This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Microsoft 365 and Office 365 advanced deployment guides give you tailored guidance and resources for planning and deploying your tenant, apps, and services. These guides are created using the same best practices that Microsoft 365 FastTrack onboarding specialists share in individual interactions. They provide information on product setup, enabling security features, deploying collaboration tools, and provide scripts to speed up advanced deployments.
All advanced deployment guides are available in the Microsoft 365 admin center as described in the section below, and most guides can also be found in the Microsoft 365 Setup portal.
Access to advanced deployment guides in the admin center requires authentication to a Microsoft 365 tenant as an administrator or other role with access to the admin center. Advanced deployment guides in the Microsoft 365 Setup portal can be accessed by anyone. We have provided links to both locations for each guide, where available, in the tables below.
Note that guides are still being added to the setup portal, but there are a few guides that will only be available in the admin center because they require authentication to a tenant to function.
In this article:
Advanced deployment guides are accessible from the Advanced deployment guides & assistance page in the Microsoft 365 admin center. When you access advanced deployment guides from the admin center, you can keep track of the status of your progress and return at any time to complete a guide. This functionality is not available when you access guides from the Microsoft 365 Setup portal.
Note
You must be assigned an admin role such as Global Reader to access advanced deployment guides in the Microsoft 365 admin center. Only admins with the Global Administrator role can use the guides to change settings in the tenant.
Important
Advanced deployment guides aren't available for the GCC High or DoD environments, or for Microsoft 365 operated by 21Vianet.
To reach the Advanced deployment guides & assistance page:
In the Microsoft 365 admin center, go to the Home page.
Find the Training, guides & assistance card and select Advanced deployment guides & assistance.
If you don’t see that card, access the page directly at https://aka.ms/advanceddeploymentguides.
Advanced deployment guides in the admin center require authentication to a Microsoft 365 tenant as an administrator or other role with access to the admin center, but guides in the Microsoft 365 Setup portal can be accessed by anyone.
| Guide - Setup Portal | Guide - Admin Center | Description |
|---|---|---|
| Microsoft 365 Copilot setup guide | Microsoft 365 Copilot setup guide | The Microsoft 365 Copilot setup guide gets you up to speed on Copilot, which revolutionizes collaboration and takes advantage of AI to automate tasks such as writing, editing, and data visualization across Word, Excel, PowerPoint, Outlook, and Teams. Copilot also simplifies the creation of meeting summaries. Our setup guide facilitates smooth integration, allowing your organization to automate work processes and enhance collaboration seamlessly. |
| Prepare your environment guide | Prepare your environment guide | The Prepare your environment guide helps you prepare your organization's environment for Microsoft 365 and Office 365 services. Whatever your goals are, there are tasks you'll need to complete to ensure a successful deployment. To avoid any errors while preparing your environment, you're provided with step-by-step instructions to connect your domain, add users, assign licenses, set up email with Exchange Online, and install or deploy Office apps. |
| Email setup guide | Email setup guide | The Email setup guide provides you with the step-by-step guidance needed for configuring Exchange Online for your organization. This guidance includes setting up new email accounts, migrating email, and configuring email protection. For a successful email setup, use this advisor and you'll receive the recommended migration method based on your organization's current mail system, the number of mailboxes being migrated, and how you want to manage users and their access. |
| Gmail contacts and calendar advisor | Gmail contacts and calendar advisor | When you migrate a Gmail user's mailbox to Microsoft 365, email messages are migrated, but contacts and calendar items are not. The Gmail contacts and calendar advisor provides steps for importing Google contacts and Google calendar items to Microsoft 365 using import and export methods with Outlook.com, the Outlook client, or PowerShell. |
| Remote work setup guide | The Remote work setup guide provides organizations with the tips and resources needed to ensure your users can successfully work remotely, your data is secure, and users' credentials are safeguarded. You'll receive guidance to optimize remote workers' device traffic to both Microsoft 365 resources in the cloud and your organization's network, which will reduce the strain on your remote access VPN infrastructure. |
|
