The document discusses upgrading an organization's email and collaboration tools from Windows Live to Office 365. It provides an overview of how user identities and services will change during the transition. Before the upgrade, users accessed Windows Live services like email and SkyDrive with a single Windows Live ID. After upgrading to Office 365, users will have both a personal Windows Live ID and an organizational Office 365 identity managed by the institution. The upgrade will move email, calendar, contacts and other services to Office 365 while allowing users to keep accessing Windows Live services separately. It also discusses deployment considerations like directory synchronization and single sign-on.
5. Windows
Live Exchange creates
Windows Live IDs
Windows
Live ID
Live@edu
SkyDrive
Admin Live@edu Outlook
Other WL Live Tenant
services
PowerShell & Exchange
Control Panel
Admin
school.ecsd.net
7. Plan A4
Plan A3
Plan A2
Students Free Free $2.50/month $3.00/month
Faculty/Staff Free Free $4.50/month $6.00/month
Alumni Free
Estimated retail prices listed above per user, per month
8.
9. Before Upgrade After Upgrade
In-place tenant conversion to
Office 365
Windows
Live Exchange creates Office 365
Windows
Windows Live IDs Windows Live
Live ID Windows Live MSOID
O365 Admin
ID
Live@edu SkyDrive
SkyDrive Other WL Exchange Online
Admin Live@edu Outlook
services Tenant
Other WL Live Tenant
services
PowerShell & Exchange
Control Panel
Administrator cannot create or
manage Windows LiveIDs
Admin Admin
school.ecsd.net school.ecsd.net
13. Before Upgrade After Upgrade
In-place tenant conversion to
Office 365
Windows
Live Exchange creates Office 365
Windows
Windows Live IDs Windows Live
Live ID Windows Live MSOID
O365 Admin
ID
Live@edu SkyDrive
SkyDrive Other WL Exchange Online
Admin Live@edu Outlook
services Tenant
Other WL Live Tenant
services
PowerShell & Exchange
Control Panel
Administrator cannot create or
manage Windows LiveIDs
Admin Admin
school.ecsd.net school.ecsd.net
14. Once the upgrade to Office 365 for education is complete, each end user will have two
identities; Personal Windows Live identity AND an institutional Office 365 identity
Live@edu: Single Identity Office 365 for education: Two Identities
All Windows
Outlook Live SharePoint Lync
Live Services Online Online
Windows Live
Services Exchange Online
Service Online Services
Management Platform
Portal
Live ID Org ID
Live ID
Terms of Use Organization owned Terms of Use Individual owned Organization owned
Management & Institution-managed Management Self-managed Institution-managed
Control &
Control
Services Windows Live services Services Windows Live services Office 365 services
Identity Windows Live ID Identity Windows Live ID Org ID
15. • We did do things a bit differently with our upgrade.
• We recommend students create self-managed personal Windows Live account, based on their school
email address for SkyDrive etc.
• An organization managed Office 365 account
Before Upgrade After Upgrade
Windows Live Windows Live Office 365
Windows Live Windows Live Organization Office 365
ID ID ID Admin
Other Windows Live@edu
Live services Live@edu Outlook Live Other Windows SkyDrive Exchange Online
Admin Live services Tenant
SkyDrive
EASI Managed
ID: 102912@school.ecsd.net
ID: 102912@school.ecsd.net ID: 102912@school.ecsd.net
PWD: ADPassWord!
PWD: ANewPassword PWD: ADPassword!
16. Deployment Overview Microsoft Federated Gateway
Directory
Office 365
Active Directory
Student’s PC
Student’s PC School Live@Edu
Web Portal Mailbox
ADFS Proxy
ADFS Internal
Directory Sync
18. Live@EDU Office 365
Jan 2011 Aug 2012
E-mail • Students were provisioned e-mails • Didn’t require moving any email, calendars, or contacts
addresses (school.ecsd.net) on Live@EDU
Windows Live • Access all live services via Live@EDU • All windows live services were de-coupled
account. • Email as sign in account
Password • AD Username/Password • AD Username/Password
• Self-Service Password reset • Windows LiveID Password
• Self-Service Password reset
Provisioning • OLSync / ILM • DirSync
SSO • Windows LiveID SSO Toolkit • Moved to ADFS 2.0
24. Office 365 Identity With Office 365 Federated Identity with
Microsoft Online Identity Only
On-Premises AD On-Premises AD*
Microsoft Online Microsoft Online Microsoft Online
Users, groups, objects, identities mastered in Users, groups, objects mastered On-Premises Users, groups, objects, identities mastered
the cloud and identities mastered in the cloud On-Premises
Separate identity for Office 365 Services Separate credentials for On-Premises and Single identity for On-Premises, Office 365
No additional servers required on- Office 365 Services Services
premise DirSync to synchronize AD objects into DirSync to synchronize AD objects into
Different credentials and password Office 365 Office 365
policies for On-Premises and Online Suitable for Medium to Large Organizations Single Sign-on for On-Premises and Office
Suitable for Small Orgs 365 Services
Suitable for large organizations that
require Single Sign On
28. ODF support: Print from editor: Insert chart: Print:
View and edit ODF documents Print Word document from Insert charts in Excel Web App Print presentations from
in Office Web Apps. edit mode (in addition to view PowerPoint Web App
Fill handle:
mode).
