When you create a Microsoft Team, a Microsoft 365 group is created to manage the team membership like Owners, members, guests. I would rather say the Microsoft 365 group is a backbone of a Team. Through the group you also get an email address for the MS team. Find the other Microsoft 365 services which gets created per this documentation whenever there is a Team provisioned
On this blogpost let us see how to enable a team which can also act as an email distribution list so that you can send an email to all the team members, by default this option is disabled. You will have to be an Owner of the team to set this up. There are couple of ways to do this
Graph Explorer
Outlook
Exchange Online Powershell
Exchange Online Administrator
Graph Explorer:
Graph explorer is a utility that will let you make requests and get responses against the different graph endpoints as a signed in user (Delegated User). To enable the email distribution functionality, we will have to get the group id of the team for setting a value to True for the property autoSubscribeNewMembers. To get the Group Id information go to the Team and click the Get link to team as shown below
Copy the content from the popup which should be in the below format
The Microsoft 365 group inbox for a Team is not available in Outlook but it can be accessed through the SharePoint site associated to the group. Open the SharePoint site from any of the Teams channel as shown below
On the Group Settings popup, enable the Subscription as shown below and then Save it. By default this setting is disabled for the Microsoft 365 group.
Exchange Online PowerShell:
The same setting can also be enabled from Exchange online PowerShell if you have Exchange online Administrator access on the tenant. Make sure the Exchange online PowerShell module is installed. Follow the steps below to turn on AutoSubscribeNewMembers which distributes emails to all users
Load the module by the running the command Import-Module ExchangeOnlineManagement
To disable the setting: Set-UnifiedGroup -Identity ” Team Display Name ” -AutoSubscribeNewMembers:$false
Refer to the documentation from Microsoft for more Exchange online commands related to the Microsoft 365 group.
Exchange Online Administrator
Login into the Exchange Online Admin center and click on Groups from the dashboard section. Execute the below steps
Find the group associated to the team (Team Display Name) from the list and then select
Click on Edit (Pencil Icon) from the ribbon
On the General tab, Enable the property Subscribe new members and then Save
Summary: The same setting can also be applied to a Team created through a Microsoft 365 group. Hope you have found this informational. There were already lot of blogs talking about groups
On this blogpost let us see how to add a custom domain and configure exchange email address for the added domain in a Microsoft 365 tenant. This will allow you to create M365 identities for the users in the Microsoft 365 tenant like user@domain.com instead of user@domain.onmicrosoft.com. This setup is also required if you have a Hybrid setup with users from Onpremise Active directory. Azure AD connect tool helps you synchronize your AD identity from Onpremise to Azure AD or Microsoft 365 tenant directory only if there is a custom domain added to the directory. The custom domain can be added from Microsoft 365 tenant admin center or Azure Active directory portal associated to the M365 tenant. Â
Pre-Requisites:
Own a Domain from any domain providers
Global administrator of Microsoft 365 tenant
If you don’t add a domain, user account in your organization will use the default onmicrosoft.com domain for their email address and UPN. To setup and configure a custom domain, you will have to
Add a TXT or MX record
Add DNS records to connect Microsoft 365 services
For this blog post I have used Domain.com provider to add the DNS records for the custom domain
Add a TXT or MX record:
The first step is to prove you are Owner of the domain and also make the domain is not associated to different tenant. To generate the DNS record values and to add the custom domain login to the Microsoft 365 Admin Center
Select Show all > Settings > Domains
Click Add domain
Enter the custom domain name you own
Click on the button Use this domain
Select Add a TXT record to the domain’s DNS records but you can also add a MX record or add a text file to the domain’s website. Find the different options
The DNS record values for the TXT record will be generated as shown below. TTL 3600 seconds is 1 hour
Add the DNS record for TXT from the domain provider interface for managing the records
Go back to the Admin center and then click Verify. It takes around 15 mins to an hour for the DNS records to propagate, sometimes it may even take more time. Keep trying till the domain in verified. Once the domain is verified you will be able to proceed to the next step for configuring the Microsoft 365 services like exchange etc. You can also Skip and do the configuration later but with this setup you can create user accounts by using the custom domain as its UPN e.x user@domain.com without email address. Find instructions on this link to add a custom domain from Azure Active directory portal.
