office 365: hybrid environment deployment considerations · office 365: hybrid environment...

Office 365: Hybrid Environment Deployment Considerations www.credera.com - 1

Office 365: Hybrid Environment Deployment Considerations

Authored by Joshua Grear, Ben Mead, and Adrian Romo March 2012

In this white paper, we will explore common challenges, technical limitations, and user awareness needs when considering the use of Office 365 in a hybrid model. As part of the Cloud solution offerings, we will review the most common pitfalls that should be avoided when implementing services in the Cloud and On-Premise.

Abstract .............................................................................................................................................................................................. 2 The Intent of this White Paper ................................................................................................................................................ 3 SharePoint Online ......................................................................................................................................................................... 3 Exchange Online ............................................................................................................................................................................. 9 Lync Online ..................................................................................................................................................................................... 12 Microsoft Office ............................................................................................................................................................................ 14 5 Common Transition Challenges ........................................................................................................................................ 16 I need more information. Where Do I Go from Here? ................................................................................................. 17 Conclusion ...................................................................................................................................................................................... 18 References ...................................................................................................................................................................................... 18


Abstract Nearly every CIO or CTO has been faced with this question at some point in the past 5 years, or will be challenged soon: “When are we going to move to the Cloud?” For those that remember, the late nineties and early millennium years were faced with the proliferation of the use of a single lowercase letter, “e”. We witnessed the rise of new products and marketing campaigns from every type of organization each wanting to catch the Internet wave with the announcement of products like eBilling, eShopping, eGovernment, eDocuments, eToys, eCars, and eGroceries. What many consumers remember from this timeframe was that while there was a lot of marketing of a single lowercase letter, there was a distinct lack of business value from many of these cutting-edge solutions. Fast forward to the year 2010, and a similar phenomenon began forming around the use of the word “Cloud” – Private Cloud, Public Cloud, Hybrid Cloud, Government Cloud, Community Cloud, etc. The list of options continues to grow every time a new marketing major graduates from the latest eUniversity. Every technology provider in the known universe is pitching a Cloud solution that can catapult the business to a competitive advantage by moving IT systems to the Cloud! For some organizations that is a true statement, but for many others, the reality of moving every core system to the Cloud is simultaneously terrifying and distracting to the entire Operations team. With the hype and marketing spin currently inflight, most CIOs and CTOs are only willing to place a limited selection of services in a Cloud provider model in order to gain some economy of scale without putting the overall business operations at risk. For many organizations, the first set of systems they consider will be electronic mail (Exchange), Instant Messaging and Collaboration (Lync), and Information Management workloads (SharePoint).


The Intent of this White Paper In this white paper, we will explore the common challenges that organizations face when considering the use of a Hybrid Cloud Delivery Model. Many times, the implementation timeline allows the team to overlook or be discouraged from investigating several key considerations that should impact the decision of whether an Office 365 Hybrid configuration is a good fit for your business objectives.

General Deployment Considerations The most common reasons for considering a Hybrid Cloud Delivery Model:

Upcoming infrastructure investment demands only impact a portion of the enterprise

A diverse workforce provides the opportunity for segmentation of less IT-centric positions

Current platform support is expiring (e.g., Exchange 2003, SharePoint 2003)

A new acquisition requires quick integration, or

A company divestiture requires a speedy separation of common services

The Microsoft Cloud offering for these services available today is Office 365. It is a Cloud service platform that allows companies of all sizes to take advantage of the engineering and support capabilities of the Microsoft brand backed by a 99.9% service availability guarantee. For most businesses, these technical solutions are core to supporting the smooth running of operations, but the level of sophistication and knowledge of these systems is not a market differentiator that provides a competitive advantage. They are in most cases the systems and services that fit most easily into a Cloud Delivery Model. Now, unless you are a new business or an upcoming divestiture, most enterprises have an existing set of systems and services in place that need to be integrated to support a hybrid environment. This is where a portion of services and users are housed in the Cloud while a portion of services and users will continue to leverage On-Premise investments, perhaps indefinitely.

The following sections outline the most prevalent considerations and challenges for each of the technology services provided in the suite of solutions available via Office 365 today.

SharePoint Online SharePoint Online within the Office 365 environment is based upon the use of SharePoint 2010 and is delivered as part of a multi-tenant Cloud delivery platform. The strength of the product is the ability to exploit the latest and greatest technology services from a highly customizable information management platform. The challenge for many organizations relates to the key technical limitations inherent in a multi-tenant environment.


