I’ve been fairly quiet in the world of Exchange Server and Office 365 for the past few months, but not without good reason. As some may know, I’ve spent the past 10 years working in Dell’s Services organization with much of that time spent supporting, designing, and deploying Exchange and Office 365 solutions for our customers. However, this May I decided a change was in order. I’d like to share some context for my career up to this point, which I feel gives insight into my thought process for this career change. It’s a bit of a read, but I won’t fault you for skipping to the end to hear my plans for the future.
My father was a “telco guy” (his way of putting it). He spent much of his career working in the Houston medical center (and briefly for Lucent Technologies) handling both telco and data cabling design and deployment. This meant at 13yrs old I was playing with punch-down panels and following my Dad to work to see how he made his living. His work always fascinated me, but I also learned to admire how he carried himself and the reputation he built among everyone he worked with. My Dad was the first to tell you he wasn’t the smartest guy around; dropping out of college and playing guitar in a rock band as his only job until he was 30. However, he made sure everyone he worked with knew his name because of how personable he was, and often said, “If I don’t have the answer for you, I’ll likely know who will.” This approach to how he carried himself would go on to influence how I chose to interact with my coworkers and clients to this day.
When I was a Sophomore in high school, about to pick classes for my Junior year, my Dad noticed my high school offered a Cisco Networking Academy course, partnering with a local community college. The course prepared you for the CCNA (Cisco Certified Network Associate) certification. I graduated high school in 2004, so this was the 2002 timeframe. My Dad said if I enjoyed watching him work, I would enjoy this class, as it involved network cabling plus much more. I took the course my Junior year (at the time, knowing nothing about networking or computers past how to terminate an RJ-45 cable) and passed the class as well as passing the CCNA exam that summer (at 17yrs old, an achievement I’m still proud of). At that point in life it was my first taste of being genuinely good at something relative to my peers, as I stunk at sports and was a mediocre student.
At 17yrs old, I was suddenly able to receive my dopamine hit from fixing technical problems and knowing I could make a decent living out of it; a turning point in my life that began me thinking about what my career would look like. It was something I truly enjoyed that I could also get paid to do. Through some contacts my teacher had, I got a job that year working in a datacenter for an online sports streaming company. I made it a point to get to know everyone in that datacenter, even if they didn’t work for my employer, just so I could understand what they did and try to learn more (I got my first taste of Exchange Server 2000 here). The following summer, I got a different job working helpdesk for a software development company. The work wasn’t glamorous (shaking printer cartridges, replacing hard drives, and reinstalling Windows drivers) but I similarly made a point to pick everyone’s brain I could and learn just what types of positions there were in IT. What exactly does a UX Developer do? What does a Software Product Manager do? A Helpdesk Manager? Security Administrator? Etc. I viewed it not as a gig to make some fun money, but as my own personal IT Residency and exploratory mission.
On the advice of my High School Cisco teacher (who also taught Electrical Trades and Architecture), I went to TSTC (Texas State Technical College) where he had previously sent students who wanted to pursue a trade. After two years of working for the college’s IT department, I graduated with two AAS (Associate of Applied Science) degrees; Computer Networking & Systems Administration and Network Security. I really enjoyed my time at TSTC and to this day I serve on their Industry Advisory Board helping shape their curriculum. The next few years saw me do a mixture of IT Administration and Consulting, the latter I really enjoyed because it involved the two skillsets I excelled at; solving technical problems and working with a wide array of interesting people.
In 2008 I visited Austin Texas and realized I wanted to live somewhere other than Houston before I died, so I took a job in Dell’s Enterprise ProSupport organization as a Microsoft specialist. While some view Support as a downgrade from Consulting, it was a fascinating position to me. Every day was a customer escalation that needed solving, which meant something new to learn. On any given day I could be tasked with fixing Active Directory, Exchange Server, SQL, VMware, Server Hardware, client systems, Networking, etc. After a year in role, I had become known as an Exchange subject matter expert (having worked with it since my high school days) and was offered a position within the newly acquired MessageOne (a SaaS email continuity and archiving provider), in a Support/SaaS/DevOps organization. After a little less than two years, I transitioned back into the Support and Consulting organization to eventually become Sr Principal Engineer over our Exchange & Microsoft Cloud support practice. I also worked closely with our Sales and Consulting organizations, frequently on loan to their business for any delivery issues in the field or large Exchange sizing opportunities. In this time, I became a Microsoft Certified Master in Exchange Server (formerly known as the Ranger program) and then a Microsoft MVP (Most Valuable Professional). While this work was very fulfilling to me, I began to do some long-term planning and realized I needed to make a change before a change was made for me.
