Is there any API/ PowerShell command available to get SharePoint / exchange online / one drive admin portal configuration settings.
E.g. to list DLP, Anti malware policies etc.
Related
I'm trying to find out how I can distribute an app with licenses for a group, preferably using Azure.
The flow I'm envisioning is an installer for the application only allows X number of users and has to verify this with a server somewhere, ie if a group has bought 100 copies of the software they are restricted to using only 100 installs.
Will Azure AD do this, or is this something that I would need to develop myself?
• You can surely distribute an app and monitor the licenses for that application that is deployed for a group of users by ensuring that you have Microsoft 365 license with you. With Microsoft 365, the management of licenses for an ISV app, i.e., Independent Software Vendor app (software vendor other than Microsoft) can be easily done by adding that application as a custom application in the Microsoft 365 admin centre through the ‘Integrated Apps’ option as shown below: -
• Similarly, after adding an app to the Microsoft 365 admin centre as shown above, you can assign licenses to the added application as below by going to the ‘Licenses’ section in ‘Billing’ part of the M365 portal. Also, while assigning licenses, you can select a group of users, select multiple users, or only select a single user for assigning the software license for the added app from ISV.
In this way, through Microsoft 365, you can surely manage the distribution of licenses for an app for which the installation on a specific number of users and their devices needs to be managed through it.
For more detailed information regarding the addition of apps for an ISV in the Microsoft 365 portal, kindly refer to the below link: -
https://learn.microsoft.com/en-us/microsoft-365/admin/manage/test-and-deploy-microsoft-365-apps?source=recommendations&view=o365-worldwide
How do you get access to the old apis?
In my azure account I have Office 365 unified API (preview), I wish to use the old APIs because it's in preview, poorly documented and sluggish.
However in my azure account I only have Office 365 unified API (preview), Office 365 Management APIs & Windows Azure Active Directory permissions to choose from.
In order for the Office 365 APIs to appear in "Permissions to other applications" on the Azure AD app configuration / registration portal, the Azure AD directory needs an Office 365 account (tenant) associated with it.
Here's an easy way to get going.
Sign up for the Office 365 Developer Program at http://dev.office.com/devprogram. It is currently offering a free Office 365 Developer tenant.
Associate your existing Azure subscription with the new Office 365 Developer tenant.
Log on to Microsoft Azure Management portal with your Azure credentials, e.g. user#live.com
Select Active Directory node, then select Directory tab and select New (bottom of screen).
On the New menu, select Active Directory > Directory > Custom Create.
In Add directory wizard, select "Use existing directory". Check "I am ready to be signed out" and when prompted log in with your new Office 365 Developer account information.
Select continue, and then Sign out now.
Log on again to the Azure Management Portal with your Azure credentials, e.g. user#live.com, and navigate to the Active Directory node.
You should now see the directory of Office 365 Developer tenant. At this point you'll have the Office 365 APIs when you configure / register a new application in this Azure AD directory.
https://msdn.microsoft.com/office/office365/HowTo/setup-development-environment
I have a new Office 365 Small Business subscription and am wondering how best to synchronize contacts with a custom in-house database application.
I have found material explaining how to access the underlying technology, Azure Active Directory with the a library called the Azure Active Directory Graph Client Library.
However, to my knowledge I don't have an Azure Management Portal for the Azure technologies underlying Office 365, and that's where I would normally register my application for API access according to those tutorials.
So, if I want to access the Azure Active Directory in my Office365 account with the Azure Active Directory Graph Client Library, where do I register the application, get my key - and to which host do I connect to?
Office 365 uses Azure Active Directory as identity management, so it is already there. To access Windows Azure portal for your existing Office 365 subscriptions all you need is to activate a free Windows Azure subscription on your existing account .
This blog Using your Office 365 Azure AD tenant with application access enhancements for Windows Azure AD gives a very detailed steps on how to do it.
In my company, we are using Office365 for our emails.
In addition to this, we are using Windows Azure Active Directory to secure some applications.
Now I've been asked to create some kind of link between our users in Office 365 and Windows Azure Active Directory.
The point would be to have some admin applications deployed and secured with WAAD but for which the users are the ones from Office365.
