Schizophrenia is a mental disorder characterized by Wikipedia as “abnormal behavior, strange speech, and a decreased ability to understand reality”.
Now, why did I associate to this serious mental illness when trying to highlight some of the issues with hybrid Office 365 management…?
I did so because during the past two decades Windows user and email management has slowly deteriorated into quite a mess. Incomprehensible and void of logic unless you have a been a devout Windows admin since the launch of Active Directory 20 years ago.
Let’s take a brief look at the history of Exchange to understand what happened.
The Birth of Active Directory
In 1996 Microsoft released their first public version of Exchange (version 4.0). It was built on the LDAP protocol – a hierarchical database which later became the core of Windows Active Directory. At that point user management was done via the Windows NT Domain SAM database, a flat user database with no capability of structure or delegation.
Just into the new millennium Windows Server 2000 came along and Active Directory replaced the inadequate NT domain management model. The Windows operating system had literally sucked the directory service out of Exchange.
A new version of Exchange, Exchange Server 2000, was released with no internal directory service. Exchange now had a hard dependency on Active Directory – a dependency that still stands today.
During the reign of Exchange 2000 and Exchange 2003 the user and mailbox management was glued together inside the Active Directory Users & Computers tool as seen here:
Those were the days! Any halfwit could do basic user and mailbox management with a few minutes of introduction 😉
The Power of the Shell
With the introduction of Exchange 2007 Microsoft took another big step. Exchange 2007 was built purely on the x64 architecture, had no ties to Exchange 5.5 and did not support in-place upgrades.
But most notably: Microsoft had built a brand new Exchange administration tool on top of PowerShell: The Exchange Management Console. Any actions taken in the new management console would automatically translate into PowerShell commands. A new era of scripting and automation had begun that affected both Exchange and the Windows operating system.
The benefits of PowerShell can hardly be exaggerated. Things that previously took several lines of VBScript code, like searching Active Directory with an LDAP filter, became one-liners. And PowerShell became an overnight hit.
Sadly, this was also the end of doing mailbox management and user management in one unified tool.
And Then Things Got Cloudy
In 2011 another big milestone, that will eventually lead to my schizophrenic point, took place. Mail as a cloud service was released under the name Office 365. This is where things got really tricky.
Office 365 mailboxes are based on Exchange (aka Exchange Online). Due to Exchange’s dependency on Active Directory an Office 365 Active Directory (aka Azure Active Directory) must exist to support the Office 365 mail system. In order to link the Azure Active Directory with your local Active Directory a directory synchronization service was introduced. Initially named DirSync, we now put our trust in Azure AD Connect to glue together our local Active Directory and the Azure Active Directory.
Surely, the days when basic user and mailbox management could be taught in a few minutes are but a faded memory 🙁
To sum it up, this is where we stand management-wize today after migrating our mailboxes to Office 365:
- We manage user properties in our local Active Directory using the (still going strong after 20 years) Active Directory Users & Computers tool (or using PowerShell connected to our local Active Directory)
- We enable mailboxes by assigning Exchange licenses in the Office 365 Admin Portal (or using PowerShell connected to MSOnline)
- We configure some mailbox properties (like mailbox alias and primary mail address) using our local Active Directory – by configuring odd-sounding properties with no decent GUI or by the use of the (on-prem) Exchange Management Console
- We configure other mailbox properties (like mailbox quota or mailbox type) in the Exchange Admin Center (or using PowerShell connected to Exchange Online)
- We use Azure AD Connect to synchronize our local Active Directory with the Office 365 Active Directory (triggering on demand sync, configuring replication scope, etc.)
Fun isn’t it? Let’s set up a new user account with an Office 365 mailbox and configure some additional mail alias’es and a custom mailbox quota:
It seems, “abnormal behavior, strange speech, and a decreased ability to understand reality” is not a far fetched association at all when talking about Office 365 user and mailbox management…
Getting Back to Normal
As promised in the headline, this article is not just pure Office 365 bashing. What can actually be done about this mess?
Based on numerous requests from our customers we set out to create a simple solution that would eliminate the need to jump around this schizophrenic plethora of management tools. We came up with Easy365Manager.
Easy365Manager is a snap-in to the Active Directory Users & Computers management console. Easy365Manager expands the 20 year old user management tool with two new tabs that gives you direct access to manage Office 365 licenses, Exchange Online mailboxes and to trigger Azure AD Connect synchronizations. It exposes relevant user properties from the cloud environment giving you an intuitive and unified entry point to manage your users and mailboxes.
In many ways Easy365Manager resembles the consolidated user and mailbox management known from Exchange 2000 and 2003. However, the Active Directory Users & Computers management console is now fired up with GUI driven PowerShell scripts that will give you full control of your cloud environment.
Easy365Manager brings back the logic to user and mailbox management, increases your productivity and gets your new IT personnel up to speed in a moment.
Bring sanity back to your user and mailbox management: Download the free trial now.