Salaam, Namaste, Ola and Hello!
I have been working with a lot of customers in recent months who have a large on premises footprint but want to start the journey into using cloud services. In my experience, the first step tends to be migrating email services to Exchange online which gives the business the start of a new Hybrid Infrastructure.
Once users start adopting Exchange online features, one of the services that soon follow is Microsoft Teams and today I am going to detail a recent experience I had with a customer who has a massive Virtual Environment which includes a multi server Exchange on premises Org. They were looking to start their Cloud/Hybrid journey, however rather than Exchange Online, they wanted to look at integrating Microsoft Teams
Microsoft Teams is a cloud native app so the full feature set is supported when you have an Exchange Online mailbox. The scenario I had was an existing Exchange 2013 on premises org on the latest CU with no Microsoft 365 tenant and a customer wanting to look at adopting Teams for meeting rooms and collaboration.
Understand pre-requisites. We know what the end game is: Utilise Microsoft Teams and integrate this in a Hybrid environment. Knowing this, the next step is to document the pre-requisites which will allow us to get to that end goal, as this then helps understand our step by step process. The following are pre-requisites for integrating and using Microsoft Teams functionality in a hybrid environment:
- Exchange 2016 Exchange Server (with CU 15 as a minimum)
- Hybrid Exchange configured
- Microsoft 365 tenant with relevant licenses
- Hybrid Identity (identity object in Active Directory on premises and Azure AD)
As I mentioned earlier, the existing Exchange Org was 2013 so we needed to create a new Exchange 2016 Exchange Server into the existing Org and ensure it had CU 15 at least. At this stage the plan was to only migrate the internal IT Team to the new server to allow testing before rolling out Teams to the wider user groups. For full instructions and understanding on how to install Exchange 2016 I would recommend the following article: https://practical365.com/exchange-server/installing-exchange-server-2016/
Once we had the Exchange 2016 server integrated into the existing Exchange Org we needed to create and configure the Microsoft 365 tenant. Working for a MSP came in handy as we were able to provision this via the CSP platform and get tenant up and working fairly quickly. For full instructions and understanding on how to configure a Microsoft 365 tenant I would recommend the following article: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/create-your-office-365-tenant . It does not cover the CSP element but does explain how to configure the.
We now have a working Microsoft 365 tenant and an on premises Exchange Org with a 2016 CU 15 server. We now needed to create the Hybrid configuration which in this case is both Identity and Exchange Hybrid.
To create the identity Hybrid we installed and configured Azure AD connect on one of the existing on premises domain controllers. I would recommend the following article: https://docs.microsoft.com/en-us/office365/enterprise/set-up-directory-synchronization . In this scenario we wanted ‘Password Hash Synchronisation and to enable Exchange Hybrid option in the utility.
Once the relevant identities were synchronising between Active Directory on premises and Azure AD we could install and configure the Hybrid Exchange wizard. This needed to be installed on the Exchange 2016 server and also required some public DNS record creations. I would recommend the following article: https://docs.microsoft.com/en-us/exchange/hybrid-deployment/deploy-hybrid. One of the important requirements of using Teams in a Hybrid environment is ensuring OAuth authentication is configured and working, and with Exchange 2016 the Hybrid Exchange wizard automatically configures this.
Once the above configuration was completed and in place we were able to deploy Microsoft Teams to a device and login with Office 365 credentials (synchronised with on premises Active Directory). This then allowed the end user to use the Teams functionality like Calendar, meeting room licenses and other collaboration available in the app. The one caveat to this is that the users mailbox needed to be on the Exchange 2016 database to make use of Microsoft Teams fully.
I hope you have enjoyed this short blog. The main purpose of it is to just share a recent experience I have had in the hope if you come across a similar scenario that it might help you! Please feel free to leave a comment, but until next time IamITGeek over and out!!