2. MICROSOFT OFFICE 365: FROM SIMPLE MIGRATION TO A HYBRID ENVIRONMENT Chris GoosenToby Knight Systems ArchitectTechnical Solution Professional EnsystMicrosoft SESSION CODE: EXL-OFC311 (c) 2011 Microsoft. All rights reserved.

3. Session Objectives ► Understand the planning requirements ► Overview of migration options ► Learn about cutover and staged migrations ► Learn about the core hybrid components and concepts ► Review hybrid deployment stages ► What’s new in Exchange 2010 SP2?

4. PLANNING (c) 2011 Microsoft. All rights reserved.

5. Read case studies and documentation Read case studies and documentation 1. Plan 2. Prepare Add and verify SMTP domains Planning Stages Configure On-Premise 3. Migrate 4. Decommission

6. DEPLOYMENT PLAN Source Server ► Exchange ► IMAP ► Lotus Notes ► Google Size ► Large ► Medium ► Small ► On-Premise ► Single Sign- On ► Cloud ► Hybrid ► No Hybrid Provisioning ► DirSync ► Bulk Provisioning ► NSPI Provisioning Planning Factors

7. Planning How to pick a migration solution? 1 150 5,000 25,000 Organisational Size in Users CEM SEM Hybrid Migration Solutions <1 Week 2 Weeks 3 Weeks Several Months Co-existence None Mailflow/GalSync Free/Busy, Archive in Cloud Time For Migration including Planning

8. MIGRATION OPTIONS (c) 2011 Microsoft. All rights reserved.

9. IMAP migration Cutover migration Staged migration Hybrid Exchange 5.5X Exchange 2000X Exchange 2003XXXX Exchange 2007XXXX Exchange 2010XXX Notes/DominoX GroupWiseX OtherX * Additional options available with tools from migration partners Migration Options Choices to fit your organisation Migration Hybrid ► IMAP migration – Supports wide range of e-mail platforms – E-mail only (no calendar, contacts, or tasks) ► Hybrid deployment – Manage users on-premises and online – Enables cross-premises calendaring, smooth migration, and easy off-boarding ► Staged Exchange migration (SEM) – No server required on-premises – Identity federation with on-premises directory ► Cutover Exchange migration (CEM) – Good for fast, cutover migrations – No server required on-premises

10. Cutover Exchange Migration Capability ► No on-premise deployment required ► Migration from Exchange Server 2003 and greater ► On-premise or hosted systems ► Integrated Provisioning ► High fidelity migrations - Mail, calendar, tasks and many more Requirement ► Organisation should be less than 1000 in size ► Outlook Anywhere service ► Identity management in the cloud Objective ► A simple Exchange migration solution for small and medium businesses to move to Office 365

11. Staged Exchange Migration Require ► Directory sync Objective ► A simple Exchange migration solution for medium and large size organizations Capability ► Migration from Exchange Server 2003 and Exchange 2007 only. ► Migrate in batches ► High fidelity migrations - Mail, calendar, tasks and many more

12. Not Migrated Security Groups

13. Not Migrated Dynamic Distribution Lists (DDL)

14. Not Migrated Dumpster 1.0

15. Not Migrated Send-As Permissions

16. Migrated

17. DEMO: CUTOVER MIGRATION (c) 2011 Microsoft. All rights reserved.

18. HYBRID DEPLOYMENT FEATURES (c) 2011 Microsoft. All rights reserved.

19. FeatureStagedHybrid Mail routing between on-premises and cloud (recipients on either side) Mail routing with shared namespace (if desired) - @company.com on both sides Unified GAL Free/Busy and calendar sharing cross-premises Mailtips, messaging tracking, and mailbox search work cross-premises OWA Redirection cross-premise (single OWA URL for both on-premises and cloud) Exchange Online Archive Exchange Management Console used to manage cross-prem relationship & mailbox migrations Native mailbox move supports both onboarding and offboarding No outlook reconfiguration or OST resync required after mailbox migration Online Mailbox Move allows users to start logged into their mailbox while it is being moved to the cloud Secure Mail ensure emails cross-premises are encrypted, and the internal auth headers are preserved Centralized mailflow control, ensures that all email routes inbound/outbound via On Premises Compare… Staged Migration vs Hybrid Deployment Exchange Sharing

20. Hybrid Features Free/Busy and Calendar Sharing ► Cross-Premises Free/Busy and Calendar Sharing – Creates the look and feel of a single, seamless organization for meeting scheduling and management of calendar – Works with any supported Outlook client; the heavy lifting is done by the Exchange Server 2010 CAS servers and the MS Federation Gateway and is transparent to the client

21. Hybrid Features Cross-Premises MailTips ► Cross-Premises MailTips – Creates the look and feel of a single, seamless organization. Correct evaluation of “Internal to” vs. “External to” organization context – Allows awareness and correct Outlook 2010 representation of mail-tips for size and quantity limits on DGs, etc.

