office 365 uk user group london 4th september 2012
DESCRIPTION
This is the PowerPoint presentation including both sessions at the Office 365 UK User Group held in London in September 2012TRANSCRIPT
Welcome to theOffice 365 UKUser Group
Speakers: Liam Mann & Alan Richards4th September 2012
Host: Matthew Hughes
Venue provided by Content & Code
Agenda
18:30 – Welcome 18:45 – Office 365 in the Real World
Liam Mann – Content & Code
19:45 – Break 20:00 – Migrating from On Premise to Office
365 Alan Richards –
21:00 – Close & Pub
Welcome
What is the point in the User Group? Independent Share Knowledge Share Experience Share the Pain & Pleasure Network Have a Pint and a chat with someone that
understands and doesn’t nod & agree or fall sleep
Office 365 in the Real World
Liam Mann - Office 365 Deployment Engineer
Content & Code
Liam MannOffice 365 Deployment Engineer
UK Office 365 Logo
Office 365 User Group
Introduction & Agenda
Agenda
Introduction
Technology BriefingProject 1
Project 2
Lesson LearnedExciting New Project
Project 3
Questions
ADFS and Exchange Coexistence with
Office 365Technical Briefing
ADFS 2.0 Single Sign On – Office 365
• Like Kerberos with Cookies• Authentication kept On-premise• Allows user to use the same set of
credentials• High Availability Deployment
Recommended• Published Externally with ADFS Proxies• Secured by SSL Certificates
ADFS 2.0 Single Sign On – Office 365
Enterprise DMZ
AD FS 2.0 ServerProxy
InternalUser
ActiveDirectory
AD FS 2.0 Server
AD FS 2.0 Server
AD FS 2.0 ServerProxy
ExternalUser
Exchange Rich Coexistence
• Rich Outlook Features• Secure Mail Flow• Unified GAL• Single Outlook Web App• Centralised Management of Exchange• Online Archiving
Rich Coexistence FeaturesMail Flow
Rich Coexistence Features
Centralised Management
Rich Coexistence Features
Delegated Federation
Real Life ProjectsMid-Size to Enterprise Office 365
Companies
Cmed Clinical Services
• Decrease Business Critical System
• Consolidate Email System
• Increase Reliability and Redundancy of Email
“I Love Office 365”
Pharmaceuticals
Cmed Design
Identity ManagementExchange Coexistence
Migration
Mail FlowClient Access
Issues
• UPNs not matching verified domain in Office 365
• ADFS 2.0 Design had to be implemented in new data centre
• DMZ time not Synchronised
• Domain Servers not restarted after updates
• TMG Configuration – Not setup correctly
• Hybrid Configuration and Proxy Issues
• Purchased a Certificate with No Name
Summary of Project
Prerequisites of Existing InfrastructureDesign and Implementation of new InfrastructureTraining and Handover to ClientsClient Evaluation of ProjectOverall Project Success
Wates Construction
Construction
• Reduce Operation Costs• Replace Email Filtering
System• Upgrade Ageing
Infrastructure• Provide Better
Communication across Multiple Offices
“I Love Office 365”
Wates DesignPhase 1 Replace Email Filtering SystemRedirect Mail Flow to Office 365
Phase 2Complete Exchange Coexistence SetupInstall ForeFront Protection for ExchangeInstall and Configure SSOPhase 3Training & Handover
Issues
• FOPE does not accept internet bound traffic from on-premise
• Two hop migration was required from Exchange 2003
• Currently no automation of pulling archive from Enterprise Vault
• Free/Busy sharing more complex with Exchange 2003
• WNLB with Certain Routers require Configure Static ARP
Summary of Project
Prerequisites for Office 365TMG not fully configured
Forward Proxy Caused Delays
Design and Implementation of New InfrastructureHighly Available Infrastructure
Email Filtering Outbound with FOPE from On-premise
Training and Handover to ClientClient Evaluation of ProjectOverall Project Success
Foster + Partners
Architecture
• Reduce Operating Costs• Upgrade aging
Infrastructure• Improve Scalability and
Flexibility
“I Love Office 365”
Foster and Partners Design
ADFS SSO Design
Exchange Coexistence Setup
Mail FlowAutodiscover and OWATMG Setup and Configuration
