Collaboration optimize

10 things you should know about moving to Office 365

If you're planning a move to Office 365, expect a few surprises. Brien Posey shares some of the gotchas he encountered during the transition.

A couple of weeks ago, I was forced to begin using Office 365 for my own organization. It wasn't something I had planned on doing. In fact, I didn't get to spend any time planning. But it happened nonetheless. Construction in my area was causing numerous power and Internet outages, and I had to move my email offsite because I was losing too many messages.

All in all, the move to Office 365 has been a good thing. Even so, a few things caught me by surprise. So I wanted to pass along a list of things to consider before subscribing to Office 365.

1: Migrating is not a simple process

If you have an on-premise Active Directory environment and you want to perform a migration, it won't be an easy process. Exchange Server 2010 SP2 includes a wizard that reduces the number of steps from roughly 50 down to six, but the migration process is still tedious and requires a lot of advanced planning. Because I have only a couple of users in my organization, I opted to start fresh rather than migrating my user accounts.

2: You may have to start over with spam filtering

One of the biggest things that surprised me was that spam filtering suddenly became an issue. Prior to subscribing to Microsoft Office 365, I was using GFI Mail Essentials. I had spent a great deal of time fine-tuning my spam filters so that I rarely received any spam. Office 365 uses Microsoft Forefront Online Protection for Exchange. Although Forefront is a decent spam filter, I had to take the time to configure it.

3: Outbound email addresses might change

When you subscribe to Office 365, all user accounts have a default email address that ends in onmicrosoft.com. While it is possible to use your own domain, simply accepting mail for your domain name isn't enough. Outbound messages will continue to use the .onmicrosoft.com domain unless you make some configuration changes, which are far from intuitive.

4: You can say goodbye to third-party utilities

Many organizations use third-party utilities to manage Exchange Server. If you are using any such utilities and they're designed to be installed directly on an Exchange Server, you won't be able to use them with Office 365 (unless you keep an Exchange Server on premise). Microsoft does not allow you to install software onto the Office 365 servers.

5: You might have DNS issues

When you add a domain to your Office 365 account, you will receive a list of DNS entries that you must be make for the domain to function correctly. Although most of these DNS entries are relatively straightforward, Microsoft Lync requires some SRV records to be created.

This shouldn't be a problem for those who have Microsoft DNS servers, but it can be problematic for non-Microsoft DNS servers. For example, my ISP manages my DNS entries. The ISP had no idea how to create the SRV records because it uses a Linux DNS server. That isn't to say that the DNS entries won't work with a Linux DNS server -- but if someone else manages your DNS, you might have trouble getting the necessary DNS records created.

6: You may have to use different management tools

Because I didn't keep any on-premise servers, managing Exchange through the Exchange Management Console was no longer an option. Office 365 uses the Exchange Control Panel as the primary Exchange Server management tool. Likewise, user accounts are created through a proprietary interface rather than through the Active Directory Users And Computers console.

7: You might have to reset file server permissions

As I mentioned earlier, my goal was to outsource my entire Active Directory domain. In doing so, however, I was left with orphaned on-premise file servers. If you find yourself in a similar situation, make sure that you have a plan for your file server data before you decommission your domain controllers. I moved all my file data to an NAS appliance, but that isn't going to be an ideal solution for everyone. In any case, just remember that if you are outsourcing everything except for your file servers, you probably won't be able to use Active Directory accounts for managing file access.

8: Prepare to be bombarded with phone calls and email messages

One aspect of the transition that really surprised me was that I was bombarded with phone calls and email messages from Microsoft. While I appreciate having the opportunity to ask questions about the transition, there is such a thing as too much of a good thing.

9: You might not be able to immediately connect users' mobile devices

One of the issues I ran into during my transition was that even though I was able to bring my mailbox online quickly, the logistics of the transition kept me from connecting my Windows Phone to my mailbox for several days.

The reason for this is that prior to the transition I had an on-premise domain and an on-premise Exchange Server. Rather than working through a co-existence scenario and migrating everything, I decided that it would be easier to start fresh. This meant that if I had immediately connected my phone to my new Exchange mailbox, my contacts, calendar entries, and old messages would have disappeared from my phone (which would have been a big deal).

So I had to create a PST file on my PC and move all my mail, contacts, and calendar entries from Outlook to my PST. Once that was done, I disjoined my PC from the on-premise domain and then connected Outlook to my new Office 365 mailbox. Then I copied all my PST data to the new mailbox. At that point, I was able to connect my phone to my mailbox without having to worry about losing access to my contacts and other data.

Obviously, this won't be a concern for organizations that work through the "real" migration process. But smaller organizations that choose to abandon their on-premise domain will have to consider this.

