What is Customer Lock box in Office 365?

1.png“Customer Lock box” –This terminology was something new to me until I heard it at Microsoft Tech Summit this year .There was one of these sessions which I was attending on Office 365 and the speaker was talking about this feature .Sadly only few folks in the room were aware of it and I was one among those folks who haven’t heard that terminology before.

Anyways, now that I’m aware of it I decided to write an article on it so that my readers get to understand about this cool feature in Office 365 and they can start using it in their Office 365 tenants.

So what is Customer Lockbox? To put it in simple words, it’s a feature that’s available in Office 365 to ensure that there’s zero interaction by Microsoft on your contents that’s saved in Office 365(i.e. SharePoint Online, Exchange Online, Skype for Business Online etc…)

Roughly around couple of years back Microsoft has come up with this feature to maximize the data security and privacy for Office 365 customers by ensuring that there’s zero interaction with the customer’s content by Microsoft engineers.

Almost all the service operations performed by Microsoft are either fully automated so there is no human interaction, or the human involvement is abstracted away from the customer’s content that’s stored in Office 365.

Only during some circumstances where something is broken in your tenant and you raised a support case for that , Microsoft engineers will access your content to fix it .So with this feature  Microsoft enforces access control through multiple levels of approval, providing just-in-time access with limited and time-bound authorization. In addition to that all access control activities performed by the Microsoft engineer does gets logged and audited.

The below mentioned image depicts the complete approval process:

2.png

So with this feature Microsoft has given their assurance to its customers that their content will not be accessed by Microsoft employees without their explicit approval. It brings customers into the access approval process, requiring the customer to provide explicit approval of access to their content by a Microsoft employee for service operations.

Now that we have understood about this feature lets take a look on how this complete process works ….

3.png

Let’s consider a scenario where-in something is broken in SharePoint Online or Exchange Online and you raised a support case for that. The engineer upon reviewing your request feels that he/she might need access to your Exchange/SharePoint Online content to fix it .So this is how the process flows when you have Customer Lock box turned on in your tenant.

  1. Administrators in the customer’s Office 365 environment are notified via email that there is a request for access as shown in the image below.

4.png

2. In addition to this the Office 365 Admin Center portal will also display requests that have been submitted to the customer for approval as shown in the image below.

5.png

3. You as an Office 365 administrator can approve or reject Customer Lock box requests. Check the image below where you get the option to approve or reject a request.

6.png

4. Microsoft can only proceed following approval of a Customer Lock box request. See the image below where the customer has approved a request by the engineer.

7.png

5. If a customer rejects a Customer Lock box request, no access to customer content will occur.

Note: Customer Lock box requests have a default lifetime of 12 hours; after which they expire. Expired requests do not result in access to customer content.

Enabling Customer Lockbox in the Office 365 admin center:

  1. Sign in to Office 365 admin center
  2. Go to the Office 365 admin center.
  3. Navigate to Settings > Security & privacy and scroll to locate Customer Lock box

8.png

4. Click Edit and move the toggle on or off to turn lock box requests on or off.

9.pngApprove or deny a Customer Lock box request in the Office 365 admin center:

  1. Sign in to Office 365 admin center
  2. Go to the office 365 admin center
  3. Navigate to Settings > Support > Service requests.

10.png

4. Select a customer lock box request, and then select Approve or Reject.

5. This is how the view looks in the new Office 365 admin center .Check the image below.

11.png

12.png

How to avail Customer Lock box for Office 365?

Customer Lock box for Office 365 will be available as part of a new premium Office 365 Enterprise Suite called E5

Thanks for reading this post ….I hope you will enable this feature in your Office 365 admin center which gives an extra layer of security to your contents in Office 365.

Webinar on Getting started with Office 365 :

 

Office 365 pic 2.png

Hi All ,

On behalf of C Sharp corner Chennai chapter I’ll be delivering a session on “Getting started with Microsoft Office 365 “ . The details about the session as well as the registration link can be found below . Please make yourself available for the session and try to gain some insights on Office 365 .

Registration link :_ http://www.c-sharpcorner.com/events/getting-started-with-microsoft-office-365

Agenda:
  • Introduction to Office 365
  • Understanding the Office 365 features and services.
  • Touring the Office 365 Admin center
  • What’s new in Office 365?
  • Recap
  • Conclusion

Terminologies one must be aware of in Office 365:

Listed below are the few important topologies one must be aware of while working on Office 365.Office 365

  1. Active Directory Federated Services (AD FS):

On-premises security token service (STS) that provides simplified, secure identity federation and Web single sign-on (SSO) capabilities for users who want to access applications within an AD FS-secured enterprise, in federation partner organizations, or in the cloud. Federated identities with Modern Authentication-enabled clients interoperate with EvoSTS, which is the Azure AD STS.

