MS Teams

Hi Team.

Is anyone managing MS Teams in anyway with ARS? 

We would like to delegate the ability to a select few service desk people to be able to create MS Teams channels. 

We have a Powershell script that can do it. Is there an easy way maybe of having them execute the PS from within ARS? 

  • The Powershell code we have to do this manually is below. Do we think we could have this run from within ARS? 

    $time = Get-Date -Format "yyyy-MM-dd-HH-mm"
    $logfile = "C:\temp\CreateTeams_task-$time.txt"
    Start-Transcript -Path $logfile -Append
    
    function Create-Channel {   
        param (   
            $ChannelName, $GroupId
        )   
        Process {
            try {
                $teamchannels = $ChannelName -split ";" 
                  if ($teamchannels) {
                    for ($i = 0; $i -le ($teamchannels.count - 1) ; $i++) {
                        New-TeamChannel -GroupId $GroupId -DisplayName $teamchannels[$i]
                    }
                }
            }
            Catch {
            }
        }
    }
    
    function Add-Users {   
        param(   
            $Users, $GroupId, $CurrentUsername, $Role
        )   
        Process {
            
            try {
                $teamusers = $Users -split ";" 
                if ($teamusers) {
                    for ($j = 0; $j -le ($teamusers.count - 1) ; $j++) {
                        if ($teamusers[$j] -ne $CurrentUsername) {
                            Add-TeamUser -GroupId $GroupId -User $teamusers[$j] -Role $Role
                        }
                    }
                }
            }
            Catch {
            }
        }
    }
    
    function Create-NewTeam {   
        param (   
            $ImportPath
        )   
        Process {
            Import-Module MicrosoftTeams
            $username = $cred.UserName
            $teams = Import-Csv -Path $ImportPath
            foreach ($team in $teams) {
                $getteam = get-team | where-object { $_.displayname -eq $team.'Team workspaces' }
                If ($getteam -eq $null) {
                    Write-Host "Start creating the team: " $team.'Team workspaces'
                    $group = New-Team -displayname $team.'Team workspaces' -Owner $team.'Owners 1' -MailNickName $team.MailNickName  -Visibility Private -AllowCreateUpdateChannels $false -AllowCreatePrivateChannels $false -AllowAddRemoveApps $false -AllowCreateUpdateRemoveTabs $false -AllowCreateUpdateRemoveConnectors $false -GiphyContentRating Strict -AllowDeleteChannels $false -AllowUserDeleteMessages $false -AllowOwnerDeleteMessages $false -AllowUserEditMessages $false
                    Write-Host "Adding team Owners..."
                    Add-Users -Users $team.Allowners -GroupId $group.GroupId -CurrentUsername $username  -Role owner 
                    Write-Host "Adding team Members..." -ForegroundColor Yellow
                    Add-Users -Users $team.Allmembers -GroupId $group.GroupId -CurrentUsername $username  -Role member 
                    Write-Host "Completed creating the team: " $team.'Team workspaces'
                    $team = $null
                }
                Elseif($getteam -ne $null) {
                $teamname = $team.'Team workspaces'
                write-host "Team: $teamname exists " -ForegroundColor Black -BackgroundColor Magenta
                $teamname =$null
                }
            }
        }
    }
    
    Create-NewTeam -ImportPath "C:\__Powershell\Teams\data\CreateBulkTeams-230922.csv"
    
    Stop-Transcript
    

  • No problem running the Teams scripts inside of Active Roles.

    A couple of options I would suggest:

    1) Create an Automation Workflow and add the script as an Activity to this.  Permission the Workflow for execution by whomever you like - there are built-in Access Templates for this purpose.

    2) (This is more complicated to setup but might be slightly simpler for your users).  Create a Boolean virtual attribute something like VALaunchTeamsScriptCreate and associate it with the OU object class.  Then, via Web UI Customization, create a custom Web UI command linked to the OU object class  (that way you don't have to select an object as the context menu will populate simply by navigating into any OU in the Web UI).  Use the set property command type and have the command set your VA to TRUE.  Then, create a Change Workflow watching for changes to this OU property.  Add your script as an activity to this workflow.  You will want to strip out the "write-host" commands.

  • In case it's not clear, the "advantage" of Option 2 above is that Web UI users just look at the right pane, see your custom command (maybe "Create Teams Channels") and click on it to fire the script.

  • Thank you. Loading the script in to ARS is giving me errors on the Pram statements. Any suggestions on how to make ARS happy? 

