A framework for file migrations to Microsoft 365

One of the major points of confusion and poor execution I still see today is the approach that many take to migrating files to Microsoft 365 and Office 365.

Many years ago I wrote a number of articles about this:

The classic SharePoint migration mistake

SharePoint Online – Pilers and Filers

SharePoint Online migration – Start up is key

and all of that is still valid and I recommend you read it, however the technology has moved on somewhat and it is now perhaps time for an update.

What I’ll cover here is a framework for migrating on premises data, typically on file servers in network shares, into the collaboration tools in Microsoft 365. And that’s the first point. You need to look at this across all the services Microsoft 365 provides you today. Not just SharePoint. Not just OneDrive. And not just Teams. Microsoft provides a range of services that you should consider in this file migration process.

Now many claim that because of all these options it is too complex and therefore you should just dump your data in one place. I can’t tell you how many times I’ve see exactly this, everything from a file server F: drive dumped into a single Document Library in SharePoint. Oh the pain.

image

The secret of success is to have a “system” and not do things randomly without thought. Thus, my framework is shown above. Now let me break down the pieces for you.

image

You firstly start with the source (on the left i.e. a file server drive) and the destinations (on the right, i.e. collaboration services in Microsoft 365).

image

The first step is to filter the source information and remove (yes I said DELETE) stuff that doesn’t make sense to move. Old and duplicate files are example but I have highlighted this in more depth in a previous article:

Data discovery done right

Thus, you should now have less data to move because you have thrown some away. If you haven’t then you are not being serious about this. You should also have a better idea about what data to archive, what is user data, what is common data and so on.

image

With the remaining good data you move (yes, I said move NOT copy) users personal data to their OneDrive. You actually get them to do that so firstly they get familiar with the new environment, they move only what they want to keep and you crowd source this task reducing the workload. We all know that some people will never ‘get around’ to moving their data, so after a suitable time period has elapsed you move it for them. The typically data that is moved in this process is anything on the desktop, home drive or in user profiles.

image

Next, is to identify the common data by function or location and move it to a Microsoft Team. In a typical on premises file server the existing shares you will find data stored in folders like F:\Finance and F:\Administration and so on. These top level shares are most likely going to be the name of the Team and the next level down folders to be the channels inside that Team. In many cases, users may also wish to ‘clean up’ the existing or ‘start fresh’, which is also fine. However, it is relatively easy to find the data that should go into a Microsoft Team and move it there.

image

The next data to move is common data that makes sense living in it’s own dedicated SharePoint Team site. Data that goes into stand alone SharePoint is data that does not require chat and conversations around it, Teams is where that data would live.

The best example here is probably Archive data. This is data the business want to keep ‘just in case’ but won’t be updated by users. Thus, you move the archive data as is, into it’s own designated SharePoint Team site, mark it as read only for everyone so they can use it as a starting point if they need to. The major advantage of moving the archive data to SharePoint is that it is now searchable using the tools in Microsoft 365.

Another good example of a stand alone SharePoint Team site would be an Extranet from which you want external parties to come and download data. Having a stand alone SharePoint Team site makes managing securities much easier.

image

The data that is now left is typically company wide data like policies, procedures, manuals, etc. This is then moved into the traditional ‘Intranet’ using a nice pretty SharePoint Communications Site. This Intranet is available to all and typically used to consume data i.e. get something, read something. New data for this Intranet comes from the output of the individual Microsoft Teams created earlier. For example, imagine the Finance team produces an annual budget. They do this creation inside their own Team and publish the finished result into the Intranet for everyone in the business to consume. I’ve covered this concept in greater detail in a previous article:

The layers of Office 365 collaboration

image

Now you have data all over the place inside Microsoft 365 as many will point out correctly. What’s missing is a consistent method of navigation between all these sources to make it easy for users to navigate. This is where SharePoint Hub Sites come in. You uses this to provide a consistent navigation over the top of all your data. To users this makes it all appear very logical and structured (even perhaps like their old file server) and yet provides the flexibility to be reconfigured at any stage and have those changes automatically applied across the whole structure thanks to SharePoint Hub sites.

image

The final layer is Yammer. This is for company wide communications such as water cooler chat (birthdays, sports, holidays), information on how to better use Microsoft 365, questions about the business, messages from CEO, suggestion boxes, what’s happening with the business or competition, sales, wins and so on.

Like the Intranet, Yammer is designed for corporate wide chat that doesn’t fit into any specific Team (which are arranged by function or location). I have detailed the importance of Yammer in a previous article:

Why Yammer is still relevant

image

Now that you have a linear framework that builds on top of itself, hopefully you have a better picture of where you can put data from a file server into Microsoft 365. Having a framework is great but more importantly is how to get users to also adapt to working in this way. My approach is to start with Yammer and OneDrive first as I have detailed previously:

Focus on the ‘Me’ services first

In short, if users get used to working with just files using OneDrive and then with just chat in Yammer, they will find it much easier to then move to Teams which is effectively files and chat combined. This thinking stems from:

The rule of three

I advocate to not over load people. This is because you need to:

Stop making your users feel stupid

You can have the greatest technology in the world but if no one uses it then it is pretty much wasted. that’s what I see with Microsoft 365. Not enough through and time is devoted to adoption and transformation. Most migrations are done as fast as possible to ‘close the ticket’ and move onto the next. The fallacy of that rushed approach is evident in failed adoption and user frustration.

