Tag Archives: bpos

cloud computing, microsoft

One of the best features of Office 365 vs BPOS: setting passwords not to expire

3 Comments

Should passwords expire? Most of the best practice guides I have seen say that they should, but there are downsides. The more often passwords expire, the more likely users are to forget them and contact support, or write them down, which is insecure. Further, it is all friction that means users get less work done.

There is plentiful evidence of the aggravation this causes, particularly when the new password has to be entered in several places. Smartphones are problematic because email accounts settings can be hard to find. For example:

guess who missed a super important email last night from my most important customer because unbeknownst to me, my smart phone was no longer receiving messages because the password had expired – even though I never selected a 90-day setting when i set up the account and had no idea such insanity was in place. It wasn;t until I logged into my computer just now and was greeted with none of my services working that I figured it out!

Even IT professionals can run into trouble:

My Office 365 account password expired today and, somewhere in the midst of the password reset I managed to lock myself out. As I only have one mailbox on the account (i.e. I am the administrator), that’s a bit of a problem.

Microsoft’s cloud services, BPOS and Office 365, both set automatic password expiry by default. This was a common complaint about BPOS. Originally you could contact support and get password expiry disabled; then Microsoft decided this was too much hassle for it (never mind the users) and made it impossible to change.

Fortunately Office 365 does allow you to disable password expiry. Here is how.

1. Install Office 365 sign-in assistant. Links are here.

2. Install PowerShell cmdlets for Office 365, downloads also in link above.

3. Run PowerShell, type:

import-module MSOnline

4. Next, type:

connect-MSOlService

Enter your credentials for an admin user. For example, user@mydomain.emea.microsoftonline com and the password.

image

5. Finally, type:

Set-MsolUser -UserPrincipalName TheUserName -PasswordNeverExpires $true

where TheUserName is the account name concerned, for example user@mydomain.co.uk

6. Alternatively you can do this in one shot for all users:

Get-MSOLUser | Set-MsolUser -PasswordNeverExpires $true

Note that with all these commands, no news is good news. In other words, success gets you nothing other than return to the flashing cursor. Errors get you red error messages.

Reference:

http://community.office365.com/en-us/f/146/p/18367/87501.aspx

.net, azure, cloud computing, microsoft, professional, sharepoint, software development, visual studio, web authoring, windows

Microsoft Office 365: the detail and the developer story

1 Comment

I attended the UK launch of Office 365 yesterday and found it a puzzling affair. The company chose to focus on small businesses, and what we got was several examples of customers who had discovered the advantages of storing documents online. We were even shown a live video conference with a jerky, embarrassing webcam stream adding zero business value and reminding me of NetMeeting back in 1995 – which by the way was a rather cool product. Most of what we saw could have been done equally well in Google Apps, except for a demo of the vile SharePoint Workspace for offline editing of a shared document, though if you were paying attention you could see that the presenter was not really offline at all.

There seems to be a large amount of point-missing going on.

There is also a common misconception that Office 365 is “Office in the cloud”, based on Office Web Apps. Although Office Web Apps is an interesting and occasionally useful feature, it is well down the list of what matters in Office 365. It is more accurate to say that Office 365 is for those who do not want to edit documents in the browser.

I am guessing that Microsoft’s focus on small businesses is partly a political matter. Microsoft has to offer an enterprise story and it does, with four enterprise plans, but it is a sensitive matter considering Microsoft’s relationship with partners, who get to sell less hardware and will make less money installing and maintaining complex server applications like Exchange and SharePoint. The, umm, messaging at the Worldwide Partner Conference next month is something I will be watching with interest.

The main point of Office 365 is a simple one: that instead of running Exchange and SharePoint yourself, or with a partner, you use these products on a multi-tenant basis in Microsoft’s cloud. This has been possible for some time with BPOS (Business Productivity Online Suite), but with Office 365 the products are updated to the latest 2010 versions and the marketing has stepped up a gear.

