Ben Lee - MCA Microsoft 365 Teams Administrator Study Guide

The user data stored in Azure AD can be synchronized from an on-premises AD environment or it can operate in a stand-alone mode. It can have the following types of identities:

Cloud identity: Accounts that only exist in AAD.

Synchronized identity: Accounts that are synchronized from an on-premises AD along with their password information.

Federated identity: Synchronized from an on-premises AD but without a password. When an account needs to be authenticated this is done through some form of a federation gateway that checks the provided password against the one stored in the on-premises AD, for example using Active Directory Federation Services (ADFS).

FIGURE 1.9AAD admin center

While the Microsoft 365 admin center lets you perform some basic user management tasks such as updating user information, the Azure Active Directory admin center lets you view and control any settings relating to your user accounts, security groups, permissions, and, most importantly for Teams, control over guest user accounts.

We will cover guest access and what controls are required via AAD in Chapter 3, “Teams Core Functionality,” but for now just be aware that this portal exists and that it plays an important role in managing access to your Teams environment.

Found at admin.teams.microsoft.com(see Figure 1.10), this is the management interface you will be most familiar with for all things Teams. When Teams was first launched, a lot of its configuration settings were shared with Skype for Business Online, but over time Microsoft has been working on this portal to bring most of its Teams tooling together into one place. Similar to the Microsoft 365 admin center, the dashboard gives you some high-level stats about your organization's usage as well as links to hints/tips and training material that might be useful. If you have access to the Teams admin center (TAC), you can spend some time clicking through it to get familiar with the types of controls and settings you can control.

FIGURE 1.10Microsoft Teams admin center

You can view, modify, and create teams for your organization as well as control settings relating to team creation, such as templates and policy settings (such as restricting the use of private channels).

This section gives visibility of (most) hardware devices connected to your Teams deployment. They are grouped by device type as they can have different management requirements, so meeting room hardware is separate from desk phones, etc.

This section contains settings related to your physical environment, such as networking topology details and office addresses. These are used mainly for either helping correctly handle calls to emergency services (via telephony) or helping to identify sites/subnets in call reports.

This section gives information about all Teams-enabled users in the environment. If you search for and click a user, you get a nice dashboard showing the user's call history for the past seven days, and you can dig into the call analytics to help identify any issues on specific calls. You can also view/modify the user-level policy settings that are applied or revert the user to using the org-wide default.

This section lets you configure settings related to either Teams Meetings or Live Meetings (used for broadcast-style larger events). Here you can control some elements of branding (for example, including a company logo) or settings relating to guest behavior.

This section lets you control chat functionality (either one to one or inside channels) such as the ability to delete messages or the use of images, stickers, and Giphys (animated images from a third-party service).

Teams allows expansion through integrations with additional applications (both first and third party). Here you can control and manage what apps are available to your users for use inside Teams, as well as upload and distribute your own.

This section controls the settings used to manage telephony functionality in Teams. You can view/manage numbers associated with your tenant, create and manage dialing rules, and view any gateways used for calling.

This is a relatively new piece of functionality that Microsoft is introducing because it has recognized that many organizations need to apply the same policies across groups of their users in one go. In the future, you will be able to create bundles of policies to apply to the different types of users in your organization in one go. For now, Microsoft provides a number of pre-created packages that you cannot edit but may still be helpful in applying settings in bulk.

This lets you view and track different usage information of Teams in your environment. You can also download the data to save and manipulate as you need. Don't underestimate how helpful this can be if you are embarking on a company-wide Teams deployment, as this can help show you where uptake is slow.

This section lets you control some settings that apply across all users in your organization, such as coexistence settings with Skype for Business and controlling guest behavior in Teams.

This section offers tailored advice for help in deploying workloads in Teams such as completing a Skype for Business upgrade. This section also contains a network planning tool that you can use to model your network and perform network capacity planning.

Found at cqd.teams.microsoft.com(see Figure 1.11), the Call Quality Dashboard (CQD) is used to detect trends in the quality of real-time media for your users in Teams. When users are making/receiving calls or participating in meetings, data is being collected about the calls that is then combined and displayed for analysis in CQD. If you are doing any real-time media stuff with Teams, you want to make sure that you are carrying out regular reviews of CQD so that you can be ahead of any issues that might be causing quality problems for your users. We will be covering how to use CQD in Chapter 6, “Review Usage and Maintain Quality.”

FIGURE 1.11CQD

PowerShell is a command line–based management shell that is usually used for bulk management and automation tasks. One of the great advantages of PowerShell is that it is object oriented. This means that unlike in the traditional Windows shell ( cmd.exe) that uses only text-based inputs, everything in PowerShell is an object complete with a list of properties. For example, if you retrieve a user in PowerShell, what you will actually get is an object representing that user complete with a list of properties that you can then read or update. Once you have the object you want to work with, you can then pass it between commands quickly (called cmdlets ) and easily, allowing you to reliably and repeatedly perform operations against it.