Article last updated on the 4th of July, 2024.
Contents
1. Introduction
2. Requirements
3.1. Setting up a Service User
3.2. Granting consent to use Groupify functionality
3.3. Team tabs
4. Notes
4.1. Security
1. Introduction
When a WorkPoint 365 site is converted to a Microsoft Teams-enabled site (a process known as 'teamification'), there is an observed issue where site collection administrators are stripped of their administrative rights. This loss of rights occurs because the site collection administrators are being automatically added to the Owners group. This issue can result in conflicts especially when there are pre-existing security rules for Office 365 groups that inadvertently override the membership of the Owners group.
Workaround: To counter the issue of administrative rights loss during the teamification of WorkPoint 365 sites, the following workarounds can be considered:
1. Manually Add Administrators: After the teamification process has been completed, manually re-add the desired users as site collection administrators to ensure they retain the necessary permissions.
2. Configure a Security Rule: Establish an Office 365 group security rule targeting the Owners group permissions and the personnel who needs access, to maintain consistent and correct permissions post-teamification.
For information about adding WorkPoint webparts to Microsoft Teams, visit this section of this article.
For more information regarding the WorkPoint Builder for Microsoft Teams, please visit this article.
Microsoft Teams is a complete collaboration and online meetings solution. With Microsoft Teams you can host audio and/or video meetings and carry out online conferences. It also lets you communicate with other members of your organization, or even people outside your organization, through an intuitive chat feature.
This provides the users with a unique intuitive interface from which all the necessary features required for team work on various projects can be accessed.
By using automatic integration between Microsoft Teams and WorkPoint through Office 365 Groups, documents created, uploaded or edited are stored in the same location, regardless of whether the user is working through the Microsoft Teams interface, or through the WorkPoint/WorkPoint Express interface.
You can read more about Microsoft Teams specifically by visiting this link:
One use case could be instances where a specific project team wants to use Microsoft Teams to organize and work with their project. Perhaps because they are used to the Teams interface, or for some other reason.
Additionally, Microsoft Teams is integrated with Microsoft’s online office suite Office 365. This means that it is tied together with other apps such as Word as Excel, as well as cloud storage and services such as SharePoint, PowerPoint, OneNote, Planner, Power BI and Delve. As a consequence of this, any document, presentation, and spreadsheet shared within a Team are automatically synced with a copy stored in Microsoft’s OneDrive cloud storage as well as a local SharePoint environment. This makes it easier to keep track of all of the Team’s shared documents, and to not miss any updates, both in communication and in documents.
Microsoft Teams also has the capability to connect to outside services such as GitHub, Zendesk, Evernote, and SAP SuccessFactors. It can even connect to businesses' own internal apps through an API.
Access to files, internal sites and dashboards is controlled by Office 365 Groups and SharePoint. Users can create a new Group or attach the Team to an already existing one when creating the Team.
Security-wise Teams meet all the same security standards as Office 365 and is Office 365 Tier C compliant. The service enforces two-factor authentication, single sign on through Active Directory, and encryption of data in transit and at rest.
WorkPoint's integration with Microsoft Teams works by connecting a WorkPoint entity (such as a company or project) with an Office 365 group. Once an entity has been connected to an Office 365 Group, a Microsoft Teams site is automatically created for that entity. It is therefore not possible to create a Microsoft Team without a connection to an entity using WorkPoint's Teams integration.
2. Requirements
The following is required for groupifying entity sites, enabling the Teams Integration:
- Your WorkPoint 365 solution must use Modern UI.
- The business module on which you want to enable the Teams Integration must use the One Entity Per Site Collection site-architecture.
- The WorkPoint 365 site, you want to connect the group to, cannot be the root site of the WorkPoint solution.
- A service user must be set up to facilitate the integration. This service user must have a Microsoft Teams license.
Attempting to groupify the root site can cause your WorkPoint 365 solution severe problems (read: most likely an irreversible crash!).
3. Configuration
3.1. Setting up a Service User
Before we can start groupifying entity sites in WorkPoint 365, we need to set up a Service User.
The Service User is responsible for groupifying sites on behalf of users.
Note that the account set as Service User must have a Microsoft Teams license.
You can set up a Service User by following these steps:
- In the Process Builder inside the WorkPoint Administration, click "Connections".
- In the "Connection for Microsoft Teams integration" section, click "here" to authorize an account as Service User.