22. Hybrid Features Cross-Premises Message Tracking ► Cross-Premises Message Tracking – Creates the look and feel of a single, seamless organization – Message tracking started from on-premises or from the cloud will track through to the edge of the combined organization

23. Hybrid Features Cross-Premises mailbox search ► Cross-Premises mailbox search – Allows compliance officers to select/manage mailboxes for mailbox searches from on- premises or cloud-hosted mailboxes – Graphical representation allows to differentiate between on- premises and cloud-hosted mailboxes in the picker – Search results returned across all selected mailboxes, regardless of mailbox location!

24. Hybrid Features Cross-Premises OWA redirection ► Single URL – Allows mailbox access to OWA via a single URL Ensures a consistent end- user experience ► Better Cloud log in experience – Log in experience can be greatly improved by adding your domain name into your cloud URL

25. Hybrid Features Cross-Premises Mailflow ► Cross-Premises Mailflow – Hybrid adds the ability to preserve internal organizational headers. – Most important header: Auth header

26. Hybrid Feature summary ► Makes your on-premises organization and cloud organization work together like a single, seamless organization – Offers near-parity of features/experience on-premises and in the cloud – Seamless interactions between on-premises and cloud mailboxes – Migrations in and out of the cloud transparent to end-user ► Features not supported: – Coexistence of Delegate permissions – Delegate permissions are migrated, but do not work when Delegator and Delegate are split between on-prem & cloud – Migration of Send As/Full Access permissions – Multi-forest – Only single forest source environments – Public Folders

27. HYBRID DEPLOYMENT COMPONENTS (c) 2011 Microsoft. All rights reserved.

28. Hybrid Server Roles 2 Required Server Roles: ► Office 365 Active Directory Synchronization ► Exchange Server 2010 SP1 CAS/Hub* Exchange Server 2010 SP1 CAS/Hub Unified Global Address List Office 365 Directory Sync Exchange Sharing AD FS Mailbox Move Secure Transport * Mbx role is required for legacy environments Exchange Server 2010 SP1 CAS/Hub FREE! with paid Exchange Online subscription FREE! with paid Exchange Online subscription 1 Optional Server Roles: ► Active Directory Federation Services

29. HYBRID DEPLOYMENT CONCEPTS (c) 2011 Microsoft. All rights reserved.

30. Core Concepts Single Namespace Email from toby@foo.com to chris@contoso.com

31. Email is forwarded to chris@service.contoso.com Core Concepts Shared Namespace Email from toby@foo.com to chris@contoso.com

32. Core Concepts “Federation” – Buzzword alert!! Sign-On Scenarios ADFSv2 - “Identity Federation” – User uses corporate credentials to access Online resources in the cloud ► Cross-premises Free/Busy, Shared Calendaring ► Cross-premises Mailtips ► Cross-premises Message Tracking ► Cross-premises Mailbox Search ► Cross-premises Mailbox Move authentication ► Cross-premises OWA redirection ► Cross-premises Archiving ► Single Sign-on cloud mailbox login ► Direct Logon for LOB apps Applies to all Office 365 services, not just Exchange Online Delegation Scenarios – “Exchange Federation” – Services act on behalf of a user to access Exchange resources Specific to hybrid features provided by Exchange Online

33. Core Concepts Standard On-Premises Free/busy

34. Core Concepts Federated Free/busy Free Busy Requ est From Ben To Joe Free Busy Requ est From Ben To Joe

35. Core Concepts Exchange Online Archive Archi ve Requ est From Ben To Archi ve Archi ve Requ est From Ben To Archi ve

36. Core Concepts Secure Mail – TLS Domain Secure

37. Core Concepts Secure Mail - Sending Internal Headers to Cloud XOORG Data Certific ate Subject Cross- premises emails are auth’d as “Internal”

38. Core Concepts Secure Mail – Sending Internal Headers to On-premises XOORG Data Emails from the cloud are seen as Internal by Transport XOORG Data

39. Core Concepts Centralised Mail flow Control Centralised Mail flow Control

40. HYBRID DEPLOYMENT STAGES (c) 2011 Microsoft. All rights reserved.

41. Deployment Exchange Deployment Assistant Exchange Deployment Assistant http://technet.microsoft.com/exdeploy2010 ► Currently supports hybrid configuration with Exchange Server 2003, 2007 and 2010 SP1

42. Deployment Step 1 – Office 365 configuration steps StepDetailsRequired/ Recommended Register your custom domains in the Office 365 portal Register any primary SMTP domainsRequired Configure Federated Identity On-premises ADFS server allows on- premises (single) identity to be used for cloud authentication Recommended Configure DirSyncOn-premises appliance synchronizes on- premises directory/GAL with the cloud Required Enable DirSync Writeback Allows rich off-boarding with message- repliability, archiving in the cloud, and UM in the cloud Recommended

