Post a #MicrosoftTeams channel chat message from #PowerShell using Graph API

Implementing Microsoft Teams is 10% IT, 10% governance and the rest is a cultural change. As part of the governance process, I have long seen the need to post the first chat message in a Team channel reminding the members of some cultural etiquette scenarios as part of a governance process. Up until now, December 2018, this was not possible unless you created an Incoming Webhook which required an administrator to log in to a Team which meant it was not something you could do during an automated creation.

Good news, you can now use the Graph API to post messages to channels without the webhook. This is still part of the beta API as of December 2018 and is not intended for production, yet. Here is what you need to do

Prerequisite: you need to create an Azure AD App registration with the correct permissions

  1. Log on to https://portal.azure.com with a GA administrator
  2. Navigate to Azure Active Directory
  3. go to App registration (Preview)
  4. Click + New registration
  5. Call it PowerShelltoTeamsGraphAPI
  6. Leave Redirect URI blank
  7. Go to Authentication and under Redirect URIs choose urn:ietf:wg:oauth:2.0:oob
  8. Click Save
  9. Go to API permissions to grant the required group read and write permissions
  10. Click + Add a permission
  11. Choose Microsoft Graph, Delegated permissions and choose Group.Read.All and ReadWrite.All (remember you need to expand Group)
  12. Click Grant admin Consent from  and click Yes
  13. You now have admin consent granted for your tenant
  14. Navigate to Overview
  15. Copy the Application (client) ID
  16. we are going to use it in the next step when logging on
  17. Check out the references pictures below

You are now ready to connect to the Graph API via PowerShell. The connection code is from a more thorough blog post by my MVP colleague Alexander Holmeset. $clientId is the client ID you copied in the prerequisites

#Connect Graph, use the client ID we created earlier in the lab called PowerShelltoTeamsGraphAPI in Azure AD under app registrations
#Source: https://alexholmeset.blog/2018/10/10/getting-started-with-graph-api-and-powershell/
$clientId = "bb808f16-b6ef-44aa-8218-2520aaff461e"
$redirectUri = "urn:ietf:wg:oauth:2.0:oob"
$resourceURI = "https://graph.microsoft.com"
$authority = "https://login.microsoftonline.com/common"
$AadModule = Import-Module -Name AzureADpreview -ErrorAction Stop -PassThru
$adal = Join-Path $AadModule.ModuleBase "Microsoft.IdentityModel.Clients.ActiveDirectory.dll"
$adalforms = Join-Path $AadModule.ModuleBase "Microsoft.IdentityModel.Clients.ActiveDirectory.Platform.dll"
[System.Reflection.Assembly]::LoadFrom($adal) | Out-Null
[System.Reflection.Assembly]::LoadFrom($adalforms) | Out-Null
$authContext = New-Object "Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext" -ArgumentList $authority
# Get token by prompting login window.
$platformParameters = New-Object "Microsoft.IdentityModel.Clients.ActiveDirectory.PlatformParameters" -ArgumentList "Always"
$authResult = $authContext.AcquireTokenAsync($resourceURI, $ClientID, $RedirectUri, $platformParameters)
$accessToken = $authResult.result.AccessToken

#Validate that you have access by getting a list of all Office 365 Groups in your tenant
$apiUrl = 'https://graph.microsoft.com/v1.0/Groups/'
$Data = Invoke-RestMethod -Headers @{Authorization = "Bearer $accessToken"} -Uri $apiUrl -Method Get
($Data | select-object Value).Value

Then you need to get the group ID and Id of the channel you want to post to. In this example, I use the Microsoft Teams PowerShell module and I want to post to a Team called TMDemo in the General channel. This can, of course, be done as part of a governance creation process

Connect-MicrosoftTeams

#I assume you only have one TMDemoXX Group
$TeamGroupID = (Get-Team | Where-Object {$_.displayname -match "TMDemo"}).GroupId
$TeamChannelID = (Get-TeamChannel -GroupId $TeamGroupID | Where-Object {$_.displayname -match "general"}).Id

Now you are ready to post to the channel, you are connected without errors, we have the Team you are posting to and have chosen a channel. There is one more thing, you also need to be a member of the Team in order to post. Make sure you get added, and then remove the admin user when you are finished posting.