- Sign in using the account you want to use as Service User. Keep in mind that the account set as Service User must have a Microsoft Teams license.
- In the "Stay signed in" dialogue, click "Yes".
- Click "Close" to return to the Process Builder.
- In the "Connections" side panel, click the Refresh button.
the account you signed in with should now be registered as Service User and be displayed in the side panel:
3.2. Granting consent to use Groupify functionality
Once a service user has been set up, it is also necessary to grant consent for groupify functionality.
This consent can be given by following these steps (The user performing these steps must be a tenant administrator):
- In the WorkPoint Administration, in the global settings menu, click "App Management".
- In the "Actions" section of the Action Management page, select "Connect to Office365 Group" and click the "Add" button.
This opens the Microsoft login form:
- Log in using a tenant administrator.
- Review the requested permissions and click the "Accept" button to grant consent.
Once the consent has been granted, the user is returned to the WorkPoint Administration dashboard with a success message:
3.3. Creating teams for entities
With the release of Version 4 of WorkPoint 365, WorkPoint Automate can be used to create teams for entities.
WorkPoint processes can utilize the Create Team step to create teams for entities, and this step can be implemented in a System Process for automation, or a User Process if creating a team should be a manual action.
Examples of both are given in the following sections.
3.3.1. Creating teams using user processes
When configuring a user process, we can add the "Create team" step:
Follow these steps to configure the Create team step:
- In the "Business module" field, select the business module of the entity for which you wish to create a team.
- In the "Entity" field, provide the ID of the entity on the selected business module for which you want to create a team. You can hard-code a specific ID or select a valid number field from the context, e.g., "Entity.ID".
- In the "Is public" field, select if the group being created with the team and the team itself should be public or private. Note that a state of “Yes” means that the group is Public, while a state of “No” means that the group is Private.
- In the "Description" field, a column can be selected for WorkPoint to pull data from for the Description. The field selected should be a text field, e.g., "Entity.Description".
- In the "Group alias" field, a column can be selected for WorkPoint to pull data from for the Group Alias. The group will prefix the domain in the group's e-mail address, e.g. [Group alias]@test-tenant.com. The field selected should be a text field and should be easily relatable to the entity you are creating a team for.
- In the "Group display name" you can select a field to use for display name of the group being created, and thereby the team as well. The group display name is what will in most cases be displayed to the user. The field selected should be a text field and should be easily relatable to the entity you are creating a team for.
Let's look at an example.
Here, we use the Create team step to create teams for entities in our Projects business module. The group is set to private and the description comes from the project itself. Group alias and display name are both set to the title of the project:
Note that the description uses the adaptive expression "Entity.wpDescription" (without the double quotes).
3.3.2. Creating teams using system processes
When setting up a system process, we can use a trigger to listen for events in WorkPoint and the Create team step to create teams for entities based on events happening in WorkPoint:
In the process shown in the image above, the trigger looks for when entities on the "Projects" business module changes stage. That trigger contains a condition so that it only triggers the subsequent steps if projects transition into the "Planning" stage.
The "Create team" step is thereby executed only if a project changes stage, and only if the new stage is "Planning".
For a general guide on how to configure the Create team step, look at the 3.3.1. section of this article.
For this example, we configure it as follows:
Here, we create a team for the entity which triggered the event. The group and team we create is set private, and the group description is pulled directly from the project description. The group alias and the display name are set to the entity title.
3.4. Team tabs
By default, teams in Microsoft Teams are provisioned with the following tabs:
- Posts
- Files
- Wiki
You can add custom tabs containing various types of information. Examples could be tabs containing WorkPoint webparts.
The following image shows a custom tab setup for the Master Site team on a Projects business module:
In this example, we have created a custom tab called "Tasks" which displays a Task Overview webpart.
Tab setups can be replicated to future teams created on the same business module as the master site.
To do this, we need to configure the settings for Master Sites in the WorkPoint Administration:
- In the WorkPoint Administration, click the business module for which you have made a custom tab configuration on the Master Site team and select "Master Sites".
- In the Master Sites page, scroll the the "Master Team Settings" and enable "Replicate Teams". This will replicate the tabs on the Master Site team to projects being connected with a team in the future.
- If you would like to remove all tabs not on the Master Site team when provisioning a new team for a project, enable the "Remove Additional Team Tabs" checker.
