In this episode of Between Two Farms, we cover a question that often comes up in conferences: working with Hybrid SharePoint environment and the Cloud, in our case through Office 365. Discover ways to set this up, but also the limitations of such a system.
Here are useful SharePoint links to get you there:
- Are you ready to upgrade from SharePoint 2010 to Office 365?
- How to migrate from On-Premises to the Office 365 SharePoint cloud – Blog series
Transcript of the video
My name is Benjamin Niaulin, and welcome to another episode of Between Two Farms, this time all the way out here in Montreal, in the Sharegate office. Now, this week I want to talk to you about something that comes up quite a bit of times the last couple of weeks while I was in the conferences, and that is hybrid migration and the cloud.
There’s a lot of confusion still around on what exactly is the cloud, and especially what do you get with a hybrid migration or not even migration, what is a hybrid environment? How do you get the two environments talking to each other, and mostly what do you get for it?
What’s in the cloud?
So, in this case, let me start by talking about the cloud. The cloud just simply means that they’re not on your servers inside of your perimeters, and they’re on highly scalable servers. So we’re talking Office 365, Windows Azure, or, I mean, it could be Amazon. It could be anything really. Of course, I’m going to focus on Office 365 because we’re talking SharePoint here and nothing better than Office 365 for it, of course.
Windows Azure Active Directory
First, let’s begin with one thing, and they’re really the basics — the active directory or the users that you create in Office 365. Now, let’s say you’re starting from scratch and you have no servers, nothing on premises, and you open up an Office 365 account. Now, if you click on Create a New User and you create an user in Office 365 or a group, well, there is no real Office 365. Office 365 is really a brand. What it’s using is Windows Azure AD or Windows Azure Active Directory.
Now, you can’t see this unless you have a Windows Azure subscription for that tenant that you’ve created. Then, you could connect to the Azure portal and see this active directory I’m talking about. So what this means is that whenever you create users, whenever you create groups, they’re actually getting created in Windows Azure AD, which then you can use for many other things as well, not just Office 365, which is pretty cool.
Dir Sync allows you to have one just log-on
Now, to be able to start using say a sort of a same log-on, not a single sign-on, the same log-on, what do I mean by that? Well, if you have on-premises environment and you want your users to access some resources that are on Office 365, because, I mean, it’s simply costs less for you to have one drive for business up there for example or the My Sites, however we want to call them now, right?
But in this scenario, what happens is you install something on your server called Dir Sync. It’s a free tool, and what it allows you to do is to copy your users with their passwords. Now, don’t worry, not their actual passwords, but a hash. We don’t want to get too technical here either. But they’re going to copy the users into your Windows Azure AD or Office 365. This will allow your users to go between environments on premises and on the cloud or Office 365 without really logging in again or using different credentials.
Now, you will eventually get the pop-up because you are changing different physical environments. You could play with your Internet Explorer settings to automatically pass along those credentials, and it would appear for the user that it’s using single sign-on, which could be awesome. So this is a sort of a hybrid, but not really, because you just have two separate environments, not talking to each other, and you’re copying your users there.
Now, what is the other method that enables hybrid?
Well, we’re talking about ADFS, Active Directory Federated Services. Now, the downside to this is it actually requires extra servers and some technical knowhow no less. But what it’ll do is create a secure tunnel between the two environments so that you can go back and forth between them, but leave the authentication on your own premises. This means that Office 365 no longer does any of the authentication and really trusts you to do it yourself.
So users accessing the resources, well, basically, you don’t have to copy users or create another one and essentially manage them in two places. It also, through the secure tunnel, allows you to create a more connected environment between Office 365 and your on-premises environment.
So you should realize, however, that hybrid does not mean everything can talk to each other. With SharePoint, we’re talking search and we’re talking things for say power BI or Business Intelligence or BCS, connecting services up and use them in the cloud.
So it is rather limited in some sort. I think it is very important that before you launch yourself into a hybrid scenario that you fully understand the current limitations that exist for the two environments to talk to each other.
Now, in terms of migration, I mean, there is no real way to go to Office 365. Whether it’s hybrid or not, you’re going to have to use tools to migrate your content to Office 365. There is no choice. Of course, I’m a little biased on the tools, but I’ll let you check those out for yourself.
Thank you for another episode of Between Two Farms, and I’ll see you next week.