500 likes | 681 Vues
Deploying Office 365 in Production: Part 2. October 2013. Session Overview. Session Overview.
E N D
Deploying Office 365 in Production: Part 2 October 2013
Session Overview • This session details the steps and actions required when expanding a pilot Office 365 environment into a production deployment. Unlike on-premises implementations, IT professionals can scale out their Office 365 tenants with ease. However, with added scale, it is important to start to automate user provisioning, add a production domain and set up the desired workloads.
Optimized path Exchange 2007Pilot Source Pilot Deploy Enhance Cloud ID PST Self service Connected account Migration PST import tool Admin Driven IMAP migration Pilot users use the service in about an hour Start with a clean mailbox or with their own data
Optimized path Exchange 2007Deploy Cloud identity Source Pilot Deploy Enhance Self service PST Migration Shared namespace PST import tool Admin driven IMAP migration Deploy quickly using cloud identity Option to expedite with use of a new or shared namespace with limited GAL
Optimized path Exchange 2007Deploy Synchronized identity Source Pilot Deploy Enhance Shared namespace Synchronized ID with password sync Admin driven Staged migration Migration Use the service within days post migration of mail data with full GAL
Optimized path Exchange 2007Deploy Synchronized identity Source Pilot Deploy Enhance Enhance Admin driven Hybrid migration Hybrid servers Migration Use the service within weeks post-introduction of hybrid servers Complete GAL availability
Optimized path Exchange 2007Deploy Synchronized identity Source Pilot Deploy Enhance Federated ID Self Service Migration Staged migration Admin driven Hybrid migration Users can start using the service within weeks post-introduction of hybrid servers, full GA, and SSO post-data move
Optimized path Exchange 2007 Recap Pilot service in about an hour Deployment options to meet your requirements Leverage staged migration for IT led migration Optionally enhance service over time Decision points Identity type Namespace Migration and coexistence approach Authentication requirements
Optimized path Exchange 2010Pilot Source Pilot Deploy Enhance Cloud ID PST Self service Connected account Migration PST import tool Admin Driven IMAP migration Pilot users use the service in about an hour Start with a clean mailbox or with their own data
Optimized path Exchange 2010Deploy Cloud identity Source Pilot Deploy Enhance Admin driven Shared namespace Migration PST import tool IMAP migration Users can start using the service within hours to days post-data migration depending on requirements of new or shared namespace with limited GAL
Optimized path Exchange 2010Deploy Synchronized identity Source Pilot Deploy Enhance Shared namespace Self service Migration Synchronized ID with password sync Admin driven Hybrid migration Users can start using the service within days post-introduction of SP3 or later with Hybrid Configuration Wizard (HCW), full GAL, post-data move
Optimized path Exchange 2010Enhance Synchronized identity Source Pilot Deploy Enhance Enhance Federated ID Self service Migration Admin driven Hybrid migration Users can start using the service within days post-introduction of SP3 or later with HCW, full GAL, and introduction of SSO, post-data move
Optimized path Exchange 2010Recap Pilot service in about an hour Deployment options to meet your requirements Leverage hybrid Exchange for IT led migration Optionally enhance service over time Decision points Identity type Namespace Migration and coexistence approach Hybrid use Authentication requirements
Introducing production licenses • Purchasing directly in the Admin Portal • Activation Email- Purchasing via Volume Licensing • New Online Services Customers • Office 365 Trial Customers
Activation Email – Sign In vs Sign Up Options • New Online Services Customer • When a new online services customer purchases Office 365 for Enterprises via their Enterprise Agreement (EA), and has never participated in an Office 365 Trial, they should use the Sign Up option from the link in the activation email. • Office 365 Trial Customer • If a trial customer choses to retain their Office 365 trial data, settings, and their existing onmicrosoft.com domain during their transition from trial to a paid subscription, they will need to choose Sign In. Choosing this option will allow the customer to transition their trial subscription over to the licensed production subscription.