Add DNS records to connect Microsoft 365 services:
The domain is added & verified, now its time to connect the Microsoft services like Email (Exchange Online, Outlook), Mobile device Management aka MDM with the custom domain. On this post will be connecting only to Exchange online to receive email through Microsoft 365. After this setup is done Exchange online will be your new email host for the domain. After the domain is verified from the step above, select Add your own DNS records and click Continue button as shown below
The following DNS records will be generated as shown below
MX Records (Mandatory)
Sends incoming mail for your domain to the Exchange Online service in Office 365. Mails are delivered to the mail exchange server with the lowest preference number for this record, typically.
CNAME Records (Optional: For Outlook client to work)
Helps Outlook clients to easily connect to the Exchange Online service by using the Autodiscover service. Autodiscover automatically finds the correct Exchange Server host and configures Outlook for users
TXT Records (Optional: SPF record for prevention of spamming)
Helps to prevent other people from using your domain to send spam or other malicious email. Sender policy framework (SPF) records work by identifying the servers that are authorized to send email from your domain
Go back to the domain hosting provider interface to add the above DNS records, to get the values for each record expand each record shown on the above interface.
MX Record:
Set the priority to the Highest or to the number 0 and then add the DNS record. If the domain is xyz.com
There can be only one SPF record on the DNS records so if there are another record already (default), refer this link for more information. I already had the default one so the valye for the TXT record looked like v=spf1 ip5:XX.XX.XXX.X/XX include:spf.protection.outlook.com -all
ipX:XX.XX.XXX.X/XX is the default one
Now after all the DNS records are added, choose Continue. This will take you to the last page of the wizard with the message Domain setup is complete
Now the setup is completed, you can create users using the new custom domain or change an existing users UPN and email address on Admin center with the following steps
Select the new alias and if required change it to the primary email.
Summary: On this post we have seen how to configure a custom domain with email. There can also be multiple domains in one tenant. Hope you have found this informational. Let me know any feedback or comments on the comment section below
Almost every one of us is working from home these days due to the Corono situation we are in as of the time I am writing this article. I wrote a recent blog post about controlling devices from PowerApps with the help of a Raspberry PI and thought of extending the project by creating a Teams presence light with the help of a Raspberry Pi & couple of LED’s with different colours. This was possible due to the availability of the presence API endpoint in MS Graph, this helps us get the user’s current team presence (Available, Busy, Be right back, Do not disturb etc) for a logged in user. As of the time I am writing this article application permissions are not supported.
Device Code Flow:
The supported permission type is Delegated to get the presence information in MS graph, the user must sign in to get the users Teams presence. So how can a user signin/authenticate on a device like Raspberry Pi if we are only using a Terminal window to develop & run the application which I will doing it here, Device code flow to the rescue which is an authentication flow to get the data from MS graph for handling delegated permissions with remote signin/authentication using an auto generated device code. This flow lets the user use another device (for instance the windows client with the VS Code) to sign-in interactively. By using the device code flow, the application obtains tokens through a two-step process especially designed for these devices like Raspberry Pi. Examples of such applications are applications running on iOT, or Command-Line tools (CLI).
Refer this blog post for the steps & instructions to develop applications remotely on a Raspberry Pi using VS code.
Application Design:
There will be a .NET core console application polling the MS Graph presence endpoint every 5 seconds and based on the status, the corresponding coloured lights will be turned on. Find below the high-level design of the application
Active Directory application registration:
Start with registering an Application in Active directory with the following settings
Supported Account Types: Accounts in any organizational directory
Enable Allow public client flows a required setting for the device code flow to work as shown below
Add the permission Presence.Read.All if you going to create a presence light for some other user other than the signed in user and Presence.Read if its going to be only for the signed in user. Once the permission is added, grant admin consent.
