1. Phoenix
1.1. SMC
1.1.1. Old System - rhi-ag.com
1.1.1.1. 3 Customers - one for each on-prem domain
1.1.1.2. O365 Profile deployable; Documented - Must be created for EACH user
1.1.2. New System - rhimagnesita.com
1.1.2.1. One customer - User must be on Phoenix
1.1.2.2. Single Sign On via Azure AD or deployment via LDAP?
1.1.2.3. Default O365 EAS profile
1.1.2.4. Secondary On-Premise Profile
1.1.2.4.1. LDAP may be required for deployment of on-premise SMC profiles
1.2. Exchange
1.2.1. Red
1.2.1.1. Hybrid enabled
1.2.1.2. Update ALL email address policies to pre-assign the @rhimagnesita.mail.onmicrosoft.com as secondary smtp address
1.2.2. Blue
1.2.2.1. Hybrid enabled
1.2.2.2. Update ALL email address policies to pre-assign the @rhimagnesita.mail.onmicrosoft.com as secondary smtp address
1.2.3. Phoenix
1.2.3.1. Fine-tuning Setup not finalized
1.2.3.2. Hybrid Enabled
1.2.3.3. Setup VDC Primary servers
1.2.3.3.1. VDCSXCP01
1.2.3.3.2. VDCSXCP02
1.2.3.3.3. VDCSXCP03
1.2.3.4. Setup Burlington Secondary Servers
1.2.3.4.1. Waiting on Availability
1.2.4. O365
1.2.4.1. Auto-discover Defferred until Purple becomes focus.
1.2.5. Migrate all mailbox only... RED/BLUE
1.2.5.1. All email policies should auto-set the rhimagnesita.mail.onmicrosoft.com secondary SMTP address
1.2.5.2. Move Shared / Rooms LAST! Stay on prem as long as possible (A. Macho)
1.2.5.2.1. Shared mailboxes - If all users on o365, migrate the shared mailbox also to the cloud
1.3. RSA
1.3.1. Tested - Working with MIGSMCBLUE / MIGSMCRED users
1.3.1.1. RSSC documentation to be created by Martin Sturm
1.3.1.2. User documentation to be created by Martin Sturm
1.3.1.3. Migration Process
1.3.1.3.1. Remove old token/oda from RED/BLUE user
1.3.1.3.2. Issue Software token to Phoenix user
1.4. SKYPE
1.4.1. Prerequisite - Mailbox on O365
1.4.1.1. RED
1.4.1.1.1. Update Purple SID object onto the Blue shadow referral (disabled) user
1.4.1.1.2. Prompt for Exchange credentials on user client can occur
1.4.1.2. BLUE
1.4.1.2.1. Update Purple SID object onto the Blue shadow referral (disabled) user
1.4.1.2.2. Set the hosted voicemail to $true
1.4.1.2.3. Prompt for Exchange credentials on user client can occur
1.4.1.2.4. Hardphone
1.4.2. Enable the Voicemail online
1.5. Evoko Panel Server
1.5.1. Setup new for O365
1.5.1.1. Document migration / setup on new version
2. Antivirus
2.1. Plan migration of all clients from RED/BLUE to PURPLE
2.2. Microphone blocked on Various apps - Reproducable with Jabra Speak and Teams
2.2.1. Testing - Exception on trusted zone appears to have fixed - (For NAThan)
2.2.1.1. Scott deploying and testing.
2.3. New System
2.3.1. PURPLE
2.3.1.1. Configuration and Policies for all servers and clients - WIP
2.3.1.2. Deployment for Clients - WIP
2.3.1.3. Installed / Running & Testing
2.3.1.3.1. Security Certificate Warnings on SSL pages
2.3.1.4. Inherit policies from master to slave to reduce administrative overhead
2.3.1.5. Intelligent delegation of admin and reporting tasks to slaves.
2.3.1.6. NEW SOP & RSSC documentation needed
2.4. Old System
2.4.1. RED
2.4.2. BLUE
2.4.3. Policies are not applying correctly or completely
2.4.3.1. Ongoing tickets with Kaspersky Support
2.4.4. Get policies on RED/BLUE working then export import to Purple.
2.5. Switch DFS to Purple for client deployment
3. Skype
3.1. Rotterdam - New Install
3.1.1. Fully functional - Awaiting port of Production Number block
3.1.1.1. November 11 scheduled
3.1.2. Site documentation needs to be updated
3.1.2.1. Pending
3.2. Radenthein - Remote SIP setup
3.2.1. Questionnaire to Audiocodes needs to be filled and sent
3.2.1.1. Mark Jeffrey - AC assigned Technician
3.2.1.1.1. November 11 - Pick up and resume
