This document summarizes a session from AWS re:Invent 2017 on migrating Microsoft applications to AWS. The session will provide an overview of why customers migrate to AWS, discuss general migration methodology, include deep dives into Active Directory, SQL Server, SharePoint, and Exchange migrations, and feature workshops and team presentations. It outlines the session timeline and topics to be covered.

1. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS re:INVENT
Migrating Microsoft Applications to AWS
B i l l J a c o b i , S e n i o r S o l u t i o n s A r c h i t e c t
M o n d a y 4 : 0 0 P M - M G M , L e v e l 1 , G r a n d B a l l r o o m 1 2 0
W I N 4 0 1
N o v e m b e r 2 7 , 2 0 1 7

2. What to Expect from the Session
• Why customers are migrating Microsoft applications to
AWS
• General migration methodology
• Deep dive into Microsoft migrations
• Workshop
• Team presentations

3. Timeline - Monday
Time Duration Topic
16:00 5 Min Welcome and introductions
16:05 5 Min Why customers are migrating Microsoft applications to AWS
16:10 30 Min General Migration Methodology
16:40 30 Min Deep dive into Microsoft Migrations
17:10 5 Min Workshop
17:15 10 Min Kick off SharePoint Quick Start
17:25 60 Min Architect your solution
18:25 30 Min Team presentations
18:55 5 Min Wrapup

4. Timeline - Thursday
Time Duration Topic
11:30 5 Min Welcome and introductions
11:35 5 Min Why customers are migrating Microsoft applications to AWS
11:40 30 Min General Migration Methodology
12:10 30 Min Deep dive into Microsoft Migrations
12:40 5 Min Workshop
12:45 10 Min Kick off SharePoint Quick Start
12:55 60 Min Architect your solution
13:55 30 Min Team presentations
14:25 5 Min Wrapup

5. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Why Customers Are Migrating
Microsoft Applications to AWS

6. Flexible
Why are customers migrating Microsoft
applications to AWS?
Secure Reliable High-performance Familiar Cost-effective Extensive
Optimization for Windows-based workloads
Wide range of scalable services
Full featured servers

7. Key solution scenarios
Active Directory on
AWS for Windows

8. SharePoint Migration in 3 Steps
Assess
Discover server count,
resources,
dependencies
Discover apps,
documents, and sites
Discover activity level
of apps, documents,
and sites
Determine migration
issues
Develop migration plan
Migrate
Cold store tier 3
(retirement) content
Archive tier 2 content
Migrate active content
Migrate like-for-like
SharePoint servers to
cloud
Test that all
functionality is
maintained
Optimize
Use Amazon Glacier
for tier 3 content
Use Amazon S3 for tier
2 content (RBS or
documents)
Use Amazon WorkDocs
for tier 2 content
Optimize
Use cloud as
opportunity to
reorganize site
collections, sites,
subsites
Upgrade Microsoft
Servers to latest
versions
Reuse SharePoint
licenses in cloud from
archived tier 2 and
tier 3 content
Optimize

9. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
General Migration Methodology

10. Let’s get started …
How to successfully plan for an application migration to
AWS
MigrationAssessment

11. Common questions
• I am not sure what I have. How can I assess my
environment?
• Where do I start?
• What tools can/should I use?
• Who can help me?
• Is there a process that can guide me?
• How long should it take?

12. Migration process “mental model”
1) Evaluate
opportunity
2) Discover,
analyze, and
plan
3) Application
design
4) Migrate,
integrate, and
validate
5) Operate and
optimize
Application 3 Application 3
Application 2 Application 2
Application 1 Application 1
Existing IT
Estate
Scoped
Migration
New Operating
Model

13. Portfolio discovery
Tools should automate your discovery process
and can be classified as:
• Agent-based or agentless
• Port-scanning or packet-scanning
• Appliance-based or SaaS offering

14. Application discovery & planning tools
• AWS Application Discovery Service
• RISC Networks
• Cloudamize
• ATADATA
• CASAHL Technology
• Metalogix

15. AWS Application Discovery Service
• Collects and presents data to
understand configuration, usage, and
behavior or servers
• Agent-based (agentless for VMWare)
• Collects system configuration, system
performance, running processes,
details of network connections
between servers
• Use data to create a migration and
discovery plan
• Test on Amazon EC2 instances