- Click the "Save" button to save the settings.
Note that the configuration in step 14-16 only applies to future teams being created. If you would like to replicate tabs from a Master Site team to existing teams, you must run a Master Site Synchronization using the following settings:
4. Notes
When a WorkPoint 365 site is converted to a Microsoft Teams-enabled site (a process known as 'teamification'), there is an observed issue where site collection administrators are stripped of their administrative rights. This loss of rights occurs because the site collection administrators are being automatically added to the Owners group. This issue can result in conflicts especially when there are pre-existing security rules for Office 365 groups that inadvertently override the membership of the Owners group.
Workaround: To counter the issue of administrative rights loss during the teamification of WorkPoint 365 sites, the following workarounds can be considered:
1. Manually Add Administrators: After the teamification process has been completed, manually re-add the desired users as site collection administrators to ensure they retain the necessary permissions.
2. Configure a Security Rule: Establish an Office 365 group security rule targeting the Owners group permissions and the personnel who needs access, to maintain consistent and correct permissions post-teamification.
4.1. Security
Additions have been made to WorkPoint’s security rules. It is now possible to make security rules which target Office 365 Group membership specifically. This means that “owner” and “member” of the Office 365 Group can be fetched from attributes of the entity in WorkPoint (e.g. Project Manager or Project Team). This has been made possible through the addition of new scopes on new security rules on relevant modules where the Office 365 Group feature is activated (shown below).
Once Office 365 Group has been chosen, the administrator can choose which group membership to target. Group memberships can be the standard Office 365 group memberships, e.g. “owner” or “Member”, but can also be customized groups. An example is shown in the image below:
Please note, that when selecting "Owners" for Group permission, only required People fields on the Business Module list are available in "Field name". Setting the field required on a content type will not make it available in "Field name".
Should an entity not be linked with a group, the security rules of groups are ignored.
4.2. Adding WorkPoint Webparts to teams
Later in this section you will need a file called "workpointteamswebparts.sppkg". You can download this file via this link.
It is possible to add WorkPoint webparts to Teams pages in Microsoft Teams. Before this option becomes available, some configuration is required. Follow these steps:
- Navigate to the SharePoint Admin Center for your solution. You can nagivate to here by going to "[TENANT NAME]-admin.sharepoint.com" in your browser. If e.g. the tenant name where the solution is located is CalperITCompany, the SharePoint Admin Center is located at "CalperITCompany-admin.sharepoint.com". In the Admin Center, click "More features" in the left side menu.
- In the "More features" page, in the "Apps" section, click "Open".
- Click "App Catalog".
- In the App Catalog site page, click "Apps for SharePoint".
- In the "Apps for SharePoint" page, click "Upload".
- Click "Choose Files" and select the "workpointteamswebparts.sppkg" file. You can download this file via this link.
- Click "OK".
- In the "Do you trust WorkPoint Teams Webparts?" dialogue, check the "Make this solution available to all sites in the organization" checker.
- Click the "Deploy" button.
- When the file is added to the app catalog, select it from the list.
- Click and open the "Files" panel.
- Click the "Sync to Teams" button. This process may take a small amount of time, but eventually the system should let you know that the synchronization was successful.
WorkPoint webparts can now be added when inside a Microsoft Team that is hooked up to a WorkPoint solution:
- In the Microsoft Teams interface, inside a team click the "+" icon in the top panel.
The "Add a tab" window now opens, from where the following WorkPoint webparts can be added:
- In this case, we have searched for "workpoint" to have all WorkPoint webparts be shown in the "Add a tab" window.
- For demonstration purposes, we add a "WorkPoint - List View" webpart.
- In the "WorkPoint - List View" window, click the "Save" button.
The webpart can be configured in the exact same way as on a workPoint 365 solution:
- A title for the webpart can be defined.
- The scope can be set, e.g. "Current site".
- A list can be selected to be shown in the list view. In this case, we select the "Documents" list from the current site.
- We can select which view from the list to show in the webpart.
- We can enable sorting.
- We can define filtering if necessary
- We can enable Grouping if necessary.
The webpart tab in Microsoft Teams can also be renamed to better fit the webpart functionality:
- Click the "˅" icon for the tab
- Click "Rename"
- Type in a new name for the tab.
- Click the "Save" button.
The tab is now renamed:
Comments
0 comments
Please sign in to leave a comment.