Skill up or fade away. It’s that simple

100_0411

One of the most common flaws I see with resellers and their cloud strategy is that they themselves simply don’t use the solutions they are attempting to sell their customers. That firstly limits their opportunities, secondly it limits their revenue and thirdly is raises questions in the clients mind (rightly or wrongly) as to whether they really know IT.

Let’s take Office 365 for example. Here SharePoint is clearly one of the most important pieces of the solution. SharePoint has been around since before 2000 and has been included will all versions of Small Business Server since 2003. Yet, most resellers literally have zero knowledge on the product. This lack of knowledge is exposed when they try and implement a product like Office 365 because SharePoint Teams Sites and OneDrive for Business are central to the Office 365 storage solution.

To truly understand a product like Office 365 you need to use it and use it as part of your business, every day. This of course means making an investment in learning and directly implementing the product. Yes, there may be other industry solutions out there that can solve a business need but can you re-bundle that specific product knowledge and sell it to clients? You can with SharePoint, Yammer, Skype for Business and so on.

Even if you don’t go the Office 365 route, what about products like Mailchimp, IFTTT, Evernote, Zapier, YouTube, Facebook, Bascamp and so on? The list is endless. Most IT Pros and resellers I come across are still wondering why paper flyers aren’t flooding them with business and are yet to implement social media for themselves. They are using the same technology they have been using for years because they are familiar with it, not because it makes them more productive, simple because it is what is familiar. In today’s exponential technological age that is a very dangerous place to be.

By experiencing the challenges in implementing and developing new solutions for yourself you get a much better understanding of how to craft something that can solves real world business problems, which In the end is what IT pros and resellers should be getting paid for. Simply buying an off the shelf, industry solution may improve your own business but it doesn’t expand any opportunity outside your business does it really? However, using something like SharePoint to solve an internal business challenge has an impact inside and outside the business because SharePoint is a now such a common platform.

Simply maintaining the IT status quo won’t cut it any more, IT pros and resellers have to be able to solve real business needs for their customers. In many cases this means implementing customised solutions, and that means development work. This may even mean some coding! Shock horror! However, the concept of the dominance of software in IT is not new, Marc Andreessen highlighted it back in 2011 when he wrote:

Why Software Is Eating The World

My observation is that this is where most IT Pros and resellers fall down, they don’t have the development skills. Yet a skill is something that can be learned, it is does not have any restrictions that prevents an IT Pro or reseller actually learning it, except in their own minds.

Cloud platforms like Office 365 provide a raft of tools for solving many business problems. However, they are not something that is just installed, they are tools to be used in crafting a solution. It is in this crafting that the real revenue opportunity lies, yet most IT Pros and resellers remain oblivious to this fact. Like the customers they support, they have the tools they need to solve their business challenges and generate additional revenue, yet many choose to ignore them because they are not willing to invest in the skills required. I’m not saying it doesn’t involve effort. I’m not saying it won’t be challenging. What I’m saying is that unless you are aiming to play in the high volume transaction game, you really don’t have any choice any more.

Therefore, because IT Pros and resellers are not skilling up on the platforms they are selling, their customers are using and discovering these same resources for themselves and building the required skills independent of their IT Pro or reseller. This is therefore fast relegating the IT Pro and resellers to work that is easily commoditised or automated, which in the end spells redundancy for them. Don’t believe in the ‘Uberisation’ of IT? Not doing so would be another fatal mistake.

Let me use you my own example here. Many IT Pros and resellers scoff at me when I tell then I use a spreadsheet to run the finances of my business, however that is because they assume that I’m using a spreadsheet in the same rudimentary manner they would (probably just summing up cells). They have no comprehension of the sophistication and automation that I have built into my financial spreadsheets. They have no comprehension of the advanced skills training that provides me in a product that is probably on the desktop of every business user. Those skills therefore give me the confidence, experience and opportunity to provide a raft of Excel services to customers for which I generate revenue. Sure, I could use an off the shelf accounting package but the opportunity benefits I deride from using Excel to an advanced level far outweigh and cost saving an accounting package may provide.

