Reading time:
6 min

Microsoft Office Management – Why Hybrid O365 and On-Prem Combo is Critical


Few are the Office 365 shops that are truly “all in” the cloud. Many have a smidgen of legacy on-premises users; others have a large portion of old-style Office seats.

Some of this is purely economic; these on-premises licenses are long ago paid for. Others are in the process of an O365 migration, an undertaking that can take months, sometimes even years.

Smart shops try to manage all their software effectively, and take steps to insure Office 365 runs smoothly. As O365 takes hold, it is increasingly the way that end user identities are defined. Meanwhile, efficient IT groups want to manage O365 the same way they care for on-prem Office.

Office 365 customers asked for this single style of management for both O365 and legacy Office, and CoreView obliged with our CoreView Hybrid Agent. Here, CoreView performs updates for on-premises environments, such as Active Directory and Exchange servers. It is no longer necessary to switch between admin tools to create on-premises accounts or make password changes. Users, Distribution Groups, and Security Groups are all managed from a single pane of glass, making the hybrid experience much less cumbersome for administrators.

Hybrid Agent Management Wizard

Provisioning and Updating Hybrid Office Environments

CoreView enables IT admins to perform account provisioning and updates to your various Microsoft O365 and hard drive-based services. This helps you keep ALL end users up-to-date as you shift to SaaS solutions.

Creating On-Premises User

Moreover, complex IT operations processes, such as user provisioning and deprovisioning, can be automated through CoreView’s CoreFlow workflow software, speeding up the process and vastly reducing human error. Incorrect user provisioning, whether for a SaaS or on-prem user, has a direct and negative impact on user productivity, while mismanaged deprovisioning can open the doors to potential data breaches.

Hybrid Agent User Card

Secure and Manage Your SaaS and On-Premises Environments

Many companies divide auditing and administration between the Office 365 Admin Portal for SaaS, and other tools to manage Active Directory and Exchange on-premises. This mish mash of tools can compromise security. Since CoreView supports hybrid deployments from a single interface, it reduces human error caused by context switching between tools.

Ten Microsoft Office Management Actions the Hybrid Agent Performs

Here is a summary of key actions performed by the Hybrid Agent:

  • Create/Edit Synchronized users
    • In one single form, you can create both on-premises and SaaS users.
  • Create/Edit On-Premises users
    • Create or Edit on-premises users, as you can do with O365 and synchronized ones, with one single interface.
  • Reset password
    • How often do users forgot their passwords? You can reset the password for them, whether O365 or on-premises, on the fly.
  • Enable remote mailbox
    • Add a remote mailbox to an on-premises user
  • Unlock users
    • User locked? No problem, unlock your user without access to your AD server.
  • Add/Remove members from synchronized Distribution Groups
  • Add/Remove members from synchronized Security Groups
  • Custom actions
    • Microsoft IT pros can define their own custom actions that work in a hybrid setting.

Import Actions

  • Organization units
    • You can see all OUs in CoreView, set them for any OnPrem/Sync user, and create a virtual tenant based on it.
  • AD users filtered by organization units
    • Import users from your AD server, filtered by OUs

Migration Help

Office 365 migration is not a mere snap of the fingers, but can take weeks, months or even a year or more. Even still, some legacy Office users may remain.

The CoreView Hybrid Agent helps customers during the migration process by allowing IT to focus on Office 365 and a new style of managing these end users, applying those practices and solutions to remaining on-premises employees.

Daily Hybrid Office Assistance

To put it simply, the CoreView Hybrid Agent allows IT to manipulate on premise user and group objects. “For example, without the Hybrid Agent, I cannot reset the password of a typical user, change the group membership, or update the display name or the description or the manager of that typical user,” Val Vasquez, CoreView Principal Solution Architect, said. These are all things that the Hybrid Agent can do. In fact, the Hybrid Agent is smart enough to know which users are on-premises, and route admin requests to, say, change a password, to the on-premises Hybrid Agent.

The Hybrid Agent can create a user, reset the password, edit extended properties, enable remote mailboxes, and unlock users. “If somebody had tried to log in too many times, it blocks temporarily. Usually the block might last two or three hours. Unlock user lets you expedite that,” Vasquez said.

The Role of Synchronized Users

There are two main types of end users Hybrid addresses. One is the person that still has on-premises based Microsoft Office. The other was originally on-premises based, then moved to Office365, but the original object that defines that user is still based on the on-premises history.

“Nearly every single customer we’ve ever spoken to has an environment that is made up primarily of synchronized users. These users were initially created on-premises, that then formed the basis of the cloud objects,” said Val Vasquez, CoreView Principal Solution Architect. With such a synchronized user, IT is very limited in the number of changes and the types of changes it can make on that object.

Creating Synchronized User

CoreView’s Hybrid Agent speeds and eases synchronized user creation and management. “Creating a synchronized user is the same as creating an on- premises user, but when you create an on-premises user, you are relying on Microsoft Azure AD Connect to create the on cloud object. That typically takes about 30 minutes,” Vasquez explained. “If instead I use CoreView to create the synchronized user, that whole process would take two minutes — because it does both sides of the coin. It creates the on-premises user, and then a moment later creates the on cloud user. And it links them up in the exact same fashion that Microsoft Azure AD Connect would have.”

Learn More about Mastering Office Hybrid Management

Find out more about Hybrid Microsoft Office Management on our Hybrid web page, or get a personal demo.

Find your level of application adoption, and security profile FREE with our new CoreDiscovery solution. You can get your free software now at the CoreDiscovery sign up page:

See how CoreView can help you with this

Learn more about securing and optimizing your M365 and other SaaS applications.