AD FS indirectly supports CA scenarios, as it offers a set of controls known as client access filtering that allow the creation of perimeter network-based policies for IP range filtering, accessed workload, or client type (browser vs rich client).

  1. Multi-Factor Authentication (MFA):

Protects access to data and applications by requiring a second form of authentication. Strong authentication is available through a range of verification options.

  1. Azure Active Directory Premium:

All CA scenarios that leverage Azure AD require Azure AD Premium. Azure AD Premium adds feature-rich enterprise-level identity management capabilities and enables hybrid users to seamlessly access on-premises and cloud capabilities. It includes everything you need for information worker and identity administrators in hybrid environments across application access, self-service identity and access management, identity protection and security in the cloud.

  1. Azure Rights Management Services (RMS):

Uses encryption, identity, and authorization policies to protect files and email. Information protection that is applied by using Azure RMS stays with the files and emails independently of the location, allowing customers to remain in control of their data even when this data is in motion.

  1. Conditional Access (CA):

CA allows customers to selectively allow or disallow access to Office 365 based on attributes such as device enrollment, network location, group membership, etc.

  1. Device-based CA restricts access to devices that are managed by the organization and are in a healthy state. Device-based CA is a feature of Intune. Users must enroll their devices in Intune and validate that the device meets the organization’s access rules regarding device health and security.
  2. There are other CA scenarios that do not require device enrollment, such as restrict access only from specific locations. These scenarios do not require Intune and are provided through Azure AD Premium access control features.
  1. Data Loss Prevention (DLP):

Helps identify and monitor sensitive information, such as private identification numbers, credit card numbers, or standard forms used in your organization. DLP Policies enable you to notify users that they are sending sensitive information and to block the transmission of sensitive information.

  1. Microsoft Enterprise Mobility + Security (EMS):

Provides identity and access management, MDM, MAM and Azure RMS. Intune is a part of EMS.

  1. Microsoft Intune (Intune):

Intune is a cloud-based service that helps you manage Windows PCs, and iOS, Android, and Windows mobile devices. Intune also helps protect corporate applications and data. You can use Intune alone or you can integrate it with Microsoft System Center Configuration Manager 2012 R2 to extend your management capabilities.

  1. Mobile Application Management (MAM):

Controls how corporate-managed applications work and interact with other managed applications and unmanaged applications (e.g., provides the ability to restrict user actions such as copy, paste, download, etc.). Available through Intune.

  1. Mobile Device Management (MDM):

Provides the ability to configure mobile device policies, such as enforcing complex PINs or passwords, blocking devices that have been jail broken or rooted from syncing email, disabling Bluetooth, etc. Available through Office 365 MDM and Intune.

  1. Modern Authentication:

Provides OAuth-based authentication for Office clients against Office 365 using Active Directory Authentication Library (ADAL). Replaces the Microsoft Office Sign-In Assistant. Allows for CA policies, so administrators can define granular applications and device-based controls for corporate resources.

Thanks for reading this post ….Good luck with Office 365 !!!

 

 

Extending the Retention period of orphaned personal site collections up to a year:

One drive 1.png

Alright , I guess you might have figured out what this post is going to be about by seeing the title .So yes , I’m going to show you how to extend the retention period of the One Drive for business content up to a year even after the user has left the company .

So I guess all the Office 365 folks as well as SharePoint folks out there would be aware of the “My site cleanup policy” that runs in SharePoint once a user’s account has been deleted in AD. If you’re not aware of this yet, please check my article on that. Also to understand how this works on SharePoint Online, you can take a look at the link below. Microsoft has did an awesome job on writing a detailed article about this and hence I’m not going to spend my time writing a detailed article explaining the same stuff once again .

https://support.microsoft.com/en-in/help/3042522/onedrive-for-business-retention-and-deletion

So here in this article I’m going to introduce you to a PowerShell command that will extend the retention period of the contents in the personal site (i.e. One Drive for Business) up to a year so that you have a year’s time to copy the contents from a user’s One Drive for business folder even after he/she has left the company.

I guess scenario’s like this are quite possible when a user has been terminated and his account has been deleted or may be a user left the company and the default retention period was not sufficient for you to copy the important contents from his One Drive for business folder .

So here’s the PowerShell command for that ….

