Jumpto365 - 365admin Room Manager Implementation Guide

365Admin Room Manager
IMPLEMENTATION GUIDE
Version 0.1
Room Manager – IMPLEMENTATION GUIDE version 0.1
Contents
Introduction.............................................................................................................................. 4
Prerequisites ......................................................................................................................... 4
Components .......................................................................................................................... 6
Task 1: Verify access to your environment ................................................................................. 7
Task 2: Capture secrets during implementation .......................................................................... 9
Step 1: Configure Office Graph access ..........................................................................................10
Task 1: Create an Azure AD Application ....................................................................................10
Task 2: Assign secrets to the Azure AD Application .....................................................................12
Task 3: Configure Application permissions ................................................................................13
Step 2: Create a service account..................................................................................................17
Task 1: Create an Azure AD User..............................................................................................17
Step 3: Setup Microsoft Teams ...................................................................................................21
Task 1: Create a Microsoft Team..............................................................................................21
Task 2: Grant permission to your service account .......................................................................25
Step 4: Prepare for setup ...........................................................................................................28
Task 1: Get supporting files .....................................................................................................28
Task 2: Setup configuration file ...............................................................................................29
Task 3: Validate access ...........................................................................................................31
Step 5: Setup SharePoint Lists.....................................................................................................32
Task 1: Download necessary PowerShell modules ......................................................................32
Task 2: Login to SharePoint using PNP Management Shell ...........................................................33
Task 3: Create SharePoint lists and pages..................................................................................37
Step 6: Import existing data........................................................................................................38
Task 1: Import rooms .............................................................................................................38
Task 2: Import room distributions lists......................................................................................38
Task 2: Import room policies ...................................................................................................38
Step 7: Setup Azure subscription (optional) ..................................................................................39
Task 1: Sign in the Azure portal................................................................................................39
Step 8: Setup Azure Functions for hosting (optional) ......................................................................45
Task 1: Setup an App Service...................................................................................................45
©2020 jumpto365, Inc. All Rights reserved Page 2 of 72
CONFIDENTIAL - NOT FOR DISTRIBUTION

Task 2: Configure the App Service with secrets ..........................................................................45

Task 3: Create a PowerShell function........................................................................................49
Step 9: Import and configure PowerApp application ......................................................................54
Task 1: Import Room Manager canvas app ................................................................................54
Task 2: Configure connections .................................................................................................57
Task 3: Publish and share........................................................................................................65
Summary of Step 7 ................................................................................................................69
Step 10: Clean up......................................................................................................................70
Task 1: Remove consent to SharePointPnPPowerShellOnline .......................................................70

Implementation Guide – Room Manager

Introduction
This guide will take you through creating the necessary components for Room Manager in 8 steps.
- Step 1: Configure Office Graph access

- Step 2: Create a service account
- Step 3: Setup Microsoft Teams
- Step 4: Prepare for setup
- Step 5: Setup SharePoint Lists
- Step 6: Import existing data
- Step 7: Setup Azure subscription (optional)
- Step 8: Setup Azure Functions for hosting
- Step 9: Import and configure PowerApp application
- Step 10: Clean up
Prerequisites
- Office 365 administrative access

If you do not have administrative access to Office 365 in your organization, we suggest that you
join the Microsoft Developer Program (https://developer.microsoft.com/en-us/microsoft-
365/dev-program). , Microsoft 365 tenant. Could be that you would like that even though you
are an administrator.


Components
- Microsoft Teams Site (SharePoint lists)

This is where you store data about your sites, which countries they are located in and which
rooms are present. You also store information on which policies to apply to meeting rooms; who
may book the room, booking horizon etc.
- Azure functions
The work of touching the Microsoft 365 API, by either using PowerShell and Office Graph, is
delegated to a number of Azure functions. Each function is either running on request, or
according to a predefined schedule.
- 2 accounts
Access to the resources is given to a service account and to an application identity. Note that
both accounts are getting high privileges to do their job. You’ll need 2 accounts for controlling
access to your tenant – A traditional account to be used by PowerShell, and an application
account to be used when accessing e.g. Office Graph API’s.