16. Casahl Technology
• SharePoint Discovery/Assessment tool shows
• Percent of Active Sites and associated storage
• Percent of Active Content Needed to Migrate to
the Cloud
• Percentage of Active Users
• Amount of Duplicated Content
• Answers key questions
• What can be retired (tier 3)
• What can be archived (tier 2)
• What needs to be hosted on AWS (tier 1)

17. Application migration tools
• AWS Server Migration Service
• VMWare Cloud on AWS (Beta)
• Atadata
• CloudEndure
• Metalogix
• AvePoint
• ShareGate
• Application-specific migration tools

18. AWS Server Migration Service
• Automates a replication of live server volumes to AWS
• Orchestrates large-scale server migrations
• Replicates deltas that occur during migration
• Manages and tracks the progress of your server
migration in UI

19. AWS Server Migration Service

20. Cloud migration strategy
Discover/Assess/Prioritize
Applications
Use Migration Tools
Cutover
Retain/
Not
Moving
App Code
Development
Purchase COTS/
SaaS & licensing
Validate
Modify underlying
Infrastructure
Full ALM/
SDLC
Manual Config
Manual
Deploy
Manual
Install
Retire/
Decommission
Determine
Migration
Path
Automate
Manual Install
& Setup
Integration
Determine
new platform
Operate

21. Contingency plan
Discover/Assess/Prioritize
Applications
Use Migration Tools
Cutover
Retain/
Not
Moving
App Code
Development
Purchase COTS/
SaaS & licensing
Validate
Modify underlying
Infrastructure
Full ALM/
SDLC
Manual Config
Manual
Deploy
Manual
Install
Retire/
Decommission
Determine
Migration
Path
Automate
Manual Install
& Setup
Integration
Determine
new platform
Operate

22. Comparing cloud migration strategies
Time Cost Agility
Retain + + N/A
Retire + + N/A
Re-host ++ ++ ++
Re-purchase +++ ++++ +++
Re-platform +++ +++ +++
Refactor ++++ ++++ ++++
Low
High
Migrationcomplexity

23. Migration validation, integration, and cutover
Migrate Validate Cutover
Integrate

24. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Deep Dive into Microsoft Migrations

25. Deep Dive into Microsoft Migrations
Active Directory on
AWS for Windows

26. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Availability Zone
Private subnetPublic subnet
Availability Zone
Private subnetPublic subnet
Remote
users
Sample
Microsoft
architecture
Virtual private
gateway
Corporate
Office
IIS
App
IIS
Web
IIS
App
IIS
Web
VPN
AWS Direct
Connect
Internet
gateway
RDGW
VPC NAT
gateway
RDGW
VPC NAT
gateway
AWS
Directory
Service
AWS
Directory
Service
MS
SQL
MS
SQL
Always On
availability
group
VPC endpoint Amazon S3
Auto Scaling

27. Shared services VPC
Use when
• The majority of your infrastructure is (or
will be) on AWS.
• The required on-premises resources are
easy to replicate or proxy (for example,
Active Directory, System Center, or a
central SQL farm).
• You prefer to limit VPN traffic.
• Strong security or compliance programs
require additional application-level
controls and proxy servers between their
AWS and on-premises resources (for
example, application-layer firewalls).

28. Active Directory

29. Single domain extended to multiple sites
Availability Zone B
Private subnet
DC4
Corporate network
Washington DC
DC1
New York
DC2
Cost 50
Availability Zone A
Private subnet
DC3
Cost 10
company.local
company.local
One single identity, data center extension mode
(rely on Active Directory sites, read-only or not)
VPN
AWS Direct
Connect

30. One subdomain per site
Availability Zone B
Private subnet
DC4
Corporate network
Washington DC
DC1
New York
DC2
company.local
Availability Zone A
Private subnet
DC3
cloud.company.local
Isolated subset of the directory, single identity for users
(Active Directory domains in a single forest)
VPN
AWS Direct
Connect

31. One forest per site and trust
Availability Zone B
Private subnet
DC4
Corporate network
Washington DC
DC1
New York
DC2Availability Zone A
Private subnet
DC3 company.local
company.cloud
Separate directories, single identity
(Cross-forest/resource forest with trust)
AWS Directory Service
company.cloud
VPN
AWS Direct
Connect

