As the online services collaboration landscape continues to evolve, many organizations will start shifting workloads away from on-premises resources. However, for larger organizations with significant investments in on-premises architecture, applications, and services, these changes must happen gradually.

Hybrid configurations for SharePoint allow organizations to begin leveraging the newest cloud-based technologies without forfeiting on-premises investments.

In Chapter 9, Overview of SharePoint Hybrid, we discussed some of the features of the various SharePoint Hybrid configurations. As a review, SharePoint Hybrid supports the following features:

• The Hybrid sites features: Redirects SharePoint Server OneDrive or My Sites to Office 365 OneDrive for Business and configures hybrid user profiles and hybrid site followings
• Hybrid search: Enables users to search for content both on-premises and on SharePoint Online
• Hybrid App Launcher: Configures the Office 365 app launcher to help users navigate between on-premises and online environments

• Hybrid taxonomy: Extends managed metadata and content types from SharePoint Server into SharePoint Online
• Business-to-Business (B2B) extranet sites: Creates members-only partner sites on the Office 365 platform to allow external users access to relevant online content
• Hybrid self-service site creation: Configures self-site creation tasks to a corresponding SharePoint Online process

In this chapter, we're going to review some general best practices and the prerequisites for hybrid connectivity with a SharePoint Server 2019 farm, and explore the Hybrid Configuration Wizard.

Planning for Hybrid best practices

Deploying SharePoint Hybrid requires planning from both the business and technology perspectives. Any solution deployed should be vetted against the business requirements, such as application availability, security, integration with the existing line of business applications, and end-user adoption management.

Technology best practices include the following:

• Ensuring all deployed systems are kept up to date
• Configuring the monitoring and alerting options for services, applications, and system-level notifications
• Implementing security with a least-privileged mindset
• Maintaining adequate documentation of service accounts, web apps, service applications, and site collections
• Implementing change control management
• Maintaining farm, site, and application backups
• Regular testing of disaster recovery procedures
• Identity and security account life cycle management

Each individual Hybrid workload has its own separate recommendations, which will be used throughout this book for informing configuration choices and recommendations.

Configuring the prerequisites for a SharePoint Hybrid farm

The SharePoint Hybrid features are configured with a runtime tool—the Hybrid Configuration Wizard. One of the benefits of a web-based runtime tool is that it is always up to date with the latest capabilities. There are a number of prerequisites that need to be met prior to executing the Hybrid Configuration Wizard and connecting to SharePoint Online.

The terms Hybrid Picker and Hybrid Configuration Wizard are used interchangeably in the Microsoft documentation, the MS-301 exam, and this book. Hybrid Picker was the original name of the configuration tool. It was later renamed to Hybrid Configuration Wizard, but not all references were updated.

Most requirements are required regardless of the Hybrid services being configured. The generally shared prerequisites for all features are as follows.

For SharePoint Server 2013 only, there is the following:

• SharePoint Server 2013 Service Pack 1 and the January 2016 public update: https://docs.microsoft.com/en-us/officeupdates/sharepoint-updates

For SharePoint Server 2013, 2016, and 2019, there are the following:

• Microsoft 365 or a SharePoint Online tenant
• Administrative accounts:
  • A cloud account with the global administrator, application administrator, or cloud application administrator roles.
  • The on-premises account must be a member of the SharePoint Farm Administrators group.
  • The on-premises account must have the securityadmin server role in the farm's SQL server instance.
  • The on-premises account must be a member of the db_owner fixed database role on affected SharePoint databases.
  • The on-premises account must be a member of the local Administrators group on the server where tasks will be performed.

• The Hybrid Configuration Wizard, located at https://go.microsoft.com/fwlink/?linkid=867176
• Microsoft Online Services Sign-In Assistant for IT Professionals RTW, located athttps://go.microsoft.com/fwlink/?LinkID=286152, installed on the search and central administration servers.
• The Azure Active Directory module for Windows PowerShell, located athttps://docs.microsoft.com/en-us/powershell/azure/active-directory/install-msonlinev1?view=azureadps-1.0, installed on the search and central administration servers.
• The URL of the SharePoint Online root site collection (https://<tenant>.sharepoint.com)

Some hybrid configurations (such as search) may have additional requirements, such as service accounts and user rights assignments. As we explore these configurations in later chapters, those specific requirements will be iterated.

