Office 365: This cloud isn't going to put any admins out of a job

Who says Redmond doesn't love you?

Top three mobile application threats

Sysadmin blog Moving all of your email onto Office 365 is pretty easy; making it work properly once it's there is another story. As a salable product, I find Office 365 extremely curious; it's workable enough if you have a decade or two's experience beating Exchange into submission ... but a little too complex for anyone else. The cloud is supposed to be "push button receive bacon", and in practice I have found Office 365 to be anything but.

Microsoft's cloudy email offering does basic email very well. You can buy a licence for a new user with ease, set up an email address for them and connect up your client of choice. A few clicks and email starts flowing; it just works. But it's 2012. At this point, sendmail "just works" too, and it ships with virtually every Linux distribution known to man. You can even download fully operational real-boy mail servers as virtual appliances, put them on VMWare's freebie ESXi, and then build them into a wall. They'll run for the next decade or so without you having to fret about them.

Sendmail, however, has the added bonus of supporting certain highly demanded features like mail merges; Office 365 places severe restrictions (that you cannot control or change) on the amount and frequency of outbound mail. This makes running the corporate newsletter a no-go.

So if nobody is getting a solid gold Kewpie doll for providing basic mail flow, what are the sorts of advanced features I am expecting? Good control over mail enabled public folders for one. In a traditional Exchange setup, you can create and manage public folders from the central Exchange management software. You can mail-enable them, configure send-as permissions, set up security and otherwise do all that needs be done to make them usable without ever having to fire up Outlook or OWA.

The Office 365 solution to public folder management? Outlook and/or OWA + PowerShell. Would you like to configure send-as permissions for a distribution list? More PowerShell. One client wanted a mail account to accept mail for archiving purposes, but forward copies of all mail inbound to this account various other addresses within the company. Guess what; we need more PowerShell.

As much as I have a certain affection for the command line as an administrative tool, Microsoft and I have disagreements as to what constitutes "well documented." I also tend to like the command line as a means of modifying flat text files that drive configuration; all the configs in one place, easy to see and manipulate. I am significantly less fond of configuration systems in which I need to know the secret code word to see what the current configuration is.

Modern versions of Exchange are themselves pretty heavily reliant on PowerShell. If for example you want to set up a simple Linux anti-spam pre-filter to your Exchange server, you're probably going to have to root around in PowerShell to play with Exchange's junk mail defaults. In my time as an Exchange admin, I have had to drop to PowerShell the odd time to get some arcane - but obscure - bit of information out of Exchange.

But while PowerShell was an absolute necessity for Exchange 2007, Exchange 2010 largely removed the need and started moving us back towards an MTA as easy to use as Exchange 2003. Businesses without dedicated email admins were winning the war of usability!

Office 365 is a step backwards here. It simply isn't a solution I can set up for a client and wash my hands of. Your typical small business moving away from Small Business Server 2003 is not going to be able to manage and maintain Office 365. They will still end up needing an IT guy for any but the most minor changes.

Office 365 spam management is functionally incomprehensible to mere mortals. Spam can be filtered at three different stages. First, a mail can be blocked at the gateway system to your Office 365 data centre. Here, Microsoft maintains a secret list of ne'er-do-wells for whom it will outright block email. You don't have access to the list, you can't affect the list and you aren't informed if email destined for your domain is blocked by this list.

If the email admin of the sending domain is on his toes, he will notice that mail from his domain is bouncing when heading to Office 365, and he can request to be delisted. If he isn't, you simply won't get any notification that someone was trying to send you mail. When that critical email from a vital business partner goes missing, there isn't any bounce log to comb through looking for answers. Count me unimpressed.

The second place mail can be filtered is your domain-local instance of Forefront. Here you can define various flavours of mail rules and filter, and in truth it is an respectable - if not outright awesome - enterprise class product with a rich featureset. It's also completely incomprehensible if you aren't an email admin. To be fair; by default, anything flagged as spam here ends up in your "junk-email" folder.

In addition to this, your local email client may itself have junk email filtering. I've caught Outlook filtering things Forefront wasn't aware of. Try as you might, there doesn't seem to be a slider bar anywhere to change the Spam Confidence Level at which Office 365 chooses to filter mail.

At the end of the day, Office 365 is an enterprise product. It is full featured, but it needs to be managed by an enterprise email administrator. Unfortunately, an enterprise email administrator is going to be easily frustrated by the seemingly arbitrary system-wide limitations imposed by Microsoft that you don't have any power to change ... even through PowerShell.

What the customer wanted was the power of Exchange with a Fisher-Price-and-Crayons interface. One that exposed every last iota of functionality through a reasonably simple web interface backed up by a kick-ass wiki full of walk-throughs. Office 365 is supposed to replace Exchange, not Hotmail. Given its marketing and the promise of the cloud as hyped by Microsoft itself, it should be as easy to use as Hotmail, even for the really grown-up stuff.

Maybe in the next revision ... ®

High performance access to file storage

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Kingston DataTraveler MicroDuo: Turn your phone into a 72GB beast
USB-usiness in the front, micro-USB party in the back
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Inside the Hekaton: SQL Server 2014's database engine deconstructed
Nadella's database sqares the circle of cheap memory vs speed
BOFH: Oh DO tell us what you think. *CLICK*
$%%&amp Oh dear, we've been cut *CLICK* Well hello *CLICK* You're breaking up...
Just what could be inside Dropbox's new 'Home For Life'?
Biz apps, messaging, photos, email, more storage – sorry, did you think there would be cake?
AMD's 'Seattle' 64-bit ARM server chips now sampling, set to launch in late 2014
But they won't appear in SeaMicro Fabric Compute Systems anytime soon
Amazon reveals its Google-killing 'R3' server instances
A mega-memory instance that never forgets
prev story


Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.