.. _pshell-proxy-v4uc-conn-params: VOSS Automate Microsoft Connection Parameters ---------------------------------------------- .. _21.2|VOSS-873: In this section we will provision the connections from VOSS Automate to the PowerShell Proxy, and from the PowerShell Proxy and your tenant. We will also provision the Graph API connection between VOSS Automate and the tenant. 1. Sign into VOSS Automate as a Provider Administrator (the only role that, by default, has the ability to create Tenant connections). 2. Go to (default menus) **Apps Management > Microsoft Tenant**. 3. Click the **Add** icon and select the hierarchy level where you wish to add the tenant. This will typically be at the customer level. 4. Enter a name and a description for this tenant. **Next steps**: Provision the PowerShell Proxy connection parameters. .. image:: /src/images/MSFT_9826a5e55cbbb72f.png .. _pshell-proxy-provision-conn-params: Provision the PowerShell Proxy Connection Parameters ..................................................... 1. On the **Microsoft Tenant** page, locate the **Microsoft Teams Powershell** fields. 2. In the **Host** field enter the FQDN or IP address of a single-node PowerShell Proxy, or the FQDN corresponding to your load balancer's virtual IP address. .. note:: Refer to the notes regarding the local hosts file and the TrustedHosts WinRM configuration in the :ref:`pshell-proxy-conf` section above. 3. In the **Username** and **Password** fields enter the credentials for the local service account you created on the PowerShell Proxy. **Next steps**: Provision the outbound internet proxy configuration. .. image:: /src/images/MSFT_4bb781f700428752.png .. _pshell-proxy-outbound-proxy-conf: Provision the Outbound Internet Proxy Configuration --------------------------------------------------- 1. On the **Microsoft Tenant** page, locate the **Microsoft Teams HTTP Proxy** fields. If there is no outbound Internet proxy deployed between the PowerShell Proxy and the public Internet, leave both checkboxes unchecked, and the **Username** and **Password** fields blank. Continue with the next step. 2. If there is an outbound Internet Proxy deployed between the PowerShell Proxy and the public Internet, select the **Use HTTP Proxy** checkbox. 3. If the outbound Internet proxy requires authentication, select the **Use HTTP Proxy Authentication** checkbox, and enter the proxy authentication credentials in the **Username** and **Password** fields. .. note:: You will have already provisioned the outbound Internet proxy's IP address (or FQDN) and port number when you set up the PowerShell Proxy. Refer to the :ref:`pshell-proxy-conf` section above. Also please note the caveat regarding proxy authentication in the :ref:`pshell-proxy-setup-deploy-topol` section above. .. image:: /src/images/MSFT_45c85ed09e92f23b.png .. rubric:: Next steps * :ref:`pshell-ms-teams-tenant-service-account` .. _pshell-ms-teams-tenant-service-account: Provision the Microsoft Teams Tenant Service Account Credentials ................................................................. 1. On the **Microsoft Tenant** page, locate the **Microsoft Teams** fields. 2. In the **Admin Username** and **Admin Password** fields, enter the credentials for the Microsoft Teams tenant service account. You created this account earlier. See :ref:`create-svc-acct-ms-teams-pshell`. .. rubric:: Next Steps * :ref:`pshell-proxy-azure-AD-reg-params` .. _pshell-proxy-azure-AD-reg-params: Provision the Azure Active Directory Application Registration Parameters ......................................................................... In the :ref:`azure-AD-tenant-setup` section above you registered your VOSS Automate application. You should have captured the "Secret" value at that time. If you did not capture your Client ID and Tenant ID, you can do so at any time from the Azure AD portal. In this section, you will need to: * Obtain Client ID and Tenant ID from the Azure AD Portal * Add Microsoft 365 Details to the Microsoft Tenant Obtain Client ID and Tenant ID from the Azure AD Portal '''''''''''''''''''''''''''''''''''''''''''''''''''''''' 1. Sign into the `Azure portal `_ using your Global Administrator credentials. 