10: Expect a loss of control

Finally, moving to Office 365 means giving up some level of control. For example, you won't have any control over the patch management process, software upgrades, and other similar administrative tasks you may be used to performing on-premise.

Other advice?

Have you moved to Office 365? Share your experiences, warnings, and recommendations with fellow TechRepublic members.

About

Brien Posey is a seven-time Microsoft MVP. He has written thousands of articles and written or contributed to dozens of books on a variety of IT subjects.

17 comments
abv.subscriptions
abv.subscriptions

I'm still worried about the many downtimes to certain users and I can't do anything about it...

njebudalla
njebudalla

The author makes some really good points, based on my experience.  If you are a business that cannot afford the downtime, I recommend using someone like Office365Migrators - http://www.office365migrators.com.  They do this work professionally, with minimal to no downtime.  They have a need migration calculator to help you assess the investment as well as a great plan selector tool to make choosing the right plan easier.  I would recommend them to anyone.

IT_Lunatic
IT_Lunatic

I am a MS Partner and O365 re-seller with a few migrations under my belt. It's not really that fun of a project and almost every case differs just enough from the last that advanced preplanning is a must. Really, the planning is the most time consuming and most important aspect of the migration. If its a new install without onsite Exchange/AD then setting it up is a breeze. However, setting up Federated Services, Single Sign on, or even just a cutover method migration and be daunting. Here are some things that I have found are helpful to keep in mind: 1. You better have a good internet pipe! During the migration and during the deployment, your network is sending/receiving so much data to/from MS that you will likely cripple day to day operations for a length of time. A 15 user environment on a dual T1 3Mb circuit bottomed out during Outlook mailbox synching and forced users to use OWA due to the instability of Outlook 2010. 2. If you have a 3rd party spam filter, prepare to scrap it. Microsoft doesnt make it easy to use a 3rd party filter, and may actually be simply impossible without keeping an onsite Exchange server. FOPE is not very intuitive until you get used to it so be prepared to set aside enough time to get it all configured and copy over all your TSLs. 3. Support is all foreign, I have yet to speak to a technician that speaks good English. That being said, they are responsive however every time you need to get something done you have to run through all of the standard basic commands that you likely have already tried on your own. 4. Prepare for issues with iPhones/iPads as they seem to have their own individual problems at their own inopportune times. Especially if you try to set these up prior to the actual cutover which tends to appear in planning due to making the cutover happen during the weekend. Just some food for thought, i could go on and on but then i would have to find a way to bill for this time!

Deadly Ernest
Deadly Ernest

account their Internet access capability, as that is ALWAYS beyond the ability of both ends to manage and keep going. Not that long ago a city I know of was cut off from ALL communications outside the city for almost three days because the main trunk line was badly broken and it took that long to get suitable replacement cables in and put in place. The city concerned is towards the end of a peninsular and has two bridges over a river that all but cuts it off from the mainland. The single main trunk line was located near one of the bridges, the original bridge to the city. That bridge was undergoing some work and an accident with some heavy equipment saw almost half a mile of the main trunk ripped out and ripped apart. The repair required the laying of almost four miles of replacement cable, which included replacing the cable across the river. How many businesses can afford NOT to have access to their office systems for three days? People need to consider these worse case scenarios when contemplating this sort of change.

moh10ly
moh10ly

I have both Lync and Exchange on premise and I kept my Lync but to have users mailboxes enabled on exchange on O365 however, the only way to do it in case you don't want to keep the mailboxes on premise is to delete the user from AD and re-create it. Is there anybody aware of the required attributes that needs to be reset in order to do it without deleting users?

aflynnhpg
aflynnhpg

My company actually started on BPOS and then Migrated to Office 365. On the positive side, Lync is definately a big improvement and probably the most appreciated part of Office for my end users. We have been able to federate communciations with several customers and a major vendor using Lync. One the negative side....Password Resets. We are a virtual company and my office gets flooded with phone calls every 90 days. The reset process is a black box to the end users. They don't always understand that the password is the same for SharePoint, Lync, Exchange and the Portal. This causes confusion for examply if they are using Lync and get a password reset prompt and follow it. Now they think they have a new password for Lync. Add to that, if they forget to change the password on their mobile device, they can and usually do, get locked out for exceeding the threashold for failed attempts to login. Administrators have to choose to either deal with the end user frustration, or set the password reset flag to not expire. Having said all that, it's a good product. We definately improved our communications using 365.

