Assigning Microsoft Teams teams to Azure Active Directory user accounts
Teams can be directly or indirectly assigned to Azure Active Directory user accounts through Office 365 groups. All members of the Office 365 group are members of the team.
In the case of indirect assignment, employees and Office 365 groups are assigned to hierarchical roles, such as departments, cost centers, locations, or business roles. The Office 365 groups assigned to an employee are calculated from the position in the hierarchy and the direction of inheritance. If you add an employee to roles and that employee owns an Azure Active Directory user account, the Azure Active Directory user account is added to the Office 365 group.
Furthermore, Office 365 groups can be requested through the Web Portal. To do this, add employees to a shop as customers. All Office 365 groups are assigned to this shop can be requested by the customers. Requested Office 365 groups are assigned to the employees after approval is granted.
Through system roles, Office 365 groups can be grouped together and assigned to employees and workdesks as a package. You can create system roles that contain only Office 365 groups. You can also group any number of company resources into a system role.
To react quickly to special requests, you can assign Office 365 groups directly to Azure Active Directory user accounts.
For more information about Exchange Online Office 365 groups, see the One Identity Manager Administration Guide for Connecting to Exchange Online.
Related topics
Adding Microsoft Teams teams automatically to the IT Shop
The following steps can be used to automatically add Microsoft Teams teams to the IT Shop. Synchronization ensures that the teams are added to the IT Shop through their Office 365 groups.
For more information about Exchange Online Office 365 groups, see the One Identity Manager Administration Guide for Connecting to Exchange Online.
To add Microsoft Teams teams automatically to the IT Shop
-
In the Designer, set the QER | ITShop | AutoPublish | O3TTeam configuration parameter.
-
In order not to add teams to the IT Shop automatically, in the Designer, set the QER | ITShop | AutoPublish | O3TTeam | ExcludeList configuration parameter.
This configuration parameter contains a listing of all teams that should not be allocated to the IT Shop automatically. You can extend this list if required. To do this, enter the name of the groups in the configuration parameter. Names are listed in a pipe (|) delimited list. Regular expressions are supported.
-
Compile the database.
The teams and their Office 365 groups are added automatically to the IT Shop from now on.
The following steps are run to add a group to the IT Shop.
-
A service item is determined for the teams' Office 365 group.
-
The service item is assigned to the Azure Active Directory groups | Office 365 groups in Microsoft Teams default service category.
-
An application role for product owners is determined and assigned to the service item.
Product owners can approve requests for membership in these teams and their Office 365 groups. The default product owner is the Office 365 group's owner.
-
The Office 365 group is labeled with the IT Shop option and assigned to the Microsoft Teams groups or Office 365 groups IT Shop shelf in the Identity & Access Lifecycle shop.
Then the shop customers can use the Web Portal to request memberships in the teams and their Office 365 groups.
NOTE: When a team is irrevocably deleted from the One Identity Manager database, the associated service item is also deleted.
For more information about configuring the One Identity Manager IT Shop Administration Guide, see the IT Shop. For more information about requesting access requests in the Web Portal, see the One Identity Manager Web Portal User Guide.
Related topics
Displaying members of Microsoft Teams teams
A team is linked to an Exchange Online Office 365 group. All members of the Office 365 group are members of the team. In order for users to use Microsoft Teams, you need a Microsoft Teams service plan. For more information about Microsoft Teams, see the Microsoft Teams documentation from Microsoft.
To display the members of a team
-
In the Manager, select the Azure Active Directory > Teams category.
-
Select the team in the result list.
-
Select the Microsoft Teams team overview task.
The overview form displays the following information about the members of a team:
-
Members: Displays the team members that own a Microsoft Teams service plan. These members can use Microsoft Teams.
-
Members without service plan 'Teams': Displays the team members that do not have a Microsoft Teams service plan. These members cannot use Microsoft Teams.
Related topics
Displaying owners of Microsoft Teams teams
A team is linked to an Exchange Online Office 365 group. The owners of the Office 365 group are owners of the team.
The team's owners see the team's channels in Microsoft Teams. Limited information is available for private channels. For more information about Microsoft Teams, see the Microsoft Teams documentation from Microsoft.
To show all the owners of a team
-
In the Manager, select the Azure Active Directory > Teams category.
-
Select the team in the result list.
-
Select the Microsoft Teams team overview task.
-
In the header of the Office 365 groups form element, click on the group's name.
This opens the team's Office 365 group. On the Office 365 group overview form, you can see the owners.
Related topics