| Author |
 Topic  |
|
Pesos
Honorable But Hopeless Addict
USA
3506 Posts
Status: offline |
 Posted - 07/20/2012 : 01:17:22 AM
|
Nathan, now that ex/lync/sp/office 2013 have dropped, can I pick your brain (and the other gurus' here!) about when we are really going to be able to take advantage of a hybrid setup without the cons outweighing the pros...
I would LOVE to hand off Exchange mailbox/HT/cas to Microsoft with their highly available datacenters and grand economy of scale offering ridiculous 25 GB mailboxes on the ultracheap.
BUT
We need Lync EV and Exchange UM. Happy to keep the former on-prem, but it would be nice to have UM live in the cloud with the rest of the exchange pieces if possible.
Is this going to be possible to configure with 2013 without having ridiculous complexity as far as AD integration/synching/etc? That's the piece that I'm a little unclear on and have had a hard time finding concise write-ups on.
Anything you could share would be grand!
|
-Wes |
|
|
Pesos
Honorable But Hopeless Addict
USA
3506 Posts
Status: offline |
Posted - 07/20/2012 : 01:19:57 AM
|
p.s. the other piece that has been a sticking point has been our heavy reliance on citrix/TS, which in turn means Outlook running in Online Mode, which means having mailbox servers on the LAN together with the TS servers
but now with Outlook 2013 supporting a window of synch time for cached mode, we may be able to get more creative with Outlook deployments on TS and could consider mailboxes in the cloud... |
-Wes |
 |
|
|
NMDANGE
Honorable But Hopeless Addict
USA
2054 Posts
Status: offline |
Posted - 07/20/2012 : 09:19:05 AM
|
Wes,
Your scenario is 100% possible with Lync 2010 and the current version of Office 365.
EDIT:
Nevermind missed the part where you said easy to configure 
I don't believe this is changing in the new version. You still need ADFS, DirSync and all that. |
Michael D'Angelo
(former)MVP-MIIS, Pace University Senior Systems Administrator (Windows)
(MS)NMDANGE
PhoeniX WorX Systems Administrator. If you play Total Annihilation, please join us. http://www.phoenixworx.org |
Edited by - NMDANGE on 07/20/2012 09:21:54 AM |
|
|
|
Pesos
Honorable But Hopeless Addict
USA
3506 Posts
Status: offline |
Posted - 07/20/2012 : 2:33:02 PM
|
| Thanks Michael... any blogs/write-ups you can point me to that actually do a good job of breaking it down? Once the initial configuration pain is done, is it relatively simple to maintain/provision day to day? |
-Wes |
|
|
|
Playwell
Honorable But Hopeless Addict
Netherlands
4822 Posts
Status: offline |
Posted - 07/28/2012 : 10:12:42 AM
|
As I understood Hybrid makes sense because you'd handle all the exchange stuff on primeses, in stead of connecting to the cloud.
Easier to manage, especially with powershell scripts, because you do things locally.
There's no other advantage then simplifying exchange management. |
'People who think they know everything are a great annoyance to those of us who do. '
Quote by Isaac Asimov
|
|
|
|
NMDANGE
Honorable But Hopeless Addict
USA
2054 Posts
Status: offline |
Posted - 07/28/2012 : 10:49:25 AM
|
The basic outline goes like this:
Sign up for Office 365
Install/Configure ADFS for single sign on, so users on Office 365 use your on-premise Active Directory for authentication
Install/Configure Directory Synchronization to synchronize your on-premise Active Directory data (minus passwords) to Office 365
Run Exchange 2010 Hybrid Configuration Wizard to set up mailflow, calendar sharing, etc
Move Mailboxes to Exchange Online
More information here: http://help.outlook.com/en-us/140/ff633682.aspx
Once you are signed up for Office 365, the admin center has lots of helpful links.
