Office 365 License Management: Assigning Licenses by AD Group
Since the dawn of time (if the dawn of time was in 2011), assigning Office 365 licenses has been a...
In Part 1 of this two part series, I made the argument that IT should not own Microsoft 365 and that, in reality, it should be the organization as a whole that owns the service and determines how it works.
Since it was recently published, I have had several conversations (as happens regularly through the week) with organizations about their M365 roadmap and governance approach. What was fascinating to me was the spectrum of approaches I came across – all of which reiterated the point I was trying to make in Part 1.
On one hand, I had IT managers and CIOs who were adamant that the organization be heavily involved and have ownership of the decisions made, whereas on the other hand I had one CIO tell me I had offended him by even suggesting that the IT team may not know everything about the Microsoft 365 platform or Office 365 License management and therefore, may not make the best decisions on behalf of the business. If that were true – why did they even need to engage with an external consultant to help craft the roadmap?
(My comment was actually based off existing workshops and sessions I had done with their IT team that had shown clear gaps in knowledge – so my comment was grounded in fact, and not an opinion proffered.)
This experience highlights the topic of this second part: within IT – who really owns Microsoft 365? And this answer varies depending on what workloads the organization has deployed and plans to deploy.
No, it is not. I tore this argument to shreds in a blog piece back in 2016. Just because Exchange and SharePoint also exist as on-premises server versions does not make Exchange Online or SharePoint Online equivalent products. In reality, that’s about where the similarities end. In fact, if we look at what is included in Microsoft 365, it bears little resemblance to what is available with on-premises solutions and infrastructure.
A lot of Microsoft 365 apps and services integrate and rely upon each other – so traditional IT department approaches of having workload-driven responsibilities doesn’t align with what’s required to understand and manage Microsoft 365.
An example of this was back at Microsoft Ignite in 2019 where I met with a client who wanted assistance around governance of Microsoft Teams. One of the topics that came up was around Microsoft 365 Group creation and whether it should be unrestricted or controlled. Through the conversation they explained that the ability for staff to create distribution groups in Exchange is restricted as the IT department engages with the requestor to understand the purpose of the group (and re-direct them), whereas the SharePoint team allows anyone to create sites as they see fit. Given that a Microsoft 365 Group provides both a SharePoint site and distribution group functionality, their inconsistent approaches between involved workloads makes it challenging to determine a unified approach.
This logic is applied in the scenarios where the messaging team is responsible for cloud-based messaging apps and services such as Exchange, Microsoft Teams, and Yammer.
Exchange – fine. While Exchange Online is not identical to Exchange Server, it’s close enough. However, with this in mind, Exchange Online is a crucial component to Planner, Microsoft 365 Groups, Microsoft Teams, Yammer, MyAnalytics, and others. Decisions made by one team often affect these applications.
Just because a service sends text around doesn’t mean it is the responsibility of the messaging team. Context and purpose are key here. Is Microsoft Teams just a messaging tool? Is Yammer just a communications tool? No. These tools fundamentally change how people, teams and organizations interact with each other. Messaging is but one small part of them. And the existence of Exchange in these apps is predominantly as a message storage service.
Where organizations have existed on file shares, they see OneDrive and SharePoint as cloud versions of home and shared drives, completely ignoring the considerable functionality and capabilities offered by them.
When talking to clients I explain that we don’t deal with files in M365 – we deal with information. And information can represent itself in a number of ways, for example:
Existing Method |
Microsoft 365 Potential Methods |
Document | SharePoint Page(s)/site, Sway |
Spreadsheet | Lists |
Project plan | Planner, Project for the web |
Meeting agenda & minutes | OneNote, Teams meeting recording & transcription |
Survey | Forms, Lists |
Presentation | Sway |
Report | Power BI dashboard |
For me personally, when I help organizations create governance frameworks, I deliver them as a toolkit comprising of SharePoint sites, a Team, workflows, and other elements. It’s not uncommon for clients to be expecting to receive a document – so I have to adjust their expectations in that they will receive documentation, but not a document per-se. Why? Because a document is static. The slightest modification to a document creates a new version and potentially requires review and approval. With a SharePoint site I can embed lists. Each item on the list has its own version history. I can embed Planner boards and have workflows that interact between them. I can embed a Stream playlist in a page for easier access to meetings.By breaking information and content out of their file-based prisons, we can start to utilize other services such as Power Apps and Power Automate to improve our interactions and workflows. We can move information from one format to another, present and consume it in different ways, make it more interactive and alive.