I was glad to attend yesterday’s event though, because I got to talk with Microsoft’s Simon May and Jo Carpenter after the briefing, and they answered some of my questions.

The first was: what is really in Office 365, in terms of detailed features? You can get this information here, in the Service Description documents for the various components. If you are wondering what features of on-premise SharePoint are not available in the Office 365 version, for example, this is where you can find out. There is also a Support Service Description that sets out exactly what support is available, including response time objectives. Reading these documents is also a reminder of how deep these products are, especially SharePoint which is a programmable platform with a wide range of services.

That leads on to my second question: what is the developer story in Office 365? SharePoint is build on ASP.NET, and you can code SharePoint applications in Visual Studio and deploy them to Office 365. Not all the services available in on-premise SharePoint are in the online version, but there is a decent subset. Microsoft has a Sharepoint Online for Office 365 Developer Guide with more details.

Now start joining the dots with technologies like Active Directory Federation Services – single sign-on to Office 365 using on-premise Active Directory – and Windows Azure which offers hosted SQL Server and App Fabric middleware. What about using Office 365 not only for documents and email, but also as a portal for cloud-hosted enterprise applications?

That makes sense to me, though there are still limitations. Here is a thread where someone asks:

Does some know if it is possible to make a database connection with Office365, SharePoint (Designer) and SQL Azure database ?

and the answer from Microsoft’s Mark Kashman on the SharePoint team:

You cannot do this via SharePoint Designer today. What you can do is to create a Silverlight or javaScript client application that calls out to SQL Azure.

In the near future, we are designing a way to make these connections using the base SharePoint technology called BCS (Business Connectivity Services) where then you could develop a service to service to SQL Azure.

If you cannot wait, check out the Cloud Connector for SharePoint 2010 from Layer 2 GmbH.

It seems obvious that Office 365 and Azure together have potential as a developer platform.

What about third-party applications and extensions for Office 365? This is another thing that Microsoft did not talk about yesterday; but it seems to me that there is potential here as well. It is not well integrated, but you can search Microsoft Pinpoint for Office 365 applications and get some results. If Office 365 succeeds, and I think it will, there is an opportunity for developers here.

cloud computing, microsoft

Notes from the field: migrating a small business to Microsoft BPOS

1 Comment

Today I assisted a (very) small company migrate from Small Business Server 2003 to BPOS (Business Productivity Online Suite), Microsoft’s hosted Exchange and SharePoint.

Why BPOS, when Office 365 launches later this month? Well, BPOS has all the features they need, and when given the choice between a beta-soon-to-be-just-launched online platform, and one that has been around for a few years, they chose the latter, which is reasonable. Long term it will make no difference, because BPOS users will be migrated to Office 365. It was interesting to me, since I am reviewing Office 365 and this migration gave me good insight into the differences.

Aside: the fact that this is a choice says something about Microsoft. One of the advantages of cloud computing is that improvements can be continuous and incremental, since the software is paid for by subscription rather than through a version upgrade cycle. There is only one Salesforce.com platform; there is only one Google Apps platform. Will there be an Office 720 in two to three years time, or will Microsoft have worked this out by then? It will be hard, because no doubt there are teams working on Exchange 2013 and SharePoint 2013 and these will be delivered as on-premise product upgrades. This also implies that the new features in these products will not be considered ready until the on-premise products go gold; which means that cloud customers have to wait a long time for major enhancements. Changing this cycle will require a profound shift in the way the company functions.

Now a few comments about the process. Overall it was pretty good, and took less time than it normally takes to migrate from one version of Small Business Server to the next. There are  annoyances though, beginning with the migration tools. The challenge is that you want to move mailboxes from SBS Exchange to online Exchange without losing any email.

Email coexistence

The basic approach is this:

1. A directory synchronisation tool copies user accounts to BPOS and keeps them in synch with on-premise Active Directory.

2. A mailbox migration tool copies mailboxes to BPOS and sets up forwarding, so email arriving into on-premise Exchange is forwarded to BPOS.

