Office 365: This cloud isn't going to put any admins out of a job

Who says Redmond doesn't love you?

HP ProLiant Gen8: Integrated lifecycle automation

Sysadmin blog Moving all of your email onto Office 365 is pretty easy; making it work properly once it's there is another story. As a salable product, I find Office 365 extremely curious; it's workable enough if you have a decade or two's experience beating Exchange into submission ... but a little too complex for anyone else. The cloud is supposed to be "push button receive bacon", and in practice I have found Office 365 to be anything but.

Microsoft's cloudy email offering does basic email very well. You can buy a licence for a new user with ease, set up an email address for them and connect up your client of choice. A few clicks and email starts flowing; it just works. But it's 2012. At this point, sendmail "just works" too, and it ships with virtually every Linux distribution known to man. You can even download fully operational real-boy mail servers as virtual appliances, put them on VMWare's freebie ESXi, and then build them into a wall. They'll run for the next decade or so without you having to fret about them.

Sendmail, however, has the added bonus of supporting certain highly demanded features like mail merges; Office 365 places severe restrictions (that you cannot control or change) on the amount and frequency of outbound mail. This makes running the corporate newsletter a no-go.

So if nobody is getting a solid gold Kewpie doll for providing basic mail flow, what are the sorts of advanced features I am expecting? Good control over mail enabled public folders for one. In a traditional Exchange setup, you can create and manage public folders from the central Exchange management software. You can mail-enable them, configure send-as permissions, set up security and otherwise do all that needs be done to make them usable without ever having to fire up Outlook or OWA.

The Office 365 solution to public folder management? Outlook and/or OWA + PowerShell. Would you like to configure send-as permissions for a distribution list? More PowerShell. One client wanted a mail account to accept mail for archiving purposes, but forward copies of all mail inbound to this account various other addresses within the company. Guess what; we need more PowerShell.

As much as I have a certain affection for the command line as an administrative tool, Microsoft and I have disagreements as to what constitutes "well documented." I also tend to like the command line as a means of modifying flat text files that drive configuration; all the configs in one place, easy to see and manipulate. I am significantly less fond of configuration systems in which I need to know the secret code word to see what the current configuration is.

Modern versions of Exchange are themselves pretty heavily reliant on PowerShell. If for example you want to set up a simple Linux anti-spam pre-filter to your Exchange server, you're probably going to have to root around in PowerShell to play with Exchange's junk mail defaults. In my time as an Exchange admin, I have had to drop to PowerShell the odd time to get some arcane - but obscure - bit of information out of Exchange.

But while PowerShell was an absolute necessity for Exchange 2007, Exchange 2010 largely removed the need and started moving us back towards an MTA as easy to use as Exchange 2003. Businesses without dedicated email admins were winning the war of usability!

Office 365 is a step backwards here. It simply isn't a solution I can set up for a client and wash my hands of. Your typical small business moving away from Small Business Server 2003 is not going to be able to manage and maintain Office 365. They will still end up needing an IT guy for any but the most minor changes.

Office 365 spam management is functionally incomprehensible to mere mortals. Spam can be filtered at three different stages. First, a mail can be blocked at the gateway system to your Office 365 data centre. Here, Microsoft maintains a secret list of ne'er-do-wells for whom it will outright block email. You don't have access to the list, you can't affect the list and you aren't informed if email destined for your domain is blocked by this list.

If the email admin of the sending domain is on his toes, he will notice that mail from his domain is bouncing when heading to Office 365, and he can request to be delisted. If he isn't, you simply won't get any notification that someone was trying to send you mail. When that critical email from a vital business partner goes missing, there isn't any bounce log to comb through looking for answers. Count me unimpressed.

The second place mail can be filtered is your domain-local instance of Forefront. Here you can define various flavours of mail rules and filter, and in truth it is an respectable - if not outright awesome - enterprise class product with a rich featureset. It's also completely incomprehensible if you aren't an email admin. To be fair; by default, anything flagged as spam here ends up in your "junk-email" folder.

In addition to this, your local email client may itself have junk email filtering. I've caught Outlook filtering things Forefront wasn't aware of. Try as you might, there doesn't seem to be a slider bar anywhere to change the Spam Confidence Level at which Office 365 chooses to filter mail.

At the end of the day, Office 365 is an enterprise product. It is full featured, but it needs to be managed by an enterprise email administrator. Unfortunately, an enterprise email administrator is going to be easily frustrated by the seemingly arbitrary system-wide limitations imposed by Microsoft that you don't have any power to change ... even through PowerShell.

What the customer wanted was the power of Exchange with a Fisher-Price-and-Crayons interface. One that exposed every last iota of functionality through a reasonably simple web interface backed up by a kick-ass wiki full of walk-throughs. Office 365 is supposed to replace Exchange, not Hotmail. Given its marketing and the promise of the cloud as hyped by Microsoft itself, it should be as easy to use as Hotmail, even for the really grown-up stuff.

Maybe in the next revision ... ®

Reducing security risks from open source software

More from The Register

next story
Sysadmin Day 2014: Quick, there's still time to get the beers in
He walked over the broken glass, killed the thugs... and er... reconnected the cables*
SHOCK and AWS: The fall of Amazon's deflationary cloud
Just as Jeff Bezos did to books and CDs, Amazon's rivals are now doing to it
Amazon Reveals One Weird Trick: A Loss On Almost $20bn In Sales
Investors really hate it: Share price plunge as growth SLOWS in key AWS division
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
BlackBerry: Toss the server, mate... BES is in the CLOUD now
BlackBerry Enterprise Services takes aim at SMEs - but there's a catch
The triumph of VVOL: Everyone's jumping into bed with VMware
'Bandwagon'? Yes, we're on it and so what, say big dogs
Carbon tax repeal won't see data centre operators cut prices
Rackspace says electricity isn't a major cost, Equinix promises 'no levy'
prev story


Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.