What you can achieve with Excel along is mind blowing but let me ask you, do you use Pivot Tables? Named ranges? Table lookups? Macros? I have found few who do and that’s therefore the opportunity I’ve identified I can fill and make money in the process. Now extend that opportunity out to products like SharePoint, Yammer, Power BI, Skype for Business and so on. The more I use each of these, the more I learn, the more I improve the way I do business but critically the more opportunity I have to resell those skills. Don’t even get me started on the Azure opportunities IT Pros and resellers are missing out on.

Most IT Pros and resellers have free access to all the products they provides to customers internally but yet few ever embrace them, yet alone implement them. In today’s fast paced markets this allows customers to surpass those who are supposed to know and once that happens, why do you need IT Pros and resellers? Simple, you don’t, and that’s what I see happening today.

Use it or lose it should be your mantra if you are an IT Pro or reseller. Skill up or fade away. It’s that simple.

Setting Partner of record in Office 365

A little while ago I wrote a post on how to set the partner of record in Office 365.

Since then, the Office 365 billing interface has changed so here’s an updated tutorial on how to set the partner of record in Office 365 tenant.

image

You’ll firstly need to login to the Office 365 web portal as an administrator with the appropriate rights.

Once you have logged onto the web console navigate to the Office 365 admin center using the app launcher. Towards the middle of this menu you will find a heading Billing which you will need to expand.

image

Below the Billing heading you should find an option Subscriptions which you need to select.

image

Now what actually appears here depends on what licenses you have in the Office 365 tenant but at first glance of the above screen shot the location to enter your partner of record is no very obvious. You may see a link in the lower right but in this case you don’t see anything.

image

You need to select the More Actions pull down in the top left as shown above. When you do this a menu will appear.

image

In this menu option you will find the option Add partner of record.

image

Selecting this will slide an options screen from the right hand side of the page as shown above.

image

You can then enter you Microsoft Partner ID in that field and select the Check ID button.

if you have completed all the partner pre-requisites you should see that your organisation has been located and is displayed in all green indicating everything is good.

You now need to go to the bottom of this slide and Save the changes and apply that partner to this tenant.

image

When you do that, administrators in the tenant will be sent a confirmation email like that shown above indicating that a new partner of record has been set.

Remember, what you see in the subscriptions area may vary depending on what licenses have been added to the tenant. Some licenses don’t support partner of record (i.e. Open). However, hopefully this makes it easy for you to set partner of record on those subscriptions that support it so you can start receiving commissions.

September Ask Us Webinar

image

My free Cloud Business Blueprint Ask US Webinar is scheduled for Thursday the 17th of September at 12.30pm Sydney Australia time. You can register at:

http://www.cloudbusinessblueprint.com/ask-weekly-webinar

In the webinar I give you an update on the state of play in the cloud and particularly what’s happening in the Office 365 and Microsoft world and then I throw open the floor for questions.

Last month there were some great questions around the different Office 365 plans and Windows 10 integration. The best part of the webinar is that, in most cases, I can demo or show the solution directly on the screen so everyone can see exactly. That can be really handy if you have been struggling to find how to do something.

The other good things for Cloud Business Blueprint Community members is that the webinars are recorded and available on demand inside the Cloud Business Blueprint forums. The webinars are free for anyone to attend live but to gain access to an on demand recording you’ll need to join me in the Cloud Business Blueprint Community.

We run these events every month and welcome any questions you have. If you can’t make it on the day feel free to ship through any questions to info@cloudbusinessblueprint.com or just leave a comment on this article.

I hope to see you at the event.

Using the SharePoint Online Term Store

One of the benefits that SharePoint provides is the ability to ‘tag’ information using metadata. This can greatly reduce the structure you use, especially when it comes to documents. Thus, instead of creating a deep and complex folder structure you use metadata to tag the files into the same categories as you would typically use for folders. Doing so make navigation and searching much easier.

The easiest way to achieve this to simply add a column to the location in a SharePoint site as the above video of mine demonstrates.

The draw back to this is that column is only available in that SharePoint item, it can’t be used in other lists and libraries.