| Windows 11 and Surface setup guide | Windows 11 and Surface setup guide | The Windows 11 and Surface setup guide provides information on deployment capabilities, tools, and strategies for deploying Windows 11 for new devices, existing devices, and Surface devices. You’ll gain knowledge on setting up co-management with Intune, using autopilot for customizing the out-of-box experience, and reviewing endpoint security features. This information will provide a starting point for planning your Windows 11 deployment. |
| Microsoft Edge setup guide | Microsoft Edge setup guide | Microsoft Edge has been rebuilt from the ground up to bring you world-class compatibility and performance, the security and privacy you deserve, and new features designed to bring you the best of the web. The Microsoft Edge setup guide will help you configure Enterprise Site Discovery to see which sites accessed in your org might need to use IE mode, review and configure important security features, configure privacy policies and compliance policies to meet your org's requirements, and manage web access on your devices. You can download Microsoft Edge to individual devices, or we'll show you how to deploy to multiple users in your org with Group Policy, Configuration Manager, or Microsoft Intune. |
| Configure IE mode for Microsoft Edge guide | Configure IE mode for Microsoft Edge guide | If you've already deployed Microsoft Edge and only want to configure IE mode, the Configure IE mode for Microsoft Edge guide will give you scripts to automate the configuration of Enterprise Site Discovery. You'll also get IE mode recommendations from a cloud-based tool that will help you create an Enterprise Mode Site List to deploy to your users. |
| Microsoft Search setup guide | Microsoft Search helps your organization find what they need to complete what they're working on. Whether it's searching for people, files, org charts, sites, or answers to common questions, your org can use Microsoft Search throughout their workday to get answers. The Microsoft Search setup guide helps you configure Microsoft Search whether you want to pilot it to a group of users or roll it out to everyone in your org. You'll assign Search admins and Search editors and then customize the search experience for your users with answers and more options, like adding the Bing extension to Chrome or setting Bing as your default search engine. |
|
| Block use of Internet Explorer in your organization guide | Microsoft support for Internet Explorer 11 is ending soon for most versions of Windows 10. The Block use of Internet Explorer in your organization guide ensures that your users can still run legacy web apps that rely on Internet Explorer. This guide also helps you move those users to Microsoft Edge with IE mode. |
| Guide - Setup Portal | Guide - Admin Center | Description |
|---|---|---|
| Configure multi-factor authentication (MFA) guide | The Configure multi-factor authentication (MFA) guide provides customers with Microsoft Entra ID P1 or Microsoft Entra ID P2 customizable Conditional Access templates that include the most common and least intrusive security standards. When Microsoft Entra ID P1 or P2 licensing isn’t available, we provide a one-click solution to enable Security Defaults, a baseline protection policy for all users, or we provide steps to enable legacy (per-user) MFA. | |
| Identity security for Teams guide | The Identity security for Teams guide helps you with some basic security steps you can take to ensure your users are safe and have the most productive time using Teams. | |
| Microsoft Entra setup guide | Microsoft Entra setup guide | The Microsoft Entra setup guide provides information to ensure your organization has a strong security foundation. In this guide you'll set up initial features, like Azure Role-based access control (Azure RBAC) for admins, Microsoft Entra Connect for your on-premises directory, and Microsoft Entra Connect Health, so you can monitor your hybrid identity's health during automated syncs. It also includes essential information on enabling self-service password resets, conditional access, and integrated third party sign-on including optional advanced identity protection and user provisioning automation. |
| Add or sync users to Microsoft Entra ID guide | Add or sync users to Microsoft Entra ID guide | The Add or sync users to Microsoft Entra ID guide will help streamline the process of getting your user accounts set up in Microsoft 365. Based on your environment and needs, you can choose to add users individually, migrate your on-premises directory with Microsoft Entra Cloud Sync or Microsoft Entra Connect, or troubleshoot existing sync problems when necessary. |
| Plan your passwordless deployment guide | Use the Plan your passwordless deployment guide to discover the best passwordless authentication methods to use and receive guidance on how to upgrade to an alternative sign-in approach that allows users to access their devices securely with one of the following passwordless authentication methods:
|
|
| Secure your cloud apps with Single Sign on (SSO) guide | This guide is designed to help you add cloud apps to Microsoft 365. In our guide, you can add an application to your tenant, add users to the app, assign roles, and more. If the app supports single sign-on (SSO), we’ll walk you through that configuration. | |