3.2.2. Waiting on Map / DMZ / Info from Eva / NMC
3.2.2.1. Reconfigure device interfaces required.
3.2.2.2. Physical connections required on switch
3.3. CN - New Install
3.3.1. CHU
3.3.1.1. SBS Installed
3.3.1.2. GW Setup - No PSTN configuration
3.3.1.3. DID range not provided
3.3.2. QYN
3.3.2.1. SBS Installed
3.3.2.2. GW Setup - No PSTN configuration
3.3.2.3. DID Range Not provided
3.3.3. SHS
3.3.3.1. Awaiting details from CN RSSC
3.3.4. DAM
3.3.4.1. Awaiting details from CN RSSC
3.4. Marktredwitz - Migration to SIP
3.4.1. DMZ Setup in Progress
3.4.2. GW SBC License Applied
3.4.3. 3 Arm reconfiguration in progress (NW)
3.4.4. Appointment for hard cutover with DTAG on November 26 2019
3.5. Huenenberg - Migration to SIP
3.5.1. Outstanding problems with One-way audio on selected calls (Contact: Paul Kreuz)
3.5.1.1. Suspected port range mismatch for Media Streams
3.6. Global - One-Way audio on the TSE : ISSUE
3.6.1. Don should document as PSA for Internal / RSSC and publish on Teams / Distribute
3.7. Global - Migration of Sites back to VDC as Primary Pool
3.7.1. D/A/CH moved
3.7.2. CN/SGP moved
3.8. Long Term : Migration to Teams?
3.8.1. Commercial Impact
3.8.2. Technical feasibility
3.9. Develop and document process to activate new Purple user on Skype.
3.9.1. Manual Steps needs to be documented to Adminstrator Reference - PHOENIX
3.9.2. Script to Automate do multiple steps
3.10. DST Patch for Brazil
3.10.1. Completed by Don - OTRS Ticket XXXXXXXXX
4. Exchange
4.1. SAAS Backup for Online account viable
4.1.1. Setup by Nathan - Actively Backing up all O365 users
4.1.2. Script to populate backup targets written by Don.
4.2. New hardware deployment
4.2.1. VDC
4.2.1.1. Available - Needs Install and Configuration
4.2.1.1.1. VDCSXCP01
4.2.1.1.2. VDCSXCP02
4.2.1.1.3. VDCSXCP03
4.2.1.2. TSM for local to take over from Livevault
4.2.1.2.1. Needs to be established on Phoenix On-Premise
4.2.2. BUR
4.2.2.1. Waiting on Mike Swirski - Expected Nov
4.2.2.1.1. BURSXCP01
4.2.2.1.2. BURSXCP02
4.3. Journaling Strategy
4.3.1. Use old MBX reload to Phoenix as journal server?
4.3.1.1. Slow but 25Tb!
4.3.1.2. 8 Server redundancy!
4.3.2. Use existing 24Tb on VDCSXCP01/2/3 if we can actually get it working
4.4. Renew Internal owa.rhi-ag.com certificate prior to 11/14/2019
5. RSA
5.1. Investigate if the User cleanup can be chron scheduled more than once a day
5.1.1. RSA support ticket
5.2. Download and deploy AM8.4 Patch 7
5.2.1. Check to see what if any benefit it brings
5.3. Investigate how to implement RSA 2-factor for O365/onprem webmail
5.3.1. Commercial Impact/Effort?
5.3.2. Technical Feasibility
5.4. Plan how to change server FQDN from .rhi.local to .rhimagnesita.com
5.4.1. Check to replace certificates
5.4.2. Not domain joined? - do agents address via IP?
5.4.3. Weblinks for Security console and operations console?
6. Encryption
6.1. WinMagic
6.1.1. ORDERED! PO in progress 200 Units
6.1.1.1. Document
6.1.1.2. Customise
6.1.1.3. NEW SOP for Admins and RSSC Needed
6.1.1.4. Communicate and redeploy all encrypted KSC Machines
7. SMC
7.1. Investigate how to deploy Outlook for IOS / Android with mailbox configuration
7.1.1. Does script block?
7.1.1.1. YES
7.1.2. How to deploy/restrict
7.1.2.1. On Demand ONLY - default NO
7.1.2.2. Using Custom Property
7.1.3. Benefits/Features?
7.1.3.1. PRO: Client Consistency Experience
7.1.3.2. CON: Android / IOS COMPLETELY DIFFERENT!!!
7.2. Update all RSSC accounts to "limited Administrator" to support Phoenix efforts
7.2.1. PP - In progress Red RSSC still missing on Phoenix
7.3. Setup mechanism to Self-deploy MyRHIMAG app without app store.
7.3.1. Done - Needs testing and deployment to default profiles