Chrome support: Copy and paste values and Edit text in more shapes:
Using Office Web Apps with formulas by dragging the fill Enabling users to edit text in
the Chrome browser. handle. more shapes, vs. just
placeholder shapes.
IE9 native support:
Using Office Web Apps with Choose theme:
IE9 in native mode (vs. in IE8 Picking a presentation theme
mode). when you create a new
document
Insert clip-art:
Insert clip art in PowerPoint
Web App
29. Title Location
Office 365 TechCenter http://technet.microsoft.com/Office365
Office 365 Deployment Guide http://technet.microsoft.com/en-us/library/hh974318.aspx
Office 365 System Requirements http://onlinehelp.microsoft.com/office365-enterprises/ff652534.aspx#BKMK_opsystems
Office 365 Single Sign-On with AD http://www.microsoft.com/en-us/download/details.aspx?id=28971
FS 2.0 whitepaper
Install the Microsoft Online Services http://onlinehelp.microsoft.com/en-us/office365-enterprises/ff652545.aspx
Directory Synchronization tool
Planning for AD FS 2.0 Server http://technet.microsoft.com/en-us/library/gg749899(WS.10).aspx
Capacity
Office 365 Virtual Labs http://technet.microsoft.com/en-us/office365/hh699847.aspx
Sample PowerShell Scripts for Office http://technet.microsoft.com/en-us/library/hh974317.aspx
365 Deployment
30. Office 365 Training &
For Education Rollout
The Future
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43. School Technology
Coach
MyECSD
Newsletter Portal
Resources
Student Training
Resources
Editor's Notes
Welcome - Shannon
OLSync pulled user, contact, group, and dynamic distribution group data from our on-premises AD DS or Active Directory and replicates and synchronizes it with Outlook Live domain.After OLSync pulls in the data, it creates, manages, and deletes accounts in Outlook Live, a process called "auto-provisioning." In addition, OLSync populates the shared address book in the corresponding Outlook Live domain.When OLSync runs, it completes a one-way synchronization from your directory to the Outlook Live datacenter that Microsoft operates. OLSync doesn't write information back to your directory.What do I get with OLSync?
Here is a basic overview of what we had implemented with the SSO Toolkit for Live@EDUStudents would access the URL provided school.ecsd.netThe problem is when you attempt to configure the active sync services such as the email client on the iPad. You could not connect directly to the service since the only means to connect was through the landing page because there was a trust established between our landing page and the Live@edu service which would pass along a token to authenticate the user.Live@edu did not support saving directly to the SkyDrive from a locally installed copy of Microsoft Office, it requires that you save and upload the file to your SkyDrive.Some mobile devices could not run the office web apps; however it did support most main stream devices.A user is authenticated to an organization's internal web portal and presented with a "My Mailbox" button or link. Once the "My Mailbox" button/link is clicked, the internal web portal looks up a user's Windows Live ID in the internal directory service.A Simple Object Access Protocol (SOAP) request is issued to Windows Live Services. As a result, a link is presented back to the user’s Internet browser and the user is seamlessly transferred to their Windows Live or Outlook Live mailbox.The security certificate that is issued by Windows Live Services establishes a trust between the internal web portal server and the Windows Live Login Service. This trust relationship delegates user authentication to the internal web portal and eliminates the need for the user to provide a password for authentication to Windows Live Services.This document provides guidance for implementing an SSO solution for three common scenarios. You can customize the example code included in this SDK to implement a solution based on your organization’s particular needs.pre-installed certificate (provided to your organization by Microsoft) to the Windows Live™ ID SOAP (Single Object Access Protocol) Service, requesting a SLT. This communication is over SSL.The web portal executes custom code to read the certificate and makes SOAP call to Windows Live Service to receive a Short Lived Token (SLT).
Microsoft Outlook live: 10GB hosted Exchange mailboxMicrosoft Office Web Apps: Word, Excel, PowerPoint, OneNoteWindows Live SkyDrive: 25GB of cloud-based storageWindows Live Spaces: blogging, friends, photo and video sharingWindows Live Messenger: IM and video chat
Increased flexibility and management control of school managed services.
The tool will go through and gather a ton of information of in terms of what your environment will look like.Not from what your admins are telling you. But what it actually is10k users all of sudden run dirsync and it craps out at 50k users and you run the report and it turns out they have 100k users cause they don’t delete anything for the past 10 yearsIf you know the amount of users you have you can provision your account ahead of time with the amount of objects you require.DirSync – 50,000 limitThe tool discovers key information for the following areas:DomainsUser Identity and Account ProvisioningExchange OnlineLync OnlineSharePoint OnlineClient and End User ExperienceNetwork
Be Prepared to update your exchange servers to Latest SP and RU.Makes your life easier with Hybrid configuration wizard in SP2In SP1 from 50steps to SP2 down to 6Update Company Her Majesty the Queen in Right of Alberta as represented by the Minister of EducationName: Edmonton Catholic Schools -> Her Majesty the Queen in Right of Alberta as represented by the Minister of EducationTotal seat count: 4000 -> 22095
Increased flexibility and management control of school managed services.