from commandline with “/FULLSQL” switch
DirSyncThings to be aware of….
The “20k Object limit”If you have more than 20k objects to Sync, you need to call support and they will raise the limit.
How many AD Forests do you have?DirSync Doesn’t need to be Highly AvailableFiltering is still not fully supported (but it’s coming)Make sure you verify (activate) all of your SMTP domains
UPFRONT!!
For example… do you manage the DNS records for every SMTP namespace that you use?
Verify your domains – in advance
Verify all domain names in advance… you never know if there will be unseen delays…
DirSyncThings to be aware of….
For all of these… the Deployment Readiness Tool is your friend:
http://community.office365.com/en-us/f/183/p/2285/38134.aspx
It shows you:SMTP domains in useNumber of accounts that will SyncUnsupported charactersUnsupported clientsUPNs (User Principal Names)Etc.
All current customers on BPOS (Business Productivity Online Suite)
will have been transitioned to Office 365
by September 2012
ADFS v2.0How does it work?
Allows users to Authenticate to Office 365 using their Active Directory Domain credentials
Instead of having a “Cloud Identity”
DirSync must be used to provision accounts
How does Auth Work?
Identity FederationAuthentication flow
`
Client(joined to CorpNet)
Federation GatewayAD FS 2.0 Server
Exchange Online orSharePoint Online
Active Directory
Customer Microsoft Online Services
21 | Microsoft Confidential
ADFSThings to be aware of…
Requires an ADFS farm to be made available (usually consists of 2 ADFS servers and 2 Proxy Servers)
Users must use their UPN to authenticateE.g. [email protected]
Recommended that the UPN matches the user’s email address
ADFS Some Useful Articles
New Federation tool – Updates Federation metadata when certs Auto-Renew
http://gallery.technet.microsoft.com/scriptcenter/Office-365-Federation-27410bdc
Configure TMG to pass traffic to ADFS Proxy http://blogs.technet.com/b/danielkenyon-smith/archive/2012/04/17/ad-fs-publishing-and-policy-rules.aspx
Deploy ADFS Update Roll-Up 1 (
http://support.microsoft.com/kb/2607496)
Enables Multiple Issuer SupportEnables Client Access Policy Support
Is a portmanteau (combination of words)
Of the words
Microcomputer
and
Software
ExchangeWhat Customers Like….
Voicemail – UMHuge Mailboxes (25GB…. That’s 24.5GB more than we have today)
Mobile Working – OWA, ActiveSync, etc.Compliance – everything in 1 placeCalendar overlaysOWA “looks just like Outlook”“I didn’t know that I had been Migrated”
ExchangeThings to look out for…
Shared mailboxes are now free (previous bug has been fixed)New Shared mailboxes tool:
http://community.office365.com/en-us/w/exchange/1712.aspx To Sync AD Security Groups - You need to mail enable themADFS cred Prompts experience – “Remember my credentials”
Non-migrated users – prompt (upn)Exchange Multi-Mailbox Search User Interface Now Supports 5,000 Mailbox Searches25GB OST is too big for our old Hardware!!Check Outlook Version – Outlook Standard cannot access Archives or create IRM content
http://office.microsoft.com/en-us/outlook-help/license-requirements-for-personal-archive-and-retention-policies-HA102576659.aspx
ExchangeThings to look out for…
Do you have an Old Trial tenant? BPOS Tenant? FOPE tenant?Password prompts from Outlook – apply the patches/SIAMake sure you use the smart links (especially for Kiosk users)
e.g. www.outlook.com/daryl365.com
Update your DNS SPF record: v=spf1 include:outlook.comWinMail.dat for external users (e.g. Notes users) http://support.microsoft.com/kb/2656736/pt-br
Set-MailContact < External Email Address or GUID > -UseMapiRichTextFormat Never
Modify AD Distribution Group Membership:%SystemRoot%\System32\rundll32.exe dsquery,OpenQueryWindow
Exchange MigrationWhat about moving the mailboxes
TMG flood mitigationhttp://community.office365.com/en-us/w/exchange/office-365-move-mailbox-fails-with-transient-exception.aspx
Free Exchange 2010 Server license – for the Hybrid serverMail items that are too largeMake sure all SMTP domains are verified in advanceThere is pre-authentication set on the TMG/ISA or UAG
http://blogs.technet.com/b/danielkenyon-smith/archive/2012/05/23/office-365-hybrid-configuration-wizard-hcw.aspx
What's your appetite for failures?
Exchange MigrationWhat about moving the mailboxes…
Pre Flight checksALL SMTP domains verifiedPre-readiness checksClient OSOffice version
BlackBerryBackup -> Wipe -> Register/Activate with BBCS -> Restore
To use Wildcard Certs for Hybrid, you need Exchange 2010 SP2 RU1URLs instead of I.P. filtering
We have reserved an IP range (132.245.0.0/16) for future infrastructures for Exchange, Lync, SharePoint & FOPE services.
