Howto15r1:Configure User Presence Sync by Connector for Microsoft365: Difference between revisions

From innovaphone wiki
Jump to navigation Jump to search
No edit summary
Line 1: Line 1:
redirect
==Applies To==
This information applies to
Connector for Microsoft 365 from version 15r1
 
==More Information==
 
This article outlines a configuration scheme for Connector for Microsoft365 functionality.<br>
In preparation, you first will need to configure two Applications in your Azure Portal (one for each direction). <br>
After that, you will install the App in your Application Platform, and configure everything.
 
 
===System Requirements===
 
* Licenses '''innovaphone Connector for Microsoft 365''' per user who wants to use the innovaphone myApps Connector for Microsoft 365.
* '''account in Azure Portal of Microsoft''' (for each of the technical communication users, no permission role needed)<br>
** Each communication user must have a Teams license applied, more infos can be found  [https://learn.microsoft.com/en-us/azure/communication-services/quickstarts/eligible-teams-licenses here]<br>
** Each communication user can be used to subscribe the presence of up to 650 users. (If you want to synchronize more than 650 users, you will need a multitude of communication users)
** Must '''not''' have multi factor authentication activated
* Must have access from the internet to your App Platform
** This can be done by using a reverse proxy or other firewall
* The public endpoint '''must have ''' a '''valid, public signed certificate''' (in order to make a trusted SSL connection from the Azure cloud to the Application Platform possible)
** A valid certificate is required in all involved network entities - at least in the App Platform and if used in the Reverse Proxy; to ensure transmission of MS365 HTTPS POST requests to the app service in order to send notifications.
* Admin account for Azure Portal (only necessary for granting needed permission for registered app during setup)
 
==Installation==
 
===Configuration in Azure Portal===
====Create an App for syncing Teams to PBX====
 
* '''In the Azure Portal of Microsoft you have to add an app registration'''
* '''You only have to give a name for the app'''
 
[[Image:App_Registration_Connector_for_Microsoft365.png|thumb|none|600px|App Registration]]
 
* '''Switch to the authentication on the left'''
* '''You only have to configure allow public client flow'''
 
[[Image:Authentication_Connector_for_Microsoft365.png|thumb|none|600px]]
 
* '''Switch to api permissions on the left'''
* '''You have to configure delegated permissions (User.Read.All and Presence.Read.All) as shown in the picture'''
* '''Grant access to the api permissions, if not possible you have to ask an admin'''
 
[[Image:Azure_Select_Api-Permission.png|thumb|none|600px]]
 
[[Image:Azure_Select_Api-Permission_Delegated.png|thumb|none|600px]]
 
[[Image:APIPermission_Connector_for_Microsoft365.png|thumb|none|600px]]
 
With these configurations you can configure the Connector for Microsoft365
 
* '''Client ID as shown in the picture'''
* '''Tenant ID as shown in the picture'''
* '''User'''
* '''Password'''
 
[[Image:Overview_Connector_for_Microsoft365.png|thumb|none|600px]]
 
====Create an App for syncing PBX to Teams====
 
* '''In the Azure Portal of Microsoft you have to add a new app registration'''
* '''In the picture you can see that we have 2 values after that which we can use for the configuration of the app'''
 
[[Image:Overview_Connector_for_Microsoft365_Sync_to_Teams.png|thumb|none|600px]]
 
* '''Switch to Certificates & Secrets on the left'''
* '''You only have to configure a client secret and save the value for the configuration of the app'''
 
[[Image:Authentication_Connector_for_Microsoft365_Sync_to_Teams.png|thumb|none|600px]]
 
* '''Switch to api permissions on the left'''
* '''You have to configure application permission (Presence.ReadWrite.All) as shown in the picture'''
* '''Grant access to the api permissions, if not possible you have to ask an admin'''
 
[[Image:Azure_Select_Api-Permission.png|thumb|none|600px]]
 
[[Image:Azure_Select_Api-Permission_Application.png|thumb|none|600px]]
 