In this example, GPIO pins 12 and 13 are used with Green and Red LED’s but you can also use a RGB LED matrix supported for Raspberry Pi which are readily available in the market. Use the Client Id and the tenant id of the application in the app.
Provide the GPIO pins the root permissions through the command on the terminal window /usr/bin/gpio export 12 out and /usr/bin/gpio export 13 out.
Run the application by using dotnet run
Method AcquireByDeviceCodeAsync(IPublicClientApplication pca) generates the device code
As soon as the application is run from the command line, the code is generated as shown below
Code pca.AcquireTokenSilent(Scopes, accounts.FirstOrDefault()).ExecuteAsync(); generates the token which will used along with the graph GET request for getting the teams presence status of the user
The Token will be valid only for 3599 seconds which is close to 1 hour. Generate one more token using the same line of code after an hour which I have not handled in the sample code.
Polling will happen every 5 seconds using the .NET Timer_timer.Change(TimeSpan.FromSeconds(0), TimeSpan.FromSeconds(5));
Based on the teams presence, the corresponding lights will be turned on using the below code
switch (presenceStatus)
{
case "Available":
Console.WriteLine($"{DateTime.Now} : User is Available");
controller.Write(pinGreen, PinValue.High);
controller.Write(pinRed, PinValue.Low);
break;
case "Busy":
Console.WriteLine($"{DateTime.Now} : User is Busy");
controller.Write(pinGreen, PinValue.Low);
controller.Write(pinRed, PinValue.High);
break;
}
Code for this application can be found in this GitHub repo link.
Request Body: grant_type=device_code&resource=https%3A%2F%2Fgraph.windows.net&code=CAQABAAEAAAB2UyzwtQEKR7-rWbgdcBZIsC_ydGuxXqxKTcIvapYfPR0edvvCOBAW4VoOZgLHdaAgrf0cBy-5s9Szoez1NmqIgoe0Ggs9p_7-vVilrU6r9CFom5N_M(Information from the Previous response)&client_id= ADClientId/Appid
Will generate the token in the response
Refresh Token:
This token is used to generate access token after the initial one expires by making another request with information like this in the request body
All of these are handled for us by the Microsoft Authentication library for .NET.
Summary: I’ve used MSAL for .NET library but there are also libraries for MSAL for Python and for other languages as well based on your comfort with the programming language. Hope you have found this informational & interesting. Let me know any feedback or comments on the comment section below
I have recently purchased a Raspberry Pi 4 to explore IoT with Microsoft 365 platform. The Raspberry Pi is a low-cost credit-card sized computer which can be connected to a monitor, keyboard, mouse and to Internet via Wi-Fi or ethernet port. In addition, the Raspberry Pi has a 40 pin GPIO (General Purpose I/O) connector for us to connect sensors (Input) and to control devices (Output) through a relay. It enables people of all ages to explore computing and to learn how to program in languages like Scratch, Python, .NET core etc. One of the most popular operating system for the Raspberry Pi is Raspbian which is also the official one but there are also other operating systems like Ubuntu, Windows 10 IoT core (Not supported for Raspberry Pi 4). On this blog post, I will cover the different components used to integrate Raspberry Pi with Microsoft 365 service PowerApps & Azure services like Azure functions & Azure IoT hub to control devices. Find below the design and the different components used
Environment Setup
Raspberry Pi setup for IoT with .NET Core
Visual Studio Code setup for remote development
Azure IoT hub
.NET Core Console Application
Azure Function – HTTP Trigger
Power Apps
Custom Connector
Canvas Apps
Environment Setup:
Raspbian OS is based on the Debain Operating System which has been optimized for Raspberry Pi hardware and it is the official one. You can find here some instructional videos on the following link to the install the OS on your Raspberry Pi
If you have ordered a Raspberry Pi with a starter kit, most of the sellers would have loaded the Raspbian OS image on the SD card as a part of the kit. Once the OS is installed & configured, it is ready for use with the default username pi and the password is raspberry. Find below the schematic and the GPIO pin out diagram. On the sample code I have used Pin 17 and Pin 18 to control devices
Remote Tools:
There are tools to connect raspberry Pi remotely from your Windows client. Software xrdp provides a graphical interface for the users to remotely connect Raspberry Pi using Microsoft’s RDP mstsc.exe. Follow along this blogpost to set this up on the Raspberry Pi to enable remote connectivity. You can also use PuTTY a SSH tool to remotely connect with Raspberry Pi device. To know the IP address of the device, login to the Router to which the raspberry pi is connected or through the command hostname -I on the command line. To use PuTTY client & VS Code remote development plugin, SSH must be enabled on the Raspberry Pi OS. By default, it is disabled to enable follow the below steps
Launch Raspberry Pi Configuration from the Preferences menu.