  • I code functions a bit differently:

    function Create-Channel ($ChannelName, $GroupId )
    {

    try {
    $teamchannels = $ChannelName -split ";"
    if ($teamchannels) {
    for ($i = 0; $i -le ($teamchannels.count - 1) ; $i++) {
    New-TeamChannel -GroupId $GroupId -DisplayName $teamchannels[$i]
    }
    }
    }
    Catch {
    }

    }

    The other thing to keep in mind is that when you are firing a script as an AR Activity, you need some kind of "main body" function for the activity to call.

    Sample script structure:

    Function MyFunction1 ($SomeValue)

    {}

    Function MyFunction2 ($SomeValue2)

    {}

    Function MyFunction3 ($SomeValue3)

    {}

    Function TheMainFunction ($Request) # This is the one your Activity should call - name can be whatever you want.

    #  I always include $Request for scripts used in Change Workflows.

    {

    MyFunction1 $Value

    MyFunction2 $Value2

    MyFunction3 $Value

    }

  • Thank mate. Just getting back to this. 

    So i have changed the code and just to confirm its working i am running outside of ARS. The error i am getting is below. Any suggestions?

    PS>TerminatingError(Get-Process): "Cannot evaluate parameter 'Name' because its argument is specified as a script block and there is no input. A script block cannot be evaluated without input."
    Get-Process : Cannot evaluate parameter 'Name' because its argument is specified as a script block and there is no
    input. A script block cannot be evaluated without input.
    At line:41 char:13
    + process {
    + ~
    + CategoryInfo : MetadataError: (:) [Get-Process], ParameterBindingException
    + FullyQualifiedErrorId : ScriptBlockArgumentNoInput,Microsoft.PowerShell.Commands.GetProcessCommand

    Connect-MicrosoftTeams
    #
    
    $time = Get-Date -Format "yyyy-MM-dd-HH-mm"
    $logfile = "C:\temp\CreateTeams_task-$time.txt"
    Start-Transcript -Path $logfile -Append
    
    function Create-Channel ($ChannelName, $GroupId)
    {   
            try {
                $teamchannels = $ChannelName -split ";" 
                  if ($teamchannels) {
                    for ($i = 0; $i -le ($teamchannels.count - 1) ; $i++) {
                        New-TeamChannel -GroupId $GroupId -DisplayName $teamchannels[$i]
                    }
                }
            }
            Catch {
            }
        }
    
    function Add-Users($Users, $GroupId, $CurrentUsername, $Role)
    {     
            try {
                $teamusers = $Users -split ";" 
                if ($teamusers) {
                    for ($j = 0; $j -le ($teamusers.count - 1) ; $j++) {
                        if ($teamusers[$j] -ne $CurrentUsername) {
                            Add-TeamUser -GroupId $GroupId -User $teamusers[$j] -Role $Role
                        }
                    }
                }
            }
            catch {
            }
        }
    
    function Create-NewTeam($ImportPath)
    {   
       }
        process {
            Import-Module MicrosoftTeams
            $username = $cred.UserName
            $teams = Import-Csv -Path $ImportPath
            foreach ($team in $teams) {
                $getteam = get-team | Where-Object { $_.displayname -eq $team.'Team workspaces' }
                if ($getteam -eq $null) {
                    Write-Host "Start creating the team: " $team.'Team workspaces'
                    $group = New-Team -displayname $team.'Team workspaces' -Owner $team.'Owners 1' -MailNickName $team.MailNickName  -Visibility Private -AllowCreateUpdateChannels $false -AllowCreatePrivateChannels $false -AllowAddRemoveApps $false -AllowCreateUpdateRemoveTabs $false -AllowCreateUpdateRemoveConnectors $false -GiphyContentRating Strict -AllowDeleteChannels $false -AllowUserDeleteMessages $false -AllowOwnerDeleteMessages $false -AllowUserEditMessages $false
                    Write-Host "Adding team Owners..."
                    Add-Users -Users $team.Allowners -GroupId $group.GroupId -CurrentUsername $username  -Role owner 
                    Write-Host "Adding team Members..." -ForegroundColor Yellow
                    Add-Users -Users $team.Allmembers -GroupId $group.GroupId -CurrentUsername $username  -Role member 
                    Write-Host "Completed creating the team: " $team.'Team workspaces'
                    $team = $null
                }
                elseif($getteam -ne $null) {
                $teamname = $team.'Team workspaces'
                Write-Host "Team: $teamname exists " -ForegroundColor Black -BackgroundColor Magenta
                $teamname =$null
                }
            }
    }
    
    Create-NewTeam -ImportPath "C:\Teams\CreateBulkTeams.csv"
    
    Stop-Transcript

  • One thing for sure is you need to figure out how you will pass creds to your Connect-...

