ENow Exchange & Office 365 Solutions Engine Blog (ESE)

Using (selective) authentication per (sub)domain in Office 365

Posted by Michael Van Horenbeeck on May 27, 2015 4:53:43 PM

Office 365 allows for various authentication mechanisms, which includes federated authentication through Active Directory Federation Services. Federated authentication in Office 365 is configured per domain. However, if you register multiple subdomains in your Office 365 tenant, those subdomains will automatically inherit the authentication settings from the parent domain IF you registered the subdomains in the tenant after the parent domain.

For instance, if you have added child1.domain.com and child2.domain.com after registering domain.com, both subdomains will be converted to use federated authentication if you convert the parent domain.

Read More

Topics: Office 365, ADFS, Registering subdomains, Office 365 authentication, Selective authentication

3 Experts Weigh in on The Top Exchange Moments From Ignite

Posted by Joel Brda on May 19, 2015 12:23:00 PM

Your Hosts:

Michael Van Horenbeeck
Michael Van Horenbeeck
Tony Redmond
Tony Redmond
Jeff Guillet
Jeff Guillet

Topping 1,100 sessions and drawing in more than 23,000 attendees, Microsoft Ignite was a whirlwind of a week. Among the hundreds of sessions related to Azure, Office 365, Exchange, Windows, and many other Microsoft products, you might have some difficulty keeping all the information straight.

To recap the most memorable Exchange moments, experts Tony Redmond, Michael Van Hybrid, and Jeff Guillet gathered for The Ignite Debrief (Exchange Version) Podcast that’s now available to view. In this 25-minute podcast, the experts zero in on Exchange to provide their takes on several significant Exchange-related announcements from the conference.

Read More

Topics: Hybrid Deployment, Exchange Reporting & Monitoring, Exchange 2013, Microsoft Exchange

Hybrid Exchange deployments: Highlights from Ignite

Posted by Michael Van Horenbeeck on May 13, 2015 6:11:27 PM

Last week during Microsoft's Ignite conference, I had the pleasure to co-present a session with Timothy Heeney on hybrid Exchange deployments. For those who weren't able to attend Ignite, the recording of that session is available here. During our session, Tim spoke about how Microsoft tests hybrid deployments and the tools it (recently) released to help you troubleshoot hybrid deployments. He also announced some pending changes to the face of the Hybrid Configuration Wizard.

Read More

Topics: Office 365, Exchange Hybrid Deployments, Ignite

Top Exchange and Office 365 Sessions to Attend at Ignite

Posted by Michael Van Horenbeeck on Apr 29, 2015 12:27:00 PM

Ignite, Microsoft's largest technical conference this year, is less than two weeks out. If you haven't started planning your session schedule, now would be a good time to do so.

One thing is for sure: It will be a busy week! With almost 800 sessions covering a variety of technologies, it will be hard to choose what sessions to attend, and you’ll undoubtedly have to make some hard choices. And we all know that choosing means losing...

A nice bonus, however, is that all sessions will be recorded. The recordings should be available online within approximately 48 hours after the session, which will give you a nice alternative to the in-flight entertainment on your way back home!

Read More

Topics: Office 365, Microsoft Exchange

Is a hybrid Exchange deployment the right option for you?

Posted by Michael Van Horenbeeck on Apr 22, 2015 9:47:00 AM

One of the decisions you have to make when moving to Office 365, is to determine how you will move mailboxes. There are various options available which makes it hard to see the forest through the trees. Choosing the right approach is not an easy task. The decision is influenced by many variables like the size of your organization, the impact on your users and IT department or the bandwidth of your internet connection.

Before we address the question of whether or not you should go down the road of a hybrid deployment, let's quickly review the options that are available to you today. Please note that the descriptions below are not intended to cover all aspects of each approach, rather to paint a picture of the current landscape:

  • Cutover migration. As the name implies, this approach is used to 'move' all mailboxes from your on-premises organization to Office 365 at the same time. At least, the switch to Office 365 happens at the same time. Prior to switching to Office 365, mailbox contents are copied to Office 365. Depending on the amount of mailboxes and the size of the mailboxes you are migrating, the copy process can take several days, if not weeks. During that time, your users continue to use their on-premises mailbox. Once the initial copy process has completed, delta synchronizations keep the mailboxes in Office 365 up-to-date with new contents from the on-premises mailboxes until you switch over to using the Office 365-based mailboxes. During the switch over time (also referred to as the cutover), all your users must reconfigure their email clients to point to Office 365 instead the on-premises organization.
Read More

Topics: Hybrid Deployment, Office 365

Which Federation Protocol Should I Use?

Posted by Jim Katoe on Apr 15, 2015 8:37:00 AM

This question comes up frequently when talking to developers in my company. Fortunately MS has a PFE who has blogged on the subject. http://blogs.technet.com/b/askpfeplat/archive/2014/11/03/adfs-deep-dive-comparing-ws-fed-saml-and-oauth-protocols.aspx

This article is fantastic and technically accurate in the details. I highly recommend reading it.  But I disagree with the conclusions he makes at a higher level. I think I can explain that disagreement by examining the PFE’s situation.  Firstly, he wrote this 5 months ago, and the situation changes quickly in federation. Secondly, he works for Microsoft and as a PFE the scenarios he encounters are likely more Microsoft focused than those of us in the “wild”. Thirdly, he is focused on ADFS as his technical area, it is the focus of his blog and he is quite clear on that.  But for those of us using ADFS as a federation infrastructure, many of us are also using Office365 and therefore Azure AD.  So we actually have a secondary federation infrastructure, in Azure AD, available to us. This secondary option changes the landscape by granting us additional federation capabilities because Azure AD iterates more quickly than ADFS. Azure AD supports more types of grant flows in OAuth than ADFS and it supports OpenID Connect.

