I found out this week that I was awarded the Microsoft Most Valuable Professional (MVP) designation for 2014. This is the 7th year that I have been designated as a Microsoft MVP in the Directory Services expertise.
Azure Active Directory Premium is now Generally Available. Azure Active Directory Premium is a service targeted at large enterprises and is available through volume licensing and/or an enterprise agreement. It is also available as part of Microsoft’s new Enterprise Mobility Suite (EMS) which includes Intune and Azure RMS as well.
Azure Active Directory Premium provides the following:
- Application access management for users and groups
- Self-Service password reset
- Self-Service group management
- Multi-Factor authentication
- Customized company branding
- Rich security monitoring, analytics, alerts and reporting
Microsoft has made OneDrive for Business available as a standalone service. From Microsoft:
The new OneDrive for Business standalone plan is available via two promotional deals over the next six months, starting today, April 1st, through September 2014. *
Here are the pricing details for the standalone plan:
- Introductory promotional pricing: $2.50 per user per month (a 50% discount on standard pricing, $5 per user per month).*
- For customers with Office with Software Assurance (SA) or Office 365 ProPlus: $1.50 per user per month.
OneDrive for Business comes with most Office 365 and SharePoint Online plans at no additional cost. Customers who are already using Office 365 and OneDrive for Business today do not need to do anything – just keep loving it.
The data centers that house Microsoft’s cloud infrastructure has been a conversation point with several clients lately. I’ve heard for years that these data centers are massive and sophisticated, but I had never seen any real facts.
I stumbled across the Microsoft Datacenters site, which surpringly has a quite a bit of information on Microsoft’s cloud infrastructure.
The Microsoft Cloud Infrastrucute Datacenters and Network Fact Sheet, which was published this month, has some good information to understand the scale:
- 1989: The year Microsoft opened its first datacenter on its Redmond, Wash., campus.
- 1 billion customers, 20 million businesses: The number of customers and businesses in more than 89 countries that use the Microsoft cloud.
- 90: The number of marketplaces that our cloud services are available in today.
- 200-plus: The number of online services delivered by Microsoft’s datacenters 24x7x365. (including Bing, MSN, Outlook.com, Office 365, OneDrive, Sky Xbox Live and the Windows Azure platform)
- $15 billion-plus: Microsoft’s investment in building our huge cloud infrastructure.
- 1 million-plus: The number of servers hosted in our datacenters.
- 2.5 billion-plus: Our infrastructure storage capacity in megabytes.
The How Microsoft Designs it’s Cloud-Scale Servers speaks to the design differences between cloud infrastructure server hardware and traditional IT servers. This paper goes on to describe Microsoft’s cloud server architecture (the “containers” or modular high-density chassis you may have heard of). There are some interesting performance results shared in this paper:
The servers built against this design are currently in production in Microsoft datacenters and are yielding significant advantages over the traditional enterprise servers they replace:
- Up to 40% cost savings and 15% power efficiency benefits vs. traditional enterprise servers
- Up to 50% improvement in deployment and service times
- Up to 75% improvement in operational agility vs. traditional enterprise servers
- Expected to save 10,000 tons of metal and 1,100 miles of cable per one million servers
If you want a view of how Microsoft ensures reliability and availability, and maintains processes for incident management, service support, security and compliance, and change management, check out the Cloud Operations Excellemce & Reliability paper.
The Securing the Microsoft Cloud paper covers how Microsoft addresses the challenges of providing a trustworthy infrastructure for cloud services, reviews their risk-based information security and related privacy controls, and describes the compliance framework followed.
Wanted to share this blog post from OneLogin that gives their list of top Active Directory experts (including me) and our top tips and “what you should never do” when working with Active Directory.
Microsoft commissioned a Forrester Consulting Lync 2013 Total Economic Impact (TEI) study, which was published last month. No surprises here, there are benefits to deploying Lync 2013 including the potential for significant cost reductions. However, the extent to which these benefits can be realized depend heavily on the existing solution in place and the organization’s business and technical requirements.
The Lync 2013 TEI can be downloaded here.
Additionally, the Lync Team Blog has a good post that goes into some more detail on the business value of Lync, which can be found here.