Lync on-premise integration with Exchange Online: http://technet.microsoft.com/en-us/library/hh533880.aspx and http://technet.microsoft.com/en-us/library/gg398968.aspx
Setting up ADFS is the biggest hurdle, in my opinion. |
Michael D'Angelo
(former)MVP-MIIS, Pace University Senior Systems Administrator (Windows)
(MS)NMDANGE
PhoeniX WorX Systems Administrator. If you play Total Annihilation, please join us. http://www.phoenixworx.org |
|
|
|
wobble_wobble
Honorable But Hopeless Addict
Ireland
4517 Posts
Status: offline |
Posted - 07/28/2012 : 11:37:11 AM
|
quote:
Originally posted by NMDANGE
Setting up ADFS is the biggest hurdle, in my opinion.
Yes. |
Joe
After everything that has happened during the month of Jan 07, I do believe that pigs fly backwards!
http://whatismyv6.com/ |
|
|
|
Pesos
Honorable But Hopeless Addict
USA
3506 Posts
Status: offline |
Posted - 07/28/2012 : 11:42:32 AM
|
| Wish you could just get a cloud VM with the same amount of storage for that price and run your own mailbox server(s) - would avoid all the SSO headache! |
-Wes |
|
|
|
Jazzy
Administrator
Netherlands
1932 Posts
Status: offline |
Posted - 07/28/2012 : 3:09:37 PM
|
SSO and directory sync is a bit complicated, but really not that hard. If you're familiar with publishing SSL services, certificates and DNS then it's no rocket science. It does require proper planning and has some pitfalls, but nothing you can't prepare and test in a test environment first. And the current documentation is pretty good, walks you through each step.
quote:
Originally posted by Playwell
As I understood Hybrid makes sense because you'd handle all the exchange stuff on primeses, in stead of connecting to the cloud.
Easier to manage, especially with powershell scripts, because you do things locally.
There's no other advantage then simplifying exchange management.
Not really. Hybrid is for either full coexistence and rich user experience during the migration period or for long term coexistence. For example a customer of mine, had 3500 mailboxes on-premises. Bought licenses and stuff, hardware and made regular backups. Now the business decided that 5500 other employees should have a small mailbox too, no backup required and the onle web based access.
For this customer we made a business case for two options:
- Upscale the current environment to host 9000 mailboxes
- Configure a hybrid deployment and deploy 5500 new mailboxes in the cloud
The 2nd option proved to be cheaper and meeted all requirements. The hybrid deployment here makes that both internal and cloud users can share free/busy, mailtips, multi mailbox search, secure mailflow between cloud and on-premises, etc. Provisioning, AD accounts and password resets stay maintained on-premises for all 9000 users.
Key is to make a business case. For example, when you need Exchange UM and find that it doesn't exist in the cloud then it's not an option for you. Hybrid deployment doesn't fix that unfortunately. |
Jetze Mellema
Exchange specialist
Former MVP (2005-2012)
My blog: http://jetzemellema.blogspot.com (Dutch)
My company: http://www.imara-ict.nl/ |
Edited by - Jazzy on 07/28/2012 3:11:04 PM |
|
|
|
Pesos
Honorable But Hopeless Addict
USA
3506 Posts
Status: offline |
Posted - 07/28/2012 : 3:18:23 PM
|
| Exactly, UM is another important piece. I was under the impression that you can do UM in the cloud though, however a cloud mailbox has to have its UM in the cloud, and an on-prem mailbox has to have UM on-prem? |
-Wes |
|
|
|
Jazzy
Administrator
Netherlands
1932 Posts
Status: offline |
|
|
NMDANGE
Honorable But Hopeless Addict
USA
2054 Posts
Status: offline |
Posted - 07/28/2012 : 10:42:25 PM
|
| UM in the cloud does require the E3 plan, it's not available in E1 or E2. |
Michael D'Angelo
(former)MVP-MIIS, Pace University Senior Systems Administrator (Windows)
(MS)NMDANGE
PhoeniX WorX Systems Administrator. If you play Total Annihilation, please join us. http://www.phoenixworx.org |
|
|
|
Pesos
Honorable But Hopeless Addict
USA
3506 Posts
Status: offline |
Posted - 08/20/2012 : 6:09:19 PM
|
| Curious, is the configuration for Exchange Online Archiving less complex? It seems like it might be a good compromise... |
-Wes |
|
|
|
clarinathan
Moderator
United Kingdom
4894 Posts
Status: offline |
Posted - 09/04/2012 : 12:22:53 PM
|
Hi,
So just to pick up a few things, once your mailbox is in the cloud you can do UM in the cloud with Lync on prem.
