Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 37 Next »

Requested only for Channel Management

Part 1

Create a compliance administrator user that has access to all teams

  1. Create a new user in Office 365. This user name is arbitrary, but consider that it will appear as the content creator when moving posts and files.

  2. Give the user a license that is valid for MS Teams.

  3. This user must not have conditional access or Multi-Factor Authentication

  4. Assign an admin role to the new user account such as the Teams Administrator privilege:

5. This user will have access to all teams as an owner. It should not have access to any team before configuring SphereShield.

 

Part 2

Configuring Admin Portal Integration Azure AD 

This step can be done only after receiving access to your service portal from AGAT support by email. This is typically done up to 2 business days from receiving payment or a Purchase Order

Configuring the Integration:

Login to the Channel Management Portal with the link sent by AGAT.

To allow the service authentication to Graph API you need to add the credentials to the SphereShield Admin Portal under Settings -> Cloud service integration

Make sure that the Office Checkbox and Teams Checkbox is ticked. And the Inspect All Users filed set to yes.

Complete the following settings:

Internal domain list: List of your Internal domains within your tenant.

Native Application ID:  4bd3cb54-adb4-46e4-b454-16f87dac1182
Compliance Admin User: The UPN of the user you created above.

Compliance Admin Password: the password of the Compliance Admin user.

Make sure that the user has a license for teams and is not a member of any channel/team before configuring.

Enter your details in the relevant fields and enable Channel Management. Click "Save".

Then click on the " Test azure API connection " to see if your connection is valid 

  • The Compliance Administrator should not have MFA/Conditional Access enabled.

  • Currently Federated users from Local AD to Azure AD are not supported as Compliance Admins.

  • To avoid further problems set Compliance Administrator’s password to never expire.


To check that the credentials are correct, the configuration has to be saved first by clicking on the Save button and then clicking the check button:

3. Save settings.


Finally, you need to navigate to MS Teams Managment and click on “REFRESH TEAMS FROM API” button:

  • No labels