Transcript Office 365 Migration Challenges

Office 365 Migration
Challenges
2016 Redmond Summit | Identity Without Boundaries
Drew St. John
Consultant
May 24, 2016
#OCGUS16
@OCGUSOfficial
On Tap:
- Outline common challenges experienced in the
field during O365 migrations
- Outline prerequisites…The “must do” items
- “Phase-ology”: Plan, Deploy, Run
- Q/A at the conclusion of presentation
The Challenges…
#1 Planning and Provisioning
• What does Office 365 provide for the organization?
Requirements
• Is the environment ready?
• When, What, and How (Provisioning, Training, Communicating,
etc.)
• Active Directory
Technologies
• Exchange
• Office
Authentication and
Synchronization
• ADFS
• AADConnect
• FIM/MIM
• Only implement features you really need
• Clear understanding of whether Cloud IDs or Federated identities
will be deployed
• Do you need co-existence and for how long?
• Clearly define co-existence mail flow requirements
• Clear understanding about whether Directory Synchronisation will
be deployed
• A hybrid deployment with Exchange 2010/13 should use multiple
CAS servers for load balancing and redundancy
• Single Sign-On requirements met (ADFS backend and proxy
servers)
• Know what your current provisioning and deprovisioning processes are… Have they changed?
• Do users understand Office applications? Are they
getting a new version?
• How will the Admin and Service Desk roles change?
What new skills do they need?
• Get posters and quick start guides out – generate
excitement
• Communications before, during and after….
• All AD remediation identified by the Office 365 Deployment
Tools has been completed
• All AD remediation of items discovered by IDFix have been
completed
• All duplicate attributes remediated
• ProxyAddresses
• UPNs
• Primary SMTP addresses
• Enabled/Disabled accounts reconciled
• Hardware sizing based on current usage profiles and ordered
• High Availability requirements planned for
• Third party certificates bought and ordered
• Directory Synchronization healthy
• Trust has been established with the Microsoft Federation
Gateway: http://technet.microsoft.com/enus/library/dd335198.aspx
• All required SMTP domains have been verified in Office 365
• Exchange Web Services have been published on premises:
http://blogs.technet.com/b/exchange/archive/2010/07/16/341040
8.aspx
#2: Network
• Office 365 client connections are transitioning to Internet
Bandwidth
• Outbound and Inbound traffic restrictions on firewalls and proxies
• Port utilization in NAT scenarios
Firewall and Proxy
Clients
Mailbox Migration
Velocity
• Authentication rules may interrupt client requests
• Office 365 IP and URL exceptions in place per service
• Evaluate client firewall GPO settings and 3rd party firewall settings
• Reduce mailbox sizes
• Use the mailbox move capabilities within Exchange hybrid
• Migrate during off-peak times
TechNet: Office 365 IPs and URLs
Bandwidth Calculators for Office 365
Exchange Online
http://go.microsoft.com/fwlink/?LinkId=321550
Skype For Business (Lync) 2010/2013
http://go.microsoft.com/fwlink/?LinkId=321551
OneDrive for Business Synchronization
http://go.microsoft.com/fwlink/?LinkId=517364
Migration Velocity
• Test and confirm that your organization’s Internet pipe can manage the network impact of
Office 365 migrations
• Assess internal network bandwidth availability for Office 365 migration events
• Make use of available network tools such as:
• Microsoft Network Monitor – Allows you to capture network traffic, view, and analyze it. Look
for HTTPS/SSL time-outs set too low on Proxy/Firewall/Router and excessive retransmits
• Microsoft Remote Connectivity Analyzer – Tests connectivity in your Exchange Online
environment
• Office 365 Network Analysis Tool
• North America: http://na1-fasttrack.cloudapp.net
• EMEA: http://em1-fasttrack.cloudapp.net
• APAC: http://ap1-fasttrack.cloudapp.net
• Determine your download, upload, and latency between your on-premises environment and your
current Microsoft cloud services data center
#3 Mailbox Access
AutoDiscover
Auto-Mapping
• DNS configured incorrectly
• Incorrect firewall exception or incorrect external URL configured
• Outlook will load multiple mailboxes to the profile based upon
permissions, and access to many shared mailboxes can cause
issues
• Use PowerShell to set AutoMapping to $false
Mobile Device
Access
Linked Mailbox
• Exchange Online has EAS throttling, device may be denied for a
short time
• Enable logging in Outlook client and use LogParser to view results
• Connection to mailbox is broken during migration and must be relinked post-migration
Prerequisites…Check!
Microsoft Exchange
Identities
Apps
Infrastructure
• Exchange 2010, 2013, or 2016
with latest service pack/CU
installed required for hybrid
• Active Directory user objects
and groups must be identified
for migration
(POC/Pilot/Test/Prod)
• Office, Office 2013 and Office
2011 for MAC are supported
• Accepted domains added to
Office 365 tenant
• Install latest App/Security
patches to all Office products
before O365 deployment
• DNS record additions and
changes to support mail flow
and Client Access
• Legacy versions of Office may
have reduced functionality
• Bandwidth Availability testing
• Proper certificates must be
deployed for associated
services
• Is Exchange healthy?
• Run IDFix to evaluate objects
and remediate issues
• Use AADConnect to
synchronize directories
• Review environment needs
single forest/multiple forest
• LOB applications the need
SMTP will have to be modified
2016 Redmond Summit Sponsors
Thank you!
Drew St. John
[email protected]