| Plan your self-service password reset (SSPR) deployment guide | Plan your self-service password reset (SSPR) deployment guide | Give users the ability to change or reset their password independently, if their account is locked, or they forget their password without the need to contact a helpdesk engineer. Use the Plan your self-service password reset (SSPR) deployment guide to receive relevant articles and instructions for configuring the appropriate Azure portal options to help you deploy SSPR in your environment. |
| Migrate from AD FS to Microsoft Entra ID | Migrate from AD FS to Microsoft Entra ID | In Migrate from AD FS to Microsoft Entra ID we offer custom guidance for migrating from Active Directory Federation Services (AD FS) to Microsoft Entra ID. You'll first answer a few questions about your AD FS infrastructure. Then implement either pass-through authentication (PTA) or password hash sync (PHS) to give users a streamlined experience while accessing your organization's apps. |
| Collaborate using B2B or multitenant organizations | Collaborate using B2B or multitenant organizations | The Collaborate using B2B or multitenant organizations guide enables organizations to more securely share applications and services with guest users from other organizations while maintaining control over their own data. External users can use their credentials to access the host organization's resources, while administrators can manage guest user permissions and access rights. This ensures that external collaboration aligns to the organization's security and compliance requirements. |
| Deploy Conditional Access (CA) Policy templates | This guide provides an easy way to customize and deploy Conditional Access policies that include the least intrusive, yet effective, security standards to protect your organization from attack scenarios. |
| Guide - Setup Portal | Guide - Admin Center | Description |
|---|---|---|
| Security analyzer | Security analyzer | The Security analyzer will analyze your security approach and introduce you to Microsoft integrated security and compliance solutions that can improve your security posture. You'll learn about advanced features, such as managing identities and helping to protect against modern attacks. You can then sign up for a trial subscription and be pointed to the corresponding setup guidance for each solution. |
| Set up your Microsoft Zero Trust security model | Set up your Microsoft Zero Trust security model | Use the Set up your Zero Trust security model guide to configure security that effectively adapts to the complexity of the modern environment, embraces the hybrid workplace, and helps protect people, devices, apps, and data wherever they're located. Key recommendations include: always authenticate, limit user access, minimize the blast radius, segment access, verify end-to-end encryption, and use analytics to get visibility, drive threat detection, and improve defenses. |
| Deploy and set up Microsoft Intune and Intune Suite | Deploy and set up Microsoft Intune and Intune Suite | Deploy and set up Microsoft Intune and Intune Suite to manage devices in your organization. For full control of corporate devices, use Intune's mobile device management (MDM) features. To manage your organization's data on shared and personal devices, use Intune's mobile application management (MAM) features. Deploy advanced security and management features, included in Microsoft Intune Suite. With the Deploy and set up Microsoft Intune and Intune Suite guide, set up device and app compliance policies, assign app protection policies, deploy Intune Suite features, and monitor the device and app protection status. |
| Microsoft Defender for Endpoint setup guide | Microsoft Defender for Endpoint setup guide | The Microsoft Defender for Endpoint setup guide provides instructions that will help your enterprise network prevent, detect, investigate, and respond to advanced threats. Make an informed assessment of your organization's vulnerability and decide which deployment package and configuration methods are best. NOTE: A Microsoft Volume License is required for Microsoft Defender for Endpoint. |
| Exchange Online Protection setup guide | Microsoft Exchange Online Protection (EOP) is a cloud-based email filtering service for protection against spam and malware, with features to safeguard your organization from messaging policy violations. Use the Exchange Online Protection setup guide to set up EOP by selecting which of the three deployment scenarios—on-premises mailboxes, hybrid (mix of on-premises and cloud) mailboxes, or all cloud mailboxes—fits your organization. The guide provides information and resources to set up and review your user's licensing, assign permissions in the Microsoft 365 admin center, and configure your organization's anti-malware and spam policies in the Security & Compliance Center. |
|
| Microsoft Defender for Office 365 setup guide | Microsoft Defender for Office 365 setup guide | The Microsoft Defender for Office 365 setup guide safeguards your organization against malicious threats that your environment might come across through email messages, links, and third party collaboration tools. This guide provides you with the resources and information to help you prepare and identify the Defender for Office 365 plan to fit your organization's needs. |
