Office 365 deployment checklists



Similar documents
Office 365 deploym. ployment checklists. Chapter 27

Mod 2: User Management

Installing Samsung SDS CellWe EMM cloud connectors and administrator consoles

Sharepoint server SSO

Configuring on-premise Sharepoint server SSO

Configuring Salesforce

SPHOL300 Synchronizing Profile Pictures from On-Premises AD to SharePoint Online

An overview of configuring Intacct for single sign-on. To configure the Intacct application for single-sign on (an overview)

Get started with cloud hybrid search for SharePoint

AVG Business SSO Connecting to Active Directory

Agenda. Federation using ADFS and Extensibility options. Office 365 Identity overview. Federation and Synchronization

AVG Business Secure Sign On Active Directory Quick Start Guide

Business mail 1 MS OUTLOOK CONFIGURATION... 2

Configuring SuccessFactors

SchoolBooking SSO Integration Guide

SAML single sign-on configuration overview

For details about using automatic user provisioning with Salesforce, see Configuring user provisioning for Salesforce.

An overview of configuring WebEx for single sign-on. To configure the WebEx application for single-sign on from the cloud service (an overview)

An overview of configuring WebEx for single sign-on. To configure the WebEx application for single-sign on from the cloud service (an overview)

Configuring Single Sign-On from the VMware Identity Manager Service to Office 365

Office 365 from the ground to the cloud

Mod 3: Office 365 DirSync, Single Sign-On & ADFS

Creating a generic user-password application profile

Lync Online Deployment Guide. Version 1.0

Connected Data. Connected Data requirements for SSO

LAB 2: Identity Management

Migrating Exchange Server to Office 365

VMware Identity Manager Administration

Centrify Cloud Management Suite

Table of Contents Introduction... 2 Azure ADSync Requirements/Prerequisites:... 2 Software Requirements... 2 Hardware Requirements...

Bill Fiddes Learning and Development Specialist Rob Latino Program Manager in Office 365 Support

Configuring. SuccessFactors. Chapter 67

WHITEPAPER. 13 Questions You Must Ask When Integrating Office 365 With Active Directory

SAML single sign-on configuration overview

Configuring. Moodle. Chapter 82

User identity, Account Provisioning, Directory Synchronization, Federation

How To Use Salesforce Identity Features

VMware Identity Manager Administration

SP-initiated SSO for Smartsheet is automatically enabled when the SAML feature is activated.

Extend your Exchange On Premises Organization to the Cloud

AVG Business SSO Partner Getting Started Guide

Before you begin with an Exchange 2010 hybrid deployment Sign up for Office 365 for an Exchange 2010 hybrid deployment... 10

Configuring Parature Self-Service Portal

Before you begin with an Exchange 2010 hybrid deployment Sign up for Office 365 for an Exchange 2010 hybrid deployment... 10


Business mail 1 MS OUTLOOK RECONFIGURATION DUE TO SYSTEM MIGRATION... 2

Introduction to the EIS Guide

Google Apps Deployment Guide

Managing Office 365 Identities and Services

INSTALLATION AND CONFIGURATION GUIDE (THIS DOCUMENT RELATES TO MDAEMON v ONWARDS)

Identity. Provide. ...to Office 365 & Beyond

Integrating VMware Horizon Workspace and VMware Horizon View TECHNICAL WHITE PAPER

Configuring the Samsung SDS CellWe EMM cloud connector


McAfee Cloud Single Sign On

Office 365. Migrating and Managing Your. Business in the Cloud. Matthew Katzer. Don Crawford

Getting Microsoft Outlook and Salesforce in Sync

Authentication Methods

SINGLE & SAME SIGN-ON ASPECTS

Configuration Guide. BES12 Cloud

Network Configuration/Bandwidth Planning Scope

How To Integrate An Ipm With Airwatch With Big Ip On A Server With A Network (F5) On A Network With A Pb (Fiv) On An Ip Server On A Cloud (Fv) On Your Computer Or Ip