You see, I turned 32 this April (2018). I realize this is still considered young by many, but as I’ve been in datacenters and taking IT certification exams since I was 17yrs old, I already had ~15yrs in IT as a deeply technical resource. Working backwards from retirement, I had to ask myself, “With ~30yrs until retirement, do I really want to spend that being a deeply technical resource?” You see, that dopamine hit after fixing a complex technical issue I’d been feeding off of my entire career was diminishing. I had realized the informal project/program management and team leadership I’d been doing was becoming much more rewarding. I came to realize outcomes-based work was more enjoyable than output-based work. At the time, the right decision for me seemingly was to go into Consulting. Almost every other Microsoft MVP I knew was an IT Consultant, and many Consultants I knew at Dell wanted me to join their organization. I was good technically, I was a good presenter, and I understood enough business to hold my own speaking with Executive Leaders. There was only one problem. Too many Consultants I knew traveled A LOT! Several of them spent 3 weeks out of every month on the road. Flying out to customer sites on Sunday night and flying back home on Thursday night, often missing their families dearly. My wife and I had our first child in April of 2017; and having a father who traveled a lot (when he did telco installations working for Lucent), that wasn’t the way I wanted to raise my kid. I often say, nobody ever lies on their deathbed, surrounded by their loved ones, and says to themselves, “Man, I wish I had spent more time working.”
This left me pondering my next move. I had made enough connections to know I had options, but Dell has been nothing short of an excellent employer to me. I really wanted to look at career options within the company that allowed me to grow as a person and an IT Professional. What path to choose? Stay Technical? Go into Management? Sales? Marketing? Engineering? I asked myself, what skillsets are universal no matter which company I worked for? The answer was simple; every company makes something! This means they need to market it, manage its delivery, design it, and support it. My goal became, how do I learn those areas? I was already a technical expert and an expert in the Support/Consulting world, but I knew very little of these other areas. After seeking input from friends and colleagues whom I highly respected, I made a decision.
In May I took a role as a Dell Services Program Manager, working in our Commercial hardware, software, and cloud business. It was an opportunity to take my existing skillset and help our organization navigate the sometimes-murky waters of solutions and the cloud, while also frequently interacting with areas of the business I had previously not worked with. While the past few months have been intense (“drinking from the firehose” is the common expression), they have also been very exciting and rewarding. I’m looking forward to what the future holds in this new role.
What does this mean for my future Exchange & Office 365 activities? Long-term, nothing. I still plan to be active in the world of Exchange and Office 365, even if my short-term activities have paused due to adjusting to the role change. I have been a speaker at the last two Microsoft Ignite conferences but will not be attending this year simply due to being far too busy. While that’s unfortunate, I have several blog posts queued up that I recently haven’t had time to write/edit. I also plan to write about troubleshooting, design, & performance topics related to Exchange Server 2019 once it launches.
In addition, I’ve considered using this blog for a broader set of topics I’ve recently had a desire to discuss:
-Utilizing the Office 365 suite for better productivity in a Program Management role (obviously very topical for myself)
-Using the Office 365 suite on non-Windows client platforms such as ChromeOS (slightly related to my new role)
-Career building topics for technical individuals looking to grow their skillsets (I’ve done a lot of mentoring to colleagues and college students in this regard, and have been meaning to catalogue some of my personal opinions on career development for individuals in IT)
So thanks for your time (for whomever stuck around to read this whole thing) and I hope to get back to helping others in the community. The primary reason I started blogging and answering Exchange questions on Reddit was to help others in the same way I have been aided since my earliest days as an IT Professional. Therefore, for as long as I’m still in the game, I plan to keep attempting to help others.
This article will see us use Server 2012 R2 Essentials to integrate with Office 365 for Exchange. This will be one of the options I’ll discuss during my session titled “Exploring options for moving a small Exchange or Small Business Server environment to Office 365 or remaining on-premises” at Exchange Connections 2014 in Las Vegas Sept 15th-19th. It’s a long title for a session but it’s fitting considering the many options you’ll have for you or your customer’s business.