Running the SharePoint Hybrid Configuration Wizard

The SharePoint Hybrid Configuration Wizard can be launched from several different locations, including the following:

• The SharePoint Online admin center
• SharePoint Server Central Administration
• Through a direct download link: https://go.microsoft.com/fwlink/?linkid=867176

The Hybrid Configuration Wizard is a web-based runtime application that downloads the current configuration and capabilities each time it's run. Since the Hybrid Configuration Wizard must be run on a SharePoint server, the easiest method to launch it is from Central Administration:

1. Launch Central Administration (SharePoint Server 2016 and 2019) and navigate to Office 365, then select Launch the Hybrid Configuration Wizard.Alternatively, you can open a web browser directly to SharePoint's Hybrid Picker (https://go.microsoft.com/fwlink/?linkid=867176). Both methods will download the newest version of the Hybrid Configuration Wizard:

2. Click Nextto proceed:

3. To connect to the local SharePoint farm, you can use the current user credentials or enter a specific credential. For the Office 365 credentials, enter the username and click Validate credentials. In the modern authentication dialog box that follows, enter the account password. After the validation completes, click Next:

4. Verify that all the prerequisite tests pass. You'll need to resolve any errors before proceeding. Click Nextwhen ready:

5. If you have configured Workflow Manager (Workflow Manager was discussed in Chapter 3, Manage and Maintain a SharePoint Farm), you'll be prompted to update the security realm to ensure the workflows continue to work. If you don't do this automatically, you'll have to return to the wizard or manually run Set-SPAuthenticationRealm. Click Next:

6. Select the options to configure, providing any additional inputs as necessary, then click Next to complete the wizard:

Some of the hybrid features require additional input, such as database or application server names. For options that require additional configuration values, you'll need to click on the feature's corresponding Input Parameters link to add the missing values. The setup will not allow you to proceed without the necessary values populated.

If any additional features are unavailable for your version of SharePoint, you can click on the link to view the report to find out why.

Summary

In this chapter, we reviewed the prerequisites for configuring hybrid connectivity between SharePoint Server and SharePoint Online environment. We also became familiar with downloading and launching the Hybrid Configuration Wizard. These skills are important as they equip you for beginning to configure hybrid workloads for SharePoint Server.

In the next chapter, we're going to begin configuring hybrid features to enable cross-premises workloads.

Questions

Use the following questions to test your knowledge of this chapter. You can find the answers in Chapter 16, Assessment Answers:

1. You are the SharePoint administrator for your organization. While running the Hybrid Configuration Wizard, you opt not to automatically update the Workflow Management authentication realm. What should you do?
   1. Reinstall Workflow Manager.
   2. Nothing—it will be automatically updated in the background.
   3. Rerun the Hybrid Configuration Wizard or run Set-SPAuthenticationRealm.
   4. Launch the Workflow Manager PowerShell module and run Update-WorkflowManagerRealm.
2. When running the Hybrid Configuration Wizard, you notice that the Hybrid Auditing feature is grayed out. What should you do?
   1. Create a new SharePoint Online service administrator account and rerun the Hybrid Configuration Wizard.
   2. Nothing. The Hybrid Auditing feature has been deprecated.
   3. Install the November 2019 public update.
   4. Install a new server with SharePoint Server 2016.
3. You are the SharePoint administrator for your organization. You manage a SharePoint Server 2013 farm. You need to configure the prerequisites. What should you do?
   1. Ensure you are running at least SharePoint Server 2013 Service Pack 1 and the January 2016 public update.
   2. Move Central Administration to a server running SharePoint Server 2016.
   3. Move Central Administration to a server running SharePoint Server 2019.
   4. Update the Central Administration database.