Microsoft Exchange Online in Microsoft
Office 365: Migration Case Study
Danny KimJohn LoganAnn Vu
EXL309
Kentucky Department of EducationJohn LoganKETS Engineering and ArchitectureDirectory Services and Messaging
FullArmor
Danny KimCTO
partner
Agenda and Overview
endStart
Introduction
1
Challenges and Choices
2
Planning
3
KDE Migration Planning Involving a Partner
Email Situation KDE’s Challenges Choosing the Cloud
Overview
The Migration
4
Ask us!
Managing Today
5
Q&A
6
Migration logistics Post Migration
Experience
KDE Admin Experience KDE Recommendations Microsoft Migration
Recommendations
What is KETS?
KETS: Kentucky Education Technology SystemKDE: Kentucky Department of Education
83 employees in the Technology Office (K.I.D.S.)Operations/EngineeringKETS Engineers
KSB and KSDSupports 174 Public School Districts
Each has a CIOThey range from one person who wears all hats (including coaching basketball) to districts with technology offices
Partners
120 Counties – 174 Districts
Our Customers174 Public School Districts
1,233 Schools
636,188 Students51,929 Certified Staff
44,023 Teachers
48,791 Classified Staff500 KDE StaffOther State AgenciesTaxpayers
187 Day School Year349,903 students qualify for free/reduced meals106,046 Exceptional Children
Additional Info
2.73 – 1 Student to Workstation ratio76% of Classrooms are Intelligent Classrooms76% of Students have computers at home (68.6% with Internet access)91% of Teachers have computers at home15,000 Staff Handhelds
Challenges and Choices
Overview of Situation and Challenges
Evolution of Statewide Email Services
MS-MailMS
Exchange 4.0/5.0/5.5
MS Exchange
Expectations of Reliability and Accessibility
Local District Owned and Operated State Provided
1994 1996-2003 2003-2010
KDE’s Email Roadmap
1994• 1250 Microsoft Mail
3.5 Servers
1996• 200 Microsoft
Exchange 5.5 Servers
2003• 200 Microsoft
Exchange 2003 Servers
2010• 0 Email Servers
The beginning of me not being ‘the mailman’
Active Directory
180 Active Directory domains in one Forest544 Domain Controllers (1 GC / 2DCs per domain with Repl Hubs)PCNS on all Extended Schema to add ‘Live@edu’ specific attributes for OLPSDesignations for Staff vs StudentsKDE reserves Domain Admins
AD Domain/Site Layout
ADAIR WOODFORD
KDE
GCDC
DC DC
DC
ROOT
GC GC GC GC
GCDC
GCDC
• 180 Domains (classic Hub&Spoke)
• W2K8 (All Hyper-V)
• KCC is on
• 15 minute InterSite
Enterprise Considerations
KEN NetworkMPLS 10 Mbps – 500 Mbps > 4 Gbps
174 Districts + KSB/KSDAutonomous with governance
KDESupport
Business Requirements
• State law requiring “inspectability” (Org-own) and data ownership
• Existing State Standards• Larger Mailbox and attachment sizes• Web, Client, and Mobile accessible• Integration with existing infrastructure• Consolidation of distributed infrastructure• Additional collaborative options (Web 2.0 tools)
Additional Business Requirements
“Cheap, good, easy and quick’”Students cannot be seen in GAL outside of districtDistrict techs must have access to manage/control/restrict student access and mail flowHas to have at least the functionality and manageability we had with Exchange 2003Leverage Active Directory infrastructure
Why Use Cloud-Based Services for E-mail?
Met requirementsNo more mailbox serversSingle point of accountability Gave us alternatives from an accessibility perspectiveGets us out of the widget-turning businessOutsourced Lifecycle Management
Why Microsoft?
Runs on ExchangeOrganizationally owned data 24 x 7 Enterprise-level supportFull integration with existing infrastructureSingle point of accountabilityAdditional collaborative tools and Forefront Online Protection for ExchangeLarger mailboxes: 10GB MailboxesFree for educational institutions ($ 6.4 M in cost avoidance)Partnership
Why FullArmor?
Microsoft RecommendedGreat (and tireless) people to work withGreat product
Allowed us to focus on migration of objects while others could focus on user data migration if they wished.
Planning
Planning a move to the cloud
What We DidOctober 2008 (built the team)
Advisory CommitteePartners (Microsoft and Dell)
March/April 2010 – PilotsPartner - FullArmor District Deployment GuideDistrict Operations Guide
May 21, 2010
BIG BANG!Created 828,000 Windows Live IDs
Project Timeline
Migration Processes
Formal project..SOWs, Requirements, Design, Test, etc
Major MilestonesBuilt Tenants, RBACs, etc‘KDE Live@edu Components’ between on-prem AD and Exchange Online‘Warmed’ cloud beforehand with usersCommunicated! (Implementation Guide and DOG)
Pilots, then ‘Big Bang’Districts could migrate content (FullArmour)
KDE Migration Utilizing FullArmor Tool
Problem: KDE needed to provide a solution to all school districts to perform a coordinated migration with minimal support.