Task 1: Verify access to your environment

1. Navigate to https://admin.microsoft.com
2. Sign in if you are requested
3. Look up yourself
4. Click your account

5. Verify that you have the role “Global admin”

Task 2: Capture secrets during implementation

During the implementation you shall capture some values, which will be used in other parts of the
implementation.
We suggest that you copy this table to e.g. a spreadsheet, then save this securely using e.g. Azure
Information Protection or Azure Key Vault.
We will not cover how you safely store and dispose secrets in this document though.
Key Key Name Your Value Sample

#
1 ROOMMGRAPPCLIENT_ID 52e441d8-0a47-4654-93d9-71d068649c2c
2 ROOMMGRAPPCLIENT_SECRET 5-_S.4A1ACnU-SsdafsdDtyoL.C7qasdfAa0ou
3 ROOMMGRAPPCLIENT_DOMAI N df96b8c9-51a1-40cf-b8b1-4514be8e9668
4 AADUSER room-manager@jumpto365.com
5 AADPASSWORD Jadfx1511
6 AADDOMAIN jumpto365.com
7 TEAMSITE https://365adm.sharepoint.com/sites/room-
manager
8 POWERAPPS APP ID 4a57cc40-23e9-4994-83b4-54f139a2d268
Table 1 Captured access codes

Step 1: Configure Office Graph access

This requires you to be a Global Administrator to perform.
Task 1: Create an Azure AD Application
1. Navigate to https://portal.azure.com
2. In the Azure Portal navigate to Active Directory / App Registrations – Then click “New
registration”
Click New Registration

3. Capture the Application ID and the Directory ID and store them as #1 and #3 (Table 1 Captured
access codes)

Task 2: Assign secrets to the Azure AD Application
1. Navigate to the Certificates & secrets section, and click “New client secret”
2. Depending on your organization’s requirements for renewal, select the appropriate value of
“Expires” and click “Add”

3. When done, copy the value of client secret and store it as #2 (Table 1 Captured access codes)
Task 3: Configure Application permissions

1. Navigate to the API permissions section, and remove the existing permissions.

2. Then click “Add a permission” – select Microsoft Graph
3. Select Application permissions
4. Scroll down to Sites and select “Sites.Manage.All”

5. Wait for the permissions to get updated, then click “Grant admin consent …”
6. Click Yes

7. Wait a few seconds then press refresh, repeat until Status is “Granted”

Step 2: Create a service account
Task 1: Create an Azure AD User
1. Head over to the Microsoft 365 Admin portal

https://admin.microsoft. com/AdminPortal/Home#/users,select “Active users” – then “Add a
user”
2. Enter basic details of the user, then configure the password settings like here so that you don’t
have to login and change them afterwards


3. Grant Exchange admin permissions

4. Capture username, password and domain as #4,#5 and #6 (Table 1 Captured access codes)

Step 3: Setup Microsoft Teams
Task 1: Create a Microsoft Team
1. Navigate to https://teams.microsoft.com
2. Select Teams

3. Select “Join or create a team”
4. Follow the dialogues, suggest that you make the Teams private and give it a name which reflects
Meeting Rooms management within you organization.

5. When done, you will be positioned at the General channel.
6. Click the ellipsis, then click Open in SharePoint.

7. Copy the first part of the URL – marked with blue here
8. Save the URL in #7 (Table 1 Captured access codes)

Task 2: Grant permission to your service account
1. Navigate to the SharePoint admin center -

https://admin.microsoft. com/AdminPortal/Home#/alladmincenters

2. Select “Active sites”
3. Select the site you previously created (You might not know it, but every time you create a
Microsoft Teams, you also create a SharePoint site).
4. Click Manage additional admins

5. Enter the name of the AADUSER (ref. #4 Table 1 Captured access codes)

Step 4: Prepare for setup

Task 1: Get supporting files
1. Start Windows Explorer
2. Download the zip file with supporting files from
https://blob.jumpto365.com/recipes/Setup%20Room%20Manager.zip
3. Navigate to the place where the file was downloaded
4. Extract the content by right clicking the file, then click Extract All …

5. Accept the default on your machine and click Extract
Task 2: Setup configuration file

1. Open the .env.ps1 file in an editor

2. Change the values to those previously captured

Task 3: Validate access

1. Click File > Open Windows PowerShell > Open Windows PowerShell
Note that content extracted is subject to change

2. You should see a window like this
3. In the PowerShelll window write “./run V”
Step 5: Setup SharePoint Lists

Task 1: Download necessary PowerShell modules
1. In the PowerShelll window write “./run A” – wait a 30-60 seconds