#connect to teams channels and post a message
$apiUrl = "https://graph.microsoft.com/beta/teams/$TeamGroupID/channels/$TeamChannelID/chatThreads"
#add your admin user as member of the team
Add-TeamUser -User $UserName -GroupId $TeamGroupID
$body = @{
"rootMessage" = @{
    "body" = @{
        "contentType" = 1;
        "content" = '<h1>Welcome to this project. All project related discussions happen in the respective channels in our Team. We look forward to working with you and remember, General channel is used for announcements, wins and off-topic discussion</h1>'
        }
      }
}
$bodyJSON = $body | ConvertTo-Json
$Data = Invoke-RestMethod -Headers @{Authorization = "Bearer $accessToken"} -Uri $apiUrl -Method Post -Body $bodyJSON -ContentType 'application/json'
#remove your admin user from the team
Add-TeamUser -User $UserName -GroupId $TeamGroupID

You have now successfully posted to a channel directly from PowerShell. Congratulations! Log in to your Team an see the result. I think this is great stuff and will definitely be part of my governance processes moving forward graph1<

The best Microsoft Ignite to date

I had a blast at Microsoft Ignite 2018! Here are some reasons why I think it was the best to date:

  • The product groups were accessible and always available for feedback. If you went to the different product group booth you would find prominent members available to chat and discuss their products.
  • Less walking distance, since everything was organized in the same building. This is a great improvement over all other the Microsoft Ignite’s the previous years
  • The focus om community engagement was apparent this year with Community hours and available podcast booths and locations. Even more community members got to share their experience in breakout sessions, meetup sessions, and theater sessions. The community hours had even more people from the product groups join and you got to ask your burning questions and have a great discussion
Ignitecommunity

Microsoft Ignite 2018 group photo with the Microsoft Teams Product Group and MVP’s

This is at least my experience and I may be biased as I got to have a great time delivering three theater sessions, a meetup, guest two podcasts and spend time at the Microsoft Teams booth. But still, compared to the previous years, the vibe during this year Microsoft Ignite was great. If you are thinking of attending next year, make sure you register as soon as possible, for it is going to be awesome. You can pre-register for November 4-8, 2019, in my favorite vacation location, Orlando

Links to my session recordings and slide decks

THR2137 – OneNote Life Hacks

IgniteOLF.png

THR2138 – Stream meetings with Microsoft Teams Live Events

Igniteliveevents

THR2241 – Meetings best practices in Microsoft Teams

Ignitemeetings

Podcast: Skype for Business & Microsoft Teams MVP Roundtable

pod1.png

Podcast: Microsoft Teams news – Live Podcast Discussion

pod2

I also had the pleasure of bringing all of CloudWay AS  to Orlando this year and had great fun together with Jan Ketil Skanke and Alexander Holmeset. I think networking is a big part of conferences such as Microsoft Ignite, that is why we co-hosted Norwegian networking event at Bahama Breeze together with KPMG, Pexip and Microsoft Norway. Read about our activities here

CW1Ignite18V1

Speaking at Microsoft Ignite 2018

I am so proud to return as a speaker for the fourth time at Microsoft Ignite 2018, at my favorite vacation spot, Orlando, FL.

29542728_10155933429450622_4000566362420889272_n

I will share my experience with Microsoft Teams meeting best practices in two expo theater sessions. I will again share my passion for personal productivity using OneNote in a third expo theater session. I will team up with featured speaker, Brian Ricks, and other Teams/Skype MVP’s for ask us anything on troubleshooting Teams and Skype in my first ever meetup.

THR2138V5

Check out my Teams Live Events session

I am scheduled to be at the Microsoft Teams booth during happy hour on Monday so if you have any burning questions or want to hang out and chat, look me up. I would love to whiteboard some migration scenarios or Teams lifecycle scenarios :)

Microsoft Ignite is a huge event for networking with your peers, that is why I am happy that my company is encouraging that by being a co-host for Norsk Aften on Tuesday.

This is going to be fun! See you there :)

Awarded Microsoft Most Valuable Professional (MVP) 2018-2019!