Set-SPOTenant -OrphanedPersonalSitesRetentionPeriod 365

You need to run this as a SharePoint Online command as shown in the image below.

one drive 2.png

Once done it will update the retention policy for all the orphaned One Drive for Business sites in your tenant. The other way to do this is by putting a hold on the user’s One Drive for Business as a part of an eDiscovery case and the site won’t get deleted until the hold is removed. But this command will make your life even easier by making the change for the entire tenant.

Happy SharePointing …..I hope this helps someone. Thanks to Chris Bortlik for showing this to us.

 

 

 

 

Sync button missing in SharePoint Online doc library -Project site template:

Alright, so this article is going to be a simple one where I’ll be sharing my recent experience with SharePoint Online where the ‘’Sync Button “which you see on the document library went missing all of a sudden. If you’re not sure about what I’m talking, this image below should help you understand.

Sync 1.pngSo couple of days back ,  a user  who’s always known for finding bugs in SharePoint called me and said , ‘”Hey the Sync button is missing in SharePoint Online doc library ….” . I felt like, that’s not possible and I wanted to double check that. So I went ahead and took a look at the document library on a SharePoint Online team site and found that nothing is wrong with the “Sync button” and it was showing up perfectly fine.

So I took a look at the URL which he was referring to and found that it was missing which was really bizarre to me. Upon digging further I found that the site which he was referring to was a “Project Site “and the one which I tried first was a “Team site”. Now things got really interesting and I did some testing to isolate this issue. I tried reproducing this issue in different site templates and found that this was something specific to “Project site “(top level sites as well as subsites that make use of Project site template) alone. As this is on SharePoint Online I raised a premier support case to know what Microsoft had to say about this. The support engineer checked with the product group team and informed that this is a bug which was caused post the “New Experience” rollout which was released by MS few months back and it seems that many customers have already reported this issue to them.

If you’re hearing this for the first time, please take a look at this link below to understand this feature named “New Experience”.

https://support.office.com/en-us/article/Switch-the-default-experience-for-lists-or-document-libraries-from-new-or-classic-66dac24b-4177-4775-bf50-3d267318caa9?ui=en-US&rs=en-US&ad=US

Finally, based on my testing what I identified is listed below:

  1. On SharePoint Online Team sites, I don’t see this issue. Please check the image below …

Sync 1.png

2. On SharePoint Online Project sites, I can see this issue .Please check the image below (the sync button is missing)….

Sync 2.png

Note: MS has checked and confirmed that this issue is a known bug and will take at-least 3 to 6 months to get this fixed. Also as per MS it seems that this issue persists on other site templates also apart from “Project sites “.However, I didn’t get a chance to try them yet. So just in case you get a call or may be an email from users about this issue, please be informed that this is a known bug at the moment and will be fixed in 3 to 6 months’ time.

Workaround:  The workaround for this is to…. Go to the library settings –> Go to advanced settings –>Change the option in the list experience from New to Classic experience as shown in the image below. By doing so you’re switching back to previous document library experience.

Sync 4.png

Once you do that, you will notice the “Sync button” on a SharePoint Online Project site document library as shown in the image below.

Sync 3.png

Thanks for reading this post…. I hope this would save your time in troubleshooting this issue.  Happy SharePointing!!!

 

Microsoft Teams in Office 365

1.png

I hope everyone would agree to the fact that Office 365 has been one among the best products Microsoft has delivered till date and it’s good to see Microsoft adding a lot of new features and functionalities to the Office 365 suite every now and then. Today many organizations have started choosing Office 365 over on-premises Microsoft products as they’re easy to use and manage and in addition to that you get to remain up to date with all the latest updates.

  1. SharePoint provides intranets and content management solutions to more than 200,000 organizations and 190 million people.
  2. Yammer is the social network for work, enabling cross-company discussions for 85 percent of the Fortune 500.
  3. Skype for Business provides real-time voice, video and conferencing and hosts more than 100 million meetings a month.
  4. Office 365 Groups is our cross-application membership service that makes it easy for people to move naturally from one collaboration tool to another.

Today in this article, we will be discussing about “Microsoft Teams “, the new chat-based workspace in Office 365 that has built-in access to SharePoint Online, OneNote & Skype for Business Online. It was recently introduced by Microsoft couple of months back and acts as a hub for team chats, calls, meetings, and private messages.

Microsoft Teams mainly focuses on these four areas ….

  1. Chat for today’s teams
  2. A hub for teamwork
  3. Customizable for each team
  4. Security teams trust

Let’s look on all these areas and understand how Microsoft teams is built to support all these four areas that can enhance business as well as user experience.