| Microsoft Defender for Identity setup guide | Microsoft Defender for Identity setup guide | The Microsoft Defender for Identity setup guide provides security solution set-up guidance to identify, detect, and investigate advanced threats that might compromise user identities. These include detecting suspicious user activities and malicious insider actions directed at your organization. You'll create a Defender for Identity instance, connect to your organization's Active Directory, and then set up sensors, alerts, notifications, and configure your unique portal preferences. |
| Microsoft Purview Communication Compliance and Insider Risk Management setup guide | Microsoft Purview Communication Compliance and Insider Risk Management setup guide | The Microsoft Purview Communication Compliance and Insider Risk Management setup guide helps you protect your organization against insider risks that can be challenging to identify and difficult to mitigate. Insider risks occur in a variety of areas and can cause major problems for organizations, ranging from the loss of intellectual property to workplace harassment, and more. The solutions in this guide will help you gain visibility into user activities, actions, and communications with native signals and enrichments from across your organization:
|
| Microsoft Purview Information Protection setup guide | Microsoft Purview Information Protection setup guide | Get an overview of the capabilities you can apply to your information protection strategy so you can be confident your sensitive information is protected. Use a four-stage lifecycle approach in which you discover, classify, protect, and monitor sensitive information. The Microsoft Purview Information Protection setup guide provides guidance for completing each of these stages. |
| Microsoft Purview Data Lifecycle Management setup guide | Microsoft Purview Data Lifecycle Management setup guide | The Microsoft Purview Data Lifecycle Management setup guide provides you with the information you'll need to set up and manage your organization's governance strategy, to ensure that your data is classified and managed according to the specific lifecycle guidelines you set. With this guide, you'll learn how to create, auto-apply, or publish retention labels, retention label policies, and retention policies that are applied to your organization's content and compliance records. You'll also get information on importing CSV files with a file plan for bulk scenarios or for applying them manually to individual documents. |
| Microsoft Defender for Cloud Apps setup guide | Microsoft Defender for Cloud Apps setup guide | The Microsoft Defender for Cloud Apps setup guide provides easy to follow deployment and management guidance to set up your Cloud Discovery solution. With Cloud Discovery, you'll integrate your supported security apps, and then you'll use traffic logs to dynamically discover and analyze the cloud apps that your organization uses. You'll also set up features available through the Defender for Cloud Apps solution, including threat detection policies to identify high-risk use, information protection policies to define access, and real-time session controls to monitor activity. With these features, your environment gets enhanced visibility, control over data movement, and analytics to identify and combat cyberthreats across all your Microsoft and third party cloud services. |
| Microsoft Purview Auditing solutions in Microsoft 365 guide | Microsoft 365 Auditing solutions in Microsoft 365 guide | The Microsoft Purview Auditing solutions in Microsoft 365 guide provides an integrated solution to help organizations effectively respond to security events, forensic investigations, and compliance obligations. When you use the auditing solutions in Microsoft 365, you can search the audit log for activities performed in different Microsoft 365 services. |
| Microsoft Purview eDiscovery solutions setup guide | Microsoft Purview eDiscovery solutions setup guide | eDiscovery is the process of identifying and delivering electronic information that can be used as evidence in legal cases. The Microsoft Purview eDiscovery solutions setup guide assists in the use of eDiscovery tools in Microsoft Purview that allow you to search for content in Exchange Online, OneDrive for Business, SharePoint Online, Microsoft Teams, Microsoft 365 Groups, and Viva Engage communities. |
| Secure by default with Purview | Secure by default with Purview | Microsoft Purview's "secure by default" deployment model enhances data protection through encryption and configured sensitivity labels. This approach simplifies compliance and strengthens security across your organization's data estate with label publishing defaults, auto-labeling, and contextual defaults in SharePoint to achieve high labeling volumes with minimal user interaction. |
| Guide - Setup Portal | Guide - Admin Center | Description |
|---|---|---|
