MIGRATION: GETTING STARTED 2008: New email solution needed Survey of products: tended to look to Google® and Microsoft® cloud options Microsoft was willing to provide contractual assurances as to location of data Q1 2009: Microsoft Live@EDU® selected
MIGRATION: WHAT HAPPENED Over 80,000 accounts were migrated from Mirapoint® Messaging Server. Migration was done using both Microsoft’s MS IMAP Migration Tool and IMAPSync; the latter was brought up when it was found MS IMAP was too slow to accomplish the full migration in the time specified. Most accounts were migrated as user Mailboxes; a small number as Mail- enabled Users (MEUs) – this last was to accommodate on-premises Exchange users. Subsequently, ~300 Calendar resource mailboxes created to accommodate the migration of Oracle® Calendar users. Initial planning began in August 2008. Migrations began on the first server on June 4, 2010; the final synchronization was started on June 27 and completed later in the week. Calendar data was migrated in late December, 2010. Sumatra® was used for the Oracle Calendar migration; it uses Exchange Web Services (EWS) to write the data.
MIGRATION: LESSONS LEARNED Plan extensively. Try to have an alternative if the initial solution is insufficient (e.g. MS IMAP and IMAPSync). Decide scope of project; some items that are out-of-scope will arise nonetheless, so be aware of the boundaries. On a really large, highly-visible project, your project manager will be doing little else. Training in new systems and techniques is essential. Develop as much (on-line) documentation to cover “the basics” as possible (otherwise your support staff is constantly answering the same questions). Keep your user community informed.
ADMINISTRATION Domain Level Administration (We will be briefly covering OLSync/ILM ) Day to Day Operations Live@edu Service Management Windows PowerShell and Portal Windows Remote Management Windows Live® Admin Center (WinRM) Outlook Live Directory Sync Exchange Control Panel - (OLSync) w/ Identity Lifecycle Manage My Organization Management (ILM) Forefront Online Protection for Exchange® (FOPE) Administrative Console
ROLE-BASED ACCESS CONTROL You can use role based access control (RBAC) to assign different capabilities to different administrative users, such as help desk personnel or information security officers. For example, there are roles that let users create, modify and delete mailboxes, and reset users passwords. There are other roles that allow for multi-mailbox searches and generation of delivery reports. Some of the Administrative Roles listed in the Exchange Control Panel:
WINDOWS POWERSHELL #1 PowerShell is a command-line shell and scripting language that uses administrative tasks called cmdlets. Each cmdlet has a verb- noun syntax with required and optional arguments, called parameters, that identify which objects to act on or control how the task is performed Examples of everyday PowerShell commands we use: Search-MessageTrackingReport -identity <live id 1> - BypassDelegateChecking -Sender <live id 2> |fl Get-MessageTrackingReport -Identity MessageTrackingReportID - ReportTemplate Summary –BypassDelegateChecking -ReportTemplate Summary
WINDOWS POWERSHELL #3 Value Script once, use frequently. Bulk operations easier to perform than in ECP. Obstacles Encountered Throttling limits on number of mailboxes acted upon in operations. Learning curve. Non-scripters will be challenged. Documentation is not as fully fleshed out as we would like. Outlook Live is a tenanted Exchange environment, which does not provide the full-feature set of an on-premise Exchange 2010 environment. Lessons Learned Support Team should have members experienced with PowerShell and script development
EXCHANGE CONTROL PANEL #2 Value Good for one-off operations. Provides a way to see an account holder’s server-side settings. Obstacles Encountered Not as feature rich as is available via PowerShell Feature availability can differ depending on browser used. Outlook Live is a tenanted Exchange environment, which does not provide the full-feature set of an on-premise Exchange 2010 environment. Outlook Live does not provide the Exchange Management Console Lessons Learned
FOPE ADMINISTRATIVE CONSOLE#2 Value FOPE provides more configuration for anti-Spam protection than previously allowed when using that provided by Windows Live. Obstacles Encountered There is a 35 minute delay in change propagation across all FOPE servers. FOPE does not use the full features available in Regular Expressions. Some FOPE features are not currently available in the Outlook Live Implementation. Currently, there are bugs in the FOPE implementation in Outlook Live. Lessons Learned More documentation and training is needed.
DIRECTORY SYNC (OLSYNC) W/ (ILM) Value Allows the synchronization of account information from the central identity management system Obstacles Encountered The lack of the MS Exchange schema in our Active Directory environment. Had we extended the schema for Exchange, many (indeed, almost all) of the implemented customizations would have been unnecessary. ILM uses a schedule synchronization to synchronize account data to Outlook Live. However, using PCNS to synchronize passwords is close to being instantaneous. Lessons Learned Someone extremely knowledgeable in ILM and how it works would have been beneficial.
LONG-TERM SUPPORT PLANS• Defining Scope of Support• Documentation• Training Sessions • Targeted • General• Vendor Support Options
DEFINING THE SCOPE OF• SUPPORT Platforms Entourage 2008 • Windows XP and 7 • Applications • Browsers • Mac OS 10.5 and • Outlook 2010 • Internet Explorer 10.6 and 2007 • Mozilla Firefox • Linux? • Exchange • Google Chrome? • Mobile Options: and IMAP • Blackberry • Thunderbird • Windows Mobile • IMAP • iOS • Mac Mail • Android • Exchange and IMAP • Outlook 2011 and
DOCUMENTATION• Video Tutorials - YouTube • Set-up Instructions • Commonly Performed Tasks • Advanced Tasks• Written Instructions with Screenshots• Handouts• Timeline of 4 set/week • Included scripting, recording, voiceover, and editing• Total of 30+ Produced Today
TRAINING SESSIONS• Over 20 On-Campus Sessions • Maintain 3 Sessions Per Semester • General Course • Training Performed on the • Advanced/IT Course Preferred Standard • Calendar • Windows 7• Off-Campus Sessions By Request • Outlook 2010• Departmental Sessions By • Exchange Request • Outlook Web Client
VENDOR SUPPORT OPTIONS • Free • OutlookLiveAnswers.com • General Ticketing System (8 Hour Response Time) • TechNet Forums • Premier Support • Still Free for Live@EDU Cases • Pros: • Technical Account Manager • Ability to Escalate Quickly • Visibility into Product Team
MOVING• FORWARD Forefront Online Protection for Exchange (FOPE) • Anti-Virus/Anti-Spam • Policy Rules • Reporting, Auditing, and Message Tracing• Office 365 for Education • Exchange Online • Lync Online • IM, Audio/Video, Online Meetings, Presence • Sharepoint Online • Document Repository • Real-time Collaboration • Charge for Faculty/Staff on new features, currently $10/user
TRADEMARKS Microsoft, Live@EDU, Forefront Online Protection for Exchange, Outlook, Internet Explorer, Office and Sharepoint are registered trademarks of Microsoft, Inc. in the US and other countries Windows Powershell and Lync are trademarks of Microsoft, Inc. Mozilla and Firefox are registered trademarks of The Mozilla Corporation in the US and other countries. Macintosh and Safari are registered trademarks of Apple Computer, Inc., in the U.S. and other countries. Sumatra Utilities is a registered trademark of Sumatra Development, LLC in the US and other countries
QUESTIONS?Rachel Mooreheadrmoorehe@uga.eduJoe Kelleyjkelley@uga.eduLewis Noleslnoles@uga.eduUSG Institutions with Live@EDUGA-Live@listserv.uga.edu