Office 365 DirSync, ADFS, Single Sign On and Exchange Federation

User Guide. Time Warner Cable Business Class Cloud Solutions Control Panel. Hosted Microsoft Exchange 2007 Hosted Microsoft SharePoint 2007

An Overview of Samsung KNOX Active Directory-based Single Sign-On

Administrator Guide. v 11

Managing Office 365 Identities and Services 20346C; 5 Days, Instructor-led

VMware Identity Manager Connector Installation and Configuration

Configuring. SugarCRM. Chapter 121

Toll Free: International:

Course 20346: Managing Office 365 Identities and Services

Apple Mail Outlook Web Access (OWA) Logging In Changing Passwords Mobile Devices Blackberry...

Single Sign On for ShareFile with NetScaler. Deployment Guide

AvePoint Meetings for SharePoint On-Premises. Installation and Configuration Guide

Introductions. Christopher Cognetta Practice Manager Client Field Engineering Microsoft Dynamics CRM MVP

How To Configure A Windows 8.1 On A Windows (Windows) With A Powerpoint (Windows 8) On A Blackberry) On An Ipad Or Ipad (Windows 7) On Your Blackberry Or Black

SJRWMD Cloud-Based Quick-Start Guide

Managing Office 365 Identities and Services

Test Lab Guide: Creating a Windows Azure AD and Windows Server AD Environment using Azure AD Sync

NeoMail Guide. Neotel (Pty) Ltd

Cloud-Accelerated Hybrid Scenarios with SharePoint and Office 365

Special thanks to the following people for reviewing and providing invaluable feedback for this document: Joe Davies, Bill Mathers, Andreas Kjellman

Administering Jive for Outlook

Hosted Microsoft Exchange Client Setup & Guide Book

LAB 1: Installing Active Directory Federation Services

McAfee Directory Services Connector extension

Exchange Integration DME 4.4 Microsoft Exchange 2007, 2010, 2013

F, G I, J, K. Line of Business Applications (LOB), 10 Lync, 107 Lync administration conferencing add-on configuration, 419 functions, 371 set up, 419

Hosted Microsoft Exchange Client Setup & Guide Book

Configuration Guide BES12. Version 12.1

Office of Information Technology Connecting to Microsoft Exchange User Guide

Redelegate your domain to Office 365

Microsoft Dynamics GP SQL Server Reporting Services Guide

Configuring user provisioning for Amazon Web Services (Amazon Specific)

Hosted Microsoft Exchange 2013 Service. Getting Started Guide

SETTING UP ACTIVE DIRECTORY (AD) ON WINDOWS 2008 FOR EROOM

Configuration Guide. BlackBerry Enterprise Service 12. Version 12.0

Okta/Dropbox Active Directory Integration Guide

Transcription:

Chapter 128 Office 365 deployment checklists This document provides some checklists to help you make sure that you install and configure your Office 365 deployment correctly and with a minimum of issues. The checklists are in the following functional sections: "Deployment workflow overview" on page 128-1013 "Active Directory checklist" on page 128-1014 "Office 365 checklist" on page 128-1016 "Directory Synchronization checklist" on page 128-1019 "Samsung SDS EMM User Suite checklist" on page 128-1023 "Samsung SDS EMM for Office 365 checklist" on page 128-1024 "Samsung SDS EMM for Office 365 verification checklist" on page 128-1026 "Samsung SDS EMM for Office 365 desktop checklist" on page 128-1026 "Samsung SDS EMM for Office 365 mobile checklist" on page 128-1027 1012

Deployment workflow overview Deployment workflow overview We recommend that at each deployment stage, you get your deployment working and test and verify that data is handled correctly before you move on to the next deployment stage. For example, even if you re using provisioning, it s a good practice to first configure your Office 365 application for SSO and configure the account mapping to verify that SSO works. Depending on how many users you have, you may also find that it s useful to migrate your users in batches rather than all at once. Deployment workflow for the deprecated Office 365 application If you re using the deprecated version of Office 365, here s the workflow for getting that kind of deployment up and running. Chapter 128 1013