Navigate to the Interfaces tab.
Select Enabled next to SSH.
Click OK
Raspberry Pi Setup for IoT with .NET Core:
.NET core is an open source development platform maintained by Microsoft and .NET community on Github. I have chosen .Net core and the programming language C# in which I am comfortable with. There are also python libraries to control GPIO pins in Raspberry Pi. To use .NET core IoT librariesinstall .NET core 3.1 on Raspberry Pi. Follow the instructions below to install .NET core
Copy the Direct link of the .NET core SDK from the link for Linux ARM32. Based on information gathered from few blogposts .NET core is supported for ARM64 though Raspberry Pi is 64 bit. Get the latest link from https://dotnet.microsoft.com/download/dotnet-core/3.1
Open a Terminal window in Raspberry Pi. Enter the following command to download the .Net core sdk binary
To make it available permanently on all the sessions. Run the following command to open the .profile file to save the information
sudo nano .profile
Add the following lines at the end of the file by scrolling and then save it (CTRL+S) and then exit using (CTRL+X)
# set .NET Core SDK and Runtime path
export DOTNET_ROOT=$HOME/dotnet
export PATH=$PATH:$HOME/dotnet
Run the command dotnet –info to know the version of the .Net core
Visual Studio Code setup for remote development:
You can develop applications remotely on a Raspberry Pi device using VS Code with the help of a plugin Remote Development which uses SSH to connect. After the plugin in installed, perform the following steps to remotely connect the Raspberry Pi device
Have the IP address of the Raspberry Device ready which will be used to add a SSH host. Use the command hostname -I on the Raspberry Pi’s terminal window will reveal the IP address
Go to the VS code and press CTRL+SHIFT+P together and type Remote-SSH: Connect to Host & select
Click Add New SSH Host
Type ssh pi@x.x.x.x -A and then press Enter. X.X.X.X is the IP address of your raspberry device and pi is the username (Default)
Select the configuration file. I have used default, %USERPROFILE%\.ssh\config on Windows 10
Host will be added. You are now ready to connect remotely provided the SSH is enabled on the Raspberry Pi.
Azure IoT Hub:
IoT hub is a managed service hosted in cloud that acts as a central message hub for bi-directional communication from the device to the cloud and the cloud to the device. There is a also a Free-Tier limited to one per subscription which can add up to 500 devices and 8000 msgs/day as of today based on the Pricing calculator. Go through the Microsoft documentation about IoT hub. Create a IoT Hub for us to send a message to the Raspberry Pi device for us control the device as per the instruction given in this article. After the IoT hub is created
A device must be registered with your IoT hub before it can connect. There are different ways to register a device like using Azure Cloud shell, in this case we will use portal. Click IoT Devices under the Explorers blade on the IoT hub and click on + New, enter the Device ID and click save.
Copy the Primary key of the registered device
Copy the Hostname from the IoT Hub Overview blade
These values will be used later in the .NET console application
Device Explorer:
It is a tool which helps you to manage devices by connecting to the IoT hub you have just created, it can be also done from the Azure portal, Azure Cli etc. It is very easy to connect to the IoT hub using the connection string. Download the device explorer from the https://aka.ms/aziotdevexp
To get the connection string, click Shared access policies under Settings blade and click iothubowner policy. Copy the Connection string-primary key and paste it on the Configuration section of the Device explorer and click Update as shown below
To send a message to the device click the tab Messages to Device and for registering new devices click Management.