I am really proud to be awarded Microsoft Most Valuable Professional (MVP) 2018-2019. This is the eighth time I receive this award and it is a real honor to be part of this community and that Microsoft recognizes my contributions. I was awarded as Office Servers and Services MVP and I will continue focus on Microsoft Teams, Skype for Business, Office 365 and Microsoft 365, in that order.

The MVP award program recognizes your passion for Microsoft technology and your activities for the past 12 month. I think that the MVP program is the key to success because of getting there is not the end of the journey, but the beginning. When you are recognized as an MVP, you have been acting as an MVP for a long time and this is a way for Microsoft to say thank you for something you have already been doing for a couple of years. Getting the reward just means you need to step it up in terms of community activities to be able to get re-awarded. Think about it, there are now 2996 MVP’s and hundreds of thousands of IT Pro’s, this does not happen by itself.

Typical, but not limited to, activities for becoming an MVP are 

  • Contributing code to Projects
  • In-Person and virtual Speaking
  • Engaging in organizing user groups
  • Helping Others
  • Creating Content
  • Providing Feedback
  • Source (mvp.microsoft.com)

Some highlights of my contributions for the past year

Some links to MVP information

Microsoft Teams Direct Routing GA

Today Microsoft Teams Direct Routing was announced as General Available. This is the means for you to bring your own SIP trunk to Microsoft Teams using only a standard SBC. Today AudioCodes and Ribbon are certified SBC’s for Direct Routing and more are in the works. There are three flavors to Direct Routing

Hosted in Azure!

Yes you read correct. AudioCodes has a certified SBC that now is supported in Azure, which means you can run your Direct Routing SBC in Azure as an appliance.

DRGA6.PNG

Installed in your datacenter connected to your PBX or SIP trunk

With Direct Routing you do not need any Skype for Business or Teams components installed in your datacenter to provide voice for your Teams users. All you need is a certified SBC, a public IP address and a public certificate to connect. Read my blogpost on infrastructure requirements for setting up Direct Routing in your datacenter

DRGA2.png

Hosted by a partner

One SBC can connect to multiple Office 365 tenants making this scenario scalable. This means you can consume native Microsoft Teams services from your own tenant and have a service provider host your voice connectivity.

DRGA3

Thoughts

I think Direct Routing will make Cloud Voice mainstream and it can be combined with Calling Plans where available, which means that you can freely choose how to consume voice. Being able to install the SBC in Azure means that anyone can now host and conenct their own sip trunk to Office 365. With the ability to either get this hosted or set up with next to no on-premises infrastructure you have a solution that can be consumed by most customer types from SMB to Enterprise.

References

Microsoft Teams Direct Routing explained

Microsoft Teams Direct Routing is General Available as of June 28, 2018. This is the means for you to bring your own SIP trunk to Microsoft Teams. To be clear, this will only give your Teams users PSTN connectivity, your Skype for Business Online users still needs to use CCE or Skype for Business Server hybrid to get PSTN connectivity.

The goal of this article is to explain the basic around Direct Routing from an infrastructure point of view.

Licenses

  • You need a Phone System License  per user, which is part of Office 365/Microsoft 365 E5 or add-on for Office 365/Microsoft 365 E3
    • Phone System is not available as add-on for Office 365 Business Premium or Microsoft 365 Business
  • To get a phone number in Teams meetings, you need the Audioconferencing license per user, which is part of E5 and can added as add-on for E3 and Business SKU’s

Firewall ports and protocols

  • To connect a sip trunk to Microsoft Teams, a SIP proxy is used.
    • From your SBC to the SIP proxy you need always to use port 5061
      • From SIP proxy to your SBC you can choose any port between 1024 – 65 6536
      • I prefer to use 5061 since it is the same port as SIP proxy and it may be simpler in the long run
      • Traffic needs to be open both ways
    • You can limit the connectivity to the pstnhub.microsoft.com addresses specified below and the IP addresses they resolve to
      • you should always use sip.pstnhub.microsoft.com as primary as it is a Global FQDN
      • sip-all.pstnhub.microsoft.com is mentioned in the documentation and can be a possible source DNS name
  • Media range is UDP between the ports 49 152 – 53 247

DirectRouting4

SBC requirements

TeamsDirectRoutingV3

 