This is known as email co-existence, because users can log on to either on-premise Exchange or BPOS, and still be able to send and receive mail. Clever stuff, and it does make migration nice and smooth.

The first annoyance: the directory synchronization tool must be installed on a 32-bit Windows Server that is joined to the domain but not a domain controller. Many SBS setups do not have such a thing. In this case, I ran up Virtual PC on Windows 7 64-bit, installed 32-bit Server 2003, joined it to the domain (actually over a VPN), and ran the tool from there.

Actual mailbox migration uses a separate tool which fortunately does run on the SBS server itself. One the users are in place and enabled on BPOS, you run this tool to upload the mailboxes. This takes a while, since you are uploading what is probably several Gb of data. I left this running overnight, but it was only partially successful. Two mailboxes did not upload properly and had to be redone, which was a bit untidy because in one case some folders were duplicated. Fortunately it was not hard to clean up.

Once the mailboxes are migrated, you simply install and run Microsoft’s sign-in utility on each client PC. This automatically configures Outlook with a new BPOS profile, leaving the old profile in place in case of mishaps.

The last step is to change the DNS records so that mail is actually delivered to BPOS rather than to on-premise Exchange.

SharePoint migration

This particular company is reliant on SharePoint for document sharing. Although it is SBS 2003, they have SharePoint Services 3.0 installed; it can be done if you are careful.

Major annoyance: the BPOS documentation is silent on the subject of migrating content. There is a heading in the Migration Help for SharePoint Online; but it does not cover migration from on-premise to BPOS SharePoint at all. There are third-party tools that do this though, and some help from the community.

Of course there are multiple ways to move SharePoint content, though in some cases you will lose version information. I found this article helpful. I was able to start from Step 5, since it was already a SharePoint 3.0 site. Look how clear and concise the steps are; a refreshing contrast to Microsoft’s verbose efforts with seemingly endless sections for overviews, planning and deployment, that take ages to get to the point and still manage to omit key information.

I read the post and the comments, then created a blank site in BPOS. I backed up and then exported the existing site to CMP files, and kept it locked so that no new content would be added. Then I installed SharePoint Designer 2007, which is free, logged into the BPOS site and restored the site.

All the important things restored correctly. Unfortunately the permissions do not migrate, because the BPOS domain is different from the SBS domain; the active directory is only synchronized. I had to fix this up by deleting dud users and groups from the new site and adding groups and users for BPOS. I also added a few web parts to the otherwise blank home page. Nevertheless, considering how painful SharePoint migrations can be this one was pretty good.

I understand though that this simple approach does not always work. I would guess that the more SharePoint is customised, the more likely you are to have problems, which is probably why there is no official tool.

Exchange issues

There were a couple of issues with Exchange. The first was public folders, which are not supported in BPOS. The solution is to use SharePoint lists. Here is how it goes:

  1. Open an on-premise Outlook profile with full access to the public folders. Export each public folder to an Outlook .pst file – the best format for preserving all the data.
  2. Go to SharePoint online and create a new list of the appropriate type. For example, for tasks you need a task list, for contacts a contact list.
  3. Open Outlook with a BPOS profile. In SharePoint online, go to the target list and choose Connect to Outlook from the Actions menu.
  4. The SharePoint list now exists in Outlook. Open the .pst and copy the items exported from the public folder to the new list.
  5. Other users need only connect to the SharePoint list. The magic of synchronization copies the content.

Another issue is mailbox permissions. If you have users who want access to another user’s mailbox, you have to set permissions on the target mailbox to allow this. These permissions do not get migrated automatically. To do this, you have to use PowerShell. This article explains. The easiest route to a correctly configured PowerShell is to use the shortcut to the Migration Command Shell which is installed with the Microsoft Online migration tools.

A note on cost

BPOS costs $10 per user per month, with a minimum of 5 users. In the UK this is £6.72, so from £33.60 per month. Along with Exchange and SharePoint, you get Office Live Meeting (Web Conferencing) and Office Communications Online (Enterprise Live Messenger).