First we should know what Server 2012 R2 Essentials is. You could say it’s the spiritual successor to Small Business Server 2011, which was essentially (pun intended) discontinued. For a detailed walkthrough of Windows Server 2012 R2 Essentials, watch this great multi-part video series on it from Microsoft. It’ll answer all your licensing, deployment, & configuration questions.
History & Now
The last version of Small Business Server was SBS 2011. This was a Server 2008 R2 Domain Controller which ran Exchange 2010, along with WSUS, File Services, SharePoint Foundation, & SQL. The solution had several other cool features like Remote Web Workplace which was a web portal (running on top of Remote Desktop Services) that allowed any remote user to connect through a web interface & remote into a client machine on the company LAN. It also included a singular management interface named the SBS Console where Admins could manage Users, Groups, Mailboxes, Backups, Alerts, & Updates. This solution was aimed at small businesses (as the name implied) with less than 75 users.
Fast forward to today & we have Server 2012 R2 Essentials which has new features but also is a bit lighter. Exchange, SharePoint, & SQL are no longer included with the product; however you can still utilize these applications either on-premises (on another server) or in the cloud. The Windows Server Essentials Dashboard allows you to perform many of the same user management functions as the SBS Console, as well as manage mailboxes if you’ve chosen to run Exchange on another server on-premises or have connected your server to Office 365 (more on that later). New with 2012 R2 is the ability to install Essentials as a Server Role on Server 2012 R2 Standard or Datacenter; this is called the Windows Server Essentials Experience Role. See the aforementioned video series to learn about all the additional features of 2012 R2 Essentials.
In this article I’ll be Installing the Windows Server Essentials Experience Role, configuring the environment as if I were a small business, & connecting my environment to an Office 365 Tenant. I chose to use the server role (instead of a full Essentials OS install) in this guide for my own convenience. The experience should be the same, it’s really just the licensing that differs. Once we’ve performed these steps we’ll explore management of users; most notably, managing Office 365 mailboxes from the Essentials Dashboard. We’ll also see how passwords are synched to O365 (yes that’s right, Essentials had PasswordSync before the full version of DirSync did!).
Adding the Windows Server Essentials Experience Server Role
- Launch Server Manager, select Local Server, select Manage, & click Add Roles and Features.
- Proceed to the Select Server Roles page & place a checkmark next to Windows Server Essentials Experience. Take note of the additional Features that will be installed. Select Add Features & click Next a few times & then click Install. Reboot afterwards.
Exploring & Configuring Essentials
- Upon logging back into the server post-reboot, open Server Manager & click the flag in the top-right corner of the screen indicating post-deployment tasks requiring action. Click Configure Windows Server Essentials
- Take note of the initial page & click Next.
- As part of the Role configuration, your server will be made into a Domain Controller of a new Active Directory Domain (if you do not already have a domain). In this case I’ll put “ASH-Exchange Inc” for my Company Name (a fake Company Name I chose in hopes of not being sued 😉 ). I’ll also put “Ashdrewness” as the Internal Domain Name (I own ashdrewness.com; replace that domain in this guide with a domain you own). Click Next.
- When asked for an Administrator account I put “Andrew-Admin” & entered my preferred password twice. Click Configure. This next phase may take up to 30min, feel free to grab your favorite beverage. The server will eventually reboot.
- After the server has rebooted you can log back in with the account you were using to perform the install/configuration (Administrator in my case) or the account you just created. After opening Server Manager you’ll be greeted with a dialog box saying the configuration is complete. Click Close.
- My server is now a Domain Controller for the Ashdrewness.local domain. From the Desktop, click the icon for the “Dashboard.” You’ll be greeted by the Essentials Dashboard.
- I’ll go ahead & create some test user accounts by clicking on “Add user accounts” & then clicking “Click to add user accounts”.
- Here I’ll create an account named John Smith with a “User account name” of JohnSmith. I’ll create a password, make the user a Standard user & click Next. On the shared folder screen click Next. On the Enable Anywhere Access screen click “Create account”. I’ll repeat this process for users Sally Smith & Mike Smith.
Configuring Office 365 Integration
- Now at this point there are many things I could setup on the server from within this wizard such as Backup, Anywhere Access, & adding computers to the domain; but for now I’ll just go straight to the “Services” section of the Dashboard.
- With “Services” selected, click “Integrate with Office 365.” Then click “Integrate with Office 365” again. This wizard will help us setup integration with an Office 365 tenant. You can either have a tenant already created or you can use the wizard to create one (or create a trial tenant). We’ll use the wizard to create our tenant now.
