Hybrid deployment? What exactly is it? Over the last several months we have worked on many Office 365 deployment projects. In some cases, they can be straightforward, but most commonly they are not. This seems to hold particularly true for hybrid deployments. This is especially true if there are several integration points. Also, you need to consider network devices such as load balancers, and restrictive server access from the Internet.
Although rolling out a Hybrid deployment of Office 365 isn’t straightforward, it doesn’t necessarily have to be difficult. It’s extremely important to have your documentation and proper planning done in advance in order to be prepared for the implementation (as with any project!).
Main difficulties? There is no single point of reference for how a hybrid deployment should be implemented. Also, what steps need to be taken and in what sequence. The lack of documentation and improper planning can lead to misconfigurations and re-work. As a result, this can lead to issues and drive up the costs of the project.
Maybe the lack of a single recommended approach is because the deployment can be done in different ways. Another thought is there is a lot of dependency on your current environment and requirements. Whatever the case I thought I’d share my experiences. This high-level overview covers the steps and tools you should have available before starting your hybrid deployment with Office 365.
Let's Get Started
First off, I highly recommend deploying in a test or lab environment first! If you do have several integration points, or if you do have third-party devices, such as an F5 load balancer, or an identity solution you’d like to utilize in place of ADFS, you had better make sure they work before moving into production. This type of Proof of Concept (POC) should hold true for any new technology implementation before it touches your production environment, especially for something with such high visibility that touches every user’s desktop like email!
Before starting, you need to look at your current environment and make sure it meets some basic requirements:
- Active Directory forest must be Windows Server 2003 forest functional level or higher
- Existing Exchange 2007 Servers must be SP3 with Update Rollup 9 or later
- Exchange 2010 Hybrid Server must be SP3 with v15 Exchange on-line tenant. This means upgrading all of your Exchange 2010 servers to SP3 if it is your current on-premises solution
- Exchange 2013 Hybrid Server must be CU1 with v15 Exchange on-line tenant. The previous 2 points hold true for this scenario as well because they are required to have coexistence with Exchange 2013
After you’ve met the requirements above, these are the steps and tools you should consider from a high level perspective:
1. Complete the Exchange Deployment Assistant
2. Sign up for Office 365 Tenant
- I suggest doing your POC with the Office 365 trial so you don’t have to make any unnecessary commitments in regards to licensing. The trial provides 25 licenses and is good for 30 days. If you determine more time is needed just submit a Service Request through your online portal and MS will grant you an extension
3. Utilize the Office 365 Deployment Readiness tool. This tool provides analysis of your on-premises environment in preparation for an Office 365 deployment
4. Prepare for SSO and DirSync. Here are a couple good articles to get you started:
5. Configure SSO
6. Setup DirSync
7. Install Exchange 2010 SP3 Hybrid Server with CA & HT Roles, or Exchange 2013 CU1 Server with Mailbox & Client access roles.
8. Implement HA with your Hybrid servers to protect yourself from the repercussions of a single point of failure
9. Configure your new exchange server/s for coexistence if you’re running legacy versions in your production environment
10. Perform testing with the Exchange Remote Connectivity Analyzer. Particularly any ActiveSync and Auto discover tests should all return successful results
11. Configure your Hybrid Deployment for features such as Shared GAL, Free/Busy Sharing, Secure Mail Routing, etc
12. Integrate your on-premises environment with your Office 365 Tenant
13. Configure any policies in Office 365. Concentrate on ActiveSync and OWA.
Specific environment now alleviated? Once your hybrid deployment is set up you’ll want to perform multiple tests. In other words, this is to ensure the base functionality is working as advertised. Then you’ll move on to test your integration points. I suggest performing the following tests, but I encourage you to perform as many tests and as many different types of tests as you deem necessary. It’s better to find any shortcomings of moving to Office 365 now. If not, you might find out later when you’ve already moved some or all of your organization to the cloud!
Tests To Perform
- Create test mailboxes
- Outlook client functionality
- Mail flow
- Federated sharing
- GAL Sharing
- Mailbox move functionality
- Make sure redirects are working
- Test with Remote Connectivity Analyzer Office 365 tools
Hybrid Deployment Conclusion
I hope this article has been helpful. As a followup, I hope you consider moving to the cloud! Happy migrations, and, as always, let us know if there is anything we can do to help.
Since 1981, Oakwood has been helping companies of all sizes, across all industries, solve their business problems. We bring world-class consultants to architect, design and deploy technology solutions to move your company forward. Our proven approach guarantees better business outcomes. With flexible engagement options, your project is delivered on-time and on budget. 11,000 satisfied clients can’t be wrong.