Reference13r3:Concept App Service Connector for Microsoft 365: Difference between revisions
| No edit summary | |||
| Line 135: | Line 135: | ||
| =Troubleshooting= | =Troubleshooting= | ||
| ==GUI Feedback== | |||
| The app itself shows required states with green and red as connections to the Master PBX, Authentication and Presence Subscription to identify if there are problems. Sometimes it needs a little bit time until the states are changed. If the states remain, it is mandatory to enable logs on the app platform and check for more information. | The app itself shows required states with green and red as connections to the Master PBX, Authentication and Presence Subscription to identify if there are problems. Sometimes it needs a little bit time until the states are changed. If the states remain, it is mandatory to enable logs on the app platform and check for more information. | ||
| ==Teams License for communication user== | |||
| If presence subscription does not work, please check if the configured user has a Microsoft Teams license. | If presence subscription does not work, please check if the configured user has a Microsoft Teams license. | ||
| ==SSL Certificate for notification URL== | |||
| It also is useful to make sure the notification URL has a valid and public signed certificate.<br> | |||
| You can do that, using an SSL-Checker, for example: https://www.sslshopper.com/ssl-checker.html <br> | |||
| Without a valid, public signed certificate, Microsoft will decline the connection since it will not be possible to establish a trust relationship for the SSL/TLS secure channel. | |||
| ==Creating an app trace== | |||
| For further analysis and creating a support ticket it will be useful to have a suitable app trace. <br> | |||
| Before creating the trace please make sure the following trace flags are activated for the app instance: | |||
| * App | |||
| * Database | |||
| * HTTP client | |||
| * TLS | |||
| * TCP | |||
| * App WebSocket | |||
| * Config | |||
| * Webserver | |||
| After setting the config flags, please make sure to | |||
| * stop the instance | |||
| * deleting the current instance log | |||
| * start the instance | |||
| '''Now please wait 12 Minutes before you save the log''', otherwise we could not have the whole picture in the trace. | |||
| = Related Articles = | = Related Articles = | ||
Revision as of 17:08, 27 January 2023
Applies To
- innovaphone PBX from version 13r3
Overview
Connector for Microsoft 365 synchronises Microsoft Teams presences with the innovaphone PBX and back.
Requirements
- innovaphone PBX
- innovaphone Application Platform
- App(Connector for Microsoft 365)
- PBX-App(innovaphone-microsoft365) license per user - order no. 02-00050-009
Concept
Configuration
Please have a look into our Howto guide for basic configuration aid.
Technical Overview
If the Connector for Microsoft 365 app is fully configured, the app connects to Microsoft to obtain a token. With the token, the app gets the teams users (with a Teams license) through the Microsoft Graph Api. A presence subscription to Microsoft is started with the licensed users of the PBX to get presence changes in Microsoft Teams for these users. A user subscription is also started to get changes of the users (adding, deleting or update). If a user has changed, the Teams users are retrieved again. If the presence has changed, it is forwarded to the PBX. The presences of Teams are mapped to the presences of the PBX.
- User subscriptions are renewed every 60 minutes.
- Presence subscriptions are renewed every 10 minutes.
- License Check is made before every presence subscription.
The app synchronises the PBX presence with Teams through the Graph Api. The on-the-phone presence will be renewed every 5 minutes. The other presences have a lifetime of 1 day but the away has a lifetime of 7 days. The lifetimes are described here
Please be aware: The actual change of presence or line state will be live, the above-mentioned subscriptions are needed to register against the Microsoft API for changes. After successful subscription Microsoft will trigger the Connector for Microsoft 365 App every time a presence or line state for a user has changed. The subscription will then be renewed in the above-mentioned time interval to receive further live updates.
User Matching
To match users we compare the Microsoft Name (technical "displayName") property with our PBX Long Name (cn) or The ID from the "Users Admin" App.
Mapping Table
| Teams Presence | PBX Presence | 
|---|---|
| Away | away | 
| BeRightBack | away | 
| Busy | busy | 
| DoNotDisturb | dnd | 
| InACall | on-the-phone | 
| InAMeeting | meeting | 
| Inactive | online | 
| PresenceUnknown | online | 
| Available | online | 
| Offline | online | 
| Offwork | online | 
| OutOfOffice | away | 
| UrgentInterruptionsOnly | dnd | 
| Presenting | on-the-phone | 
| InAConferenceCall | on-the-phone | 
The value "online" unsets the Teams presence in the PBX.
Master/Slave
For Master/Slave combination the "Connector for Microsoft 365" App has to be added to the slave (if no full replication is on). The slave websocket connection is needed to display "on-the-phone" presence.
Related Articles
Known Limitation
Currently, only 650 users can be subscribed for the presence subscription.
For use cases with larger Environments:
If there are more than 650 active user with an active Microsoft Teams license in the environment, you can still use the Innovaphone license for the Connector For Microsoft 365 to select which users should be synchronized.
For now, you need to make sure not to assign more than 650 users with such an License in the PBX.
(Only users with an assigned license for the Connector For Microsoft 365 App will be subscribed.)
Communication User (UserSynctoPbx)
Users with MFA (multi-factor-authentication) are not supported as technical communication user for the Connector.
Subscription Timeout
Situation
Due to a current limitation in the Graph API it is not possible to cancel or delete an active presence subscription.
As you can see in the of the current Graph API (1.0) the “Delete subscription” chapter does not include presence subscriptions.
It is also not possible to have multiple subscription in parallel. 
To make sure to only request a new presence subscription when the old one is not valid anymore, the app will store the state of the presence subscription and the time until it is valid in the database.
As mentioned in the chapter “Technical Overview” we are creating presence subscriptions with a validity of 10 minutes.
The presence subscription will be renewed as soon as it is no longer valid which will be 10 minutes after initial subscription.
Impact
If settings are changed or the app instance is restarted it will check the corresponding database entry on startup.
In case the last presence subscription was completed less than 10 minutes ago, there is still an active presence subscription and the app has to wait for it to become invalid. 
Some Changes (e.g., to the “Notification-URL”) will only take effect after a new created subscription. 
The current Beta Version of the Graph API is already providing a function to delete presence subscriptions, so we hope we can improve this behavior in the future.
Troubleshooting
GUI Feedback
The app itself shows required states with green and red as connections to the Master PBX, Authentication and Presence Subscription to identify if there are problems. Sometimes it needs a little bit time until the states are changed. If the states remain, it is mandatory to enable logs on the app platform and check for more information.
Teams License for communication user
If presence subscription does not work, please check if the configured user has a Microsoft Teams license.
SSL Certificate for notification URL
It also is useful to make sure the notification URL has a valid and public signed certificate.
You can do that, using an SSL-Checker, for example: https://www.sslshopper.com/ssl-checker.html 
Without a valid, public signed certificate, Microsoft will decline the connection since it will not be possible to establish a trust relationship for the SSL/TLS secure channel.
Creating an app trace
For further analysis and creating a support ticket it will be useful to have a suitable app trace. 
Before creating the trace please make sure the following trace flags are activated for the app instance:
- App
- Database
- HTTP client
- TLS
- TCP
- App WebSocket
- Config
- Webserver
After setting the config flags, please make sure to
- stop the instance
- deleting the current instance log
- start the instance
Now please wait 12 Minutes before you save the log, otherwise we could not have the whole picture in the trace.