You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 26 Next »

Prerequisites

For VSM to receive data from Microsoft Teams you will need a VSM Virtual Collector administered. Details on adding a VSM Virtual Collector can be found here.

Azure Active Directory Configuration

VSM uses Graph API to collect data from Microsoft Teams, the following information is required to add Microsoft Teams to VSM:

  • Tenant ID
  • Application ID
  • Shared Secret

In order to obtain the required fields the following steps need to be executed on the Tenant Azure AD 

  • New APP Registration
  • Assign the appropriate API Permission to the new APP
  • Generate Shared secret Key


All steps from this point forward require the AAD (Azure Active Directory) user permissions

New App Registration

Browse to Azure Portal AD https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade

Navigate to and click on 'App Registrations'


Click (plus) New registration


Enter Application Registration Details using the following table.

Application Registration Table

FieldValue
NameEnter the name you want to give to your application
Supported Account TypeChoose Accounts in this organizational directory only (Virsae Group Limited only - Single tenant)
Redirect URILeave Blank


After creating the Application take note of Application (Client) ID and Directory (tenant) ID

Assign API Permission to the New APP


Navigate to and click on 'API Permissions'


Click (plus) Add a permission


Click on Microsoft Graph


Choose Application Permissions


Choose the following Permissions

Call Records >CallRecords.Read.All permission 

Directory > Directory.Read.All Permission

Reports > Reports.Read.All

ServiceHealth > ServiceHealth.Read.All

TeamMember > TeamMember.Read.All

TeamworkDevice > TeamWorkDevice.Read.All



The following page will appear


Click on the 'Grant admin consent' tab to grant permission for newly created Application


Once Granted the following will be displayed

Authentication

There are two supported authentication methods for MS Teams data collection:

  • Shared Secret
  • Certificate

You can use whichever authentication you prefer, and you can change between the type of authentication method if required.

Generate Shared Secret

Navigate to and click on 'Certificates & secrets'


Click (plus) New client secret


Enter Client Secret Information using the following table.

Client Secret Table

FieldValue
DescriptionEnter description for the client secret
Expires The maximum length is 24 months , make sure to renew the client secret when it expires otherwise VSM won't be able to retrieve MS Teams Calls information 



Take note of Secret Value and Secret ID as it will disappear when you navigate away from the page , The value in the field Value is the value that is going to be added to VSM in Shared Secret Field 

Certificate Authentication

For customers who want to use certificate authentication first they must create a certificate or obtain one from a trusted public authority, they need to make sure to have the private key exportable. 

Steps of how to create self signed certificate available here once you have the certificate to use follow these steps:

Navigate to and click on 'Certificates & secrets'


Select Upload Certificate


Browse the   (Public Key Certificate ) file we created earlier ( (.cer or .crt certificate)and click Add


Once Uploaded, it will appear  under the App

Update Azure Active Directory Settings

 For Azure AAD To Display identifiable user data data (like UPNs) Navigate to

Admin Center >> Settings >> Org Setting >> Reports >> Uncheck  'Display concealed user, group, and site names in all reports'

Web Portal Configuration

Add Microsoft Teams

Log in to the VSM web portal using your VSM credentials and password.

For your customer, select Service Desk > Equipment Locations  Right-click on the Equipment Location (Virtual Collector) and select Manage Cloud Services


At the bottom of Manage Cloud Services click 'Add Services' 

The 'Add Service' form will open, Select the Vendor 'Microsoft' and Service 'Teams Cloud Service'

Populate the 'Friendly Name' field with the name you wish VSM to use for this Teams Service.

Populate the Tenant ID, Application ID with the values obtained earlier in this process.

Shared Secret Authentication

Shared Secret field shall be populated with details collected earlier in this process. once populated click 'Add'


Certificate Authentication

Select the 'Upload a Certificate' radio button, then click the 'Upload' button

Then drag and drop the certificate file or click 'Select the certificate file' to browse and upload the required certificate.

Then click the 'Upload' button

If your certificate requires a password please enter it in the 'Certificate Password' field.

Once the Certificate has uploaded click 'Add'


Web Portal - Add Microsoft Teams Field Description

FieldValue
VendorMicrosoft
ServiceTeams Cloud Service
Friendly NameFriendly Name for MS Teams
Tenant Id

Directory (Tenant)ID displayed under the created Application 

Application Id

Application (client) ID displayed under the created Application 

Shared SecretThe value under Client Secret
CertificateClick 'Upload' to upload the private key certificate

Administration of Microsoft Teams in VSM is now complete. You can now optionally configure Line URI data.

Line URI data collection (Optional)

VSM has a facility to collect and provide a daily document which contains all users and their associated information including Line URI details.

This document will contain the following fields for each Teams user: InterpretedUserType, DisplayName, Alias, UserPrincipalName, LineURI, Title, Office, City, StateOrProvince. These daily documents are located within 'Files and Folders > Teams Cloud Service'.

To setup data collection select the 'Line URI' tab when creating or editing the Teams Service in 'Manage Cloud Services'

A service account will need to be created in Azure AD which has the role of 'Teams Administrator', an existing account with this role can also be used:

Create service account

In Azure AD click 'New User> Create new user'


Populate the new user form, enter a password.

Click the 'Assignments' tab, then click 'Add role'.

Search the directory doles for 'Teams Administrator' and check the box for this.

Then click on 'Review +create'  at the bottom left of the screen.

Azure AD setting are now complete.

VSM Configuration

Open VSM and navigate to 'Service Desk> Equipment Locations> (right click the Virtual location) >Manage Cloud Services'

Right click the Teams service you wish to add Line URI configuration for, then select 'Edit'. Select the 'Line URI' tab and populate the following fields:

FieldValue
AccountUsername of the service account
CredentialPassword of the service account
Account SKU Id (optional)If this field is blank user data for all O365 SKU's will be collected. If you wish to limit data collection to users of a specific O365 SKU enter it here.


Once complete click 'Save'





  • No labels