office 365 – evaluating, deploying & migrating – notes from the field daryl gwyn office 365...

Office 365 – evaluating, Deploying & Migrating – Notes from the fieldDaryl GwynOffice 365 TSP (Technical Solutions Professional)Microsoft Corporation

OSP350

AgendaRunning Order

Office 365 OverviewIdentity

DirSyncADFS

ExchangeSharePointLyncPartners

…with some random facts splattered randomly throughout…

Nephophobia is…

A fear of clouds

Microsoft Office 365

Pay-as-you-go, per-user licensing

Complete Office experience with services

integration

Always the latest version of Office and Office Web

Apps

Familiar Office user experience

IM & Presence across firewalls

GAL search in SharePoint

Online meeting with desktop sharing

Windows Live federation

My Sites to manage and share documents

Access documents offline

Document-level permissions

Share documents securely with Extranet Sites

25Gb mailbox with voicemail & unified

messaging

Integrated personal archiving

Retention policies and legal hold

Free/busy coexistence

Office 365 OverviewWhat does Office 365 Consist of?

Office 365 Enterprise Service Descriptions

http://www.microsoft.com/en-us/download/details.aspx?id=13602

The two types of Enterprise worker

Information Worker

25GB mailbox500MB SharePoint storageLync rich clientRapid modular modelAdvanced Exchange and SharePoint capabilitiesOffice Professional PlusOn-premise access rights

Kiosk Worker

1GB mailboxOutlook Web AccessActiveSync email supportMessaging, Contacts and CalendarAnti-Virus / Anti-SpamSharePoint site search capabilitiesOffice Web Apps

K Plans

E Plans

Office 365 is on track

to be one of the fastest growing offers

in Microsoft history

Tenants & TrialsA few things to be aware of

www.office365.com Choose the right offering (Small Business vs Enterprise)

Use the proper tenant name (it can’t be changed)SharePoint URL (https://tenant.sharepoint.com)Lync Meetings

Add (EA) licenses to correct tenantVerifying your domains

DNS records are usedConsider using dummy domains if it’s a “throw-away” trial tenant

Raise an SR to increase trial users from 25 to 75 (and extend for 30 days)Moving from a trial to Production (powershell)

Find all users who have the trial licenses…#EDIT LINES ABOVE WITH APPROPRIATE SKU INFO From “Get-MsolAccountSku”

$oldLicensePack = "Microsoft Ltd:ENTERPRISEPACK"$newLicensePack = "Microsoft Ltd:DESKLESSPACK"

#Get all users that are currently licensed###$currentLicensedUsers = Get-MsolUser -All | ?{$_.islicensed -eq $true}

#create array to store users who match the OLD License Pack$arrayUsersWithMatchingLicenses = @()

# Step through each user and find those with the trial licenses$currentLicensedUsers | %{ $skuid = $_.licenses | Select-Object accountskuid if ($skuid.accountskuid -eq $oldLicensePack) { $arrayUsersWithMatchingLicenses += $_ }}

Change those user’s licenses…

#for each user, remove the trail and add the purchased license.

$arrayUsersWithMatchingLicenses | %{Set-MsolUserLicense -UserPrincipalName $_.UserPrincipalName -RemoveLicenses

$oldLicensePack -AddLicenses $newLicensePack }

Office 365 is now

commercially available in

88 markets

and 32 languages

around the world

Identity

Directory Synchronisation (DirSync)

ADFS 2.0

DirSyncConnecting your AD to the Cloud

Now available in 32 bit or 64bitBased on Identity Lifecycle Manager (ILM) and ForeFront Identity Manager (FIM)

Reads Active Directory objects and attributesCreates Office 365 Objects Flows attribute changes between on-premises and Office 365Simplified install specifically for Office 365

DirSyncThings to be aware of….

Make sure your AD is ‘clean’ before syncingLook for

Is AD the source of your GAL informationUnsupported charactersAny conflicts, or duplicationsEtc.

How many objects will be Sync’d?If less than 50k – you have the builtin SQL ExpressIf more than 50k – you need to use full SQL

Install DirSync from commandline with “/FULLSQL” switch

DirSyncThings to be aware of….

The “20k Object limit”If you have more than 20k objects to Sync, you need to call support and they will raise the limit.

How many AD Forests do you have?DirSync Doesn’t need to be Highly AvailableFiltering is still not fully supported (but it’s coming)Make sure you verify (activate) all of your SMTP domains

UPFRONT!!

For example… do you manage the DNS records for every SMTP namespace that you use?

Verify your domains – in advance

Verify all domain names in advance… you never know if there will be unseen delays…

DirSyncThings to be aware of….

For all of these… the Deployment Readiness Tool is your friend:

http://community.office365.com/en-us/f/183/p/2285/38134.aspx

It shows you:SMTP domains in useNumber of accounts that will SyncUnsupported charactersUnsupported clientsUPNs (User Principal Names)Etc.

All current customers on BPOS (Business Productivity Online Suite)

will have been transitioned to Office 365

by September 2012

ADFS v2.0How does it work?

