Office 365: Difference between revisions

From UmsWiki
Jump to navigation Jump to search
 
(127 intermediate revisions by 7 users not shown)
Line 1: Line 1:
Introduction text.
Our Office 365 SharePoint Portal is a dedicated solution for school, which want an easy-to-use learning portal. Students and teachers are often presented with advanced and complex solutions that does everything they need and then some and as a result, they are difficult to use. We have decided to do things differently and therefore the Office 365 SharePoint Portal gives you the features you need to get the most out of SharePoint. Nothing more, nothing less. The portal is simple and easy to use. This way you avoid confusion and having to navigate yet another complex system. In terms of design, you have two options: the portal can use our standard skin, as pictured above, or our second skin, which we made for primary schools.


== Prerequisites ==
==Prerequisites==


=== Module requirements ===
===Module requirements===
[[UMS]]
[[UMS]]


=== Testing after setup ===
==== Install/Update Powershell 7 ====
Users get created in Office 365
*Run in Powershell
iex "& { $(irm <nowiki>https://aka.ms/install-powershell.ps1</nowiki>) } -UseMSI"
*https://docs.microsoft.com/en-us/powershell/scripting/install/installing-powershell-on-windows


=== What to have ready ===
==== Install needed powershell modules ====
Run these commands in Powershell 7 administrator mode:


=== Is any physical item required ===
#'''Enable TLS 1.2 for Powershell commands'''
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12  
$NugetPackageProvider = Get-PackageProvider -ListAvailable -Name NuGet -ErrorAction SilentlyContinue
if (!$NugetPackageProvider) {Install-PackageProvider -Name NuGet -RequiredVersion 2.8.5.201 -Scope AllUsers -Force}
$ExchangeOnlineManagement = Get-Module -ListAvailable -Name ExchangeOnlineManagement -ErrorAction SilentlyContinue
if (!$ExchangeOnlineManagement) {Install-Module -Name ExchangeOnlineManagement -Scope AllUsers -Force}


=== Should third party be contacted ===
==== Connect to office 365 ====
$password = ConvertTo-SecureString -String 'password' -AsPlainText -Force
$Creds = New-object -typename System.Management.Automation.PSCredential -argumentlist 'username', $Password
Connect-ExchangeOnline -Credential $Creds


== Installation ==
'''Use this command only if no repository is available'''
'''Office 365'''


Register-PSRepository -Default -Verbose
If by accident or due to prior install in Powershell 5, you may receive this error :
''Connecting to remote server outlook.office365.com failed with the following error message :  For more information, see the about_Remote_Troubleshooting Help topic.''
Resolve by deleting this folder and rerun above commands in PS7 only.
[[File:Snip.png|567x567px]]
After reinstall use below command in scheduled task to run in correct PS-version.
=== Run Scheduled Task like this ===
"C:\Program Files\PowerShell\7\pwsh.exe" -c "& 'C:\Program Files\UserManagement\LiveAtEdu_Sync.exe'"
=== Office 365 permissions ===
These are only needed if specific options are selected as described below.
==== Exchange permissions ====
* Recipient Management
** Users
*** Mailbox language
*** Mailbox time zone
*** Calendar Rights
*** Address book policy
*** Forward mail *
** Groups
*** All group operations
===[[MSGraphPermissions|Graph permissions]]===
Updating specific attributes on Global admins is not allowed. https://docs.microsoft.com/en-us/graph/api/user-update?view=graph-rest-1.0&tabs=http
A solution to this problem is to make the App registration member of the Global Admin role.
==Installation==
===Office 365===
Enter Admin credentials for a service account with administrator privileges to access Office 365.
Enter Admin credentials for a service account with administrator privileges to access Office 365.
[[File:Office365setup.png|none|thumb]]
[[File:Office365 Setting.jpg|none|thumb|974x974px]]
 
===Credentials===


''Users''
=====Tenant setting=====
Choose a tenant setting used for connection to Office 365-


'''“Login”'''
=====Domain=====
Enter the domain that you want the users and groups to have when they are created. E.g. <Username>@<Domain>


===Users===
=====Login=====
Choose what the users shall use to log in to Office365.
Choose what the users shall use to log in to Office365.


'''“Mail Address”'''
======Mail Address======
 
Choose what to use as the users mail address.
Choose what to use as the users mail address.


'''“Enable password never expires”'''
=====Enable password never expires=====
 
When marked the password will never expire for the users.
When marked the password will never expire for the users.


'''“Disable strong password”'''
=====Disable strong password=====
 
Use this to bypass the default password complexity.
Use this to bypass the default password complexity.


 '''“Users are created through third party program”'''
==== Change password at next logon ====
This will force users to change password the first time they login. This is only set on users that are created.


=====Users are created through third party program=====
This normally means ADFS is used to synchronize users
This normally means ADFS is used to synchronize users


 '''“Forward mail to on premise mail server”'''
=====Forward mail to on premise mail server=====
 
This will forward the users Office 365 mail to the primary mail address from AD (If user does not have a proxy address it will read it from the mail attribute)
This will forward the users Office 365 mail to the primary mail address from AD (If user does not have a proxy address it will read it from the mail attribute)


'''“Use Active Directory for info”'''
=====Use Active Directory for info=====
This tells UMS to take Department, Title and Organization from AD instead of AD Attributes in UMS.


This tells UMS to take Department, Title and Organization from AD instead of AD Attributes in UMS.
=====Provision OneDrive=====
This will provision the users OneDrive after he has been created so the user will not have to wait for this when he accesses the OneDrive the first time.


'''“Set License and usage location”'''
You will need to setup permissions for this to work.


This will tell UMS to update license and usage location when creating a user
[[MSGraphPermissions#Setup SharePoint permissions]]


'''“Disable users”'''
=====Usage location=====
This will tell UMS to set usage location when creating a user


=====Disable users=====
When marked the users will be disabled when they are no longer attending classes.
When marked the users will be disabled when they are no longer attending classes.


 '''“Delete users”'''
=====Keep active before disabling x days=====
Specify a grace period where users are active before disabling.


=====Delete users=====
Choose if users are to be deleted after grace period has ended.
Choose if users are to be deleted after grace period has ended.


'''“Keep inactive before deleting x days”'''
=====Keep disabled before deleting x days=====
 
Specify a grace period where users are disabled.
Specify a grace period where users are disabled.


 '''“Hide from address list”'''
=====Hide from address list=====
 
Hide the newly created item from address list.  
Hide the newly created item from address list.  


'''“Mailbox language”'''
=====Mailbox language=====
 
Specify which language is to be default for the users.
Specify which language is to be default for the users.


'''“Mailbox time zone”'''
=====Mailbox time zone=====
 
Specify which time zone is to be default for the users.
Specify which time zone is to be default for the users.


'''“Calendar Rights”'''
This also sets the working hours time zone.


=====Calendar Rights=====
Set the calendar rights on a user when he is created
Set the calendar rights on a user when he is created


'''“Calendar object UPN”'''
=====Calendar object UPN=====
Specify the UPN to put on the users calendar with the rights specified below


Specify the UPN to put on the users calendar with the rights specified below 
If using a group then it must be of type "'''Mail enabled security'''".


''Template security groups''
====Group UPN for keep alive users====
Specify a group where users that is kept alive is a member of.


'''“Maintain”'''
This must be a Microsoft 365 group.


This will create the security group entered in the field “template security group” in the destination node in the template settings.  
UMS will create the group if it doesn't exist.


''Distribution lists''
====Group UPN for disabled users====
Specify a group where users that is disabled is a member of.


'''“Maintain lists”'''
This must be a Microsoft 365 group.


UMS will create the group if it doesn't exist.
===Template groups===
====Maintain security group====
This will create the security group entered in the field template security group in the destination node in the template settings.
====Maintain extra groups====
This will create all the groups from the [[Configurator/Extra groups|extra groups]] template tab. All users will have direct group member ship.
===Distribution lists===
====Maintain lists====
Mark this to create distribution groups in Office 365. The groups will be created, updated and deleted if this is specified.
Mark this to create distribution groups in Office 365. The groups will be created, updated and deleted if this is specified.


'''“Delete lists”'''
====Delete lists====
 
Mark this to delete distributions groups when they are no longer active in the administrative system. Check the data export manuals too when this happens
Mark this to delete distributions groups when they are no longer active in the administrative system. Check the data export manuals too when this happens


'''“Delete unused lists after x days”'''
====Delete unused lists after x days====
 
Specify in days how long the distribution groups are to be kept alive in Office 365 before deletion.
Specify in days how long the distribution groups are to be kept alive in Office 365 before deletion.


'''“Only senders inside my organization”'''
====Only senders inside my organization====
 
With this marked only users in the domain will be able to send to distribution groups created by UMS.
With this marked only users in the domain will be able to send to distribution groups created by UMS.


Disabling this will allow the groups to be visible in Onedrive and Classroom
Disabling this will allow the groups to be visible in OneDrive and Classroom
 
''Picture settings''


===Picture settings===
This takes the picture privacy setting that the user has set into consideration. The picture will not be uploaded if the user has chosen not to allow his picture to be shared. The picture will not be removed again if it has been uploaded.
This takes the picture privacy setting that the user has set into consideration. The picture will not be uploaded if the user has chosen not to allow his picture to be shared. The picture will not be removed again if it has been uploaded.


