Cloud fundamentals/Enabling Microsoft cloud services
Requirements and dependencies for using Microsoft Office 365 and Microsoft Intune[edit | edit source]
Plan networking and domains[edit | edit source]
Careful network planning is important when considering a cloud service. It may be tempting to try and use names for the cloud such as 'MyCompanyTestsite', but this will become a problem later as re-naming is very difficult. The choice of IP addresses also needs careful consideration, and data that would have got to a 'local' server may now need to be routed to a server in the cloud. Microsoft recommend that you enable routing to the Office 365 root domain names such as *.MicrosoftOnline.com and *.SharePoint.com rather than specifying subnet addresses. This is because user may loose their connection when changes (such as of IP addresses) are implemented in data centers. A summary of the ports required is given in the table below.
| Protocol /port | Applications |
| TCP 443 | Active Directory Federation Service
Office 365 portal Outlook Web App, Outlook 2010 and Office Outlook 2007 SharePoint Online |
| TCP 25 | Mail routing |
| TCP 587 | Simple Mail Transfer Protocol (SMTP) relay |
| TCP 143/993 | Simple IMAP4 migration tool |
| TCP 995 | POP3 email access |
| TCP 80 and 443 | Azure Active Directory Sync tool
Various Migration Tools Office 365 ProPlus |
(Souce: https://technet.microsoft.com/library/hh852522.aspx)
Lync uses two additional ports; UDP3478 and 5223, see the above webpage for further details.
Firewall rule[edit | edit source]
Every network firewall that is intend to provide access to Office 365 will need a rule adding in order for the Online Services Sign-in Assistant to operate correctly. This involves the file msoidsvc.exe. Access to Root Certificate Authorities is also required to allow your on premises equipment to connect securely to Office 365. As security is often important to an organisation, it is recommended by Microsoft that you involve your security hardware and software suppliers in your migration planning process
Client requirements[edit | edit source]
Although not specified as an objective, it is useful to be aware of the hardware requirements for Microsoft Office 365. It is unlikely that modern hardware would not meet these minimum requirements, but there may be instances where falling sort in one area may cause problems even though the machine may function perfectly with other software. The list below covers the main requirements, you should refer to the Office 365 requirements page on the Microsoft website for the full details.
| Component | requirement |
|---|---|
| Processor | PC: 1 GHz or faster, 32 or 64 bit
Mac: Intel processor |
| Memory | PC: 1 GB (32-bit); 2 GB (64-bit)
Mac: 10 GB |
| Hard disc space free | PC: 3 GB
Mac: 2.5 GB HFS + hard disc format |
| Display | PC: 1366 x 768
Mac: 1280 x 800 |
| Graphics | Hardware acceleration requires a
DirectX 10 graphics card |
| Operating System | PC: Windows 7 or later
Mac: Mac OS X 10.6 or later |
Microsoft are aware that software like browsers change regularly and as a result they state that you need the latest or last prior version to work with Office 365. However earlier browsers are supported, and may work perfectly well in some circumstances. It would be good practice however to use the latest browser version. The browsers supported include Internet Explorer (v10 or v11), Firefox, Chrome and Safari. although others such as Opera are not specifically listed, they will probably work equally as well. For more details see this Technet page.
Office 365 does not have a specific operating systems requirement, it only has to be supported by the manufacturer. No operating systems are named, but it is noted that Windows XP is no longer supported, however Office 365 will function but over time the 'user experience' will degrade. (What I think Microsoft are saying is -if you are using XP, it is about time you upgraded...)
Bandwidth implications[edit | edit source]
As with any cloud service the bandwidth your organisation will require will be more that if you are using on premises servers. Microsoft do not quote a specific figure per users, as that would be subject to a large number of variables such as what applications are used and when. It may be useful to play with the Exchange calculator spreadsheet, applying what you think the usage is for your own organisation. When considering moving to the cloud, an organisation will need to take in to account not only the cost of a service such as Azure, but also the additional bandwidth costs.
Domain Name Services
As indicated elsewhere, the Internet DNS needs to have a record of your cloud in order that users can find it by name. This process can take up to 24 hours to complete the propagation of the DNS information across the Internet. The DNS records can either be managed by your organisation via your ISP, or can be managed through Office 365. Further details are given on this Technet page.
Selecting a Microsoft cloud service plan[edit | edit source]
Microsoft offer a number of options and plans for the Office 365 and Intune products. The table below is a summary of what was on offer when this exam was launched, Microsoft may change these at any time, but any exam questions are likely to be based on this information. Each is available as a monthly or annual subscription.
Office 365[edit | edit source]
Microsoft Office 365 is a suite of software that is designed to primarily run in the cloud rather than on the client machine. There are a number of different plans available and all options include 1 TB of online storage per user.
Home[edit | edit source]
Two options are available for home users, Office for households and Office for you. Both versions include full installations of Word, Excel, PowerPoint, Outlook, Publisher and Access, 1 TB of online storage, and Skype with 60 minutes of free calls per month. The difference is that the household version covers 5 computers, 5 tablets and 5 phones, while 'for you' licences just one of each.
