Prepare Hybrid environment for Microsoft Teams or Skype for Business online - Part 2

<--Planning Microsoft Teams or Skype for Business online in a Hybrid Environment - Part 1

 My previous post I have discussed the Planning phase for Microsoft Teams or Skype for Business Online in a Hybrid environment. Please click here to access into it. I am discussing Key preparation steps to implement a hybrid environment on this post.


Update On-Prem system

After validating cumulative update level of Skype for Business or Lync 2013 system, update the system into the latest cumulative updates. This is the best practice method before implement hybrid environment.


Implement Office 365 Firewall URLs

As Microsoft continues to dynamically update the Office 365 services URL, & IP addresses, to ensure optimal communication between the on-prem environment and Office 365 services, you must review existing Offic365 URLs and IP whitelist to ensure they are up-to-date with the latest version. You can find the latest version of list by searching Office 365 URLs and IPs.
Traffic on these URLs and IPs must also be allowed on the ports provided within the Office 365 whitelist articles.


Prepare Network Appliances - QoS & Proxy bypass

To ensure optimal experience and reliable service, the SFB Online or Teams traffic must be bypassed on any filtering, shaping, IPSec/VPN or proxy appliance or service. Routers must be configured to allow Skype for Business traffic to travel directly to Office 365. Traffic inspection always impacts quality. Traffic is cached, inspected, and then sent on. Skype for Business traffic does not support any traffic or proxy services.
Any VPN tunnel must also be bypassed for SfB traffic. IPSec needs to be configured to exclude all Skype for Business media ports. Direct Access needs to be configured to exclude all Skype for Business traffic.


Quality of Service

Quality of service is very critical to ensuring good user experience. Microsoft recommends the following DSCP settings for QoS with SfB Online and will honour these tags if present in inbound traffic over an ExpressRoute circuit with Microsoft Peering.
The Full Plan project for TCO365 includes a Detailed Network Assessment activity that will determine all necessary QoS requirements for Skype for Business or Teams clients and network appliances such as routers. A Recommendation report will be made available to detail any QoS-related remediation changes.


Prepare for Office 365 licencing

All hybrid users must be enabled for an E3 + Microsoft Phone System Licence to provide SfB Online with Enterprise Voice Online with Phone System Voicemail services. During the co-existence phase, SfB Hybrid users will continue to use the on-premise enterprise voice for PSTN Services.
Once users’ numbers have been migrated from the on-premise environment to Online, users will be enabled with an Online call Plans, along with the enforcement of tenant dial plan and other related cloud voice policies.

Validate the availability of E3 + Phone System or E5 licences for migrating hybrid users.
Prior to migration, all enterprise voice users must be enabled with a Microsoft Phone System Licence in Office 365
Prior to migration, all Audio-Conferencing users must be enabled with an Audio-Conferencing add-on licence within Office 365  


On-Prem system setup

In order to enable hybrid setup below commands need to be run within the on-prem environment. Below commands are run by an admin who has CSAdministrator privilege.

Enable Federation

First, we must enable federation to allow communications with Office 365. In a PowerShell console, enable federation with the following command –
Set-CsAccessEdgeConfiguration –AllowOutsideUsers 1 –AllowFederatedUser 1 -EnablePartnerDiscovery 0 -UseDnsSrvRouting

Enable SfB Online Hosting Provider

Next ensure that the Skype for Business Online hosting provider in the on premises environment is setup correctly by first removing the existing and recreating with correct settings.
Get-CsHostingProvider | ?{ $_.ProxyFqdn -eq "sipfed.online.lync.com" } | Remove-CsHostingProvider
New-CSHostingProvider -Identity SkypeforBusinessOnline -ProxyFqdn "sipfed.online.lync.com" -Enabled $true -EnabledSharedAddressSpace $true -HostsOCSUsers $true -VerificationLevel UseSourceVerification -IsLocal $false -AutodiscoverUrl https://webdir.online.lync.com/Autodiscover/AutodiscoverService.svc/root

Configure Office 365 tenant for shared SIP address space

First, you must ensure you have Federation enabled through the SfB Online Admin Portal. Then log in to SfB Online using PowerShell and run the following command –

Set-CsTenantFederationConfiguration -SharedSipAddressSpace $true


Meetings Migration

All scheduled meetings also have to migrate into online as part of user migration to Skype or Teams online. This is an automated process. No need to require any further action at the user migration process. But below CsTenantMigrationConfiguration setting must be changed as a part of the preparation of the hybrid environment. Below commands need to be run within the on-prem environment.


the Meeting Migration Service in Office 365 must be enabled as shown below:
• Set-CsTenantMigrationConfiguration -MeetingMigrationEnabled $true

To enable MMS for Audio Conferencing updates, use the below cmdlet:
• Set-CsOnlineDialInConferencingTenantSettings -AutomaticallyMigrateUserMeetings $true 

Comments

Post a Comment

Popular posts from this blog

5 Great Reasons To Connect Solar Power

Simply put, 'Sun oriented energy' is vitality that is gotten from the sun. Our sun is a bottomless wellspring of vitality; it gives of warmth and light. The sun's been respected by a few societies of the past and even by a couple of societies despite everything present today. The antiquated Egyptians even adored the sun as a God. All said and done, it was not lost regard; the sun absolutely is a plentiful and boundless wellspring of intensity, at any rate for a few ages to come; the benefits for utilizing its sunlight based vitality are various. It's free Each morning with each daybreak, the sun-powered vitality discharged by the sun comes separated through our air giving light and assisting with emanating heat. This has been going on for many years, yet it is as of late that we have started to benefit from this plentiful wellspring of practically unending force. In the past, the Greeks and the Egyptians have been known to saddle the intensity of the...
Read more

Microsoft Mesh is the platform that Microsoft is creating for a virtual office in augmented reality

Image
  Microsoft Mesh, the next great service from Microsoft. Using increased reality and high-speed Internet connections, they imagine  an improved reality platform where virtual meetings stop being only on screens  and jump into the 3D world to have virtual human and objects in the environment in which we find ourselves. This is one of the latest innovations introduced by  Microsoft in the field of augmented reality  and is rather an idea of ​​ what they hope to create in the near future. Microsoft shows a multitude of examples where Microsoft Mesh is useful in a first demonstration video. Please use this link to watch Introducing Microsoft Mesh . For example, in the video, we can see how it  can be especially useful for work team meetings .  In these situations, it is typically around a table with a virtual product such as a model of a building or the flight path of an airport. Microsoft also proposes its  use for academic learning,...
Read more

New Windows 365. The operating system to the cloud

Image
After a pandemic, many of us have adopted new habits. Mobility at work has been a constant and Microsoft wants to meet this need. Now more than ever,  you need to work from anywhere and from any device , t hese are the essential requirements to be successful in teleworking. Windows 365 On August 2, Windows 365 will be available for companies. This new operating system will be multi-device, which means that it can be run with an Android mobile, iPhone, PC computer or an Apple Mac. In short, on any device that has a web browser. Windows 365 is based on the principles of Zero Trust in order to avoid potential risks. To do this, it stores the information and apps in the cloud, not on the device. It will also use Azure Virtual Desktop technology and will incorporate analysis of the network connection status and the Watchdog service that will carry out a continuous diagnosis to achieve proper operation and thus avoid failures and possible performance problems....
Read more