 '''“Student picture library”'''
====Student picture library====
 
Define where the pictures are for the students that uses this template. If this is not set, no pictures will be uploaded to Office 365.  
Define where the pictures are for the students that uses this template. If this is not set, no pictures will be uploaded to Office 365.  


'''“Employee picture library”'''
====Employee picture library====
 
Define where the pictures are for the employees that uses this template. If this is not set, no pictures will be uploaded to Office 365.  
Define where the pictures are for the employees that uses this template. If this is not set, no pictures will be uploaded to Office 365.  
 
''Timetable''


'''“Maintain”'''
===Timetable===


====Maintain====
Mark this to create timetable blocks in Office 365. They will be created, updated and deleted.
Mark this to create timetable blocks in Office 365. They will be created, updated and deleted.


'''“Delete old”'''
====Delete old====
 
Mark this to delete old timetable blocks from calendars.
Mark this to delete old timetable blocks from calendars.


'''“Room setting”'''
====Room setting====
 
Create rooms with timetable blocks.
Create rooms with timetable blocks.


'''“Manage”'''
=====Manage=====
[[File:Office365roomsettings.png|none|thumb]]  
[[File:Office365roomsettings.png|none|thumb|378x378px]]


''Room'' ''displayname''
=====Room displayname=====


'''“Prefix”'''
=====Prefix=====
 
Text that can be added to the start of what is chosen in Generator.
Text that can be added to the start of what is chosen in “Generator”.
 
'''“Generator”'''


=====Generator=====
Choose what is to define the room.
Choose what is to define the room.


'''“Suffix”'''
Adding <> in front of the entry will UMS not to create the room.
 
Text that can be added to the end of what is chosen in “Generator”.


'''“Resulting displayname”'''
=====Suffix=====
Text that can be added to the end of what is chosen in Generator.


=====Resulting displayname=====
Summary of the chosen display name as it will be shown in Office 365.
Summary of the chosen display name as it will be shown in Office 365.


'''“Set rights to rooms…”'''
=====Set rights to rooms=====
 
Sets the rights on rooms when created
Sets the rights on rooms when created
[[File:Office365roomsettings2.png|none|thumb]]


'''“Owner”'''
This has to be a '''Distribution Group''' Otherwise it won't work
[[File:Office365roomsettings2.png|none|thumb|274x274px]]


======Owner======
Users will be able to create, read, modify and delete all items and files, and create sub-folders. As the folder owner, they can change the permission levels others have for the folder. (Does not apply to delegates.).
Users will be able to create, read, modify and delete all items and files, and create sub-folders. As the folder owner, they can change the permission levels others have for the folder. (Does not apply to delegates.).


'''“Publishing Editor”'''
======Publishing Editor======
 
Users can create, read, modify and delete all items and files, and create sub-folders. (Does not apply to delegates.).
Users can create, read, modify and delete all items and files, and create sub-folders. (Does not apply to delegates.).


'''“Editor”'''
======Editor======
 
Users can create, read, modify and delete all items and files..
Users can create, read, modify and delete all items and files..


'''“Publishing Author”'''
======Publishing Author======
 
Users can create and read items and files, create sub-folders, and modify and delete items and files they create. (Does not apply to delegates.).
Users can create and read items and files, create sub-folders, and modify and delete items and files they create. (Does not apply to delegates.).


'''“Author”'''
======Author======
 
Users can create and read items and files and modify and delete items and files you create.
Users can create and read items and files and modify and delete items and files you create.


'''“Nonediting Author”'''
======Nonediting Author======
 
Users have full read details. Can create items and delete own items. Folder visible.
Users have full read details. Can create items and delete own items. Folder visible.


'''“Reviewer”'''
======Reviewer======
 
Users can read items and files only.
Users can read items and files only.


'''“Contributor”'''
======Contributor======
 
Users can create items and files only. The contents of the folder does not appear. (Does not apply to delegates.).
Users can create items and files only. The contents of the folder does not appear. (Does not apply to delegates.).


'''''Note''''' ''With author or editor permissions, a delegate has send-on-behalf-of permission. Sent messages contain both the managers and delegates names. Message recipients see the managers name in the '''Sent On Behalf Of''' box and the delegates name in the '''From''' box.''
'''''Note''''' ''With author or editor permissions, a delegate has send-on-behalf-of permission. Sent messages contain both the managers and delegates names. Message recipients see the managers name in the Sent On Behalf Of box and the delegates name in the From box.''
 
'''“Define rooms to be created”'''


=====Define rooms to be created=====
Specify the rooms to be created based on a filter. If nothing is entered, every room will be created.
Specify the rooms to be created based on a filter. If nothing is entered, every room will be created.
[[File:Office365criteria.png|none|thumb]]
[[File:Office365criteria.png|none|thumb|202x202px]]
 
'''“Room number” and “Room name”'''


======Room number and Room name======
Can be found in the skemabrikker_rooms table in SQL.
Can be found in the skemabrikker_rooms table in SQL.


 '''“Usage location”'''
===Office 365 SharePoint site setting===
 
Choose which country that the users are located in.
 
'''“Re-License Users”'''
 
Pushing this button will cause all the users created with this setting to be relicensed in Office 365.
 
'''“License type”'''
 
Choose which license type to apply to the users. Remember to check that there is sufficient amount of licenses available.   
 
''Office 365 Licenses''
 
Lists of features contained in the chosen license type.
 
 '''“PowerShell command”'''
 
Gives you the commands to connect to the tenant with PowerShell  
 
=== '''Office 365 SharePoint site setting''' ===
This will create SharePoint sites
This will create SharePoint sites
[[File:Office365sharepointsitesettings.png|none|thumb]]  
[[File:Office365sharepointsitesettings.png|none|thumb|720x720px]]  
[[File:Office365sharepointsitesettings2.png|none|thumb]] 
[[File:Office365sharepointsitesettings2.png|none|thumb|567x567px]]  


==== ''Site settings'' ====
====''Site settings''====


==== '''“Automation type”''' ====
=====Automation type=====
Full: Means that site maintenance will be fully automated.
Full: Means that site maintenance will be fully automated.


  '''“Remove learner method”'''
=====Remove learner method=====
 
Deleted in AD
“Deleted in AD”


Users will be removed from site when they are not active in UMS anymore
Users will be removed from site when they are not active in UMS anymore


“Finished on activity/course”
Finished on activity/course


Users will be removed when they have finished with the course.  
Users will be removed when they have finished with the course.  


'''“Delete sites”'''
=====Delete sites=====
 
Auto delete
“Auto delete”


Sites will be delete when the last student has left the site
Sites will be delete when the last student has left the site


“Manual Delete”
=====Manual Delete=====
 
Sites will not be deleted by UMS. This has to be done by an administrator
Sites will not be deleted by UMS. This has to be done by an administrator


'''“Send mail to teacher(s)”'''
=====Send mail to teacher(s)=====
 
Send mail notification to teachers when they are attached to a site.
Send mail notification to teachers when they are attached to a site.


'''“Create x days before”'''
=====Create x days before=====
 
Choose how many days before start that the sites are to be created.
Choose how many days before start that the sites are to be created.


'''“Delete x days after end”'''
=====Delete x days after end=====
 
Choose how many days after end that the sites are to be deleted.
Choose how many days after end that the sites are to be deleted.


 '''“Teacher rights on sites”'''
=====Teacher rights on sites=====
 
Rights the teacher will have on the site when attached.
Rights the teacher will have on the site when attached.


'''“Learner rights on sites”'''
=====Learner rights on sites=====
 
Rights the student/learner will have on the site when attached.  
Rights the student/learner will have on the site when attached. 
 
'''“Check if group rights match”'''


=====Check if group rights match=====
When UMS looks for UMS-groups on the site, it will do so based on two criteria’s.
When UMS looks for UMS-groups on the site, it will do so based on two criteria’s.


The correct rights and the correct name. Unchecking this will disable the first criteria and only look for a group with the right name. (This is when users change the UMS-group rights on a site manually)
The correct rights and the correct name. Unchecking this will disable the first criteria and only look for a group with the right name. (This is when users change the UMS-group rights on a site manually)


'''“SQL Groups”'''
=====SQL Groups=====
 
Members of these groups will be attached to all sites created with this setting as teachers
Members of these groups will be attached to all sites created with this setting as teachers
[[File:Office365sqlgroups.png|none|thumb]]
[[File:Office365sqlgroups.png|none|thumb|447x447px]]
 
'''“Group name”'''


=====Group name=====
This can only be a group that is found in UMS  
This can only be a group that is found in UMS  


Line 297: Line 321:
Select Distinct Aktivitet As Activity From Students Order By Activity
Select Distinct Aktivitet As Activity From Students Order By Activity


'''“Activity Sites”'''
====Activity Sites====
 
Do not create
'''“Do not create”'''


It will not create any sites based on activities.
It will not create any sites based on activities.


'''“LMS has to be checked”'''
LMS has to be checked


The field Aktivitet_LMS in the students table has to be “True”. (Look in the documentation for the specific administrative system to see how this is set)
The field Aktivitet_LMS in the students table has to be True. (Look in the documentation for the specific administrative system to see how this is set)


'''“Based on template filter”'''
Based on template filter


Create sites based on a filter that is specified per template.
Create sites based on a filter that is specified per template.
[[File:Office365filters.png|none|thumb|507x507px]]


'''“All”'''
All


Create all sites.
Create all sites.