Active Directory checklist Active Directory checklist # Checklist items Notes AD1 AD2 Map or list of your Active Directory topology, and be sure to include the following: Multiple domains Multiple forests Child domains Untrusted domains Have you specified an alternative UPN suffix for users? Later, when you configure Samsung SDS EMM User Suite, you ll need this list to verify that each domain in each forest has a login suffix. If you have an alternate UPN specified and you plan on using automatic user provisioning, you ll need to edit the provisioning script slightly to accommodate your alternate UPN suffix. For instructions, see Configuring Office 365 to synchronize users from a different domain. Note: If you re using an older version of the Office 365 application (without provisioning), you ll need to continue using the login suffixes that you created. If you ve added alternative UPN suffixes in Active Directory, you must also create a login suffix in Admin Portal for each of the alternative UPN suffixes. Example: For example, consider the following example configuration: Domain name = acme.com Alternative UPN suffix = wileycoyote.com The login suffix would be as follows: login suffix = wileycoyote.com With the login suffix, a user can log in either with user@acme.com or user@wileycoyote.com. Additional information: For more details about using login suffixes, see https:// emm2.samsungknox.com/vfslow/lib/docs///samsung/ adminref/index.html#context/cloudhelp/cloud-admin-moddel-login-aliases For more information on how to configure the alt UPN, see http://technet.microsoft.com/library/jj151831.aspx. and http:/ /technet.microsoft.com/en-us/library/cc772007.aspx. For more information about preparing Active Directory, see http://technet.microsoft.com/en-us/library/hh852478.aspx Cloud Manager user s guide 1014

Active Directory checklist # Checklist items Notes AD3 Have you set up a test domain in Active Directory? It s a best practice to set up a test domain and use it to go through the Office 365 configuration process before you configure or alter your production deployment. When setting up a test domain, keep in mind the following: You must add and verify a publicly addressable domain in Office 365. If you use a local domain (one that doesn t have a publicly valid suffix), you must add an alternate domain and an alternate UPN suffix in Active Directory that matches the publicly addressable domain (suffix) in Office 365. AD4 Do you have untrusted domains? If you have untrusted domains, on-premise Exchange servers, and are going to use automatic user provisioning, you ll need to select the domain that the on-premise Exchange server belongs to when you configure provisioning. When you install a cloud connector in an untrusted domain, the cloud service creates a login suffix for that domain for you automatically. Chapter 128 1015

Office 365 checklist Office 365 checklist If you re already using ADFS with Office 365, you can ignore many of these setup tasks because you ve already completed them as part of your ADFS setup. The tasks that you can probably ignore are designated with a check mark ( ). Note If you are migrating from an on-premise Office or Exchange deployment to a new Office 365 deployment, Samsung has partnered with some consulting groups that can offer planning, implementation, and migration services for Office 365. For details, please contact Samsung Sales. # Checklist items Notes ADFS can ignore Off1 Your Office 365 account allows federation. Plans A, E, G, M allow federation. For details, see "Supported Office 365 account types" on page 129-1036. Off2 Is your Office 365 Managed or Federated currently? Off3 Your domains are validated and registered in Office 365. If you haven t done this yet, it can take up to 72 hours to complete. Off4 You have configured the DNS settings correctly for Office 365 domain ownership validation and registration. Off5 You have set the default domain correctly. The default domain must be the one that uses the onmicrosoft.com domain. Off6 Your Office 365 account can handle the number of Active Directory objects that you have. Off7 The Office 365 administrator account is one that is <domain>.onmicrosoft.com, and the account is not in Active Directory. If you re using Office 365 in managed mode, that means that it authenticates users with their user name and passwords. If you re using Office 365 in federated mode, that means that you have ADFS installed, configured, and running successfully. With ADFS, many of the setup tasks listed herein are already completed. For details, see "Creating and verifying a domain in Office 365" on page 129-1037. For details, see "Creating and verifying a domain in Office 365" on page 129-1037 and http:// onlinehelp.microsoft.com/en-us/office365-enterprises/ jj554758.aspx For details, see "Setting the default domain" on page 129-1039. If your have more than 50,000 Active Directory objects, please contact Microsoft support for a quota increase. For more information about preparing Active Directory, go here: http://technet.microsoft.com/en-us/library/ hh852478.aspx You need this administrator account to be outside of Active Directory in case you need to revert your Office 365 account back to user password authentication or if you need to make any configuration changes, such as changing your certificate or Issuer name. For details, see "Creating Office 365 user accounts by synchronizing with Active Directory" on page 129-1052. Cloud Manager user s guide 1016

