#Office365 Data Residency Move FAQ

If you are one of those Microsoft #Office365 customer who signed up your tenant in a region and later realized that your tenant was not supposed to be in that region your mailbox are not supposed to be in that region and you need to move your core data e.g. mailboxes , now you have an option. Now #Office365 allows you to move your data to your local/regional data center (check the regions here https://msdn.microsoft.com/en-us/library/dn878163.aspx?f=255&MSPPError=-2147217396).

The caveat is that this not going to happen overnight and it make take up to 24 month to move your data. It is also possible that not all of the service and user experience will remain same during that move period.  So make sure you plan it properly and avoid any unknown issue as much as you can. Since this is a new feature and do expect unexpected problems.

What I’d suggest you to wait for this feature to become mature and then accordingly, because there will be so many operation issues which they have already mentioned on their website.

Here are answers to general questions about moving core data to a new datacenter region.

Q. How do you make sure my customer data is safe during the move and that I won’t experience downtime?

A. Data moves are a back-end service operation with minimal impact to end-users. Features that can be impacted are listed on the During and after your data move page. We adhere to the Microsoft Online Services Service Level Agreement (SLA) for availability so there is nothing that customers need to prepare for or to monitor during the move.

All Office 365 services run the same versions in the datacenters, so you can be assured of consistent functionality. Your service is fully supported throughout the process.

Q. What is the impact of having different services located in different regions?

A. For some existing customers and customers in the middle of the move process, some of the Office 365 services may be located in different regions. Our services run independently of each other and there is no user impact if this is the case.

Q. Will new Office 365 customers be automatically provisioned in the new datacenter regions?

A. Yes. Once a new datacenter region is available, new Office 365 for business customers who select a country eligible for the new region as their country during sign-up will have their core data hosted in the new datacenter region.

Q. Where is my data is located?

We publish the location of datacenter regions, datacenters, and location of customer data on the Office 365 interactive datacenter maps. As of August 1, you will be able to verify the location of your customer data at rest via the Data Location section under your Organization Profile in the Office 365 Admin Center.

Q. Will existing Office 365 customers be moved to the new datacenter regions?

A. Eligible Office 365 customers can request to have their core data moved to the new regions. Customers will need to submit a request before the deadline for their region in order to participate.

Q. What customers are eligible to request a move?

A. Existing Office 365 commercial customers who selected a country eligible for the new datacenter region will be able to request a move.

Q. When will I be able to request a move?

A. The request period will be announced on the How to request your data move page.

Q. How can I request to be moved?

A. Eligible customers will see a page in their Office 365 Admin Portal. Please see How to request your data move for instructions on how to request a move.

Q. Can I change my selection after requesting a move?

A. It is not possible for us to remove you from the process after you submit your request.

Q. What happens if I do not request a move before the deadline?

A. We are unable to accept requests to be moved after the deadline in each region.

Q. What if I want to move my data in order to get better network performance?

Being close to an Office 365 datacenter is not a guarantee for a better networking performance. There are many factors and components that impact the network performance between the end user and the Office 365 service. For more information about this and performance tuning see Network planning and performance turning for Office 365

Q. Do all the services move their data on the same day?

A. The services do not move their data at the same time. Each service will move independently and will likely move their data at different times.

Q. Can I choose when I want my data to be moved?

A. Customers are not able to select a specific date, they cannot delay their move, and we cannot share a specific date or timeframe for the moves.

Q. Can you share when my data will be be moved?

A. Data moves are a back-end operation with minimal impact to end-users. The complexity, precision and scale at which we need to perform data moves within a globally operated and automated environment prohibit us from sharing when a data move is expected to complete for your tenant or any other single tenant. Customers will receive one confirmation in Message Center per participating service when its data move has completed.

Q. What happens if users access services while the data is being moved?

A. See During and after your data move for a complete list of features that may be limited during portions of the data move for each service.

Q. How do I know the move is complete?

A. Watch the Office 365 message center for confirmation that the move of each service’s data is complete. When each service’s data is moved, we’ll post a completion notice so you’ll get three completion notices: one each for Exchange Online, SharePoint Online, and Skype for Business Online.

If you see any issues after the move, contact Office 365 Support to get assistance.

Q. What data for Office 365 is stored in the new datacenter regions?

A. If a customer provisions its tenant in one of the new datacenter regions, Microsoft stores the following customer data at rest within the region:

  • Exchange Online mailbox content (e-mail body, calendar entries, and the content of email attachments)
  • SharePoint Online site content and the files stored within that site, including Project Online and Access Online content.

In addition, this data is not replicated outside of the region.