'''Title'''
Title


Title of the site. Changing this after a site has been created will cause it to be updated.
Title of the site. Changing this after a site has been created will cause it to be updated.


'''Description'''
Description


Description of the site. Changing this after a site has been created will cause it to be updated.  
Description of the site. Changing this after a site has been created will cause it to be updated.
 
'''Search filter and criteria'''


===Search filter and criteria===
This will enable you to concatenate sites that would have been created as to or more sites to be created as one site.
This will enable you to concatenate sites that would have been created as to or more sites to be created as one site.


'''“Remarks”'''
=====Remarks=====
 
This is just for description purposes.  
This is just for description purposes.  


'''“Filter”'''
=====Filter=====
 
The SQL like filter (regular expression). If an activity matches, it will be subject to the settings below in semester roll
The SQL like filter (regular expression). If an activity matches, it will be subject to the settings below in semester roll


'''“Semester roll”'''
=====Semester roll=====
 
Use replace string with empty
'''“Use replace string with empty”'''


This will replace a section of the site with an empty string.
This will replace a section of the site with an empty string.


                                            '''“Start index”'''
=====Start index=====
 
Determine where to start in string to remove.
Determine where to start in string to remove.


                                            '''“Length”'''
=====Length=====
 
How many characters will be removed from the string.
How many characters will be removed from the string.


“'''Add activity short description to node ID'''“
=====Add activity short description to node ID=====
 
This will add the field Kort_Betegnelse (Short Description) from the students table to the node id.
This will add the field Kort_Betegnelse (Short Description) from the students table to the node id.


Node id is the URL.
Node id is the URL.


'''Examples'''
====Examples====
 
If you have three activities named English1, English2, English3 and you only want one SharePoint site.
If you have three activities named English1, English2, English3 and you only want one SharePoint site.


Set the settings as shown below
Set the settings as shown below
[[File:Office365filterexample.png|none|thumb|401x401px]]


This filter ensures that it is only applied to activities that matches this SQL sentence. 
This filter ensures that it is only applied to activities that matches this SQL sentence.  


'''“Course Sites”'''
=====Course Sites=====
 
Course URL’s will always be created as activity_course.
Course URL’s will always be created as “activity_course”.
 
'''“Do not create”'''


=====Do not create=====
It will not create any sites based on courses.
It will not create any sites based on courses.


'''“LMS has to be checked”'''
=====LMS has to be checked=====
 
The field Skolefag_LMS in the students table has to be True. (Look in the documentation for the specific administrative system to see how this is set)
The field Skolefag_LMS in the students table has to be “True”. (Look in the documentation for the specific administrative system to see how this is set)
 
'''“Based on template filter”'''


=====Based on template filter=====
Create sites based on a filter that is specified per template.
Create sites based on a filter that is specified per template.
[[File:Office365filters.png|none|thumb|507x507px]]


'''“All”'''
=====All=====
 
Create all sites.
Create all sites.


'''Title'''
=====Title=====
 
Title of the site. Changing this after a site has been created will cause it to be updated.
Title of the site. Changing this after a site has been created will cause it to be updated.


'''Description'''
=====Description=====
 
Description of the site. Changing this after a site has been created will cause it to be updated.
Description of the site. Changing this after a site has been created will cause it to be updated.  
 
'''Search filter and criteria'''


=====Search filter and criteria=====
This will enable you to concatenate sites that would have been created as two or more sites to be created as one site.
This will enable you to concatenate sites that would have been created as two or more sites to be created as one site.
[[File:Office365filter.png|none|thumb|416x416px]]


'''“Remarks”'''
=====Remarks=====
 
This is just for description purposes.  
This is just for description purposes.  


'''“Course Filter”'''
=====Course Filter=====
 
The SQL like filter (regular expression). If an activity matches, it will be subject to the settings below in semester roll.
The SQL like filter (regular expression). If an activity matches, it will be subject to the settings below in semester roll.


'''“Semester roll”'''
=====Semester roll=====
 
Use replace string with empty
'''“Use replace string with empty”'''


This will replace a section of the site with an empty string.
This will replace a section of the site with an empty string.


                                            '''“Start index”'''
=====Start index=====
 
Determine where to start in string to remove.
Determine where to start in string to remove.


'''“Length”'''
=====Length=====
 
How many characters will be removed from the string.
How many characters will be removed from the string.


'''“Activity Filter”'''
=====Activity Filter=====
 
The SQL like filter (regular expression). If an activity matches, it will be subject to the settings below in semester roll
The SQL like filter (regular expression). If an activity matches, it will be subject to the settings below in semester roll


'''“Semester roll”'''
=====Semester roll=====
 
Use replace string with empty
'''“Use replace string with empty”'''


This will replace a section of the site with an empty string.
This will replace a section of the site with an empty string.


                                            '''“Start index”'''
=====Start index=====
 
Determine where to start in string to remove.
Determine where to start in string to remove.


'''“Length”'''
=====Length=====
 
How many characters will be removed from the string.
How many characters will be removed from the string.  


After you have created the Office 365 setting you put in on a template.
After you have created the Office 365 setting you put in on a template.
[[File:Office365templateeditor.png|none|thumb|720x720px]]


Setting: This will created the users with on this template in Office 365 with these settings
Setting: This will created the users with on this template in Office 365 with these settings


SharePoint settings: Sites created with setting. If this is not specified no activities/courses on this template will be created.
===SharePoint settings===
Sites created with setting. If this is not specified no activities/courses on this template will be created.
[[File:Office365template.png|none|thumb|422x422px]]


Site URL: Which site collection is used when creating sites
====Site URL====
Which site collection is used when creating sites


Language: The default language of the created site
Language: The default language of the created site


'''Course Template'''
Course Template


Standard SharePoint: Use a standard template from SharePoint
Standard SharePoint: Use a standard template from SharePoint
Line 453: Line 459:
UMS SharePoint Portal: Create sites based on the UMS SharePoint Portal product
UMS SharePoint Portal: Create sites based on the UMS SharePoint Portal product


'''OneNote Class Notebook setting'''
====OneNote Class Notebook setting====
 
Choose a Class Notebook setting. This will create a Class Notebook created in the SharePoint site.
Choose a Class Notebook setting. This will create a Class Notebook created in the SharePoint site.  


'''SQL Groups'''
====SQL Groups====


Members of these groups will be attached to all sites created with this setting as teachers
Members of these groups will be attached to all sites created with this setting as teachers[[File:Office365sqlgroups.png|none|thumb|447x447px]]
 
'''“Group name”'''


====Group name====
This can only be a group that is found in UMS  
This can only be a group that is found in UMS  


You get a list of these groups by running this SQL command:
You get a list of these groups by running this SQL command:


Select Distinct Aktivitet As Activity From Students Order By Activity  
Select Distinct Aktivitet As Activity From Students Order By Activity


'''OneNote Class Notebook setting'''
OneNote Class Notebook setting


Define settings for OneNote Class Notebooks.
Define settings for OneNote Class Notebooks.
[[File:OneNotesections SharePoint.png|none|thumb|476x476px]]


'''Sections'''
====Sections====
Define the section the Class Notebook will be created with. Students that are attached to this Class Notebook will have these sections. 
[[File:Office365onenoteclassnotebooksettingedit.png|none|thumb|447x447px]]Use Name instead of title for Notebooks (Last part of URL)


Define the section the Class Notebook will be created with. Students that are attached to this Class Notebook will have these sections.  
This will make the title of the NoteBook be the same as the last part of the URL of the SharePoint site that the NoteBook is created in. It never changes unless this is unchecked.


'''OneNote Class Notebook setting'''  
Never update Notebook title after creation


''Notebook settings''
The NoteBook will never update the title after it has been created, even though the SharePoint site changes title. it will be created with the title that SharePoint site has at createin time.


'''“Automation type”'''
===OneNote Class Notebook setting===
[[File:Office365onenoteclassnotebooksettings.png|none|thumb|720x720px]]
[[File:Office365onenoteclassnotebooksettings2.png|none|thumb|720x720px]]


====''Notebook settings''====
====Automation type====
Full: Means that Notebooks maintenance will be fully automated.
Full: Means that Notebooks maintenance will be fully automated.


  '''“Remove learner method”'''
====Remove learner method====
 
Deleted in AD
“Deleted in AD”


Users will be removed from Notebooks when they are not active in UMS anymore
Users will be removed from Notebooks when they are not active in UMS anymore


“Finished on activity/course”
Finished on activity/course


Users will be removed when they have finished with the course.  
Users will be removed when they have finished with the course.  


'''“Delete Notebooks”'''
====Delete Notebooks====
 
Auto delete
“Auto delete”


Notebooks will be delete when the last student has left the Notebook
Notebooks will be delete when the last student has left the Notebook


“Manual Delete”
Manual Delete


Notebooks will not be deleted by UMS. This has to be done by an administrator
Notebooks will not be deleted by UMS. This has to be done by an administrator


'''“Send mail to teacher(s)”'''
====Send mail to teacher(s)====
 
Send mail notification to teachers when they are attached to a Notebook.
Send mail notification to teachers when they are attached to a Notebook.