Office 365 checklist # Checklist items Notes ADFS can ignore Off8 You can successfully log in to the Office 365 administrator portal with your Office 365 administrator credentials. Off9 The Office 365 user account email domain matches the Active Directory user s UserPrincipalName (UPN) attribute. Off1 0 Off1 1 Off1 2 Off1 3 If at all possible, use and register a test domain. Make sure that you set up and register the domain in Office 365. List the related Microsoft components that you plan to use with Office 365: Email (web access) Outlook (thick client) SharePoint online Lync/Skype for Business Office Online CRM CRM Outlook plugin Yammer (coming soon) If you plan on using Office 365 for email, will you be using a hybrid deployment? Are users only in Office 365, or are they synchronized from Active Directory? If you can t log in to the Office 365 administrator portal, contact Microsoft support. In order for Directory Synchronization to work, the UPN in Active Directory must match the user s email domain in Office 365. Depending on which components you plan to use, there may be some additional configurations to perform. After all the setup tasks are complete, you ll need to test the thick clients. A hybrid deployment is one where you use one or more on-premise Exchange servers in addition to the cloudbased Office 365. If you have a hybrid deployment, sometimes there are questions about pointing the MX record to the onpremise Exchange server (in the domain DNS settings in office 365). You can leave the MX record pointing to the on-premise server instead of changing it to point to Office 365. If your users are only in Office 365, be sure that DirSync does two-way synchronization to migrate the user info into Active Directory. By default, DirSync synchronizes from Active Directory to Office 365, but it can do twoway synchronization. For details, see "Creating Office 365 user accounts by synchronizing with Active Directory" on page 129-1052. Chapter 128 1017

Office 365 checklist # Checklist items Notes ADFS can ignore Off1 4 If you re using ADFS, did you purchase Office 365 from a third party? If so, is that third party ok with you migrating to use Samsung SDS EMM User Suite as your IdP? If you purchased Office 365 from a third-party, understand that you configure your Office 365 application to use one identity provider. You cannot use some pieces of Office 365 in one provider and other pieces with Samsung SDS EMM User Suite. Off1 5 In the Office 365 administrator portal, Active Directory synchronization is enabled. Whether you re using automatic provisioning or DirSync, you need to enable synchronization in the Office 365 administrator portal. For details, see Creating Office 365 user accounts by synchronizing with Active Directory and Enabling directory synchronization for cloud users. Cloud Manager user s guide 1018