  1. Chat for today’s teams:

It provides a modern conversation experience for today’s teams. Microsoft Teams supports not only persistent but also threaded chats to keep everyone engaged. Team conversations are, by default, visible to the entire team, but there is of course the ability for private discussions. Skype is deeply integrated, so teams can participate in voice and video conferences. You can also add emoji’s, stickers, GIFs and custom memes to make it their own.

  1. A hub for teamwork:

Microsoft Teams is built on Office 365 Groups and is backed by Microsoft Graph. So, it brings together the full breadth and depth of Office 365 to provide a true hub for teamwork. Word, Excel, PowerPoint, SharePoint, OneNote, Planner, Power BI and Delve are all built into Microsoft Teams so people have all the information and tools they need at their fingertips.

  1. Customizable for each team:

Since all teams are unique, Microsoft has invested deeply in ways for people to customize their workspace, with rich extensibility and open APIs available at general availability. For example, Tabs provides quick access to frequently used documents and cloud services. Microsoft Teams also shares the same Connector model as Exchange, providing notifications and updates from third-party services like Twitter or GitHub. In addition to that Microsoft has also included full support for the Microsoft Bot Framework to bring intelligent first- and third-party services into your team environment

  1. Security teams trust:

Microsoft Teams is designed in such a manner that it provides the advanced security and compliance capabilities that our Office 365 customers expect. Data is encrypted in transit and at rest. Like all other commercial services, Microsoft has implemented a transparent operational model with no standing access to customer data. Microsoft Teams will support key compliance standards including EU Model Clauses, ISO 27001, SOC 2, HIPAA and more. In addition to that, Microsoft Teams is served out of our hyper-scale global network of data centers, automatically provisioned within Office 365 and managed centrally, just as any other Office 365 service.

Availability of Microsoft Teams:

As of now Microsoft Teams is on preview mode and its general availability details can be found below.

2.png

Subscription details for Microsoft Teams:

If you have a personal Office 365 subscription, you won’t be able to access Microsoft Teams. To access the app, you need one of the following Office 365 license plans:

  1. Business Essentials
  2. Business Premium
  3. Enterprise E1, E3, or E5
  4. Enterprise E4 (for anyone who purchased this plan prior to its retirement)

Note: If you’re licensed for a suite plan like Office 365 Education or a non-suite plan like Skype for Business Online Plan 2, then you won’t be able to get the app. You need to change your license or purchase additional licenses for your company.

Alright, I guess we have now see enough about Microsoft teams. So, let’s see how to enable this in your Office 365 tenant so that your end users in your organization can start using this.

Note: I’ve chosen India in the county field while signing up for Office 365 and I’m able to see Microsoft teams in my tenant. If you’re not seeing that in your tenant it could be because you’re choosing a country where this feature is not available yet.

Turning on Microsoft teams in Office 365 tenant:

  1. Sign in to Office 365 with your work or school account.
  2. Go to the Office 365 admin center as shown in the image below and click on the app launcher. You can optionally click on “Admin” option as shown below.

3.png

 

3. Click on “Admin” as shown in the image below.

4.png

4. Navigate to Settings and click on “Services & add-ins” as shown below.

5.png

5. On the Services & add-ins home page, choose Microsoft Teams as shown in the image below.

6.png

6. On the Microsoft Teams settings page that opens, click or tap to switch the toggle to the on position to turn on Teams for your organization, and then choose Save.Once you’re done you will be redirected to the Microsoft teams home page as shown in the image below and this where you need to enable the features specific to Microsoft teams.

7.png

7. On the Microsoft Teams settings page, in the General section, you can choose if you want to show an organization chart in user profiles. By default, this setting is turned on. To change this setting, click or tap to switch the toggle next to Show organization chart in personal profile to Off or On, and then choose Save.

8.png

8. In the Teams & Channel section you can manage team owners and members by using the Groups control panel in the Office 365 admin center portal. At this time, you cannot create teams from the Groups control panel – teams must be created by using the Microsoft Teams desktop client or web app which we will be discussing later in his article.

9.png

9. In the Calls & Meetings section, you can choose if users can use video and screen sharing during calls and meetings as shown in the image below.

10.png

10. In the Messaging section, you can turn on or turn off media content such as animated images, memes, and stickers etc.

11.png

Note: To turn on or turn off animated images, click or tap the toggle switch next to Add fun animated images to the conversations, and then choose Save. When animated images are turned on, you can apply a content rating to restrict the type of animated images that can be displayed in conversations. You can set the Content Rating to be one of the following:

  1. Strict
  2. Moderate
  3. No restriction

To turn on or turn off custom memes, click or tap the toggle switch next to Add customizable images from the Internet, and then choose Save.

