Microsoft Office 365 Connector

From Univention Wiki

Revision as of 08:30, 27 February 2018 by Damrose (talk | contribs)
Jump to: navigation, search

The Microsoft Office 365 Connector is available in the Univention App Center

Configuring Subscriptions

Configure service plans for example user

Office 365 Features are enabled by subscriptions and service plans. This page describes how to configure the default features for new users that are synced to the Azure AD.

Note: Service plans are only assigned when the user is initially synced to the Azure AD, as the license is applied at that point. Assigning a user to a group does not work retrospectively. In addition, changing the profile object to include or remove service plans does not update existing users!

After the Office 365 Connector wizard has been run successfully, users can be activated for Office 365 by activating the checkbox on the Office 365 Tab of a user object, or by selecting the Office365 Account Template when creating a new user.

By default, the Office subscription and all features are enabled for a user that is synced (UCR office365/subscriptions/service_plan_names). Administrators may want to restrict which features a user can use by default.

First, sync one Office 365 user, and in the Office 365 Administrator Interface, disable all unwanted features.


Then, on your UCS system where the connector is installed, execute the following, to show which plans the user has activated

/usr/share/univention-office365/scripts/print_users_and_groups
root@master:~# /usr/share/univention-office365/scripts/print_users_and_groups 
    User      | Enabled |             User Principal Name             | Licenses (*) |         Enabled plans (*)        
-------------------------------------------------------------------------------------------------------------------------
univention     | x       | univention@univention.de                | 2            | 2, 3, 4, 5, 8, 9, 10             
-------------------------------------------------------------------------------------------------------------------------
(*)  1: AAD_BASIC, 2: ENTERPRISEPACK
(**) 1: MicrosoftCommunicationsOnline, 2: MicrosoftOffice, 3: PowerAppsService, 4: ProcessSimple
    5: ProjectWorkManagement, 6: RMSOnline, 7: SharePoint, 8: Sway
    9: TeamspaceAPI, 10: YammerEnterprise, 11: exchange

Now, print the corresponding internal Office 365 plan names:

root@master:~# /usr/share/univention-office365/scripts/print_subscriptions
                             Subscriptions                            
                         =====================                        
 Subscription  | Applies to | Status  | Consumed | Remaining | Prepaid (*)
--------------------------------------------------------------------------
AAD_BASIC      | User       | Enabled |        0 |         5 |       5/0/0
ENTERPRISEPACK | User       | Enabled |        3 |         2 |       5/0/0
--------------------------------------------------------------------------
(*) enabled/suspended/warning
                   AAD_BASIC                   
               =================               
    Service plan      | Applies to |      Status       | in UCRV (*)
--------------------------------------------------------------------
AAD_BASIC             | User       | Success           |           
--------------------------------------------------------------------
(*) office365/subscriptions/service_plan_names
                 ENTERPRISEPACK                
             ======================            
    Service plan      | Applies to |      Status       | in UCRV (*)
--------------------------------------------------------------------
FLOW_O365_P2          | User       | Success           |           
POWERAPPS_O365_P2     | User       | Success           |           
TEAMS1                | User       | Success           |           
PROJECTWORKMANAGEMENT | User       | Success           |           
SWAY                  | User       | Success           |           
INTUNE_O365           | Company    | PendingActivation |           
YAMMER_ENTERPRISE     | User       | Success           |           
RMS_S_ENTERPRISE      | User       | Success           |           
OFFICESUBSCRIPTION    | User       | Success           | x         
MCOSTANDARD           | User       | Success           |           
SHAREPOINTWAC         | User       | Success           | x         
SHAREPOINTENTERPRISE  | User       | Success           |           
EXCHANGE_S_ENTERPRISE | User       | Success           |           
--------------------------------------------------------------------
(*) office365/subscriptions/service_plan_names
Profiles in UCS Ldap

Note which plans are to be activated. Now a subscription profile has to be configured. In the Univention Management Console, open the LDAP browser in the Domain section, and navigate to <BASE> -> office365 -> profiles. Select 'Add' and create a new object type 'Office 365 Profile'.

The profile name will be shown later when assigning it to a group. The subscription identifier is to be taken from the output of 'print_subscriptions'. Now, add all services that should be deselected to 'Service plan blacklist' and save the profile.

Adding a new profile

To assign the profile, open a user group in the corresponding UMC module, and select the profile on the 'Office 365' tab. Now, every user which gets activated for Office 365 and is a member of the group, will get the service plans as assigned in the profile.

Assign a profile to a group

Note: Service plans are only assigned when the user is initially synced to the Azure AD, as the license is applied at that point. Assigning a user to a group does not work retrospectively. In addition, changing the profile object to include or remove service plans does not update existing users!

Personal tools