+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 28
Cloud Services Thread, Implementing Office365 in Technical; Hi all Over the summer I have to implement Office 365 to replace our VLE & exchange email system that ...
  1. #1
    rickypike's Avatar
    Join Date
    Sep 2009
    Posts
    86
    Thank Post
    13
    Thanked 16 Times in 16 Posts
    Rep Power
    12

    Implementing Office365

    Hi all

    Over the summer I have to implement Office 365 to replace our VLE & exchange email system that is being scrapped by the LEA. I was just wondering if anyone has already taken the plunge doing this at their school and if there are any pitfulls I need to be aware of. I have spoken to lots of companies about integrating this at our school and all want massive amounts of money which baffles me when it is free (A2 plan for education) see link: Compare Office 365 Education plans - Office.com

    I can understand costs for supporting the product and for training of staff etc but I have been quoted in excess of 9500 to implement. We are a secondary school of around 530 pupils / 70 staff. Is this something I can undertake on my own without too much fuss??
    Any ideas/feedback would be gratefully received.

    Thanks

  2. Thanks to rickypike from:

    speckytecky (4th June 2013)

  3. #2

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    9,262
    Thank Post
    242
    Thanked 1,568 Times in 1,250 Posts
    Rep Power
    340
    Office 365 for Exchange is absolutely fine and your users will need little training on this. I ended up creating a few basic PDFs and users are using e-mail to a good level and Calendar sharing is extremely popular.

    Unfortunately however (in my opinion) SharePoint/SkyDrive in Office 365 is just pants frankly. I've had numerous competent teachers look at it and it's overly complicated and little can be done to simplify the interface or options available. There are little resources online with regards to SharePoint online. Hopefully this'll change in future

  4. Thanks to Michael from:

    speckytecky (4th June 2013)

  5. #3
    themightymrp's Avatar
    Join Date
    Dec 2009
    Location
    Leeds, West Yorkshire
    Posts
    1,201
    Thank Post
    211
    Thanked 222 Times in 191 Posts
    Rep Power
    72
    I have already taken the plunge and implemented the Office 365 with A2 plan. Everything is set and in place and I plan on having a staged rollout over the next half term to iron out any bugs.

    I personally didn't use any third party companies so it was all free Any help I needed I managed to get on eduGeek.

    Your requirements depend on if you want to implement single sign-on. If you do then you are going to need at least one dedicated server (recommended 2 but not required in the first instance) that will run IIS and ADFS to link your local AD accounts with the online Azure directory system. This also requires obtaining an SSL certificate for the server and having an external URL which can resolve to your internal host (such as adfs.school.sch.uk)

    Also, get comfortable with some Powershell if you aren't already. Some features can ONLY be set and adjusted via the shell, especially when working with users in bulk.

    I have documented most of my setup so let me know if you want some more info.

  6. Thanks to themightymrp from:

    speckytecky (4th June 2013)

  7. #4
    jamesbmarshall's Avatar
    Join Date
    Feb 2010
    Location
    Reading, UK
    Posts
    516
    Thank Post
    26
    Thanked 228 Times in 158 Posts
    Rep Power
    85
    Quote Originally Posted by rickypike View Post
    Is this something I can undertake on my own without too much fuss??
    I've said it before, and I'll say it again: the secret to a successful deployment is to keep it as simple as you can, as long as you can.

    It's very quick to get signed up, and you can be piloting with a few users in just a few hours. The advanced options like directory synchronisation and federated authentication can be added later if needed but trying to implement them up front can introduce unnecessary delays and complexity if all you want to do is get your hands on the service!

    Microsoft partners provide great solutions to help you get on-board but it really depends on your requirements. For example, if you just want a basic email solution you can probably do this yourself in no time. If, on the other hand, you want a fully customised SharePoint Online solution then it might be worth engaging a partner to help.

    Keep it simple, stupid!

  8. 2 Thanks to jamesbmarshall:

    speckytecky (4th June 2013), zag (4th June 2013)

  9. #5
    rickypike's Avatar
    Join Date
    Sep 2009
    Posts
    86
    Thank Post
    13
    Thanked 16 Times in 16 Posts
    Rep Power
    12
    Hi Mightymrp, thanks for the info, it would be really helpful to have an idea of how you set it all up and any info you could provide me would be gratefully appreciated. I already have a virtual server environment so adding 1/2 extra servers shouldn't be a problem as I would ideally like single sign on. I have spoken to lots of 3rd party companies but just not prepared / and do not have the funding to spend in excess of 9K.