Solution: FullArmor provided a simple-to-use migration tool to enable non-technical personnel to perform migrations of email, calendar and contact for their independent school districts in a coordinated way during weekend and subsequent migrations.
The Migration
Migration of over 800k mailboxes
Major Migration Milestones
Prior
• Envisioned, designed, implemented components, tested• Gathered client
usage• AD account and
mailbox cleanup• Sent communications
T-4 Weeks
• Create new and capture existing EASI IDs
• Pilots – processes, docs and technology
• Users reset AD passwords
T-2 Days (5/19/2010)
• Distribute district admin accounts
• Redirect SMTP relays• Disable Exchange
2003 provisioning (RUS, etc)• Administration
moratorium• Back-up AD
Major Migration MilestonesDay of Migration – Big Bang 5/21/2010
• Convert Windows Live IDs to mailboxes• Pilot’s e-mail to other districts now goes to cloud
• External e-mail is redirected to Exchange Online• Autodiscover DNS entry• Lock on-premise mailbox access• Enable SSO and ‘recreate’ Outlook profiles
Service is online
• Exchange backups (nothing, PSTs, ExMerge or FullArmour)
Convert on-premises mailboxes to mail-enabled usersDecommission Exchange 2003
TomDisabled Account w/o mailbox
SMTP: [email protected]:[email protected]=LegacyExchangeDN
TomLocal Account w/ Mailbox:SMTP: [email protected]
TomLocal Account w/o mailbox:TargetAddr: [email protected]
Active Directory
Ex Servers
BobLocal Account w/ Mailbox:SMTP: [email protected]
Active Directory
Ex Servers
Active Directory
Ex Servers
District 1 District x District 174
On-Premises Exchange 2003
ChickLocal Account w/ Mailbox:SMTP: [email protected]
BobActive Account w/ mailbox
SMTP: [email protected]=LegacyExchangeDN
BobLocal Account w/o mailbox:TargetAddr: [email protected]
Mail F
WD
Mail F
WD
Pilot MigrationTomActive Account w/ mailbox
SMTP: [email protected]=LegacyExchangeDN
ChickActive Account w/ mailbox
SMTP: [email protected]=LegacyExchangeDN
ChickLocal Account w/o mailbox:TargetAddr: [email protected]
ChickDisabled Account w/o mailbox
SMTP: [email protected]:[email protected]=LegacyExchangeDN
BIG BANG
KDE’s Live@edu ComponentsOLPS KETS Control PanelPCNSSSOAdministrative accounts per districtSMTP Relay
Messaging and Directory Services Team (4 members)KETS Service DeskKETS EngineersDistrict Operations Guide (DOG)
User
Infrastructure
CONTACTS
DISTRIBUTION LISTS
FACULTY STAFF
CONTACTS
DISTRIBUTION LISTS
FACULTY STAFF
STUDENTS
STUDENTSSTUDENTS
STUDENTS STUDENTS STUDENTS
STAFF TENANT STUDENT TENANTS 1 - 179
MV
ILM
MV
ILM
MV
ILM
MV
ILM
MV
ILM
METAVERSE
ILM
CS CS
CS
REGISTRY MA USERS
AD MAUSERS
OUTLOOK LIVE MAUSERS
Outlook Live ServiceDatabase Components
Contacts and Groups
Provisioning Database
Catalog ServiceDatabase Components
Active Directory Global Catalog179 Domains
OUTLOOK LIVEPROVISIONING
SYSTEM
Contact
Group
Mailbox Enabled User
Mailbox Enabled Contact
Mailbox Enabled Group
Registry ServiceDatabase Components
KCP
SSO
OLPS
W2K8 Core w/Hyper-V
Exchange Online
AD replication (15 minutes Inter-site)
Live@edu Frankfort-based Enterprise Components
DRADAccepted Domains
Staff Tenant
District 1
Fayette
District 178
BOB
179 Domain Controllers
GC
GALSync
GCDC
Active Directory
Fayette
Staff
Student Tenants
District 1
stu.fayette
District 90
District 120
District 178
BOB
JIM
Students
TOMMY
Adair.kyschools.usAllen.kyschools.usAnchorage.kyschools.usAnderson.kyschools.usAshland.kyschools.us
.
.Education.ky.gov
.
.Woodford.kyschools.us
JIM
JIM
TOMMY
TOMMY
Stu.Adair.kyschools.usStu.Allen.kyschools.usStu.Anchorage.kyschools.usStu.Anderson.kyschools.usStu.Ashland.kyschools.us
.