So there you have it, a framework for migration of file data into the world of Microsoft 365. You can use this framework in whatever way makes sense to you. You can use all of it, none of it or as a basis for your own approach. However, the key message is to HAVE a process rather than something random. Remember, moving to a world of collaboration from a world of storage requires transformation not just migration!

Once you have the top level framework or process, you can then start developing individual frameworks and adoption processes for each piece. That is, one for OneDrive, one for Teams, One for Yammer and so on. Once you have these processes, next you can start automating them to improve reliability and allow you to scale. Without a system you can’t automate. Without automation your effectiveness and profitability continue to fall, so investing the time in a collaborate system is definitely worthwhile. It makes users happier and it makes IT more profitable! A win – win. That is what a move to Microsoft 365 should be all about!

Microsoft Cloud URLs

apple-desk-internet-209151

I’ve started to put together a list of unique URL’s from Microsoft Cloud services such as Azure and Microsoft 365. Typically you navigate to individual services inside the main portal. However, this file I am maintaining on my Office 365 GitHub repository:

https://github.com/directorcia/Office365/blob/master/urls.txt

has a direct link to the services so you can navigate there directly.

I’ll keep adding to these over time, so ensure you check back regularly. if you know any URL’s you reckon should be included, let me know and I’ll add them.

Need to Know podcast–Episode 206

A short sharp episode focusing on the latest news and updates from Microsoft Build. Brenton and I cover off all the Microsoft Cloud news, good and bad as there is unfortunately some bad news to report in recent experiences with Azure. However, there is also lots of good news about updates to your favourite services. Tune in and give us your feedback.

This episode was recorded using Microsoft Teams

Take a listen and let us know what you think – feedback@needtoknow.cloud

You can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-206-ghost-in-the-machine/

Subscribe via iTunes at:

https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2

The podcast is also available on Stitcher at:

http://www.stitcher.com/podcast/ciaops/need-to-know-podcast?refid=stpr

Don’t forget to give the show a rating as well as send us any feedback or suggestions you may have for the show.

Resources

@contactbrenton

@directoria

CIAOPS Patron program

Azure cheat sheet

Azure global outage

What’s new in Microsoft 365 user management

New people centered experiences in Microsoft 365

Microsoft Edge – All the news from Build

Minimize distractions and stay focused with AI powered updates in Microsoft 365

Script to disable direct Shared Mailbox logins

A while back I spoke about

The Insecurity of Shared Mailboxes

and how that even though they have an Azure AD Account they should have their logins disabled and access rights ONLY provided via the mailbox.

To make things easier for people I have now created a script that will allow you to view and potentially disable the direct logins for all your shared mailboxes to make them more secure.

image

The scripts requires that you are already connected to both Exchange Online and Azure AD.

At the top of the script, you’ll find a variable called $secure. If that is set to $false then no changes will be made to your environment, you’ll just get a report like shown above. Shared mailboxes that have direct login enabled will be displayed in red.

image

Now, if you change the variable $secure to $true then any shared mailbox that is currently enabled for direct connection will have that ability disabled. The output will display two lines for each mailbox that has direct access enabled. The first line indicates that direct logins are enabled and then the second line will show that has now been secured. In this scenario, all that is happening is that the shared mailbox identity is simply being blocked as I outlined in my earlier article.

image

 The last possibility is that the shared mailboxes direct logins have already been disabled, and in this case the results of the script should simply show that result in green.

In summary then, you can run this script with the variable $secure set to $false to just display the direct login condition of your shared mailboxes. You can run this script with $secure set to $true and then not only will the direct login condition of the shared mailboxes be reported but they will all then be blocked for direct login.

You will find this script in my GitHub Office 365 repository at:

https://github.com/directorcia/Office365/blob/master/o365-exo-sharedblock.ps1

CIAOPS Techwerks 6–Sydney June 6

bw-car-vehicle

CIAOPS Techwerks move to Sydney in June on Thursday the 6th. The course is limited to 15 people and you can now sign up and reserve your place. To do this just email me (director@ciaops.com) and I’ll add you to the list.

The content of these events is driven by the attendees. That means we cover exactly what people want to see and focus on doing hands on, real world scenarios. Attendees can vote on topics they’d like to see covered prior to the day and we continue to target exactly what the small group of attendees wants to see. Thus, this is an excellent way to get really deep into the technology and have all the questions you’ve been dying to know answered. Typically, the event produces a number of best practice take aways for each attendee. So far, the greatest votes are for deeper dives into Intune, security and PowerShell configuration and scripts, however that isn’t finalised until the day.

Recent testimonial – “I just wanted to say a big thank you to Robert for the Brisbane Techworks day. It is such a good format with each attendee asking what matters them and the whole interactive nature of the day. So much better than death by PowerPoint.” – Mike H.

The cost to attend is:

Patron level Price inc GST
Gold Enterprise Free
Gold $ 33
Silver $ 99
Bronze $ 176
Non Patron $ 399

The CIAOPS Techwerks events are run regularly in major Australian capital cities, so if you can’t make this one or you aren’t in Sydney on that date, stay tuned for more details and announcements soon. If you are interested in signing up please contact me via emails (director@ciaops.com) and I can let you know all the details as well as answer any questions you may have about the event.

I hope to see you there.