Search Integration On-Premise SharePoint 2010 and Office 365 offer a variety of options for implementing search capabilities. As the platform has evolved, the capabilities have continued to improve, often in leaps and bounds. Standard and Enterprise Search capabilities are available to both SharePoint On-Premise and Office 365. Standard Search contains the most basic and common search functionality. Enterprise Search expands upon the Standard Search functionality to allow for more advanced queries, as well as, people searches. The most advanced option for search functionality is FAST Search Server for SharePoint. This is a separately licensed product that significantly enhances the ability to perform faceted search and refinement and integration of an amazingly diverse array of external information sources. While this product is currently only available for On-Premise SharePoint implementations, it provides the best performance and most functionality. For some enterprises, it is critical in meeting the functional search requirements of their business consumers.

Due to current limitations with Office 365, creating a unified hybrid search experience is complicated, but achievable with the appropriate level of planning. It is not currently possible to share search indexes between Office 365 and SharePoint On-Premise. Likewise, there are no supported methods for Office 365 to crawl On-Premise SharePoint or vice-versa. However, there are options to choose from:

Independent Search Centers

o Office 365 and SharePoint On-Premise environments have their own Search Centers

o Only results from the environment where the search is performed will be returned

Side-by-Side Search Results

o Office 365 and SharePoint On-Premise environments have their own Search Centers

o The SharePoint On-Premise Search Center is customized to display search results from both On-Premise and Office 365 side-by-side

o Users will only search from the On-Premise Search Center

Custom Search Connector

o A single Search Center is created in the On-Premise SharePoint environment to display aggregated results from both environments

Independent Search Centers

While this approach is by far the simplest to implement, it is not universally suitable to all enterprises. In this model, users either need to know the location of the content (which environment the content is housed in) prior


to searching or to perform the same search in both environments and then determine which result option is the best fit. The most direct comparison for the common user would be to perform a Google search, a Bing search, and a Yahoo! Search, and then manually compare the first 10 responses from each of the search engines to decide what might be a good fit. In addition to the challenges associated with needing additional context prior to starting the search process, this model loses the benefit of relevancy sorting, refinement functionality, and effectiveness since search results are not aggregated into a single result set. Therefore, each set of search results will be sorted by relevance and refined independently. While the ability to search effectively within each independent system is still beneficial, it leaves the user seeking a better, more unified experience that makes wide scale adoption of the platform unlikely to succeed.

Side-by-Side Search Results

This approach, while more complex to implement than independent Search Centers, has the benefit of performing only one search while reducing the level of user education necessary to fully utilize the search capabilities of the platform. This approach is more desirable than independent Search Centers as the user no longer needs to know the location of the content being searched. Consolidated refinement is possible since the results are both presented on the same search results page. However, the negative trade-off of this solution is that the results are still not aggregated, thus relevancy-based ranking is not achievable.

Implementing this approach will require custom coding to create a web part that can retrieve the search results from the other environment since it is not currently possible to consume Office 365 Federated Search Results from SharePoint On-Premise. Therefore, a custom web part must be created that will leverage client-side coding to pull raw federated results directly from the Office 365 Search Center RSS feed. One of the negative impacts of this approach is that it requires that the user has already authenticated to Office 365 prior to performing any searches, a scenario that is not predictable or controllable by the IT organization. As a result of the potential for inconsistency in user-experience, many of our clients have chosen to avoid this approach.

Custom Search Connector

Creating a custom search connector provides the most flexibility and unified experience, however, it is also the most complex to implement and maintain. The custom search connector is deployed to the SharePoint On-Premise environment and is setup to crawl the Office 365 content through the use of SharePoint APIs to retrieve content. Since the content crawled through custom connectors is stored in the same index, the resulting functionality achieves the unified search result expectation of the business consumer. Users are able to search once for content in both locations and have the ability to leverage unified relevancy and refinement without the additional complexity of using multiple search solutions. In addition to the custom search connector, the use of Active Directory Federation Services allows the user to avoid the process of authenticating separately to Office 365 prior to executing search activities. This leaves control of information and system access fully in the hands of your IT Operations and Security Support Services.


Implementing this approach requires a fair amount of planning and consideration due to the nature of defining an external content source. Considerations need to be made for typical out-of-the-box functionality within the custom code deployed, as well as, overall information architecture planning to ensure content types defined in Office 365 are programmatically defined and configured within the connector, prior to initiating the crawling process for information sources. Additional questions that must be answered prior to development being complete include: (1) which types of content will be crawled; (2) how will authentication to Office 365 for the custom connector will be managed; (3) which aspects of security trimming will or will not be applied; and (4) what refinement options should be available to the user community.

