Last week, I shared the announcement of Microsoft Online, its SharePoint Online offering, and the "Business Productivity Online Suite" (BPOS) bundle of SharePoint, Exchange, Live Meeting and (soon) Office Communications Server. This week, I'd like to talk about my experience with the service, and to share some tips that might save you some grief.
What you can get
You can subscribe to one of the Microsoft Online services, or to the BPOS bundle, in one of three flavors: Standard, Dedicated, and Deskless Worker. The Standard offering is a hosted, multi-tenant service that will be useful for most small-to-large sized enterprises. I'll go into more detail about Standard later, since that's what I gave a test drive. The Dedicated offering, available for enterprises with 5000 seats or more, can be highly customized and can involve Microsoft services for migration, deployment, and support. The Deskless Worker option is a very interesting one; it provides a mailbox accessible with Outlook Web Access (OWA) and read-only SharePoint access. This very inexpensive option will be very attractive in some scenarios. You can subscribe to the Deskless Worker or Standard offerings with as few as one seat.
My company, Intelliem, is a small niche services firm that offers customized training and consulting for Microsoft technology implementations, from the CIO to the IT organization to the end user, in mostly Fortune-caliber organizations. We focus our resources on the services we deliver, and don't want to be spending our ‘gurus' cycles on maintaining plumbing, so I moved to a hosted Exchange environment several years ago—a very good decision. I decided to migrate to Microsoft Online to "dogfood" the service. My size and needs led me to the Standard BPOS offering.
To sign up, you'll need a Windows Live ID, which you can acquire from the MOSCP. IMPORTANT TIP: I highly recommend you create a unique Windows Live ID specifically for subscribing to the service. This is for two reasons. First, if you use your own Windows Live ID, what happens if you leave your organization? In this initial phase of Microsoft Online, some things are tougher to change than others, and I wouldn't want to tie my personal Windows Live ID to an enterprise service. Second, and more importantly, the Windows Live ID username that's associated with the subscription of the service cannot be re-used as a username by the service.
Here's what happened to me. Our username standards are [email protected]. My Windows Live ID, which I've had for years, followed that standard. I subscribed for the service. Then when I went to create users, I was able to provision every user except myself, because my would-be username, [email protected] was already "in use" by the subscription, so I have to use a different username, which is more difficult for me to remember when I sign in. I could have avoided both of these problems by acquiring a unique Windows Live ID just for subscribing to the service.
When you subscribe, you provide contact information and, of course, agree to the license agreement. Then your service is provisioned, which took hours to a day during the beta, but is likely to be much faster now.
But give Microsoft time before re-subscribing. I made the mistake of being impatient, also, and ended up with several accounts! Your account will be based on your domain name, but a number will be appended to it. So if your domain name is company.com, your account may be company1.microsoftonline.com. That's just your account name—don't worry your email addresses can remain what they've always been.
You can also select a Microsoft Partner to associate with your account. The Partner can help answer questions, plan migration, and provide value-added services. This realm will develop rapidly during these initial weeks of the released Microsoft Online Services, so I recommend that you look closely at what the partners provide. Architecturally, partners are reselling Microsoft Online and get a "spiff" for their efforts. You should not be paying any more for the services from a partner as you would from Microsoft, and in either event, the services are hosted by Microsoft. But partners can, should, and will be offering add-on capabilities, some of which may be very useful to your enterprise. So do some homework to figure out what makes sense for your company.
When your setup is complete, you'll receive an email with the administrative password and you can log on to the Microsoft Online Administration Center (MOAC).
Get set up
After you receive the administrative password, you should first set up your domain. The goal is to verify that you own the domain you are subscribing. This is done by adding a CNAME record to your authoritative DNS zone. Microsoft then queries for this record, and when it sees the record, it validates the domain. A wizard will step you through the process, which is also described in a TechNet document in the BPOS help site. Tip: Spend the time it takes to read through this "help file!!"
Your next step will be to create users. Microsoft Online has its own multi-tenant Active Directory (AD) that maintains your users' accounts. You can create the users in the MOAC interface, import them from a CSV file, or synchronize your AD to Microsoft Online. The synchronization option will be particularly useful as the size of your enterprise increases, and is critical if you're going to host some mailboxes on your own Exchange infrastructure, and others with Microsoft Online. Basic properties are synchronized--not passwords--by a directory synchronization tool that runs in your domain. Dirsynch is a one-way operation in this release--changes made to user accounts in Microsoft's directory are not synchronized back to your AD, so you'll want to make all changes in your AD. All users are synchronized; you cannot limit the scope of synchronization in this release of the services.
Regardless of how users are created, they do not receive services, and you are not charged for the users, until you enable them for the service, and each user can have different service levels. So you can have 500 users in your company, synchronized with Microsoft, but choose to subscribe only your roaming sales force to Deskless Worker, and your remote information workers to BPOS. Microsoft's technical and revenue model for Microsoft Online is surprisingly flexible for a "version 1.0" release!
Deploy the Single Sign In Client
Users subscribed to Microsoft Online should download and install the Microsoft Online Services Single Sign In (SSO) client. The tool performs several important tasks. First, it configures Internet Explorer to communicate effectively with Microsoft Online, reducing or eliminating repeated logon prompts. Second, it configures an Outlook profile for mail-enabled users. Third, it provides easy access links to each of the BPOS services: Outlook, OWA, LiveMeeting and SharePoint.
Theoretically, you can access all of these services without the SSO client, and my own experience is that I can open Outlook perfectly well without the SSO client, but other services might be a bit more shaky. If you have users who will be accessing the services from non-Windows devices, you should definitely take advantage of the free trial to evaluate the experience of those users.
One thing I think I learned, but never saw well documented: when you create a user in the MOAC, you are given the user's initial password and you can send an automated email to the user with his or her password. However, users cannot just go logging into Microsoft Online (e.g. the OWA site) yet--they have to change their password first, using the SSO client. I've not found any way to let users go straight to work without doing so. This makes sense to me, from a security perspective, but it's not clearly documented.
Set up SharePoint Online From the MOAC, you can create SharePoint sites and assign users to those sites. SharePoint Online is very much like SharePoint in house. Because it is a multi-tenant version of the Standard CAL of Microsoft Office SharePoint Server, some SharePoint capabilities are not supported, including InfoPath Forms Services, Excel Services, the business data catalog (BDC), and you cannot run custom code. However, you do have the page publishing functionality of MOSS and SharePoint Designer customizations are supported, so there's a pretty rich set of functionality that's offered in this release.
There's obviously more… You can use the SSO client to configure Outlook profiles, you can configure LiveMeeting… but this is a SharePoint newsletter, so I wanted to focus on what it takes to get SharePoint Online up and running. Next time, I'll wrap up the discussion of Microsoft Online with my evaluation of the service—the pros and cons—and I'll give a report card based on my experience with the BPOS.