[[Image:APIPermission_Connector_for_Microsoft365_Sync_to_Teams.png|thumb|none|600px]]
 
===Installing and configuring App Platform and PBX===
====Installing the connector app====
* First you need to install the connector app from the App Store:
[[Image:Microsoft365_install_app_1.png|thumb|none|600px]]
* Install the app by selecting
# All apps
# innovaphone AG
# innovaphone myApps Connector for Microsoft 365
# select the current Version
# Click install
[[Image:Microsoft365_install_app_2.png|thumb|none|600px]]
====Creating an instance for the connector app====
* For creating an Instance, in the AP Manager you need to
# select '''innovaphone myApps Connector for Microsoft 365'''
# click '''add'''
[[Image:Microsoft365_create_instance_1.png|thumb|none|600px]]
* Insert the following information and save
# The technical Instance Name (we suggest microsoft365)
# Your Domain (This should be the domain you have already configured in your PBX and your Application Platform)
# define a password for the communication between the PBX and the app instance
# define a password for the communication between the app instance and the database
''All other fieds should be filled automatically''
[[Image:Microsoft365_create_instance_2.png|thumb|none|600px]]
 
====Creating the PBX app object using the PBX Manager Plugin====
* Open the PBX Manager and
# select the '''AP <code>InstanceName</code>''' Tile
# Click '''Add an app'''
[[Image:Microsoft365_pbx_manager_1.png|thumb|none|600px]]
* Specify the '''Name''' and the '''SIP''' (We suggest using '''<code>microsoft365</code>''' for this technical names)
[[Image:Microsoft365_pbx_manager_2.png|thumb|none|600px]]
 
====Add the admin app to a user or a template====
To be able to configure the connector app, you need users to have access to the admin app.<br>
You can achieve this by adding the app to a user, or to a template. <br>
In this Howto - as an example - we will add the app to the <code>Config Admin</code> template. <br>
* In the PBX Manager
# select the <code>Templates</code> tile
# click on the <code>Config Admin</code> template
[[Image:Microsoft365_template_1.png|thumb|none|600px]]
* In the <code>Config Admin</code> template
# open Apps
# Check the <code>app name</code> checkbox
# Save the changes
[[Image:Microsoft365_template_2.png|thumb|none|600px]]
 
====Configure the connector with the admin app====
Now your admins (designated groups or configured user) should have access to the connector admin app. <br>
* A user with access to the app can now see a new tile in the '''All Apps''' area
* The name depends on the configured <code>app name</code> from the PBX Manager plugin
[[Image:Microsoft365_admin_app_1.png|thumb|none|600px]]
=====Synchronization from Teams to the PBX=====
* First you will need to configure the inbound sync from Teams to PBX
** Configuration
**# '''Master PBX''' - Set the name of your Master PBX ('''Not full DNS name, really just only the PBX name''') Good: [<span style="color:green;">pbx</span>]  Bad: [<span style="color:red;text-decoration: line-through;">pbx.domain.tld</span>]
**# '''ClientIDSynctoPbx''' - Please insert the Application ID (Client ID) from Azure Portal from the in preparation created Teams to PBX app
**# '''TenantSynctoPbx''' - Please insert the Directory ID (Tenant) from Azure Portal from the in preparation created Teams to PBX app
**# '''Notification URL''' - You need to specify the address Microsoft can send presence updates to.
**## You need to make sure that you define a URL where you can reach your App Platform from the public internet <code>public.dns</code>
**## Next you need the domain you have configured in the app instance before (3.2.2) <code>your.domain</code>
**## Next you need the name of the instance you have configured before (3.2.2) <code>microsoft365</code>
**## The URL will always be terminated by <code>subscriptions</code>
**##* <code>https://public.dns/your.domain/microsoft365/subscriptions</code>
*** Save your changes
*** [[Image:Microsoft365_admin_app_2_14r2.png|thumb|none|600px]]
** Manage Teams accounts
**# Click on Add Teams account
**# Enter username (Azure Portal account in email format)
**# Enter password
**# Click on the check mark
**# Make sure to add an Azure Portal communication user for each 650 user you want to subscribe
*** [[Image:Microsoft365_admin_app_2_14r2_user.png|thumb|none|600px]]
* After successful configuration and subscription, the Microsoft services will connect to the specified ''Notification URL'' for presence and line state updates.
* For this to work, it is important to make sure that the specified ''Notification URL'' is reachable from the Microsoft services, meaning from the public internet.
'''It can take up to 10 Minutes until all check marks are green, and the sync is working'''
 
