Friday 27 March 2015

The world of a SharePoint professional is about to change

SharePoint IT generally involved a great deal of infrastructure and server specification, build and test. This can be very time consuming, and it was my experience that from the first requirements gathering to build would often take months. My own way of working was to create a virtual machine of SharePoint and work with the client early on, to provide Agile designing.

 But over time this caused its own problems. My virtual machines would generally not use AD, they would have a express database, and I would use the some server admin account to run all of the Server Accounts, making for a less than robust account. So over time I would use a better VM provided with AD, DNS, and SQL, but this itself became something of a project. I could copy the boxes over but to build them in client environments was not a full dev box task. From an initial requirements gathering to a running system kept taking months.

 The best way was to get a company that already had SharePoint and then start doing the requirements gathering, but this meant that the organization had to commit to SharePoint before really knowing what the use case would be, not very likely. Office 365 solves these problems nicely. You can get the client a demo site with 25 to 250 users in a matter of hours or days at the most and be working in a preparation project in the first week. But this does not mean that technical skills are not longer needed, its just that they are moving more to things like connectivity, sync, app development, security and identity management.

 That is why I have included the video above, it is part of one of the new skills every SharePoint IT pro needs now, creating AD FS integration between existing legacy AD on-prom and Azure AD running your SharePoint 2013. Even if you never do this in your job you need to fully understand what is involved and the risks involved. Previously AD was just there, you worked with what you had as a SharePoint expert. But today you need to be more aware of how AD works, and the problems of integrating existing ADs, and all their potential problems, in to the Cloud.

Tuesday 24 March 2015

Office 365 and Domains

n our personal life most of us are more than happy to have email accounts that end in googlemail.com or hotmail.co.uk or apple.com. It actually makes it easier for people to find us, they need to only learn our prefix. The problem is few of us have our names as googlemail accounts, we end up using cute phrases or putting numbers at the end of our names.

 When you get an Office 365 account you get a domain inside of the onmicrosoft.com domains. 

This means if you register something like loveworks as your company name you will get emails and logins that end loveworks.onmicrosfot.com and your emails will be of the form <username>@loveworks.onmicrosoft.com.


Again for a smaller company this might be fine, but for a larger firm or a firm with more established presence on the web you might want to use an existing domain, or register a new domain so your users can got to a URL like loverorks.com rather than loveworks.onmicrosoft.com. This is probably a minimal step for users who are moving to Office 365 and here is the easiest clearest video I have found to do this:

Now say you are an even more mature company with an existing Active Directory on premise and lots of applications running using your Active Directory. You still want to use Office 365 for mail, messaging and collaboration but you want to keep your existing Active Directory and manage your identities on AD. This makes things much more complex. You can sync your identities between the on-prem and Office 365.

I will cover steps to do this in later blog posts.

For now let me say this is something you really need to think about.  If you can live with a separate AD in the cloud and your users have two logins and two passwords to remember its probably best to live with it.  By synching your on-prem AD to Azure AD used by Office 365 you are inviting a lot of work.  If you only have less than 100 employees, or a lot of contract workers who never get in your AD, or no onsite AD then its best to keep everything in the Cloud.

Sync can be great and this is an amazing features of Microsoft, but its worth thinking that millions of people have email addresses in the cloud that they use everyday, without worrying about online sync.  It might be good to start thinking Cloud-First, keeping things off premise as much as possible.