Microsoft Office 365

The Office 365 plugin enables the creation of automated services connected to O365 licenses, users , roles and distribution groups.

Activities
Add-ZPO365DistributionGroupMember
Add-ZPO365RoleMember
Add-ZPO365MailboxPermission
Add-ZPO365RecipientPermission
Add-ZPO365MailboxModeratedBy
Get-ZPO365User
Get-ZPO365Group
Get-ZPO365Mailbox
New-ZPO365DistributionGroup
New-ZPO365ExcelLicenseReport
New-ZPO365User
New-ZPO365Mailbox
Remove-ZPO365EmailAddress
Remove-ZPO365License
Remove-ZPO365RoleMember
Remove-ZPO365User
Remove-ZPO365DistributionGroupMember
Remove-ZPO365Group
Remove-ZPO365RecipientPermission
Remove-ZPO365MailboxPermission
Remove-ZPO365Mailbox
Set-ZPO365EmailAddress
Set-ZPO365License
Set-ZPO365LicenseDelegated
Set-ZPO365GraphUser
Set-ZPO365User
Set-ZPO365Group
Set-ZPO365DistributionGroup
Set-ZPO365MailboxType
Set-ZPO365MailboxSendOnBehalf
Set-ZPO365MailboxForwardingAddress
Set-ZPO365Mailbox
Set-ZPO365MailboxClutter
Start-ZPO365DirectorySync
Test-ZPO365User
Test-ZPO365IsLicenseAssigned
ConvertTo-ZPO365ObjectGuid
Disable-ZPO365ActiveSync
Disable-ZPO365Pop
Disable-ZPO365Imap
Enable-ZPO365ActiveSync
Enable-ZPO365Pop
Enable-ZPO365Imap
Data sources Type
Get-ZPO365FreeLicenses Web service
Get-ZPO365ServicePlan Web service
Get-ZPO365User Web service
Get-ZPO365UserLicense Web service
Get-ZPO365UserLicenseServicePlan Web service
Get-ZPO365Group Web service
Get-ZPO365ServicePlanRestricted Web service
Get-ZPO365UserLicenseInformation Web service
Get-ZPO365MobileDevice Web service
Test-ZPO365DisplayName Web service
Test-ZPO365EmailAddress Web service
Test-ZPO365User Web service
DropDown.O365Domain Drop down
DropDown.O365License Drop down
DropDown.O365User Drop down
DropDown.O365DistributionGroup Drop down
DropDown.O365MyDistributionGroup Drop down
DropDown.Graph.O365User Drop down
DropDown.Graph.O365License Drop down
DropDown.Graph.O365LicenseDelegated Drop down
DropDown.Graph.O365ServicePlanRestricted Drop down
DropDown.Graph.O365ProjectOnlineLicense Drop down

Installation and Configuration

Update Provider Config

ProvisioningSystem

Update the provider config with the settings applicable for your environment

office365.provisioningsystem.providers.xml

Key Example Value Description
DomainController DC01.domain.local Preferred domain controller FQDN
Credential O365 Name of the credential object stored in the Credential Manager
ConnectionRetryCount 10 Number of retries to perform if the connection to MSOL fails
ConnectionRetryIntervalSec 1 Number of seconds to wait between each connection attempt
UsageLocation SE Fallback Usage Location to use if none is specified in the activities
UICulture en-US Language to display state messages in (en-US or sv-SE)
DirSyncServer SRV01.domain.local Name of the server running dirsync. Requires PowerShell remoting
SessionName ZervicePoint.Activity.O365.Exchange Name of the PSSession.
ExchangeConnectionUri https://outlook.office365.com/powershell-liveid Connection URL to Excange online
ExchangeAuthentication Basic Exchange authentication types
LicenseDelegationConfigurationPath C:\Program Files\Zipper\ZervicePoint\Provider extensions\Office 365 Path to your license configuration json file
GraphTenantName zipperdevtest.onmicrosoft.com The target tenant of the Graph related calls
GraphAPIVersion 1.6 The Graph version to use in the Graph related calls
GraphCredential O365 Typically the same credential as for O365
GraphProxyCredential O365 Typically the same credential as for O365. Must be specified if GraphProxy is set
GraphProxy http://webproxy.company.com Leave empty if no proxy is needed for Graph calls

