sharepoint and
play

SHAREPOINT AND OFFICE 365 HYBRID BETTER TOGETHER TODD KLINDT, - PowerPoint PPT Presentation

SHAREPOINT AND OFFICE 365 HYBRID BETTER TOGETHER TODD KLINDT, SHAREPOINT MVP @TODDKLINDT HTTP://WWW.TODDKLINDT.COM WHO IS THIS TODD KLINDT GUY? www.toddklindt.com/blog todd@toddklindt.com


  1. SHAREPOINT AND OFFICE 365 HYBRID BETTER TOGETHER TODD KLINDT, SHAREPOINT MVP @TODDKLINDT HTTP://WWW.TODDKLINDT.COM

  2. WHO IS THIS TODD KLINDT GUY? • • • www.toddklindt.com/blog • todd@toddklindt.com • • • http://www.toddklindt.com/podcast

  3. AGENDA ▪ Why Hybrid? ▪ Authentication ▪ OneDrive (My Sites) ▪ Search ▪ Other stuff ▪ Usefull Tools

  4. WHAT IS HYBRID? • The offspring of two plants or animals of different species or varieties, such as a mule (a hybrid of a donkey and a horse) • Or • Private Clouds and Public Clouds • On-Prem and IaaS • SharePoint Server On-Prem and Office 365 / Azure / SharePoint Online / BobaaS

  5. WHY HYBRID? Why Cloud? Why on-prem? • More Secure? • Not all content makes sense in the cloud Sensitive info, like my SSN • • Gradual move Geographic restrictions • • Save money • Fancy custom code • Easier accessibility • Farm solutions • New Functionality • 3rd party • Extranet situations • Consultants • 1099

  6. BABY STEPS • Develop a plan • Begin with the end in mind • Phased approach is okay • Landscape is changing

  7. AUTHENTICATION • The first step on your hybrid journey • Two options • Azure AD Connect Sync / ADFS / Pass-Through • Third Party • Can move gradually • Users • Technology • Mind your licenses

  8. ACTIVE DIRECTORY CORE CONCEPTS & CONCERNS • FSMO roles, AD DNS, WINS, NETBIOS, etc • Dirty, dirty directories • 2003 (Everyone group) --> 2008 (Authenticated Users group) • IsCriticalSystemObject objects not synced (like Domain Users) • UPN issues around migration • Schema extensions

  9. SAME SIGN ON SCENARIO

  10. SINGLE SIGN ON SCENARIO

  11. PASS-THROUGH AUTH

  12. NOW WHAT?

  13. MYSITES / ONEDRIVE FOR BUSINESS • Users • Used to use fun tools like Dropbox • Used to being able to access content on multiple devices • Used to being able to access content anywhere • IT wants • To meet security standards • Control costs • Control governance • Keep using SharePoint, it’s the coolest!

  14. MYSITES / ONEDRIVE FOR BUSINESS • Moves user MySites to OneDrive for Business • You get 1 TB! And you get 1 TB! • Requirements • SharePoint Online • SharePoint 2013 SP1 or 2016 • Sync up your authentication • Configure on prem to point to Online • Create an audience • Control experience

  15. ONEDRIVE FOR BUSINESS CLIENT • User familiarity • Provides offline sync in Windows and Mac • Provides access and functionality with devices • Same client as OneDrive Consumer

  16. SYNC LIMITATIONS • Illegal characters - <, >, :, ", |, ?, *, /, \ • 30 Million documents each library • Performance drops after 100,000 files • Filename less 400 characters • File size limit 15 GB • No network drives • IRM requires client 17.3.7294.0108 or later • From KB 3125202

  17. REAL WORLD EXAMPLE 20 Param( [Parameter(Mandatory=$true)] [ValidateNotNullOrEmpty()] [string] $User ) # Add the Active Directory bits and not complain if they're already there Import-Module ActiveDirectory -ErrorAction SilentlyContinue

  18. 21 # Add the Azure Active Directory module Import-Module AzureAD # New way # Import-Module MSOnline # Crappy old way # Define AD group that is synced to AAD and is used for ODFB audience $syncgroupname = "CloudSync" $syncgroup =Get-ADGroup $syncgroupname

  19. 22 # Name of the Azure License to apply $LicensedUser = Get-AzureADUser -ObjectId "licensetemplate@toddklindt.com" $License = New-Object -TypeName Microsoft.Open.AzureAD.Model.AssignedLicense $License.SkuId = $LicensedUser.AssignedLicenses.SkuId $Licenses = New-Object -TypeName Microsoft.Open.AzureAD.Model.AssignedLicenses $Licenses.AddLicenses = $License# Azure AD domain suffix $aadsuffix = (Get-AzureADDomain | Where-Object -Property IsDefault -Value $true -EQ).name # $aadsuffix = “toddklindt . com” # Crappy

  20. 23 # First, add the user to the group Add-ADGroupMember -Identity $syncgroupname -Members $User # Remind them to recompile their SharePoint audience Write-Host "You'll need to recompile your SharePoint audience to reflect the group change"