You would be requiring the E3 plan.
Exchange Online Archive requires the hybrid setup to be in place.
All in all, Lync with Voice in the cloud will develop over time. Generally though getting email into Office 365 makes a lot of sense for many companies and to be honest although there is some complexity it is getting more straightforward in 2013 and even with 2010 once you understand the components it is relatively straightforward to get this up and running.
Cheers
Nathan |
Nathan Winters - [MSFT] - Exchange Technical Specialist
Checkout my blog:
http://www.nathanwinters.co.uk |
|
|
|
Pesos
Honorable But Hopeless Addict
USA
3506 Posts
Status: offline |
Posted - 11/23/2012 : 5:51:27 PM
|
Hi guys, I went ahead and created a hybrid deployment to prep and test having archive mailboxes in the cloud (just archives, no user mailboxes or mail flow).
ADFS wasn't that bad, but the entire process is REALLY poorly documented with a ton of links going to either outdated information or nowhere at all - or documentation saying it's going to cover one thing (limited deployment) and instead covering another (full deployment). Sure hope MS cleans this up for the next wave.
So I have the hybrid deployment configured, an archiving license attached to the synched user in the o365 portal, and was able to add the remote hosted archive to my test user in the EMC. When I open outlook, the archive box appears but when I try to expand it, it errors out saying exchange is not available. I also get a credential prompt eventually despite SSO being configured (and working when I test via signing into the o365 portal). OWA is not showing the archive box at all.
Support is telling me I have to wait 2 hours for the provisioning to occur and is supposedly going to call me back in 2 hours to continue testing. I think this is BS, but we'll see.
Do you guys see this kind of provisioning delay typically? With SSO configured, am I wrong in assuming that the user should not be prompted to authenticate upon opening Outlook? if they are, that's not really SSO is it? I mean, unless "single" means something different in Redmond? |
-Wes |
|
|
|
wobble_wobble
Honorable But Hopeless Addict
Ireland
4517 Posts
Status: offline |
Posted - 11/23/2012 : 6:32:48 PM
|
I have to say MS O365 support has being good.
the 2 hours thing is possible as we don't know the architecture at the far end, and it may be polling at 90 minutes +30. |
Joe
After everything that has happened during the month of Jan 07, I do believe that pigs fly backwards!
http://whatismyv6.com/ |
|
|
|
Pesos
Honorable But Hopeless Addict
USA
3506 Posts
Status: offline |
Posted - 11/23/2012 : 6:54:12 PM
|
| I have found the FOPE side to be pretty good - the federation side not so much (at least based on this one experience). 7 minutes left - think they will call me back by then? :-) |
-Wes |
|
|
|
Pesos
Honorable But Hopeless Addict
USA
3506 Posts
Status: offline |
Posted - 11/23/2012 : 7:35:27 PM
|
Progress! The archive works in Outlook... but still does not appear at all in OWA.
Of course support didn't call me back - I waited an extra 15 and called them back, and 20 minutes later they are still trying to get me routed to the proper people... :-/ |
-Wes |
|
|
|
Pesos
Honorable But Hopeless Addict
USA
3506 Posts
Status: offline |
Posted - 11/23/2012 : 8:40:42 PM
|
| "There really isn't anyone available to look at this until Monday." Win! |
-Wes |
|
|
|
wobble_wobble
Honorable But Hopeless Addict
Ireland
4517 Posts
Status: offline |
Posted - 11/24/2012 : 02:46:19 AM
|
PIA
Curious about Monday! |
Joe
After everything that has happened during the month of Jan 07, I do believe that pigs fly backwards!