.Stu.Fayette.kyschools.us
.
.Stu.Woodford.kyschools.us
PartnerAgencies
Migration Execution using FullArmor Tool
Migration product was command-line driven.KETS wrapped the migration product with their own, custom UI that connected to AD to fetch users Used ExMerge under the covers to automatically export each user’s mailbox to PST file. Then, the migration product migrated the PST data to Live@edu, all seamlessly.
FullArmorMigratorw/custom UI
AD
Server Storage
Live@edu
ExchangeServer
Managing Today
And recommendations
What District Techs Can Do
For staff…Manage their users and DGs (ADUC, ECP, KCP, PowerShell)Change domain settings
KETS Control PanelKDE owns Tenant Admin management
For studentsManage their users (No GAL)More of a ‘full-Tenant’ admin
Transport Rules (Closed Campus, or custom through PowerShell)RBACs
and set Tombstoning for each…
Spoon feeding..
Challenges
We are 177 separate companies that act like oneAlways updating..Web2.0Org-owned and I-ownedAge 13Multi-Tenant designDocumentation is a challengeDemarcation of supportPowerShell and RBACs (we’re K12)
Moving Forward….SIMPLIFY! (revisit our requirements)‘Snowbound’ InitiativeLook at putting more in the cloud…
OLPS, SMTP RelayAD?What about support?
P-20‘College/Career Ready’7 or our 8 ‘State’ Colleges are Live@eduEvictions are not in Live@eduCross-Tenant mailbox moves/renames
Takeaways
Cost (TCO)Communication / DocumentationSupportFunctionality to fit K12
Easy, available, useful and cheap
Move to the cloudIt’s a great move for some things. Your engineering and support framework will change.
KETS Recommendations
Identify requirementsFormalized projectProcure MCS, FullArmour and other partner resources depending on complexityInvolve teachers and students
Quit trying to be the experts and widget turners
Give the technology to the teachers and kids
Full Armor recommendations
Partnering: “Luck Favors the Prepared”As a partner, SI, or ISV learn the skills to provisioning ExchangeFirst to Market = First to Partner
Migrating: “The Turtle wins over the Hare”Measure Twice cut OnceStart Small, Build up to Large Scale
• `
IMAP migrati
on
Exchange migration
Staged
migration
Hybrid
Exchange 5.5 X
Exchange 2000 X
Exchange 2003 X X X X
Exchange 2007 X X X X
Exchange 2010 X X X
Notes/Domino X
GroupWise X
Other X
* Additional options available with tools from migration partners
New Migration OptionsChoices to fit your organization
Mig
ratio
nH
ybrid
IMAP migrationSupports wide range of e-mail platformsE-mail only (no calendar, contacts, or tasks)
Cut-Over Exchange migration (C-EM)Good for fast, cutover migrationsNo server required on-premises
Staged Exchange migration (S-EM)No server required on-premisesIdentity federation with on-premises directory
Hybrid deployment (MRS)Manage users on-premises and online
Enables cross-premises calendaring, smooth migration, and easy off-boarding
Quest Migrator for Cloud Emailformerly FullArmor MailPortal Migrator
You can download and start to use Quest Migrator for Cloud Email (QMCE) today!http://www.quest.com/migrator-for-cloud-emailWritten resources are available online to help you plan and execute your migrationProduct includes limited free migrationsContact Quest Software for licensing details
Related ContentBreakout Sessions
EXL310: Exchange Online and Office 365: Simple Migration LiveEXL311: Microsoft Exchange Server and Office 365: How To Set Up a Hybrid DeploymentEXL305: Best Practices for Successfully Transitioning to Exchage 2010OSP325: Microsoft Office 365: Directory Synchronization
Interactive SessionsEXL375-INT - Understanding Archiving and Compliance in Microsoft Exchange Online
Product Demo Stations Exchange and Office 365 demo stations in the TLC
Find Me Later At… the Exchange Demo Station
Resources
Exchange Team Blog: http://msexchangeteam.com
Exchange Deployment Assistant: http://technet.microsoft.com/exdeploy2010
Deployment Options Whitepaper: http://bit.ly/iXS4EH
Quest Migrator: http://www.quest.com/migrator-for-cloud-email
Questions?
Q&A
Resources
www.microsoft.com/teched
Sessions On-Demand & Community Microsoft Certification & Training Resources
Resources for IT Professionals Resources for Developers
www.microsoft.com/learning
http://microsoft.com/technet http://microsoft.com/msdn
Learning
http://northamerica.msteched.com
Connect. Share. Discuss.
Complete an evaluation on CommNet and enter to win!
Scan the Tag to evaluate this session now on myTech•Ed Mobile
© 2011 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to
be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS
PRESENTATION.