Post on 20-Mar-2017
This is a Sample Template that you can work in without installing the Corporate Design Template
SharePoint Admin in a Hybrid WorldJason Himmelstein, Microsoft MVPOffice 365 Advisory Services Manager@sharepointlhornhttp://www.sharepointlonghorn.com
www.rackspace.comJason HimmelsteinOffice 365 Advisory Services Manager, RackspaceOffice Servers & Services MVP
jase@sharepointlonghorn.comhttp://www.sharepointlonghorn.com@sharepointlhorn
Jason2
DefinitionHistoryChangesTopologiesIdentityConsiderations
Agenda
www.rackspace.comDefinition
www.rackspace.comWhat is hybrid?
www.rackspace.comIs everything really going to the cloud?
www.rackspace.comWhat should go where?
www.rackspace.comHistory
www.rackspace.comHistory lesson
www.rackspace.com
The dark days The mid 90s
www.rackspace.comNT 3.5 brings Server\Workstation modelExchange 5.0 Outlook Web AccessExchange 5.5 Microsoft Outlook
10
Innovation! late 90s
www.rackspace.comExchange 2000 gets rid of its own directory service & starts using Active DirectoryExchange Instant Messenger Service is bornSharePoint is born11
Google it! early 00s
www.rackspace.comSharePoint becomes a real product as Microsoft SharePoint Portal Server 2003 Exchange breaks out Instant Messaging into Office Live Communications ServerExchange added several basic filtering methodsActive Directory adds better Management capabilites12
Age of high speed Internet mid 00s
www.rackspace.comMicrosoft Office SharePoint Server 2007Exchange 2007 shift to 64bit architectureWindows Domains mature: Active Directory Domain Services & Active Directory Federation Services13
Age of enlightenment late 00s early 10s
www.rackspace.comExchange 2010: change to topology (Mailbox Server, Client Access Server (CAS), Unified Messaging Server, Hub Transport Server, Edge Server roles)SharePoint 2010: Introduction of "Service Applications" SOA model & MySitesLync 2010Domain Functional Level 2008 R2: Active Directory Rights Management Services & ActiveDirectory Recycle Bin
Exchange 2013: public folders are now part of mailbox databases and high availability is achieved using Database Availability Groups (DAG).SharePoint 2013: Service Applications & OneDrive (SkyDrive)Lync 2013Domain Functional Level 2012: Virtualize first & A new claims-based authorization platform that enhances, not replaces, the existing model14
15www.rackspace.comThe future is here
www.rackspace.comSharePoint 2016Exchange 2016Windows Server 2016Azure Active Directory15
Changes
www.rackspace.comWhat has changed?
www.rackspace.comIT vs Users
www.rackspace.comWhat has changed?
www.rackspace.comUser Experience first, IT needs second
Features first, Administration second
Users do not care where things live, they just want the tools that they want to do their work with as little impact as possible
20What does this all mean?www.rackspace.com
www.rackspace.comA little bit here, a little bit there
Location of data needs to be invisible to the user
Security concerns are paramount, but Users want one user name & password
The ability to have both onPrem & Cloud solutions is imperative
What does the future look like?
www.rackspace.comHow is it different for small vs large companies?