.NET Core Console Application:
The Microsoft .NET core team also has a .NET core IoT library. The package System.Device.Gpio supports GPIO pins to control sensors (Pin Mode: Input) and devices like relay, LED’s (Pin Mode: Output). In this case we will be using the Pin no 17 & 18 to turn on or off a LED with Pin mode set as Output.
Setup for controlling devices:
To control a LED, connect a 220 ohm resistor to the long lead and the other end to a GPIO Pin (17 & 18) & the short LED lead to any one of the GPIO Ground.
In my setup I have used a Breadboard, GPIO Extension board & GPIO extension cable. GPIO Pin’s 17 & 18 are used, there are many other pins for us to use. Look at the GPIO pin schematics for more details on the pins. There are also relays designed for Raspberry Pi which helps controlling real devices, there are different relays module (4 channel, 8 channel, 10 channel etc) available in the market.
Connect Remotely to Raspberry Pi using VS code:
Connect the VS code to the Raspberry Pi using SSH by using keyboard shortcut CTRL+SHIFT+P and click Remote-SSH: Connect to Host and click the IP of the raspberry PI or the hostname based on the VS code setup (SSH Host) we have done earlier
After the password (Default: raspberry) is entered. If you see on the left bottom corner of the VS code with SSH: IP Address or host name, it is then successfully connected
In the terminal window you can enter all bash commands in context of Raspberry Pi.
VS Code Plugin:
To add a package from VS code to the Console app project install a plugin Nuget Packet manager. You can also use the CLI command on the terminal window to add the package but the plugin will help us to add different packages using the UI. All the packages will be installed on Raspberry Pi device as shown below
I also recommend you install to C# and CodeTour extensions (code walkthrough for the code I’ve used for this sample project).
Create the first Console Application to control a LED:
Follow the below steps to control a LED connected to GPIO PIN 22 using the .NET IoT package System.Device.Gpio
On the VS Code terminal window, enter the command dotnet new console to create a new console application
Add the package System.Device.Gpio using the nuget package manager plugin by CTRL+SHIFT+P > NuGet Package Manager: Add Package
Add the following code to the Program.cs file
using System;
using System.Device.Gpio;
namespace DemoProject-GPIOControl
{
class Program
{
static void Main(string[] args)
{
Console.WriteLine("Turning on Light from Pin 22");
using var controller = new GpioController();
controller.OpenPin(22, PinMode.Output);
controller.Write(22, PinValue.High);
Console.ReadKey();
}
}
}
Run the command on the Terminal window dotnet run. There will be an unauthorized exception as below
Unhandled exception. System.UnauthorizedAccessException: Setting a mode to a pin requires root permissions.
---> System.UnauthorizedAccessException: Access to the path '/sys/class/gpio/gpio17/direction' is denied.
---> System.IO.IOException: Permission denied
Enter the following command on the terminal window to provide root permission for Pin no 22: /usr/bin/gpio export 22 out. This command has to be executed everytime you restart the Raspberry Pi unless you provide root permissions to the account which could be done by setting a value on the root configuration file.
Now run the dotnet console app using the command dotnet run which will turn on the LED light connected to PIN 22. The output voltage on PIN will be 3.2 volt if the pinvalue is set to High and will be Zero if its set to Low.
Code controller.Write(22, PinValue.Low); will turn off the light
To remotely debug on the Linux Arm, follow the instruction on this article.
To disconnect in VS code, click File > Close Remote Connection
Method Encoding.ASCII.GetString(receivedMessage.GetBytes()) reads the message
Method deviceClient.CompleteAsync(receivedMessage, _ct) deletes the message from the queue
Do not forget to run the commands /usr/bin/gpio export 17 out and /usr/bin/gpio export 18 out based on the pins you are controlling. Then run the dotnet application using the command dotnet run. Now send a message from the Device explorer or from Azure portal IoT device explorer ON1 or Off1 to turn On/Off the LED connected to PIN 17 and ON2 or Off2 to turn On/Off the LED connected to PIN 18.
