Wednesday, March 30, 2011

Office365 Ignite training – Day 2

So the focus of today’s training was all around Microsoft hosted Exchange. It can get pretty complex for people who want to maintain a hybrid configuration. Unfortunately, it seems that SBS configurations are going to be difficult.

Why? Well, most SMB customers have some very large email boxes. This makes a migration completely to the cloud tricky over Australian broadband links. Don’t forget that the ‘A’ in ADSL stands for asynchronous – meaning the speed up to the Internet is generally MUCH slower than the speed down from the Internet. If the email is going to the cloud (i.e. during a migration) it is going UP at the slower speed. Given gigabyte sized mailboxes this could take quite a while.

The problem is that most of the tools don’t allow you to do a staged migration. You can’t generally nominate which mailboxes you wish to transfer, you can’t pause the migration (you can stop and rerun from where it left off I believe), you can’t elect to prioritize current messages and so on. Thus, if you want to move all the mailboxes totally to the cloud (a la SBS 2011 Essentials) you need to be very mindful of the mailboxes sizes and bandwidth limitations.

If you decide on a hybrid strategy (i.e. Exchange on site sync’ed to hosted Exchange) well you’re in for another whole world of pain. Firstly, this rules out SBS 2011 Essentials as there is no on site Exchange. Secondly, you need to install the Dirsync tool to synchronise your AD user details to the cloud. Problem is Dirsync is currently only a 32 bit app (64 bit is coming) AND isn’t supported on a domain controller. This rules out a network with a single SBS 2008 or SBS 2011 Standard server since they are both 64 bit and domain controllers. Thus, you’ll need another members server in your network (hello SBS 2011 Add on pack) on which to run this. Oh yes, Dirsync doesn’t sync passwords from onsite to the cloud. Shall I go on?

Another option with the hybrid strategy is to use federation services via ADFS v2. Although this does provide more benefits over simple Dirsync (i.e. allows AD security groups to replicate) it again requires client software on a non-member server. Oh yes, it also requires Exchange 2010 on site which rules out SBS 2008 and most existing SBS installs since SBS 2011 Standard (which includes Exchange 2010 onsite) has only just become available.

So it would seem that SBS 2011 Essentials is going to be the only domain controller on which cloud syncing tools will be supported on. However, don’t forget that SBS 2011 Essentials is limited to 25 users in total and doesn’t have an upgrade path to SBS 2011 Standard (which would need another member server anyway if was to sync to the cloud). So you are going to have to think real hard about which Windows Server version to use for clients who want to go Office365. But hey, this is no different from in the past right? This is the reason you are the IT Professional, right? This IS the reason your business and skills are not going away with the cloud! Your clients will still need you to advise them. The question I have however is, do YOU have ‘cloud’ skills? Hmmm…?

Confused and frustrated? Me too. The cloud stuff ain’t going to be easy on SBS networks. It would seem that the path of least resistance and cost is going to be complete mailbox migration to the cloud. However, you’ll need to probably trim the existing mailbox sizes before migration and keep an eye on bandwidth issues. In this case also you aren’t going to need SBS 2011 Standard unless the customer has more than 25 users or a third party on site app.

There are, however, some nice features. Depending on what online license you get, you are entitled to ‘unlimited’ email archiving. There are plenty of powershell commands available to allow you to script and automate processes. Also there is far more granular control over mailboxes and ability to implement retention and archiving policies (depending if your license allows that). You’ll also get Microsoft Forefront security protection on your email which has an improved web interface allowing you to things like white list domains, release trapped emails, troubleshoot issues, and more although we didn’t see that today.

There is still lots of stuff I need to digest, research and check here, especially in light of SBS, which I will do, however I’m now looking forward to the SharePoint stuff tomorrow. Another update tomorrow.