ClientWebService

Update the provider config with the settings applicable for your environment

office365.clientwebservice.provider.xml

Key Example Value Description
DomainController DC01.domain.local Preferred domain controller FQDN
SearchBase OU=Demo,DC=domain,DC=local Default search base if no other search base is set up in the dropdown.xml file
Credential O365 Name of the credential object stored in the Credential Manager
ConnectionRetryCount 10 Number of retries to perform if the connection to MSOL fails
ConnectionRetryIntervalSec 1 Number of seconds to wait between each connection attempt
UICulture en-US Language to display state messages in (en-US or sv-SE)
Categories Active Directory Categories to display in the User dropdowns. supported values are: 'Active Directory', 'Office 365' or 'Active Directory, Office 365'
SessionName ZervicePoint.ClientWebService.O365.Exchange Name of the PSSession.
ExchangeConnectionUri https://outlook.office365.com/powershell-liveid Connection URL to Excange online
ExchangeAuthentication Basic Exchange authentication types
LicenseDelegationConfigurationPath C:\Program Files\Zipper\ZervicePoint\Provider extensions\Office 365 Path to your license configuration json file
GraphTenantName zipperdevtest.onmicrosoft.com The target tenant of the Graph related calls
GraphAPIVersion 1.6 The Graph version to use in the Graph related calls
GraphCredential O365 Typically the same credential as for O365
GraphProxyCredential O365 Typically the same credential as for O365. Must be specified if GraphProxy is set
GraphProxy http://webproxy.company.com Leave empty if no proxy is needed for Graph calls

Dependencies

License Delegation configuration

Getting started

Create a file called LicenseDelegationConfiguration.json (recommended path is C:\Program Files\Zipper\ZervicePoint\Provider extensions\Office 365\Shared modules\LicenseDelegationConfiguration).

Configure the path in providers.xml for both provisioning system and client web service where key is "LicenseDelegationConfigurationPath" and value is the path.

Open LicenseDelegationConfiguration.json in a texteditor and configure the rules.

Rules

  • Roles - Specify available licenses for roles
  • GloballyDisabledLicenses - Disable licenses globally
  • GloballyDisabledServicePlans - Disable service plans globally
  • SwapLicenseSets - Specify sets of licenses which are swappable

Roles To specify roles in configuration file, use roles key and specify which licenses and service plans are available for specific roles. For example, the following make STANDARDPACK license and Teams and Yammer enterprise serviceplans available for the role Sweden.

{
    "roles": {
        "Sweden": [
            {
                "skuPartNumber": "STANDARDPACK",
                "allowedServicePlans": [
                    "TEAMS1",
                    "YAMMER_ENTERPRISE"
                ]
            }
        ]
    }
}

An example with multiple roles and licenses.

{
    "roles": {
        "Sweden": [
            {
                "skuPartNumber": "STANDARDPACK",
                "allowedServicePlans": [
                    "Deskless"
                ]
            },
              {
                "skuPartNumber": "ENTERPRISEPACK",
                "allowedServicePlans": [
                  "Deskless",
                  "FLOW_O365_P2"
                ]
              }
        ],
        "Norway": [
            {
                "skuPartNumber": "POWER_BI_STANDARD",
                "allowedServicePlans": [
                    "BI_AZURE_P0"
                ]
            }
        ]
    }
}

GloballyDisabledLicenses The GloballyDisabledLicenses rule allows you to disable licenses for all roles.

{
    "globallyDisabledLicenses": [ "CRMTESTINSTANCE", "ENTERPRISEPACK" ]
}

GloballyDisabledServicePlans The GloballyDisabledServicePlans rule allows you to disable licenses for all roles.