2. The result is a log file and a folder
Task 2: Login to SharePoint using PNP Management Shell

1. In the PowerShelll window write “./run B”
2. Copy the code

3. Navigate to https://microsoft.com/devicelogin
4. Paste in the code and click Next

5. Select the appropriate account

6. Consent to the requested permissions

It could be that you are using PnP Management Shell in other parts of your organization, if so
you won’t see the next dialogue
Note that you retract the

consent as a part of the cleanup
process see page 70

Task 3: Create SharePoint lists and pages

1. In the PowerShelll window write “./run C”
This will start the process of importing the lists and pages supporting the solution. While
importing you will see a status similar to this. Import takes approx. 5-10 minutes
2. When done, inspect the content of the team site

Step 6: Import existing data
NOT READY FOR REVIEW

Task 1: Import rooms
Task 2: Import room distributions lists
Task 2: Import room policies

Step 7: Setup Azure subscription

(optional) If you already have an Azure
The Azure subscription is used for creating App hosting resources. You subscription or if you are just
can host the necessary scripts in your own environment, on premises testing skip this step.
or in another Cloud environment.
Task 1: Sign in the Azure portal

Navigate to https://portal.azure.com/#home
1. Sign in to the portal

2. Select “Start with an Azure free trial”

3. Verify your profile

4. Confirm by entering a credit card

5. Agree to terms
6. Enter feedback
Apparently you are require to enter a value, you cannot just close this box.
7. Check the subscription by entering “Subsc” in the search field, then click Subscriptions

8. Click the subscription

9. Click Payment methods
10. Verify

Step 8: Setup Azure Functions for hosting (optional)

Note – If you plan to host the PowerShell logic yourself e.g. in your
own data center, you can do so. This module is not depending on other
than access to the internet.
Task 1: Setup an App Service If you are just testing, then you
Consumtion or plan – depends on your processing times – can run all PowerShell
Consumption is default to 5 min, max 10. commands locally
Azure Functions and PowerShell modules
https://docs.microsoft.com/en-us/azure/azure-functions/functions-
host-json#manageddependency
https://docs.microsoft.com/en-us/azure/azure-functions/functions-reference-
powershell?tabs=portal#dependency-management
Task 2: Configure the App Service with secrets

ROOMMGRAPPCLIENT_ID
ROOMMGRAPPCLIENT_SECRET
ROOMMGRAPPCLIENT_DOMAIN
ROOMMGRAPPSITE
AADUSER
AADPASSWORD
AADDOMAIN



Task 3: Create a PowerShell function

1. Click Functions

2. Select “Develop in portal” and a “timer” template
3. Click add and wait 30-60 secs.

4. Click Code + Test
5. Delete the content in the editor

6. Copy the content of the file “RoomManager.ps1.txt” and paste it into the editor, then click Save
7. Click Test/Run

8. Observe the Output

Step 9: Import and configure PowerApp application

<NOT READY FOR REVIEW
The user interface of Room Manager is build in PowerApps.
Task 1: Import Room Manager canvas app
1. Navigate to PowerApps https://make.powerapps.com/
2. Click Import canvas app
3. Click Upload

4. Select RoomManagerV1.zip
5. Wait 20-30 secs
6. Select Create as new

1. Click Open App

Task 2: Configure connections
1. Open the app by clicking “Open app” in the last task of the previous step or find the app in the
App Studio by navigating to https://make.powerapps.com/ the select
2. Click Edit
The app will start loading, takes 20-30 secs

3. Allow SharePoint

4. Navigate to connections
2. The delete all existing by clicking the ellipsis then click Remove

3. When done, expand the Connectors section

4. Enter the URL from #7 (Table 1 Captured access codes)

5. Click Connect and select all lists

Not all are actually used, just easier to instruct
you this way

6. Validate that you have these lists in your app
7. Check the status of the app using the App Checker

8. If should not be red, if it is,click the icon

Here you get a detailed view of where Errors. Could be that one or more of the lists haven’t
been connected- In this example I remove the connection to the Rooms lists causing the screens
supporting Rooms to give errors
Working in a cloud environment

requires you to be able to react to
changes.
Visit https://jumpto365.com for

current instructions & feedbacks.