 

Media Bypass internally

  • The advantage of media bypass in a Direct Routing scenario where server is in the cloud is that media stays local and the media path is more optimal
  • Media bypass is supported by AudioCodes and Ribbon
    • needs to be configured specifically on SBC and enabled in Office 365
    • both vendors support ICE light which is used for connectivity checks when finding optimal media path
  • The clients need to be able to resolve and connect the public IP of the SBC
    • traffic needs to be open both ways, same media ports are used
    • requires hair pinning on NAT device

DirectRoutingMB1.PNG

Media Bypass externally

  • Media bypass is possible from clients logged on outside the corporate network
  • The client needs to resolve the SBC FQDN and connect to the IP
    • This results in allowing any IP as source ip on the media port range on the SBC
    • Since only TLS connections are allowed, I think this is something that can be considered
  • If the client cannot connect to the IP it will relay media via the SIP Proxy

DirectRoutingMBext1

Migrating to Direct Routing

Since CCE or Skype for Business Server cannot provide voice for Microsoft Teams, the only viable migration path is to introduce a SBC or configure the current SBC to connect to Microsoft Teams. From there you can start moving users by routing specific numbers and number series over to the new SIP trunk.

If you use direct SIP trunk with your Skype for Business Server today, then you can test Direct Routing by implementing a SBC and connect it to Microsoft Teams. Then provide a SIP trunk from Skype for Business using the inter trunk routing feature in Skype for Business Server, which allows you to move some test numbers to the SBC and Microsoft Teams. When you are ready to move to Microsoft Teams, you can switch the PSTN SIP trunk to go directly to the SBC.

pathtothecloud

Summary

When you have the correct approach from an infrastructure point of view, then you are ready to create PSTN usages and voice policies in Office 365. After that, users need to be enabled for enterprise voice and get assigned a number. Then you are ready to succeed with Microsoft Teams Direct Routing

References

 

Talking Teams automation and OneNote productivity at the Microsoft Campus this August at TechMentor!

Wow! I am going to speak at a conference at the Microsoft Headquarters in Redmond! This is bucket list check for sure. I am soo looking forward to this and hope the attendees will learn a thing or two about Microsoft Teams and get inspired to do more with OneNote in my two sessions.

SPECIAL OFFER: As a speaker, I can extend $500 savings on the 5-day package. Register here: http://bit.ly/RDSPK09_reg

How to Administer Microsoft Teams Like a Boss

This session will help you learn how to take control of Microsoft Teams using PowerShell. You’ll be able to find activities across all workloads to create PowerBI reports and use the information to decommission, archive, or expire inactive teams.

You will learn:

  • How to administer Microsoft Teams using PowerShell
  • Advanced activity reporting on usage using PowerShell and PowerBI
  • How to use advanced activity reporting to decommission, archive or expire Teams

OneNote LifeHack: 5 Steps for Succeeding with Personal Productivity

So you’re using OneNote as your primary note taking tool? Without any structure, you might lose track of all your notes. This session will help you learn how to get structured using OneNote to dump all your thoughts, ideas, e-mails and notes that are either actionable or something you want to find later. You’ll learn five steps to get started with a robust framework from using the sections correctly, take notes with your mobile device, use Microsoft Flow to send e-mail to OneNote from any device, and the Pomodoro Technique to prioritize and induce flow in a busy workday. The magic is to collect all information in one section regardless of the platform.

You will learn:

  • A framework for productivity
  • How to use the GTD methodology and a practical context with OneNote
  • How to use the Pomodoro Technique

Amplify your knowledge at TechMentor Redmond — bring the issues that keep you up at night and prepare to leave this event with the answers, guidance and training you need.  Register now: http://bit.ly/RDSPK09_reg 

Announcing the Pomodoro Windows app

August 2017 MVP Jan Egil Ring and I launched an open source PowerShell based Pomodoro timer. This is a great way to get stuff done, but difficult to get started with. Andreas Kang Schøyen over at Lillevik IT has done something about that and created an executable program that sets up the integrations and timer.