Project On-going
Issues
Pre-existing 5.5 Exchange InfrastructureRecipient Policies / Email Address PoliciesForward Proxy issues with Hybrid Configuration
Summary of Project
Prerequisites for Office 365Legacy Exchange Infrastructure
Specify Perimeter Settings Clearer
Design and Implementation of New InfrastructureProject so far
Lesson Learned
• Try to avoid authenticating internet access through proxy for coexistence servers
• More complicated setup for Free/Busy with Exchange 2003
• FOPE cannot process outgoing email from On-premise
• Two stage migration required for Exchange 2003
• Prepare Existing Exchange 2003 environment (Recipient Policies)
• Gauge clients technical ability
• Ensure all updates and patches are applied on existing and new infrastructure
• TMG Flood Mitigation – Mailbox Migration
• UPNs configured Correctly
• Split DNS Configured Correctly
Exciting New Projects
Conde Nast
Large UK - Global CompanyRich and Simple CoexistenceAssisting in Global Rollout
Viridor Waste Management1200 UsersSimple CoexistenceADFS SSOOutlook Anywhere
Foviance are on Office 365Seren Users to be Migrated to Office 365Foviance Users to be added into ADPassword Synchronisation Tool
Seren + Foviance
Migrating from On Premise to Office
365Alan Richards MVP
Who Am I
IT Consultant
Worked in education for over 18 years
Led teams in the early adoption of Microsoft systems
Regular presenter at events
SharePoint MVP
Topics
Office 365 co-existence options
Types of migration
Single Signon
A client migration – Real World
Co-Existence
You already have onPremise Exchange Shared Address Space
Use the same domain name for all users OnPremise or cloud receives email Forwards onto the other one
Multiple Addresses Use different domain names for onPremise &
Cloud Each entity receives its own email Manage mail contacts in either onPremise or
cloud
Types Of Migration
IMAP cutover: E-mail is extracted from the source mail system by IMAP, DNS MX records are changed, and workstations configured to connect to Office 365. E-mail is moved, but no contacts and calendars.
Types Of Migration
Exchange cutover: Same as IMAP but it uses RPC over HTTPS (Outlook Anywhere) to extract your entire mailbox from a legacy Exchange e-mail system (2003 or later only).
Types Of Migration
Staged coexistence: Similar to an Exchange cutover, but allows for batches of users to move at a time and for the two systems (Exchange and Office 365) to interoperate over a period of time.
Types Of Migration
Hybrid coexistence: This solution is intended for customers who require onsite and cloud e-mail systems to coexist for longer periods. Active Directory and Office 365 synchronize and single-sign-on is set up. This is the most technically complex migration method but makes for the easiest mailbox migrations, simply using the existing Exchange Management Console’s commands.
Single Signon
Use Active directory account to access Office 365
Uses Active Directory federation services Minimum 4 servers for load balancing Federation server & Federation proxy server PowerShell to form ‘link’
Separate server for DirSync software DO NOT ENABLE BEFORE MIGRATION
Real World Migration
Planning Prepare your AD
Delete users Clean up Exchange
Empty deleted items Empty sent items
Migration type Choose the right one for your environment
How many users Keeping onPremise
Real World Migration
Migration takes time 400 users took 5 days Incremental updates after full migration
Complete migration Convert mailboxes to mail enabled users PowerShell scripts downloadable from
Microsoft
All migrations run from Exchange Control Panel
Demo – Sort Of !!
Federated Login
Federated Login
Exchange Control Panel
Email Migration
onPremise Server Details
onPremise Server Details
Thanks very much for coming and please
spread the wordInterested in speaking?
Interested in coordinating a user group?
Contact Matthew Hughes [email protected]