Directory Synchronization checklist Directory Synchronization checklist This section covers tasks related to setting up DirSync for use with Office 365. The current Samsung SDS EMM for Office 365 with provisioning support does not require you to use DirSync. However, this section applies to you if your deployment scenario involves any of the following features: You re currently using DirSync, either with or without ADFS, and you haven t yet migrated to using Samsung SDS EMM for Office 365. You re currently using DirSync with an earlier version of Samsung SDS EMM for Office 365. You ll need to make sure that you upgrade to the latest version of DirSync before moving on to the next deployment section. Note You can continue using the v1 version of Samsung SDS EMM for Office 365 that uses DirSync; however, that version will be deprecated in the future. If you re already using ADFS with Office 365, you can ignore many of these setup tasks because you ve already completed them as part of your ADFS setup. The tasks that you can probably ignore are designated with a check mark ( ). If you re not using DirSync currently, you can move on to the next deployment section. # Checklist items Notes ADFS can ignore DS1 Windows Azure Active Directory sign-in assistant downloaded and installed. For details, see "Preparing to install the Microsoft Directory Synchronization tool" on page 129-1035. DS2 Windows Azure Active Directory module for Powershell hot fix downloaded and installed. For details, see "Preparing to install the Microsoft Directory Synchronization tool" on page 129-1035. DS3 Microsoft Active Directory Synchronization tool downloaded. For details, see "Preparing to install the Microsoft Directory Synchronization tool" on page 129-1035. DS4 If you already had DirSync installed, is DirSync used only to synchronize the passwords? Verify that DirSync is configured to synchronize all desired attributes. Some deployments have installed DirSync already but configured it so that it synchronizes the passwords only. If this is your situation, you don t have to re-install DirSync but you do need to configure it differently so that it synchronizes most attributes. Whether or not DirSync synchronizes passwords doesn t affect federation. For details about password synchronization, see http://blogs.technet.com/b/educloud/archive/2013/ 06/03/new-azure-active-directory-sync-tool-withpassword-sync-is-now-available.aspx. DS5 For the server that hosts DirSync, all preparatory tasks have been completed. For details, see "Preparing to install the Microsoft Directory Synchronization tool" on page 129-1035. Chapter 128 1019

Directory Synchronization checklist # Checklist items Notes ADFS can ignore DS6 DS7 Your Active Directory system meets or exceeds the DirSync and Office 365 requirements. Prior to installing DirSync, ensure that the UPN of Active Directory user accounts matches the domain in Office 365 portal. Use the Microsoft Deployment Readiness toolkit to make sure that your Active Directory system meets or exceeds the requirements. The tool will indicate what fixes you need to make, if any. For details, see "Preparing to install the Microsoft Directory Synchronization tool" on page 129-1035. See "Notes on the Microsoft Readiness toolkit" on page 128-1021. For details, see "Preparing to install the Microsoft Directory Synchronization tool" on page 129-1035. DS8 DS9 DS1 0 If you have more than 10,000 objects in Active Directory, filter what gets synchronized and run DirSync several times. Do you want to enable two-way Directory Synchronization between Active Directory and Office 365? DirSync is installed and running successfully. You must be an Enterprise Administrator or equivalent in order to install DirSync. For details on filtering DirSync, see http:// msexchangeguru.com/2012/08/10/office-365-2/ In most cases, you ll use the Directory Synchronization tool to synchronize attributes from Active Directory to Office 365. However, there may be some cases where you want to have two-way synchronization. For example, if you have a hybrid setup (on-premise Exchange servers in addition to Office 365), you ll want to use two-way synchronization. For more details, see http://technet.microsoft.com/ en-us/library/hh852469.aspx. Verify that DirSync is running successfully by looking at the following: Users are being correctly synced into Active Directory. Are changes to users in Office 365 supposed to sync back to Active Directory user accounts? Are changes to uses in Active Directory supposed to sync up to Office 365 user accounts? In Office 365, are the user account attributes correct? In the majority of cases, DirSync synchronizes user data from Active Directory to Office 365. However, you can configure DirSync to do two-way synch at any time. Note: Previous versions of DirSync (prior to version 6567.0018) could not be installed on the domain controller. Current versions allow you to install DirSync on the domain controller. If you do so, you must log off after installing DirSync and then log back on before you run DirSync. Cloud Manager user s guide 1020