Q. I am an Office 365 customer in one of the new datacenter regions, but when I signed up, I selected a different country. How can I be moved to the new datacenter region?

A. Unfortunately, it is not possible to change the country associated with your tenant. Instead, you need to create a new Office 365 tenant with a new subscription and manually move your users and data to the new tenant.

Q. Will there be any changes on my bill?

A. In most cases there are no changes that customers in will see on their billing statement.

Microsoft will charge all Australian customers of Office 365 an additional amount equal to the Australian GST for Office 365 services and will issue tax invoices. This change will occur because Australian GST is payable on taxable supplies of goods and services provided and offered in Australia.

Q. What happens if we are in process of email data migration to Office 365 during the Exchange Online move?

A. If email migrations are in progress, any individual mailboxes that are currently being migrated will be canceled while the tenant move finalizes, and migration of those mailboxes will automatically restart once the tenant is in the target datacenters.

Q. After data is moved out of the previous datacenter region, is it removed from those datacenters?

A. Yes, the old data will be purged after a period of time.

Q. Can I pilot some users?

A. When your Office 365 tenant is moved to a new datacenter region, all users are moved at once. You can create a separate trial tenant to test connectivity, but the trial tenant can’t be combined in any way with your existing tenant.

Q. How will I be notified about the move and who at my company will be notified?

A. We’ll use the Office 365 message center, which is visible to anyone with any admin permissions in Office 365.

Q. I don’t want to wait for Microsoft to move my data. Can I just create a new tenant and move myself?

A. Yes, however the process will not be as seamless as if Microsoft were to perform the data move.

If you create a new tenant after the new datacenter region is available, the new tenant will be hosted in the new region. This new tenant is completely separate from your previous tenant and you would be responsible for moving all user mailboxes, site content, domain names, and any other data. Note that you can’t move the tenant name from one tenant to another. We recommend that you wait for the move program provided by Microsoft as we’ll take care of moving all settings, data, and subscriptions for your users.

Q. I’m not ready to be moved, can I pick a specific move date?

A. It is not possible for you to change when each service’s customer data will be moved. Data moves are a back-end operation with minimal impact to end-users.

Q. My customer data has already been moved to a new datacenter region. Can I move back?

A. This is not possible. Customers who have been moved to new region datacenters cannot be moved back. As a customer in any region, you will experience the same quality of service, performance, and security controls as you did before.

Q. Do the new datacenter regions use the same versions of Office 365 services as the current datacenter regions?

A. Yes.

Q. Will Office 365 tenants hosted in the new datacenters be available to users outside of the country?

A. Yes. Microsoft maintains a large global network with public Internet connections in more than 50 locations in 23 countries around the world with peering agreements with more than 1,500 Internet Service Providers (ISPs). Users will be able to access the datacenters from wherever they are on the Internet.

 

Data Residency option in #Office365

Data Residency ??

Yes it was new term of me as well when i came across msdn website but this really a need for a number customers who has business partners, business operations, their customers in different region and have to meet their local country data protection laws or in other terms who are concerned about data sovereignty. Data Residency Option is the solution for those type of customer.

What is Data Residency Option? 
Customers with data residency requirements can request to move their core customer data into the new region or regional data center. We recommend our customers to take no action, unless their organization needs core customer data to be stored at rest in their respective new datacenter region. By choosing to move their data, customers limit Microsoft’s possibilities to optimize the location of core customer data at rest in either their current or the new datacenter region. As a customer in any of those two regions, you will experience the same quality of service, performance and security controls as you did before.

Data-at-Rest is not available by default
Yes you may lose the option for your data to be secured at rest if you choose to move your data to a different data center. Which means by default all new data center does not offer data-at-rest- according to above statement.

For customers who need to have their core data moved to the new region:

  • Customers will need to request to have their data moved within a set enrollment window. Review the How to request your data move page for more details about the enrollment window for your region and the steps to enroll into the program.
  • Data moves can take up to 24 months after the request period to complete.
  • We introduce no unique capabilities, features or compliance certifications with the new datacenter region.
  • The complexity, precision and scale at which we need to perform data moves within a globally operated and automated environment prohibit us from sharing when a data move is expected to complete for your tenant or any other single tenant. Customers will receive one confirmation in Message Center per participating service when its data move has completed.
  • Data moves are a back-end service operation with minimal impact to end-users. Features that can be impacted are listed on the During and after your data move page. We adhere to the Microsoft Online Services Service Level Agreement (SLA) for availability so there is nothing that customers need to prepare for or to monitor during the move. Notification of any service maintenance is done if needed.