http://whatismyv6.com/ |
|
|
|
Pesos
Honorable But Hopeless Addict
USA
3506 Posts
Status: offline |
Posted - 11/24/2012 : 11:13:56 AM
|
| Just like the earlier test account, the account stops working altogether after a while. Can't log into owa it create new auto discover profiles... But existing outlook profiles work... |
-Wes |
|
|
|
Pesos
Honorable But Hopeless Addict
USA
3506 Posts
Status: offline |
Posted - 11/27/2012 : 02:44:06 AM
|
| Got an email with a couple of powershell cmdlets to try (sent to the wrong address until I reached out to them). The cmdlets were useless. They also sent an article about setting up autodiscover (thanks guys autodiscover has been working fine for 4 years). No further response via phone or email all day. Incredibly unimpressed. |
-Wes |
|
|
|
Pesos
Honorable But Hopeless Addict
USA
3506 Posts
Status: offline |
Posted - 11/28/2012 : 2:20:34 PM
|
and the beat goes on:
This is J'son Cable with Microsoft Online Services Technical Support. This is a follow up to your service request ***** titled " Unable to view remote online archive from local Exchange OWA."
I apologize for not getting right back to you but right after I e-mailed you I went to lunch. When I got back I saw that you responded and that the Consult about this issue was updated. They have requested that we send this issue to a team that is more versed in this issue. Please allow them up to 24 hours for them to contact you as they need to go over the case and take a look at your account setup and information. I apologize for the delay this is causing your testing for your organization.
Thank you for contacting the Microsoft Online Services Technical Support. |
-Wes |
Edited by - Pesos on 11/28/2012 2:20:48 PM |
|
|
|
JSCLMEDAVE
Administrator
USA
6116 Posts
Status: online |
Posted - 11/28/2012 : 2:26:02 PM
|
| Where is the support located? |
Tim-
“This too shall pass" |
|
|
|
Pesos
Honorable But Hopeless Addict
USA
3506 Posts
Status: offline |
Posted - 11/28/2012 : 2:26:28 PM
|
| US, various cities so far. I've been bounced around a LOT. |
-Wes |
|
|
|
JSCLMEDAVE
Administrator
USA
6116 Posts
Status: online |
Posted - 11/28/2012 : 2:44:12 PM
|
| I am not sure if the the guys here at Las Colinas handle this or not, but if so, I could try to pass on this link in hopes that your ticket gets bumped up. |
Tim-
“This too shall pass" |
|
|
|
Pesos
Honorable But Hopeless Addict
USA
3506 Posts
Status: offline |
Posted - 11/28/2012 : 2:46:45 PM
|
| I understand it's not going to happen overnight, but to be nearly a week in and still not have even talked to anyone remotely close to having a clue how to handle this is ridonkulous! |
-Wes |
|
|
|
JSCLMEDAVE
Administrator
USA
6116 Posts
Status: online |
Posted - 11/28/2012 : 3:27:22 PM
|
| Agreed! Call them back with your ticket number and get it escalated. "My person in the know" said there is no way we can give anyone there a heads up since it is so regulated. He said you will have to call in to put a fire under their feet. Sorry I could not help out more... |
Tim-
“This too shall pass" |
|
|
|
Pesos
Honorable But Hopeless Addict
USA
3506 Posts
Status: offline |
Posted - 12/02/2012 : 4:31:36 PM
|
| How does one get it escalated? I've asked multiple times. It's absurd. Radio silence for days now. |
-Wes |
|
|
|
JSCLMEDAVE
Administrator
USA
6116 Posts
Status: online |
Posted - 12/02/2012 : 4:54:55 PM
|
| Wes, I honestly have not head of anyone having this much trouble with their support. If I get anything I will post here. |
Tim-
“This too shall pass" |
|
|
|
Pesos
Honorable But Hopeless Addict
USA
3506 Posts
Status: offline |
Posted - 12/02/2012 : 4:58:19 PM
|
| The normal o365 support has been good, and so have the FOPE guys. But it's pretty clear that most of them are clueless about this federation/hybrid stuff. Haven't talked to a single person that has any idea what they are talking about yet. |
-Wes |
|
|
|
Topic |
|
Nathan,when will hybrid configs really make sense?