  21. 24 # Sync up to Azure AD # & $syncclient # Old, crappy way Start-ADSyncSyncCycle # Now tweak the user in Azure AD # First connect # Connect-MsolService # Crappy Connect-AzureAD # Get the user $aaduser = "$user@$aadsuffix"

  22. 25 # Set the user's location. Without that the license will fail Set-AzureADUser -UserPrincipalName $aaduser -UsageLocation "US" # Set-MSOLuser # Crappy # Set the user's license Set-AzureADUserLicense -ObjectId $aaduser -AssignedLicenses $Licenses # Set-MsolUserLicense -UserPrincipalName $aaduser -AddLicenses $license

  23. NEXT STEP

  24. SEARCH • If SharePoint Search isn’t already your corporate search, shame on you! • One-way or Two-way • Or…

  25. CSSA (THE CLOUD SEARCH SERVICE APPLICATION) • Introduced in the August 2015 CU for SharePoint 2013 or 2016 • Combines on-prem Search index and SharePoint Online Search • Not Federation • Search results are not separated • Does not require a Search index on-prem • Allows cloud services to include on-prem content • Getting Comfortable with the new hybrid Cloud Search Service in SharePoint 2013

  26. PROFILE • Each environment has its own Profile • Makes the SharePoint Online Profile the master • Redirects from on-prem server • Custom attributes are tricky

  27. TAXONOMY • Require June 2017 Patch or later • Single Taxonomy that spans on-prem and online • Completely flexible • Shared Masters are online • Pushed on-prem • Daily Timer Job • Source

  28. SITES • Sites link forwards to SharePoint Online • Shows followed sites in both environments • Does not copy existing followed sites in on-prem • Does not copy followed documents • Self-service Site Creation (SharePoint 2013 only, March 2017 PU) • Managed the same way as on-prem • Source

  29. YAMMER • Can move your Social piece into Yammer • Requires SP1 on-prem • Can also use Yammer app • http://technet.microsoft.com/en-us/library/dn270535(v=office.15).aspx

  30. BI • Business Connectivity Services • One-Way Inbound • Two-Way • Full CRUDQ functionality • Duet Enterprise • For SAP • One-Way Inbound • Two-Way (requires Duet Enterprise Online)

  31. ON-PREMISES DATA GATEWAY • Makes your on-prem data available to cloud BI tools • PowerApps, PowerBi, Azure Logic Apps, Flow, Azure Analysis Services • On-prem SQL Databases and SharePoint Lists • Easy to install • No inbound ports, only outbound • Source

  32. ONE-WAY OUTBOUND TOPOLOGY Internet Intranet Microsoft data center Microsoft Office 365 tenant SharePoint Server 2013 Search: One-way outbound Business Connectivity Services: Not supported Duet Enterprise for SharePoint and SAP: Not supported SharePoint Online SharePoint Outbound Local search Site collection Primary Federated Inbound results only web app search results SharePoint Online cannot query SharePoint Server SharePoint Server can query SharePoint Online On-premises SharePoint Server 2013 Enterprise Search portal: Local and remote search results are available SharePoint Online search portal: Local search results are available

  33. ONE-WAY INBOUND TOPOLOGY Internet Intranet Microsoft data center Microsoft Office 365 tenant SharePoint Server 2013 Search: One-way inbound Business Connectivity Services: Supported Duet Enterprise for SharePoint and SAP: Supported SharePoint Online SharePoint Outbound Reverse proxy Federated search Site collection Primary Local search results Inbound results web app only SharePoint Online can query SharePoint Server SharePoint Server cannot query SharePoint Online On-premises SharePoint Server 2013 Enterprise Search portal: Local search results are available SharePoint Online search portal: Local and remote search results are available

  34. TWO-WAY (BIDIRECTIONAL) TOPOLOGY Internet Intranet Microsoft data center Microsoft Office 365 tenant SharePoint Server 2013 Search: Bidirectional Business Connectivity Services: Supported Duet Enterprise for SharePoint and SAP: Supported SharePoint Online SharePoint Outbound Federated search Site collection Primary Federated search Inbound results web app results SharePoint Online can query SharePoint Server SharePoint Server can query SharePoint Online On-premises SharePoint Server 2013 Enterprise Search portal and SharePoint Online search portal: Local and remote search results are available. If extranet authentication services are configured, extranet users can log in remotely through an on-premises Active Directory account and use all available hybrid functionality.

  35. SOUNDS COMPLICATED!

  36. HYBRID PICKER • Makes Hybrid Easy! (er) • Installs or configures • OneDrive • User Profiles • App Launcher • Auditing • Search • Taxonomy • Needs the SharePoint 2013 August 2015 CU or later or 2016

  37. THINGS TO CLICK • Plan SharePoint Server hybrid • Implementing Hybrid Scenarios with Office 365 Courseware • Hybrid for SharePoint Server 2013 • SharePoint Cloud Migration Assistant (Public Preview) • Bill Baer’s much better slide deck

  38. QUESTIONS? @TODDKLINDT TODD@TODDKLNIDT.COM WWW.TODDKLINDT.COM/OMAHASPUG

  39. • Microsoft wants to hear from you! • Surveys! Surveys! Surveys! • http://www.toddklindt.com/OneDriveSurvey

Recommend


More recommend