blog.atwork.at

news and infos about microsoft, technology, cloud and more

Join us at SharePoint Conference 2019!

If you are working with Microsoft SharePoint, 2019 will be a great year! First of all, because SharePoint Server 2019 has been announced, and because SharePoint Conference North America 2019 will take place in May in Fabulous Las Vegas (again). We from atwork will be part of the conference and we are looking forward to it. The event registration is already open and there are reduced price packages available. Additionally, find a $50 discount code here!

Office 365 Groups Governance Toolkit Part 4-Ownerless Groups

In this multi-part series we show you how to handle the Office 365 Groups and Microsoft Teams governance toolkit. The next article cover the governance part of our Groups Governance Toolkit.Imagine your company policy requires at least 2 owners per Office 365 Group or per Microsoft Team. In this part, we want to monitor all groups that are ownerless (orphaned), or do not comply with our organization's policies. The IT department shall get the information of all groups and teams where there are no owners or not enough owners and the possibility to fix that. Read below how this can be accomplished.

Office 365 Groups Governance Toolkit Part 3-Develop Azure Functions

After the introduction of the Office 365 Groups and Microsoft Teams Governance Toolkit and with the necessary requirements we are now looking into Azure Functions. In our group and team provisioning scenario, we need a little code for provisioning of an Office 365 group and a Microsoft team. Serverless computing with an Azure Function provides the optimal solution for that. Follow these steps to create the function we need for our workflow.

Office 365 Groups Governance Toolkit Part 2-Provisioning requirements

In part 1 of this series we described the scenario for our Office 365 groups governance toolkit. In this part we will setup a workflow for the Office 365 and Microsoft Teams provisioning. Workflows help to follow specific processes for a successful collaboration.
Offering self-services for users is a key to reduce workloads on the IT department and to allow users to cover their requirements quickly while the organization's policies are enforced during the process. A frequently asked request is how to provision a new Microsoft Team in Office 365 in a secure and monitored way. See how this can be implemented here.
To allow an app to create a Microsoft group or team programmatically in a workflow, we will use the Microsoft Graph API, Azure Functions and Flow or Logic Apps. With these technologies, we can create powerful workflows to offer a self-service for users to create a team when needed, approved by the manager and being provisioned with all the necessary properties and permissions.

Office 365 Groups Governance Toolkit Part 1-Overview

IT-Governance is an important topic, especially in large organizations. At Microsoft Ignite conference, we showed the "Groups Governance Toolkit" with a bunch of useful tools to regulate and monitor Office 365 groups and Microsoft Teams. Here, we will show the step-by-step guidance how to implement that toolkit with Microsoft 365 and Microsoft Azure. Let's start with an overview what topics we cover in this article series.

Download Microsoft BUILD 2018 conference sessions

Microsoft BUILD conference 2018 took place two weeks ago in Seattle with over 350 sessions covering Azure, Visual Studios, Microsoft 365, and more. Although you can watch the sessions online at mybuild.microsoft.com/sessions, sometimes it’s helpful to have them downloaded. You can do so with the following PowerShell script.

Provisioning an Office 365 group with an approval flow and Azure functions-part 3

This article describes the workflow for the group provisioning process by using the Azure function from part two in combination with PowerApps, SharePoint Online and Flow to enable a good user experience. Technically, we already have the toolset with the ProvisionGroup function. Now let’s create the rest.

Provisioning an Office 365 group with an approval flow and Azure functions-part 1

Office 365 groups span over various Office 365 services and provide a great way for collaborating. By default, every user can create an Office 365 group. While self-service is a good thing and many businesses adopted into that direction, some companies still prefer the controlled approach. In real world environments, organizations usually want to restrict the group provisioning so that IT can control the wild growth of groups. This article series shows how to create an Office 365 group with an attached approval process with SharePoint Online, Flow and Azure functions. See how this works here!

Delegate365 and the Exchange issue update

In the last days, some customers of Delegate365 experienced a warning in the Delegate365 portal that informed about the failing communication to Exchange Online. This issue was caused by the Microsoft Exchange Online PowerShell endpoint. We are glad to announce that this issue should be fixed soon.

Use Azure AD app principal without user context

For an application registered in AAD to be able to run in application context only without a user context the "Company Administrator" role has to be assigned to the application in order to be able to access administrator endpoints for APIs like the Microsoft Graph. No additional permissions have to be assigned to the application after assigning this role.The assignment has to be done using PowerShell and looks like this: (the app registration has to be done beforehand)Install-Module AzureADConnect-AzureAD$app = Get-AzureADServicePrincipal -SearchString "your app name"$role = Get-AzureADDirectoryRole | Where-Object { $_.DisplayName -eq "Company Administrator" }Add-AzureADDirectoryRoleMember -ObjectId $role.ObjectId -RefObjectId $app.ObjectIdNote that you have to replace the string "your app name" with the name provided to your app registration. The script intalls (if not already installed) the AzureAD PowerShell module and uses the contained commandlets to get the service principal of the app registration by name, gets the Azure AD Directory Role "Company Administrator" and adds this role to the service principal of the app. After the role has been added, the app might, e.g., make queries to the user endpoint of the Microsoft Graph API to get properties from any users in the AAD.