Microsoft has released Windows Server 2012 R2 Private Cloud Virtualization and Storage diagrams, which provide a visual reference for understanding key private cloud storage and virtualization technologies in Windows Server 2012 R2. The list of available diagrams include:
- Windows Server 2012 R2 Private Cloud Virtualization and Storage Poster
- Hyper-V and Failover Clustering Mini Poster
- Scale-Out and SMB Mini Poster
- Storage Spaces and Deduplication Mini Poster
- Understanding Storage Architecture Mini Poster
- Virtual Hard Disk and Cluster Shared Volumes Mini Poster
- Virtual Hard Disk Sharing Mini Poster
The diagrams can be downloaded here.
The Lync Server TechNet Library has been updated with technical diagrams available for Lync Server 2013. These include:
Lync Server 2013 On-Premises Architectures
Poster provides architectural guidance for planning and deployment. The poster contains information about common components of Lync Server, terminology used when planning a deployment, new features, server roles, and an installation overview. In addition the poster contains example architectures for increasing high availability and disaster recovery as well as small, medium, and large sample topologies.
Lync Call Quality Methodology
Poster describing Lync system troubleshooting, especially for issues affecting enterprise voice quality.
Key Health Indicators
Poster describing server troubleshooting metrics both for basic server health and for a given server’s role in the Lync implementation.
Lync 2013 Platform Options
This poster describes the available platform options for Lync 2013 to BDMs and architects Customers can choose from Lync Online with Office 365, Hybrid Lync, Lync Server on-premises and Hosted Lync. The poster includes details of each architectural option, including the most ideal scenarios for each, the license requirements and IT Pro responsibilities.
Microsoft Lync Server 2013 Protocol Workloads
Download this poster to understand the capabilities and requirements of Lync 2013, Lync Phone, Lync Web App, Lync for Mac, and Lync Mobile w. See how Lync Server workloads facilitate communication across an organization.
The technical posters can be downloaded here.
The hierarchical address book (HAB) is a feature that enables end users to browse for recipients in their Exchange organization using an organizational hierarchy. Until now, HAB was only available in Microsoft Exchange Server 2013 and not Office 365. HAB can be customized to map to an organization’s specific business structure. Effectively, you can use HAB to provide users with the ability to find internal recipients more efficiently.
More information on HAB, including how to configure it, can be found here.
Microsoft has released two white papers for Lync Serverr 2013. The first focuses on virtualization and the second on stress testing:
This paper provides guidance for deploying Lync Server 2013 on virtual servers. It includes recommendations for the configuration of host servers and guest servers, key health indicators to watch during testing and deployment, and observations from Microsoft performance testing of Lync Server 2013 in a virtual environment.
To validate the capacity planning requirements of a Lync Server 2013 deployment, we recommend that you perform a stress testing exercise using The Lync Server 2013 Stress and Performance Tool (LSS). This document will take you through the steps required to plan and conduct a Lync Server stress testing exercise.
As I posted earlier today, Microsoft enabled multi-factor authentication (MFA) for end users in Office 365. In addition, Microsoft enabled MFA for Azure Administrators. To further complicate things, there’s Windows Azure Multi-Factor Authentication, which provides advanced MFA features for Office 365 and Azure subscriptions.
Both MFA for Office 365 and MFA for Azure Admininstrators are included at no additional charge in Office 365 and Azure subscriptions. However, they offer a subset of features found in Windows Azure Multi-Factor Authentication.
The following chart, from the Active Directory Team Blog, provides a feature comparison for easy reference.
More details on Windows Azure Multi-Factor Authentication can be found here.
The post from the Active Directory Team blog that gets into more detail on MFA for Office 365 and MFA Azure can be found here.
Multi-factor authentication for end users was added to Office 365. The update applies to Office 365 for Midsize Business, Enterprise plans, Academic plans, Nonprofit plans, and standalone Office 365 plans (Exchange Online and SharePoint Online).
Multi-factor authentication in Office 365 has been around since June 2013, but it was limited to Office 365 administrative roles until now. Microsoft has also expanded upon the initial multi-factor authentication capabilities, specifically:
- Added App Passwords for users so they can authenticate from Office desktop applications as these are not yet updated to enable multi-factor authentication
- Enabling users who are authenticated from a federated on-premises directory to be enabled for multi-factor authentication
This is a step in the right direction, however the supported methods are solely phone-based, including:
- Call my mobile phone. The user receives a phone call that asks them to press the pound key. Once the pound key is pressed, the user is logged in.
- Text code to my mobile phone. The user receives a text message containing a six-digit code that they must enter into the portal.
- Call my office phone. This is the same as Call my mobile phone, but it enables the user to select a different phone if they do not have their mobile phone with them.
- Notify me through app. The user configured a smartphone app and they receive a notification in the app that they must confirm the login. Smartphone apps are available for Windows Phone, iPhone, and Android devices.
