Hybrid SharePoint Administration: Solutions to Common Challenges

Road Bumps During Initial Migration to Hybrid SharePoint

Okay, so your organization is considering — or has made the decision – to move to Office 365 and you’re interested in a hybrid configuration for your SharePoint content. This process is not without its challenges, and proper planning is necessary to streamline your migration as much as possible. Among the items included in your plan should be the following considerations for hybrid SharePoint migration, management, and administration.

Data Inventory

Before beginning the SharePoint migration process, you need to consider how much content you’re moving. What is the size of the ‘footprint’ that needs to be moved — in GBs/TBs? How many items, versions, etc. am I moving? And, finally, where are these items currently located? Are they on sites, in OneDrives, subsites, etc.?

Keeping the above considerations in mind is critical because it takes longer to migrate 10 items totaling 10GB than it does to migrate 1,000 items also totaling 10 GB. The same goes for migrating 100GB from a single OneDrive or SharePoint team site vs. 100GB from 10 drives/sites. The latter would be the faster option in this case.

You might be asking yourself: Why is this true? It seems counter-intuitive. Well, try to think of it like lanes on a highway — it’s not just about the cargo on the truck but how many trucks can move in the number of lanes provided.

Legacy Applications

Next, you should consider if your old workload is tied to a legacy application. You will likely find that you can’t move custom code to the cloud without making major changes to it or replacing it with a new solution.

After that, ask yourself the question: What should I leave behind? Content can be years old, dating as far back as 2001 for some SharePoint farms, and can be responsibly archived, destroyed, or converted to records prior to your migration, which reduces your migration footprint and timeline.

Live vs Ship Drive Migration

Next, consider if you can or want to send your data over the open internet. For certain scenarios, this is more appropriate than others. Some people, such as government entities might be moving to a “Private Cloud”, such as the Azure GovCloud. These organizations don’t want their data to be transmitted over the internet. Even though secure connections exist, they want the least amount of possible risk. This consideration, along with total size, can greatly influence whether you do a “Live” migration or a “Ship Drive” migration. A Live migration happens over the wire, where ShipDrive literally exports the data to a portable Drive and is physically shipped to the Microsoft data center for import. This is a faster option at scale and offers greater security.

For more details about all of the above, download our free white paper: https://www.avepoint.com/blog/zh-hans/sharepoint-2007-to-sharepoint-2016-migration-whitepaper-2/

Delta (Incremental) Migrations

After moving to the cloud, many reasons remain for why you might still be considering a data migration. You might be migrating different systems over time. For example, you can migrate from SharePoint 2013 to the cloud and immediately start using Office 365. AFTER that, the you might also migrate SharePoint 2010, File System, Lotus, etc. in stages over time.

Or, you might need to migrate data WITHIN Office 365 from one site to another, from someone’s old OneDrive to a team site or other location.

There are also some business scenarios to consider. For example, say the content on a site changes in sensitivity level, which means it needs to move to a more secure place OR the content is now ready to be shared with partners and can move to a site with external sharing enabled. You could also be in a situation where you are merging two teams (e.g., digital marketing and SEO) and need to merge their sites. You may also need to migrate between your SharePoint Server farm and your Office 365 environment, which adds complexity to all of the above. As content changes, the nature of where that content resides might also have to change.

Hybrid SharePoint Administration and Permissions Management

The Basics

When considering your hybrid SharePoint architecture and permissions structures, ask yourself:

  1. Who has access to what?
  2. How do they get access?
  3. Who gave access to them?
  4. How do I change permissions?

These four are always crucial and haven’t really changed much in all the years of SharePoint. What makes permissions management even MORE important in Office 365 is how all the data is being pumped into the Microsoft Graph. In the past, if Bob had access to a site or sensitive content, he might not even know. People used to call this “security through obscurity”. Even if something might be unguarded, I have no way of finding out since it’s lost in the jungle of my SharePoint farm.

Now that I have the Graph API powering things like Delve, I might log in and see documents right on my landing screen that I shouldn’t have access to. Permissions management is essential to protecting sensitive content, but so is ensuring people find the right information and get value out of new cloud features like Delve. The alternative would be to completely turn that feature off, which seems counter to moving to the cloud.

Policy Enforcement

In a hybrid environment, authentication requires an understanding of Azure AD Connect as well as how to configure and manage hybrid versions of “Search”, “Managed Metadata Service”, “User Profile Service”, audit, etc. Understanding how licensing works in Office 365 is essential.

Also, a SharePoint Client Access License (CAL) – this is a “per SharePoint user” license – is now not needed, just an Office 365 license, meaning that an organization is only charged once for an Office 365 subscription, which includes SharePoint, rather than charging for both. With the old model, SharePoint CAL and a license for each SharePoint Server and other servers running Microsoft Services (Exchange, Project, etc.) were needed.

The next step is mitigating risk when the end users are in control, and doing so in a non-invasive way. You need to educate users on what “cloud safe” is and work with risk and compliance teams to define any changes to existing policies because of the introduction of cloud.

When it comes to proactively enforcing settings, security, and desired states, a harmonious balance between risk and agility is ideal. Luckily, AvePoint offers a policy enforcement mechanism. This system offers constant monitoring and immediate alerts.

DocAve for Hybrid SharePoint Management

All these headaches may seem like barriers to boarding the SharePoint hybrid train, but fret not! With AvePoint’s DocAve Software, many of those problems are a thing of the past. DocAve allows your organization to centralize hybrid SharePoint administration and save time on management tasks.

Data Discovery

Perform content discovery to scan your existing environment and generate comprehensive reports.

Perform content discovery to scan your existing environment and generate comprehensive reports.

Before moving any data, you first need to understand what data you already own. Analyze your legacy environment with the AvePoint Discovery Tool to identify potential problems that could cause migration failure, understand your current workflows, and assess the feasibility of your SharePoint migration goals.

Restructure SharePoint Content with Easerestructure and copy sharepoint content within your deployment

Give users the ability to easily move and copy content within SharePoint (Online and on premises) while retaining metadata with DocAve Content Manager.

Centralized Administration

With DocAve, you can perform a Security Search to discover users with specific permissions levels.

With DocAve, you can perform a Security Search to discover users with specific permissions levels.

DocAve is your single solution and dashboard to manage your entire hybrid environment and exert universal control over deployments – including permissions management and configuration. You can also ease the burden of managing permissions for users by defining a role-based access control system and standardizing it across your on-premises and online SharePoint. Once your permissions structure is set up as desired, you can also leverage DocAve to prevent unauthorized security changes from occurring. Learn more about DocAve Administrator.

For even more information on hybrid SharePoint management, read our blog post on hybrid SharePoint permissions.