How it works

When downloading and installing the app, it will automatically integrate with your Skype for Business 32 bit application and your Windows OS making it capable to:

  • Set you to “do not disturb” in Skype for Business with a custom presence state called Pomodoro Sprint
    • The app cotains the SDK dll’s for the Skype for Business client, so no extra installs to control presence
  • Write a note of your choosing during the the Pomodoro sprint and adding the time when you will be available
    • It even counts down the last 15 seconds, so that people waiting to reach you that you are about to become available
  • Write a note of your choosing after the Pomodoro sprint is complete
  • Set your computer in to presentation mode which suppresses popups
  • Start your favourite Spotify playlist for productivity
  • Make you available again when the sprint is finished

The app supports automatic updates and the roadmap includes IFTTT ingration so that you can mute your phone during the pomodoro sprint. See full roadmap here

PomodoroV2

The goal is to induce the flow state in a busy workday

Multitasking is a myth. The goal is to reach the flow state by focusing on one task at a time. Have you ever started writing an email, thought you sent it and eagerly waiting for a response, only to find it incomplete and unsent at the end of the day? This is one of the perils of multitasking.

The Pomodoro Technique is a great methodology to induce flow in a busy workday. It is all about avoiding distractions for 15-25 minutes and focus on one task at a time. This is a short enough period in the day that you can squeeze it in before a meeting. It is incredible what you can get done 15-25 minutes. The goal is to not get distracted and it takes about 7 minutes of focus before your reach your flow state.

If you want to succeed with Pomodoro, you need to make yourself unavailable. Equally important, you need to make yourself available again when those 25 minutes have passed. That is why we created the Pomodoro PowerShell tool, and why I love the simplicity of this app.

Read more and download the exe and MSI version of the app here: http://pomodoro.lit.no

Watch an outtake from my session at Microsoft Ignite 2017 on singletasking

Learn more on my thinking around singletasking and tools available to succeed with the flow state, from this outtake of my OneNote LifeHacks talk at Microsoft Ignite 2017

Complete lists of your tasks is key to success

An important part of succeeding with the Pomodoro Technique is lists. Lists enables you to choose the task that lifts the most weight off your shoulders at that point in time. I use OneNote to capture all my ideas and actions, enabling me to create that finite list of tasks. Check out how I do it in my OneNote LifeHacks YouTube series

Using Mentimeter to interact with your audience

At Nordic Infrastructure Conference 2018, I tried something new. Getting feedback from the audience before my session on their expectations for the session. I tried two different approaches using Mentimeter

  • Write down a question, comment or expectation for the session, open ended
  • What do you associate with OneNote, live word cloud

Both worked out great. I got some good questions that I answered beforehand because I was not going to cover it in my actual session. Other comments where about actual topics during the session that I made sure I covered thoroughly.

mentiteams

I thought the live word cloud was a great icebreaker before the session where people got to see what other associated with OneNote and maybe amplify what they agreed on, and of course add to the word cloud with their own association. It gave me a chance to interact with the audience before the session and know the focus of the attendees

What is Mentimeter?

It is an interactive presentation software that lets you engage with an onsite or online audience live. The attendees participate via their mobile by navigating to a website and entering a code that is displayed onscreen. You have nine different types to choose from and you get five quiz as part of the free getting started package

menti

What I liked about Mentimeter

  • It was easy to get started with
  • You can add a timer to the activity, indicating to the audience when you start your session
  • It looked good
  • It’s anonymous
  • Helped me break the ice in the room.

I recommend you check out the free version and it may be a good tool to get some feedback from the room during a presentation as well. I will definitely try it out again

Slides and demo oneliners from NIC2018 now online

At Nordic Infrastructure Conference 2018 in Oslo, I had the honor of talking about Microsoft Teams and OneNote in two packed sessions. I got some awesome feedback after my sessions and heard that people learned something. That’s the reason I do these talks and want to continue to speak at conferences like this. You can download all slides from the conference via GitHub, which I realize is a super way to share content after a conference.

Download my slides and PowerShell oneliners from my Control Microsoft Teams like a Boss session

TimelapsStaleHansenV3

Download my slides from my OneNote LifeHack session

DVBLk0wWAAE5NJS

My company, CloudWay had a booth at NIC and we had a blast talking secure productivity and give away thousands of mobility swag :)

DSC_0101