- Show one-time code in app. The same smartphone app is used. Instead of receiving a notification, the user starts the app and enters the six-digit code from the app into the portal.
In the blog post, Microsoft also speaks to their roadmap for multi-factor authentication in Office desktop applications:
Soon Office 365 customers will be able to use multi-factor authentication directly from Office 2013 client applications. We’re planning to add native multi-factor authentication for applications such as Outlook, Lync, Word, Excel, PowerPoint, PowerShell, and OneDrive for Business, with a release date planned for later in 2014.
Here’s a useful chart if you want to compare the differences among the various Windows Server 2012 R2 products and editions, including information about locks and limits and supported server roles and features.
Download it here.
Microsoft has released Exchange ActiveSync Guided Walkthrough (GWT), which can be used to troubleshoot some common issues including:
- Creating a profile on the device
- Connectivity issues
- Mail issues
- Calendaring issues
- Delays or server performance issues
The Exchange ActiveSync Guided Walkthrough (GWT) can be accessed here.
Microsoft has a blog that contains the top content solutions they’re providing to customers to get important issues resolved. The blog is maintained by Microsoft Support for IT Pro and Developer products. Solutions include KB articles, FixIT and hotfix articles, Technet and MSDN articles and blogs, Microsoft forums, and the Technet Wiki.
The blog covers Lync, Exchange, UAG, FIM, Windows 8, Windows Server, System Center, and SharePoint. It’s definitely a great starting point when looking for solutions to common issues.
The blog can be accessed at http://blogs.technet.com/b/topsupportsolutions/default.aspx
Microsoft is rolling out a new Office 365 Partner admin center to Partners over few weeks, which provides new and enhanced tools to manage their Office 365 customers. Until now, Partners could perform delegated administration tasks on behalf of customers and create trial invitations, purchase offers, and offers for delegated administration. The tools in the new Partner admin center, expands the previous capabilities; Partners are now also able to:
- View the customers for which you have delegated admin privileges—all in one place.
– Easily find, select, and perform administrative tasks on behalf of your customers.
– View your customers’ Office 365 service health status and details.
– Create, edit, and view service requests on behalf of your customers.
The Partner admin center is available only to Office 365 Partners who are part of the Microsoft Cloud Partner program.
The new version of the Microsoft Lync Connectivity Analyzer adds the following features:
- Support for testing Office 365 accounts
- Support for testing Lync Mobile 2013 app deployment requirements
- Improved accessibility support for keyboard navigation, screen readers, and high contrast
- Support for Windows 8.1
- Bug fixes
Lync Connectivity Analyzer helps Lync administrators determine whether the deployment and configuration of their Office 365 or on-premises Lync Server environment meets the requirements to support connections from Lync Windows Store app and Lync apps on mobile devices.
More details on the functionality of the Lync Connectivity Analyzer, and the new features in the updated version, can be found here.
Some great stats on the growth Microsoft is realizing through Cloud have been published. The article was written by John Waldo, Senior Director, Cloud Partner Strategy.
Office 365 is the fastest growing business in Microsoft’s history, one out of four enterprise clients owns Office 365 and in the past 12 months we’ve seen an 150 percent increase in SMBs adopting Office 365. Windows Azure has more than 250,000 customers and we are adding 1,000 per day. Azure is exploding! We reached more than 100 million licenses of Windows 8 and we’ve certified 3,400 devices.
The article can be found here.
This guide is aimed at both new and experienced App-V users, allowing you to gain a better understanding of how the App-V 5.0 SP2 Client processes packages and presents them to users. It provides details around typical client operations with important locations for data storage, how the publishing refresh process works, and the available integration points with the local operating system. Read More
A free e-book dedicated to Lync administrators. 70 pages divided in 5 chapters dedicated to a quick introduction to Lync and to the basic administrative tools of a Lync administrator.
Download it here.
Windows Azure Hyper-V Recovery Manager helps protect your on premises applications by automating the replication of virtual machines to a secondary location – and as of today, it’s now generally available.
It provides three key capabilities Read More
Many organizations are consolidating and restructuring their Active Directory environments. In my experience, the complexities with such migrations is identifying unknown dependencies on the domain and domain controllers, such as applications that have domain controllers hard-coded into the code. I came across a post of on the Ask Premier Field Engineering blog that provides some great guidance on monitoring LDAP, Kerberos and NTLM Traffic To Your Domain Controllers. The post can be found here.