    Powershell is something I may need to swat up on! I'm going to get the trial setup this week and then go for A2 education plan. Is it possible to get this all setup and working within about 8 weeks?
    Cheers

  10. #6
    themightymrp's Avatar
    Join Date
    Dec 2009
    Location
    Leeds, West Yorkshire
    Posts
    1,201
    Thank Post
    211
    Thanked 222 Times in 191 Posts
    Rep Power
    72
    Quote Originally Posted by rickypike View Post
    Is it possible to get this all setup and working within about 8 weeks?
    No problems! 8 weeks is plenty of time to get SSO setup. I have got most of my methods written down (but in my own short-hand) so I will tidy things up a bit and post what I have on here. I'm sure there are cleaner methods than what I used but it works and that's all that counts

    To do a bit of ground work though, I would get a request sent for an SSL certificate now (unless you have one already?).

    First off, you are going to need to decide on a URL which will be used for the ADFS pass-through. I went with https://adfs.schoolname.lea.sch.uk
    You will need this to point to an IIS (or apache) web server on site which is accessible from the web. Depending on if you have full control over your internet connection or go via your LEA you may need to get ports opened up through the firewall.

    To get a FREE SSL certificate, I used IPsca (SSL Certificate Authority low-cost, fully-validated 38$ SSL and 276$ Wildcard Certificates). They do a 2 year cert for Education for free When requesting your cert, I recommend asking for a Wildcard certificate (with a URL of *.school.lea.sch.uk), this way you can use the same certificate on any other webservers you have (I have used it on our VLE - Frog). All you need to be aware of is that you will need an email address creating first which matches either webmaster@emaildomain.sch.uk or admin@emaildomain.sch.uk Otherwise you won't be able to do the 'verify you are a school' gibberish when they email you.

    To clarify the above a little:

    1) Sign up to O365
    2) Decide on your email format i.e. what the domain will look like @blahdeblah.uk
    3) Create a webmaster account that you can access
    4) Request an SSL wildcard certificate for *.blahdeblah.uk
    5) Go through the verifying process until you receive the cert via email (takes 2 days max)

    I will create some literature with more info for you

    Cheers

  11. 3 Thanks to themightymrp:

    rickypike (18th June 2013), speckytecky (4th June 2013), sted (20th June 2013)

  12. #7

    EduTech's Avatar
    Join Date
    Aug 2007
    Location
    Reading
    Posts
    5,047
    Thank Post
    160
    Thanked 913 Times in 716 Posts
    Blog Entries
    3
    Rep Power
    271
    I already have most of the documentation that you require in order to get ADFS Setup:

    Setup AD Federation Services with Office 365 | James Evans – EduTech's Blog

    You will also need to configure Directory Sync:

    - Enable Directory Sync within Office 365 (Login to Portal, Users & Groups, Activate Directory Sync)
    - Download Software from Portal, Install Dirsync Software on to a Server
    - Run Configuration Wizard (Office 365 Account & OnPremise AD Account Required)
    - Run Sync

    ---- Wait for Sync to Occur, and it will happen every 3 hours (you can force it though) -----

    Note: Dirsync can take up to 24 hours to activate, you won't be able to configure dirsync until this feature is activated.
    Hope that helps,
    Regards,
    James.

  13. 2 Thanks to EduTech:

    speckytecky (4th June 2013), themightymrp (3rd June 2013)

  14. #8
    themightymrp's Avatar
    Join Date
    Dec 2009
    Location
    Leeds, West Yorkshire
    Posts
    1,201
    Thank Post
    211
    Thanked 222 Times in 191 Posts
    Rep Power
    72
    That saves me a job lol Just looked at it and it's pretty much what I did

  15. #9
    the_dude's Avatar
    Join Date
    Nov 2012
    Location
    SoCal
    Posts
    84
    Thank Post
    0
    Thanked 16 Times in 11 Posts
    Rep Power
    6
    Depending on the complexity of your on premise exchange environment, going with an implementer can make a lot of sense. Especially if you are going the ADFS route. There are plenty of gotchas along the way. I would choose whatever route you think will be the easiest to maintain in the long run. Make the decision now on whether to federate and then you won't have to clean it up later. We were assisted by an implementer, however our environment was quite a bit larger than yours (20K students, 2500 staff). Your quoted price seems a little high, but fairly in line with what I would expect.