{
    "GloballyDisabledServicePlans ": [ "TEAMS1", "FLOW_O365_P2" ]
}

SwapLicenseSets You can add license sets where you specify which licenses should be swappable. An example if you want the users to have either ENTERPRISEPACK or POWER_BI_STANDARD.

{
    "swapLicenseSets": {
        "Standard": [
            "ENTERPRISEPACK",
            "STANDARDPACK"
        ]
    }
}

In this case, suppose you have a user who has ENTERPRISEPACK and you assign POWER_BI_STANDARD. If you have this configuration the user would only have POWER_BI_STANDARD.

It's also possible to specify multiple SwapLicenseSets.

{
    "swapLicenseSets": {
        "Standard": [
            "ENTERPRISEPACK",
            "STANDARDPACK"
        ],
        "CRM": [
            "CRMPLAN1",
            "CRMPLAN2",
            "CRMSTANDARD"
        ]
    }
}

License Delegation json example

An example with multiple rules.

{
    "roles": {
        "Sweden": [
            {
                "skuPartNumber": "STANDARDPACK",
                "allowedServicePlans": [
                    "Deskless",
                    "FLOW_O365_P1",
                    "POWERAPPS_O365_P1",
                    "TEAMS1",
                    "SHAREPOINTWAC",
                    "PROJECTWORKMANAGEMENT",
                    "SWAY",
                    "INTUNE_O365",
                    "YAMMER_ENTERPRISE",
                    "MCOSTANDARD",
                    "SHAREPOINTSTANDARD",
                    "EXCHANGE_S_STANDARD"
                ]
            },
            {
                "skuPartNumber": "ENTERPRISEPACK",
                "allowedServicePlans": [
                  "Deskless",
                  "FLOW_O365_P2",
                  "POWERAPPS_O365_P2",
                  "TEAMS1",
                  "PROJECTWORKMANAGEMENT",
                  "SWAY",
                  "INTUNE_O365",
                  "YAMMER_ENTERPRISE",
                  "RMS_S_ENTERPRISE",
                  "OFFICESUBSCRIPTION",
                  "MCOSTANDARD",
                  "SHAREPOINTWAC",
                  "SHAREPOINTENTERPRISE",
                  "EXCHANGE_S_ENTERPRISE"
                ]
            }
        ],
        "Norway": [
            {
                "skuPartNumber": "POWER_BI_STANDARD",
                "allowedServicePlans": [
                    "BI_AZURE_P0"
                ]
            },
            {
                "skuPartNumber": "ENTERPRISEPACK",
                "allowedServicePlans": [
                    "Deskless",
                    "FLOW_O365_P2",
                    "POWERAPPS_O365_P2",
                    "TEAMS1",
                    "PROJECTWORKMANAGEMENT",
                    "SWAY",
                    "INTUNE_O365",
                    "YAMMER_ENTERPRISE",
                    "RMS_S_ENTERPRISE",
                    "OFFICESUBSCRIPTION",
                    "MCOSTANDARD",
                    "SHAREPOINTWAC",
                    "SHAREPOINTENTERPRISE",
                    "EXCHANGE_S_ENTERPRISE"
                ]
            }
        ]
    },
    "globallyDisabledLicenses": [ "CRMTESTINSTANCE" ],
    "globallyDisabledServicePlans": [ "TEAMS1" ],
    "swapLicenseSets": {
        "Standard": [
            "ENTERPRISEPACK",
            "STANDARDPACK"
        ],
        "CRM": [
            "CRMPLAN1",
            "CRMPLAN2",
            "CRMSTANDARD"
        ]
    }
}

Related Activities, dropdowns and webservices

  • Set-ZPO365LicenseDelegated
  • DropDown.Graph.O365LicenseDelegated
  • DropDown.Graph.O365ServicePlanRestricted
  • Get-ZPO365ServicePlanRestricted
  • Get-ZPO365UserLicenseInformation