The next option is to create a Site Column, which is exactly the same as an individual list column EXCEPT it can be used anywhere throughout the whole SharePoint site. I’ll cover that in another blog because I want to focus on a solution that is even more available and powerful than Site Columns.

image

The Term Store provides you the ability to have nested metadata fields across every SharePoint Site you are using. As you can see from the above screen shot, the Term Store is not just a one dimensional list like an added column is, it is hierarchical.

image

You get to the Term Store but logging into the Office 365 web portal as an administrator and then navigating to the SharePoint admin center. Then, from the menu on the left, you should see a option term store. When you select that, you should see the screen shown above.

Like many things in Office 365 no user has the ability to edit the Term Store, so the first thing you need to do is add your user details to the Term Store Administrators box in the lower right of the screen and save the changes.

image

If you don’t do that then you won’t be able to edit or add to the Term Store. You know you are able to do this when you hover over an entry and a small down arrow appears to the right. Selecting that arrow will then reveal a menu like that shown above.

The example that I’ll user here is creating a standard taxonomy (i.e. metadata structure) to cover locations (i.e. countries, states, cities, etc).

image

At the very top level of your Term Store, select the down arrow and from the menu that appears select New Group.

image

That will create a folder at the bottom of your. In this case give it the name, Locations.

image

Select the arrow to the right of this and then New Term Set from the menu that is displayed as shown above.

image

In this case I will call the New Term Store Country.

image

Keep repeating this process to build out the taxonomy (i.e. tagging structure you desire).

image

Now go into a item in SharePoint, in this case a Document Library. Add a column and when asked for the Column type select Managed Metadata at the bottom of the list of options, as shown above.

image 

Scroll down the page and locate the Term Set Settings area. You should now see the hierarchy you saw in the SharePoint admin center.

You can now expand the structure and locate the term to select the place to start the selections for that field from. Here I have selected Australia so I get all the states below this only.

image

Now if you edit the properties of an item in that list you will see the new field and a tag icon to the right indicating that it is using managed metadata.

image

This is where it gets cool. If I type n.s.w. in it gets rejected. Although n.s.w. is ‘correct’ as value for the state it isn’t in the format we defined in our taxonomy, so it is unacceptable. This can ensure that the data that is entered into SharePoint is consistent.

image

If I however start typing the name of a state I am automatically prompted with the correct value. I just need to click on the suggested entry to complete.

image

Alternatively, if I select the two tags to the right of the selection field I am given a view of my hierarchy from the initial location I selected previously when creating the column.

Again, all I need to is select the option I want from the list.

image

Now you’ll see the file has been tagged appropriately for with a location as shown above. I can sort and filter as I normally would on this field inside the SharePoint list.

image

If I now for example change the term from NSW to N.S.W.

image

I see the term has also changed for that document.

Hopefully this article gives you some idea of the power of the SharePoint Term Store and managed metadata. There is so much more you can do with the Term Store than I have been able to show here, so I encourage you to go and do some exploring and see how the Term Store can be used to create flatter and more organised structures in your SharePoint Online environment.

Office 365 Identity options comparisons

image

Office 365 has three basic identity models that you can elect to implement. Each model uses a combination of Azure Active Directory for cloud based identity and Windows Server Active Directory for on-premises identity. The cloud only model for example, only uses Azure Active Directory (AD), while the synchronized identity model combines both Azure AD and Windows Server Active Directory, while the federated model solely uses on premises Windows Active Directory. Each has advantages and disadvantages which we’ll now cover.

image

The most basic identity model is the cloud only identity. This is where a users identity information is managed, maintained and mastered in Office 365. All changes need to be made to user information via the Office 365 admin web portal. The benefit of the cloud only model of identity is that no on-premises equipment or configuration is required and can therefore be accomplished anywhere access to Office 365 is available either via a browser or PowerShell. The disadvantage is that a user may require different credentials to login to their desktop, other cloud services and Office 365. This means, in essence, there is no single sign on (SSO) with the user having to remember the login for each service.