For example, when a governance decision is made in a meeting – it is captured in the meeting recording. That decision is logged in a SharePoint list, which has a lookup to another list of configurations, and the creation of the decision record triggers a workflow that assigns a task in Planner as well as posting a message in a Team channel.
Traditionally, this would have been captured in meeting minutes, stored in a Word document, sat on a file share, or emailed as an attachment.
Files don’t have to stay like that, frozen in time, simply moved to a cloud storage service with a few new features. They can transform like a caterpillar does to a butterfly.
Pray tell. Do the people who are responsible for file servers think about what can be done with the information? Or do they predominantly think about backups and permissions?
This thinking is a leading cause for why many Microsoft Teams implementations are a mess – because for many, Microsoft Teams is just an upgraded version of Skype for Business.
This was incredibly evident for me when I was involved in designing the MS-700 exam for Microsoft. We designed it with a view that Microsoft Teams is a multi-faceted application that interacts with and relies upon many of the features and services within Microsoft 365 – therefore any admin worth their weight should be familiar with those in order to consider themselves a “Certified Teams Administrator”.
When the blueprint of the certification was put out for review it was heavily criticized by many who specialize in Skype for Business, as being too light on voice and too heavy on apps, information, security, and governance. In fact, I recall one person saying that because they dealt with Skype for Business telephone all day every day there needed to be more of it in the exam, and that they don’t deal with information security so things like DLP shouldn’t be in the exam. So, the question to you dear reader – is Microsoft Teams your phone system? Does every person you know who uses Microsoft Teams also use it as their phone system? No, they don’t. But chances are they’re collaborating on files and using apps in Microsoft Teams.
In many organizations I’ve worked with, the ownership of Skype for Business fell under the network team because calling is just data (it is). Skype for Business however was more than just a calling platform. It was also a messaging platform (wait, that’s a different team!) as well as a meeting and file sharing platform (wait, that’s also a different team!). Given Microsoft Teams is much more than Skype for Business – should the ownership of it (and its associated services) be the responsibility of the networking team?
Case in point; one organization I worked with recently was preparing for its Skype for Business to Microsoft Teams voice upgrade. When I got beyond the surface, I found the extent of their transition plan was simply to upgrade the existing Session Border Controllers to support Microsoft Teams as well as Skype for Business. No consideration had been given to licensing requirements, change of voicemail service, coexistence modes, meeting room infrastructure, or even configuration of Direct Routing. So basically 95% of the requirements were not even factored in – because:
- Voicemail was provided by Exchange, so therefore handled by the messaging teamThe rest of the Microsoft Teams platform configuration was not even considered (i.e., guest access, Group creation, chat settings, etc.) as those didn’t fall into any one team.
Sure, a well-planned project would have considered all of these and brought in the right resources – but that would require the right ownership and knowledge in the first place.
Almost every single organization I work with that is on their M365 journey is focused on Microsoft Teams. And to help with improving teamwork they bring along apps like Planner, and to a lesser extent SharePoint (because you know, it’s just a glorified file server for Teams).
When I raise the question to understand what they’re doing to help individuals work better, the answer is invariably something like: “we’re going to train them on Teams, and Planner”. No consideration has been given to improving the individual’s ability to manage their own work through the use of tools such as To Do, OneNote, or MyAnalytics. In fact, several times I’ve raised this question with project teams only to find out that they don’t even know what To Do or MyAnalytics are.