Business and Enterprise options[edit | edit source]
| Features | Business Essentials | Business | Business Premium | Enterprise E1 | Enterprise Pro | Enterprise E3 |
|---|---|---|---|---|---|---|
| Max. users | 300 | 300 | 300 | Unlimited | Unlimited | Unlimited |
| Full install of Word, Excel, PowerPoint, Outlook, Publisher, & Onenote | No | Yes | Yes | No | Yes + Access | Yes + Access |
| Office for tablets / smartphones | No | Yes | Yes | No | Yes | Yes |
| Office Online | Yes | Yes | Yes | Yes | Yes | Yes |
| Email, online meetings, intranet, social network | Yes | No | Yes | Yes | No | Yes |
| Video portal, personalised search | No | No | No | Yes | No | Yes |
| Apps management, business inteligence | No | No | No | No | Yes | Yes |
| Compliance | No | No | No | No | No | Yes |
This table provides a summary of the main features, see the Office 365 for business webpage (source of this information) for further details. Similar information on Office 365 can be found on Wikipedia too.
Intune licencing options[edit | edit source]
Microsoft Intune is a system used to manage both desktops and mobile devices from the cloud. Perhaps the best way to find out about it is to use the demonstration 'walk-through' which is explained on this TechNet page. (Note this is not a straight forward process!) More information is also available here.
Intune is licenced per user and there are three options. The basic Intune licence covers access to Intune services, to this can be added licencing for System Center Configuration Manager and Endpoint Protection, or the third option adds licencing for the current Enterprise version of the Windows ('software assurance') instead of SCCM and Endpoint protection. For further details see the following link to Microsoft Intune Licensing
As with most Microsoft products licencing can become complex. There are also separate agreements for Governments, Education and Non-profit organisations.
Signing up for Microsoft cloud services[edit | edit source]
It is not totally clear what Microsoft mean by signing up for Microsoft Cloud Services, so the interpretation may not be correct! Some texts may also be picky about the name 'Microsoft Azure', it is technically both a cloud computing platform and an infrastructure (see Wikipedia article). So it can be used to provide both 'Infrastructure as a service' and 'Platform as a service'. At this level Microsoft probably do not expect you to differentiate between the 'Microsoft Azure Platform' and 'Microsoft Azure' the operating system it runs on. Confused yet? So here the term 'Azure' or 'Microsoft Azure' will be used primarily in the context of it being the cloud computing platform.
For an overview of how to manage Office 365 you may wish to look at the Microsoft Virtual Academy course 'Getting the most out of your Office 365 trial'. You may need to signup to the MVA to access this. This is a comprehensive overview and covers many other aspects of the MTA Cloud Fundamentals syllabus.
At the time of writing Microsoft is encouraging potential users to take a free trial of Azure which is the umbrella name for Microsoft cloud services. The trial gives you a certain amount of free credit to purchase resources, so there is no immediate cost. There is a short video that walks through the process here. The idea is that after your trial you will be sufficiently impressed that you will continue to subscribe, however you can exit the trial at any time.
It may be that you would like to trial Azure for yourself, in which case the best way to find out about the process would be to sign up, but remember you will need your credit card and a few ideas of what you would like to achieve during your trial period.
In a corporate situation a move to a cloud service will have been considered at a high level for a period of time and a service will have been carefully selected. It is likely that in this case much of the 'sign up' process will be handled by a Microsoft reseller and the technical bits will have been discussed between the company technical team and the resellers team.
The term tenant is used in a similar way to describing a person who lives in rented accommodation, an Azure tenant is the organisation (or individual) who is renting Azure facilities. Consequently the tenant name will normally be the domain name for the organisation (such as contoso.com but without the .com) which is then appended to the various parts of Azure such as contoso.microsoftonline.com for Office 365 and contoso.sharepoint.com for SharePoint online. You are asked for the tenant name when signing up.
During the signup process you will need to identify your tenant name and an administrator account. This account should be a generic account that has an email address outside of 365. If the administrator (or super user) account is hacked and you need to reset the password, the account it sends the password confirmation to needs to be accessible, and if it is in 365 under the control of your hacker, you ain't going to get at it! Don't use a specific person either, if they leave your company you are stuck with their name and contact details (e.g. email address) and you can't change them.
You also need to specify the region you are operating in, this will create your system at the nearest Office 365 datacentre. This should reduce demands on bandwidth and give the fastest service. If you are a world wide organisation, you may need to consider a range of factors, such as where are most of your users based, when selecting your location.
The next step will ask you to 'prove you are not a robot' which is now a common requirement. This is to stop someone from trying to create loads of fake requests for trials in an attempt to overload the service. After this you will be able to sign in with the administrator account you have just created. You will then see a screen of application tiles, however some tiles may be blank as it may take a few minutes for all the services to be created.
Setting up the initial configuration of Microsoft cloud services[edit | edit source]
Once you have logged in with the first administrator account, you will want to spend some time configuring you services. The first change you will probably want to do is to simplify access by proving you own your domain name so you can use that in email addresses (for example). So rather than having john.doe@yourname.microsoftonline.com you can use john.doe@yourname.com. This and many other tasks is done from the Office 365 Admin Center. Choose the Setup option from the left-hand menu and this will present you with a choice of the quick or the extended wizard.
There are many other options on the left of the screen including 'Domains'. This enable you to add further domain names if you need to. The first step is to enter the domain name you wish to use, this is straight forward if you have just purchased the name through Office 365, otherwise you need to select the DNS hosting provider or follow the general instructions option provided. You or your DNS hosting provider will need to create TXT or MX records that Office 365 can then check to verify your ownership. Office 365 creates the record contents for you, so it is only known by Microsoft and you. It normally takes up to 15 minutes for the record to be available (in other words to spread around the Internet) so you have time to have a coffee before hitting the 'Done, verify now' button on the setup page. The last step in this section is to identify the purpose of the domain, this may be for email, SharePoint, or Lync, but it is likely that it will be used for a combination of these.
The next step after confirming ownership is to create users and assign licences. This is discussed in the Administer Office 365 section.