 

Exchange Server 2016 CU3 with Windows Server 2016 – NOT SUPPORTED – Hold On

Microsoft Exchange Product Team published the blog post that Ex2016 CU 3 having issues with Exchange 2016 due to the crashes of W3WP.exe and the work is being done, till then don’t proceed.

screen-shot-2016-11-05-at-12-28-35-pm

 

TechNet has also published the what other features have been reported for issues on Windows Server 2016.

screen-shot-2016-11-05-at-12-24-15-pm

Stay Tuned with Exchange Blog

https://blogs.technet.microsoft.com/exchange/

 

Permanently Delete User from Office 365 – All You Need to Know

Introduction:

Microsoft Office 365 is an application suite which consists of various services & tools like MS Office Online, Exchange Online, Lync Online, etc. One of the most popular tool/ service is Exchange Online. The organizations use Outlook Web Access(OWA) as their web email client & prefer Exchange Online to manage all users’ email mailboxes. In case an employee has left the organization, we should first block their access & secure their data before we consider deleting their account permanently.

There are two ways to permanently delete user from Office 365, which are soft & hard deletion. When you soft delete a user from Office 365 using O365 control panel, they are saved in a recycle bin for 30 days. But after 30 days, the account gets hard deleted (purged), in simple words; the user mailbox gets deleted and cannot be recovered.

Recommended: Before moving forward with the deletion process, we should first backup Office 365 mailbox to keep records of the mailbox data.

Another way to hard delete / deactivate Office 365 user is by using PowerShell commands. To manage the accounts using PowerShell commands, all you need to do is go to the Azure AD (Active Directory).

We will discuss in detail about the method to permanently delete Office 365 mailbox in the following sections.

But first let’s take a look on some user queries on this issue.

 

Permanently Delete User from Office 365 : User Queries

The few issues or concerns of the users while they try to disable Office 365 email account are as mentioned below.

 

“Our organization had a user whose mailbox we had migrated to Exchange Online from On Premise. While this process was in progress, the user mailbox got some bug. And this forced us to regenerate the user’s on premise mailbox and transfer all the mails to that new account.

We managed to disable/ disconnect the user’s online mailbox but now we are unable to migrate the new user mailbox while the old mailbox is still there. So now my question is; how to permanently delete Office 365 mailbox so that we can migrate the new mailbox to Exchange Online(Office 365)?”

 

“I need to remove email account from Office 365. The user is now blacklisted from our organization. So being an IT admin, I am looking for a solution to permanently delete user from Office 365. One method that I am aware of is to wait for 30 days for the soft deleted emails to get deleted automatically from the recycle bin. Is there any other alternative that I am unaware of?

 

After looking at the user concerns, now let us discuss the scenarios/ cases where a user account can be permanently deleted from Office 365.

 

Hard Deleted Mailboxes : Deletion Scenarios

A hard-deleted user account is a mailbox that was deactivated/ removed in the following conditions:

  • If the user account is soft deleted, it is moved to the Recycle bin and stays there for 30 days. If the user has been soft-deleted for more than 30 days and the associated Azure AD (Active Directory) user has been hard-deleted. In this case, all mailbox data such as contacts, emails, calendars, and documents will be deleted forever.
  • If the soft deleted user account has been removed using the Remove-Mailbox -PermanentlyDelete cmdlet and parameter in EMS (Exchange Management Shell).
  • If the user account’s associated Azure AD user account has been hard-deleted in the Azure AD. The user account will now be soft deleted in O365/ Exchange Online. If within the retention time period of 30 days, a new Azure Active Directory(AD) user mailbox is created/ synchronized from the original on-premise recipient account with the same ArchiveGuid or ExchangeGuid, and that new account is licensed for Exchange Online, then this will hard delete the original user mailbox from Office 365. Every mailbox data will be lost and cannot be recovered.

 

Now, after discussing about the user issues & scenarios that disable Office 365 account; let us now explore various methods to permanently delete user from Office 365.

 

How to Permanently Delete Office 365 Mailbox?

There are various procedures to hard delete a user account in Exchange Online / Office 365. The methods are as follows:

  1. Soft Delete Using EMS & Wait for 30 Days

To remove the user mailbox, you need to have certain permissions.

When you remove an Exchange Online user account using the EMS (Exchange Management Shell), the relating O365 user is deactivated/ disconnected and it is also removed from the list of user mailboxes in the O365 admin center. The user account can still be recovered within 30 days, before the user account gets permanently deleted.

 

The following command is an example which removes/ disables an Exchange Online account and the corresponding Office 365 user mailbox for XYZ SSA.

 

Remove-Mailbox -Identity “XYZ SSA”

 

Note: You could wait for 30 days for hard deletion of the soft deleted account, or you could follow the below procedure to permanently delete Office 365 account.