Directory Synchronization checklist # Checklist items Notes ADFS can ignore DS1 1 DS1 2 DS1 3 Do you have multiple forests in your Active Directory architecture? If so, are you using Microsoft s Federated Identity Management (FIM)? After DirSync runs: Users in Office 365 are activated. Users in Office 365 are assigned licenses, (Existing Office 365 customers only, managed accounts only) Can your Office 365 users log in to the Office 365 portal successfully? The Samsung cloud service handles multiple forests by having you install DirSync in each forest. If you are using Microsoft s FIM solution, please contact Microsoft Support for assistance. There are two different ways to handle federated identities in multiple forests: you can install the Microsoft Directory Synchronization tool in each forest, or you can use Microsoft s FIM solution (contact Microsoft for details). Note: If you had a single forest when you first configured ADFS but now wish to add one or more forests, then be sure to install additional Directory Synchronization tools as needed. For details, see Creating Office 365 user accounts by synchronizing with Active Directory. Active your Office 365 users before configuring Samsung SDS EMM User Suite. If your users cannot log in to the Office 365 portal, make sure that you fix that issue before moving on to installing and configuring Samsung SDS EMM for Office 365. Although, after you ve installed and configured Samsung SDS EMM for Office 365, that s when it s most important whether or not users can log in to the Samsung SDS EMM user portal and launch Office 365. Notes on the Microsoft Readiness toolkit This list gives you an idea of some things to be aware of about the Microsoft Readiness toolkit or some of the main things that the toolkit looks for. For more information about how your Active Directory needs to be set up, see http:// technet.microsoft.com/en-us/library/hh852478.aspx. Run the Readiness toolkit from within your domain, preferably with Domain Administrator permission or the equivalent. Office 365 can only go up to 50,000 objects in the tenant. If you have more objects than that, contact Microsoft support for a quota increase. The toolkit finds leading or trailing spaces in user attributes, such as the First Name and Last Name. The toolkit finds illegal characters or blank values in Active Directory objects and Exchange. Chapter 128 1021

Directory Synchronization checklist The toolkit looks for the display name value; the display name must be present and not blank on security groups, otherwise the groups do not synchronize. Note As a best practice, it s good to align the UPN with the primary SMTP address to make it easy for end users and also to minimize support calls. When the SMTP name space doesn t match the Office 365 name space suffix portion, it will use onmicrosoft.com. Windows servers and desktops must be specified versions or newer. The toolkit determines how many domains, forests, and transitive trusts exist. The toolkit looks for duplicate GUIDs in multi-forest environments. Cloud Manager user s guide 1022

Samsung SDS EMM User Suite checklist Samsung SDS EMM User Suite checklist # Checklist items Notes C1 Each domain in each forest must have a login suffix created for it. The Office 365 domain needs to have the login suffix. For more details, see the login suffix topic in the Admin Portal help. https://emm2.samsungknox.com/vfslow/lib/docs/// samsung/adminref/index.html#context/cloudhelp/cloudadmin-mod-del-login-aliases C2 For the domain where you ve installed the cloud connector(s), make sure that the domain is either listed in Office 365 or you ve created a login suffix for the domain. So, if your cloud connector is on the domain redshirts.com, that domain isn t listed in Office 365 as one of your domains, and you want users to log in using redshirts.com, create a login suffix called redshirts.com. For more details about using login suffixes, see https:// emm2.samsungknox.com/vfslow/lib/docs///samsung/ adminref/index.html#context/cloudhelp/cloud-adminmod-del-login-aliases C3 C4 C5 When switching to Samsung SDS EMM for Office 365, it s a good practice to set aside about 6 hours. Email and Office 365 service may be down during this time while you configure. Is the cloud connector running ok? Can the cloud connector connect to the cloud service successfully? Can all users log in to the user portal? Check a user account from each domain and forest to make sure that the user can log in to the user portal. If you have specified one or more alternate UPN suffixes, make sure that users can log in using each UPN suffix. When making changes to production deployments, be sure to do so during off-peak hours. If a user can t log in, most of the time this is because of an issue with how the login suffixes are set up. It s best to test all user accounts - have each of your users try to log in. For more details about using login suffixes, see https:// emm2.samsungknox.com/vfslow/lib/docs///samsung/ adminref/index.html#context/cloudhelp/cloud-adminmod-del-login-aliases C6 After you re set up with Samsung SDS EMM for Office 365 but before you ve added and configured the Office 365 SaaS application: Make sure that your users can log in to the user portal successfully using their Office 365 email address. Chapter 128 1023