| Deploy employee experience with Microsoft Viva | Deploy employee experience with Microsoft Viva | Viva is an integrated, employee experience platform (EXP) that brings together communications, knowledge, learning, resources, and insights into the flow of work and fosters a culture where people and teams thrive and are empowered to be their best from anywhere. You can use the steps and guidance in the guides linked here to deploy one or more Viva apps and achieve better employee engagement throughout your organization. |
| Enable Microsoft Viva Connections | Enable Microsoft Viva Connections | Encourage meaningful connections while fostering a culture of inclusion and aligning the entire organization around your vision, mission, and strategic priorities. |
| Enable Microsoft Viva Engage | Enable Microsoft Viva Engage | Bring people together across the organization to connect with leaders, coworkers, and communities; crowdsource answers and ideas; share their work and experience; and find belonging at work. |
| Enable Microsoft Viva Goals | Enable Microsoft Viva Goals | Align teams with your organization's strategic priorities, driving results and a thriving business. |
| Enable Microsoft Viva Insights | Enable Microsoft Viva Insights | Viva Insights helps improve productivity and wellbeing through data-driven, privacy-protected insights and recommendations. |
| Enable Microsoft Viva Learning | Enable Microsoft Viva Learning | Bring enterprise learning into the flow of work by connecting content from your organization, learning management systems, non-Microsoft providers, and Microsoft. |
| Enable Microsoft Viva Amplify | Enable Microsoft Viva Amplify | Centralize campaign management, publishing, and reporting to reach and engage employees. |
| Enable Microsoft Viva Glint | Enable Microsoft Viva Glint | Improve engagement and performance with recommended actions and data-driven insights across employee lifecycle and organization-wide surveys. |
| Enable Microsoft Viva Pulse | Enable Microsoft Viva Pulse | Empower managers to seek out and act on confidential feedback using smart templates, research-backed questions and analytics. |
| Microsoft 365 Apps setup guide | Microsoft 365 Apps setup guide | The Microsoft 365 Apps setup guide provides comprehensive guidance for setting up and deploying the latest versions of Office products like Word, Excel, PowerPoint, and OneNote on your users' devices. You'll be walked through the activation process for your Microsoft 365 product key, as well as various deployment methods including easy self-install options and enterprise deployments with management tools. Additionally, the guide offers instructions on assessing your environment, determining your specific deployment requirements, and implementing the necessary support tools to ensure a successful installation. |
| Mobile apps setup guide | The Mobile apps setup guide provides instructions for the download and installation of Office apps on your Windows, iOS, and Android mobile devices. This guide provides you with step-by-step information to download and install Microsoft 365 and Office 365 apps on your phone and tablet devices. | |
| Microsoft Teams setup guide | Microsoft Teams setup guide | The Microsoft Teams setup guide provides your organization with guidance to set up team workspaces that host real-time conversations through messaging, calls, and audio or video meetings for both team and private communication. Use the tools in this guide to configure Guest access, set who can create teams, and add team members from a .csv file, all without the need to open a PowerShell session. You'll also get best practices for determining your organization's network requirements and ensuring a successful Teams deployment. |
| Plan and implement your Microsoft Teams Phone deployment | Plan and implement your Microsoft Teams Phone deployment | This guide will help you transition from your existing voice solution to Microsoft Teams Phone. You'll be guided through discovery and planning phases, or you can go straight to deployment. You'll be able to configure a calling plan, Operator Connect, Teams Phone Mobile, Direct Routing, caller ID, and other features. |
| Plan and deploy Teams Premium features | Plan and deploy Teams Premium features | Microsoft Teams Premium helps make every meeting more intelligent, engaging, and protected. This guide will help you to plan for and deploy one or more Teams Premium features and take advantage of your Teams Premium licenses. |
| Configure and deploy Microsoft Places | Configure and deploy Microsoft Places | Maximize workspace efficiency and hybrid collaboration with Microsoft Places. This guide helps you set up workspaces, deploy Microsoft Places, and activate its features for users. |
| SharePoint setup guide | SharePoint setup guide | The SharePoint setup guide helps you set up your SharePoint document storage and content management, create sites, configure external sharing, migrate data and configure advanced settings, and drive user engagement and communication within your organization. You'll follow steps for configuring your content-sharing permission policies, choose your migration sync tools, and enable the security settings for your SharePoint environment. |