As with all aspects of a Cloud solution, the Microsoft Office 365 offering specifically, there are frequent improvements, modifications, and updates that are applied to the shared infrastructure that may impact functionality of the custom connector. Each time a service update (typically every 90 days) is applied to the SharePoint Online environment by Microsoft, regression testing and validation must be executed to ensure that system changes have not impacted the desired functionality custom connector.

Microsoft Online Services does not provide any out-of-the-box Search integration capability and has not yet released a roadmap that indicates support for an out-of-the-box integration option. Credera has been able to successfully implement a custom solution for clients that have the desire to achieve integrated search capabilities in a Hybrid Cloud environment.

Workflow Management Many businesses have recognized the value of automation and workflow capabilities to help streamline support, escalation, and repetitive functions in a formal and predictable fashion. Use of the workflow engine within Office 365 and SharePoint 2010 are exceptionally flexible and powerful. Considerations for use of workflows in a hybrid model are very similar to traditional models with a few exceptions. Office 365 workflows must first be defined as Reusable Workflows in an On-Premise environment and then deployed to Office 365 as a sandbox solution once complete. Workflows can only be defined and executed in either Office 365 or SharePoint On-Premise, not both. This means that actions that initiate a workflow can only take place in the environment that has defined it. Likewise, actions can only be taken against components in the current environment without customizations. Custom workflow actions can be created that allow for interaction with components in the other environment, however, all of the workflow-related information would only exist within the environment that it is defined in.

One effective alternative for hybrid workflows that Credera has been able to leverage with great success is to have a workflow in one environment initiate a workflow in another. This effectively breaks a single workflow into multiple parts, but may achieve the same end results of processing. Since the conceptual workflow is broken into multiple workflows, visibility into the status of a given workflow is lost at the point of transition. This allows for auditing and review of workflow progress and association between action, actor, approval, and outcomes without the need to migrate


existing workflow components en masse as part of your hybrid integration plan.

Content Management There are two major considerations when planning how to manage content in a hybrid environment: Information Architecture and Content Lifecycle. Carefully planning for improvement, modification, or implementation of these cornerstone governance models prior to implementation will be the key to a successful solution and can save your support teams from significant effort and long nights in the near future.

Information Architecture

It is absolutely critical to plan where content and metadata will be housed prior to implementation. This is due to the fact that the two environments will not be able to share tags, terms, or content types. If similar content is located in both environments, duplication of metadata definitions will be required. This can be difficult to manage and maintain. Likewise, if content is moved from one environment to another, metadata can become orphaned resulting in a conflicting set of search results and association of critical artifacts.

For example, all legal documentation is supposed to be housed in an Office 365 site for your company. A signed non-disclosure agreement is accidentally put in a project site in the SharePoint On-Premise environment and has metadata, such as vendor and account, associated with it. Upon moving the content to Office 365 to correct the issue, the entered metadata will be lost. The only way to ensure that the artifact is not orphaned is to force users to re-apply the metadata at the time of check-in, creating a duplication of effort or potential loss of visibility to the newly uploaded artifact.

Every organization is different and should carefully consider how to structure content based upon its own needs. A few common strategies are listed below:

Organize content by organizational structure such as division, business unit, or department

Organize content by accounts, clients, or projects

Organize content based upon the type or size of content

Organize content based upon needed availability

Content Lifecycle

Another important part of an effective content management strategy is defining the content lifecycle early. It is especially important to consider how and when content will be archived, purged, or retained for specific regulatory considerations. One of the most frequently overlooked questions is, “How should your content be structured to allow for data recovery and who should have the ability to request or complete the recovery of that information?”

For organizations considering archiving options or who are forced to


provide archiving for regulatory reasons in a hybrid model, there are a few areas of evaluation:

What regulatory or legal requirements exist that must be accounted for?

Does the IT team understand the requirements for each type of artifact, or does the legal officer or department lead need to be consulted?

What retention policies need to be implemented?

How often are those retention policies reviewed or modified?

Will archived content be moved from Office 365 to SharePoint On-Premise or vice-versa? If so, how?

Will archived content be made available only to a select community of users?

Should archived content be segmented based upon corporate data labels?

Should the attached metadata be retained along with the content?

When defining a data recovery strategy for a hybrid environment, separate strategies for each environment must be defined. Depending on the organizational needs, recovery strategies may overlap or simply duplicate in each environment. There are many options for backing up and restoring content for On-Premise SharePoint implementations, while the options for Office 365 are limited to two:

The first is to backup content by manually exporting content. This approach is tedious and prone to human error. Any metadata associated with the content will be lost.

The second solution is to leverage third-party software. While costly, this approach will help add processes to reduce the potential for human error, allow for scheduling and automation, and preserve the associated metadata depending on the solution implemented.