A typical SBS server lasts 3 to 5 years before it has to be replaced. Taking the shorter time for example, BPOS will cost £1209.60 in subscription costs over the lifetime of a physical server.

It seems obvious that if Exchange and SharePoint is all you need, and if you are happy with the implications of the cloud approach, BPOS works out cheaper. Of course the pricing will change, but Office 365 is actually coming out at a similar price for the equivalent features. Yes, you could buy a basic server with SBS for £1209, but that is just the start: installation, firewall, backup and maintenance all add to the cost.

That said, most businesses will still need some kind of on-premise server, even if it is no more than a simple NAS (Network Attached Storage) box. Another real-world problem is that there may be server-based applications which cannot easily be abandoned. If you find you have to run an on-premise server anyway, adding BPOS on top looks less attractive.

There is much more to say about cloud vs on-premise, but it is worth noting that it can be cost-effective.

cloud computing, microsoft, security

Microsoft’s BPOS password madness driving users to Google Apps

2 Comments

A friend uses Microsoft’s Exchange Online service for his small company. All was going well until one day he found himself locked out of his email. He had no idea why.

The reason, it turned out, was the password policy set by Microsoft and outlined here:

To help maintain security, you must periodically change your password. When you change your password, be aware of the following:

  • You cannot repeat your previous 24 passwords.
  • You must change your password at least once every 90 days.

In addition:

Microsoft Online Services uses an account lockout policy to help protect the accounts of service administrators and end users. The user can try to sign in to the Administration Center or the Sign In application five times. After five failed attempts with an invalid user name or an incorrect password, users are locked out for 15 minutes. This condition cannot be manually reset.

In this case, Microsoft’s PC sign-in applications prompted the user to change his password. He did so. All seemed well, except that his mobile – in which email settings are deeply buried – did not know about the password change and made repeated attempts to collect email. Result: lock-out, and a horrible user experience.

According to this thread, Microsoft has been so besieged with requests to remove the expiration policy that it solved them at a stroke: by refusing them all.

I find this curious. First, it is doubtful whether frequent password changes really enhance security. Users in this case need new non-repeating passwords every 90 days, which means they are more likely to be written down. Remember, you cannot repeat your previous 24 passwords.

Second, it is odd that BPOS admins do not have the ability to disable password expiration policies in their online management tools.

It may seem a small issue, but for some it is a deal-breaker:

At this moment it is not possible to disable password expiration at all. I opened a ticket and technical support told me multiple times they won’t offer that option anymore… It’s disappointing since I lose customers who choose Google Apps over Microsoft Online just because of the password issue.

Apparently this may be fixed in the forthcoming Office 365.

cloud computing, microsoft

Microsoft inadvertently shares BPOS offline address books with other customers

According to an email I’ve seen, sent to customers of Microsoft BPOS (Business Productivity Online Suite), some users have found their Offline Address Book – an Exchange feature which stores a company’s internal address list – has been downloaded by other BPOS customers:

Microsoft recently became aware that, due to a configuration issue, Offline Address Book information for Business Productivity Online Suite–Standard customers could be inadvertently downloaded by other customers of the service, in a very specific circumstance. The issue was resolved within two hours of identification, and we completed a thorough review of processes to prevent this type of issue from occurring again. Our records indicate that a very small number of downloads actually occurred, and we are working with those few customers to remove the files.

This issue affected only Business Productivity Online Suite–Standard customers; no other Microsoft Online Services were affected.

Big deal? Probably not, especially as customer address lists, which might be useful to competitors, are not normally included in an Offline Address Book.

That said, any leakage of data from one customer to another is a serious issue, as it is exactly this possibility which deters users from using cloud services in the first place. It is an inherent hazard of multi-tenancy.

Still, kudos to Microsoft for owning up.

cloud computing, microsoft

How will online services impact Microsoft’s partner business?

