personal storage in the cloud redirection support in service pack 1
TRANSCRIPT
Configuring OneDrive for Business Deployment: Options and Best Practices Spencer HarbarArchitect
BRK3183
About Spencer Harbar
Architect based in Edinburgh, UKwww.harbar.net | [email protected] | @harbars
Technical Director for Fidra ConsultingWorks with Microsoft’s largest enterprise customersWorks with SharePoint Product Group on ReadinessAuthor for MSDN & TechNet
Session Objectives And TakeawaysSession Objectives: 1. Understand SharePoint Server 2013 advancements for integrating on-premises with
OneDrive for Business in Office 3652. Position OneDrive for Business in Office 365 as a first and best workload in the cloud3. Architect and plan for OneDrive for Business integration and migration as a first step
towards a cloud strategy for or customers
OneDrive for Business is a first and best cloud workload
ContentsIntroduction to OneDrive for BusinessIdentity ScenariosRedirection in SharePoint Server 2013Office 365 ConfigurationMigrationRoadmap
In SharePoint 2013Discrete Document LibraryEvolution of Shared and Personal My Site conceptsSimplifies sharing and versioning experiencePrivate by default, simple permissions management
Identity Considerations Click icon to add pictureCloud Identity
Directory Synchronization
Active Directory Federation Services
Identity Options
Federated IdentityCloud IdentityDirectory & Password Synchronization*
Single identity in the cloud
Suitable for small organizations with no integration to on-premises directories
Single identity
Suitable for medium and large organizations without federation*
Single federated identity
and credentials
Suitable for medium and large organizations
Cloud IdentitySingle identity in the cloud with no affinity to on-premises Active DirectoryProvided through Azure AD
DisadvantagesNo affinity with on-premises identityRequires separate username and passwordDoes not support hybrid workloads
AdvantagesLow TCORapid deployment and provisioningNo new infrastructure requirements
Windows Azure Active
Directory
OAuth2
SAML-P
WS-Federation
Metadata
Graph API
Office Activation Service
Office 365 Admin Portal
Exchange Mailbox Access
…
Authorization
Spreadsheet
CSV Import
Cloud Identity
Directory SynchronizationIntegrates with Azure AD replicating on-premises users, groups, and contactsProvides use of on-premises user name across environmentsEnables password hash replication with Password Synchronization
Password SynchronizationAdvantagesLow barrier to entryReduces TTS (Time to Solution)No changes needed to existing AD serversExtends Directory Synchronization to provide Same Sign-On experience
DisadvantagesDoes not provide Single Sign-On experienceRequires additional authenticationDoes not support custom 2 factor authentication mechanisms deployed on-premisesDoes enable policy based access control decisionsSingle Point of Failure
Windows Azure Active
Directory
OAuth2
SAML-P
WS-Federation
Metadata
Graph API
Office Activation Service
Office 365 Admin Portal
Exchange Mailbox Access
…
Authorization
Directory & Password Sync
On Premises
DirectorySync
Active Directory
AD FS
AdvantagesProvides Web SSO (enables seamless partner federation) & mitigates partner user account managementClaim mapping supportExtensibleEnables broader hybrid workload adoption and support (I.e. Search, BCS, etc.)
DisadvantagesInfrastructure investment requiredComplex configurationLow ROI in limited support scenarios
Provides an open and interoperable claims-based model for integration
Windows Azure Active
Directory
OAuth2
SAML-P
WS-Federation
Metadata
Graph API
Office Activation Service
Office 365 Admin Portal
Exchange Mailbox Access
…
Authorization
AD FS
DirectorySync
Active Directory Federation Services
On Premises
Active Directory
PrerequisitesService Pack 1Office 365 (P1 + subscription)Identity federation for seamless experience
1 User authenticates on-premises
2User clicks OneDrive for Business
in navigation
3 User is not in redirect audience 4 User is in redirect audience
Redirection to OneDrive in Office 365
On Premises
New options under the heading Office 365 Connections on the home page of the SharePoint Central Administration website
SharePoint Online My Site Host Url
Configure audience scoped redirection toOffice 365
Specifies where new SharePoint sites are created.