I've found lots of documentation on the web on how to sync directories but not really anything stating clearly that this is possible.
I'd like to insist on the fact that it is our own application that we'd like to secure like this.
Thanks
(Edit 2018-03-23: This answer was updated to reflect changes in the new Azure portal.)
The underlying directory for Office 365 is Azure Active Directory (Azure AD). This means that if you have an Office 365 account, you already have a directory -or "tenant"- in Azure AD.
In your case, I think what you want to do is move from securing your application with a different Azure AD tenant (under a different domain), to securing your applications with the tenant you got when you started using Office 365. The key here is to be able to get access to your Office 365 tenant from the Azure portal.
All you need to do is sign in to the Azure portal (https://portal.azure.com) with you Office 365 account (which, remember, is an Azure AD account), and head over to the "Azure Active Directory" blade. (Note: You do not need an Azure subscription in order to manage your Azure AD tenant in the Azure portal.)
Now you can go about adding and configuring apps to the Office 365 tenant so that you can use that tenant to secure your apps.
Extra: Since you've already started doing things with another Azure subscription (presumably your Microsoft Account, MSA --formerly LiveID--), you might be interested in transferring that Azure subscription to be owned by an account in your primary Azure AD tenant: https://learn.microsoft.com/en-us/azure/billing/billing-subscription-transfer
If the aim is to make the Office 365 directory available inside the Azure portal, this currently works:
In the Azure portal, under Active Directory, click the New button, then Directory, then Custom Create. In the Directory pull-down, select 'Use existing directory' and follow the instructions to sign out and sign in using your Office 365 admin user. This will make your Office 365 directory available inside your Azure portal (in addition to any other Azure directories you have access to.)
When you setup your Azure Subcription did you use the same account you used when you setup your Office 365 Subscription? If so you should be able to see an existing WAAD instance when you log into Azure that has your #*.onmicrosoft.com domain registered against it. If you don't see that you may be able to add the domain to Azure subscription assuming of you are the domain admin. See here: http://blogs.msdn.com/b/bspann/archive/2013/10/20/adding-existing-o365-directory-to-azure-msdn-subscription.aspx
For the sake of completion, I hope the OP would come back and accept the answer provided by Philippe.
I found this that was quite helpful: http://blogs.technet.com/b/ad/archive/2013/04/29/using-a-existing-windows-azure-ad-tenant-with-windows-azure.aspx
I have a portal through which I resell different vendor's software licenses. I have a question on Office 365 provisioning and selling user licenses to my clients.
My requirement is as follows:
User should be able to log in through my portal and create their Office 365 user account and choose plans as per their need
Through Single sign on (SSO) activity, I need to get the SSO Url, so Office 365 users already logged in to my portal do not require to log in again to their Office 365 account again
Users can update, cancel their Office 365 user accounts through my portal
I have researched on internet regarding Office 365 provisioning and found following ways to integrate Office 365 client application in my portal
Using ‘https://provisioningapi.microsoftonline.com/ProvisioningWebService.svc?wsdl’ WebService, this WebService has got all required APIs to provision Office 365. could not find any documentation for this WebService on the web. It would be nice if I can get documentation of this webservice.
Using PowerShell Cmdlets. Most blog users suggest this as the best way for provisioning Office 365. I tried this but need a Partner account or Tenant Administrator account who can actually provision users
Am I moving towards the right direction? If I need to test how to provision Office 365 users within my environment can I get any test/dummy tenant administrator/partner user account? It would be nice if you can answer my questions little fast.
If you're interested in reselling Office 365 subscriptions, what you want is probably to become part of the Microsoft Partner Network. There is currently no method to programmatically provision Office 365 accounts (except for -maybe- Microsoft resellers/partners)
If the Office 365 account exists already, you can programmatically provision users, groups, subscriptions, etc., but as you've seen, you either need to be a partner (who provisioned that account in the first place), or a tenant administrator.
As far as programmatic access to Azure Active Diretory (the underlying identity system that Office 365 accounts use), I strongly recommend staying away from the web service you mention (it's simply the web service used by the AAD cmdlets). You can use the PowerShell cmdlets (from .NET code if needed), or even better, the Azure Active Directory Graph API for a web-friendly RESTful interface.