Security Management For the most part, managing security in a hybrid environment is much like that of any other SharePoint implementation. However, it is worth noting that there may still be some duplication of security groups. Thanks to Federation Services and the ability to synchronize with Active Directory, any group defined there will be available to either environment and can be used to simplify the security management workload of the IT team. Groups defined within SharePoint, on the other hand, cannot be shared between Office 365 and SharePoint On-Premise. Depending on the information architecture defined, this may be a moot issue. However, if user self-service and security management are dependent upon the ability to edit SharePoint groups directly, there will be membership duplication and inevitably some degree of service desk support and power-user training required.


Exchange Online Due to the maturity of the solution and the ubiquitous nature of Exchange Server products within enterprises of all sizes, Exchange Online is the most commonly utilized hybrid platform option. The advent of Exchange 2010 Service Pack 2, released in December of 2011, introduced a new feature called the Manage Hybrid Configuration Wizard that continues to improve the level of automation available to achieve a hybrid configuration. This wizard automates approximately 50 manual configuration tasks previously required to implement an Office 365 Hybrid solution and reduces it down to 6. The Hybrid Configuration Wizard greatly reduces the complexity of staging a Hybrid coexistence environment.

Even with the improvement of the integration process and automation options available, there are still significant pitfalls that should be avoided wherever possible.

Multiple Messaging Domains Many businesses today rely on a multi-faceted brand marketing approach, which has given rise to the average Exchange organization supporting significantly more than a single email domain for their business users. While supporting five domains may not be overly difficult, organizations with a large number of messaging domains will find that this increases the complexity and cost of establishing hybrid coexistence with Exchange Online. Microsoft has published very specific and inflexible configuration expectations for achieving coexistence or readiness for migration to Office 365 that can create a significant delay in your project if there is not proper planning. Chief amongst the requirements necessary to achieve federation is the ability to demonstrate ownership of every domain name in use. For many organizations, this is not much of an issue. However, for many organizations that are decentralized in nature or where IT is not the gatekeeper for domain registration and management, gaining access to the domain registrar data can be very time consuming.

Planning consideration and time allocation for managing the process of validating domain ownership, configuring record updates, and communication with Microsoft is critical for any organization with a large number of email domains. If you don’t know who manages domain registration for your organization, find out as soon as possible. One final step that many organizations overlook until deployment time is the requirement to utilize a single UCC externally signed certificate that will be able to support not only the primary domain name, but also the configuration domain entries that Outlook depends on for verification of the correct communication protocols to utilize. For companies with more than 10 domains to support, most service providers will charge higher acquisition and maintenance costs for this type of certification and should budget accordingly for the added cost.


Directory Synchronization The Microsoft Online Service Directory Synchronization tool is a critical foundational technology that allows the IT organization to (Dirsync) synchronize users and groups from the On-Premises Active Directory to Office 365. This service must be deployed in order to establish and maintain a hybrid environment, and must not be overlooked from a planning perspective. The use of directory synchronization reduces administrative overhead by creating synchronized versions of required objects and facilitates Global Address List (GAL) synchronization from the On-Premises Exchange environment to Exchange Online. However, there are some caveats to consider prior to deploying this tool. The sequence in which certain actions are completed is paramount to having the correct co-existence options available in later configuration steps, a reality that is not well documented today by the service provider support teams. While there are several specific examples, the first activity prior to deploying Dirsync is to ensure that the Active Directory environment has been updated correctly. In order to establish hybrid connectivity, the introduction of an Exchange 2010 hybrid server will be necessary. For the Dirsync tool to function correctly during initial setup, extending the Active Directory schema to support Exchange 2010 must be completed. While the steps necessary to complete this critical step are beyond the scope of this white paper, the necessary actions are well-documented and publicly available from TechNet.

As a secondary planning step, consideration should be made prior to running Dirsync regarding whether or not your organization will want to filter any accounts out of the directory synchronization process. For many businesses, the driving force behind the decision to utilize a hybrid environment is the reality that not all business users, subdivisions, or user communities will need to interact with Office 365 users. While the Dirsync tool has the ability to filter directory synchronization based on OU or searchable Active Directory attributes, the most difficult process in designing this aspect of integration will be whether anything more than built-in accounts, service accounts, or non-mail enabled accounts should be excluded from synchronization to Office 365. It is critically important to know that reaching this decision after the initial synchronization has occurred is often too late for many organizations. Attempting to implement filters after the initial synchronization has occurred is significantly more difficult and requires greater expertise with FIM 2010.

