Implementing and Managing Office 365 - Jacksonville IT Pro Camp 2017
•Download as PPTX, PDF•
0 likes•130 views
My slide deck from my presentation around getting started with implementing and managing Office 365 from the Jacksonville, IT Pro Camp 2017
Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Similar to Implementing and Managing Office 365 - Jacksonville IT Pro Camp 2017
Similar to Implementing and Managing Office 365 - Jacksonville IT Pro Camp 2017 (20)
Recently uploaded
Recently uploaded (20)
Implementing and Managing Office 365 - Jacksonville IT Pro Camp 2017
- 1. Implementing and Managing Office 365 Ben Stegink Jacksonville IT Pro Camp 2017
- 2. Ben Stegink www.benstegink.com www.intelligink.com www.msclouditpropodcast.com Twitter: @BenStegink • Owner and Chief Consultant at Intelligink • Office 365Trainer for Opsgility • 10+ years of SharePoint Experience • 5+ years of Office 365 Experience • Co-Host the Microsoft Cloud IT Pro Podcast • Ran the Jacksonville, FL SharePoint Users • Started the Jacksonville Cloud User Group About Me
- 3. Introduction to Office 365 and the Plans Available
- 4. What Plans are Available? • Business • Essentials, Business, Premium • Enterprise • ProPlus, E1, E3, E5 • Education • Government • Exchange Plan 1, Exchange Plan 2, E1, E3, E4 • Nonprofit • Business Essentials, Business Premium, E1, E3 • Home (will not be covered)
- 5. Choosing a Plan: Where do you Start? • Business • Maximum of 300 Users (per plan) • Enterprise • Unlimited Users • Education • Apply and verified as a qualified academic institution • U.S. Government • Apply and verified as a qualified U.S. government organization • Nonprofit • Apply and validated as a qualified nonprofit organization
- 6. Services – Other Plans and Add-Ons Azure Active Directory Exchange Visio OneDrive for Business Enterprise Mobility Suite Azure Rights Management And Others
- 7. Provisioning aTenant •FreeTrial •All Business Plans, E3, E5, Education*, Government, Non-Profit* •Purchase a Plan •Business Plans or Enterprise Plans * Trials of these plans are so you can get started while waiting for validation of your application
- 8. Prerequisites •Email Address •Domain/Name •Required: Name to use with .onmicrosoft.com •Not Required: Custom, Purchased Domain
- 9. DEMO: Provisioning an E3Tenant
- 10. You have an Office 365 Tenant,What’s Next?
- 11. Thinking about Client Connectivity •Proxy Servers •Firewalls •Bandwidth •Internet Connectivity •Desktop Setup Deployment
- 12. DNS Hosting Options •Office 365 • Simple • Limited Control •Your Own DNS Host • Can be more complex • Requires Slightly more Work • Increased Flexibility
- 13. Custom Domains • Not Required, but Recommended • Don’t Require .onmicrosoft.com • Email Address • Username/Login • Increased Control over DNS/Domain • Can only addTXT records to .onmicrosoft.com • Can add Multiple Domains to SingleTenant • Email • Skype for Business • NOT SharePoint (only one [tenant].sharepoint.com)
- 14. Two components of User Access •User Account •“Office 365” User •Active Directory User •License •Plan License (includes a set of Services) •Service License
- 15. Adding New Users • One at aTime • CSV File Upload • AD Sync (Azure AD Connect) • PowerShell • Mobile App - http://office365adminmobile.azurewebsites.net/
- 16. Purchasing Licenses and Subscriptions •Purchasing a New License or Subscription • Billing Subscriptions • Purchase Brand New or Switch an Existing License • Increase the quantity of already purchased Licenses or Subscriptions • Add-Ons • Associated to a specific subscription • Can’t be added to a trial subscription
- 17. Groups in Office 365 •Security •Distribution •Dynamic AD •Office 365 Groups
- 18. DEMO: Office 365 Admin Portal Overview
- 20. “Service” Admins •User •No AdminAccess •GlobalAdministrator •Access to Everything •Customized Administrator •Billing •Exchange •Password •Skype for Business •Service •SharePoint •User management Permission by Role Chart - http://spben.me/O365AdminRoles
- 21. Modern Authentication • Active Directory Authentication Library (ADAL) – based signin • Enabled for most clients • Additional Security Sign-in Scenarios: • MFA • SAML Based 3rd Party • Smart Card • Certificate Based • Removes Need for Basic Auth in Outlook • https://bsteg.me/O365ModernAuth
- 22. Password Management •Expiration Policy •Complexity:True/False •Resets: Allow User to Rest •Multi-Factor Authentication