'''“Create x days before”'''
====Create x days before====
 
Choose how many days before start that the Notebooks are to be created.
Choose how many days before start that the Notebooks are to be created.


'''“Delete x days after end”'''
====Delete x days after end====
 
Choose how many days after end that the Notebooks are to be deleted.
Choose how many days after end that the Notebooks are to be deleted.


  '''“SQL Groups”'''
====SQL Groups====


Members of these groups will be attached to all Notebooks created with this setting as teachers
Members of these groups will be attached to all Notebooks created with this setting as teachers[[File:Office365sqlgroups.png|none|thumb|447x447px]]
 
'''“Group name”'''


====Group name====
This can only be a group that is found in UMS  
This can only be a group that is found in UMS  


Line 529: Line 535:
Select Distinct Aktivitet As Activity From Students Order By Activity
Select Distinct Aktivitet As Activity From Students Order By Activity


'''“Activity Notebooks”'''
====Activity Notebooks====
 
'''“Do not create”'''


====Do not create====
It will not create any Notebooks based on activities.
It will not create any Notebooks based on activities.


'''“LMS has to be checked”'''
====LMS has to be checked====
 
The field Aktivitet_LMS in the students table has to be True. (Look in the documentation for the specific administrative system to see how this is set)
The field Aktivitet_LMS in the students table has to be “True”. (Look in the documentation for the specific administrative system to see how this is set)
 
'''“Based on template filter”'''


====Based on template filter====
Create Notebooks based on a filter that is specified per template.
Create Notebooks based on a filter that is specified per template.
[[File:Office365filters.png|none|thumb|507x507px]]


'''“All”'''
====All====
 
Create all Notebooks.
Create all Notebooks.


'''Title'''
====Title====
 
Title of the Notebook. Changing this after a Notebook has been created will cause it to be updated.
Title of the Notebook. Changing this after a Notebook has been created will cause it to be updated.  
 
'''Search filter and criteria'''


====Search filter and criteria====
This will enable you to concatenate Notebooks that would have been created as to or more Notebooks to be created as one Notebook.
This will enable you to concatenate Notebooks that would have been created as to or more Notebooks to be created as one Notebook.
[[File:Office365filterexample.png|none|thumb|401x401px]]


'''“Remarks”'''
====Remarks====
 
This is just for description purposes.  
This is just for description purposes.  


'''“Filter”'''
====Filter====
 
The SQL like filter (regular expression). If an activity matches, it will be subject to the settings below in semester roll
The SQL like filter (regular expression). If an activity matches, it will be subject to the settings below in semester roll


'''“Semester roll”'''
====Semester roll====
 
Use replace string with empty
'''“Use replace string with empty”'''


This will replace a section of the Notebook with an empty string.
This will replace a section of the Notebook with an empty string.


                                            '''“Start index”'''
====Start index====
 
Determine where to start in string to remove.
Determine where to start in string to remove.


                                            '''“Length”'''
====Length====
 
How many characters will be removed from the string.
How many characters will be removed from the string.


“'''Add activity short description to node ID'''“
====Add activity short description to node ID====
 
This will add the field Kort_Betegnelse (Short Description) from the students table to the node id.
This will add the field Kort_Betegnelse (Short Description) from the students table to the node id.


Node id is the URL.
Node id is the URL.


'''Examples'''
===Examples===
 
If you have three activities named English1, English2, English3 and you only want one Notebook.
If you have three activities named English1, English2, English3 and you only want one Notebook.


Set the settings as shown below
Set the settings as shown below
[[File:Office365filterexample.png|none|thumb|401x401px]]
This filter ensures that it is only applied to activities that matches this SQL sentence.


This filter ensures that it is only applied to activities that matches this SQL sentence. 
====Course Notebooks====
Course URL’s will always be created as activity course.


'''“Course Notebooks”'''
====Do not create====
It will not create any Notebooks based on courses.


Course URL’s will always be created as “activity course”.
====LMS has to be checked====
The field Skolefag_LMS in the students table has to be True. (Look in the documentation for the specific administrative system to see how this is set)


'''“Do not create”'''
====Based on template filter====
Create Notebook based on a filter that is specified per template.
[[File:Office365filters.png|none|thumb|507x507px]]


It will not create any Notebooks based on courses.
====All====
Create all Notebooks.
 
====Title====
Title of the Notebook. Changing this after a Notebook has been created will cause it to be updated. 
 
====Search filter and criteria====
This will enable you to concatenate Notebooks that would have been created as two or more Notebooks to be created as one Notebook.
[[File:Office365filter.png|none|thumb|416x416px]]
 
====Remarks====
This is just for description purposes.
 
====Course Filter====
The SQL like filter (regular expression). If an activity matches, it will be subject to the settings below in semester roll.
 
====Semester roll====
Use replace string with empty


'''“LMS has to be checked”'''
This will replace a section of the Notebook with an empty string.


The field Skolefag_LMS in the students table has to be “True”. (Look in the documentation for the specific administrative system to see how this is set)
====Start index====
Determine where to start in string to remove.


'''“Based on template filter”'''
====Length====
How many characters will be removed from the string.


Create Notebook based on a filter that is specified per template.
====Activity Filter====
The SQL like filter (regular expression). If an activity matches, it will be subject to the settings below in semester roll


'''“All”'''
====Semester roll====
Use replace string with empty


Create all Notebooks.
This will replace a section of the Notebook with an empty string.


'''Title'''
====Start index====
Determine where to start in string to remove.


Title of the Notebook. Changing this after a Notebook has been created will cause it to be updated.  
====Length====
How many characters will be removed from the string.


'''Search filter and criteria'''
After you have created the Office 365 setting you put in on a template.
[[File:Office365template2.png|none|thumb|720x720px]]


This will enable you to concatenate Notebooks that would have been created as two or more Notebooks to be created as one Notebook.
Setting: This will created the users with on this template in Office 365 with these settings


'''“Remarks”'''
===OneNote Class Notebook settings===
Notebooks created with setting. If this is not specified no activities/courses on this template will be created.
[[File:Office365settings.png|none|thumb|422x422px]]


This is just for description purposes.
====Site collection URL====
Which Notebook collection is used when creating Notebooks


'''“Course Filter”'''
====Language====
The default language of the created Notebook


The SQL like filter (regular expression). If an activity matches, it will be subject to the settings below in semester roll.
====Sections====
Define the section the Class Notebook will be created with. Students that are attached to this Class Notebook will have these sections. 
[[File:Office365onenoteclassnotebooksettingedit.png|none|thumb|447x447px]]


'''“Semester roll”'''
====SQL Groups====


'''“Use replace string with empty”'''
Members of these groups will be attached to all Notebooks created with this setting as teachers[[File:Office365sqlgroups.png|none|thumb|447x447px]]


This will replace a section of the Notebook with an empty string.
====Group name====
This can only be a group that is found in UMS


                                            '''“Start index”'''
You get a list of these groups by running this SQL command:


Determine where to start in string to remove.
Select Distinct Aktivitet As Activity From Students Order By Activity


'''“Length”'''
===Organization Settings===
[[File:Office365organization.png|none|thumb|656x656px]]


How many characters will be removed from the string.
====''Site settings''====


'''“Activity Filter”'''
====Description====
Add a description to be able to identify the account.


The SQL like filter (regular expression). If an activity matches, it will be subject to the settings below in semester roll
====SharePoint administration URL====
URL of the SharePoint administration site for the tenant.


'''“Semester roll”'''
====''Credentials settings''====


'''“Use replace string with empty”'''
====Username====
Username used to connect to SharePoint.


This will replace a section of the Notebook with an empty string.
====Password====
Password used to connect to SharePoint.


                                            '''“Start index”'''
==Parameters==
> LiveAtEdu.exe [<optional> Action]
Eg.
> LiveAtEdu.exe