One final noteworthy topic related to directory management that is not highly publicized relates to the synchronization exclusions that are built into the core logic of Dirsync. The tool will not synchronize distribution groups with more than 15,000 members. While most organizations of this scale will utilize a nested distribution list strategy, some functions and business processes may be impacted by this synchronization limit. Careful environment discovery and review should be completed early in the planning process to identify scenarios where this limitation may be encountered. In addition to the membership limitation, Dirsync will ignore dynamic distribution groups. Dynamic distribution groups, introduced by Exchange 2007, are defined by filters and conditions on the fly each time a message is sent to the group. Due to our breadth and depth of experience with the Office 365 solution, Credera has developed methods for utilizing


dynamic distribution groups from Exchange Online and can assist you in implementing the necessary technical solution if your organization relies heavily on this functionality.

Sharing Resources Cross-Premise One aspect of hybrid deployments that is not well understood is the implication of federating two separate Active Directory instances (On-Premises and Office 365) in order to utilize shared resources. Calendar sharing, delegate roles, shared mailboxes and “Send As”/”Send on Behalf Of” permissions all rely on Active Directory permissions for access control. As a result of the use of a hybrid configuration, users can only utilize these common support features with users who have a mailbox in the same logical organization as their own. For organizations that have upgraded to Office 2010, some of these limitations are removed, however, as part of the migration coordination effort, understanding existing delegations and shared resource access requirements is necessary to ensure that no access loss is experienced by the business users.

Organizations that are currently utilizing Exchange 2010 SP1 and later, in conjunction with Outlook 2010, have the ability to overcome this limitation through the use of sharing policies that allow users to share both their free/busy and mailbox content with recipients in external federated organizations. Depending on the level of use within your organization, the implementation team may choose to define organization-wide policies, educate the user population on necessary implementation steps, or simply restrict the use of this functionality based upon business requirements.

Message Size Limits and Mailbox Moves One of the most commonly asked questions regarding the use of Office 365 services relates to the 25 MB message size limit (Outlook Web Access has a default 10 MB limit, but can be configured to a maximum of 25MB). In addition to recognizing the business impact or limitations that would be experienced by the change to this global defined threshold (that cannot be increased) for all Office 365 client organizations, the ability to migrate mailbox data from On-Premise to the Cloud is impacted by this same limitation. Traditionally, mailbox moves have been considered database-level activities, however, with Exchange 2010 and Exchange Online mailbox moves are transport driven events and this is where the impact of message size limits is felt. Attempts to move mailboxes with messages larger than 25 MB to Exchange Online will fail. Unfortunately, the Exchange Control Panel’s Move Mailbox Wizard does not provide for the option to skip large messages like it does corrupt messages so it only takes one oversized message to experience a mailbox move failure. The only way to work around this limitation is to initiate mailbox moves with PowerShell, with the required switches and variables to skip these large messages as part of the move process.

As part of planning for the migration and user awareness, every organization should include commentary in regards to very large messages and attachments, in order to reduce the number of service desk calls experienced after mailbox migration to Office 365. For many administrators, this change in limitations and practices can be traumatic, but is equally valuable in reducing the dependency on email as a file and


document management system. The opportunity to leverage the standards of the Office 365 environment to force changes in user behavior is not something that should be overlooked.

Public Folders Offices 365 does not support Public Folders. This is unsurprising for many given the continuous communication from Microsoft since Exchange 2000 was released, de-emphasizing the use of public folder functionality in each subsequent product release. Not only does this mean that organizations will not be able to migrate their Public Folder content to Exchange Online, it also means that users whose mailboxes have been moved to the Cloud cannot access Public Folders hosted by On-Premises Exchange. Consequently, organizations moving to a hybrid model must make plans to eliminate this content or migrate it to SharePoint Online in order to make it accessible to all users. Depending on the historic use of this function within your Exchange environment, the impact of this change may either be relatively limited or exceptionally traumatic, and should be planned for before the first users are migrated to the Cloud.

Free/Busy Information For organizations that have not upgraded to Exchange 2007 or later, the dependence upon public folder publication of schedule information is required, and was provided “out-of-the-box” with the Exchange 2003 and earlier products. Additionally, co-existence between Exchange 2003 and Exchange Online requires the Exchange 2010 hybrid server to support Public Folders; however, additional steps are necessary to ensure this service is available. Use of a public folder replica of the Exchange 2003 Free+Busy folder must be created on the hybrid server to facilitate the sharing of free/busy information between Exchange 2003 On-Premise users and Exchange Online. Otherwise, users who continue to reside on the legacy platform will not have schedule visibility to Cloud users and vice versa.

