Office 365: This cloud isn't going to put any admins out of a job

Who says Redmond doesn't love you?

Choosing a cloud hosting partner with confidence

Sysadmin blog Moving all of your email onto Office 365 is pretty easy; making it work properly once it's there is another story. As a salable product, I find Office 365 extremely curious; it's workable enough if you have a decade or two's experience beating Exchange into submission ... but a little too complex for anyone else. The cloud is supposed to be "push button receive bacon", and in practice I have found Office 365 to be anything but.

Microsoft's cloudy email offering does basic email very well. You can buy a licence for a new user with ease, set up an email address for them and connect up your client of choice. A few clicks and email starts flowing; it just works. But it's 2012. At this point, sendmail "just works" too, and it ships with virtually every Linux distribution known to man. You can even download fully operational real-boy mail servers as virtual appliances, put them on VMWare's freebie ESXi, and then build them into a wall. They'll run for the next decade or so without you having to fret about them.

Sendmail, however, has the added bonus of supporting certain highly demanded features like mail merges; Office 365 places severe restrictions (that you cannot control or change) on the amount and frequency of outbound mail. This makes running the corporate newsletter a no-go.

So if nobody is getting a solid gold Kewpie doll for providing basic mail flow, what are the sorts of advanced features I am expecting? Good control over mail enabled public folders for one. In a traditional Exchange setup, you can create and manage public folders from the central Exchange management software. You can mail-enable them, configure send-as permissions, set up security and otherwise do all that needs be done to make them usable without ever having to fire up Outlook or OWA.

The Office 365 solution to public folder management? Outlook and/or OWA + PowerShell. Would you like to configure send-as permissions for a distribution list? More PowerShell. One client wanted a mail account to accept mail for archiving purposes, but forward copies of all mail inbound to this account various other addresses within the company. Guess what; we need more PowerShell.

As much as I have a certain affection for the command line as an administrative tool, Microsoft and I have disagreements as to what constitutes "well documented." I also tend to like the command line as a means of modifying flat text files that drive configuration; all the configs in one place, easy to see and manipulate. I am significantly less fond of configuration systems in which I need to know the secret code word to see what the current configuration is.

Modern versions of Exchange are themselves pretty heavily reliant on PowerShell. If for example you want to set up a simple Linux anti-spam pre-filter to your Exchange server, you're probably going to have to root around in PowerShell to play with Exchange's junk mail defaults. In my time as an Exchange admin, I have had to drop to PowerShell the odd time to get some arcane - but obscure - bit of information out of Exchange.

But while PowerShell was an absolute necessity for Exchange 2007, Exchange 2010 largely removed the need and started moving us back towards an MTA as easy to use as Exchange 2003. Businesses without dedicated email admins were winning the war of usability!

Office 365 is a step backwards here. It simply isn't a solution I can set up for a client and wash my hands of. Your typical small business moving away from Small Business Server 2003 is not going to be able to manage and maintain Office 365. They will still end up needing an IT guy for any but the most minor changes.

Office 365 spam management is functionally incomprehensible to mere mortals. Spam can be filtered at three different stages. First, a mail can be blocked at the gateway system to your Office 365 data centre. Here, Microsoft maintains a secret list of ne'er-do-wells for whom it will outright block email. You don't have access to the list, you can't affect the list and you aren't informed if email destined for your domain is blocked by this list.

If the email admin of the sending domain is on his toes, he will notice that mail from his domain is bouncing when heading to Office 365, and he can request to be delisted. If he isn't, you simply won't get any notification that someone was trying to send you mail. When that critical email from a vital business partner goes missing, there isn't any bounce log to comb through looking for answers. Count me unimpressed.

The second place mail can be filtered is your domain-local instance of Forefront. Here you can define various flavours of mail rules and filter, and in truth it is an respectable - if not outright awesome - enterprise class product with a rich featureset. It's also completely incomprehensible if you aren't an email admin. To be fair; by default, anything flagged as spam here ends up in your "junk-email" folder.

In addition to this, your local email client may itself have junk email filtering. I've caught Outlook filtering things Forefront wasn't aware of. Try as you might, there doesn't seem to be a slider bar anywhere to change the Spam Confidence Level at which Office 365 chooses to filter mail.

At the end of the day, Office 365 is an enterprise product. It is full featured, but it needs to be managed by an enterprise email administrator. Unfortunately, an enterprise email administrator is going to be easily frustrated by the seemingly arbitrary system-wide limitations imposed by Microsoft that you don't have any power to change ... even through PowerShell.

What the customer wanted was the power of Exchange with a Fisher-Price-and-Crayons interface. One that exposed every last iota of functionality through a reasonably simple web interface backed up by a kick-ass wiki full of walk-throughs. Office 365 is supposed to replace Exchange, not Hotmail. Given its marketing and the promise of the cloud as hyped by Microsoft itself, it should be as easy to use as Hotmail, even for the really grown-up stuff.

Maybe in the next revision ... ®

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
'Kim Kardashian snaps naked selfies with a BLACKBERRY'. *Twitterati gasps*
More alleged private, nude celeb pics appear online
Wanna keep your data for 1,000 YEARS? No? Hard luck, HDS wants you to anyway
Combine Blu-ray and M-DISC and you get this monster
US boffins demo 'twisted radio' mux
OAM takes wireless signals to 32 Gbps
Google+ GOING, GOING ... ? Newbie Gmailers no longer forced into mandatory ID slurp
Mountain View distances itself from lame 'network thingy'
Apple flops out 2FA for iCloud in bid to stop future nude selfie leaks
Millions of 4chan users howl with laughter as Cupertino slams stable door
Students playing with impressive racks? Yes, it's cluster comp time
The most comprehensive coverage the world has ever seen. Ever
Run little spreadsheet, run! IBM's Watson is coming to gobble you up
Big Blue's big super's big appetite for big data in big clouds for big analytics
Seagate's triple-headed Cerberus could SAVE the DISK WORLD
... and possibly bring us even more HAMR time. Yay!
prev story


Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.