How to configure CM Admin Portal

Owned by Former user (Deleted)
Last updated: Mar 03, 2024 by Support Admin
3 min read

Requested only for Channel Management

Process overview

Sphereshield Channel Management uses a service account that we refer to as “Compliance admin” or “Compliance officer”.

This account acts as a “liaison” between your Azure tenant and Sphereshield Channel Management software. This account must be set up correctly both in Azure and in the Sphereshield Channel Management admin portal as without this you won’t be able to utilize Channel Management.

While generally, we do not expect using Compliance Admin account to access the portal it is not prohibited. And sometimes is required as a troubleshooting step for some issues.

To set up the Compliance Admin account please follow both parts of the guide below.

Part 1

Create a compliance administrator user that has access to all teams

  1. Create a new user in Office 365. This user name is arbitrary, but consider that it will appear as the content creator when moving posts and files.

  2. Give the user a license that is valid for MS Teams.

  3. Assign an admin role to the new user account such as the Teams Administrator privilege:

 

This user will have access to all teams as an owner. It should not have access to any team before configuring SphereShield.

 

Part 2

Configuring the Integration:

Login to the Channel Management Portal with the link sent by AGAT.

To allow the service authentication to Graph API you need to do the following.

1- Go to Settings -> Cloud services integration and select the following services:

 

2- Complete the following settings:

Groups to be inspected and Internal domain list are not relevant for CM, they will disappear once you enabled CM on step E.

a- Native Application ID:  4bd3cb54-adb4-46e4-b454-16f87dac1182
b- Compliance Admin Authentication type: Using Credentials (if the compliance admin has no MFA enabled) or Using Access Token (if the compliance admin has MFA enabled).

c- Compliance Admin User: The UPN of the user you created above.

d- Compliance Admin Password: the password of the Compliance Admin user.

 

Setup compliance admin with conditional access

If you are using MFA for the Compliance Admin account, please follow these instructions:

Fill in the compliance admin user field with your compliance admin, then change the authentication type to “Using Access Token".

Click the “CONNECT” button. This will open a new Microsoft login window where you can use the Compliance Admin credentials and also the MFA.

Go back to the portal and save the changes.

 

E- Change the settingEnable Channel Management For MS Teamsto Yes and click "Save".

Then click on the " Test Azure API connection " to see if your connection is valid. 



3- To verify that the credentials are correct, you must first save the configuration by clicking the Save button and then the Check button:


4- Finally, you need to navigate to MS Teams Management and click on the “REFRESH TEAMS FROM API” button:

Please wait until you receive this message and then you should be able to see all of your Teams/Channels: