130 likes | 161 Views
Congratulations on becoming an Office 365 administrator! Learn to manage loose ends like Exchange, SharePoint, and identity management with practical tips and expert advice. Secure data, handle synchronization errors, and curate alerts effectively. Monitor service health, automate incident response, and implement self-service MFA. Stay informed with usage reports and notifications. Develop runbooks for critical scenarios.
E N D
Mike Crowley • 17 years IT leadership experience • Deployed Office 365 and other Microsoft technologies for millions of users • 7-time Microsoft MVP award recipient • Principal Consultant, Baseline Technologies
…but let’s not forget about those loose ends: • Exchange • Data such as Public Folders and PST files • AutoDiscover and MX DNS records • SPF, DKIM, DMARC • Inbound firewall rules (client & migration traffic, SMTP...) • SharePoint • Decommissioning on-premises file servers • Set Sites to Read Only
Do you have reliable identity management? • Azure AD Connect • Identifying and resolving synchronization errors • AAD Connect Health • Fault “tolerance” • 10GB SQL Express limit • Hybrid Exchange Server • Still required for ongoing recipient management • Upgrade to Exchange 2016, decommission everything else
Outgrowing Password Hash Sync? • Password Hash Sync • Can be used in addition to other authentication options • Pass-through Authentication • Deploy multiple agents • Federation (e.g. ADFS) • TLS Certificate Lifecycle Management • Use Enhanced Smart Lockout • 3rd party
Find these configurations before your users do! • Group Naming Conventions • Requires AAD P1 • Influences Office 365 Groups and Teams • Restrict creation of new Groups and Teams? • External Sharing • App approval • Microsoft’s new and enabled by default apps • 3rd party apps
Curating Alerts and Reporting • Reports vs Alerts • Report = review stuff that happened over time • Alert = something specific just happened • Alerts don’t always “alert” you, depending on license level • Delegate and/or encourage your whole team to get involved • Some practical tips • Regular team meetings to discuss upcoming changes • Dedicated admin accounts are a good idea, but you need a plan to capture emails that are sent there. • Email forwarding, transport rules, etc. • PowerBI • Graph Reporting API • Learn to interact with Graph from PowerShell
Reporting is everywhere! • Company Profile: Technical Contact • https://admin.microsoft.com/Adminportal/Home?source=applauncher#/companyprofile • AAD Notification Settings (e.g. • https://aad.portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/Notifications • Message Center (e.g. roadmap) • https://portal.office.com/adminportal/home#/MessageCenter • Global Admins get various notifications • Usage Reports • https://admin.microsoft.com/Adminportal/Home?source=applauncher#/reportsUsage • More • AAD Connect Health • AAD Identity protection • Microsoft Cloud App Security • Outbound spam notifications • Protection Reports • Automated incident response (AIR) in Office 365
Develop Runbooks • Runbooks take guesswork out of stressful situations • Office 365 Service Outage • Ransomware response • Account Compromise • Data Leakage • Time sensitive account terminations • The “a VIP sent an email they didn’t mean to” scenario • A more amusing cousin to the “remove that phishing email from everyone’s mailbox” scenario
Self-Service • MFA • Use Conditional Access • Requires: AAD P1+ or M365 Business+ • Consider exempting Hybrid AAD Joined workstations • IT should already be using this. Begin your org-wide MFA deployment, if you haven’t already • If it supports SAML, your other application/appliance can hitch a ride • MFA is free. You’re doing your organization a disservice if you’re not using it. • SSPR • Enable combined registration page • Groups/team creation • A naming convention policy is a good idea • Lockdown creation if necessary, but not forever
Monitor the Office 365 Service Health • SHD: Service Health Dashboard (aka Captain Obvious) • https://status.office365.com • https://portal.office.com/adminportal/home#/servicehealth • Azure Status (because sometimes the SHD is what died!) • https://azure.microsoft.com/en-us/status • Twitter • https://twitter.com/MSFT365Status • Reddit (sigh, yes, I know) • https://www.reddit.com/r/office365/new • https://www.reddit.com/r/sysadmin/hot