To turn on or turn off stickers, click or tap the toggle switch next to Add editable images to the conversations, and then choose Save.

  1. The Tabs section, let you customize a channel to include content and capabilities your team needs every day. They provide quick access to frequently used documents and cloud services. In the preview release, there are several built-in tabs such as Files and Notes. In the Microsoft Teams client, at the top of the channel, users can add tabs for Word documents, PowerPoint presentations, Excel spreadsheets, OneNote notebooks, Power BI reports, and plans from Planner.
  2. You can turn on Tabs as shown in the image below.

12.png

Please check the Tabs section in my “Microsoft teams” desktop client below.

13.png

13. Finally, you can enable Bots as shown in the image below

14.png

Note: Using Bots, Microsoft Teams users can complete tasks such as querying information and performing commands by using bots. Users can also integrate your existing LOB applications with Microsoft Teams by using a bot.

To prevent or allow side-loading of proprietary bots, click or tap to switch the toggle next to Enable side loading of external Bots, and then choose Save.

Finally, once all the features are enabled this is how the Microsoft teams home page will look like…

15.png

16.png

Point to Note:

Although the Office 365 Global administrator has turned on this feature in the tenant end users may not see the Microsoft Teams app tile in the app launcher after an admin turns on Microsoft Teams for an organization. Admins can direct end users to go to https://teams.microsoft.com/downloads to get the desktop apps. To access the web client, users can go to https://teams.microsoft.com. For mobile apps, go to the relevant mobile store for Google Play, Apple App Store, and Microsoft Store.

Desktop client for Microsoft teams:

The below mentioned image depicts the desktop client for Microsoft teams using which I can create my team. You can do the same using web client as well.

Desktop client for Microsoft teams:

You need to sign in with your Office 365 credentials in the desktop client.

17.png

Web client for Microsoft teams:

You can check the web client below which opens on a browser and you can also notice that I’ve created my team in the image below.

18.png

 

Creating a team:

You need to use the Create Team on the bottom left of your screen as shown in the image below to create teams. In addition to you also have a “settings” option on the left corner which can help you turn on and off certain features.

19.png

20.png

Conversations in Microsoft Teams:

You can notice some conversations happening between the users in my team in the image below. You can mention a user, reply to a message and like a conversation or a reply.

21.png

In addition to that as mentioned earlier, you can add emoji’s to your conversations, attach files and also use the video camera icon to create new video meetings.

Adding a Tab:

Finally, you can add tabs using the “+” symbol as shown in the image below to add documents & One Note files to your conversations. You can notice that I’ve added a One Note file to my conversations in the image below

22.png

23.png

Microsoft teams is truly phenomenal and is a great way for users to communicate within themselves in a team . Please turn this on for your users so that they can enjoy this great application.

Thanks for reading this post …. Good luck with Microsoft teams in Office 365!!!

First Release in Office 365:

office-365

In this article, I’ll  will be discussing about “First Release in Office 365 “using which you can manage how your organization receive the regular updates from Microsoft for Office 365. Now, it’s a known fact that unlike on-premises the updates for Office 365 are pushed regularly and using this new feature in Office 365 you can designate that only certain individuals receive the updates first before it’s made generally available to everyone in the organization. By doing so you have ample amount of time to test these updates and check whether it breaks something (i.e. may be some custom functionalities) or you can remain on the default release schedule and receive the updates later.

So, to put it in simple words, ““First Release” update for Office 365 allows you to get access to updates faster than GA (General Availability) “.

Now, before we look on how to enable this feature in your Office 365 tenant, let’s take a look on the two type of release options.

  1. Standard Release
  2. First Release

Standard Release:

This is the default option where you and your users receive the latest updates when they’re released broadly to all Office 365 customers. This gives you extra time to prepare your support staff and users for upcoming changes. This is how Microsoft puts it:

“You and your users receive a select set of significant service updates 3 weeks or more after the official announcement. For at least 3 weeks, you have time to learn about the updates and prepare your employees.”

First Release:

With this option, you and your users can be the first to see the latest updates and help shape the product by providing early feedback. You can choose to have individuals or the entire organization receive updates early. This is how Microsoft puts it:

“You and your users receive a select set of significant service updates as early as one week after the official announcement. Choose this option if you and your employees are comfortable with regular updates to the Office 365 service.”