2010 is the year Microsoft got serious about cloud services. Windows Azure opened for real business in November 2009 – OK, just before 2010 – and CEO Steve Ballmer took to telling the world how Microsoft is “all in” for cloud computing whenever he got up to speak. Office and SharePoint 2010 launched in May 2010 complete with the ability to create and edit Office documents from a web browser. Microsoft also announced Office 365, essentially an upgrade of its existing BPOS offering, offering hosted Exchange, Sharepoint and Lync (Office Communicator). Microsoft also announced Small Business Server 2011, including an Essentials edition, formerly codenamed “Aurora”, which is little more than Windows Home Server plus Active Directory and points small businesses towards cloud services for email and document collaboration.

I’d guess that Microsoft’s cloud conversion is driven in part by the progress Google, Salesforce.com and others have made in persuading businesses that hosted internet services make more sense than maintaining your own servers and server applications in many cases.

But what is the impact on Microsoft partners, who have been kept busy supplying and configuring servers, implementing backup, keeping systems running, and then upgrading them as they become obsolete? On the face of it they have less to do in a hosted world, and although Microsoft offers commission on the sale of online subscriptions, that might not compensate for lost business.

Then again, cloud services offer new opportunities, still need configuring, and look likely to be a source of new business for partners particularly at a time when the majority of businesses have not yet made the transition.

I’m researching a further piece on the subject and would love to hear honest views from partners such as resellers and solution providers about how Microsoft’s online services are affecting partner business now and in the future. Or maybe you think this cloud thing is overdone and it will be business as usual for a while yet. You can contact me by email – tim(at)itwriting.com – or of course comment below.

cloud computing, microsoft, mobile, software, windows, windows 7, xbox

The cloud permeates Microsoft’s business more than we may realise

I’m in the habit of summarising Microsoft’s financial results in a simple table. Here is how it looks for the recently announced figures.

Quarter ending September 30 2010 vs quarter ending September 30 2009, $millions

Segment Revenue Change Profit Change
Client (Windows + Live) 4785 1905 3323 1840
Server and Tools 3959 409 1630 393
Online 527 40 -560 -83
Business (Office) 5126 612 3388 561
Entertainment and devices 1795 383 382 122

The Windows figures are excellent, mostly reflecting Microsoft’s success in delivering a successor to Windows XP that is good enough to drive upgrades.

I’m more impressed though with the Server and tools performance – which I assume is mostly Server – though noting that it now includes Windows Azure. Microsoft does not break out the Azure figures but said that it grew 40% over the previous quarter; not especially impressive given that Azure has not been out long and will have grown from a small base.

The Office figures, also good, include Sharepoint, Exchange and BPOS (Business Productivity Online Suite), which is to become Office 365. Microsoft reported “tripled number of business customers using cloud services.”

Online, essentially the search and advertising business, is poor as ever, though Microsoft says Bing gained market share in the USA. Entertainment and devices grew despite poor sales for Windows Mobile, caught between the decline of the old mobile OS and the launch of Windows Phone 7.

What can we conclude about the health of the company? The simple fact is that despite Apple, Google, and mis-steps in Windows, Mobile, and online, Microsoft is still a powerful money-making machine and performing well in many parts of its business. The company actually does a poor job of communicating its achievements in my experience. For example, the rather dull keynote from TechEd Berlin yesterday.

Of course Microsoft’s business is still largely dependent on an on-premise software model that many of us feel will inevitably decline. Still, my other reflection on these figures is that the cloud permeates Microsoft’s business more than a casual glance reveals.

The “Online” business is mainly Bing and advertising as far as I can tell; and despite CTO Ray Ozzie telling us back in 2005 of the importance of services financed by advertising, that business revolution has not come to pass as he imagined. I assume that Windows Live is no more successful than Online.

What is more important is that we are seeing Server and tools growing Azure and cloud-hosted virtualisation business, and Office growing hosted Exchange and SharePoint business. I’d expect both businesses to continue to grow, as Microsoft finally starts helping both itself and its customers with cloud migration.

That said, since the hosted business is not separated from the on-premise business, and since some is in the hands of partners, it is hard to judge its real significance.