 

  1. Permanently Delete Office 365 Account Using PowerShell

To hard delete the above user from Office 365, use the below mentioned command to delete the user mailbox for XYZ SSA from the Azure AD.

 

Step :1 Run the following command to connect to Azure AD. Enter the admin Username & Password of the Office 365 account.

 

Connect-MsolService

Step :2  To check the list of all the deleted mailboxes present in the recycle bin, use the following command:

Get-MsolUser –ReturnDeletedUsers

Step :3 Delete email account from Office 365 using PowerShell commands as given below:

i) For Single Mailbox Deletion

Remove-MsolUser –UserPrincipalName [XYZ SSA] –RemoveFromRecycleBin –Force

ii) For Multiple Accounts Deletion

Get-MsolUser –MaxResults 25 -ReturnDeletedUsers | Remove-MsolUser –RemoveFromRecycleBin -Force

Step :4 You may again follow the Step :2 to verify the hard deletion of the mailbox. If the user account is not visible in the recycle bin, it means that the user mailbox is disabled permanently.

 

Conclusion

In this blog we have explored the two types of deletion of an Office 365 user, various user queries regarding deletion of an O365 user account, several hard deletion scenarios & how to permanently delete user from Office 365. Also it is recommended to first take backup of all user’s data before you remove/ deactivate Office 365 user mailbox.

NOTE: This article is posted AS IS from the original author

Tej Pratap Shukla (Dexter) – https://about.me/tejpratap

 

 

 

 

Notes From Microsoft iGnite 2016 #msignite

Running from Hall A to Hall C and then back to Hall A I needed up walking/running approximately 4 miles (6 km) per day, yeah it was good cardio J

I went there to learn more about on-premises Exchange Server 2016 and Hybrid configuration with Office 365 BUT was not quite impressed though you search the sessions you will find approx. 57 sessions on EXCHANGE but most of the are just Office 365 features and product marketing. It looks like iGnite email related (messaging) content were focused to a specific customer market or in other words they ignored the large enterprise customer running complex exchange environment.

I’d also mention that there were some sessions which I liked most and one of them was just specific to Office 365 but it is related to on-premises stuff (Below is the list of sessions I liked most or in other word 5/5 on the score card).

Challenge cloud encryption myths and learn about Office 365 BYOK plans
Yes, now you can bring your own keys.  Very information session from Jaclynn.

Migrate to Exchange Online via Exchange Hybrid
2nd session of the day for Hybrid.  Tons of information, must watch Tim and Mike did an awesome job.  And yes don’t forget to run the RCW on-premises.

Meet twin sons of different mothers (MVPs and Exchange engineers). It was a very interactive session carried out by Tony Redmond with folks from Product Team (Karim Battish and Jeff Mealiffe) and Exchange MVP (Andrew Higginbotham and Jeff Guillet). The room was full of on-premises Exchange Enthusiast.

The Ultimate Field Guide to Office 365 Groups. Microsoft gave a lot of information at Ignite about future developments for Office 365 Groups. This session provided a counterweight in that it focused on how groups are used in the field. This session was carried out by Tony Redmond and Bejamin Niaulin.

Unplug with the experts on Exchange Server and Exchange Online
Another interactive session. Discussion on on-premises, Modern-Auth, ADFS and Hybrid

 

So to conclude that overall it was a busy event, specially with running from one hall to another (wish they plan it better next year). Other than attending these breakout sessions I got most of questions answered by meeting the product team at the booth, I spent HOURS with them.

 

#MSiGnite 2016 Post Keynote Day2 Sessions

The day 2 has just started and I’m going post more blog post but short post and it will cover the highlight to give you (readers) the idea what’s going here 🙂

The first session i attended was on Collaboration with Office 365. 
Speaker – Kady Dundas – and Dan Holmes

This Office 365 sessions explained how can an organization be more effective and productive leveraging features such as Office 365 Group/OutlookYammer, Smart File Attachment using OD4b. One of the most use case of Office 365 Group v/s Distribution Group where Distribution Groups members email back and forth and there no conversation history other than the mailboxes of the distribution group members and users end up using really all in some cases. Also a tedious task if someone new joins the team, Office 365 Group solves that issue.

Office 365 groups were also covered #Millennial , where these groups can be leveraged for contractor and Millennial , since Millennial like social networking and Office 365 are work very well with Yammer too.  Office 365 Group can be configured Public and Private.

Smart attachment of a document using OD4B, Document co-authring and Chat feature in the document (possible with Skype) and Sharepoint Dashboard were also the part of this session. I’m not sure if this event is going to be repeated and if not then watch a recorded session

http://ignite.microsoft.com

Collaboration with Microsoft Office 365