However, the default is to remain with “Standard Release”, which means that new functionality is released to your tenant when it’s good and ready.

The image depicted below gives a detailed explanation on the Office 365 release cycle:

14

So, as we’re done explaining what’s First release in Office 365, let’s look on how to enable that in your tenant. Remember, by default your tenant will be on “Standard Release “mode  and you need to enable “First Release “option.

Note: The Office 365 updates described in this article apply to Office 365, SharePoint Online, and Exchange Online. They do not apply to Skype for Business and related services.

Steps to activate First Release in your Office 365 Tenant:

  1. Sign in to Office 365 with your work or school account.
  2. Go to the Office 365 admin center as shown in the image below and click on the app launcher. You can optionally click on “Admin” option as shown below.

1.png

3. Click on “Admin” as shown in the image below.

2.png

4. Navigate to Settings and click on Organization profile as shown below.

3.png

5. Once you’re on the Organization profile page you will see the “Release preference “option as shown in the image below. Please click the “edit” button to the change the settings for Release preference.

5.png

6. You will notice 3 options as shown in the image below.

16

7. Choose the option that best suits your need, I’m choosing the third option as I want to enable First release option only for selected users.

15.PNG

8. On the next screen where it asks for a confirmation, please select Yes.

7

9. On the next screen, you will be asked to add people for First release as shown below.

 

8.png

10. Please select users from the list of available users as shown in the image below. I’m choosing myself here. You can also search for a user in the search box.

9.png

11. Once done you will see an option which says your release preference has been updated.

11.png

12. Once you click on close you can check & verify the list of users subscribed for first release. Here in this case you can see my name.

12.png

13. Finally, you can check the Organization profile home page to verify the release preference settings.

13.png

This confirms that you I have turned on “First preference “for myself alone. The best practice is to enable this for power users or IT administrators so that they can check the features before it’s made generally available for all end users. However, it’s up to you on how you want to manage this for your users .

Thanks for reading this post …. Good luck with Office 365!!!!

 

SharePoint Infrastructure Assessment Questionnaire for transitioning new customers

The questionnaire which I prepared below can be used to  assess the existing SharePoint environment for support transition and to collect key Information to propose the right support model for the transition.Folks who are working on transitioning new accounts/customers to your team can use this questionnaire to ease the transition phase.

microsoft-sharepoint-online.jpg

1.Business Goal:

  1. What is the primary business objective of the SharePoint environment? (What needs of your business are met by the existing system – Communication, Collaboration, Knowledge Management, Enterprise Content Management, Document Management, Dashboards, Complete Intranet Solution, Extra-net for suppliers, customers etc.?)
  2. Please share the status of all ongoing and planned activities for SharePoint (Development, migration and upgrade)?
  3. SharePoint farm version (SP 2010, SP 2013, SP 2016 & Office 365)?
  4. Please enlist the sites that are most critical to business?
  5. Please list down all the mission critical services that are hosted in SharePoint and its purpose

2.Infrastructure details:

  1. Explain in detail about how the domain controller is configured and the primary and secondary data center details?
  2. Please provide details or preferably Physical and Logical Architecture Diagrams for Production, Staging and Development Environment (i.e. Farm Topology, deployment diagrams, Virtual environment, SharePoint version details, Directory Services)
  3. Server hardware & software specifications
  4. Total number of users? Number of concurrent users?
  5. Server Naming Convention for Prod/Dev/Test servers
  6. Licensing details for SharePoint, Office web apps, Office Online server, Windows server and other supporting platforms.
  7. Please enlist all Integration points (Interfaces) with External LOB and other applications/ Software (Ex: SAP Integration with SharePoint
  8. Please give a brief explanation about all Web Applications and service applications in scope.
  9. Please provide the list of all 3rd party software’s that has been integrated with SharePoint (Ex: Ninetex Workflow, Doc Ave & Boldon James etc.)
  10. Explain in detail about the load balancing methodology used for the SharePoint Environment ((ISA? TMG? CISCO Ace? Or any other Hardware load balancer, F5 Big IP?)
  11. Is there any redundancy for Service applications and if yes how are they configured
  12. Are there any service applications which are being shared between two farms?
  13. DR farm details and its configuration for Business Continuity. A separate DR farm on a different data-center or a stretched farm where the servers are distributed across two data centers?
  14. Backend SQL Server details (i.e. SQL Server version, what level of permissions do we (i.e. SharePoint admin) have on SQL, SQL alias, named instance for SharePoint etc. . .)
  15. Backup strategy for SharePoint content databases.
  16. RTO and RPO strategy for SharePoint content databases.
  17. High Availability strategy for SQL Server – Clustering in place? Mirroring? Always ON?
  18. Authentication mechanism for SharePoint.
  19. Known issues in the farm if any?
  20. Language pack details if installed?
  21. When the farm was recently patched?
  22. Repository for configuration files, Implementation/Build guides, Known error database (KEDB), Incident Logs, RCA (root cause analysis), (CSV, SVN, TFS, etc.
  23. Deployment architecture? Give an overview (Farm solutions or Sandbox solutions)
  24. Do you have Office web apps/Office Online server deployed? If yes, detailed explanation of the Office web apps farm.
  25. Do you have Workflow Manager deployed? If yes, detailed explanation about the Work flow manager farm.
  26. How often do you perform a data refresh to the UAT and TEST farm?
  27. Details about AV scanning for the SharePoint farm?
  28. Do we have any monitoring in place for monitoring the environment (Ex: SCOM, Zenoss monitoring tool)?
  29. Are you using IaaS platform for SharePoint, if yes details about that? (AWS, Azure & Google Cloud Platform) .VM machine types if the SharePoint environment is on Azure, A series, D series, G series etc.?
  30. Health check scripts if available and it’s frequency. How often does the health check script run and what are the parameter it monitors?

