Embed Size (px)
Citation preview
100 päivää "ikivihreään" – Skype for Business Online
Sami Kähkönen, Senior Consultant, Microsoft Office 365 Global PracticeJuha Saarinen, Senior Consultant, Microsoft Enterprise Communications Global Practice
Vision Day: Skype for Business 22.3.
#VisionDaysFI #parempitapa
Agenda Identity Options Timeline and steps Skype Voice Options Assistance for Onboarding Evergreen and Service updates
Identity options
3
Identity and PW Sync with AAD ConnectUser account management is done in local Active Directory and synchronized to Office 365.
Password synchronization will allow users to use the same username and password in Office 365 and they do On prem.
AAD Connect is a “Back Box” that synchronizes your on-prem Active Directory with Office 365 Azure ADAs new feature AAD Connect also configures ADFS service
Active Directory ForestM
ZM
Z
Domain Controller
Users
Groups
ContactsDomain Controller
Passwords
Office 365 Environment
Users Groups Contacts Passwords Hash
Replicated Objects
Connection secured using HTTPs (443/
TCP)
Users, Groups and Contacts sync
every 30 Minutes
By default, a SQL Server 2012 Express LocalDB is installed and the service account for the service is
created on the local machine. Supports up to
50.000 replicated objects.
Contoso - Active Directory Forest
Sync Service checks every 2 minutes if there are new
passwords to sync and sync them
Azure AD Sync extracts the user password hash
from the on-premises Active Directory and an
additional security processing is applied to
the hash before it is synchronized
AAD Connect Server
Firewall should be configured to allow 443/
TCP traffic from AAD Sync Server to Office 365
Border Firewall
Identity federation with ADFSIdentity federation will enable users to use on-prem Identity to authenticate to Office 365 service.
Office 365 redirect authentication to ADFS
If ADFS is deployed it must be redundant as all users will be affected if service not available 2 (ADFS) + 2 (WAP) topology with load balancing
AAD Connect configuration will also configure ADFS service as well
On-Premises environment
Web Application Proxy
DMZInternal Network
ADFS 3.0 Server
ADFS 3.0 ServerDomain ControllerGlobal Catalog
All authentication requests are sent using HTTPS
Internet
Firewall:Port 443 must be open
Firewall:Port 443 must be open
Office 365 environment
Internal Users authentication
requests
External Users authentication
requests
Required forfederation setup.Secured usingHTTPS.
External STS FQDNRequires 1 Public IPLoad Balancer Load Balancer
Distributes authentication workload across ADFS Servers
Web Application Proxy
Timeline andsteps
1. Create Office 365 Tenant and licenses2. Add and validate domains3. Add service related DNS records 4. Run IDFix to identity and remediate possible issue in AD5. Install ADFS and WAP servers (OS, Network, LB)6. Get public Cert for ADFS (sts.company.fi)7. Install and Configure AAD Connect (configures also ADFS)8. Start synchronization9. Validate users are now in Office 365 and Auth works via ADFS10.Deploy clients (Office ProPlus or Skype for Business)11.Assign Office 365 Services to users
Assess Remediate Enable Migrate /Activate
1 to 5 days 1 to 10 days 1 to 5 days 1 to X days
7
Cloud PBX in Office 365PSTN services provided by Microsoft
Cloud PBX with
PSTN Calling
Cloud PBX with Cloud
ConnectorOn Premises
Skype for Business PSTN Calling Options
Users hosted in Office 365PSTN services integrated on-premises
End-user features & customer PSTN services integrated on-premises
Cloud PBX with Existing
SfB Pool
Users hosted in Office 365 or On PremisesPSTN services integrated on-premises
Cloud PBX with PSTN Dialing
In PSTN Dialing Microsoft will provide DID numbers and calling minutes. Number porting is possible.
Service is currently available in US and in preview in UK.
Actions Online• Assign Cloud PBX license for
users• Port existing numbers to cloud or
acquire new numbers• Create and validate Emergency
Location• Enable users for Cloud PBX,
by assigning DID and Voicemail in the cloud
• Start using Cloud PBX
Actions On Premises• None
Assess Remediate Enable Activate
1 to 5 days 1 to 10 days 1 to 5 days 1 to X days
9
Cloud PBX in Office 365PSTN services provided by Microsoft
Cloud PBX with
PSTN Calling
Cloud PBX with Cloud
ConnectorOn Premises
Skype for Business PSTN Calling Options
Users hosted in Office 365PSTN services integrated on-premises
End-user features & customer PSTN services integrated on-premises
Cloud PBX with Existing
SfB Pool
Users hosted in Office 365 or On PremisesPSTN services integrated on-premises
Cloud PBX with Cloud Connector
Cloud Connector is minimal on-premises topology to enable integration of your on-premises voice infrastructure with Cloud PBX voice services in Skype for Business Online.
