Prepare Hybrid environment for Microsoft Teams or Skype for Business online - Part 2

<--Planning Microsoft Teams or Skype for Business online in a Hybrid Environment - Part 1

My previous post I have discussed the Planning phase for Microsoft Teams or Skype for Business Online in a Hybrid environment. Please click here to access into it. I am discussing Key preparation steps to implement a hybrid environment on this post.


Update On-Prem system

After validating cumulative update level of Skype for Business or Lync 2013 system, update the system into the latest cumulative updates. This is the best practice method before implement hybrid environment.


Implement Office 365 Firewall URLs

As Microsoft continues to dynamically update the Office 365 services URL, & IP addresses, to ensure optimal communication between the on-prem environment and Office 365 services, you must review existing Offic365 URLs and IP whitelist to ensure they are up-to-date with the latest version. You can find the latest version of list by searching Office 365 URLs and IPs.
Traffic on these URLs and IPs must also be allowed on the ports provided within the Office 365 whitelist articles.


Prepare Network Appliances - QoS & Proxy bypass

To ensure optimal experience and reliable service, the SFB Online or Teams traffic must be bypassed on any filtering, shaping, IPSec/VPN or proxy appliance or service. Routers must be configured to allow Skype for Business traffic to travel directly to Office 365. Traffic inspection always impacts quality. Traffic is cached, inspected, and then sent on. Skype for Business traffic does not support any traffic or proxy services.
Any VPN tunnel must also be bypassed for SfB traffic. IPSec needs to be configured to exclude all Skype for Business media ports. Direct Access needs to be configured to exclude all Skype for Business traffic.


Quality of Service

Quality of service is very critical to ensuring good user experience. Microsoft recommends the following DSCP settings for QoS with SfB Online and will honour these tags if present in inbound traffic over an ExpressRoute circuit with Microsoft Peering.
The Full Plan project for TCO365 includes a Detailed Network Assessment activity that will determine all necessary QoS requirements for Skype for Business or Teams clients and network appliances such as routers. A Recommendation report will be made available to detail any QoS-related remediation changes.


Prepare for Office 365 licencing

All hybrid users must be enabled for an E3 + Microsoft Phone System Licence to provide SfB Online with Enterprise Voice Online with Phone System Voicemail services. During the co-existence phase, SfB Hybrid users will continue to use the on-premise enterprise voice for PSTN Services.
Once users’ numbers have been migrated from the on-premise environment to Online, users will be enabled with an Online call Plans, along with the enforcement of tenant dial plan and other related cloud voice policies.

Validate the availability of E3 + Phone System or E5 licences for migrating hybrid users.
Prior to migration, all enterprise voice users must be enabled with a Microsoft Phone System Licence in Office 365
Prior to migration, all Audio-Conferencing users must be enabled with an Audio-Conferencing add-on licence within Office 365  


On-Prem system setup

In order to enable hybrid setup below commands need to be run within the on-prem environment. Below commands are run by an admin who has CSAdministrator privilege.

Enable Federation

First, we must enable federation to allow communications with Office 365. In a PowerShell console, enable federation with the following command –
Set-CsAccessEdgeConfiguration –AllowOutsideUsers 1 –AllowFederatedUser 1 -EnablePartnerDiscovery 0 -UseDnsSrvRouting

Enable SfB Online Hosting Provider

Next ensure that the Skype for Business Online hosting provider in the on premises environment is setup correctly by first removing the existing and recreating with correct settings.
Get-CsHostingProvider | ?{ $_.ProxyFqdn -eq "sipfed.online.lync.com" } | Remove-CsHostingProvider
New-CSHostingProvider -Identity SkypeforBusinessOnline -ProxyFqdn "sipfed.online.lync.com" -Enabled $true -EnabledSharedAddressSpace $true -HostsOCSUsers $true -VerificationLevel UseSourceVerification -IsLocal $false -AutodiscoverUrl https://webdir.online.lync.com/Autodiscover/AutodiscoverService.svc/root

Configure Office 365 tenant for shared SIP address space

First, you must ensure you have Federation enabled through the SfB Online Admin Portal. Then log in to SfB Online using PowerShell and run the following command –

Set-CsTenantFederationConfiguration -SharedSipAddressSpace $true


Meetings Migration

All scheduled meetings also have to migrate into online as part of user migration to Skype or Teams online. This is an automated process. No need to require any further action at the user migration process. But below CsTenantMigrationConfiguration setting must be changed as a part of the preparation of the hybrid environment. Below commands need to be run within the on-prem environment.


the Meeting Migration Service in Office 365 must be enabled as shown below:
• Set-CsTenantMigrationConfiguration -MeetingMigrationEnabled $true

To enable MMS for Audio Conferencing updates, use the below cmdlet:
• Set-CsOnlineDialInConferencingTenantSettings -AutomaticallyMigrateUserMeetings $true 

Comments

Popular posts from this blog

SAP and Microsoft want the collaboration application to drive the jump to the cloud

Microsoft Mesh is the platform that Microsoft is creating for a virtual office in augmented reality

New Windows 365. The operating system to the cloud