3.SharePoint Online (Office 365) details:

1.What’s the Office 365 plan that your users are using?

2. How are the user identities synced from on-premises AD to Azure AD?

3.Are you using any Hybrid functionalities (One drive for business, Hybrid Search, Hybrid user profile, Hybrid App launcher etc.)?

4.Detailed explanation about the customizations made on the SharePoint Online sites.

5.Documentation of all the customization made on the SharePoint Online sites.

6.Migration tools used to migrate to SharePoint Online from on-premises.

7.What level of permissions will the SharePoint Online tenant admin have on the Office 365 tenant? Just SharePoint administrator or Global administrator?

8. Who will take care of Office 365 license management?

4.Portals:

1.Please explain in detail about the most critical sites (in scope) on existing environment?2.Please share the information architecture

3. Please share the governance plan for the SharePoint environment.

4. List of blocked and allowed file types in SharePoint?

5. Content management:

1.What’s the main kind of content that’s stored in SharePoint? (Text content, Documents, Images, flash, Audios, Videos, other formats etc.)

2.Is there any other Content Management or Document management tool in place along with SharePoint (Ex: Onbase from Hyland software)?

6.Security:

1.Are the SharePoint sites secured (Using SSL, encryption)?

2.Details about the SSL certificates used for SharePoint sites?

3.If the SharePoint sites are made available to internet/ external sharing what’s the authentication mechanism followed for that?

4.What is the current Authentication mechanism? (Windows Authentication, Forms based Authentication or Kerberos, AD, LDAP )

5.Authentication mode used for web applications (Claims or Classic)?

7. Customizations:

1.Does the SharePoint farm /SharePoint Online have customizations on it?

2.If yes, what’s the total number of farm solutions, User solutions & sandboxed solutions that’s been deployed?

3.Detailed description /documentation of all the WSP files that’s been deployed and its use?

4.If we have apps deployed to the app catalog, then detailed description about those apps?5. What kind of apps are they? Provider hosted, Auto –hosted or SharePoint hosted?

  • List of custom scripts running on the SharePoint servers and its purpose.
  • How Branding is applied, what’s being done? (Feature staplers/custom site definitions/Themes/Custom CSS, Master pages, etc.)
  • Do we have a SharePoint developer/developer team who takes care of all the development related tasks and if yes his/her details?

 8.Supporting Team details:

1.Who is supporting the existing environment? Please provide existing SLA and priorities for incident management.

2.Please give a brief description about team structure for Support (OS, Hardware, SQL server, Security, Exchange server, SharePoint, Cloud Management team)

3.Do you have a distributed development team across multiple locations/geographies? Please provide details.

4.Do you have a distributed team of site owners?

9.Vendor details:

1.Does this account have Microsoft premier support? If yes, whom to contact for opening a support case. Microsoft PFE and TAM contact details for this account if applicable?

2.Name of the Vendor who did all the SharePoint environment customizations.

3.Can we reach out to the Vendor for any customization issues which is not in our scope of support, if yes contact details of the Vendor?

4.Vendor details for the third party tools that’s used in the SharePoint farm (Ex: Metalogix, AvePoint, Share gate etc…)

5.SLA details with the Vendor and the contact person from the Vendor’s side for this account?

10.Support & Incident Management:

1.What is the Support Type (L1, L2 or L3) expected?