Determine where to start in string to remove.
> LiveAtEdu.exe UsersOnly
{| class="wikitable"
|+Users
!Parameter
!Description
|-
|UsersOnly
|Runs all the parameters in this table
|-
|UpdateUsers
|Update users
|-
|DisableUsers
|Disable users
|-
|EnableUsers
|Enable users
|-
|DeleteUsers
|Delete users
|-
|CreateUsers
|Create users
|-
|UpdateImmutableID
|Update Immutable ID on users
|-
|UpdateOffice365SettingsIDForUsers
|Update Office 365 settings for users if they have changed template
|-
|UpdateUsersObjectID
|Get the object ID from office 365 and save it in UMS DB
|}
{| class="wikitable"
|+User settings
!Parameter
!Description
|-
|RunUserSettings
|Runs all the parameters in this table
|-
|DisableStrongPassword
|Disable strong password for users
|-
|SetMailAddress
|Set mail address on users
|-
|Forward2OnPremiseMail
|Set forward to OnPremise mail on users
|-
|SetCalendarRights
|Set calendar rights on users
|-
|UpdateMailboxTimeZone
|Update timezone for mailbox users
|-
|UpdateMailboxLanguage
|Update language for mailbox users
|-
|EnablePasswordNeverExpires
|Enable password never expires for users
|-
|UpdatePictures
|Update pictures
|-
|Forward2PrivateMail
|Set forward to privatemail on users
|-
|UpdateReplyToAll
|Set Reply to all on users
|-
|ProvisionOneDrive
|Provision OneDrive to users
|-
|UpdateAddressBookPolicy
|Set address book policy on users
|}
{| class="wikitable"
|+Groups
!Parameter
!Description
|-
|GroupsOnly
|Runs all the parameters in this table
|-
|RemoveGroupMembers
|Remove group members from groups
|-
|AddGroupMembers
|Add members to groups
|-
|DeleteGroups
|Delete groups
|-
|CreateGroups
|Create groups
|-
|UpdateGroupsObjectID
|Get the object ID from office 365 and save it in UMS DB
|-
|GetUPNsForGroups
|Get the UPN of template groups from Office 365
|}
{| class="wikitable"
|+Template groups
!Parameter
!Description
|-
|TemplateGroupsOnly
|Runs all the parameters in this table
|-
|RemoveUsersFromTemplateGroups
|Remove users from template security groups
|-
|AddUsers2TemplateGroups
|Add users to template security groups
|-
|DeleteTemplateGroups
|Delete groups that are no longer template security groups
|-
|UpdateTemplateGroupsObjectID
|Get the object ID from office 365 and save it in UMS DB
|-
|GetUPNsForTemplateGroups
|Get the UPN of template security groups from Office 365
|}
{| class="wikitable"
|+Template extra groups
!Parameter
!Description
|-
|TemplateExtraGroupsOnly
|Runs all the parameters in this table
|-
|CreateTemplateExtraGroups
|Create groups from template extra group
|-
|DeleteTemplateExtraGroups
|Delete groups that are no longer in extra groups
|-
|AddTemplateExtraGroupMembers
|Add users to template extra groups
|-
|UpdateTemplateExtraGroupsObjectID
|Get the object ID from office 365 and save it in UMS DB
|}
{| class="wikitable"
|+Keep alive groups
!Parameter
!Description
|-
|KeepAliveGroupsOnly
|Runs all the parameters in this table
|-
|CreateKeepAliveGroups
|Create keep alive groups
|-
|DeleteKeepAliveGroups
|Delete keep alive groups if they are no longer in UMS
|-
|UpdateSetMailAddressOnKeepAliveGroups
|Update the mail address on keep alive groups
|-
|AddKeepAliveGroupMembers
|Add users to keep alive groups
|-
|RemoveKeepAliveGroupMembers
|Remove users from keep alive groups
|}
{| class="wikitable"
|+Disabled groups
!Parameter
!Description
|-
|DisabledGroupsOnly
|Runs all the parameters in this table
|-
|CreateDisabledGroups
|Create disabled groups
|-
|DeleteDisabledGroups
|Delete disabled groups if they are no longer in UMS
|-
|UpdateSetMailAddressOnDisabledGroups
|Update the mail address on disabled groups
|-
|AddDisabledGroupMembers
|Add users to disabled groups
|-
|RemoveDisabledGroupMembers
|Remove users from disabled groups
|}
{| class="wikitable"
|+Teams
!Parameter
!Description
|-
|TeamsOnly
|Runs all the parameters in this table
|-
|AddTeams2DB
|Add Teams to UMS DB
|-
|CreateTeams
|Create Teams
|-
|AddTeamToGroup
|Add teams to groups
|-
|ActivateTeams
|Activate teams
|-
|UpdateTeams
|Update Teams
|-
|DeleteTeams
|Delete Teams
|-
|AddTeachers2TeamsDBTable
|Add teachers to Office365Teams_Teachers table in UMS DB
|-
|AddTeachers2Teams
|Add teachers to Teams
|-
|AddLearners2TeamsDBTable
|Add learners to Office365Teams_Learners table in UMS DB
|-
|AddLearners2Teams
|Add learners to Teams
|-
|TeamsDeleteTeachers
|Delete teachers in Teams
|-
|TeamsDeleteLearners
|Delete learners in Teams
|-
|TeamsUpdateNeedToBeUpdated
|Set update on next run flag
|-
|UpdateLearnersExternalID
|Retrieve the learners object id from Office 365 and save it in UMS DB
|-
|UpdateTeachersExternalID
|Retrieve the teachers object id from Office 365 and save it in UMS DB
|-
|UpdateSchoolsExternalID
|Retrieve the schools object id from Office 365 and save it in UMS DB
|-
|UpdateTeamsExternalID
|Retrieve the teams object id from Office 365 and save it in UMS DB
|}
{| class="wikitable"
|+SharePoint
!Parameter
!Description
|-
|SharepointOnly
|Runs all the parameters in this table
|-
|CreateSites
|Create sites
|-
|AddSites2DB
|Add sites in UMS DB
|-
|DeleteSites
|Delete sites
|-
|UpdateSites
|Update sites
|-
|AddLearners2SitesInDB
|Add learners to UMS DB
|-
|DeleteTeachers
|Delete teachers
|-
|AddTeachers2Sites
|Add teachers to sites
|-
|DeleteSiteGroups
|Delete site groups
|-
|AddTeachers2SitesInDB
|Add teachers to UMS DB
|-
|DeleteLearners
|Delete learners
|-
|AddLearners2Sites
|Add learners to sites
|-
|UpdateSiteURL
|Update sites with new URL
|-
|AddNoteBooks2Sites
|Add OneNote Class NoteBooks to sites
|-
|SharePointDeleteNoteBooks
|Delete OneNote Class NoteBooks from sites
|-
|UpdateNeedToBeUpdated
|Set the update on next run flag
|-
|UpdateSitesIsActive
|Update site active/inactive status
|-
|SharePoint_OneNoteClassNotebook_AddMissingTeachers
|Add missing Teachers to OneNote Class NoteBooks
|-
|SharePoint_OneNoteClassNotebook_AddMissingLearners
|Add missing Learners to OneNote Class NoteBooks
|-
|ReAddLearners2Sites
|Re-add learners to sites if ReAdd is true in DB
|-
|ReAddTeachers2Sites
|Re-add teachers to sites if ReAdd is true in DB
|}
{| class="wikitable"
|+OneNoteClassNoteBook
!Parameter
!Description
|-
|OneNoteClassNotebookOnly
|Runs all the parameters in this table
|-
|AddNotebooks2DB
|Add OneNote Class NoteBooks to UMS DB
|-
|CreateNotebooks
|Create OneNote Class NoteBooks
|-
|UpdateOneNotes
|Update OneNote Class NoteBooks
|-
|DeleteOneNotes
|Delete OneNote Class NoteBooks
|-
|AddTeachers2OneNotesInDB
|Add teachers to OneNote Class NoteBooks in UMS DB
|-
|AddTeachers2OneNotes
|Add teachers to OneNote Class NoteBooks
|-
|AddLearners2OneNotesInDB
|Add learners to OneNote Class NoteBooks in UMS DB
|-
|AddLearners2OneNotes
|Add learners to OneNote Class NoteBooks
|-
|OneNoteDeleteTeachers
|Delete teachers in OneNote Class NoteBooks
|-
|OneNoteDeleteLearners
|Delete learners in OneNote Class NoteBooks
|-
|OneNoteUpdateNeedToBeUpdated
|Set update on next run flag
|}


'''“Length”'''
==Technical settings==


How many characters will be removed from the string.  
==Maintenance==


After you have created the Office 365 setting you put in on a template.
===portal.office.com===


Setting: This will created the users with on this template in Office 365 with these settings
====''Teams''====


OneNote Class Notebook settings: Notebooks created with setting. If this is not specified no activities/courses on this template will be created.
Go to [http://portal.office.com Office Portal] and login with your admin account( the same UMS uses).


Site collection URL: Which Notebook collection is used when creating Notebooks
Select settings Services and add-ins and click Teams.
[[File:Office_365_Teams_activation.PNG|1350x1350px|thumb|Activate Teams for a license type, ie. Guest or Education-Student|none]]


Language: The default language of the created Notebook
==FAQ==


'''Sections'''
===Office 365 Licens (Unable to assign this license) How to troubleshoot this error===


Define the section the Class Notebook will be created with. Students that are attached to this Class Notebook will have these sections.  
====Error message from UMS Job log (LiveAtEdu)====


'''SQL Groups'''
=====''Error = Unable to assign this license''=====
''Set-MsolUserLicense -UserPrincipalName 'khhi3275@ums.dk' -AddLicenses "inLogic:STANDARDWOFFPACK_IW_STUDENT" -LicenseOptions $MyO365Sku''


Members of these groups will be attached to all Notebooks created with this setting as teachers
''Error = Unable to assign this license.''


'''“Group name”'''
''29-01-2019 13:23:00 -    at Utilities.Office365.SetLicenseForUser(String UPN, List`1 Licenses, SqlConnection& LocalSQLDBConnection)''


This can only be a group that is found in UMS
''                     at LiveAtEdu_Sync.LiveAtEdu_Sync.PerformFunctionUserSettings(String SQLStr, UserFunctions Office365Function, MethodInfo StackFrame)''


You get a list of these groups by running this SQL command:
''29-01-2019 13:23:00 - khhi3275- UPN = khhi3275@ums.dk''


Select Distinct Aktivitet As Activity From Students Order By Activity
''29-01-2019 13:23:01 - (UpdateLicenseInfoOnUsers) Error. Could not set license for user - khhi3275@ums.dk       ''


'''Organization Settings'''
*Try adding the same licenses manually to a single user in office365. You could see if that is possible[[File:Licens.jpg|none|thumb|814x814px]]


''Site settings''
*The error shows that it is not possible to put the same licenses together[[File:Licens Error.png|none|thumb|812x812px]]<br />
*Change your licenses in UMS and run the LiveAtEdu job again


'''“Description”'''
===Groups===
How to get groups visible in OneDrive and Classroom


Add a description to be able to identify the account.
Remove the checkbox from Only senders inside my organization


'''“SharePoint administration URL”'''
Why do I not get the site created?