=====Synchronization from the PBX to Teams=====
* For the outbound synchronization you select from PBX to Teams in the admin app
# '''ClientIDSynctoTeams''' - Please insert the Application ID (Client ID) from Azure Portal from the in preparation created PBX to Teams app
# '''TenantSyncto Teams''' - Please insert the Directory ID (Tenand) from Azure Portal from the in preparation created PBX to Teams app
# '''ClientSecretSynctoTeams''' - Please insert the shared secret from the in preparation created PBX to Teams app
[[Image:Microsoft365_admin_app_3_14r2.png|thumb|none|600px]]
* For the sync direction from PBX to Teams, the app itself needs visibility permissions (presence, on-the-phone) for the users who are should be synced to Teams. The configuration tag is visibility for each user object.
 
==Related Articles==
[[Reference15r1:Concept_App_Service_Connector_for_Microsoft_365|Concept App Service Connector for Microsoft 365]]<br>
[[Howto15r1:Configure Calendar Presence Sync by Connector for Microsoft365]]
 
[[Category:Howto|{{PAGENAME}}]]

Revision as of 19:06, 13 March 2025

Applies To

This information applies to Connector for Microsoft 365 from version 15r1

More Information

This article outlines a configuration scheme for Connector for Microsoft365 functionality.
In preparation, you first will need to configure two Applications in your Azure Portal (one for each direction).
After that, you will install the App in your Application Platform, and configure everything.


System Requirements

  • Licenses innovaphone Connector for Microsoft 365 per user who wants to use the innovaphone myApps Connector for Microsoft 365.
  • account in Azure Portal of Microsoft (for each of the technical communication users, no permission role needed)
    • Each communication user must have a Teams license applied, more infos can be found here
    • Each communication user can be used to subscribe the presence of up to 650 users. (If you want to synchronize more than 650 users, you will need a multitude of communication users)
    • Must not have multi factor authentication activated
  • Must have access from the internet to your App Platform
    • This can be done by using a reverse proxy or other firewall
  • The public endpoint must have a valid, public signed certificate (in order to make a trusted SSL connection from the Azure cloud to the Application Platform possible)
    • A valid certificate is required in all involved network entities - at least in the App Platform and if used in the Reverse Proxy; to ensure transmission of MS365 HTTPS POST requests to the app service in order to send notifications.
  • Admin account for Azure Portal (only necessary for granting needed permission for registered app during setup)

Installation

Configuration in Azure Portal

Create an App for syncing Teams to PBX

  • In the Azure Portal of Microsoft you have to add an app registration
  • You only have to give a name for the app
App Registration
  • Switch to the authentication on the left
  • You only have to configure allow public client flow
  • Switch to api permissions on the left
  • You have to configure delegated permissions (User.Read.All and Presence.Read.All) as shown in the picture
  • Grant access to the api permissions, if not possible you have to ask an admin

With these configurations you can configure the Connector for Microsoft365

  • Client ID as shown in the picture
  • Tenant ID as shown in the picture
  • User
  • Password

Create an App for syncing PBX to Teams

  • In the Azure Portal of Microsoft you have to add a new app registration
  • In the picture you can see that we have 2 values after that which we can use for the configuration of the app
  • Switch to Certificates & Secrets on the left
  • You only have to configure a client secret and save the value for the configuration of the app
  • Switch to api permissions on the left
  • You have to configure application permission (Presence.ReadWrite.All) as shown in the picture
  • Grant access to the api permissions, if not possible you have to ask an admin