TechSoEasy1
TechSoEasy1

Interesting how you see the burden of server maintenance as a loss of control. If given the option of never having to worry about patch management, upgrades and the like, I'd certainly opt in! Being relieved from these time-consuming tasks, you have greater freedom to help users get more benefits from the technology. Its time that we all stop acting like endangered bureaucrats -- hoping that the world will keep us employed even though our usefulness has waned -- and start acting like true IT Managers/Consultants, striving to bring the very best value to our companies or clients.

rcl4rk
rcl4rk

I am transitioning my account from Office Live to Office 365 while simultaneously starting a new business. Would it be better (simpler) to transfer my old "Live" website address, or start over with a new one?

theikkila
theikkila

I have several clients and my firm running Office 365 and all of us were BPOS customers. All of us had in-house Exchange servers. I manually migrated users and I do not use AD sync. Management is not hard and keeping things simpler has its benefits. I have had no problems with DNS and spam filtering has been very solid. kburrows comments about non-computer devices is spot on but using a relay is very simple to setup. Overall I am very pleased.

kburrows
kburrows

I am a 365 Partner and one thing snuck up on me when transitioning clients to Office365. If you have a copier or other non-computer device in the network, many don't have the ability to send using TLS (required by 365). Many software vendors also provide some kind of fax to email, which has the same issue. I had to create an SMTP relay through their server to be able to send through these devices. If your customer doesn't have a way to relay the messages, you will probably need to setup a Gmail or GMX email 'dummy' account that can use SMTP port 25.

TsarNikky
TsarNikky

Can you afford to transfer some control over to someone or something that you can't control? If one is truly serious about security, I would tend to think the answer would be "no." Why risk your office's secure environment, just to please a few people who are mobile-centric? The office will eventually have to clean up the mess created by the mobile users.

Skruis
Skruis

and it was messy! I learned the hard way that in a staged migration scenario, you should migrate the mailboxes over first and then enable AD synchronization. I though I was just starting over new and not planning an actual migration so I enabled AD sync but the objects came over as mail enabled so when i went to assign a new mailbox, "nope", it claims the user already had a mailbox...on the on-premises server. So I had to remove the AD sync, wait for a day or two, then remove the users, then migrate the users and then enable AD sync but that wasn't all. When I was trying to migrate the mailboxes over, one of the user's name's happened to share a username with the primary user account on the 365 service. Even though I had changed the primary account's username, the actual mailbox object retained the name and I had to use the shell to rename it. And then another user had a live account created using their corporate login so I had to deactivate the live account and still, couldn't migrate the user so I ended up having to manually create the user on 365, specify an alternate primary e-mail address and then I was able to migrate him. After that, i had to turn the on-premises accounts into mail enabled user's using a set of scripts provided by MS and then enabled AD sync and it pulled over his primary mail address w/o issue. It was a much larger mess than I anticipated but in the end, that particular client was happy. Take it from me, start from scratch!

Fairbs
Fairbs

A few somewhat related things... I'm not sure why Microsoft wasn't able to synch PW's to AD from the get go seeing how it is a MS product as well. Other companies that have 'cloud' Exchange / Outlook have that capability so why shouldn't the company that actually makes the stuff. Cloud Google email can even handle it. Our switch from BPOS to 365 has involved a lot of prep work for our Outlook clients. Very time consuming and costly. If you start with 365 maybe this isn't a real issue, but I would still guess that there is costly prep work and there will be problem users for whatever reason. When we started on BPOS, there were several major service disruptions on the MS side. Service has improved significantly, but for about a month there were bad periods every day. And the worse was that there was outright denial by MS that the service was impacted. They would say things like slight impact when there was a major outage and would say the 'down' time started two hours after it actually did. Like I said it is much, much better now, but it was awful at first.

Deadly Ernest
Deadly Ernest

going to Office 365, but they also require you to consider using something other than JUST Microsoft software to run your office.

lord_beavis
lord_beavis

Being a sysadmin (and sometimes classified as a b@$t@rd one at that), I have to disagree with you, but I can see your point of view since you mentioned managers and consultants. Once you let someone else manage your data, then yes you are giving up control. You also have it wrong - the time consuming tasks are the users. If you don't want to maintain servers, the you should become a trainer and leave the 'hard' stuff to the rest of us. Our usefulness has not waned, and when the fit hits the shan, we're the first one everybody runs to saying they can't get their e-mail/files/whatever. IT managers should never be let near the servers anyway, and then, at the end run of a network cable and heavily supervised.

The_Real_BSAFH
The_Real_BSAFH

You may be called that (for reasons we won't discuss here), but I would say that you are right on the money Beavis. Managers, IT or otherwise, want the true sysadmins to go way, and I blame consultants for that. They've made them think for years that someone can waltz in off the street and fix their problems in a jiffy, when all they are doing is putting a band-aid on it and charging a hefty fee. I can't begin to count the companies I've seen out source all their IT and then pull it right back in after the contract runs out because the value for what they paid fell far short of their expectations.