- 23. Multi-Factor Authentication (MFA) •Multi-Factor Methods • Phone Call • Text Message • Mobile App Alert • Mobile App Code • 3rd Party OAUTHTokens •Incompatibilities • PowerShell • Some 3rd Party Apps • Use App Passwords
- 24. Data Security Lockbox • Previous • Rigorous Approval Process • Time-BoundAuthorization • Actions Logged and Audited • Improved • Same as Above • +You must approve a MS request for data Encryption • Data at Rest • In transit • https://bsteg.me/O365Encryption
- 25. Security & Compliance Center •Alerts • SharePoint Activities, Exchange, AD/Security •Security Policies • Device management, Spam/Malware, Attachments/links •Data management • Import, Archive, Retention •Search & investigation • Content,Audit Log, eDiscovery, Quarantine •Reports • DLP Policy, Service Reports •Service assurance • Additional Information on Security, Privacy and Complance
- 26. Azure Rights Management – Requirements •Requires Azure AD •Azure Rights Management • Minimum Plan is E3 •Azure Rights Management Premium • Add-On for all Subscriptions • Minimum Plan is E1 with Add-On •ClientApps • Office 2013+ • Windows, macOS/OS X • Mobile Devices •Trial Information
- 27. Data Loss Prevention •Custom •Pre-Defined • Financial • Medical • Privacy •Security and Compliance Portal • SharePoint • OneDrive for Business •ExchangeAdmin Portal • Email
- 28. Key PointsTo Consider •Office 365 Plan • (Business, Enterprise, Edu, Gov) • Other Services •Client Connectivity • Much More InternetTraffic •Domain and DNS •Users and Groups • Sync with AD •Security • MFA • Admins • Password Settings •Rights Managements/DLP More Content – http://www.opsgility.com
Editor's Notes
- Business Plans - These were original the Small Business and Midsize Business Plans. The change to the Business Plans was launched and made available October 1, 2014, however, customers weren’t required to make the switch to the new plans until after October 1, 2015. These plans are targeted at SMBs with less than 300 users Enterprise The enterprise plans are designed to target business with greater than 300 users. However, this is not a requirement. You can still be a company of as few as a single user and still purchase and use any of the Enterprise plans. Enterprise plans can be combined with Business Plans within the same tenant. Education There is just a single education plan. Unless the rest of the options this isn’t a standard Business or Enterprise Plan with different pricing. This is plan designed specifically to accommodating the education sector although it is pretty comparable to an Enterprise E1 plan. Includes: Custom Staff and Class Notebooks for OneNote Government - Unlike education, this category of plans doesn’t have anything unique in terms of feature set from Business or Enterprise Plans. In fact, if you look at the plans, they are actually Business or Enterprise plans bundled under this new category. However, they do have a few unique features: Pricing, there is reduced pricing from the normal business plans Compliance, the way the government Office 365 tenants are hosted, they have passed additional compliance and certifications process to make them comply with government restrictions when storing data. Nonprofit As with government, there is nothing inherently unique about Nonprofit plans. The only difference here is that Microsoft offers discounted pricing to nonprofit organizations Home - The last category of Office 365 plans is home. I did want to mention them here, although this will be the only time you hear about them in this course. Microsoft does offer 2, Office 365 Home plans. However, the feature sets and use cases for these plans are significantly different that the business plans and this course does not apply to those home subscriptions.
- You have the ability to mix Business and Enterprise plans within the same tenant. However, you can have no more than 300 Business users in a plan in a single tenant. You can have 300 users on Business Essentials, 300 users on Business and 300 users on Business Premium all within the same tenant The Education plan is the most unique in that there is only a single plan within the category with a unique features set. U.S. Government and Nonprofit plans primarily just take a subset of Business and Enterprise plans and modify the pricing as well as, in some cases, put them in special designed data center to meet specific requirements.