Installing and configuring App Platform and PBX

Installing the connector app

  • First you need to install the connector app from the App Store:
  • Install the app by selecting
  1. All apps
  2. innovaphone AG
  3. innovaphone myApps Connector for Microsoft 365
  4. select the current Version
  5. Click install

Creating an instance for the connector app

  • For creating an Instance, in the AP Manager you need to
  1. select innovaphone myApps Connector for Microsoft 365
  2. click add
  • Insert the following information and save
  1. The technical Instance Name (we suggest microsoft365)
  2. Your Domain (This should be the domain you have already configured in your PBX and your Application Platform)
  3. define a password for the communication between the PBX and the app instance
  4. define a password for the communication between the app instance and the database

All other fieds should be filled automatically

Creating the PBX app object using the PBX Manager Plugin

  • Open the PBX Manager and
  1. select the AP InstanceName Tile
  2. Click Add an app
  • Specify the Name and the SIP (We suggest using microsoft365 for this technical names)

Add the admin app to a user or a template

To be able to configure the connector app, you need users to have access to the admin app.
You can achieve this by adding the app to a user, or to a template.
In this Howto - as an example - we will add the app to the Config Admin template.

  • In the PBX Manager
  1. select the Templates tile
  2. click on the Config Admin template
  • In the Config Admin template
  1. open Apps
  2. Check the app name checkbox
  3. Save the changes

Configure the connector with the admin app

Now your admins (designated groups or configured user) should have access to the connector admin app.

  • A user with access to the app can now see a new tile in the All Apps area
  • The name depends on the configured app name from the PBX Manager plugin
Synchronization from Teams to the PBX
  • First you will need to configure the inbound sync from Teams to PBX
    • Configuration
      1. Master PBX - Set the name of your Master PBX (Not full DNS name, really just only the PBX name) Good: [pbx] Bad: [pbx.domain.tld]
      2. ClientIDSynctoPbx - Please insert the Application ID (Client ID) from Azure Portal from the in preparation created Teams to PBX app
      3. TenantSynctoPbx - Please insert the Directory ID (Tenant) from Azure Portal from the in preparation created Teams to PBX app
      4. Notification URL - You need to specify the address Microsoft can send presence updates to.
        1. You need to make sure that you define a URL where you can reach your App Platform from the public internet public.dns
        2. Next you need the domain you have configured in the app instance before (3.2.2) your.domain
        3. Next you need the name of the instance you have configured before (3.2.2) microsoft365
        4. The URL will always be terminated by subscriptions
          • https://public.dns/your.domain/microsoft365/subscriptions
      • Save your changes
    • Manage Teams accounts
      1. Click on Add Teams account
      2. Enter username (Azure Portal account in email format)
      3. Enter password
      4. Click on the check mark
      5. Make sure to add an Azure Portal communication user for each 650 user you want to subscribe
  • After successful configuration and subscription, the Microsoft services will connect to the specified Notification URL for presence and line state updates.
  • For this to work, it is important to make sure that the specified Notification URL is reachable from the Microsoft services, meaning from the public internet.

It can take up to 10 Minutes until all check marks are green, and the sync is working

Synchronization from the PBX to Teams
  • For the outbound synchronization you select from PBX to Teams in the admin app
  1. ClientIDSynctoTeams - Please insert the Application ID (Client ID) from Azure Portal from the in preparation created PBX to Teams app
  2. TenantSyncto Teams - Please insert the Directory ID (Tenand) from Azure Portal from the in preparation created PBX to Teams app
  3. ClientSecretSynctoTeams - Please insert the shared secret from the in preparation created PBX to Teams app
  • For the sync direction from PBX to Teams, the app itself needs visibility permissions (presence, on-the-phone) for the users who are should be synced to Teams. The configuration tag is visibility for each user object.

Related Articles

Concept App Service Connector for Microsoft 365
Howto15r1:Configure Calendar Presence Sync by Connector for Microsoft365