- Click Next & then click “Try” under “Microsoft Office 365 for midsize business and enterprises”. On the page it takes you to, input the requested information. On the next page I’ll create a username of “Andrew” & put “ashdrewnesstrial” as my company name. After creating a password click Next. You may be asked to provide a phone number for text message verification to prove that you’re not a bot. Afterwards click “Create my account.”
- Afterwards you’ll be given some information to write down, similar to :
Office 365 sign-in page:
Your Office 365 user ID:
- Click on “You’re ready to go” to be taken to the main dashboard of your Office 365 tenant. (Note: as time goes on, some of these O365 menu options may change so please use your best judgment to get through them. Also, If your browser crashes or you need to get back to the O365 Admin portal then just login to https://portal.office.com using the account you just created; firstname.lastname@example.org in my case.)
- From the top of the Dashboard click Admin>Office 365. On the next page click “Domains”. Click “Add Domain”.
- I own “ashdrewness.com” so at this point I’ll add it to this Office 365 tenant (Note: a domain can only exist in one Office 365 tenant at a time). Use this wizard to add your domain. In my case the domain is hosted by GoDaddy so I’m prompted to have the Office 365 wizard confirm ownership for me by creating a randomly generated TXT record. I will be prompted for my GoDaddy credentials & the required records will be created for me. Click Finish when complete.
- At this point of the wizard I’ll be asked to add users & assign licenses. Click “Start step 2” & say “I don’t want to add users right now” & then Next.
- Click “Start step 3” & then click Next to say I wish to use this domain for Exchange & Lync Online.
- Now click “Setup records” to add the appropriate DNS records in your zone. Click Finish.
- [Back in Essentials] At this point, go back to the “Integrate with Microsoft Office 365” wizard in the Essentials Dashboard. If you’re still on the page where we left off then click Next.
- Enter the credentials for the Office 365 admin account we created; in my case this will be Andrew@ashdrewnesstrial.onmicrosoft.com. Click Next after entering the credentials.
- The next page will inform you that a strong password policy will be configured. Check the box & click Next (by doing this, users may be prompted to change their passwords).
- After completing the wizard & restarting the Dashboard, click on “Services” again to see that your Windows Azure Active Directory & Office 365 integrations are now Enabled.
Matching your Active Directory Users with an Office 365 Mailbox
- Click on “Users” within the Essentials Dashboard & then select John Smith. In the right-hand pane click “Assign a Microsoft online account”
- On the first page of the wizard, leave the default selection of “Create a new Microsoft Online Services account & assign to this user account”. Click Next
- On the next page, at this time just select Exchange & Lync (while I’m sure all your users will be anxious to start using Yammer, they can be patient). Click Next.
- The next page should provide verification that the account has been created & will also notify you that John Smith will be prompted to change his credentials the next time he signs in. Click Close.
- At this point if I look at the user account of John Smith in Active Directory I can see that his User Principal name has been changed from JohnSmith@ashdrewness.local to JohnSmith@ashdrewness.com. Also, if I open the Office 365 Admin Center I’ll see that John Smith has been added to the tenant with a Status of “in cloud” which is different than it would show up if it were synched from my local Active Directory using DirSync. This is because Essentials does not use DirSync but its own custom framework for synching users to the cloud & keeping Passwords in sync (in fact, it could do Password Synchronization before DirSync could). Speaking of passwords…..
- Now if you were to try & login to the Office 365 portal right now as JohnSmith@Ashdrewness.com you would get a login error. What you must first do is either try to login to your local Active Directory environment, have it prompt you to change your credentials, change them to a password that meets your new complexity policy OR an admin could use the Essentials Dashboard or Active Directory Users & Computers to reset the password.
- Afterwards, connect to https://portal.office.com & login using JohnSmith@Ashdrewness.com with your new credentials. You’ll be presented with the below page. Note: In my testing, it is a matter of seconds between changing a password on-premises & having it take effect in the Office 365 tenant. This is much faster than DirSync; however using the Essentials Office 365 features (and its own custom web-based sync service) is only supported in a single Domain Controller environment, aka small environments (UPDATE: It is now supported in multi-DC environments per this article).