Allows users to Authenticate to Office 365 using their Active Directory Domain credentials

Instead of having a “Cloud Identity”

DirSync must be used to provision accounts

How does Auth Work?

Identity FederationAuthentication flow

`

Client(joined to CorpNet)

Federation GatewayAD FS 2.0 Server

Exchange Online orSharePoint Online

Active Directory

Customer Microsoft Online Services

21 | Microsoft Confidential

ADFSThings to be aware of…

Requires an ADFS farm to be made available (usually consists of 2 ADFS servers and 2 Proxy Servers)

Users must use their UPN to authenticateE.g. joe.bloggs@company.com

Recommended that the UPN matches the user’s email address

ADFS Some Useful Articles

New Federation tool – Updates Federation metadata when certs Auto-Renew

http://gallery.technet.microsoft.com/scriptcenter/Office-365-Federation-27410bdc

Configure TMG to pass traffic to ADFS Proxy http://blogs.technet.com/b/danielkenyon-smith/archive/2012/04/17/ad-fs-publishing-and-policy-rules.aspx

Deploy ADFS Update Roll-Up 1 (

http://support.microsoft.com/kb/2607496)

Enables Multiple Issuer SupportEnables Client Access Policy Support

Is a portmanteau (combination of words)

Of the words

Microcomputer

and

Software

ExchangeWhat Customers Like….

Voicemail – UMHuge Mailboxes (25GB…. That’s 24.5GB more than we have today)

Mobile Working – OWA, ActiveSync, etc.Compliance – everything in 1 placeCalendar overlaysOWA “looks just like Outlook”“I didn’t know that I had been Migrated”

ExchangeThings to look out for…

Shared mailboxes are now free (previous bug has been fixed)New Shared mailboxes tool:

http://community.office365.com/en-us/w/exchange/1712.aspx To Sync AD Security Groups - You need to mail enable themADFS cred Prompts experience – “Remember my credentials”

Non-migrated users – prompt (upn)Exchange Multi-Mailbox Search User Interface Now Supports 5,000 Mailbox Searches25GB OST is too big for our old Hardware!!Check Outlook Version – Outlook Standard cannot access Archives or create IRM content

http://office.microsoft.com/en-us/outlook-help/license-requirements-for-personal-archive-and-retention-policies-HA102576659.aspx

ExchangeThings to look out for…

Do you have an Old Trial tenant? BPOS Tenant? FOPE tenant?Password prompts from Outlook – apply the patches/SIAMake sure you use the smart links (especially for Kiosk users)

e.g. www.outlook.com/daryl365.com

Update your DNS SPF record: v=spf1 include:outlook.comWinMail.dat for external users (e.g. Notes users) http://support.microsoft.com/kb/2656736/pt-br

Set-MailContact < External Email Address or GUID > -UseMapiRichTextFormat Never

Modify AD Distribution Group Membership:%SystemRoot%\System32\rundll32.exe dsquery,OpenQueryWindow

Exchange MigrationWhat about moving the mailboxes

TMG flood mitigationhttp://community.office365.com/en-us/w/exchange/office-365-move-mailbox-fails-with-transient-exception.aspx

Free Exchange 2010 Server license – for the Hybrid serverMail items that are too largeMake sure all SMTP domains are verified in advanceThere is pre-authentication set on the TMG/ISA or UAG

http://blogs.technet.com/b/danielkenyon-smith/archive/2012/05/23/office-365-hybrid-configuration-wizard-hcw.aspx

What's your appetite for failures?

Exchange MigrationWhat about moving the mailboxes…

Pre Flight checksALL SMTP domains verifiedPre-readiness checksClient OSOffice version

BlackBerryBackup -> Wipe -> Register/Activate with BBCS -> Restore

To use Wildcard Certs for Hybrid, you need Exchange 2010 SP2 RU1URLs instead of I.P. filtering

We have reserved an IP range (132.245.0.0/16) for future infrastructures for Exchange, Lync, SharePoint & FOPE services.

Exchange remote connectivity analyser:https://www.testexchangeconnectivity.com

Exchange Deployment Assistant:http://technet.microsoft.com/en-gb/exdeploy2010/default.aspx

Mailbox delegatesPublic foldersMobile deviceEtc

Microsoft is rumoured

to ask very odd

interview questions

Like: “Why is a man-hole cover Round”

(I didn’t get asked that )

SharePoint

Tenant NamingVanity URLsExternal Sharing

Now uses EasiIDNow supports 10k external users for free

Data GovernanceInformation Management Policies

Lync

Pretty StraightforwardLookout for Ports, Proxies, and Urls (MODG)Add the DNS discovery recordsEnable federation if requiredLync To Phone is coming… PSTN breakout

(http://pinpoint.microsoft.com/en-us/applications/jajah-voice-for-office-365-12884930736)

Watch out for users who had OCS or Lync OnPremDisable OnPrem OCS account BEFORE enabling Lync OnlineThis clears attributes such as msRTCSIP-PrimaryUserAddress