This leads me to my next point...
Learning how to use a product does not mean you know how to use it well.
In some organizations the deployment of Microsoft 365 involves an “adoption” program, which is in many instances just a training schedule with a bit of planning around it. Staff are shown how to use apps such as OneDrive, Planner, Microsoft Teams, and possibly others, however this is largely centered around how to perform their existing functions on the new tools – not how to use these tools to work in new ways. Being shown how to share a file, attend a meeting, and track a task does not improve productivity, collaboration, teamwork, or whatever word you want to apply.
My amazing wife and colleague Megan Strant once said that learning how to use Microsoft 365 apps is more than just putting a bunch of people in the same-colored jersey, sending them out onto the field and expecting them to win the game.
Organizations need to think both broadly as well as deeply if they want to change how people work and improve outcomes. Otherwise, they’re just learning how to do old things with new tools.
Unfortunately, the answer is neither clear nor simple. It is both nobody, and everybody.
The existing siloed approaches organizations have around managing IT systems do not lend themselves to a platform such as Microsoft 365 that once was simple, but is now consolidated, integrated, and in reality, complicated.
Using Microsoft 365 and perfecting Microsoft 365 License Management involves managing the ‘business as usual’ elements, as well as continually driving innovation – which require different mindsets and approaches. Smart organizations recognize this and build dedicated teams to implement, operate, support, and drive the platform. These teams need to employ a variety of talents and skillsets; systems administrators, support engineers, business analysts, change managers, security specialists, information managers, trainers, consultants, and more.
Much like Microsoft Teams offers a number of features and capabilities, but at the same time leverages, interacts with and builds on top of other Microsoft 365 services – so too must those who "own" the platform. The dedicated Microsoft 365 team must have its own set of independent skills and capabilities and leverage other teams and resources around them. Let the messaging team own Exchange, let the information team own SharePoint, let the network team own the Session Border Controllers, let the audio-visual team own meeting room hardware, let the learning & development team own training.
But have a dedicated Microsoft 365 team own Microsoft 365, and work with the other teams to drive the outcomes required. And smaller organizations that don’t have as many resources or teams – try to have at least one to two people focused purely on Microsoft 365. The investment in focus and benefit of ownership will pay off immeasurably.
Managing Office 365 licenses is no easy task and forecasting for future needs can be exhausting. At ENow, we believe in ‘buy only what you need, and adopt all that you buy’, and our solutions can help you achieve just that.
Efficiently and effectively optimize your Office 365 licenses to make informed licensing decisions with ENow Office 365 License Management reporting, including: customizable trend analysis, real-time licenses user lists, license addition history, and much more.
Access your free 14-day trial today! Be the IT hero and drive out any hidden costs.
Over 20 years in IT Loryan has had the opportunity to work with many leading edge technologies - allowing him to be a part of major transformations in the industry. Starting out in web design prior to the dot com era, Loryan then took on more technical roles and has been involved in some of the first Australian deployments of metropolitan networks, voice over IP and video streaming over the Internet. His technical experiences were followed by 15 solid years in various senior consulting positions advising both internal and external senior management / stakeholders on strategic technology adoption and selection along with delivery of solutions across a range of business sectors, and managing technical resources for delivery. Many of his roles have involved coaching and mentoring team members along with establishing incentive schemes to drive results and growth. One of his strengths is the ability to thoroughly understand each client’s challenges and deliver solution in line with their unique business requirements. Loryan is passionate about the cloud and the opportunities it brings. Having spent most of his career delivering on-premise business productivity technology, he founded Paradyne to deliver cost-effective solutions and to advance how people work by means of the cloud. His deep technical expertise is backed by practical business experience, ensuring that customers get the best of both worlds – world-class technology that delivers real business benefits.
Since the dawn of time (if the dawn of time was in 2011), assigning Office 365 licenses has been a...
Microsoft 365 is a powerful...