Activation- Step-by-step (New Online Service) • Customer clicks “Sign Up” via activation email • Customer creates and activates a new account profile • Customer adds New Online Service ID • Customer receives acknowledgment
Activation- Step-by-step (O365 Trial) • Microsoft or Partner enters VL order • Customer clicks “Sign In” on activation email • Customer signs in & provides existing account subscription info • Customer receives provisioning confirmation email
Add and Verify a Domain • Logon to the Portal • Select domains • Select Add Domain • Start Step 1 and specify domain name • Select preferred instructions • Add verification DNS record • Verify domain • Complete domain configuration
Key Deployment Considerations • Verify domains • Add all SMTP domains as verified domains before synchronizing • Cannot be removed until all synchronized objects are no longer using the domain as a proxy address or UPN • Plan UPN suffix • Verify on-premises user objects have a value (not null) for UPN suffix and that it is correct • The default routing domain (e.g. contoso.onmicrosoft.com) is used for Office 365 UPN suffix if the on-premises UPN suffix does not contain a verified + public routable DNS domain (e.g. cannot use *.local) • Note: we recommend SMTP == UPN
Key Deployment Considerations • Complete Active Directory cleanup work before implementing DirSync -> consider using ID Fix • Especially if importing data from a 3rd party LDAP directory into Active Directory • Enable Dirsync ahead of deploying it on-premises • Plan ahead for DirSync quota increase • Could become a deployment blocker. Don’t wait until 11th hour to request. • Enable Directory Synchronization ahead of DirSync server deployment (activation can take up to 24 hours to complete) • Unless you don’t want to use DirSync at all • Understand how “soft match” works • Consider Exchange schema extensions for non-Exchange AD environments
Prepare and Download DirSync • Activate Directory Synchronization • (can take up to 24h to propagate) • In MOP, select • users and groups | DirSync Set up • Form DirSync serverDownload DirSync • Logon to the Portal • Select Users and groups and then activate DirSync • Select Users and Groups and click Set up Active Directory synchronization • Activate Directory Synchronization • Wait (up to 24 hours) for Dirsync enablement • Review all documentation, follow the implementation steps, and download DirSync
Install DirSync • Logon to DirSync server and run setup • Follow setup wizard • When finished, option to start the configuration wizard
Configure DirSync • Run configuration wizard • Provide O365admin creds • Provide AD admin creds • If Exchange hybrid, configure “write-back” • Password sync option • Create configuration • When finished, option to run synchronization
IMAP Migration Prepare for IMAP Migration Create a CSVs for IMAP Migration Create IMAP Migration Endpoint Start IMAP Migration Batch Delete IMAP Migration Batches Create IMAP Migration Batch Configure MX Record Pointing to Office 365
IMAP Migration Process Prepare for IMAP Migration Configure IMAP server to accept connections from Office 365 (port 143 or 993) Add and verify email domain in Office 365 Create users and mailboxes in Office 365 -> Manual/Bulk/DirSync Best practices Reconfigure MX record TTL to 15 mins Create a dedicated migration admin user Add permissions to the migration admin If not possible: collect user passwords
IMAP Migration Process Start IMAP Migration Batch Create IMAP Migration Batch User list is defined in CSV files Multiple migration batches CSV file limits: 50,000 rows, max 10 MB Best practices Keep CSV files at secure location Newly arriving emails land where MX record points to - no redirection Client software reconfiguration (pointing to ExO)
Staged Migration Process Start a Staged Migration Batch Prepare for Staged Migration Create a CSV File for Staged Migration Batch Convert On-PremiseMailboxestoMail-Enabled Users Delete Staged Migration Batch Create Migration End-Point Create a Staged Migration Batch Complete Post-Migration Tasks
Staged Migration Process Prepare for Staged Migration Add and verify email domain in Office 365 Implement DirSync DirSync will create mail-enabled accounts Available in M or E plans (or Exchange Online plan) Configure Outlook Anywhere Exchange 2003 and 2007 is supported Best practices You can optionally deactivate DirSync after migration Use Hybrid for Exchange 2010 and 2013
Staged Migration Process Create a CSV File for Staged Migration Batch Create Migration End-Point Multiple batches—defined in CSV files Create a migration admin account Create the migration endpoint in Office 365 Test endpoint using ExRCA Best practices Move the workgroups together Cross-premise sharing is not available (Delegates, shared calendars, rooms) Each CSV file can contain max.1,000 users
Staged Migration Process Start a Staged Migration Batch Start the batch by uploading CSV file Best practices Users start with empty mailboxes filling in Example scenario: Start the migration at 18:00 Mailboxes will be synced during the night Reconfigure Outlook profiles Allow Outlook sync during the night
Staged Migration Process Convert On-Premise Mailboxes to Mail-Enabled Users Simple Coexistence Emails still arrive On-Premise Forwarded if mailbox is migrated Office 365: mail-enabled users converted to mailboxes On-Premise: DirSync set the targetAddressproperty Best practices Check if sync was finished without errors Convert the on-premises mailboxes of the migrated users to mail-enabled users
Staged Migration Process Delete Staged Migration Batch No need for incremental sync Outlook will rebuild the OST cache Best practices Instruct users to use Office 365 mailbox Cross-premise sharing is not allowed
Staged Migration Process Complete Post-Migration Tasks Reconfigure MX record Decommission on-premises Exchange* Assign licenses to Office 365 users Best practices Staged migration is not a long-term solution Migration can span up to some months
Two ways to deploy (A)Have users install Office directly from the Office 365 portal (B) Download the Office software to your local network and then deploy Office to your users
Which way to deploy? • Are users local admins on their computers? • If not, can’t use the portal • Download/on-premises option gives more control: • Where on the network Office is installed from • How Office is updated after it is installed • Which computers Office is installed on • Which users, if any, get the 64-bit edition of Office • Which languages are available to install
Mobile Device Configuration • http://office.microsoft.com/en-us/office365-suite-help/set-up-and-use-office-365-on-your-phone-or-tablet-HA102818686.aspx