www.rackspace.comTopologies
www.rackspace.com
Physical Architecture - Small Farm
www.rackspace.comPhysical Architecture - Scaled Farm Architecture
www.rackspace.comPhysical Architecture - Large Farm Architecture
www.rackspace.comSharePoint & Office 365 Coexistence
www.rackspace.comSharePoint & Office 365 Coexistence
www.rackspace.comSharePoint & Office 365 Coexistence
www.rackspace.comSharePoint & Office 365 Coexistence
www.rackspace.comIdentity
www.rackspace.comAzure AD Connect: Your Identity Bridge
SaaS Apps
BoxCitrix ConcurGoToMeetingConcurDocusign
Azure AD Connect(sync + sign on)Active DirectoryLDAP
Other identity storesDropBoxGoogle appsJiveSalesforceServicenowWorkday
Your Custom Apps
User
DeviceCommonSign on
www.rackspace.com
Microsoft Ignite 2015 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.6/30/2016 2:30 PM32
FSMO roles, AD DNS, WINS, NETBIOS, etc
Dirty, dirty directories
2003 (Everyone group) --> 2008 (Authenticated Users group)
IsCriticalSystemObject objects not synced (like Domain Users)
UPN issues around migration
Schema extensions
Active Directory Core Concepts & Concerns
www.rackspace.com
Schema master, Domain naming master, RID master, PDC emulator, Infrastructure master https://support.microsoft.com/en-us/kb/197132
33
ADFS Coexistence
www.rackspace.comConsiderations
www.rackspace.comSharePoint Hybrid Sites and search at a glanceFeatureNon-hybridHybridOneDrive for BusinessOneDrive for Business is available in Office 365 but there is no link to it from SharePoint Server. If you've deployed MySites, users may have a second OneDrive for Business in SharePoint Server.OneDrive links are provided in SharePoint Server which direct users to OneDrive for Business in Office 365.Site followingThe followed sites list in Office 365 tracks followed SharePoint Online sites. If you've deployed MySites, a second followed sites list in SharePoint Server tracks followed SharePoint Server sites.Followed sites from both locations are consolidated in the SharePoint Online followed sites list. SharePoint Server links to the followed sites list redirect users to the SharePoint Online followed sites list.Document followingIf you've deployed MySites, the followed documents list in SharePoint Server tracks followed SharePoint Server documents.Hybrid document following is not available. If you use hybrid OneDrive for Business, the SharePoint Server followed documents list will be hidden from users. (Note that if you configure hybrid search and you have Delve, you can favorite SharePoint Server documents.)ProfilesUsers have separate profiles in SharePoint Server and in Office 365.Profiles exist in both locations, but SharePoint Server links to users' profiles redirect profiles in Office 365.Extensible app launcher (SharePoint Server 2016 only)Users see a different app launcher in Office 365 and in SharePoint Server.There are still separate app launchers, but the SharePoint Server app launcher includes several tiles from Office 365.SearchSeparate search indexes and search centers for SharePoint Server and Office 365. Users must search from SharePoint Server to find items stored there and they must search form Office 365 to find items stored there.Search results between the two locations are combined in one of two ways. Cloud hybrid search crawls on-premises content and indexes it in the search index in Office 365. Users can search the Office 365 index from either location. Hybrid federated search combines search results from each search index in a single search center.
Referenced from https://support.office.com/en-us/article/SharePoint-hybrid-sites-and-search-5ff7e56a-7af2-4511-adec-1e043afe244e?ui=en-US&rs=en-US&ad=US
www.rackspace.comSeveral hybrid features are bundled together to help ease deployment. The two feature bundles are:Hybrid OneDrive for BusinessHybrid sites features
The following table shows which hybrid features are included with each option.
Hybrid Sites features and OneDrive for BusinessFeatureHybrid OneDrive for BusinessHybrid sites featuresOneDrive for BusinessXXSite followingXProfilesXXExtensible app launcherX
Referenced from https://support.office.com/en-us/article/SharePoint-hybrid-sites-and-search-5ff7e56a-7af2-4511-adec-1e043afe244e?ui=en-US&rs=en-US&ad=US
www.rackspace.comPlan, Plan, Plan, Plan and then
Follow the Principle of Least Privilege
SharePoint onPrem installationsPLAN SOME MORE!SharePoint ServicesSQL Servicessp_installsql_serversp_farmsql_serverAgentsp_webappsql_olapservicesp_serviceappssql_reportserversp_searchsql_dtsserversp_userprofilesp_superusersp_superreader
www.rackspace.comExchange Co-Existence
www.rackspace.comQ & A
www.rackspace.com
Blog: www.sharepointlonghorn.com
Twitter: @sharepointlhorn
LinkedIn: www.linkedin.com/in/jasonhimmelstein
SlideShare: http://www.slideshare.net/jasonhimmelstein
Email: jase@sharepointlonghorn.com
Contact me
www.rackspace.com