One final consideration is that by default free/busy data can be viewed in Outlook at three levels of detail: (1) limited free/busy only; (2) free/busy with titles/locations; or (3) full details. The caveat to the free/busy access provided to Exchange 2003 users from Exchange Online is that only one option is available - limited free/busy. This means that users can see blocks of time as open or busy, but can see no details of the individual meeting events within the scheduling assistant. On-Premises Exchange 2003 users in a hybrid environment will also notice that they can only view free/busy information for Cloud-based mailboxes via the full Outlook client and not through the Outlook Web Access tools. For organizations that are heavily reliant on OWA for user communication and scheduling, this limitation should be highlighted to all users as part of the familiarization and training process.

Lync Online The ability to quickly adopt and leverage unified communications solutions and collaboration tools without significant integration and deployment efforts makes Lync Online a fantastic product solution for any size business.


While Microsoft continues to release new functionality and configuration support on a regular basis, there are some key considerations when adopting this platform.

Federation between On-Premises and Online Lync Online has some significant limitations that must be considered when deciding on a co-existence strategy for Lync. Primarily, Lync federation is used to facilitate co-existence between Lync 2010 and Lync Online, but only with each platform using separate SIP domains names. For example, a company may use contoso.com as their email and SIP domain. However, the company would have to use something like contoso.onmicrosoft.com for its Lync Online SIP domain. As a result, external users would not be able to easily deduce a Lync Online user’s SIP address since it would not match their email address.

Administrators must remember that federation between Lync 2010 and Lync Online is not enabled by default. To enable federation between On-Premises and online administrators, they must enable federation and create a new hosting provider using PowerShell. It should also be noted that Lync 2010 and Lync Online users appear as external contacts to each other just like a user from any other federated domain since they are not in the same directory. Furthermore, there is no migration path for users’ contact lists and settings when they move between On-Premises and the Cloud.

Splitting Lync Workloads Another limitation of Lync co-existence is that it is not possible to split workloads (IM, online meetings, and voice/PBX) between the Cloud and On-Premise. For example, it is not possible to deploy IM and meetings in the Cloud with voice On-Premises for any users. While Microsoft continues to develop options for integrating these services through third-party products, the current options available limit the providers and platforms. Finally, while many of these solutions are effective, the limited number of successful implementations means that organizations need to carefully evaluate the use of a consulting partner that can assist with design and implementation support.

Unified Messaging Integration Lync 2010 integrates with Exchange Online for voice mail in the Cloud (Unified Messaging or UM). It offers call answering, Outlook Voice Access, and Automated Attendant. However, it requires dial-tone from Lync 2010 or a compatible PBX. Hosted voice mail policy can be applied per forest, per site, or per user. This requires administrators to create a new hosting provider for Exchange Online using PowerShell.

Interoperability with Third-Party Dial-in Audio Conferencing Services Dial-in audio conferencing offers the ability to dial into a scheduled Lync meeting from a land line or mobile phone. This feature is not natively supported in Lync Online, but can only be accomplished through interoperability with select third-party audio conferencing services. Only


these select providers can support scheduling and joining a Lync Online meeting from any phone, initiating outbound dialing from the Lync client in a meeting, and controlling phone end-points from the Lync client.

Limitations of Lync Online Not Related To Coexistence:

Lync Online Public IM Connectivity (PIC) is limited to Windows Live users and does not work with AOL Instant Messenger, Yahoo Messenger, and Google Talk

Lync Online does not support server-side archiving. Exchange archiving of Conversation History is all that is available.

Lync Online does not support skill search against SharePoint On-Premise or SharePoint Online

Lync Online does not work with room-based conferencing systems

Lync Online supports an integrated conferencing experience with a maximum meeting capacity of 250 users

Lync Online does not support the recording of online meetings

The Communicator for Mac 2011 client did not initially work with Lync Online. This issue was not resolved until Microsoft released a hotfix in October 2011.

Single Sign-On and Extended Protection for Authentication Extended Protection for Authentication protects authentication credentials against man-in-the-middle attacks when using Integrated Windows Authentication. Extended Protection for Authentication is enabled by default on Windows 7. Computers that have Extended Protection for Authentication and use Firefox, Chrome, or Safari may not be able to sign in to Office 365 using Integrated Windows authentication from within the corporate network. In this scenario, users might receive periodic prompts for credentials, as well. If standardizing on Internet Explorer 8 or later is not an option, then organizations must consider disabling Extended Protection for Authentication on their computers or modifying advanced options in ADFS 2.0 to make it compatible with third-party browsers.

Microsoft Office Office 365 consists of four separate product lines. Many organizations will overlook or discard what is sometimes considered the most crucial platform option within the suite of services, Microsoft Office 2010. Many organizations are hesitant to purchase the newest version of Office for many years or to maintain ongoing software assurance for existing Office installations. Without a critical external demand or event, the Office platform is allowed to age to the point of non-support. Anyone evaluating Office 365 must consider the ramifications of Office 2010 as a key feature of the subscription model and be prepared to take action for legacy systems.


