Showing posts with label Office 365 Readiness Checks. Show all posts
Showing posts with label Office 365 Readiness Checks. Show all posts

Friday, May 1, 2015

Tools of the Trade - Office 365 Tools for Hybrid Deployments and Migrations - Part 2

Other articles in this series:




What is the "DirSync" Tool?

DirSync is the easire-to-say name for the Microsoft Azure Active Diretory Sync tool. And honestly, with a name that long, a much-abbreviated form was definitely needed for a tool that would be at the center of almost all Hybrid environments with Office 365. So, what is it used for? Quite simply, it is the tool that is used to synchronize your Active Directory users in your On-Prem environment to your Office 365 deployment. You can use it to sync all users, or you can apply filters and synchronize only certain groups, depending on your plans for Office 365 usage.

Why is this important?  I will answer that by also answering why it is AWESOME. Let's say your plan is to house your Lync deployment on-prem (or Skype for Business deployment because you are cool and stay up with the times), but you want to migrate your Exchange users to Exchange Online. Ok, so now you need to create all those users in Office 365, so that they can access Exchange Online. Wait, does this mean that they have to sign in to Lync using one set of credentials, and Exchange Online with another set of credentials? Well, yes, it would mean that, if you didn't synchronize all of your existing users from your on-prem Active Directory. By putting this synchronization into place, all your users will stay properly synced up to Office 365, and you can even manage their accounts and settings from your on-prem environment, with the changes being synced to the account in the cloud. And this means that SSO can also be achieved! Oh happy day!!

What are the requirements for DirSync?

First of all, this tool should only be downloaded onto, and running from, a single machine in your domain. Further more, this server is not recommended to be a Domain Controller, as issues can arise (see my previous article about a specific issue that you will encounter: http://blog.msucguy.com/2015/04/office-365-directory-synchronization.html). It doesn't mean that it won't work on a DC, but if we are talking about a production environment, I would stick to the recommended guidelines.

Secondly, you will need to deploy Active Directory Federation Services in your environment if you wish to achieve Single-Sign On (SSO) functionality. This is very important for companies that want a streamlined user experience - not wanting users to feel like they are in two different environments, but rather working out of the same single environment like they normally would. This article does a great job explaining where ADFS comes into play, and the other types of synchronizations that can be used with it: https://support.office.com/en-ca/article/Understanding-Office-365-identity-and-Azure-Active-Directory-06a189e7-5ec6-4af2-94bf-a22ea225a7a9.

Ok, what about the Technical requirements?

Alright, to get to the nitty-gritty, here is a list of system and envirnment requirements that are more technically specific:
  • The server used for the DirSync tool must be running one of the following operating systems:
    • Windows Server 2008 R2 w/ SP1, x64 (Standard, Enterprise, or Datacenter)
    • Windows Server 2012 (Standar or Datacenter Editions)
    • Windows Server 2012 R2 (Standard or Datacenter Editions)
  • The server must be joined to the Active Directory domain that is being synchronized
  • The AD Forest Functional level must be at least Windows Server 2003
  • The server must have Powershell installed (and enabled, if relevant)
  • The server requires both .NET Framework 3.5 SP1 and .NET Framework 4.5.1
  • The Domain Controllers in the environment must be running one of the following operating systems:
    • Windows Server 2003 SP1 (32 or 64-bit)
    • Windows Server 2008 (32 or 64-bit) (Standard or Enterprise Editions)
    • Windows Server 2008 R2 (Standard or Enterprise Editions)
    • Windows Server 2008 Datacenter Edition
    • Windows Server 2008 R2 Datacenter Edition
    • Windows Server 2012 (Standard or Datacenter Editions)
While the above information may seem drab, and may not pertain to too many newer environments, it can be very good information to know if you are planning on taking the Office 365 certification exams. Just sayin'...

There are other articles out there that go into much deeper dives on this tool, and I would of course encourage you to dig into them if you are moving past this introductory phase and getting ready to do so serious DirSync management. I would especially encourage you to get very familiar with the Powershell tools and cmdlets that are available for directory synchronization and remote Office 365 management, as provisioning automation will definitely rely on a solid understanding of Powershell.

For an overview on the various tools that can be used after your Hybrid deployment (or in-between phases of the deployment), check back with me on the third and final post of this series. We will be going down the list of some great connectivity testing and troubleshooting tools.

I would also like to apologize for the lack of a borderline-sarcastic meme in this post. I shall strive to not let that happen again!