| Surface Hub and Microsoft Teams Rooms setup guide | Surface Hub and Microsoft Teams Rooms setup guide | The Surface Hub and Microsoft Teams Rooms setup guide will customize your experience based on your environment. If you're hosted in Exchange Online and using Microsoft Teams, the guide will automatically create your device account with the correct settings. |
| OneDrive setup guide | OneDrive setup guide | Use the OneDrive setup guide to get started with OneDrive file storage, sharing, collaboration, and syncing capabilities. OneDrive provides a central location where users can sync their Microsoft 365 Apps files, configure external sharing, migrate user data, and configure advanced security and device access settings. The OneDrive setup guide can be deployed using a OneDrive subscription or a standalone OneDrive plan. |
| Viva Engage deployment advisor | Viva Engage deployment advisor | Connect and engage across your organization with Viva Engage. The Viva Engage deployment advisor prepares your Viva Engage network by adding domains, defining admins, and combining Viva Engage networks. You'll get guidance to deploy Viva Engage and then customize the look, configure security and compliance, and refine the settings. |
| Guide - Setup Portal | Guide - Admin Center | Description |
|---|---|---|
| Deploy Office to your users guide | Deploy Office apps from the cloud with the ability to customize your installation by using the Office Deployment Tool. The Deploy Office to your users guide helps you create a customized Office configuration with advanced settings, or you can use a pre-built recommended configuration. Whether your users are conducting a self-install or you're deploying to your users individually or in bulk, this advanced guide provides you with step-by-step instructions to give users an Office installation tailored to your organization. | |
| Deploy Office to remote users guide | Now that working remotely is the norm, users need to receive your organization's Office settings when they're not connected to your internal network or when using their own devices. Use the Deploy Office to remote users guide to create a customized Office installation and then send users a generated PowerShell script that will seamlessly install Office with your configuration. |
|
| Deploy and update Microsoft 365 Apps with Configuration Manager advisor | For organizations using Configuration Manager, you can use the Deploy and update Microsoft 365 Apps with Configuration Manager advisor to generate a script that will automatically configure your Microsoft 365 Apps deployment using best practices recommended by FastTrack engineers. Use this guide to build your deployment groups, customize your Office apps and features, configure dynamic or lean installations, and then run the script to create the applications, automatic deployment rules, and device collections you need to target your deployment. | |
| Intune Configuration Manager co-management setup guide | Use the Intune Configuration Manager co-management setup guide to set up existing Configuration Manager client devices and new internet-based devices that your org wants to co-manage with both Microsoft Intune and Configuration Manager. Co-management allows you to manage Windows 10 devices and adds new functionality to your org's devices, while receiving the benefits of both solutions. | |
| SDS Rollover setup guide | The SDS Rollover setup guide provides the steps to help your organization sync student information data to Microsoft Entra ID and Office 365. This guide streamlines the term lifecycle management process by creating Office 365 Groups for Exchange Online and SharePoint Online, class teams for Microsoft Teams and OneNote, as well as Intune for Education, and rostering and single sign-on integration for third-party apps. You'll perform end-of-year closeout, tenant cleanup and archive, new school year preparation, and new school year launch. Then you can create new profiles using the sync deployment method that suits your organization. | |
| Windows 365 Enterprise checklist | Windows 365 Enterprise deployment checklist | The Windows 365 Enterprise deployment checklist provides customers with information for provisioning and hosting Cloud PCs. With the deployment checklist, you can determine if Microsoft Entra join, Azure virtual network, or Microsoft-hosted networks path fits your organization. You can review resources that will assist with the required configuration for deployment features, health checks, updates, and maintenance for image configuration. |
Training
Learning path
Use advance techniques in canvas apps to perform custom updates and optimization - Training
Use advance techniques in canvas apps to perform custom updates and optimization
Certification
Microsoft 365 Certified: Endpoint Administrator Associate - Certifications
Plan and execute an endpoint deployment strategy, using essential elements of modern management, co-management approaches, and Microsoft Intune integration.
Events
Microsoft 365 Community Conference
May 6, 2 PM - May 9, 12 AM
Skill up for the era of AI at the ultimate community-led Microsoft 365 event, May 6-8 in Las Vegas.
Learn more