2.Please provide the call flow process. Find below a sample process flow.

3. What’s the frequency of L1, L2 and L3 tasks that you get in a day, in a week & in a month?

Call Flow Process / Diagram

call flow diagram.jpg

4.Who is expected to make calls to Microsoft for support and for other vendors?

5.Is it expected to interact with end users for Support?

6.What are the support hours (time zones) and SLAs expected? What support coverage are you looking? (24*7, 16*5, or 8*5 …)

Service Hours:

The below calendar defines the times that the SLA clock starts and stops excluding weekends.

Day Start  hours(EST) End hours(EST)
Monday    
Tuesday    
Wednesday    
Thursday    
Friday    

1.Do you have any system in place for Incident Management? If yes, please give details so that we can understand about how to accommodate that with our Incident Management system?

2.Please explain the Incident classification criteria. Find sample below.

     
  Definition Response Time from time of Incident Log Fix Time from time of Incident Log
P1 Impact on All Users /Risk to Business Continuity 10 mins Stay with it
P1 Impact on All Users /Secondary system down    
P2 Impact on Site or Dept. / Significant problem preventing satisfactory operation    
P3 Impact on single User    
P4 Service Request/Advice required    
P4 Service Request/Planning    
P4 New starters/requisitions/supplies/bookings    

3.What is the mode of communication for Support (Email only, Incident management tool, Phone, chat)?

4.Please share the SLAs/ OLAs with existing vendors for 3rdparty software, Infrastructure, Exchange Server, Security, SQL Server, OS and hardware.

5.It is assumed that content and configuration DB of all SharePoint sites are in scope for support. Please confirm?

6.Please confirm if following is out of scope for SharePoint Support

1.OS level support like Server Performance Management, Memory Management, Disk Space and SQL Server Uptime.

2.Installation, Implementation, Deployment of any Software

7.Design, Development, Implementation or any issue on Development and Test servers.

8.Evaluation of any Software, Tool and Processes and Results

9.Design, Development and Implementation of Proof of Concepts

10.Development and Enhancements of 3rd Party Products

11.Platform Troubleshooting

12.Application Migration & Upgrades

13.Optimizing search for website or any other design changes to website

14.Managing Office 365 licenses and supporting the Azure environment.

7.Are there any development or migration projects that are currently in progress? What support is given to these projects by existing (Portal, or SharePoint) support teams?

8.Is there any repository for knowledge documents, Incident Logs, RCA (Root cause Analysis)?

9.Communication plan for any planned/unplanned outages – Key stakeholder list

9.Escalation matrix details.

10.Detailed description of tasks & activities performed in shift / daily / weekly / monthly

11.Please provide us with the following Support statistics (priority wise)

  1. Total tickets logged for SharePoint in last 1 month, 3 month and 6 months.
  2. How many Priority 1 calls were logged in last 1 month, 3 month and 6 months?
  3. Details about past SLA adherence,
  4. Summary of support tickets with case open age

 12.Are there user training requirements for educating the users about the sites? Need for webinars, training material, FAQs etc. to facilitate the rollout and ongoing changes to the sites

13. Any past record of the entire SharePoint environment going down, if yes details about that?

Finally, once all the above mentioned details are gathered and you have understood the customer’s environment well then you’re good to close the transition phase .

Happy SharePointing !!!

 

 

 

 

 

 

 

 

 

Recording of Webinar Session on SharePoint Architectural Models:

thumbnail

For those who missed my session yesterday , please find the link for the video recording below .

Webinar Recording on SharePoint Architectural Models

Thanks once again for attending my session yesterday and will see you all soon in different webinar shorlty .

Happy SharePointing!!!!

 

Great opportunity for Office 365 folks:

office 365.png

Microsoft has  planned and set up 8 different Office 365 Labs webcasts that will be delivered during September and these are the topics that will be discussed in the webcast.

1. Office 365 Labs – Using PowerShell to automate tasks
2. Office 365 Labs – Mastering Azure AD Connect
3. Office 365 Labs – Mail flow
4. Office 365 Labs – Getting the best out of Outlook and Exchange Online
5. Office 365 Labs – OneDrive Synchronization 101
6. Office 365 Labs – Sharing and collaboration with internal and external users in SharePoint Online
7. Office 365 Labs – AD FS and multi-factor authentication explained
8. Office 365 Labs – Exchange Online compliance features (In-Place Archive, In-Place Hold, eDiscovery)

Please use this link below to enroll yourself for these sessions

Office 365 Labs webcasts coming in September