43. Deployment Step 2 – Exchange Configuration Steps StepDetails Required/ Recommended Install Exchange Server 2010 SP1 server On- premises On-premises Exchange Server 2010 SP1 CAS/Hub server (also MBX role for some scenarios) required for hybrid features Required Configure cloud Autodiscover DNS record Allows on-premises targeted autodiscover Outlook client to redirect to cloud without prompts Required Publish MRS ProxyAllows Exchange Online Mailbox Replication Service to connect On Premises and perform a move to the cloud Required Implement Cloud Configuration Policies Create configuration policies in the cloud to match (or complement) on-premises configuration policies (e.g. – ActiveSync policies, OWA policies, etc.) Recommended Configure RBAC in the cloud Create/manage Role Based Access Control (RBAC) settings in the cloud to match (or complement) on-premises RBAC configuration Recommended Configure Federation Trust / Org Relationship “Federated Sharing” Enable infrastructure for delegated Live namespace federation. Allows the following features: Recommended Cross-premises Free/Busy, Shared Calendaring Cross-premises OWA redirection (single URL) Cross-premises MailtipsCross-premises Mailbox Search Cross-premises Message TrackingCross-premises Archiving Configure Cross- premises mail routing Configure Cross-premises mail routing. This configuration ensures proper anti- spam/header handling for mail sent between on-premises and the cloud. Recommended

44. Deployment Creating the Federation Trust Automatic implied trust between the Exchange Online tenant and MFG Create Exchange Federation Trust with the MFG using a “unique namespace” e.g. “exchangedelegation.contoso.com” Create Exchange Federation Trust with the MFG using a “unique namespace” e.g. “exchangedelegation.contoso.com” On-premises Org Relationship with “service.contoso.com” Exchange Online Org Relationship with “contoso.com”

45. Deployment Creating the Secure Mail Connectors Remote Domains define the use of internal headers

46. DEMO: HYBRID DEPLOYMENT (c) 2011 Microsoft. All rights reserved.

47. What’s New in Exchange 2010 SP2? ► New Hybrid Configuration Wizard – Exchange federation trust – Organization relationships – Remote domains/accepted domains – Email address policies – Send/Receive connector – Forefront inbound/outbound connectors – MRSProxy – Pre-req checks (i.e. Office365 Active Directory Sync, Exchange certificates, registered custom domains, etc…) ► New PowerShell cmdlets – New/Get/Set/Update-HybridConfiguration ► Namespaces improvements – Removing requirement for unique namespace – Providing every customer a coexistence domain, for every hybrid deployment Service.contoso.com is now Contoso.mail.onmicrosoft.com Pre-SP2: Approximately 50 manual steps With SP2: Now only 6 manual steps Pre-SP2: Approximately 50 manual steps With SP2: Now only 6 manual steps

48. In Review Session Takeaways ► There are migration options to suit any organisation ► Hybrid setup has many steps, but it’s primarily about getting the planning right: – Namespaces & Certificates are the two key areas to think about ► Moving to Exchange Server 2010 on-premises sets you up for a smooth path to the cloud ► What’s new in SP2?

49. Related Content Check out these sessions! ► EXL310 Upgrading to Exchange 2010: Notes from Field ► EXL303 Exchange Server 2010: High Availability Concepts ► OFS-OFC309 From Zero to Productivity with Office 365 ► OFS-OFC214 Customer experiences moving to the Cloud ► OFS-OFC215 Microsoft Office 365: The Future of Productivity

50. QUESTION & ANSWER SESSION (c) 2011 Microsoft. All rights reserved.

51. Contact Details Get in touch! ► Chris Goosen – Email: cgoosen@ensyst.com.aucgoosen@ensyst.com.au – Blog: http://www.cgoosen.comhttp://www.cgoosen.com – Twitter: @chrisgoosen ► Toby Knight – Email: tknight@microsoft.comtknight@microsoft.com

52. Enrol in Microsoft Virtual Academy Today Why Enroll, other than it being free? The MVA helps improve your IT skill set and advance your career with a free, easy to access training portal that allows you to learn at your own pace, focusing on Microsoft technologies. What Do I get for enrolment? ► Free training to make you become the Cloud-Hero in my Organization ► Help mastering your Training Path and get the recognition ► Connect with other IT Pros and discuss The Cloud Where do I Enrol? www.microsoftvirtualacademy.com Then tell us what you think. TellTheDean@microsoft.com

53. © 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. (c) 2011 Microsoft. All rights reserved.

54. www.msteched.com/Australia Sessions On-Demand & Community http:// technet.microsoft.com/en-au Resources for IT Professionals http://msdn.microsoft.com/en-au Resources for Developers www.microsoft.com/australia/learning Microsoft Certification & Training Resources Resources (c) 2011 Microsoft. All rights reserved.