URL of the SharePoint administration site for the tenant.
#Activity
##Is there a user on the activity with a primary template that has an office 365 setting attached
##Is the flag Aktivitet_LMS = True
#Course
##Is there a user on the course with a primary template that has an office 365 setting attached
##Is the flag Skolefag_LMS = True


''Credentials settings''
===Disable or enabling user===
Error = Message: Insufficient privileges to complete the operation.


'''“Username”'''
This could be the result of the user trying to be disabled/enabled has roles that does not allow the action like Global Administrator.


Username used to connect to SharePoint.
===The term 'Set-UnifiedGroup' is not recognized as a name of a cmdlet, function, script file, or executable program.===
https://docs.microsoft.com/en-us/powershell/exchange/find-exchange-cmdlet-permissions?view=exchange-ps


'''“Password”'''
Run this command to check which roletypes are needed
Get-ManagementRole -Cmdlet Set-UnifiedGroup


Password used to connect to SharePoint.
===A parameter cannot be found that matches parameter name 'type'.===
https://docs.microsoft.com/en-us/powershell/exchange/find-exchange-cmdlet-permissions?view=exchange-ps
[[File:Office365 ExchangeAdminRoleNeeded.jpg|none|thumb|1275x1275px]]


== Technical settings ==


== FAQ ==
Run this command to check which roletypes are needed
Get-ManagementRole -Cmdlet Get-DistributionGroup

Latest revision as of 09:53, 14 November 2024

Our Office 365 SharePoint Portal is a dedicated solution for school, which want an easy-to-use learning portal. Students and teachers are often presented with advanced and complex solutions that does everything they need and then some and as a result, they are difficult to use. We have decided to do things differently and therefore the Office 365 SharePoint Portal gives you the features you need to get the most out of SharePoint. Nothing more, nothing less. The portal is simple and easy to use. This way you avoid confusion and having to navigate yet another complex system. In terms of design, you have two options: the portal can use our standard skin, as pictured above, or our second skin, which we made for primary schools.

Prerequisites

Module requirements

UMS

Install/Update Powershell 7

  • Run in Powershell
iex "& { $(irm https://aka.ms/install-powershell.ps1) } -UseMSI"

Install needed powershell modules

Run these commands in Powershell 7 administrator mode:

#Enable TLS 1.2 for Powershell commands
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12  

$NugetPackageProvider = Get-PackageProvider -ListAvailable -Name NuGet -ErrorAction SilentlyContinue
if (!$NugetPackageProvider) {Install-PackageProvider -Name NuGet -RequiredVersion 2.8.5.201 -Scope AllUsers -Force}

$ExchangeOnlineManagement = Get-Module -ListAvailable -Name ExchangeOnlineManagement -ErrorAction SilentlyContinue
if (!$ExchangeOnlineManagement) {Install-Module -Name ExchangeOnlineManagement -Scope AllUsers -Force}

Connect to office 365

$password = ConvertTo-SecureString -String 'password' -AsPlainText -Force
$Creds = New-object -typename System.Management.Automation.PSCredential -argumentlist 'username', $Password
Connect-ExchangeOnline -Credential $Creds

Use this command only if no repository is available

Register-PSRepository -Default -Verbose


If by accident or due to prior install in Powershell 5, you may receive this error :

Connecting to remote server outlook.office365.com failed with the following error message :  For more information, see the about_Remote_Troubleshooting Help topic.

Resolve by deleting this folder and rerun above commands in PS7 only.

After reinstall use below command in scheduled task to run in correct PS-version.

Run Scheduled Task like this

"C:\Program Files\PowerShell\7\pwsh.exe" -c "& 'C:\Program Files\UserManagement\LiveAtEdu_Sync.exe'"

Office 365 permissions

These are only needed if specific options are selected as described below.

Exchange permissions

  • Recipient Management
    • Users
      • Mailbox language
      • Mailbox time zone
      • Calendar Rights
      • Address book policy
      • Forward mail *
    • Groups
      • All group operations

Graph permissions

Updating specific attributes on Global admins is not allowed. https://docs.microsoft.com/en-us/graph/api/user-update?view=graph-rest-1.0&tabs=http

A solution to this problem is to make the App registration member of the Global Admin role.

Installation

Office 365

Enter Admin credentials for a service account with administrator privileges to access Office 365.

Credentials

Tenant setting

Choose a tenant setting used for connection to Office 365-

Domain

Enter the domain that you want the users and groups to have when they are created. E.g. <Username>@<Domain>

Users

Login

Choose what the users shall use to log in to Office365.

Mail Address

Choose what to use as the users mail address.

Enable password never expires

When marked the password will never expire for the users.

Disable strong password

Use this to bypass the default password complexity.

Change password at next logon

This will force users to change password the first time they login. This is only set on users that are created.

Users are created through third party program

This normally means ADFS is used to synchronize users

Forward mail to on premise mail server

This will forward the users Office 365 mail to the primary mail address from AD (If user does not have a proxy address it will read it from the mail attribute)

Use Active Directory for info

This tells UMS to take Department, Title and Organization from AD instead of AD Attributes in UMS.

Provision OneDrive

This will provision the users OneDrive after he has been created so the user will not have to wait for this when he accesses the OneDrive the first time.

You will need to setup permissions for this to work.

MSGraphPermissions#Setup SharePoint permissions

Usage location

This will tell UMS to set usage location when creating a user

Disable users

When marked the users will be disabled when they are no longer attending classes.

Keep active before disabling x days

Specify a grace period where users are active before disabling.

Delete users

Choose if users are to be deleted after grace period has ended.

Keep disabled before deleting x days

Specify a grace period where users are disabled.

Hide from address list

Hide the newly created item from address list.

Mailbox language

Specify which language is to be default for the users.

Mailbox time zone

Specify which time zone is to be default for the users.

This also sets the working hours time zone.

Calendar Rights

Set the calendar rights on a user when he is created

Calendar object UPN

Specify the UPN to put on the users calendar with the rights specified below

If using a group then it must be of type "Mail enabled security".

Group UPN for keep alive users

Specify a group where users that is kept alive is a member of.

This must be a Microsoft 365 group.

UMS will create the group if it doesn't exist.

Group UPN for disabled users

Specify a group where users that is disabled is a member of.

This must be a Microsoft 365 group.

UMS will create the group if it doesn't exist.

Template groups

Maintain security group

This will create the security group entered in the field template security group in the destination node in the template settings.

Maintain extra groups

This will create all the groups from the extra groups template tab. All users will have direct group member ship.

Distribution lists

Maintain lists

Mark this to create distribution groups in Office 365. The groups will be created, updated and deleted if this is specified.

Delete lists

Mark this to delete distributions groups when they are no longer active in the administrative system. Check the data export manuals too when this happens

Delete unused lists after x days

Specify in days how long the distribution groups are to be kept alive in Office 365 before deletion.

Only senders inside my organization

With this marked only users in the domain will be able to send to distribution groups created by UMS.

Disabling this will allow the groups to be visible in OneDrive and Classroom

Picture settings

This takes the picture privacy setting that the user has set into consideration. The picture will not be uploaded if the user has chosen not to allow his picture to be shared. The picture will not be removed again if it has been uploaded.

Student picture library

Define where the pictures are for the students that uses this template. If this is not set, no pictures will be uploaded to Office 365.

Employee picture library

Define where the pictures are for the employees that uses this template. If this is not set, no pictures will be uploaded to Office 365.

Timetable

Maintain

Mark this to create timetable blocks in Office 365. They will be created, updated and deleted.

Delete old

Mark this to delete old timetable blocks from calendars.

Room setting

Create rooms with timetable blocks.

Manage
Room displayname
Prefix

Text that can be added to the start of what is chosen in Generator.

Generator

Choose what is to define the room.

Adding <> in front of the entry will UMS not to create the room.

Suffix

Text that can be added to the end of what is chosen in Generator.

Resulting displayname

Summary of the chosen display name as it will be shown in Office 365.

Set rights to rooms

Sets the rights on rooms when created

This has to be a Distribution Group Otherwise it won't work

Owner

Users will be able to create, read, modify and delete all items and files, and create sub-folders. As the folder owner, they can change the permission levels others have for the folder. (Does not apply to delegates.).

Publishing Editor

Users can create, read, modify and delete all items and files, and create sub-folders. (Does not apply to delegates.).

Editor

Users can create, read, modify and delete all items and files..

Publishing Author

Users can create and read items and files, create sub-folders, and modify and delete items and files they create. (Does not apply to delegates.).

Author

Users can create and read items and files and modify and delete items and files you create.

Nonediting Author

Users have full read details. Can create items and delete own items. Folder visible.

Reviewer

Users can read items and files only.

Contributor

Users can create items and files only. The contents of the folder does not appear. (Does not apply to delegates.).