Office Platform Support Several organizations have made the decision to not upgrade the full enterprise to the latest “N-1” Office platform for the simple challenge of capital license costs. For some organizations, the intent behind utilizing a Hybrid Office 365 implementation plan still centers on the reality that Microsoft will not support the use of Office 2003 in conjunction with Office 365 services. The reasons are many, but a few of critical importance to a hybrid environment include:

Outlook 2003 does not utilize an auto-configuration mechanism to validate and update client settings based upon service publication from the Exchange server and DNS

Word, Excel, and PowerPoint 2003 do not support native integration with SharePoint Server for file access, review, and editing purposes

Outlook 2003 depends upon a Public Folder for publishing and retrieving Free+Busy schedule information for other mailbox users, a service that is not present in Exchange 2007 or later

Regardless of the strategy that is employed for Office release planning, users of the hybrid environment who intend to utilize Outlook for mail services or interact with SharePoint for document and information management purposes must be running at least Office 2007 SP2 in order to be supported by Microsoft. For clients that want to utilize the most current features, it is highly recommended that they deploy and support Office 2010.

Office 2011 for Mac Office for Macintosh 2011 is NOT available for use as part of the subscription process. If you are not utilizing a Windows device, you will be required to license Office 2011 as a separate component under your Select or Enterprise Agreement with Microsoft, or as a retail purchase from your preferred reseller. Currently, there is no published timeline or expectation that the use of Office 2011 will become an option or component of the Office 365 subscription model. For environments where a mixed use of Windows and Mac devices are in place, plan accordingly for the license support requirements. When in doubt, speak with your assigned license specialist via your license reseller or with Microsoft licensing support directly.

Office Transition Considerations For organizations that have previously utilized Office 2007, the release of Office 2010 does not represent as dramatic a leap in user-experience and expectations. However, for environments that utilize Office XP or Office 2003, the introduction of the Office Ribbon concept will require a more robust user-training and awareness program. This is needed to avoid an influx of IT service desk calls when users are unable to find common functions or features.

Microsoft has provided several tools that are freely available to assist with the user transition process for introducing the ribbon for both Office 2007 and Office 2010, including a SharePoint site called the Productivity Hub. This tool provides an enormous number of user-training videos, how to


documents, and sample artifacts that are very helpful at providing free user education. As part of using this solution, be prepared to have someone from the training team or the service desk involved in customizing and cleaning up irrelevant content from the productivity hub that may not be appropriate for your user population. Lastly, while the Productivity Hub holds an enormous amount of content, many organizations have found it very effective to make “drop cards” or “cheat cards” available as a method to leave behind information without the need to revisit a website or check for specific functions. Every organization is different and should plan how best to ready their user community for this necessary transition to a current version of the Office platform.

5 Common Transition Challenges Every implementation of a Hybrid Office 365 environment is unique in some form or fashion. The following is a list of the common pitfalls and challenges that nearly every organization will experience or want to avoid as part of their implementation:

Single Sign-On If you are utilizing a Professional or Small Business subscription,

Active Directory Federation is not available to you

For Enterprise clients that will utilize ADFS, the login process may not be as seamless as originally hoped, without use of custom vanity URLs

For those environments that do not leverage Active Directory, deployment and maintenance of the Office 365 Sign-On assistant is optional, but highly recommended

Information Lifecycle Management The creation, movement, and archival of information in a hybrid environment presents many challenges.

Where should content be created initially?

How will content and its metadata be moved from one environment to another?

How will Office 365 content be archived?

Timeline Considerations In addition to typical timeline challenges, hybrid environments present a few more challenges.

Office 365 License Acquisition processing will depend on the contract vehicle you choose to utilize, but do not assume this process is as simple or efficient as a credit card purchase at a retail store

Office 365 Support Requests have a stated 24-hour response SLA, plan accordingly when executing pilot and migration testing


Extended Migration Processing will create an additional operations staff burden while in-flight and supplemental staffing considerations should be accounted for

Migrating Content Migrating content to Office 365 can present both timeline and financial challenges.

Timelines and testing requirements will vary widely if you choose not to utilize a third-party tool for content migration

Not all migration tools are created equal, regardless of the marketing material presented by your reseller; run a proof of concept and test the tool in your environment

Financial considerations need to be made either for the acquisition of a third-party tool or the use of internal/external development staff to custom script a migration process

Support Services Planning up front for a certain number of support incidents can save hundreds of hours of frustration.