Task 3: Publish and share

1. Click file
2. Click Save
3. Click Publish, then Publish this version

4. Click Share

5. Select your audience then click Share

5. Check that it was saved successfully, then close the dialogue
6. Note the App ID in #8

7. Click the Web link
Summary of Step 7
You now have a PowerApp

Step 10: Clean up

As any good chef knows, it is important to tidy things up when done cooking. So don’t leave any
usernames, passwords or extend permissions behind you.
Task 1: Remove consent to SharePointPnPPowerShellOnline

Be care full here, I you did not grant permissions as a part of implementing Room Manager, then skip
this task.
1. Navigate to
https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/Overview
2. Select Enterprise applications

3. Find PnP Management Shell
4. Click “Properties”
5. Click Delete and confirm


Jumpto365 - 365admin Room Manager Implementation Guide

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Jumpto365 - 365admin Room Manager Implementation Guide

Uploaded by

Copyright:

Available Formats

365Admin Room Manager

©2020 jumpto365, Inc. All Rights reserved Page 2 of 72

CONFIDENTIAL - NOT FOR DISTRIBUTION

Task 2: Configure the App Service with secrets ..........................................................................45

©2020 jumpto365, Inc. All Rights reserved Page 3 of 72

CONFIDENTIAL - NOT FOR DISTRIBUTION

Implementation Guide – Room Manager

- Step 1: Configure Office Graph access

- Office 365 administrative access

©2020 jumpto365, Inc. All Rights reserved Page 4 of 72

CONFIDENTIAL - NOT FOR DISTRIBUTION

©2020 jumpto365, Inc. All Rights reserved Page 5 of 72

CONFIDENTIAL - NOT FOR DISTRIBUTION

- Microsoft Teams Site (SharePoint lists)

©2020 jumpto365, Inc. All Rights reserved Page 6 of 72

CONFIDENTIAL - NOT FOR DISTRIBUTION

Task 1: Verify access to your environment

4. Click your account

©2020 jumpto365, Inc. All Rights reserved Page 7 of 72

CONFIDENTIAL - NOT FOR DISTRIBUTION

5. Verify that you have the role “Global admin”

©2020 jumpto365, Inc. All Rights reserved Page 8 of 72

CONFIDENTIAL - NOT FOR DISTRIBUTION

Task 2: Capture secrets during implementation

Key Key Name Your Value Sample

©2020 jumpto365, Inc. All Rights reserved Page 9 of 72

CONFIDENTIAL - NOT FOR DISTRIBUTION

Step 1: Configure Office Graph access

Task 1: Create an Azure AD Application

Click New Registration

©2020 jumpto365, Inc. All Rights reserved Page 10 of 72

CONFIDENTIAL - NOT FOR DISTRIBUTION

©2020 jumpto365, Inc. All Rights reserved Page 11 of 72

CONFIDENTIAL - NOT FOR DISTRIBUTION

Task 2: Assign secrets to the Azure AD Application

©2020 jumpto365, Inc. All Rights reserved Page 12 of 72

CONFIDENTIAL - NOT FOR DISTRIBUTION

Task 3: Configure Application permissions

©2020 jumpto365, Inc. All Rights reserved Page 13 of 72

CONFIDENTIAL - NOT FOR DISTRIBUTION

2. Then click “Add a permission” – select Microsoft Graph

3. Select Application permissions

4. Scroll down to Sites and select “Sites.Manage.All”

©2020 jumpto365, Inc. All Rights reserved Page 14 of 72

CONFIDENTIAL - NOT FOR DISTRIBUTION

©2020 jumpto365, Inc. All Rights reserved Page 15 of 72

CONFIDENTIAL - NOT FOR DISTRIBUTION

©2020 jumpto365, Inc. All Rights reserved Page 16 of 72

CONFIDENTIAL - NOT FOR DISTRIBUTION

Step 2: Create a service account

Task 1: Create an Azure AD User

1. Head over to the Microsoft 365 Admin portal

©2020 jumpto365, Inc. All Rights reserved Page 17 of 72

CONFIDENTIAL - NOT FOR DISTRIBUTION

©2020 jumpto365, Inc. All Rights reserved Page 18 of 72

CONFIDENTIAL - NOT FOR DISTRIBUTION

3. Grant Exchange admin permissions

©2020 jumpto365, Inc. All Rights reserved Page 19 of 72

CONFIDENTIAL - NOT FOR DISTRIBUTION

©2020 jumpto365, Inc. All Rights reserved Page 20 of 72

CONFIDENTIAL - NOT FOR DISTRIBUTION

Step 3: Setup Microsoft Teams

Task 1: Create a Microsoft Team