VOSS Automate Configuration and Sync

Overview

When using VOSS Automate with Microsoft (as a single or multiple vendor deployment scenario), you’ll need to pre-configure several settings in VOSS Automate before importing Microsoft users, licenses, policies, and dialplans.

Note

  • VOSS Automate v21.2 introduced sync with flow through provisioning for Microsoft users. In 21.3, this feature extends the functionality to users synced in from LDAP and CUCM (Call Manager).

  • Only Add is supported for syncs with flow through provisioning. Update and delete are not supported since the requirements may differ depending on the customer scenario.

  • For details on the generic flow through provisioning feature (which includes Microsoft, LDAP, or CUCM users), see Flow Through Provisioning

Configuration Flowchart

The flowchart sets out the initial configuration of VOSS Automate for Microsoft services.

Prerequisites:

@startuml
'VOSS Automate Configuration and Sync Flowchart
!include style.iuml
start
 note right: Prerequisite is Microsoft configuration
:[[../src/user/concepts-hierarchy.html Hierarchy setup]];
note right
 * Create customers for tenant setup
 * [[../src/user/concepts-site-defaults-doc-templates.html CUSTOMER_TEMPLATE SDD]] created
end note
:[[../src/user/concepts-global-settings.html Global Settings]];
note right
 * Enable Microsoft
 * Enforce HCS Dialplan Rules:No
end note
:[[../src/user/concepts-role-based-access.html Role Based Access Control]];
note right
 * [[../src/user/create-user.html Add MS admin users]]
 * [[../src/user/role-management.html Add MS roles]], [[../src/user/tasks-menu-layout.html menu layout]]
end note
:[[../src/user/concepts-SMTP-server.html SMTP server]];
note right: Allows emails to user in QAS
:[[../src/user/microsoft/voss-msft-conn-params.html Tenant setup]];
note right
 * requires [[../src/user/microsoft-device-mgt.html#microsoft-authentication-authorization-and-security-consideration Microsoft Authentication, Authorization]]
 * Enter PowerShell proxy details
 * Enter MS Teams admin credentials
 * Enter MS 365 IDs, keys
 * Enter MS Exchange thumbprint
end note
-> Tenant data syncs on save;
:[[../src/user/concepts-network-device-list.html Network Device Lists (NDL)]];
note right: Add NDL with Tenant details
if (Using Flow-through?) then (NO)
:Sync;
 note left
 Creates default
 * Syncs
 * Schedules
end note
-> Customer level;
fork
:[[../src/user/microsoft/ms-tenant-dialplan.html Tenant Dialplan]];
stop
fork again
:[[../src/user/ms-teams-policies.html Policies]];
stop
fork again
:[[../src/user/concepts-ms-licenses.html Licenses]];
stop
fork again
:MS Users;
end fork
else (YES)
:[[../src/user/concepts-sync-with-flow-through-for-microsoft.html Go to Sync with Flow Through]];
stop
endif
:[[../src/user/concepts-user-move-for-microsoft.html Go to Microsoft User Move Configuration]];
@enduml

Workflow for the VOSS Automate and Microsoft Configuration and Sync

The high-level workflow for the steps in the flowchart are as follows:

  1. Log in to VOSS Automate as a provider admin.

  2. Add customers.

  3. Go to Customizations > Global Settings to enable Microsoft:

    • On the Enabled Services tab, enable Microsoft services.

    • If you have a Microsoft-only environment, on the Number Inventory tab, set the following to No (False): Enforce HCS Dialplan Rules

      Note

      HSC dialplan is relevant only when using Cisco (in a single vendor or multi vendor installation).

  4. Configure role-based access controls to apply to users on import:

    Note

    VOSS Automate allows an admin user to set up pre-defined role-based configuration, which will be applied to users on import. This allows users to be auto-provisioned on import, with the correct services, lines, policies, and licenses.

    When preparing for import, you’ll need to create the admin users, service profiles, user roles, and role-based menu layouts (to hide or display functionality for different categories of users). For example, you can assign a Microsoft-only user role (MicrosoftOnlyRole) in a Microsoft-only scenario.

  5. Configure a tenant, one for each customer. See Configure Microsoft Tenant Connection Parameters

    Note

    The tenant configuration defines how VOSS Automate connects to the Microsoft Cloud to allow syncing of data between VOSS Automate and Microsoft Azure, Microsoft 365, Microsoft Teams, and Microsoft Exchange. Saving the tenant creates the default syncs and schedules.

  6. Configure the network device lists (NDLs), which are required creating the sites. See Add a Network Device List (NDL)

  7. Go to the tenant configuration screen, and click Action > Sync All to run a full pull sync.

    The tenant dialplan, policies, licenses, and Microsoft users are synced to the customer level.

    Note

    • If you’re using flow through provisioning for Microsoft users, additional steps are required before running the initial sync. See Sync with Flow Through for Microsoft

    • From release 21.3-PB1, an Action > Sync New Users option is available to only import the users to be added from the following models:

      • device/msgraph/MsolUser

      • device/msteamsonline/CsOnlineUser

      • device/msteamsonline/ApplicationInstance

      In order for this sync method to be enabled initially after upgrade to 21.3-PB1, save the tenant instance on this screen first so that the necessary data sync instances are created. These data syncs can be identified by the name format: SyncMSTeamsOnlineUsers__<tenant>, with Update and Remove operations are disabled by default.

Related Topics