All customers with at least 100 seats should evaluate the cost of subscribing to a Microsoft Professional Support Services (PSS) contract

Where a PSS contract is not a feasible financial option, use a qualified Microsoft partner to assist with the escalation and resolution of support tickets, even if they do not directly engage for the migration process

I need more information. Where Do I Go from Here? Credera is available to guide you through initiating a proof of concept implementation where you can choose to utilize one or all of the suite’s service offerings.

Credera can also walk you through a Cloud computing assessment in order to determine which products would be the best fit given your current environment, and help you anticipate which solutions can be implemented to meet future needs.

To contact a Cloud expert, email [email protected] or call 972.759.1836.

mailto:[email protected]


Conclusion Today’s Software as a Service providers continue to expand in functionality and mature in terms of feature availability. As this evolution continues, more organizations will be able to exploit the value of utilizing hybrid solutions that take advantage of the benefits associated with On-Premise environments and Cloud services simultaneously.

While there are numerous design considerations to be evaluated as part of any technology deployment process, careful planning for Office 365 prior to initiating the integration process will significantly ease the user and IT support transition process.

References

Learn more about Office 365 http://www.microsoft.com/en-us/office365/online-software.aspx

Learn which software suite fits your needs http://www.microsoft.com/en-us/office365/compare-plans.aspx

Learn more about Credera’s Cloud service offerings http://www.credera.com/TechnologySolutions/Pages/CloudServices.aspx

http://www.microsoft.com/en-us/office365/online-software.aspx

http://www.microsoft.com/en-us/office365/compare-plans.aspx

http://www.credera.com/TechnologySolutions/Pages/CloudServices.aspx


About the Authors Joshua Grear is an Architect with Credera’s Microsoft Solutions Practice. He has over 12 years of experience delivering enterprise IT solutions for medium and large companies throughout the U.S. In the past year, Grear has worked with a large retail company to deliver order integration between Microsoft Commerce Server and their Order Management System utilizing Microsoft BizTalk. He also worked with a national leader in wireless technology to perform a SharePoint domain migration. He is currently developing a public-facing website with SharePoint 2010 and jQuery. Grear holds a Bachelor’s degree in Computer Science from Southern Illinois University.

Ben Mead is a Senior Manager with Credera. He has more than 15 years of management and technology consulting experience, specializing in Data Center Services, Infrastructure Architecture, Security, Messaging, Unified Communications, SharePoint Technologies, and Project Management. He has worked with numerous Global 1,000 customers in North America and Europe supporting numerous industries including retail, energy, oil & gas, chemical, mining, consumer products, financial services, insurance, healthcare, and federal government. Mead’s broad industry experience and security solutions background provide extensive and direct knowledge of end-point management solutions and technologies across multiple end- user platforms. Prior to joining Credera, Mead served as an Infrastructure Services Director at Avanade, an Experienced Consultant with Accenture (formerly Andersen Consulting), and served honorably with the United States Marine Corps.

Adrian Romo is an Architect with Credera’s Microsoft Solutions Practice. He has over 13 years of experience delivering IT infrastructure solutions to medium and large companies throughout the U.S. His expertise includes managing multi-national networks in industry and in the consulting field. Romo is a subject matter expert in Active Directory, Exchange, Lync, Office 365, VMware, networking, information security, and data center management. Prior to joining Credera, Romo served as a Senior Systems Administrator for Penson Financial Services, as Network Architect for Southwestern/Great American, and as a Senior Consultant/Trainer for Quilogy. He recently worked with a large managed service provider to migrate one of their customers to Office 365. Romo holds a B.S. in Sociology from Texas A&M University.


About Credera Credera is a full-service management and technology consulting firm with clients ranging from Fortune 1,000 companies to emerging industry leaders. Clients hire us to own their toughest problems; they retain us because we keeps our promises. Credera provides expert, objective advice to help solve complex business and technology challenges. Capabilities include strategy, organization, process, analytics and technology to ensure client success. Founded in 1999, Credera is headquartered in Dallas, TX and hosts offices in Austin, Houston, and Denver. More information is available at www.credera.com.

Dallas Headquarters 15303 Dallas Parkway Suite 300 Addison, TX 75001 972.692.0010 Phone 972.692.0019 Fax

Houston Office 800 Town and Country Blvd Suite 300 Houston, TX 77024 713.496.0711 Phone 713.401.9650 Fax

Austin Office 9020 N. Capital of Texas Hwy Suite 345 Austin, TX 78759 512.327.1112 Phone 512.233.0844 Fax

Denver Office 5445 DTC Parkway Suite 1040 Greenwood Village, CO 80111 303.623.1344 Phone 303.484.4577 Fax

http://www.credera.com/