- CRM - The various CRM components are stand along plans/products that exist along side your existing plans. CRM Marketing Social Parature Other Plans – Other plans are plans that can be purchased to sit along side your other plans. These aren’t tied directly to another plan, but rather are stand alone license that can be assigned to and moved around between individuals. Exchange SharePoint Skype for Business Project Azure Rights Management Premium Azure Active Directory Premium Power BI OneDrive for Business Yammer Visio Enterprise Mobility Suite Microsoft Intune Add-Ons – Add-ons are tied directly to an existing plan. You can’t purchase an Add-On with having a plan to attach it to. Once this is attached to a plan, it can’t be transitioned to another plan or individual. It is permanently attached to plan it was added on to at the time of purchase. Skype for Business PSTN Calling Skype for Business PSTN Conferencing Skype for Business PSTN International Calling Skype for Business Cloud PBX Delve Analytics Customer Lockbox Advanced eDiscovery Exchange Online Archiving Exchange Online Advanced Threat Protection Extra SharePoint Storage Space
- There are two options you can use when getting started with Office 365. You can either start with a free trial (30 day trial) or you can purchase on of the Business or Enterprise Plans. If you are looking to get an Educational, Government or Non-Profit plan, you must start with a trial. Once you have validated your organization you can convert that trial to a full license without loosing any data. For Business and Enterprise Trials you can choose any of the three Business Plans; Essentials, Business or Premium. For the Enterprise plans you can choose either an E3 or and E5.
- The prerequisites for a plan are minimal, an email address (you can use the same email address for multiple trials) and a domain name that hasn’t been used previously. Again, it doesn’t have to be a domain you own as you can create a trial just using username@domain.onmicorosoft.com. It’s only if you want username@domain.com that you’ll have to actually purchase the domain name. You can always start your tenant with domain.onmicrosoft.com as well and add your own customer domain later.
- Hosting all your services in the cloud, SharePoint, Exchange, Skype for Business, Office Deployments, etc. bring about an entirely new set of challenges when ensuring your users can perform their daily duties. Instead of just being able to connect to local servers within your organization, they now need constant connectivity to the Internet and to Microsoft’s Cloud. Proxy Servers, Firewalls, Bandwidth Usage, Internet Connectivity and the Desktop Setup Deployment are all key aspects in making sure you users have the optimal Office 365 and can connect to all the services offered. While Proxy Servers, Firewalls and Bandwidth usage can all be configured and “tweaked” to help achieve maximum performance, you still need to insure that your Internet connection is fast enough and reliable enough to handle the peak load that may occur once everyone is connect to Office 365. Due to the high importance of each of these topics, Microsoft has published extensive articles and white papers on how to best achieve the high quality experience for your end users and how you can configure your network in such a way to insure you get the highest performance when connecting to Office 365.
- SharePoint DNS is hosted by Microsoft, you can’t change the URL of SharePoint to anything other than [tenant].sharepoint.com
- Before a user can login to Office 365 they must have two things: A user account A license assigned to their account The user account can either be a user account that was created within the Office 365 environment or a user that was synced up to Office 365 from your on premises AD server. However, regardless of how the user was added to your Office 365 environment, once there user account is in your tenant, you must assign a license to that account. This can either be plan license (such as E1, E5, etc) or just a single service license (such as Exchange Plan 1 or Skype for Business Plan 2). Based on the license assigned to the user will dictate what service they can log into and use. This is slightly different from the typical on premises licensing where you can add a user to AD and they can access your on premises services immediately and your are responsible for “truing up” with Microsoft for number of users leveraging on-premises services. All user management in Office 365 can be done within the “Active Users” section in the Office 365 Admin Portal.