Stay techy, my friends.
Posted by at No comments:
Labels: , , ,

Tuesday, April 28, 2015

Tools of the Trade - Office 365 Tools for Hybrid Deployments and Migrations - Part 1

Other posts in this series:




An Introduction to the Tools of the Trade Series

Who wants to diagnose car troubles without any tools? Better yet, who wants to build a car without any tools? Not normal people, I can tell you that much! As much as I don't really consider myself to be a normal person, I do fall into the category of persons that would prefer to have the proper tools to do a job, especially if that job is to setup a hybrid deployment between an Office 365 enviroment and an On-Prem environment (or to troubleshoot ensuing integration problems).

Microsoft has a knack for building various tool sets around its products, and Office 365 and associated UC applications are no exception to that rule. As a matter of fact, this abundance of tools can start to get a little confusing, as some of the names are very similar, and functionality even seems to overlap a bit in some of the tools. 

This 3-part series will focus on tools for all aspects of an Office 365 Hybrid deployment or migration. The first post will focus on tools used for preparing your on-premises environment for integration with Office 365. The second post will be devoted completely to the Microsoft Azure Active Directory Sync Tool (DirSync). Finally, we will wrap up with the various tools that can be used to test different connectivity scenarios, and to troubleshoot issues that arise post-deployment.

Preparing for Office 365 Hybrid Deployments or Migrations

Did you ever invest a huge amount of time into completing a task, only to find out right as you were finishing that you could have done it in a fraction of the time, with a much simpler procedure? I think most of us have been there. This guy has for sure:


Sometimes it pays to use the right tools, or methodologies, from the beginning! A good starting point, though, is to know what those tools are. So, for all you Admins/Engineers out there that are getting ready to dive into Office 365 for your environment, especially if you are planning a hybrid environment or a complete migration, here are a couple tools that I think you will find incredibly useful at the beginning of your journey.

Office 365 Readiness Checks

Microsoft did us a solid by placing many of the tools that we would want right in the Office 365 Admin Center. The Office 365 Readiness Checks are a great set of checks that are installed and run from our client PC/laptop. To get to these tools, you will need to be logged into the Office 365 Admin Center, and then you can browse here: https://portal.microsoftonline.com/tools. You can then click on the top link titled, Check your Office 365 configuration with Office 365 health, readiness, and connectivity checks (By the way, you will also notice that there are other tools in this section of the portal that we will discuss in a post later in the series).


You will then be guided through the process of conducting these checks. These checks are great to run before your deployment, before launching new services in a deployment, and between each phase of a phased deployment. Your system requirements are fairly easy to meet: you need to have a client OS that is at least Windows 7 (64-bit), and .NET Framework 3.5 needs to be installed. Keep in mind that these checks will be investigating different aspects of your environment, as well as your Office setup, and diagnosing its readiness for integration with Office 365. This means that you will want to be running these checks using an account that has admin-level permissions within the environment.

IdFix DirSync Remediation Tool

Next up on the list, and the only other tool I am discussing concerning preparation for Office 365 integration, is the IdFix DirSync Remediation Tool. The name almost kind of reminds you of Microsoft's Fixit tool, doesn't it? At any rate, this tool is very important for saving you time that you may be spending trying to remediate errors that you could potentially run into when running the DirSync tool (discussed in the next post in this series).

This tool is a download, and it requires at least Windows Server 2008 R2 on the server side, or Windows 7 (64-bit) on the client-side. It's purpose is to ensure that your Active Directory environment is in a ready state for running directory synchronization to Office 365. The tool does a discovery within your AD environment, and then identifies areas of remediation that are required before you attempt to run the DirSync tool. This could potentially save you a bunch of time trying to track down the root cause of errors that you would face in the DirSync tool.

Let's consider the example of a company that has an on-prem Exchange and Lync setup, and uses the public domain 'contoso.org' for their email addresses. They they go and setup Office 365 with a domain called 'contoso.com', and they are using that domain for Exchange Online and Lync Online (excuse me, Skype for Business Online). When they attempt to run the DirSync tool between environments, they are going to run into errors because of the domain mismatch. This is where the IdFix tool can save them the headache, by identifying the incompatibilities ahead of time, and pointing the admin/engineer in the right direction to get the on-prem environment properly prepared.

Conclusion

Well, that wraps it up for this post. While there are other tools out there that may assist in the preparation phase of a deployment, these two should get you started by ensuring that your environment is well prepared and compatible with your Office 365 environment. In our next post, we will dig into the DirSync tool a bit, going over some of the system and environment requirements for running the tool, and discussing a few key points about it. We will conclude the series after our discussion on DirSync by going over the various tools that can help in testing and troubleshooting client connectivity scenarios.

Stay Techy, my friends!


Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)