Note With author or editor permissions, a delegate has send-on-behalf-of permission. Sent messages contain both the managers and delegates names. Message recipients see the managers name in the Sent On Behalf Of box and the delegates name in the From box.

Define rooms to be created

Specify the rooms to be created based on a filter. If nothing is entered, every room will be created.

Room number and Room name

Can be found in the skemabrikker_rooms table in SQL.

Office 365 SharePoint site setting

This will create SharePoint sites

Site settings

Automation type

Full: Means that site maintenance will be fully automated.

Remove learner method

Deleted in AD

Users will be removed from site when they are not active in UMS anymore

Finished on activity/course

Users will be removed when they have finished with the course.

Delete sites

Auto delete

Sites will be delete when the last student has left the site

Manual Delete

Sites will not be deleted by UMS. This has to be done by an administrator

Send mail to teacher(s)

Send mail notification to teachers when they are attached to a site.

Create x days before

Choose how many days before start that the sites are to be created.

Delete x days after end

Choose how many days after end that the sites are to be deleted.

Teacher rights on sites

Rights the teacher will have on the site when attached.

Learner rights on sites

Rights the student/learner will have on the site when attached.

Check if group rights match

When UMS looks for UMS-groups on the site, it will do so based on two criteria’s.

The correct rights and the correct name. Unchecking this will disable the first criteria and only look for a group with the right name. (This is when users change the UMS-group rights on a site manually)

SQL Groups

Members of these groups will be attached to all sites created with this setting as teachers

Group name

This can only be a group that is found in UMS

You get a list of these groups by running this SQL command:

Select Distinct Aktivitet As Activity From Students Order By Activity

Activity Sites

Do not create

It will not create any sites based on activities.

LMS has to be checked

The field Aktivitet_LMS in the students table has to be True. (Look in the documentation for the specific administrative system to see how this is set)

Based on template filter

Create sites based on a filter that is specified per template.

All

Create all sites.

Title

Title of the site. Changing this after a site has been created will cause it to be updated.

Description

Description of the site. Changing this after a site has been created will cause it to be updated.

Search filter and criteria

This will enable you to concatenate sites that would have been created as to or more sites to be created as one site.

Remarks

This is just for description purposes.

Filter

The SQL like filter (regular expression). If an activity matches, it will be subject to the settings below in semester roll

Semester roll

Use replace string with empty

This will replace a section of the site with an empty string.

Start index

Determine where to start in string to remove.

Length

How many characters will be removed from the string.

Add activity short description to node ID

This will add the field Kort_Betegnelse (Short Description) from the students table to the node id.

Node id is the URL.

Examples

If you have three activities named English1, English2, English3 and you only want one SharePoint site.

Set the settings as shown below

This filter ensures that it is only applied to activities that matches this SQL sentence.

Course Sites

Course URL’s will always be created as activity_course.

Do not create

It will not create any sites based on courses.

LMS has to be checked

The field Skolefag_LMS in the students table has to be True. (Look in the documentation for the specific administrative system to see how this is set)

Based on template filter

Create sites based on a filter that is specified per template.

All

Create all sites.

Title

Title of the site. Changing this after a site has been created will cause it to be updated.

Description

Description of the site. Changing this after a site has been created will cause it to be updated.

Search filter and criteria

This will enable you to concatenate sites that would have been created as two or more sites to be created as one site.

Remarks

This is just for description purposes.

Course Filter

The SQL like filter (regular expression). If an activity matches, it will be subject to the settings below in semester roll.

Semester roll

Use replace string with empty

This will replace a section of the site with an empty string.

Start index

Determine where to start in string to remove.

Length

How many characters will be removed from the string.

Activity Filter

The SQL like filter (regular expression). If an activity matches, it will be subject to the settings below in semester roll

Semester roll

Use replace string with empty

This will replace a section of the site with an empty string.

Start index

Determine where to start in string to remove.

Length

How many characters will be removed from the string.

After you have created the Office 365 setting you put in on a template.

Setting: This will created the users with on this template in Office 365 with these settings

SharePoint settings

Sites created with setting. If this is not specified no activities/courses on this template will be created.

Site URL

Which site collection is used when creating sites

Language: The default language of the created site

Course Template

Standard SharePoint: Use a standard template from SharePoint

Course template: Enter a name of a template that resides in the site collection. If nothing is entered it will default to the Team site template

UMS SharePoint Portal: Create sites based on the UMS SharePoint Portal product

OneNote Class Notebook setting

Choose a Class Notebook setting. This will create a Class Notebook created in the SharePoint site.

SQL Groups

Members of these groups will be attached to all sites created with this setting as teachers

Group name

This can only be a group that is found in UMS

You get a list of these groups by running this SQL command:

Select Distinct Aktivitet As Activity From Students Order By Activity

OneNote Class Notebook setting

Define settings for OneNote Class Notebooks.

Sections

Define the section the Class Notebook will be created with. Students that are attached to this Class Notebook will have these sections.

Use Name instead of title for Notebooks (Last part of URL)

This will make the title of the NoteBook be the same as the last part of the URL of the SharePoint site that the NoteBook is created in. It never changes unless this is unchecked.

Never update Notebook title after creation

The NoteBook will never update the title after it has been created, even though the SharePoint site changes title. it will be created with the title that SharePoint site has at createin time.

OneNote Class Notebook setting

Notebook settings

Automation type

Full: Means that Notebooks maintenance will be fully automated.

Remove learner method

Deleted in AD

Users will be removed from Notebooks when they are not active in UMS anymore

Finished on activity/course

Users will be removed when they have finished with the course.

Delete Notebooks

Auto delete

Notebooks will be delete when the last student has left the Notebook

Manual Delete

Notebooks will not be deleted by UMS. This has to be done by an administrator

Send mail to teacher(s)

Send mail notification to teachers when they are attached to a Notebook.

Create x days before

Choose how many days before start that the Notebooks are to be created.

Delete x days after end

Choose how many days after end that the Notebooks are to be deleted.

SQL Groups

Members of these groups will be attached to all Notebooks created with this setting as teachers

Group name

This can only be a group that is found in UMS

You get a list of these groups by running this SQL command:

Select Distinct Aktivitet As Activity From Students Order By Activity

Activity Notebooks

Do not create

It will not create any Notebooks based on activities.

LMS has to be checked

The field Aktivitet_LMS in the students table has to be True. (Look in the documentation for the specific administrative system to see how this is set)

Based on template filter

Create Notebooks based on a filter that is specified per template.

All

Create all Notebooks.

Title

Title of the Notebook. Changing this after a Notebook has been created will cause it to be updated.

Search filter and criteria

This will enable you to concatenate Notebooks that would have been created as to or more Notebooks to be created as one Notebook.

Remarks

This is just for description purposes.

Filter

The SQL like filter (regular expression). If an activity matches, it will be subject to the settings below in semester roll

Semester roll

Use replace string with empty

This will replace a section of the Notebook with an empty string.

Start index

Determine where to start in string to remove.

Length

How many characters will be removed from the string.

Add activity short description to node ID

This will add the field Kort_Betegnelse (Short Description) from the students table to the node id.

Node id is the URL.

Examples

If you have three activities named English1, English2, English3 and you only want one Notebook.

Set the settings as shown below

This filter ensures that it is only applied to activities that matches this SQL sentence.

Course Notebooks

Course URL’s will always be created as activity course.

Do not create

It will not create any Notebooks based on courses.

LMS has to be checked

The field Skolefag_LMS in the students table has to be True. (Look in the documentation for the specific administrative system to see how this is set)

Based on template filter

Create Notebook based on a filter that is specified per template.

All

Create all Notebooks.

Title

Title of the Notebook. Changing this after a Notebook has been created will cause it to be updated.

Search filter and criteria

This will enable you to concatenate Notebooks that would have been created as two or more Notebooks to be created as one Notebook.

Remarks

This is just for description purposes.

Course Filter

The SQL like filter (regular expression). If an activity matches, it will be subject to the settings below in semester roll.

Semester roll

Use replace string with empty

This will replace a section of the Notebook with an empty string.

Start index

Determine where to start in string to remove.

Length

How many characters will be removed from the string.

Activity Filter

The SQL like filter (regular expression). If an activity matches, it will be subject to the settings below in semester roll

Semester roll

Use replace string with empty

This will replace a section of the Notebook with an empty string.

Start index

Determine where to start in string to remove.

Length

How many characters will be removed from the string.

After you have created the Office 365 setting you put in on a template.

Setting: This will created the users with on this template in Office 365 with these settings

OneNote Class Notebook settings

Notebooks created with setting. If this is not specified no activities/courses on this template will be created.

Site collection URL

Which Notebook collection is used when creating Notebooks

Language

The default language of the created Notebook

Sections

Define the section the Class Notebook will be created with. Students that are attached to this Class Notebook will have these sections.

SQL Groups

Members of these groups will be attached to all Notebooks created with this setting as teachers

Group name

This can only be a group that is found in UMS

You get a list of these groups by running this SQL command:

Select Distinct Aktivitet As Activity From Students Order By Activity

Organization Settings

Site settings

Description

Add a description to be able to identify the account.

SharePoint administration URL

URL of the SharePoint administration site for the tenant.

Credentials settings

Username

Username used to connect to SharePoint.

