cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

Configure SAM to use Microsoft Graph API for Office-365 related templates

Configure SAM to use Microsoft Graph API for Office-365 related templates

What is Graph API

Microsoft Graph is the gateway to data and intelligence in Microsoft 365. Microsoft Graph provides a unified programmability model that you can use to take advantage of the tremendous amount of data in Office 365

Microsoft Graph exposes REST APIs and client libraries to access data on Office 365 services: SharePoint, OneDrive, Outlook/Exchange, Microsoft Teams, OneNote, Planner, and Excel

Things to Note

  1. PSMSGraph Module installed on the server where SAM is installed
  2. App Name registered with Microsoft
  3. Client/App ID of the app registered Permission “Reports.Read.All” set and granted
  4. Password generated for the App.
  5. Tenant ID for the App registered.

Once you have all these details, you are ready to deploy Office-365 Templates, with all these values passed as Argument to Monitors.

How to Connect Graph API

Install PSMSGraph Module

To connect to the Microsoft Graph API using PowerShell we will have to install the PSMSGraph PowerShell module.

There are 2 ways to install PSMSGraph module for PowerShell.

  1. Download and install module from https://psmsgraph.readthedocs.io/en/latest/
  2. Install module from PowerShell Gallery
    1. Open PowerShell Console as Administrator and run “Install-Module -Name psmsgraph

Once Module is installed check if its installed correctly.

  1. On PowerShell console type
    1. Type : Get-Module -ListAvailable -Name "psmsgraph"
    2. Out will be similar to the screen shot below

pastedImage_7.png

Snap-1

Register an Azure App

  1. To register an Azure application navigate to https://apps.dev.microsoft.com/ and select “Add an App”

pastedImage_8.png

     2.Put in your application name and press the “Create” button.

pastedImage_9.png

3. Note and Store the Client App ID

pastedImage_10.png

4. Generate New Password. Before generating the Password, think about it, the password will be displayed once and has to be noted down to use later.

pastedImage_11.png

5. Add Permission – for the SolarWinds template, the permission required is “Reports.Read.All”

Note the permission should be added to both Delegated Permissions and Application Permissions

pastedImage_12.png

pastedImage_13.png

6. Save Application

pastedImage_14.png

7. Note, the above added permission require Admin Consent, the consent should be provided by Admin under Azure AD.

Provide Admin Consent

  1. Login to https://portal.azure.com using the Global Administrator account
  2. Go to All Services->Identity->Azure Active Directory

The “Azure Active Directory” can be found under “Favorites” on left hand pane by default.

pastedImage_15.png

3. Under “Azure Active Directory” Click “App registration (Preview)” and Select App you just registered

pastedImage_25.png

4. In your App, Note the Client ID (same as Step-2) and Tenant ID, select “View API Permission” -> and Grant Permission and wait for the Confirmation.

pastedImage_27.png

pastedImage_28.png

pastedImage_29.png

pastedImage_30.png

Comments

Excellent walk through! Using the API to monitor O365 can be painful if you haven't done anything like it before.

This is cool. Wonder what's up next?

I could not understand what Sample Application is used for? If I have to monitor O365 templates from Solarwinds Application then which application do I need to register?

The "Sample App" shown in the screenshots is the Azure Active Directory (AD) app that you need to deploy/configure to provide access to the Orion Platform so the Office 365 templates have read-access to Azure data. Essentially, you need to create an "app" in Azure so that Azure provides access to the PSMSGraph module when SAM requests Office 365 data from the Microsoft Graph API. Use a recognizable name for the app, such as "SAM 365 Templates", so you'll remember what it's for if you add more Azure apps later.

Here are some links that provide more info:

Thanks, That means if my Solarwinds is deployed in Azure Environment then only I need to register my app within Azure. If I have solarwinds in my own data center then there is no need? Please confirm.

Even if your Orion instance is in Azure, the SAM template needs something on the Azure side -- the app -- to connect to.

What if Azure is not in the picture, I have solarwinds in my own datacenter i.e. on premises.

Azure, along with the Azure app that you register, are required for this template.

The part related to Azure is well doumented but the second part is missing. How do we configure SAM to use the Graph API with Azure credentials ?

Hi Team,

We have configured the template the way it's shown in the thwack doc above. However, I am getting an error as "WARNING: Exception was caught: The remote server returned an error: (404) Not Found." when i run the script in PS on orion server. Also when i test the template, it just shows the results as "NA".

Need your suggestions on this. bit urgent.

Version history
Revision #:
1 of 1
Last update:
‎01-07-2019 02:42 PM
Updated by:
Product Manager