Graph and PowerShell Blog

Another request came in from the Telecoms team, this time they wanted to pull phone numbers from Teams, then create a file and upload this to SharePoint Online, all within Azure Automation using a runbook.

This was actually my first time looking at runbooks, I've avoided it in the past as there is better support for on-prem PowerShell and also there is a cost of running each runbook. But it will have a big future and there is no point ignoring it, so off I went to figure out how to create the runspace.

The first thing to do is to setup the Automation Account, my cloud admin kindly gave me the Automation Contributor role, and fixed an issue where the view of listed Automation Accounts does not show all the available accounts.

Once that was fixed it was time to add the modules to the runspace. The requirement was for Microsoft Teams and SharePoint to be used, so we searched the PowerShell Gallery for PNP.PowerShell and Microsoft Teams and added them. PNP PowerShell for SharePoint requires PowerShell 7, so we used runtime version 7.2, which is recomended anyway.

↑ We added the PNP.PowerShell module in order to upload files to SharePoint Online. This module requires PowerShell 7.

That took care of the modules, but next we needed to address how the Automation Account would be able to connect to these modules and have the rights needed to create the report. First the Automation Account needs to run as a managed identity, this can be found under Account Settings > Identity.

↑ Our Automation Account is setup as a managed identity.

The managed identity will need to collect phone numbers, so as in my previous article we need to add the Object ID to the Skype for Business admin role. For Sharepoint we need to be able to upload files, currently the only way to do this is to give read/write access to all SharePoint sites via an API permission.
Adding the permission must be done by a Cloud Admin connected to PNP PowerShell, who runs the following command:

Connect-PnPOnline -Interactive -Url https://-my site-.sharepoint.com/ # must be Cloud Admin that connects

Add-PnPAzureADServicePrincipalAppRole -Principal "-object ID of managed identity-" -AppRole "Sites.ReadWrite.All" -BuiltInType SharePointOnline

Now we have the modules loaded, and needed permissions added, but how do we connect to these modules within the runspace? Teams did not support this until recently but it worked first time with the correct switch:

Connect-MicrosoftTeams -Identity
Connect-PnPOnline -ManagedIdentity -Url $siteUrl

The only other issue I came across was where do you store a temporary file before it is uploaded into SharePoint? The runbooks run in a VM, and can randomly switch to another VM so it's best just to write all the information down in one go. You can use the location: $StorageFolder = "$env:temp".

Graph and PowerShell Blog	Articles 2024 Installing Exchange 2019 in Azure Landing Zone Upgrading PHP on Windows Adding a Postfix server for relay to O365 O365 Integrated Apps troubleshooting Domino and O365 Co-existence Delegate Control in AD App mail relay via HVE Setting up Mail Relay with HVE Getting BIMI certified Orbea Occam SL H30 Installing FreeSat and Saorview Changing broadband provider Replacing a DIN timer on fuseboard Outlook Desktop Notifications stop working Outlook folders keep moving sort order Teams report uploading to SharePoint with Runbooks Teams PowerShell module can't run CS cmd as App 2023 Cannot map new Shared Mailboxes in O365 Renewing an Exchange 2016 certificate Connect to Compliance PowerShell behind a Proxy Sensitivity Label not shown in Outlook Client Room Finder Error in Outlook Teams not showing Rooms Teams unable to open file Unable to review quarantined mails for shared mailbox Set Locale for various Apps Delegate Sent Items placed into external Tenant Overview of Microsoft Support cases When centralized mail sends via O365 Cleaning up your Windows DNS server Set OneDrive for Business Locale O365 Migration Tips Reporting on successful Azure logons IIS Mapi Queue full with NetScaler Secure Office365 reports with a certificate Using Graph to send emails with inline images Visualizing Graph data with Google Charts Keeping a log of NetScaler AlwaysON connections \| About \| Links

Creating a Teams report uploading to SharePoint with Runbooks 31-Jan-24 Another request came in from the Telecoms team, this time they wanted to pull phone numbers from Teams, then create a file and upload this to SharePoint Online, all within Azure Automation using a runbook. This was actually my first time looking at runbooks, I've avoided it in the past as there is better support for on-prem PowerShell and also there is a cost of running each runbook. But it will have a big future and there is no point ignoring it, so off I went to figure out how to create the runspace. The first thing to do is to setup the Automation Account, my cloud admin kindly gave me the Automation Contributor role, and fixed an issue where the view of listed Automation Accounts does not show all the available accounts. Once that was fixed it was time to add the modules to the runspace. The requirement was for Microsoft Teams and SharePoint to be used, so we searched the PowerShell Gallery for PNP.PowerShell and Microsoft Teams and added them. PNP PowerShell for SharePoint requires PowerShell 7, so we used runtime version 7.2, which is recomended anyway. ↑ We added the PNP.PowerShell module in order to upload files to SharePoint Online. This module requires PowerShell 7. That took care of the modules, but next we needed to address how the Automation Account would be able to connect to these modules and have the rights needed to create the report. First the Automation Account needs to run as a managed identity, this can be found under Account Settings > Identity. ↑ Our Automation Account is setup as a managed identity. The managed identity will need to collect phone numbers, so as in my previous article we need to add the Object ID to the Skype for Business admin role. For Sharepoint we need to be able to upload files, currently the only way to do this is to give read/write access to all SharePoint sites via an API permission. Adding the permission must be done by a Cloud Admin connected to PNP PowerShell, who runs the following command: Connect-PnPOnline -Interactive -Url https://-my site-.sharepoint.com/ # must be Cloud Admin that connects Add-PnPAzureADServicePrincipalAppRole -Principal "-object ID of managed identity-" -AppRole "Sites.ReadWrite.All" -BuiltInType SharePointOnline Now we have the modules loaded, and needed permissions added, but how do we connect to these modules within the runspace? Teams did not support this until recently but it worked first time with the correct switch: Connect-MicrosoftTeams -Identity Connect-PnPOnline -ManagedIdentity -Url $siteUrl The only other issue I came across was where do you store a temporary file before it is uploaded into SharePoint? The runbooks run in a VM, and can randomly switch to another VM so it's best just to write all the information down in one go. You can use the location: $StorageFolder = "$env:temp".