32. Active Directory Federation Services
Private subnet
DC4
Corporate network
Washington DC
DC1
New York
DC2
Private subnet
DC3
company.cloud
company.local
Federation/
synchronization
AWS Directory Service
company.cloud
VPN
AWS Direct
Connect
AD FS AD FS
Public subnetPublic subnet
Web
App
Proxy
Web
App
Proxy
Availability Zone A Availability Zone B

33. AWS Microsoft AD

34. Active Directory Quick Start
Quick Start
• https://aws.amazon.com/quickstart/architecture/active-directory-ds/
Repo
• https://github.com/aws-quickstart/quickstart-microsoft-
activedirectory
Templates
• https://github.com/aws-quickstart/quickstart-microsoft-
activedirectory/blob/master/templates/README.md
Scripts
• Configure-RDGW.ps1
• ConvertTo-EnterpriseAdmin.ps1
• New-CertificateAuthority.ps1
• New-LabADUser.ps1

35. SQL Server

36. SQL Server HA/DR on EC2
• Windows clusters can span Availability Zones or
regions*
• Mirroring
• AlwaysOn availability groups
• Transaction log shipping
• Failover cluster instance*
* Some configurations require third-party tools.

37. Multi-AZ AlwaysOn availability group
Availability Zone 1
Private Subnet
EC2
Primary
Replica
Availability Zone 2
Private Subnet
EC2
Secondary
Replica
Synchronous Commit
Automatic Failover
AWS Region

38. Amazon RDS
• Managed database service
• Automatic patching, backups, mirroring, etc.
• Automatic Host Replacement protects you in the event of a
hardware failure.
• Six database engines to choose from: Amazon Aurora,
Oracle, PostgreSQL, MySQL, MariaDB, and SQL Server
• License-included and BYOL options available

39. SQL Server on Amazon RDS
• You can use Windows or mixed authentication.
• Optional managed Multi-AZ deployment is available for
high availability.
• You can use Transparent Data Encryption for encryption
at rest and SSL to secure data in transit.
• Native backup and restore for Microsoft SQL Server
databases is available using full backup files (.bak files).
• Most tools or drivers (OLE DB, ODBC, or ADO.NET) that
connect to SQL Server can connect to an RDS instance.

40. Multi-AZ SQL Server on Amazon RDS
Availability Zone 1
Private Subnet
Availability Zone 2
Private Subnet
Synchronous Commit
Automatic Failover
AWS Region
Amazon
RDS
Primary
Amazon
RDS
Secondary
Managed Service

41. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Snowball: Use backup/restore
Amazon RDS
Amazon EC2
AWS Snowball is a petabyte-scale data transport solution
that uses secure appliances to transfer large amounts of
data into and out of the AWS Cloud.

42. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Snowball

43. AWS Database Migration Service
AWS Database Migration Service (AWS DMS) easily and securely
migrates and/or replicates your databases and data warehouses to
AWS
Supports homogeneous migrations (SQL Server SQL Server)
Takes care of replicating deltas while migration in process
Also supports heterogeneous migrations (SQL Server, Oracle,
Amazon Aurora, MySQL, PostgreSQL, MariaDB)
AWS Schema Conversion Tool (AWS SCT) converts your commercial
database and data warehouse schemas to open-source engines or
AWS-native services, such as Amazon Aurora and Amazon Redshift

44. AlwaysOn Availability Groups

45. SQL Server Quick Start
Quick Start
• http://docs.aws.amazon.com/quickstart/latest/sql/
Repo
• https://github.com/aws-quickstart/quickstart-microsoft-sql.git
Templates
• https://github.com/aws-quickstart/quickstart-microsoft-
sql/tree/master/templates
Scripts • MaxDOP.sql
• OpenWSFCPorts.bat
• OpenWSFCPorts.ps1
• Reconfigure-SQL.ps1
• SQLBlaster_Demo.zip
• Set-ClusterQuorum.ps1
• Set-Folder-Permissions.ps1
• SetMaxDOP.ps1
• Test-ADUser.ps1
• AddUserToGroup.ps1
• Configure-WSFC.ps1
• DownloadSQLEE-Legacy.ps1
• DownloadSQLEE.ps1
• Enable-AlwaysOn.ps1
• Install-NETFrameworkCore.ps1
• Install-WindowsFailoverClustering.ps1
• InstallSQLEE.ps1