Deploy Sync Client with Office Deployment ToolConsole application and configuration manifestAllows an administrator to customize and manage Office 2013 Click-to-Run deployments
Download client<Add SourcePath="\\server\share\C2R_deploy" OfficeClientEdition="32" > <Product ID="GrooveRetail"> <Language ID="en-us" /> </Product> </Add>
Install client<Add SourcePath="\\server\share\C2R_deploy" OfficeClientEdition="32" > <Product ID="GrooveRetail"> <Language ID="en-us" /> </Product> </Add> <Updates Enabled="TRUE" UpdatePath="\\server\share\C2R_updates" /> <Display Level="None" AcceptEULA="TRUE" />
\\server\share\C2R_deploy\setup.exe /download \\server\share\C2R_Deploy\Download_OneDrive.xml
\\server\share\C2R_deploy\setup.exe /configure \\server\share\C2R_Deploy\Install_OneDrive.xml
+
+
Sync Client UpdatesAutomatic updates from Microsoft<Updates Enabled="TRUE“ />
Patch TuesdayDaily Scheduled Task to check
Updates from an internal location<Updates Enabled="TRUE" UpdatePath="\\server\share\C2R_updates" />
No Automatic updates<Add SourcePath="\\server\share\C2R_deploy" Version="15.0.xxxx.xxxx" OfficeClientEdition="32" >
Download a new build and create a new configuration file
Bandwidth PlanningDownload the OneDrive for Business Client Network Bandwidth Calculatorhttp://www.microsoft.com/en-us/download/details.aspx?id=44541
IW-Led, IT-ManagedITManages OneDrive for Business sync client deploymentReadiness
IWManaged migration
Migration of personal content (personal sites)PrerequisitesPersonal sites are required (I.e. must be created) for migrationBulk provisioning options provided in Service Pack 1
Bulk site migrations require a migration account to be added to the personal sites
Bulk ProvisioningLimited to 200 in a batch for the queueThe queue is shared by tenantsThrottling is possible if a single tenant is keeping the queue saturated
Provisioning speed varies based on farm activitiesImprovements have been made in provisioning speedEffort is underway to improve further
Bulk Site Creation: CSOM APIpublic IEnumerable<string> CreatePersonalSiteEnqueueBulk([Microsoft.SharePoint.Client.ClientCallableConstraint(Type = Microsoft.SharePoint.Client.ClientCallableConstraintType.MaxLength, Value = 200)]string[] emailIDs)
Calling CSOM from PowerShell[System.Reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint.Client.UserProfiles")$loader =[Microsoft.SharePoint.Client.UserProfiles.ProfileLoader]::GetProfileLoader($ctx)#To enqueue Profile$loader.CreatePersonalSiteEnqueueBulk(@(“[email protected]"))$loader.Context.ExecuteQuery()
Assigning Permissions$cred= Get-CredentialConnect-SPOService -Url https://contoso-admin.sharepoint.com -credential $credConnect-MSOLService -credential $cred$AdminAccount= “[email protected]"$Users= Get-MSOLUser -All | Select UserPrincipalName foreach ($User in $Users){
$strUser = $User.userprincipalname$pos= $strUser.IndexOf("@") $strUser = $strUser.SubString(0, $pos) $SiteUrl= "https://contoso-my.sharepoint.com/personal/" + $strUser $SiteUrl= $SiteUrl+ "_contoso_onmicrosoft_com" Set-SPOUser -Site $SiteUrl -LoginName $AdminAccount -IsSiteCollectionAdmin
$true –ErrorAction Continue}
New Migration Pipeline SDKImproved import API that implements Azure Blob Storage based on modern File APIs
Designed to improve migration performance and reduce load on Office 365 services such as SharePoint Online
SDK with sample pipeline solution (migration tool) in May 2015
Personal Files
FileShare Server
SharePoint On-Prem
Microsoft Or ISV tool
Symmetrical SAS Key
Content[Container]
Read/List
Manifest[Container]
Read/List/Write
Notification[Queue]
Add/Remove3
4
5
Create a package using the tool
Upload the package
CSOM : Site.CreateMigration
+ +WebID +
File upload to SPOManifest Read/writeUpdate the QueuePut Log in the Manifest
Legend
BOT
Timer Job Queue
CFE CFE CFE
...
...Migration Azure
Blob StorageBOT BOT
4
CSOM Migration call
Work item queued for later migration timer job
processing
Job Distributed to the bots via timer
service logic
Migration to the CBD
Content transfer to spo
Update Manifest and Azure Queue
2
CDB CDB CDB
...Use only 1 CPU per CDB
1
CSOM : Create target Site/Web/List structure
ISV SolutionsScenariosIT-endorsed use of competitive FSS solutionsRequire metadata preservation, discovery, and compliance controls
File and Folder RestrictionsWindows Reserved Characters<, >, :, “, /, \, |, ?, * as identified by Path.GetInvalidFileNameChars Method
OneDrive for Business Considerations_ (marked as hidden in Explorer View). (preceded or followed by)~, #, %, &, [, ], {, }Posix semantics are not supported
File and Folder Validationprivate static Regex pattern = new Regex(@"[\\\[\]\|~#%&*\:{}?/]+", RegexOptions.Compiled);
DirectoryInfo source = new DirectoryInfo(args[0]);
foreach (DirectoryInfo di in source.GetDirectories()) { if (di != null) { FileInfo[] files = source.GetFiles("*.*", SearchOption.AllDirectories);
Download source code and app at http://blogs.technet.com/b/wbaer/archive/2014/05/24/file-and-folder-considerations-with-onedrive-for-business.aspx.
In Review: Session Objectives And TakeawaysSession Objectives: 1. Understand SharePoint Server 2013 Service Pack 1 advancements for integrating on-
premises with OneDrive for Business in Office 3652. Position OneDrive for Business in Office 365 as a first and best workload in the cloud3. Architect and plan for OneDrive for Business integration and migration as a first step
towards a cloud strategy for or customers
OneDrive for Business is a first and best cloud workload
Visit Myignite at http://myignite.microsoft.com or download and use the Ignite Mobile App with the QR code above.
Please evaluate this sessionYour feedback is important to us!