So I know there have been several conversation about Office365 and SharePoint, but I wanted to start a new thread for those not yet converted or thinking of converting to Office365. We currently are an on premise Exchange shop, with thoughts of moving to O365 sometime in the future. More short term, however, we are in need of revamping our Intranet site and I’d like to utilize SharePoint for this endeavor. So with that said, what would be the best approach for this? A few questions below?
Can I move to O365 just to host an internal SharePoint page?
Can I integrate our current AD infrastructure for logging into the page?
In the future, how easy will it be to convert the on premise Exchange to O365 mailboxes?
Does anybody fully utilize O365 or SharePoint for their file storage? If so, how did you migrate your files over?
Any other insight or words of wisdom would be appreciated!
Yes, you can use just SharePoint if that’s all you want/need right now.
Yes, you can use the free AD Connect tool to sync your AD users, groups, and passwords and use those users/groups to control access in SharePoint.
Moving Exchange in the future will be easy as long as you understand you would need to do a hybrid migration or similar.
Yes, we have a few clients that are using OneDrive for Business (personal files) and SharePoint (team/group shared files) as their primary file storage. Media/production files tend to stay on-prem simply due to their size.
In general, O365 migration strategies are all built around the idea of moving e-mail first and THEN using the other tools (SharePoint, etc.). If you opt to use SharePoint first, it does limit the available migration strategies/tools you can use, but it’s not a deal breaker. We’ve done it both ways. We certainly prefer moving e-mail first though as it just provides more avenues. And the impact to end users on moving from on-prem Exchange to O365 Exchange is so minimal it’s the “easy migration” that lets you tell everyone you’re now using O365 with 50GB mailbox limits, etc. and they see it as “easy” which helps grease the wheels for the other changes in the future.
I thought you only needed to do a hybrid if you had over a certain number of mailboxes.
Our users are embracing so much of o365:
OneDrive (If a user leaves your employ, remember to check their OneDrive before you delete their account. There could be valuable documents contained therein)
Skype For Business for video meetings, remote support and instant messaging. The remote support is lame. If you bump up against the need for administrative credentials on the far end, your screen will go blank while they key in credentials. Since the admin creds are MY creds, that means I have to give them my pw. Hate that. And links for S4B meetings aren’t so smooth for iphone users. You have to send some iphone/ipad/ipod users to a special Microsoft site because the app won’t load. That’s the fix…go to this special site. (Why not fix it Microsoft?)
SharePoint for Team sites. I have several. Two for full-time remote offices and a few for short-term projects. Please note the default sizes for all of your SharePoint storage is 1 gb. You’ll burn through that fast. At Microsoft’s advice I set it to 100 gb and will grow out from there.
We moved initially for the email. I’m thrilled with the storage space. I’m happy for everything except group distribution lists. I can’t like group distribution lists.
Since we also run several schools, I should have gone Academic. With non-profit you are limited to 300 free/online accounts and 300/business premium. E3 is unlimited but it’s also the most expensive. Most of my parishes would only need the cheaper business premium account but I fear I’ll burn through that 300 fast. The free account is fine for email users or people who rarely use business apps and would therefore be happy using OneDrive and online apps only. Maybe I’m just biased against the online app. It’s fine and feels fully functioning.
We’ve walked through much of this over the past few year. Like @tlphipps said, email first is pretty much Microsoft’s idea (along with AD). The newer Azure AD Sync tool is really simple to setup and does a lot more.
Moving to Exchange Online was honestly rather simple. We did users in waves of 15 because I was afraid we’d have hiccups each time, but we didn’t. I could have done them 50-100 at a time and been fine. I just let people know a few things:
They’d need to restart Outlook
They’d need to remove and readd their account to their phone
They’d need to enter their username and password into Skype for Business.
I did enlist the help of Mirazon as we walked through this process. They fulfilled more of a consulting role here, where I could ask questions and get answers. We migrated from Exchange 2010, so there were some known issues with that. Nothing major, but things that it was good to know going in (like having to run the hybrid setup tool twice to get it to take).