- Clicking on the Add subscription will take you to the purchasing page. Here you’ll have 5 categories of services to purchase: Enterprise Suite: This is your E1, E3, E5 plans Small Business Suite: This is Business, Business Essentials, Business Premium Dynamics CRM Suite: The name pretty much tells you, these are all your various CRM options Other plans: This includes plans such as stand alone Exchange, SharePoint, Skype for Business, Project, Azure AD, Power BI, OneDrive, Yammer, Visio and Mobile Device Management Add-on subscriptions: PSTN Calling, Extra Storage, Exchange Archiving, and other plans that can’t stand alone, but must be used in conjunction with one of the first 4 categories of plans. Also, as you scroll through the plans, you will see plans you have already purchased marked as such (seen in the middle screen shot) as well as all the other plans available for purchase. As you look through the available subscriptions and hover over the ellipses at the bottom of each plan you’ll see the two different options shown above for plans you’ve already purchased vs. brand new plans. Purchased Plans Switch plans allows you the ability to switch from an E1 to say an E3. It essentially cancels your current plan, creates a new plan and make sure all your information get’s associated with the new plan Change licenses quantity is what you want if you need more (or less) licenses of the specific plan. It will all you to set the total quantity of licenses you need and adjust your monthly bill accordingly. View Bill allows you to view current and past bills. If you go back too far you can’t view the bill in the browser, but are given an option to download a PDF of the bill. In my case I was able to go all the way back to when I signed up for my first subscription in 2011. Edit payment method gives you the option to switched to an existing credit card that you have on file or add a new credit card More subscription payment tasks actually takes you back to the original billing page within your tenant that you started at. New Plans For new plans you have the option to either buy the plan or learn more. Buy now we’ll cover in the next slide Learn more takes you to the plan site on Microsoft’s website so you can learn more about what’s included in the plan as well as access FAQs and comparison charts. Monthly vs. Yearly Pay monthly or Pay for the year: This is purely for budgeting and how you like to pay for things. There is now cost benefit or saving to choosing one options versus the other. If you choose to pay for the year the price will simple by the cost/month x 12. There are some price breaks based on quantity purchases. Cost goes down $0.60/user at: 250, 2500, 6000, 15000 Add Ons To purchase an add-on for a license, you can either purchase it in the Add-On Section at the bottom of the ”Add subscription page” or you can purchase the with the Buy add-on’s link under a specific subscription. Add-Ons can’t be purchased/added on to a trial tenant If you choose to buy add-ons from the second link, only add-ons will be show on the purchasing page. One important thing to note is that an add-on is associated with a specific subscription. When you proceed to purchase the add-on, you’ll be asked to select a base subscription for the add-on you are purchasing. There isn’t a way to to transfer an add-on from one subscription to the next. If you wish to do this, you must purchase the add-on for the subscription you want to transfer to and then cancel the add-on from the subscription you want to transfer from.
- User and Global Admin are all or nothing SharePoint Admin != Site collection Admin. Users can still be Site Collection Admins Global and Customized Admin require and alternative email address to be entered Customized Admin you can mix and match the roles
- Expiration Policy Days before a password Expires Days before expiration a user is notified Password never expires (global level or user by user) Complexity Can only be set via PowerShell 8 – 16 characters Strong Password require 3 out of 4 of: Lowercase characters Uppercase characters Numbers (0-9) Symbols (see password restrictions above) Resets Multi-Factor Authentication
- Expiration Policy Days before a password Expires Days before expiration a user is notified Password never expires (global level or user by user) Complexity Can only be set via PowerShell 8 – 16 characters Strong Password require 3 out of 4 of: Lowercase characters Uppercase characters Numbers (0-9) Symbols (see password restrictions above) Resets Multi-Factor Authentication
- PowerShell using Set-MsolUser Admin Portal under Settings -> Apps Azure AD under Configuration Both Azure AD and the Office 365 Admin Portal take you to the same configuration screens PowerShell does not allow you to connect using MFA, so if you want to run powershell, make sure you leave at least one admin account with MFA disable that you can sue to execute PowerShell commands as App Passwords are also not available for use with PowerShell.
- User and Global Admin are all or nothing SharePoint Admin != Site collection Admin. Users can still be Site Collection Admins Global and Customized Admin require and alternative email address to be entered Customized Admin you can mix and match the roles
- User and Global Admin are all or nothing SharePoint Admin != Site collection Admin. Users can still be Site Collection Admins Global and Customized Admin require and alternative email address to be entered Customized Admin you can mix and match the roles
- Management of RMS takes place in Azure AD, not in Office 365. Azure Rights Management is the same as Azure Rights Management Premium. Premium is simple the stand along plane if you don’t have a plan that includes Azure RMS Trial includes licenses for 25 users. When licenses expires, you loose access to all content protected using your trial license Upon purchasing a license content is restored. If you purchase standalone (Azure Rights Management Premium) before trial expiration, you will retain access to RMS protected content.
- Define Conditions: Predefined by MS that you can pick from Conditions applies to data Inside or Outside Organization Actions: Email SharePoint Site Owner Email Person who shared the content Email Owner for the content shared Add additional people to notify Default or Custom email notification Set Override Options Block Content Incident Reports Set Severity level in reports Email incident reports
- SharePoint DNS is hosted by Microsoft, you can’t change the URL of SharePoint to anything other than [tenant].sharepoint.com