Microsoft When You Need It: Office 365 Rollout Recommendations

From writing a high school essay to creating a sales pitch deck, it feels like we’ve come of age with Microsoft Office. It’s that trusted friend you can always count on when you need to create a detailed chart or engaging presentation, and now with Microsoft’s productivity suite available in the cloud through Microsoft Office 365, it’s become even easier to collaborate using these tools.

But how can you connect these critical tools with the other apps and services you use daily to be productive, both in the cloud and on-premises?

At Okta, we’ve connected Office 365 to Active Directory, enabling businesses to integrate the cloud productivity suite with on-premises apps and services. We also recently announced an enhancement to the integration, now enabling companies to more quickly and securely deploy Office 365 with Okta. And we’re making that integration even easier with a list of best practices for rolling out Office 365 at your organization, which we’ve shared in the Okta Community.

Check out a sampling of our top Office 365 tips for IT admins below:

1. OnRamp: Anyone preparing for an Office 365 deployment should assess their readiness using Microsoft’s OnRamp tool and follow all of OnRamp’s setup recommendations. OnRamp thoroughly evaluates all aspects of your infrastructure and provides recommendations for problem remediation before you deploy Office 365.

2. MAP Toolkit: For larger, complex deployments, consider running the Microsoft Assessment and Planning (MAP) Toolkit. The MAP toolkit is an agentless, automated, multi-product planning and assessment tool that generates detailed readiness assessment reports with extensive hardware and software information.

3. IDFix: Consider leveraging Microsoft’s IDFix tool to resolve problems attributed to identity. This is a tool specifically focused on discovering and updating attributes within your internal identity store to meet the standards required by Office 365.

4. SSO Requirements: Make sure that you’re following Microsoft’s prerequisites for single sign-on. In particular, make sure:

   1. You set all the users’ UPN’s to match their Primary SMTP address in Active Directory, and that you have these changes replicated to both Okta and Office 365;

   2. The UPN is set and known by the user;

   3. The UPN domain suffix is under the domain that the customer chooses to set up for single sign-on;

   4. The domain chosen for federation is registered as a public domain with a domain registrar or within your own public DNS servers; and

   5. You fix any existing users whose Office 365 UPN does not match their on-premises UPN and primary SMTP address.

5. Other Tips: In preparing for single sign-on with the rich clients, we’ve found that it helps to flush your Credential Manager immediately before turning SSO on or changing from another IDP to Okta.

To check out our full list of Office 365 best practices or to ask a question about your own rollout, visit the Okta Community.