Requested only for Channel Management
| Table of Contents | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Process overview
Sphereshield Channel Management uses a service account that we refer to as “Compliance admin” or “Compliance officer”.
...
To set up the Compliance Admin account please follow both parts of the guide below.
Part 1
Create a compliance administrator user that has access to all teams
Create a new user in Office 365. This user name is arbitrary, but consider that it will appear as the content creator when moving posts and files.
Give the user a license that is valid for MS Teams.
This user must not have conditional access or Multi-Factor Authentication
Assign an admin role to the new user account such as the Teams Administrator privilege:
...
| Info |
|---|
This user will have access to all teams as an owner. It should not have access to any team before configuring SphereShield. |
Part
...
Configuring Admin Portal Integration Azure AD
...
2
...
Configuring the Integration:
...
1- Go to Settings -> Cloud service services integration and select the following services:
...
2- Complete the following settings:
| Info |
|---|
Groups to be inspected and Internal domain list are not relevant for CM, they will disappear once you enabled CM on step E. |
a- Native Application ID: 4bd3cb54-adb4-46e4-b454-16f87dac1182
b- Compliance Admin Authentication type: Using Credentials (if the compliance admin has no MFA enabled) or Using Access Token (if the compliance admin has MFA enabled).
c- Compliance Admin User: The UPN of the user you created above.
d- Compliance Admin Password: the password of the Compliance Admin user.
...
3- Make sure that the user has a license for teams and is not a member of any channel/team before configuring.
...
Then click on the " Test Azure API connection " to see if your connection is valid
...
5- To check that the credentials are correct, the configuration has to be saved first by clicking on the Save button and then clicking the Check button:
...
...
Setup compliance admin with conditional access
If you are using MFA for the compliance admin Compliance Admin account, please follow these instructions:
Fill out in the compliance admin user filed field with your compliance admin, then change the authentication type to “Using Access Token”Token".
Click on the “CONNECT” button and that . This will open a new Microsoft login window where you can use the compliance admin Compliance Admin credentials and also the MFA.
Go back to the portal and save the changes.
...
7
E- Change the setting “Enable Channel Management For MS Teams” to Yesandclick "Save".
Then click on the " Test Azure API connection " to see if your connection is valid.
...
3- To verify that the credentials are correct, you must first save the configuration by clicking the Save button and then the Check button:
...
4- Finally, you need to navigate to MS Teams Management and click on the “REFRESH TEAMS FROM API” button:
...