Exchange remote connectivity analyser:https://www.testexchangeconnectivity.com
Exchange Deployment Assistant:http://technet.microsoft.com/en-gb/exdeploy2010/default.aspx
Mailbox delegatesPublic foldersMobile deviceEtc
Microsoft is rumoured
to ask very odd
interview questions
Like: “Why is a man-hole cover Round”
(I didn’t get asked that )
SharePoint
Tenant NamingVanity URLsExternal Sharing
Now uses EasiIDNow supports 10k external users for free
Data GovernanceInformation Management Policies
Lync
Pretty StraightforwardLookout for Ports, Proxies, and Urls (MODG)Add the DNS discovery recordsEnable federation if requiredLync To Phone is coming… PSTN breakout
(http://pinpoint.microsoft.com/en-us/applications/jajah-voice-for-office-365-12884930736)
Watch out for users who had OCS or Lync OnPremDisable OnPrem OCS account BEFORE enabling Lync OnlineThis clears attributes such as msRTCSIP-PrimaryUserAddress
Lync Online Transport Reliability IP Probe (TRIPP) toolAmsterdam, NL: http://trippams.online.lync.com Dublin, IE: http://trippdb3.online.lync.com
The Softer side
Who owns the deployment PlanQuick start guides – what to expectFloor walkersPlan to Hand over support to local IT officesBusiness communication to local officesCommunicate UserNames (if it is to change – UPN etc)Appetite for failures and hiccups…Understand roles – PM, Customer, Partner, Microsoft
In Microsoft Windows
it is not possible
to create a folder named
“Con”
(try it, if you don’t believe me)
Other Tools and URLs
Microsoft Office365 Deployment Guide (MODG – pronounced ‘Modgee’):
http://community.office365.com/en-us/f/183/p/1541/5095.aspx
Microsoft Exchange PST Capturehttp://blogs.technet.com/b/exchange/archive/2012/01/30/pst-time-to-walk-the-plank.aspx
Trust Centrehttp://www.microsoft.com/en-us/office365/trust-center.aspx#fbid=7CcSLYGRwVs
Platform PowerShellhttp://onlinehelp.microsoft.com/en-us/office365-enterprises/hh125002.aspx
Exchange PowerShellhttp://help.outlook.com/en-us/140/dd575549.aspx?sl=1
Speedtest for EMEAhttp://speedtest.emea.microsoftonline.com/ www.speedtest.net (choose a Dublin and Amsterdam server)
Other Tools and URLs
Lync Bandwidth calculator: http://www.microsoft.com/en-us/download/details.aspx?id=19011
Exchange Client Network Bandwidth Calculator: http://gallery.technet.microsoft.com/Exchange-Client-Network-8af1bf00
What’s New and changed
http://community.office365.com/en-us/w/office_365_service_updates/974.aspx Kiosk
Can now use ActiveSync for PhonesIncreased from 500MB to 1GB mailbox
SharePoint – cap increased from 5TB to 25TBRecover Deleted Site collectionsImproved PDF support – open/save/iconEASI-ID for SharePoint External SharingRolling legal hold – now in PowerShellLync client side recordingLync Control Panel – presence privacy, mobile notification, dial-in conferencing, etc
In Microsoft Word
You can use this formula
to populate a document
with random text:
=rand(200,99)
(the first number is the number of paragraphs, the 2nd is the number of sentences in each)
Partners
Outsourcers/partners covering network, wintel, perimeter services, DNS, Certificates, etc.
Office 365 cuts through all of theseEngage them upfront
Partners
An Example of what one of our Partners is doing...
Homepage
Discovery
360] View of your environment
Licensing
Exceptions
Plan your Migration batches
Detailed view of users
Automate pre- and post- migration tasks
Go Home and watch TV
Live Status
( Just in case there’s nothing good on TV )
The CIO will want to see some Pretty Colours
Usage statistics
On-going License Management
All your error reports in 1 place
… All Done…
… But 1 last Fact before we go to Questions..…
There is
a 99.2735% chance
that I will get sacked
and this kitten will die
if you don’t complete your Evals!
Any Questions??
OSP Related ContentCode Title Schedule
OSP221 Microsoft Office 365 for Enterprises6/26/2012 16:30
OSP222 Empowering Small Businesses: Microsoft Office 365 P-Suite6/27/2012 10:15
OSP305 The Modern Compatibility Process to Accelerate Microsoft Office Deployment6/27/2012 12:00
OSP224 Microsoft Office 365 Management and Deployment6/27/2012 17:00
OSP321 Active Directory Integration with Microsoft Office 3656/28/2012 8:30
OSP303 Supporting Microsoft Office in an Enterprise Environment6/28/2012 12:00
OSP302 Building Integrated Microsoft Office 365, SharePoint Online, and Office Solutions Using BCS and LOB Data6/28/2012 14:45
OSP340 Office Deployment – Notes from the Field6/28/2012 16:30
OSP323 Microsoft Office 365 Security, Privacy, and Trust6/29/2012 8:30
OSP324 Microsoft Office 365 Service Reliability and Disaster Recovery6/29/2012 10:15
OSP350 Office 365 – evaluating, Deploying & Migrating – Notes from the field6/29/2012 13:00
OSP223 Microsoft Office 365 for Education6/29/2012 14:45
Related Resources
Office 365 TechCenter: technet.microsoft.com/Office365
Office Client TechCenter: technet.microsoft.com/officeOffice, Office 365 and SharePoint Demo Area Includes:
Office 365 IT Pro Command CenterOffice 365 Data Center Exhibit
Resources
Connect. Share. Discuss.
http://europe.msteched.com
Learning
Microsoft Certification & Training Resources
www.microsoft.com/learning
TechNet
Resources for IT Professionals
http://microsoft.com/technet
Resources for Developers
http://microsoft.com/msdn
Evaluations
http://europe.msteched.com/sessions
Submit your evals online
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to
be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS
PRESENTATION.