Cloud Connector is isolated component and does not require configurations to onprem AD
Actions On Premises• Deploy Cloud Connector
server to DMZ network• Run the configuration script which
generates the VMs• Integrate PSTN Ingress and Skype for
Business Server• Create DNS records for Edge pool
Actions Online• Enable Hybrid Setup:
• Set-CsTenantFederationConfiguration & Set-CsTenantHybridConfiguration
• Assign Cloud PBX license for users
• Enable users for Cloud PBX, assign DID and Voicemail in the cloud:
• Get-CsOnlineUser <User name> | Set-CSUser – EnterpriseVoiceEnabled $true – HostedVoiceMail $true –OnPremLineURI <tel:+phonenumber>
Assess Remediate Enable Activate
1 to 5 days 1 to 10 days 1 to 5 days 1 to X days
11
Cloud PBX in Office 365PSTN services provided by Microsoft
Cloud PBX with
PSTN Calling
Cloud PBX with Cloud
ConnectorOn Premises
Skype for Business PSTN Calling Options
Users hosted in Office 365PSTN services integrated on-premises
End-user features & customer PSTN services integrated on-premises
Cloud PBX with Existing
SfB Pool
Users hosted in Office 365 or On PremisesPSTN services integrated on-premises
Hybrid with ExistingSfB Pool
Also excising Skype onprem Server topology can be used to provide Voice services to Cloud Users with minimal or any changes.
Cloud connectors cannot be used in Hybrid environments.
Actions On Premises• Integrate PSTN Ingress and Skype
for Business Server• Enable users for Enterprise Voice +
DID on premises• Assign suitable dial plan and voice
routing policy • Wait for AD Sync!
Actions Online• Move users to Skype for Business
Online• Assign Cloud PBX license
for users• Enable users for Cloud
PBX and assign Voicemail:• Set-CSUser – EnterpriseVoiceEnabled $true
– HostedVoiceMail $true
Assess Remediate Enable Activate
1 to 5 days 1 to 10 days 1 to X days 1 to X days
Project Phases
• User enablement
• Collect customer requirements• Scope the project – roadmap for the future• Assessment of SfB environment, telephony and network BW
Assess
Remediate
• Verify the customer environment readiness• Connectivity, DNS, certificate and client
readinessEnable
• Deployment tasks• Testing/UAT
Activate
14
Feature ComparisonSkype For Business
CapabilitiesCloud PBX with an
existing poolCloud PBX via Cloud
ConnectorCloud PBX with PSTN
Calling
Availability Available Available now worldwide 04/16 Per Country
Call Costs Not included Not included Monthly Plan
DID Not included Not included Microsoft provides DIDs
PSTN Connectivity Required Required Not required
On Premises hardware Yes, Lync 2013 or SfB Pool Single Physical Server Not needed
Voice mailCloud PBX Voice Mail (Exchange
Online Required)Cloud PBX Voice Mail (Exchange
Online Required)Cloud PBX Voice Mail
(Exchange Online Required)
Assistance for OnboardingFast Track center assistance is part of the Office 365 service• They will provide assistance and help you with
onboarding to Office 365 services• Fast Track work is based on service description scope
including migrations to Exchange Online and SharePoint
Additional Consultancy or help in deployment • Microsoft Services (MCS) and other partners can provide
additional assistance and consultancy during the project and/or operations
• Perform Network Assessments• Cloud Connector configuration assistance and Integration
with legacy PBX’s and or Trunks• Adoption and Change management
Evergreen and Service updatesMicrosoft is 100% committed to Cloud first - Mobile First
Microsoft products (binaries) like Skype for Business are first developed to Office 365 and then published to On-prem applications
• Public roadmap available for Office 365 Services• All Office 365 services are updated and maintained by
Microsoft -> “Evergreen”• Customers responsibility is to make sure that
clients are also up-to date
• PSTN Service expansion to UK• PSTN Dial in conferencing expansion
to 60 then then 100 countries by June• Project Rigel• VTC Interop with Polycom• Skype Chat Web Experience
Q&A
THANK YOU!
© 2015 Microsoft Corporation. All rights reserved.