Password

Password used to connect to SharePoint.

Parameters

> LiveAtEdu.exe [<optional> Action]

Eg.

> LiveAtEdu.exe
> LiveAtEdu.exe UsersOnly
Users
Parameter Description
UsersOnly Runs all the parameters in this table
UpdateUsers Update users
DisableUsers Disable users
EnableUsers Enable users
DeleteUsers Delete users
CreateUsers Create users
UpdateImmutableID Update Immutable ID on users
UpdateOffice365SettingsIDForUsers Update Office 365 settings for users if they have changed template
UpdateUsersObjectID Get the object ID from office 365 and save it in UMS DB
User settings
Parameter Description
RunUserSettings Runs all the parameters in this table
DisableStrongPassword Disable strong password for users
SetMailAddress Set mail address on users
Forward2OnPremiseMail Set forward to OnPremise mail on users
SetCalendarRights Set calendar rights on users
UpdateMailboxTimeZone Update timezone for mailbox users
UpdateMailboxLanguage Update language for mailbox users
EnablePasswordNeverExpires Enable password never expires for users
UpdatePictures Update pictures
Forward2PrivateMail Set forward to privatemail on users
UpdateReplyToAll Set Reply to all on users
ProvisionOneDrive Provision OneDrive to users
UpdateAddressBookPolicy Set address book policy on users
Groups
Parameter Description
GroupsOnly Runs all the parameters in this table
RemoveGroupMembers Remove group members from groups
AddGroupMembers Add members to groups
DeleteGroups Delete groups
CreateGroups Create groups
UpdateGroupsObjectID Get the object ID from office 365 and save it in UMS DB
GetUPNsForGroups Get the UPN of template groups from Office 365
Template groups
Parameter Description
TemplateGroupsOnly Runs all the parameters in this table
RemoveUsersFromTemplateGroups Remove users from template security groups
AddUsers2TemplateGroups Add users to template security groups
DeleteTemplateGroups Delete groups that are no longer template security groups
UpdateTemplateGroupsObjectID Get the object ID from office 365 and save it in UMS DB
GetUPNsForTemplateGroups Get the UPN of template security groups from Office 365
Template extra groups
Parameter Description
TemplateExtraGroupsOnly Runs all the parameters in this table
CreateTemplateExtraGroups Create groups from template extra group
DeleteTemplateExtraGroups Delete groups that are no longer in extra groups
AddTemplateExtraGroupMembers Add users to template extra groups
UpdateTemplateExtraGroupsObjectID Get the object ID from office 365 and save it in UMS DB
Keep alive groups
Parameter Description
KeepAliveGroupsOnly Runs all the parameters in this table
CreateKeepAliveGroups Create keep alive groups
DeleteKeepAliveGroups Delete keep alive groups if they are no longer in UMS
UpdateSetMailAddressOnKeepAliveGroups Update the mail address on keep alive groups
AddKeepAliveGroupMembers Add users to keep alive groups
RemoveKeepAliveGroupMembers Remove users from keep alive groups
Disabled groups
Parameter Description
DisabledGroupsOnly Runs all the parameters in this table
CreateDisabledGroups Create disabled groups
DeleteDisabledGroups Delete disabled groups if they are no longer in UMS
UpdateSetMailAddressOnDisabledGroups Update the mail address on disabled groups
AddDisabledGroupMembers Add users to disabled groups
RemoveDisabledGroupMembers Remove users from disabled groups
Teams
Parameter Description
TeamsOnly Runs all the parameters in this table
AddTeams2DB Add Teams to UMS DB
CreateTeams Create Teams
AddTeamToGroup Add teams to groups
ActivateTeams Activate teams
UpdateTeams Update Teams
DeleteTeams Delete Teams
AddTeachers2TeamsDBTable Add teachers to Office365Teams_Teachers table in UMS DB
AddTeachers2Teams Add teachers to Teams
AddLearners2TeamsDBTable Add learners to Office365Teams_Learners table in UMS DB
AddLearners2Teams Add learners to Teams
TeamsDeleteTeachers Delete teachers in Teams
TeamsDeleteLearners Delete learners in Teams
TeamsUpdateNeedToBeUpdated Set update on next run flag
UpdateLearnersExternalID Retrieve the learners object id from Office 365 and save it in UMS DB
UpdateTeachersExternalID Retrieve the teachers object id from Office 365 and save it in UMS DB
UpdateSchoolsExternalID Retrieve the schools object id from Office 365 and save it in UMS DB
UpdateTeamsExternalID Retrieve the teams object id from Office 365 and save it in UMS DB
SharePoint
Parameter Description
SharepointOnly Runs all the parameters in this table
CreateSites Create sites
AddSites2DB Add sites in UMS DB
DeleteSites Delete sites
UpdateSites Update sites
AddLearners2SitesInDB Add learners to UMS DB
DeleteTeachers Delete teachers
AddTeachers2Sites Add teachers to sites
DeleteSiteGroups Delete site groups
AddTeachers2SitesInDB Add teachers to UMS DB
DeleteLearners Delete learners
AddLearners2Sites Add learners to sites
UpdateSiteURL Update sites with new URL
AddNoteBooks2Sites Add OneNote Class NoteBooks to sites
SharePointDeleteNoteBooks Delete OneNote Class NoteBooks from sites
UpdateNeedToBeUpdated Set the update on next run flag
UpdateSitesIsActive Update site active/inactive status
SharePoint_OneNoteClassNotebook_AddMissingTeachers Add missing Teachers to OneNote Class NoteBooks
SharePoint_OneNoteClassNotebook_AddMissingLearners Add missing Learners to OneNote Class NoteBooks
ReAddLearners2Sites Re-add learners to sites if ReAdd is true in DB
ReAddTeachers2Sites Re-add teachers to sites if ReAdd is true in DB
OneNoteClassNoteBook
Parameter Description
OneNoteClassNotebookOnly Runs all the parameters in this table
AddNotebooks2DB Add OneNote Class NoteBooks to UMS DB
CreateNotebooks Create OneNote Class NoteBooks
UpdateOneNotes Update OneNote Class NoteBooks
DeleteOneNotes Delete OneNote Class NoteBooks
AddTeachers2OneNotesInDB Add teachers to OneNote Class NoteBooks in UMS DB
AddTeachers2OneNotes Add teachers to OneNote Class NoteBooks
AddLearners2OneNotesInDB Add learners to OneNote Class NoteBooks in UMS DB
AddLearners2OneNotes Add learners to OneNote Class NoteBooks
OneNoteDeleteTeachers Delete teachers in OneNote Class NoteBooks
OneNoteDeleteLearners Delete learners in OneNote Class NoteBooks
OneNoteUpdateNeedToBeUpdated Set update on next run flag

Technical settings

Maintenance

portal.office.com

Teams

Go to Office Portal and login with your admin account( the same UMS uses).

Select settings Services and add-ins and click Teams.

Activate Teams for a license type, ie. Guest or Education-Student

FAQ

Office 365 Licens (Unable to assign this license) How to troubleshoot this error

Error message from UMS Job log (LiveAtEdu)

Error = Unable to assign this license

Set-MsolUserLicense -UserPrincipalName 'khhi3275@ums.dk' -AddLicenses "inLogic:STANDARDWOFFPACK_IW_STUDENT" -LicenseOptions $MyO365Sku

Error = Unable to assign this license.

29-01-2019 13:23:00 -    at Utilities.Office365.SetLicenseForUser(String UPN, List`1 Licenses, SqlConnection& LocalSQLDBConnection)

  at LiveAtEdu_Sync.LiveAtEdu_Sync.PerformFunctionUserSettings(String SQLStr, UserFunctions Office365Function, MethodInfo StackFrame)

29-01-2019 13:23:00 - khhi3275- UPN = khhi3275@ums.dk

29-01-2019 13:23:01 - (UpdateLicenseInfoOnUsers) Error. Could not set license for user - khhi3275@ums.dk       

  • Try adding the same licenses manually to a single user in office365. You could see if that is possible
  • The error shows that it is not possible to put the same licenses together

  • Change your licenses in UMS and run the LiveAtEdu job again

Groups

How to get groups visible in OneDrive and Classroom

Remove the checkbox from Only senders inside my organization

Why do I not get the site created?

  1. Activity
    1. Is there a user on the activity with a primary template that has an office 365 setting attached
    2. Is the flag Aktivitet_LMS = True
  2. Course
    1. Is there a user on the course with a primary template that has an office 365 setting attached
    2. Is the flag Skolefag_LMS = True

Disable or enabling user

Error = Message: Insufficient privileges to complete the operation.

This could be the result of the user trying to be disabled/enabled has roles that does not allow the action like Global Administrator.

The term 'Set-UnifiedGroup' is not recognized as a name of a cmdlet, function, script file, or executable program.

https://docs.microsoft.com/en-us/powershell/exchange/find-exchange-cmdlet-permissions?view=exchange-ps

Run this command to check which roletypes are needed

Get-ManagementRole -Cmdlet Set-UnifiedGroup

A parameter cannot be found that matches parameter name 'type'.

https://docs.microsoft.com/en-us/powershell/exchange/find-exchange-cmdlet-permissions?view=exchange-ps


Run this command to check which roletypes are needed

Get-ManagementRole -Cmdlet Get-DistributionGroup