2017-08-14 Discuss approaches to achieve O365 Exchange campus independence

Determine the feasibility of password hash solution for Exchange Online authentication. If feasible, what is the level of effort

• Can we use synchronized identity with Azure AD and AD connect on premise?
• Password write back with Azure AD Premium

• Changing too many things.
• Writeback to campus. Maturity not there
• Domain controller, DirSync, ADFS Web, ADFS DB and ADAPPS create new instances in AWS, would solve this situation
• Active/passive with campus being the active one will be done on the first phase
• Effort is minimal and only requirement is 4 VMs
• Add to AWS migration timeline to go with SCCM and DC
• Scope does not include routing to health sciences
• After AWS environment with 6 instances are provided, WSG effort is around 2 months.

Determine level of effort for recommended/available routing options, if Exchange Online is the first recipient of email to campus

• Can we use Exchange online protection and Exchange routing?

• Project ongoing to move MTA to linux
• We would continue the migration and once finished, migrate to AWS
• Change the DNS from exchange.uci.edu to ucirvine.onmicrosoft.com
• Would require rearchitecture
• Will adapt native filtering/anti-spam techniques offered by the service provider (could be in later phase)

• Already mentioned above

• No

• N/A

• No ETA yet on MTA migration to Linux
• Derek and David on the security migration project
• AWS environment availability is a pre-requisite
• Effort is around 2 months from AWS environment availability