  16. #10

    Edu-IT's Avatar
    Join Date
    Nov 2007
    Posts
    7,121
    Thank Post
    403
    Thanked 619 Times in 566 Posts
    Rep Power
    180
    Does this new DirSync with Password Sync negate the need for ADFS? Will users just be able to go to Outlook and sign in?

  17. #11
    the_dude's Avatar
    Join Date
    Nov 2012
    Location
    SoCal
    Posts
    84
    Thank Post
    0
    Thanked 16 Times in 11 Posts
    Rep Power
    6
    it seems like ADFS is still necessary for SSO because there is no token sharing according to what I've read? However, would this eliminate my adfs servers from being the single point of failure (if adfs servers go down, users can still login)?

  18. #12

    EduTech's Avatar
    Join Date
    Aug 2007
    Location
    Reading
    Posts
    5,047
    Thank Post
    160
    Thanked 913 Times in 716 Posts
    Blog Entries
    3
    Rep Power
    271
    Hi,

    If you want users to not be presented with any login box etc. and have a seamless experience then this will require the AD FS Service due to the token pass-through etc.

    Dirsync/PassSync - This will effectively sync the users UPN/Password to Office 365 allowing them to manage 1 set of credentials but it won't be a seamless login experience the users may be asked for username/password and likewise will have to use FULL UPN and not the Domain\Username method.

    Regards,
    James.

  19. #13

    Edu-IT's Avatar
    Join Date
    Nov 2007
    Posts
    7,121
    Thank Post
    403
    Thanked 619 Times in 566 Posts
    Rep Power
    180
    Quote Originally Posted by EduTech View Post
    Hi,

    If you want users to not be presented with any login box etc. and have a seamless experience then this will require the AD FS Service due to the token pass-through etc.

    Dirsync/PassSync - This will effectively sync the users UPN/Password to Office 365 allowing them to manage 1 set of credentials but it won't be a seamless login experience the users may be asked for username/password and likewise will have to use FULL UPN and not the Domain\Username method.

    Regards,
    James.
    So, they can login to the Microsoft login box using their details? *confused*

  20. #14

    EduTech's Avatar
    Join Date
    Aug 2007
    Location
    Reading
    Posts
    5,047
    Thank Post
    160
    Thanked 913 Times in 716 Posts
    Blog Entries
    3
    Rep Power
    271
    Yes, You will be promoted with a Login Prompt (usual Microsoft one) and the credentials they use for AD will be accepted as they will be in Sync. (obviously depending on how often it sync's will tell you how up to date it will be ;-))

    Regards,
    James.

  21. #15
    Boredguy's Avatar
    Join Date
    Jun 2011
    Location
    Swindon
    Posts
    569
    Thank Post
    3
    Thanked 128 Times in 119 Posts
    Rep Power
    50
    Quote Originally Posted by EduTech View Post
    Yes, You will be promoted with a Login Prompt (usual Microsoft one) and the credentials they use for AD will be accepted as they will be in Sync. (obviously depending on how often it sync's will tell you how up to date it will be ;-))

    Regards,
    James.
    So basically they browse to the normal portal page (eg mail.office365.com), enter their e-mail address and their AD password?

    If so that sounds nice and dandy and means we don't have to shell out for a 3rd party application to hold the AD passwords in case our network connection drops and users at home want to access their mail still

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Implementing a thin client suite
    By u8dmtm in forum Thin Client and Virtual Machines
    Replies: 2
    Last Post: 17th May 2007, 03:40 PM
  2. problem implementing desktop shortcuts
    By Uraken in forum Windows
    Replies: 16
    Last Post: 1st March 2007, 12:36 PM
  3. Implementing IPv6
    By Geoff in forum Wireless Networks
    Replies: 4
    Last Post: 5th September 2006, 02:13 PM
  4. Obstacles In ICT Implementations?
    By dagza in forum General Chat
    Replies: 14
    Last Post: 18th July 2006, 10:03 AM
  5. Implementing best practice ICT management and support
    By FITS in forum Courses and Training
    Replies: 16
    Last Post: 8th September 2005, 02:24 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •