| | Topic | Notes |
|---|
| 1. | Determine the feasibility of password hash solution for Exchange Online authentication. If feasible, what is the level of effort - Can we use synchronized identity with Azure AD and AD connect on premise?
- Password write back with Azure AD Premium
| - TBDChanging too many things.
- Writeback to campus. Maturity not there
- Domain controller, DirSync, ADFS Web, ADFS DB and ADAPPS create new instances in AWS, would solve this situation
- Active/passive with campus being the active one will be done on the first phase
- Effort is minimal and only requirement is 4 VMs
- Add to AWS migration timeline to go with SCCM and DC
- Scope does not include routing to health sciences
- After AWS environment with 6 instances are provided, WSG effort is around 2 months.
|
| 2. | Determine level of effort for recommended/available routing options, if Exchange Online is the first recipient of email to campus - Can we use Exchange online protection and Exchange routing?
| - TBDProject ongoing to move MTA to linux
- We would continue the migration and once finished, migrate to AWS
- Change the DNS from exchange.uci.edu to ucirvine.onmicrosoft.com
- Would require rearchitecture
- Will adapt native filtering/anti-spam techniques offered by the service provider (could be in later phase)
|
| 3. | Do we need to move ADFS capability to cloud, if above 2 are not possible? | - TBDAlready mentioned above
|
| 4. | Determine recommended/available routing options, if Google is the first recipient of email to campus | |
| 5. | Determine recommended/available spam filtering options, if Google is the first recipient of email to campus | |
| 6. | What is level of effort to put MX / MTA servers in the cloud | - TBDNo ETA yet on MTA migration to Linux
- Derek and David on the security migration project
- AWS environment availability is a pre-requisite
- Effort is around 2 months from AWS environment availability
|