  • For that particular point i am looking at using certificate based authentication within our Azure. That should be no problem to fix. Just need to get it running in a way that ARS will be happy to run. Something about the script block it does not like and giving me that error above. 

  • Your code above doesn't reflect the suggestion I made concerning a "main body" type function.  Did you paste in some old code?

    Looking through your code, I would make sure you remove your transcript stuff and the write-host's.

    Your certificate / app approach is fine - you will need to import the certificate into the profile of your AR service account.

  • Hi. 

    So the script so far is below. Is this how you would expect it to be in ARS? 

    The script is running as it should inside ARS from a Automation workflow. I have a VA that when ticked kicks off the workflow and then unticks the VA. The script also works outside ARS. 

    I do have a question though. How can i set the work flow to only run from a specific Administration service? I am trying to keep the SSL certificate that is needed to run the process to a single Administration server. 

    code so far:

    #Connect-MicrosoftTeams
    Connect-MicrosoftTeams -CertificateThumbprint "something something" -ApplicationId "something something" -TenantId "something something"
    #
    
    $time = Get-Date -Format "yyyy-MM-dd-HH-mm"
    $logfile = "C:\ARS-Scripts\CreateTeams_task-$time.txt"
    Start-Transcript -Path $logfile -Append
    
    function TheMainFunction ($Request)
    {
    
    Create-NewTeam -ImportPath "C:\ARS-Scripts\CreateBulkTeams.csv"
    
    }
    
    function Create-Channel ($ChannelName, $GroupId)
    {   
            try {
                $teamchannels = $ChannelName -split ";" 
                  if ($teamchannels) {
                    for ($i = 0; $i -le ($teamchannels.count - 1) ; $i++) {
                        New-TeamChannel -GroupId $GroupId -DisplayName $teamchannels[$i]
                    }
                }
            }
            catch {
            }
        }
    
    function Add-Users($Users, $GroupId, $CurrentUsername, $Role)
    {     
            try {
                $teamusers = $Users -split ";" 
                if ($teamusers) {
                    for ($j = 0; $j -le ($teamusers.count - 1) ; $j++) {
                        if ($teamusers[$j] -ne $CurrentUsername) {
                            Add-TeamUser -GroupId $GroupId -User $teamusers[$j] -Role $Role
                        }
                    }
                }
            }
            catch {
            }
        }
        
        function Create-NewTeam {   
        param (   
            $ImportPath
        )   
        process {
            Import-Module MicrosoftTeams
            #$username = $cred.UserName
            $teams = Import-Csv -Path $ImportPath
            foreach ($team in $teams) {
                $getteam = get-team | Where-Object { $_.displayname -eq $team.'Team workspaces' }
                if ($getteam -eq $null) {
                    Write-Host "Start creating the team: " $team.'Team workspaces'
                    $group = New-Team -displayname $team.'Team workspaces' -Owner $team.'Owners 1' -MailNickName $team.MailNickName  -Visibility Private -AllowCreateUpdateChannels $false -AllowCreatePrivateChannels $false -AllowAddRemoveApps $false -AllowCreateUpdateRemoveTabs $false -AllowCreateUpdateRemoveConnectors $false -GiphyContentRating Strict -AllowDeleteChannels $false -AllowUserDeleteMessages $false -AllowOwnerDeleteMessages $false -AllowUserEditMessages $false
                    Write-Host "Adding team Owners..."
                    Add-Users -Users $team.Allowners -GroupId $group.GroupId -CurrentUsername $username  -Role owner 
                    Write-Host "Adding team Members..." -ForegroundColor Yellow
                    Add-Users -Users $team.Allmembers -GroupId $group.GroupId -CurrentUsername $username  -Role member 
                    Write-Host "Completed creating the team: " $team.'Team workspaces'
                    $team = $null
                }
                elseif($getteam -ne $null) {
                $teamname = $team.'Team workspaces'
                Write-Host "Team: $teamname exists " -ForegroundColor Black -BackgroundColor Magenta
                $teamname =$null
                }
            }
        }
    }
    
    Stop-Transcript