Zero to running in 60 mins Frederick Piliu Cloud Partner BDM (Microsoft) A-frpili@microsoft.com

2 | Microsoft Confidential

Office Professional Plus is available in select service plans

- Small Business Plan (<25

Users, 50 Max)

- P Plan (Less than 25

(Hardstop @ 50),

Community only support,

Office Web Apps + Option)

Enterprise Plan (50+ Users)

E Plan (Starts today @ E1

(BPOS) E2, E3)

K Plan (Light Users)

Exchange 1

& 2

Sharepoint

1 & 2

Lync 1 & 2 Office Pro

Plus

5 | Microsoft Confidential

Creating a tenant - Trial via Partner - Direct

6 | Microsoft Confidential

Custom Plan guide

7 | Microsoft Confidential

DNS

8 | Microsoft Confidential

Migration

9 | Microsoft Confidential

Migration Overview

1 150 5,000 25,000

Cutover

Exchange

Migration

Staged Exchange Migration

(with DirSync)

MRS

<1 Week 2 Weeks 3 Weeks Several Months

None Mailflow/GalSync Free/Busy, Archive in Cloud

10

Identity Options Comparison 1. MS Online IDs

Appropriate for

• Smaller orgs without AD on-premise

Pros

• No servers required on-premise

Cons

• No SSO

• No 2FA

• 2 sets of credentials to manage with differing password policies

• IDs mastered in the cloud

2. MS Online IDs + Dir Sync

Appropriate for

• Medium/Large orgs with AD on-premise

Pros

• Users and groups mastered on-premise

• Enables co-existence scenarios

Cons

• No SSO

• No 2FA

• 2 sets of credentials to manage with differing password policies

• Single server deployment

3. Federated IDs + Dir Sync

Appropriate for

• Larger enterprise orgs with AD on-premise

Pros

• SSO with corporate cred

• IDs mastered on-premise

• Password policy controlled on-premise

• 2FA solutions possible

• Enables co-existence scenarios

Cons

• High availability server deployments required

11

Key Customer Choices • Identity Federation

− Enables single sign on

− Identities are mastered on premise.

− Requires domain registration and ADFS on premise

• Simple Coexistence − DirSync synchronizes identities

− No on-premise Exchange Server 2010 Client Access server

• Rich Coexistence − DirSync synchronizes identities

− Customer has Exchange Server 2010 Client Access server on premise

− Customer has enabled Rich Coexistence features in DirSync

− DirSync enables some new Exchange Rich Coexistence features (Filtering Coexistence, Cloud Archive)

− Filtering Coexistence: Is the customer already using an existing filtering solution?

− Cloud Archive: Enables the on-premise EMC admin to specify who should get a Cloud Archive; requires Exchange Server 2010 Client Access server on premises

12

Office 365 Archiving

14 | Microsoft Confidential

15 | Microsoft Confidential

Exchange Online (Plan 1) Users receive a combined total size

of 25 GB for their primary mailbox and archive mailbox.

Therefore, the size of the user’s archive mailbox can’t exceed

25 GB.

Exchange Online (Plan 2) Users receive unlimited storage in

their archive mailbox. However, a default quota of 100 GB is

set on the archive mailbox. In the unlikely event that a user

reaches this quota, contact Office 365 support to request

more storage space for the archive mailbox.

Exchange Online Archive

Archiving & Compliance in Exchange Online

Integrated email archiving capabilities offer tools to preserve

and discover email data, without changing the user or IT

professional experience from on-premises to the cloud

• Secondary mailbox

with separate quota

• Archive in the cloud

• Appears in Microsoft

Outlook® and OWA

• Managed through

EMC, ECP or

Windows PowerShell™

• Support for

Outlook 2007

Personal Archive

• Automated and

time-based criteria

• Works across

premise and cloud

• Manage with

EMC/ECP

• Expiry date shown

in email message

Move/Delete Policy

• Central web-based UI

across premise & cloud

• Previews, de-dupe,

annotations

• Search primary, archive,

dumpster

• Delegate through roles-

based admin

• Capture deleted

and edited

email messages

• Cross-premises

support

• Offers single

item restore

• Notify user on

hold

Hold Policy Multi-Mailbox

Search

16

17 | Microsoft Confidential

A Familiar Personal Archive

• Specialized Exchange mailbox configured

and associated with the user’s primary

mailbox

• Delivers your users a familiar experience by

seamlessly surfacing in both Outlook and

OWA

• Your users can use the same skills and

methods they already use today to interact

with archive email:

− “Drag-and-drop” email to folders

− Create folders and categorize

− Conduct searches and filter results

− Reply to messages and set flags

Arc

hiv

e

Pri

mary

Mailb

ox

18

• Easily add archiving capabilities for cloud-based users

• Manage the archive from the Exchange Control Panel

Preserve: Available to Cloud and On-Premises Users

• Create cloud archives for local users

• Requires Exchange Server 2010 SP1 on-premises

• Manage the archive using the Exchange Management Console

• If primary mailbox is later moved to the cloud, archive moves with it

For cloud-based mailboxes For on-premises mailboxes

Create a remote archive for an

Exchange Server 2010 SP1 mailbox

Enable archiving for an

Exchange Online user

19

20 | Microsoft Confidential

21 | Microsoft Confidential

22 | Microsoft Confidential

Powershell

23 | Microsoft Confidential

Scenario Description Relevant cmdlets

User creation Administrators can automate

importing their users, either for

initial onboarding to Office 365

or for adding new users on an

ongoing basis. Users can be

created with a license, which will

grant them access to services.

New-MsolUser

License

Assignment for

synched Users

Users created through DirSync

need to be activated (i.e.

assigned a license) before they

are able to use any services.

Administrators can use

PowerShell to assign licenses to

their synched users.

Set-MsolUser

Set-MsolUserLicense

Managing Admin

Roles

There are 5 built in admin roles,

each of which has it’s own set of

associated permissions. Users

can be assigned membership to

these roles (similar to how they

are assigned to a security group).

Get-MsolRole

Add-MsolRoleMember

Remove-

MsolRoleMember

Scenario Description Relevant cmdlets

Security Group

Management

Security Groups are used to

control access to SharePoint

sites. Administrators can user

PowerShell to manage Security

groups and their memberships.

New-MsolGroup, Add-

MsolGroupMember

Distribution List

Management

Administrators can use Exchange

Remote PowerShell to create

Distribution lists and manage

memberships

Available only through

Exchange Online

Managing

Contacts

Exchange Remote PowerShell can

be used to manage a companies

external contact.

Available only through

Exchange Online

Scenario Description Relevant cmdlets

Domain

Management

PowerShell cmdlets can be used

to add and verify vanity domains.

Note that in order to verify the

domain, the caller must set the

appropriate TXT or MX record

with their domain registrar.

New-MsolDomain

Get-

MsolDomainVerificationD

NS

Confirm-MsolDomain

Setting up Identity

federation with

ADFS

There are a set of cmdlets

available to set up Identity

federation for a vanity domain.

These cmdlets interact with both

MS Online and ADFS.

New-

MsolFederatedDomain

(x2)

Usage Reporting Exchange remote PowerShell

offers several cmdlets to retrieve

statistics about Mailbox usage.

Get-MsolUser

Mailbox statistics

available through

Exchange Online

Company level

settings

Admins can use PowerShell to

configure various company level

settings (such as turning on

Directory Synchronization).

Set-

MsolCompanyContactInfo

Set-

MsolCompanySettings

Set-MsolDirSyncEnabled

Import-Module MSOnline

Connect-MsolService

Connect-MsolService –Credential

$cred

Get-MsolParterContract –DomainName

contoso.com

New-MsolUser –UserPrincipalName

test@contoso.com –tenantID “358a21e1-46e7-

45b0-82e5-370129a58c98”

Mail Control & FOPE

30 | Microsoft Confidential

High-accuracy spam filtering Multiple virus-scanning engines

Hub Transport Mailbox

External

Email

About 90%

of

email is

junk

Tuned for enterprise email

Included with Exchange Online subscription

Built-in protection for Exchange Online customers

FOPE Admin Center

Run real-time reports Configure policy filtering

Perform message tracking Customize spam settings

Office 365 customers can access FOPE Admin Center

Use FOPE Admin Center for these

tasks • Domain Management

– Filtering Only customers

• Message Trace

– Outside your organization

• Transport rules to control mail hygiene and corresponding mail delivery

– Configure org-wide safe/blocked senders

– Configure granular anti-spam settings

• View reports on email hygiene

• Configure and Control End to End Email Flow

– Configure Connectors

• Domain Management

– Office 365 customers (Hosted Email)

• Message Trace

– Within your organization

• Transport rules to control email delivery

• Configure journaling of emails to external archive

Use Exchange Control Panel for these

tasks

When to use Admin Center vs. the Exchange Control Panel

Permissions Mapping

Permissions mapping between Exchange Online and FOPE

Exchange Online

Console

FOPE Admin Center

Billing Administrator No access

Global Administrator Full Admin privileges

Password Administrator Admin Read-only

privileges

Service Administrator No access

User Management

Administrator

No access

35 | Microsoft Confidential

http://technet.microsoft.com/en-us/edge/office-365-

jump-start-11-lync-online-overview-configuration-for-it-

pros

http://speedtest.apac.microsoftonline.com/

http://community.office365.com/en-us/default.aspx

http://technet.microsoft.com/en-

us/exdeploy2010/default.aspx#Index

36 | Microsoft Confidential