2. Go to **Azure Active Directory**. 3. Under **Manage** select **App registrations**. 4. Select your VOSS Automate application. .. image:: /src/images/MSFT_56ea55920a3fb822.png 5. Under **Essentials** you will find the **Client ID** and **Tenant ID** values that you enter into the VOSS Automate tenant setup page. .. image:: /src/images/MSFT_bba07a0e548633b0.png **Next steps**: Add Microsoft 365 details to the Microsoft tenant. Add Microsoft 365 Details to the Microsoft Tenant '''''''''''''''''''''''''''''''''''''''''''''''''' Now fill out the Microsoft 365 details on the Microsoft Tenant page: 1. On the **Microsoft Tenant** page in VOSS Automate, locate the **Microsoft 365** field. 2. Enter the **Client ID**, **Tenant ID**, and **Secret** in their respective fields. .. image:: /src/images/MSFT_98f16dd5a528eb57.png 3. Click **Save**. .. rubric:: Next Steps * If you're using VOSS Automate to manage Microsoft Exchange online, provision the Exchange Online application certificate thumbprint. Provision the Exchange Online Application Certificate Thumbprint .................................................................. At this step you'll add the certificate authentication thumbprint generated on the **Azure** portal for Microsoft Exchange. You would have installed this certificate on the PowerShell proxy server and configured it in the application registration. .. note:: The certificate thumbprint is the encrypted password required for an authenticated connection to the Microsoft Cloud Exchange portal. Connecting to Microsoft Exchange is required to sync in the Microsoft Exchange objects (mailboxes, shared mailboxes, rooms, and distribution lists). To add the certificate thumbprint for Exchange to the Microsoft tenant: 1. Log in to VOSS Automate. 2. Go to **Apps Management > Microsoft Tenant**. 3. Locate the **Microsoft Exchange** fields. 4. Are you using VOSS Automate to manage Exchange Online? * No. Clear the **Enable Microsoft Exchange** checkbox. Go to step 5. * Yes. * Select **Enable Microsoft Exchange**. * In the **Certificate Thumbprint** field, paste the certificate thumbprint you obtained earlier. .. note:: You obtained the certificate thumbprint when logged into the PowerShell proxy to register the VOSS Automate application with Azure Active Directory. See :ref:`azure-AD-tenant-setup`. The certificate thumbprint was created on the proxy and uploaded to the Azure portal. When generating PowerShell scripts to manage Microsoft Exchange Online, VOSS Automate includes this thumbprint so that the PowerShell proxy can use the corresponding certificate to authenticate with Microsoft Exchange Online. 5. Click **Save**. .. image:: /src/images/ms-tenant-exchange.png .. rubric:: Next Steps * Test your Microsoft tenant connections. See :ref:`test-tenant-connection` * Perform a sync from the Microsoft tenant to import Microsoft users, tenant dial plan, licenses, and policies to the customer level. For Microsoft Exchange, ensure that instances for all 4 device models (User mailboxes, Shared Mailboxes, Room Mailboxes, and Distribution Mailboxes) are synced in at the level were the tenant exists. * Configure the customer-wide site defaults doc (SDD), ``CUSTOMER_TEMPLATE``. See :ref:`site-defaults-doc-templates`. * Add network device lists (NDLs) with Microsoft 365 and Microsoft Teams tenant details. NDLs are required when adding sites. See :ref:`configure_network_device_list`. * Create sites. * Run the overbuild. See: :ref:`overbuild-msft`. * Go to :ref:`VOSS-Automate-configuration-and-sync-for-microsoft` .. _test-tenant-connection: Test Tenant Connection ........................ Verify that VOSS Automate can connect to the Microsoft Teams tenant using PowerShell, and to Azure Active Directory using the Microsoft Graph API. 1. In the VOSS Automate Admin Portal, go to (default menus) **Apps Management > Microsoft Tenant**. 2. In the tenant list view, select the tenant. 3. Click **Test Connection**. .. rubric:: Related Topics * .. raw:: latex Microsoft Overview in the Core Feature Guide .. raw:: html Microsoft Overview