46. SharePoint

47. SharePoint 2016 on AWS
• HA SharePoint 2016
• a
• Supports
no-downtime
patching
• Add Office Online
Server and Workflow
Manager
Availability Zone #1
Directory Tier (Subnet)
Web Tier (Subnet) App Tier (Subnet) Data Tier (Subnet) Directory Tier (Subnet)
Availability Zone #2
AWS
ELB
VPC NAT
Gateway
Public Tier (Subnet) Data Tier (Subnet)
Windows Server
RD Gateway
VPC NAT
Gateway
Public Tier (Subnet)
Windows Server
RD Gateway
SQL Server
SQL Server
Web Tier (Subnet) App Tier (Subnet)
Domain
Controller
Domain
Controller
S SharePoint
Application
Always On
Availability Group
(Synchronous)
S SharePoint
Front-end
S
SharePoint
Distributed
Cache
S SharePoint
Search
S
SharePoint
Distributed
Cache
S
SharePoint
Distributed
Cache
S SharePoint
Application
S SharePoint
Search
S SharePoint
Front-end
Office
Online Server
Office
Online Server
Workflow
Manager
Workflow
Manager
Workflow
Manager

48. SharePoint Migration
• Migrate Active Directory to AWS
using AD Quick Start
• Provision/augment SharePoint on
AWS with SharePoint Quick Start
• Set databases to read-only
• Copy databases to new farm
• Upgrade service applications
• Upgrade content databases and
site collections
• Update DNS to point to AWS
SharePoint farm
• Detailed migration steps
• Or use APN partners such as
Metalogix
SharePoint Quick Start

49. SharePoint Migration

50. SharePoint Migration

51. SharePoint Migration

52. SharePoint Migration

53. SharePoint Migration

54. SharePoint Migration
Database Migration
Performs the copy of content
and service databases
Near real-time replication
over IPSEC VPN or Direct
Connect
AWS Snowball for “pack and
ship” databases using
backup/restore

55. Metalogix Content Matrix
SharePoint Migration Partner Tools
Casahl Analyzer
https://www.metalogix.com https://www.casahl.com

56. SharePoint Quick Start
Quick Start
• http://docs.aws.amazon.com/quickstart/latest/sharepoint/
Repo
• https://github.com/aws-quickstart/quickstart-microsoft-sharepoint.git
Templates
• https://github.com/aws-quickstart/quickstart-microsoft-
sharepoint/tree/master/templates
Scripts
• Add-SPFarmLoginToWSFCNode2.ps1
• Install-SP2016.ps1
• Install-SP2016PreReqs.ps1
• config2016.xml

57. Exchange

58. Exchange Migration
• Migrate Active Directory to AWS
using AD Quick Start
• Provision/augment Exchange on
AWS with Exchange Quick Start
• Create a list of mailboxes to
migrate
• Set AWS as the migration
endpoint in Exch Admin Center
• Migrate mailboxes in batches
• Mail-enable users in batches on
AWS
• Update DNS to point to cloud
Exchange (MX, Autodiscover, etc)
• Detailed migration steps
Exchange Quick Start

59. Exchange Admin Center

60. Exchange Admin Center

61. Exchange Admin Center

62. Exchange Quick Start
Quick Start
• https://docs.aws.amazon.com/quickstart/latest/exchange/
Repo
• https://github.com/aws-quickstart/quickstart-microsoft-exchange.git
Templates
• https://github.com/aws-quickstart/quickstart-microsoft-
exchange/tree/master/templates
Scripts
• Install-Exch2013.ps1
• Install-Exch2013Org.ps1
• Install-ExchPreReq.ps1
• Install-UcmaRuntime.ps1
• New-EdgeDnsRecord.ps1
• Reset-LocalAdminPassword.ps1
• Set-PrimaryDnsSuffix.ps1
• Create-Folder.ps1
• Create-Share.ps1
• Disable-AutoLogon.ps1
• Enable-AutoLogon.ps1
• Expand-ExchangeFiles.ps1
• Initialize-ExchangeVolume.ps1
• Install-Edge2013.ps1
• Install-EdgePreReq.ps1

63. Skype for Business Migration
• Migrate Active Directory to AWS using AD Quick Start
• Provision Skype for Business on AWS mapping user pools
• Move all users to new Skype for Business user pools
• Detailed migration steps

64. Lync Quick Start
Quick Start
• http://docs.aws.amazon.com/quickstart/latest/lync/
Repo
• https://github.com/aws-quickstart/quickstart-microsoft-exchange.git
Templates
• https://github.com/aws-quickstart/quickstart-microsoft-
lync/tree/master/templates
Scripts
• Install-Lync2013.ps1
• New-LyncEdge.ps1
• Set-LyncEdgeNetwork.ps1
• Topology-Edge.xml
• Topology.xml

65. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Workshop

66. Before You Architect
Perform Individually
• Kick off the AWS SharePoint Quick Start
http://docs.aws.amazon.com/quickstart/latest/sharepoint/welcome.html
Team Workshop
• Read the case study
https://s3-us-west-2.amazonaws.com/aws-win401/Win401-Workshop.docx
• Form and meet your teams
• Choose your scribe
• Determine what you will migrate, how, and the cost savings
• Choose your presenter(s)

67. Planning your cloud migration
• Decide on a migration strategy.
• Retain; Retire; Re-purchase; Re-host; Re-platform; Re-
factor
• Decide on a priority and build the migration backlog.
• Identify tools to help facilitate the migration.
• Start to architect and design what the operational
landing zone will look like.

68. Getting ready for migration planning
• A final architecture for the target environment in the
AWS Cloud.
• Understand hybrid connectivity with the target cloud
environment.
• A discovery of your cloud migration portfolio.
• Details of the application owners.
• Come up with a contingency plan to ensure that the
blast radius is small is contained if there are issues.

69. Migration Checklist
• Network connectivity
• Migration tools
• Monitoring
• Amount of data
• AWS service limits (soft and hard)
• On-premises limitations
• Test plans for the application and your users
• Cutover plans
• Escalation and operational plans
• Define success criteria
• One last baseline performance analysis of the source
environment for comparison to the new environment

70. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Team Presentations

71. Related Sessions
WIN204 Simplifying Microsoft Architectures with AWS services
WIN301 Migrating SQL Server databases to AWS: Best practices and patterns
WIN302 Deep Dive on Active Directory – From One to Many AWS Regions
WIN303 Move your .net App to AWS without betting the house
WIN304 How to Bring Microsoft Apps to AWS to unlock your budget
WIN305 Deep Dive: Architecting Microsoft Applications with VMware on AWS
WIN306 Design, Deploy, and Optimize SQL Server on AWS
WIN309 How To Optimize AWS Services for SharePoint Deployments
WIN311 Unified Access Management with AWS Managed services for Microsoft Active Directory
WIN313 Ensuring your Windows Workloads are Well Architected
WIN314 Strategies for Migrating Microsoft SQL Databases to AWS
WIN403 AWS Directory Service for Microsoft Active Directory Deep-dive

72. Additional resources
Web Pages
Microsoft on AWS
http://aws.amazon.com/windows/
AWS Cloud Adoption Framework
http://aws.amazon.com/professional-services/CAF/
Reference Deployment Quickstart
http://aws.amazon.com/quickstart/
https://github.com/aws-quickstart
quickstart@amazon.com
AWS Windows and .NET Developer Center (with sdk)
http://aws.amazon.com/net/
Amazon EC2 Windows Guide
http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/
Microsoft Licensing on AWS
http://aws.amazon.com/windows/resources/licensing/
Whitepapers
Implementing Active Directory Domain Services on AWS
Implementing Microsoft Windows Server Failover Clustering
and SQL Server AlwaysOn Availability Groups in the AWS
Cloud
Remote Desktop Gateway Reference Architecture
Exchange on AWS Implementation & Planning Guide
Secure Microsoft Applications on AWS
more at http://aws.amazon.com/microsoft/whitepapers
Contact Us
https://aws.amazon.com/microsoft/contact-us/
If you have either business or technical questions about running
Microsoft software on AWS, please don’t hesitate to contact us.

73. Remember to complete
your evaluations!Please submit your feedback

74. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS re:INVENT
Migrating Microsoft Applications to
AWS - Workshop
T H A N K Y O U
W I N 4 0 1