Read More

Topics: Federation Protocol, ADFS, Federation

CPU Contention and Exchange Virtual Machines

Posted by Andrew Higginbotham on Apr 8, 2015 2:37:00 PM

Overview

Virtualization has been around for a while now & its best practices are well known amongst virtualization experts. Unfortunately, as I’ve seen with many different customers, some guidance isn’t followed or taken as seriously as it should. This can be the case when someone who isn’t a virtualization specialist (maybe an Exchange admin or an IT generalist) is tasked with managing a virtual infrastructure.

 

There are several areas of sizing & performance that any virtualization admin should become intimately familiar with; CPU, Disk, Memory, HA, DR, etc. Specifically, I’d like to call out CPU sizing & the negative ways it can impact a virtual Exchange deployment when not done correctly.

Background

First off, there are many well-written articles on CPU sizing, most of which are from the VMware perspective:
CPU Overcommitment and Its Impact on SQL Server Performance on VMware
Virtual Machine Performance – CPU Ready
How to successfully Virtualize MS Exchange – Part 1 – CPU Sizing
Hyper-V CPU Scheduling–Part 1

They’re all excellent reading but I’ll summarize for the purposes of this article. In vendor-neutral terminology, on a given host, the total number of assigned processor cores on all of your virtual machines can potentially be greater than the total number of actual cores on the physical host.

Example:
Read More

Topics: Exchange, MSExchange, Exchange Virtualization, Virtualization,, CPU

A Closer Look at the New ActiveSync Redirection Feature in Exchange 2013 CU8

Posted by Michael Van Horenbeeck on Apr 1, 2015 1:08:00 PM

On March 17th, Microsoft released Cumulative Update 8 for Exchange Server 2013. By now, we're all used to the idea that cumulative updates and not only Service Packs have also become a vehicle to introduce new features into Exchange. Hence, it is no surprise that CU8 comes with a bunch of new features and improvements alongside a myriad of bug fixes.

It has been since Cumulative Update 5 that Microsoft introduced new "hybrid" features. So you can imagine how pleased I was to learn that CU8 contained a rather important improvement with regards to hybrid deployments.

Before we dive into the feature itself, let me give some background information on the problem the feature will help to solve. A hybrid deployment is often deployed to allow the so-called "hybrid mailbox moves", sometimes you'll also see them referenced as "MRS moves" or "remote mailbox moves". Regardless of what name you use, in my opinion these mailbox moves offer significant value over other migration methods. The simple reason being that hybrid mailbox moves are more resilient, more flexible and almost transparent to the end user. In a staged- or cutover migration, once a mailbox is moved, Outlook's offline cache (.OST file) has to be recreated. While you might think this is not really a problem, try and imagine how that would feel like for an organization that has limited bandwidth but has several hundred gigabyte worth of mailbox data. In such scenario, if you can avoid having to download the data which you just have 'uploaded' to Office 365, then that is something you would want to look into.

Read More

Topics: Exchange 2013, Active Sync, Microsoft Exchange, CU8, Exchange 2013 CU8

Troubleshooting Exchange Hybrid Deployments Video

Posted by Michael Van Horenbeeck on Mar 25, 2015 2:45:00 PM

In this webinar, Exchange MVP Michael Van Horenbeeck will be discussing the following topics regarding Exchange hybrid deployments:

  • Hybrid Deployment - Architecture Overview
  • Common Issues and Misconceptions
    • Moving Mailboxes: The Good, the Bad the Ugly
    • Keeping ADFS Alive
    • DirSync / AADSync / AADConnect / Password Synchronization
  • Monitoring in a Hybrid Deployment


Click here to download the complete slide deck
Read More

Topics: Hybrid Deployment, Exchange Hybrid Deployments, exchange management, ADFS

How to Migrate Scheduled Tasks from One Server to Another

Posted by Adam Bertram on Mar 18, 2015 11:21:00 AM

With the end of life approaching for Windows Server 2003, a lot of admins are moving services from legacy 2003 servers to Windows Server 2012 R2.  A common task when performing this migration is to move scheduled tasks.  Windows provides some help with this by enabling you to export and import scheduled tasks. But there’s no migration tool to migrate all or only some of the scheduled tasks.  I pity the admin with 50 scheduled tasks running on an old Windows Server 2003 server who has to manually export and import every single one of those scheduled tasks. There has to be a better way. And it just so happens there is!  It’s called PowerShell.

By creating a PowerShell script, you can automate this migration. And you can make it as simple as running a single script—providing the source server name and the destination server name—and watching it work.  However, the script isn’t just going to write itself.  Unfortunately, you must do a little work up front. But I promise you’ll thank me after you’ve exported/imported your hundredth scheduled task.  In this article, I show you how to build your own script to easily migrate scheduled tasks from one server to another.

Read More

Topics: Windows Server, Powershell, Windows Server 2013

Subscribe to Email Updates

Posts by Topic