Map an existing On-Premises user account to an existing Office 365 mailbox
We’ll now act as if we already have an Office 365 mailbox created & now we wish to map it to an on-prem AD user account. For instance, this would be the case if you had migrated from another version of Exchange to Office 365 using a Cutover Migration or similar.
- Login to the Office 365 admin portal with Andrew@ashdrewnesstrial.onmicrosoft.com & navigate to “Users and groups”. Click the plus symbol to create a new user called “Mike Smith” with a user name of “MikeSmith”.
- Now back in the Essentials Dashboard, select Mike Smith & then click “Assign a Microsoft online account.”
- This time select “Assign an existing Microsoft Online Services account to this user’s account”. Notice how a drop-down will appear which will automatically populate with your tenant accounts which have yet to be mapped to an on-prem user account. Select MikeSmith@ashdrewness.com & click Next.
Managing your Office 365 properties from the Essentials Dashboard
- From the Users pane of the Essentials Dashboard, double-click John Smith’s user account. On the Properties of John’s account, click the “Microsoft online” tab. Notice it’ll take a second to connect.
- Notice you can do things like block access to the service, add additional email addresses, & assign/un-assign services to the account. Close out of the Properties of John’s account.
- Within the Users pane of the Essentials Dashboard, click the Distribution Groups tab & then click “Add a distribution group”.
- Create a group called “TestDG” & give it an email address of TestDB@ashdrewness.com & click Next.
- Add Mike & Sally to TestDG & click Next. The group will be created in your Office 365 tenant.
- If you login to your tenant you will now see that the group has been added with the users you selected as members.
Hopefully this gives you an idea of what’s possible with Server 2012 R2 Essentials & can be looked at as a viable option for you or your customers.
Again, I’ll be speaking at Exchange Connections 2014 in Las Vegas Sept 15th-19th on the topic of small businesses & Office 365, as well as Exchange troubleshooting. I hope to see you there!
Edit: The Office 365 Integration features are now supported in multiple Domain Controller environments. It now appears that the only limit is the 100 user supported limit mentioned in this article
First off, I still plan on blogging the troubleshooting related issues I come across at exchangemaster.wordpress.com while this blog will be for other Exchange/Office 365-related topics (guides/technical deep-dives/etc). My good friend, fellow MCM/MCSM, & co-worker Jedidiah Hammond started that blog several years ago with the intent of helping the Exchange community’s troubleshooting efforts & I wouldn’t want to deviate from that goal with some of my own occasional projects.
Now on to some exciting news. I’m going to be presenting two sessions at Exchange Connections in Las Vegas this September 15th-19th. For a great overview of the conference, see Tony Redmond’s post detailing the full speaker line-up.
Below you’ll find my session overviews:
Exploring options for moving a small Exchange or Small Business Server environment to Office 365 or remaining on-premises
With the retirement of Small Business Server (SBS) & customers no longer able to
purchase SBS 2011, small businesses will be exploring their options going forward.
This session will describe options & provide high level guidance for:
-Supported migration options for moving Exchange to O365 for SBS 03/07/10 (PST
vs Cutover vs Staged vs Hybrid vs IMAP vs 3rd party) with pros/cons of each.
-Which services to take to cloud vs leaving on-prem (Exchange/SharePoint/AD/File
-What benefits does Server 2012 Essentials bring & how to scale up from a single server
deployment; Including virtualizing Essentials/Exchange/SharePoint as
separate VMs on same host. Risks/benefits of each.
-The dangers of trying to recreate your own “2013-SBS” by placing
Exchange/SharePoint/RD Gateway/AD/WSUS on same box.
-How to handle authentication (DirSync with Password Sync vs Separate
Credentials vs ADFS)
Session will be high-level & aimed at both small business owners as well as
consultants who work with many small businesses. Session will also include
lessons learned via support with customers already exploring the various options.
Advanced troubleshooting procedures & tools for Exchange 2013
Using lessons learned from support, as well as insights from Microsoft, this session
will focus on the following:
-Proper troubleshooting methodology
-Common support issues since the release of 2013 & what can be learned from
-(bulk of session)Under-the-hood look at various core & supporting components of
Exchange functionality (Client Access/Transport/Mailbox/High Availability/Unified
Messaging/Active Directory/Operating System resources/Hybrid) & the logs/tools
required for troubleshooting them.
-Resources to follow to be updated on emerging issues (blogs/social media/etc)
-Time permitting, practical examples of beginning to end troubleshooting of