Samsung SDS EMM for Office 365 checklist Samsung SDS EMM for Office 365 checklist # Checklist items What there is to know CO 1 CO 2 C0 3 C0 4 If your users use Office online, Lync 2013/ Skype for Business, or SharePoint, be sure to trust the root cloud CA certificate. Do you need to provide a direct link to SharePoint from the user portal? Are you using Lync 2013/Skype for Business or newer? If so, you need to set the Corporate IP Range in Admin Portal. Disable any ADFS and DirSync installations that you no longer use. You can use the root CA certificate that the cloud service provides for you with the cloud connector, or you can use your own. For details, see "Trusting the root certificate for Lync 2013/Skype for Business authentication" on page 130-1062. If needed, you can configure a generic browser application to point to your custom SharePoint URL and users won t have to enter their login credentials again. You will need to trace some HTTP header data to get the correct URL. For details, see "Creating an application that opens SharePoint Online directly" on page 128-1024. Once you move from ADFS and use Samsung SDS EMM for Office 365 to handle identity authentication and domain federation, you don t need to keep ADFS running. However, if you re using ADFS for other purposes, it doesn t impact the cloud service processes if you keep ADFS running. With Samsung SDS EMM for Office 365, you don t need DirSync or any more. You can disable or uninstall it. Creating an application that opens SharePoint Online directly If you want your users to have an application in their user portal that they can click to go directly to SharePoint, you can add a generic bookmark application to provide that access without requiring users to sign-in again. Note The following procedure uses the Firefox web browser; you can use similar tools in Chrome or other browsers. To add a generic bookmark application for SharePoint Online: 1 Install an HTTP header trace add-on in Firefox, such as Live HTTP Headers or SAML tracer. 2 Open the HTTP header trace Firefox add-on. 3 Make sure that you re not currently logged in to either Office 365 or your SharePoint site. You ll need to capture some of the SAML token info that gets passed during login. Cloud Manager user s guide 1024

Samsung SDS EMM for Office 365 checklist 4 Go to your custom SharePoint domain, which has the format of mydomain.sharepoint.com. You ll be redirected to the user portal. 5 Log in to the user portal. Then you ll be redirected back to your SharePoint domain. 6 In the HTTP header trace Firefox add-on, look for the GET command that has an URL that starts with https://cloud.samsungemm.com/ run?appkey=office+365&customerid= If there are multiple URLs that look similar, pick one that has the cbcxt and also the wctx in it. For example: https://cloud.samsungemm.com/ my?appkey=office+365&customerid=ab123&cbcxt=&popupui=&vv=&username= adele.smith%40samsungemm.com&mkt=&lc=1033&wfresh=&wa=wsignin1.0&wtrealm=ur n%3afederation%3amicrosoftonline&wctx=wa%3dwsignin1%252e0%26rpsnv%3d3%26ct %3d1393546930%26rver%3d6%252E1%252E6206%252E0%26wp%3dMBI%26wreply%3dhttps% 253A%252F%252Fsamsungemm%252Esharepoint%252Ecom%252F%255Fforms%252Fdefault %252Easpx%26lc%3d1033%26id%3d500046%26%26bk%3d1393546930%26LoginOptions%3d 3 7 Copy the entire URL and paste it into a plain text editor. 8 In the text editor, remove everything in the URL from the cbcxt= up to wfresh=& just before wa=wsignin1.0. Using the example above you'll end up with: https://cloud.samsungemm.com/ run?appkey=office+365&customerid=ab123&wa=wsignin1.0&wtrealm=urn:federatio n:microsoftonline&wctx=wa%3dwsignin1%252e0%26rpsnv%3d2%26ct%3d1391061064%2 6rver%3D6%252E1%252E6206%252E0%26wp%3DMBI%26wreply%3Dhttps%253A%252F%252Fs amsungemm%252esharepoint%252ecom%252f%255fforms%252fdefault%252easpx%26lc% 3D1033%26id%3D500046%26%26bk%3D1391061066%26LoginOptions%3D3 9 In Admin Portal, add a Generic Bookmark application with the above URL, and deploy the application to all users. Tip Remember to give the application a custom name so that you know that it links to SharePoint. 10 In the user portal, click the newly created application to open SharePoint in a new window. Chapter 128 1025