OneDrive for Business
After we did that, we really started pushing OneDrive for files storage with our users. The timing on this was helpful because Microsoft was actively updating their OneDrive client for both PC and Mac. With the latest release, it will even let you sync files from SharePoint Online, which is awesome and the last feature we were really waiting for.
SharePoint has been the slowest thing we’ve rolled out. We moved a couple teams to it to replace our shared folders, but without the ability to sync, it was always a burden to get them to know how to access those files.
Like I said above, with the new sync client this has become much easier.
Further, with the launch of O365 Groups, SharePoint has become much more friendly and Groups gives an united interface for files, conversations and more. We’re in the process of moving several old Exchange distribution groups to O365 Groups and the teams love it so far.
Great info @Kpapalia shared.
Just a few things to clarify:
If you use AD Connect to sync users and do NOT provision O365 mailboxes but start using other tools, you can find yourself ‘stuck’ unable to provision the mailboxes later without deleting and recreating the accounts. So your best option at that point is a hybrid migration (which doesn’t require ADFS any longer…it can be done with just AD Connect)
For SharePoint storage, you actually get 1TB of space…but as @Kpapalia mentioned, it’s not all allocated in the beginning. You have to carve it up as you see fit.
There are lots of ‘groups’ options in O365. Some we like. Some we don’t. And sadly many of them have the same/conflicting names which confuses admins and users alike.
There are two different options for non-profit O365 licensing. The ‘business’ offering has the 300 user limit. The ‘enterprise’ offering has no user limit. We ALWAYS recommend going for the E1 plan. Both of these are available to 501c3 orgs for free (no cost). Most of our clients are doing E1 (free) licenses and then adding Office 365 ProPlus (desktop apps) licensing as a per-user add-on at $2/user/month.
We had to go E3 for most of our users because we are a RDS aka Terminal Server shop. All of my users have Thin Clients - no PCs. The only way to install Office in a shared environment like mine is to use E3 licenses. That was a shock but what are you going to do.
One random question related to O365… I haven’t heard this come up in any Round Table discussions, but have heard from some who have helped others make the change and dealt with it a little more than the average church IT person would on their own.
One downside they have noticed is an increase in spam allowed through the Microsoft filter. They worked extensively with Microsoft to resolve the issue and were never able to, so their workaround solution has been to have all mail routed to Barracuda first and then to O365.
The other downside is that they saw more email downtime with O365 than with Exchange (whether onsite or cloud).
In the 10 years leading up to my job in the church I was in IT Security. We found that the Microsoft spam filter is pretty terrible in comparison to other products on the market. I’d recommend using another spam filter, though you will pay for it.
@TimCookHarvest Do we see more spam get through to a user’s mailbox? Yes, but Outlook catches it an puts it appropriately in the Junk Email folder. I have seen little to no change since we remove the previous spam filter we used with Exchange 2010 on prem.
I should mention that I prefer this method. Previously, we have many messages get caught as spam and the end user was never certain how to deal with that, which meant more work for my team. I prefer the option for them to easily review their spam in a specific folder.
As for downtime, I can think of one instance where there was a slight outage since we converted fully to Exchange Online a year ago, but it was brief. In fact, the support Microsoft has offered (even with free E1 licenses) has been phenomenal. They are almost overly persistent to get a case resolved, which I prefer over the “takes a week to respond” method.
That sounds encouraging.
Nick, from MBS, just released another O365 article, and one thing he added is that they ended up actually losing data when they were testing O365. He said he all of a sudden had 6 months of calendar events just disappear. Microsoft had no way to recover it. I hate to base my view on O365 on the experiences of one company, but something like that (even just once) would put me on the “kill” list… Needless to say, that makes me a little nervous about making the jump.
@TimCookHarvest Ya… Totally get you on that one. I have not specifically asked Microsoft about Exchange backup policies and procedures, but we have investigated those in regards to OneDrive and they have a pretty solid infrastructure and system in place.
