...
Expand | ||
---|---|---|
| ||
CAM App RegistrationThis process allows adding the CAM App (by Litera) via the Azure Active Directory. User/organization can be imported to the Teams app once the registration completes. For iManage M365 App Proxy, see iManage Note: The following details are required when configuring M365 in CAM using External System Configuration:
|
Expand | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Microsoft Graph Permissions in M365The following permissions will need to be enabled in the Azure Portal.
Required Permissions to Create or Manage Teams
Permissions for -APIs my Organization Uses-> Microsoft Teams Services
Note |
Optional PermissionsThese permissions are optional and can be added based on your firm’s usage of CAM.
|
Expand | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
Private ChannelCAM uses Azure AD - Microsoft Graph API - to access resources in M365 to create Groups and Teams. When you create a private channel, it has its own SharePoint site collection. The separate site collection is to ensure access to that private channel files are restricted to only members of the private channel compared to the team site where team owners have access to all the assets within the site collection. The site collection created using private channels as per Microsoft documentation is not visible in the SharePoint admin center unless someone manually clicks on the Files tab in teams once the SharePoint site will be available in 1-2 min or almost instantly. To trigger the click event on the Files tab, CAM needs the Microsoft native API permission which can be added by following the steps -
10. Click Save. 11. Now click on API permissions on the left bar. 12. On the right side, scroll down till the end. 13. Under "Microsoft Teams Services (1)", it will list user_impersonation under Microsoft Teams Services, status as Not granted for <global admin user>. 14. In order to provide admin consent, scroll to the top of the page and click on select Grant admin consent for <global admin user>. 15. Confirmation message pop up displays, select “Yes”, add other granted permissions to configured permissions.
Snapshot of Manifest |
Expand | ||||
---|---|---|---|---|
| ||||
Service Account Permission - Use Planner in TeamsNote: If you would like to have Microsoft's Planner app within MS Teams, refer to Microsoft’s Planner app documentation. To be able to create the Planner tab in Team Channels, Microsoft requires that delegated / service account users be created and is a member of the team. However, to build a team, there must be an appointed owner. Because of this requirement, you need an additional service account so that you can switch to it to create a planner.
Configuration in CAM PlannerFollow the steps to create a Planner inside a Channel. Follow these steps to create a Planner.
Note: Microsoft has a restriction, only group members can access Planners. As group owners cannot access Planners, you need an additional service account (group member) to create a Planner. Token roles can be assigned to group members while creating a planner. After a group member creates the Planner, the token role can be reassigned to the owner. A token role is assigned to a group member so that the group member is able to receive the token and approve the creation of planners.
|
Note |
---|
Warning: Ensure the Additional Service Account is set in the External System configuration. |
Expand | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Connecting M365 with the CAM PlatformTo add a New M365 Connection to the CAM Platform
M365 Role Mapping
The configured O365 Authentication(s) displayed in the M365 tab is as follows
Editing an Existing Configuration
|
Expand | ||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||||||
Group Name RulesDefine the M365 group names rules and format to be applied.
The configured group name rule(s) display in the table with the following columns:
|
Expand | |||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| |||||||||||||||||||||||||
Metadata MappingMap the metadata for M365 group with these steps.
The completed metadata displays in the following columns in the table:
|
Expand | ||
---|---|---|
| ||
M365 - Add Guest AccountGuest Accounts can be created in CAM for M365. If creating guest accounts externally, there are no password requirements, but a password can be set, as the user is created temporarily without a profile. Invite Guest Users from Request Workflow -> Default Security Or upload CSV. |
Expand | ||
---|---|---|
| ||
M365 - User Default PasswordWhen creating users, a default password can be set. How to create a default password:
|
...