Skip to content

dcasota/m365-scripts

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
 
 

Repository files navigation

Where to start with Microsoft 365 ?

Microsoft 365 has become the cornerstone of office collaboration for most companies in nowadays.

The main point people are using Microsoft solutions is sustainability. They prefer the benefits of the digital transformation utilizing Microsoft solutions.

In my opinion, expanding digital transformation in the development field of sustainability is the place to start. The methodology of how to adopt a solution is a key benefit.

image

Copy of the Microsoft Cloud for Sustainability reference documentation as pdf (August 28th 2024): Google Weblink

As an ICT system engineer, where to start with Microsoft 365 ?

For Microsoft 365 engineers it's quite important, to have a lab where to test processed hardening guides, automation and compliance stuff.

The long-term retrieval of acquired learning content with permanent safeguarding of the retrieval systems, the protection of data and thus also privacy poses proliferation and resource sustainability challenges to the actors.

So, where to start with?

Here a list of possibilities:

Setting up a sharepoint site has the advantage of low upfront costs. Usually you get a one month free trial for various licenses as well.

Starting a Microsoft 365 business plan is the path for production. Most users still work with the desktop versions of Microsoft Office products. The goal of Microsoft 365 Business standard is interoperability and compatibility. The disadvantage of those workflows in general is risk such as dataloss, malware, ransomware, identity theft, rogue devices, network penetration, etc.

A good overview with all different plans and add-ons is available on this weblink.
See a copy of it here .

This wiki describes journey experiences and tecniques automating M365 tenant configurations.

Lab-Environment

First, start by creating a Sharepoint site (Plan 1)

Have a look to the Wiki entries about Microsoft 365, Teams, Sharepoint here.

Authentication methods

Starting with a Microsoft 365 tenant typically leads to the demand of desired configurations. Microsoft365DSC is the declarative form of a Microsoft 365 tenant configuration. It allows you to represent the configuration of your tenant in code (Configuration-as-Code) leveraging PowerShell Desired State Configuration (DSC). For more information, see https://microsoft365dsc.com/user-guide/get-started/introduction/.

DSC implementations use various Powershell modules. It helps to get familiar with the Powershell modules and with the supported authentication methods.

image

For learning purposes, see

A very good overview of the different authentication methods does https://lazyadmin.nl/powershell/connect-mggraph/.

As-a-code configuration challenges

Resource consumption usually is granted through groups. There are differences between Microsoft365 Groups, Distribution Groups, Security Groups and Mail-enabled Security Groups. With Microsoft 365 Groups, you can give a group of people access to a collection of shared resources. These resources include:

  • A shared Outlook inbox
  • A shared calendar
  • A SharePoint document library
  • A Planner
  • A OneNote notebook
  • Power BI
  • A Team (if the group was created from Teams)
  • Roadmap (if you have Project for the web)
  • Stream

During tinkering, I've found out that the powershell implementations consist of issues. It's matrix of possibilites, but not all are working flawlessly.

A. Powershell Modules' release

  1. Az: https://github.com/Azure/azure-powershell
  2. Az Tools: https://learn.microsoft.com/en-us/powershell/azure/overview?view=aztools
  3. Exchange Online: https://learn.microsoft.com/en-us/powershell/exchange/exchange-online-powershell?view=exchange-ps
  4. Teams: https://learn.microsoft.com/en-us/microsoftteams/teams-powershell-overview
  5. Sharepoint: https://learn.microsoft.com/en-us/powershell/sharepoint/sharepoint-online/introduction-sharepoint-online-management-shell
  6. PnP.Powershell: https://pnp.github.io/powershell/
  7. CLI for Microsoft365: https://pnp.github.io/cli-microsoft365/
  8. Microsoft Graph Pwsh SDK: https://www.powershellgallery.com/packages/Microsoft.Graph
  9. Microsoft365DSC: https://github.com/Microsoft/Microsoft365DSC
  10. Graph: https://learn.microsoft.com/en-us/powershell/microsoftgraph/?view=graph-powershell-1.0
  11. PowerApps: https://learn.microsoft.com/en-us/power-platform/admin/powerapps-powershell
  12. AzureAD (alt): https://www.powershellgallery.com/packages/AzureAD
    AzureADPreview: https://www.powershellgallery.com/packages/AzureADPreview
  13. MSOnline: https://www.powershellgallery.com/packages/MSOnline/
  14. Entra (neu): https://learn.microsoft.com/en-us/powershell/entra-powershell/?view=entra-powershell
  15. PowerBI https://learn.microsoft.com/en-us/powershell/power-bi/overview?view=powerbi-ps

B. Scope: 1) CurrentUser 2) Process
C. Delegated Access: 1) Interactive Authentication 2) Device code 3) Access Token 4) Custom Azure Application
D. App-Only Access: 1) Certificate-based 2) Managed Identity 3) Client Secret
E. Azure Environment

Name     AzureADEndpoint                   GraphEndpoint                           Type
----     ---------------                   -------------                           ----
Global   https://login.microsoftonline.com https://graph.microsoft.com             Built-in
China    https://login.chinacloudapi.cn    https://microsoftgraph.chinacloudapi.cn Built-in
Germany  https://login.microsoftonline.de  https://graph.microsoft.de              Built-in
USGov    https://login.microsoftonline.us  https://graph.microsoft.us              Built-in
USGovDoD https://login.microsoftonline.us  https://dod-graph.microsoft.us          Built-in

Document your environment

(todo)

Weblinks

Martina Grom: https://github.com/martinagrom

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published