Lync Online Transport Reliability IP Probe (TRIPP) toolAmsterdam, NL: http://trippams.online.lync.com Dublin, IE: http://trippdb3.online.lync.com

The Softer side

Who owns the deployment PlanQuick start guides – what to expectFloor walkersPlan to Hand over support to local IT officesBusiness communication to local officesCommunicate UserNames (if it is to change – UPN etc)Appetite for failures and hiccups…Understand roles – PM, Customer, Partner, Microsoft

In Microsoft Windows

it is not possible

to create a folder named

“Con”

(try it, if you don’t believe me)

Other Tools and URLs

Microsoft Office365 Deployment Guide (MODG – pronounced ‘Modgee’):

http://community.office365.com/en-us/f/183/p/1541/5095.aspx

Microsoft Exchange PST Capturehttp://blogs.technet.com/b/exchange/archive/2012/01/30/pst-time-to-walk-the-plank.aspx

Trust Centrehttp://www.microsoft.com/en-us/office365/trust-center.aspx#fbid=7CcSLYGRwVs

Platform PowerShellhttp://onlinehelp.microsoft.com/en-us/office365-enterprises/hh125002.aspx

Exchange PowerShellhttp://help.outlook.com/en-us/140/dd575549.aspx?sl=1

Speedtest for EMEAhttp://speedtest.emea.microsoftonline.com/ www.speedtest.net (choose a Dublin and Amsterdam server)

Other Tools and URLs

Lync Bandwidth calculator: http://www.microsoft.com/en-us/download/details.aspx?id=19011

Exchange Client Network Bandwidth Calculator: http://gallery.technet.microsoft.com/Exchange-Client-Network-8af1bf00

What’s New and changed

http://community.office365.com/en-us/w/office_365_service_updates/974.aspx Kiosk

Can now use ActiveSync for PhonesIncreased from 500MB to 1GB mailbox

SharePoint – cap increased from 5TB to 25TBRecover Deleted Site collectionsImproved PDF support – open/save/iconEASI-ID for SharePoint External SharingRolling legal hold – now in PowerShellLync client side recordingLync Control Panel – presence privacy, mobile notification, dial-in conferencing, etc

In Microsoft Word

You can use this formula

to populate a document

with random text:

=rand(200,99)

(the first number is the number of paragraphs, the 2nd is the number of sentences in each)

Partners

Outsourcers/partners covering network, wintel, perimeter services, DNS, Certificates, etc.

Office 365 cuts through all of theseEngage them upfront

Partners

An Example of what one of our Partners is doing...

Homepage

Discovery

360] View of your environment

Licensing

Exceptions

Plan your Migration batches

Detailed view of users

Automate pre- and post- migration tasks

Go Home and watch TV

Live Status

( Just in case there’s nothing good on TV )

The CIO will want to see some Pretty Colours

Usage statistics

On-going License Management

All your error reports in 1 place

… All Done…

… But 1 last Fact before we go to Questions..…

There is

a 99.2735% chance

that I will get sacked

and this kitten will die

if you don’t complete your Evals!

Any Questions??

OSP Related ContentCode Title Schedule

OSP221 Microsoft Office 365 for Enterprises6/26/2012 16:30

OSP222 Empowering Small Businesses: Microsoft Office 365 P-Suite6/27/2012 10:15

OSP305 The Modern Compatibility Process to Accelerate Microsoft Office Deployment6/27/2012 12:00

OSP224 Microsoft Office 365 Management and Deployment6/27/2012 17:00

OSP321 Active Directory Integration with Microsoft Office 3656/28/2012 8:30

OSP303 Supporting Microsoft Office in an Enterprise Environment6/28/2012 12:00

OSP302 Building Integrated Microsoft Office 365, SharePoint Online, and Office Solutions Using BCS and LOB Data6/28/2012 14:45

OSP340 Office Deployment – Notes from the Field6/28/2012 16:30

OSP323 Microsoft Office 365 Security, Privacy, and Trust6/29/2012 8:30

OSP324 Microsoft Office 365 Service Reliability and Disaster Recovery6/29/2012 10:15

OSP350 Office 365 – evaluating, Deploying & Migrating – Notes from the field6/29/2012 13:00

OSP223 Microsoft Office 365 for Education6/29/2012 14:45

Related Resources

Office 365 TechCenter: technet.microsoft.com/Office365

Office Client TechCenter: technet.microsoft.com/officeOffice, Office 365 and SharePoint Demo Area Includes:

Office 365 IT Pro Command CenterOffice 365 Data Center Exhibit

Resources

Connect. Share. Discuss.

http://europe.msteched.com

Learning

Microsoft Certification & Training Resources

www.microsoft.com/learning

TechNet

Resources for IT Professionals

http://microsoft.com/technet

Resources for Developers

http://microsoft.com/msdn

Evaluations

http://europe.msteched.com/sessions

Submit your evals online

© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to

be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS

PRESENTATION.