Samsung SDS EMM for Office 365 verification checklist Samsung SDS EMM for Office 365 verification checklist # Checklist items Notes V1 V2 Users in each domain can log in to the Samsung SDS EMM user portal successfully. Administrators in each domain can also log in to Admin Portal successfully. After you ve successfully federated your Office 365 account with the cloud service, verify that your users can do the following: 1 All users can log in to the user portal. 2 From the user portal, all users can launch the Office 365 application successfully. 3 All users can also go directly to the Microsoft online portal, log in with SP-initiated authentication, and test the Office 365 web access. 4 Users can access each tab in Office 365. If a particular use cannot log in, verify that the login suffixes are configured correctly. Note: At each deployment step, you need to make sure that users can still log in successfully. So, even though you verified this before, it s important to verify it again. Note: To view your federation settings from the Office 365 Application Settings tab, select your federated domain and click Actions > Federation Settings. Samsung SDS EMM for Office 365 desktop checklist If you re also deploying desktop and mobile access to Office 365, here are the things you need to configure and verify. # Checklist items Notes VDT1 Outlook works (Windows desktop) VDT2 Lync/Skype for Business works (Windows desktop) VDT3 Office online works, including SharePoint VDT4 CRM online and CRM Outlook plugin (Windows desktop) VDT5 Mac desktop clients for Office 365 and Lync/ Skype for Business work If you have a hybrid Office 365 deployment, point the on-premise users to the on-premise Exchange server. If you re deploying Lync 2013/Skype for Business, be sure to trust the root CA certificate on the cloud connector computer and set a corporate IP range. For details, see Configuring desktop and mobile clients for Office 365. Cloud Manager user s guide 1026

Samsung SDS EMM for Office 365 mobile checklist Active Directory user password changes and Outlook and Lync/ Skype for Business Sometimes, when a user changes her Active Directory password there can be connection issues in either Microsoft Outlook or Lync/Skype for Business on Windows systems. This can happen if the user had the desktop applications save the login credentials; the stale credentials stay stored with the previous password. To update the remove and update the password that Outlook or Lync/Skype for Business uses: 1 In Windows, go Windows > Control Panel, and click Credential Manager. 2 If you see any credentials for Outlook or Lync/Skype for Business, open the credential to expand its information, and click Remove from Vault. 3 Restart the computer. Upon restart, the user logs in to the computer with her current and correct password. Microsoft desktop applications renew their use of the user s credentials to the correct and current password. Samsung SDS EMM for Office 365 mobile checklist If you re also deploying desktop and mobile access to Office 365, here are the things you need to configure and verify. # Checklist items Notes VML 1 Set up policies to administer and manage mobile devices. Note: If you have Office 365 users in both Active Directory and the cloud user service, you must use cloud policies for mobile device management. For information about setting policies, see Chapter 128 1027

Samsung SDS EMM for Office 365 mobile checklist # Checklist items Notes VML 2 VML 3 Have your users enroll their mobile devices into the cloud service. Android and ios,clients work in the following scenarios: Mobile browser with OWA User logs in to the user portal in a mobile browser and launches the web-based version of Office 365 (OWA) in the mobile browser. Samsung mobile application with OWA User logs in to the native, mobile Samsung application and then launches the web-based version of Office 365 in the mobile browser. Samsung mobile application with Office 365 mobile applications User logs in to the native, mobile Samsung application and then launches a native, mobile Office 365 application. When your Office 365 account is federated, the user gets a login screen when launching the native, mobile Office3 365 application. There are different applications for different devices. Mobile mail: User adds their work account to their mobile device for email or email and calendar and contacts. Users can set up POP3, IMAP, or Exchange ActiveSync connections. You can administer Exchange Active Sync connections by way of policies and Admin Portal settings. Cloud Manager user s guide 1028

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information