Tools

In part one, we saw how the Microsoft Graph API enables programmatic access to Office 365 groups. Now it’s time to let Azure Functions help us with the desired workflow. For the following steps, an Azure subscription and a Global Admin in the target Office 365 tenant is required. The plan We want our provision group function to be able to create a new Office 365 group without any user interaction. So, we need an app with the permission to accomplish the operations in our Office 365 tenant, in the same way as did for the administrator account in part 1. The key is, to create such an application first and to use that access data in our code. The workflow will execute our function, pass the parameters, and the function will do the work. So, these are the necessary steps. ...

Office 365 groups span over various Office 365 services and provide a great way for collaborating. By default, every user can create an Office 365 group. While self-service is a good thing and many businesses adopted into that direction, some companies still prefer the controlled approach. In real world environments, organizations usually want to restrict the group provisioning so that IT can control the wild growth of groups. This article series shows how to create an Office 365 group with an attached approval process with SharePoint Online, Flow and Azure functions. See how this works here! ...

During summer time the next Delegate365 version was born that brings more mailbox and distribution group features, more sync rule options and some minor changes in logging and some fixes. See the details here. Delegate365 version 6.6 brings some improvements on the basis of version 6.5. New sync rules: The menu administration / sync / “sync options” has been renamed to “sync rules” in Version 6.5. Now, the “user license assignments” have been extended with additional options as in the screenshot below. A sync rule can now be switched on or off with the “Active” switch to simplify testing (“On” is the default setting for existing rules). The new “order” allows to reorder the rules. “Action” now allows not only to add Office 365 licenses, but also to remove the selected licenses, which was a often requested feature. “Apply to” allows to execute the rule against “all users”, “sign-in allowed” or “sign-in blocked” users. The new options deliver a much more granular control of license settings. The active sync rules are considered at each sync operation in Delegate365. Don’t forget to save any changes at the page bottom “Save” button! Remember, the more rules are enabled, the longer the sync operation will run, in large Office 365 tenants this might take hours, since every object must be checked and the operations will be executed. ...

In the last days, some customers of Delegate365 experienced a warning in the Delegate365 portal that informed about the failing communication to Exchange Online. This issue was caused by the Microsoft Exchange Online PowerShell endpoint. We are glad to announce that this issue should be fixed soon. Delegate365 informed users about the reduced functionality with a message “Access denied – please check the credentials of your Office 365 account…” when opening the yellow warning icon in the portal. ...

For an application registered in AAD to be able to run in application context only without a user context the “Company Administrator” role has to be assigned to the application in order to be able to access administrator endpoints for APIs like the Microsoft Graph. No additional permissions have to be assigned to the application after assigning this role. The assignment has to be done using PowerShell and looks like this: (the app registration has to be done beforehand) ...

A very simple use case let us give up our Distribution lists. This article discusses why and how we did it and delivers tips how to improve your experience with Office 365 groups. How can you replace “old” distribution groups from a synced environment with “new” Office 365 groups? And how to add, delete or modify email addresses to an Office 365 group? This article shows the steps. After we replaced all distribution lists with Office 365 groups, we got some questions, like ...

Delegate365 provides various automation tasks. One of these is the new License Assignment rule to automatically assign Office 365 licenses to users based on their user properties or on their group membership. See how this works in real world with a demo scenario here. The License Assignment is available since version 6.4. For details, pls. see the description here. This new feature allows to assign Office 365 licenses in a very custom way to users and runs at each Delegate365 synchronization operation, So, whenever a SyncOp runs, Delegate365 checks the sync rules and assigns licenses as specified. So let’s see how this works step-by-step as follows. ...

Delegate365 version 6.5 is here soon. With that update, there comes new functionality and some further improvements. Read the details here. Notification center: Now, the notification center shows just the last 100 messages (instead of all unread messages) to reduce the loading time for all unread messages that can be produced in a large number by the synchronization process. Anyway, you can access all messages as before by clicking the “Read all messages” link. “Clear all messages” sets all messages to “read”, so that they no longer show up in the notification center. This step improves the dashboard’s loading time. ...

Delegate365 runs as an app in Microsoft Azure on top of Office 365. You can connect to any Office 365 tenant with your Delegate365 portal. You just need a configuration password and a Global Admin user of your Office 365 tenant. The Setup must be executed once, as initial setup or during operation to renew the permissions of the Delegate365 app. See how the new and simplified setup process works here. ...

Delegate365 protocols all modifications of users, licenses and groups within the solution. This is essential to comprehend actions accomplished by Delegate365 administrators or by automated tasks. See how to work with that audited data here. So, all actions are logged to the Delegate365 Audit Log. In the current versions, the audit logs are saved to an Azure Storage Account. There are three ways of working with the audit data: See audit data within Delegate365 Access the data directly with Microsoft Storage Explorer Connect to the data with tools as Microsoft Excel or Power BI All methods are available for Portal Admins in the *administration / audit *menu and are described here. ...