You always do have the option of using third-party tools to backup your data from O365, too. Exchange Online for example, won’t run any Journaling processes, so you can have an on-prem Journaling server that helps retain data.
Not exactly the same thing you’re asking, but still and option.
All that said, I know plenty of churches that have gone all in on Office 365 and have yet to hear an issue of that scale. Maybe others can chime in.
When we migrated, we weren’t using Exchange. Everything sat in 90 individual PSTs. I couldn’t use any migration tools. I set the o365 account up in Outlook and used Outlook’s import feature to get things out of the PST and up to the cloud – one person at a time. It took 25 hours.
The first guy’s import didn’t send up every item. It was my boss’s account and his PST was HUGE. After it finished importing I manually compared the item count folder by folder just to be sure. I’m glad I did because I discovered that some items didn’t make it up to the cloud. After that, I compared item counts for every user before the import and after the import. (I made myself a little chart. I did that while some other account was importing. Of the 90 psts I imported, there were <10 that I had to re-import to get everything up to the cloud. All 10 were really huge psts. One guy kept crashing on the same folder. I discovered a corrupted item. Once I isolated that item using a system of halves, his import completed without a hitch. Whether the other users had corrupted items or if they were just too big. I don’t know but I made sure every item made it up to the cloud.
If you do move, be kind to yourself. Make everyone go through their mailboxes and delete garbage. Be sure to remind them not to delete anything pertaining to any legal matters. It saved me HOURS and users learned some valuable lessons about sorting and searching and organizing. Some were overwhelmed with the sheer number of items in their folders but they calmed down when I suggested they work on it 10 minutes a day. I’m really quite proud of them. They deleted a lot of garbage.
Microsoft’s backup strategy for Office365 is best explained by their SLA.
They guarantee availability of your mailbox. If a bug in a client you’re
using or a rule you write or some other strange thing happens that looses
data that’s on you. That said, we have hundreds - probably thousands of
mailboxes on Office365 and have for years. Normal users don’t see data
loss, and ones that thought they did Microsoft went through some real
heroics to try and recover what was never there.
Also, we typically deploy Office365 with the built-in filtering. A couple
quick adjustments usually handles the bulk of spam for any given customer
and anything suspicious goes into the Junk Mail folder which is great vs.
waiting for the daily quarantine email.
@johnh As far as I know, the biggest hurdle with Google is that they still have a line in their agreement that says you cannot discriminate based on religion or sexual orientation. Typically, as non-profits, we do have the right to do these things, but Google says you can’t use their “donated” services if you do.
Microsoft once added this line as well, but has since removed it.
So it really boils down to a leadership decision on this part.
There are churches who were grandfathered in prior to when Google added this. NewSpring is one as was discussed at this year’s national conference.
My only other thought here is this: in my experience, people still like having installed apps that run outside the browser. Microsoft still provides this along with the addition of web apps. Google does not. I have a hard enough time trying to ensure staff are using a browser other than IE/Edge (even though we set their default to Firefox), let alone asking them to login to a web app just to use Word or Excel.
We use a mixture of E1/E2 and E3. All full time employees get E3. Part-time and interns get E1/E2 and a few of those have the pro-plus add-on. It’s nice to be able to pick and choose. The main decision for E3 for us was the ability to send encrypted emails. When we switched to Office 365 from on-prem, we lost the ability to send encrypted emails when using E1/E2 with pro-plus add-on for all users. You have to add Azure Rights Management to send encrypted emails through Office 365. While this is an additions $2/user/mo add-on, the additional items you get with E3 allowed us to easily justify the extra $1/user/mo when comparing E1/E2 with pro-plus and Azure Rights Management add-ons.
We have maintained our partnership with Nick with MBS for their email filtering solution for incoming email. We had an on-prem Barracuda prior to moving to Nick’s solution and I like the extra layer of filtering for only $600/yr.
I need to learn how to do encrypted email. As soon as I figure out how to word my post, Brad, I hope you’ll respond to it. (I’ll open a new conversation.) My users are all E3 but I can’t for the life of me figure it out and Microsoft support haven’t been of much help.