On this example we have used Cloud to device messages which sends a one way notification but you can also use Direct Methods & Device Twin to control devices, go through the following documentation from Microsoft with guidance to send cloud to device communications using different methods
Find here the sample of the console application from GitHub. Now the console application is ready, let us create the Azure Function app to use it in the PowerApps.
Azure Function App – HTTP Trigger:
I’ve used a Consumption plan Function app which gets triggered on a HTTP request to send a message to IoT hub registered device using the method ServiceClient.SendAsync from the package Microsoft.Azure.Devices to send a one way notification to the registered Raspberry Pi device. The message will be sent to the device on the HTTP request as query string (Parameter name: name)
Create a Function App from the Visual Studio 2019, I’ve used VS 2019 but you can also use VS Code
Add the HTTP trigger with authorization Level of the Function App as Function
Add the Nuget Package Microsoft.Azure.Devices
Have the connection string handy for the iothubowner policy used on the device explorer.
Copy the following Code:
using System;
using System.IO;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Azure.WebJobs;
using Microsoft.Azure.WebJobs.Extensions.Http;
using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.Logging;
using Newtonsoft.Json;
using Microsoft.Azure.Devices;
using System.Text;
using System.Net;
namespace FunctionApp_IoT
{
public static class Function1
{
static ServiceClient serviceClient;
static string connectionString = "HostName=YourIoTHub-env.azure-devices.net;SharedAccessKeyName=iothubowner;SharedAccessKey=Yourkey";
static string targetDevice = "Your Device ID";
[FunctionName("Function1")]
public static IActionResult Run(
[HttpTrigger(AuthorizationLevel.Function, "get", "post", Route = null)] HttpRequest req,
ILogger log)
{
log.LogInformation("C# HTTP trigger function processed a request.");
string name = req.Query["name"];
serviceClient = ServiceClient.CreateFromConnectionString(connectionString);
SendCloudToDeviceMessageAsync(name).Wait();
return new OkObjectResult(new { status = "Light turned On or Off" });
}
private async static Task SendCloudToDeviceMessageAsync(string condition)
{
var commandMessage = new
Message(Encoding.ASCII.GetBytes(condition));
await serviceClient.SendAsync(targetDevice, commandMessage);
}
}
}
Publish the function app to Azure. Test it by sending HTTP requests using Postman tool or browser. The function API is ready, we are now ready to call the function in PowerApps
So far we have progressed till a HTTP API endpoint using serverless which sends a message to the Raspberry Pi through the IoT hub, if we have to call this API on PowerApps we will have to create a custom connector which allows you to connect to any RESTful API endpoint. Bear in mind that to use a PowerApp which has a custom connector, the users should have a premium license.
Custom Connector:
Let us go ahead and create the custom connector, you can find here on the GitHub repo for the swagger definition file for creating the custom connector. Download the file and go to your Power Platform environment and click to the Custom Connectors link under Data.
Click the Import an OpenAPI file under New custom connector and import the Swagger definition file you have downloaded from the repo
Once it is imported, change the host on the General tab based on the function app URL and the Security will have authentication type as API Key and on the Definition tab there will be one action which be called from the PowerApps to control devices. After the settings are configured you can create the connector by clicking the link Create connector. You can test the connector by creating the connection by passing in the Code parameter of the function app and pass the message to test the operation. Make sure the console app is running in order to receive the message & to turn on/off the device.
PowerApps Canvas App:
Once the custom connector is created you can use it on the PowerApps canvas app by creating a connection to the connector like below
After the connection is created and added on the app, you can use on the PowerApps controls like Toggle, button etc to turn on/off the devices using the code ‘IOT-ControlDevice’.ControlDevice({name: “on1”}) / ‘IOT-ControlDevice’.ControlDevice({name: “off1”}). If a toggle control is used, the code will be something like this
Voila, now you were able to control devices from PowerApps.
Summary: On this post we have seen how to integrate Azure IoT with PowerApps and to control devices through a PowerApps. This is just a sample, you can extend this example based on your needs. Hope you have found this informational & interesting. Let me know any feedback or comments on the comment section below
Mohamed Ashiq Faleel 