image

The next identity model is what is known as synchronised identity. Here user properties such as name, email address and so on are copied (or synced) from a local directory (typically Windows Active Directory) to Office 365. This is accomplished through the use of synchronisation software which today typically means Azure AD Connect.

image

There have been a number of iterations of this synchronization software which initially started life out as DIRSYNC. The problem with DIRSYNC was that although it could copy user object information it could not copy the users password from on-premises to Office 365. This meant that the password would have to be manually set in Office 365 to match the password on-premises. Thus, with DIRSYNC it was entirely possible for on-premises password to differ from Office 365 which was very confusing for users.

image

The next iteration of the synchronisation software was called Azure AD sync. This included all the features of its predecessor, DIRSYNC, but now incorporated the synchronisation of secure password hashes.

image

This meant that now not only was a users details synchronised from on-premises but so was an encrypted version of their password. With Azure AD sync in place users on-premises password was now automatically replicated in Office 365.

image

The current iteration of the synchronisation software is called Azure AD Connect and brings all the benefits of Azure AD Connect but with additional features to allow things like the integration across multiple Active Directory Forests, integration with other third party directories on premises as well as better integration into the cloud.

The synchronised model copies the users details and password hash to Office 365. It however, is not a bi-directional sync, Azure AD Connect (and the previous synchronisation tools) copies from on-premises to Office 365, over writing anything that may already exist there. They do not copy back from Office 365 to a local directory.

The synchronised model requires synchronisation software to be running on a server in the local network. Best practice is to run this synchronisation software on a member server but Azure AD Connect does support being installed on a domain controller while previous versions of sync tools did not.

See my previous articles on installing the various sync tools:

Azure AD Connect tools – the basicshttps://blog.ciaops.com/2015/07/azure-ad-connect-toolthe-basics.html

Azure AD Sync Services tool – the basicshttps://blog.ciaops.com/2015/06/azure-ad-sync-services-toolthe-basics.html

Windows Azure Active Directory Sync tool (DIRSYNC) – the basicshttps://blog.ciaops.com/2013/10/windows-azure-active-directory-sync.html

image

The final identity model extends on the synchronisation model by adding Active Directory Federation Services (AD FS) to establish a trust between on premises AD and Office 365. This means that when a user requests an Office 365 services, Office 365 queries the local AD via AD FS to confirm the provided user credential. If the local AD confirms the identity a security token is passed back to Office 365 authenticating the user identity so that Office 365 can then allow the user access to the services.

image

A federated identity model requires the installation of an AD FS farm on premises, which is a role available on a Windows Server. This farm must be installed on member servers within the existing network. AD FS also requires third party certificates to be installed and maintained. Also, if the business requires users to roam outside the organisation and continue to access Office 365 it will also need to install a secure AD FS proxy farm to handle these external requests from outside its network.

Thus, if a user inside the network needs access to Office 365 services they are authenticated via the internal AD FS and the local AD. If an external user needs to access Office 365 services they do so via the AD FS proxy, which connects securely to the internal AD FS server and then to the local AD.

The challenge with federated identity is that the local AD, AD FS farm and AD FS proxy farm need to be available at all times to provide authentication. If they aren’t then no user login to Office 365 is possible because Office 365 can’t verify the identity of any users because it can’t access the local AD. Best practice is therefore to install these in a load balanced environment which means multiple servers.

The advantage that federated identity provides is that once users are logged on to their local AD they are not prompted again for separate Office 365 credentials. Because Office 365 has established a trust with the local AD, all Office 365 services are provided by credential pass through. This basically means a user isn’t prompted to access Office 365 because they have already logged into their local AD and Office 365 already trusts this. This provides users with a single sign in (SSO) experience.

Each of the models can easily be incorporated into any Office 365 but the most cost effective solution for environments with an existing AD infrastructure is the synchronised model as it generally does require the additional equipment that the federated model does.

You should therefore select the simplest Office 365 model for your needs. It is also possible to change between the models if required but getting it right up front can save a lot of extra configuration down the track. So plan your Office 365 identity requirements early and provide the best login experience for your users.