blog.icewolf.ch

Let's talk about IT!
posts - 2080, comments - 295, trackbacks - 0

My Links

Archives

Post Categories

icewolf

Sunday, June 5, 2022

Calendar Availability (Free/Busy) Requests with Microsoft Graph

Hi All,

I recently had a customer that wanted to write an Application to read the Availability (Free/Busy) from the Calendars of theyr users.Here is how you can do that with Microsoft Graph.

First you need an Application in Azure Active Directory with an AppID / ClientID


Then you need to be able to Authenticate. I usually use a Certificate for that purpose.


As for the Permissions, the Application needs the following:

App needs Application Permissions:
- Calendars.Read (Only for the Mailbox where you make the Requests from - Limit with ApplicationAccessPolicy)
- Schedule.Read.All


Now we need to Limit the Calendars.Read to the Mailbox where the Availability Requests (aka Free/Busy) requests are made from.

New-ApplicationAccessPolicy -AccessRight RestrictAccess -AppId b1fe3302-d057-4fe3-84ac-c507ecdb6d0d -PolicyScopeGroupId PostmasterGraphRestriction@icewolf.ch -Description "Restrict this app to members of this Group"
Get-ApplicationAccessPolicy | Where-Object {$_.AppId -eq "b1fe3302-d057-4fe3-84ac-c507ecdb6d0d"}


Now we can test it

Test-ApplicationAccessPolicy -AppId b1fe3302-d057-4fe3-84ac-c507ecdb6d0d -Identity postmaster@icewolf.ch
Test-ApplicationAccessPolicy -AppId b1fe3302-d057-4fe3-84ac-c507ecdb6d0d -Identity max.muster@icewolf.ch



I've tested it with the Example from the Docs Site


Only got an Error and could not figure it out. Write me if you found a Solution that works.

Connect-MgGraph -AppId $AppID -CertificateThumbprint $Thumbprint -TenantId $TenantId
Import-Module Microsoft.Graph.Users.Actions

$params = @{
    Schedules = @(
        "m.muster@icewolf.ch"       
    )
    StartTime = @{
        DateTime = "2022-05-09T06:00:00"
        TimeZone = "W. Europe Standard Time"
    }
    EndTime = @{
        DateTime = "2022-05-09T15:00:00"
        TimeZone = "W. Europe Standard Time"
    }
    AvailabilityViewInterval = 60
}
$jsonArray = $Params | ConvertTo-Json -Depth 4

$UserId = "postmaster@icewolf.ch"
Get-MgUserDefaultCalendarSchedule -UserId $userId -BodyParameter $Params



All right, i've created two Appointments in the Calendar of max.muster@icewolf.ch. The second one is private.


The Calendar Permissions for "Default" are "AvailabilityOnly"

Get-MailboxFolderPermission -Identity max.muster@icewolf.ch:\Kalender


So let's try it with a pure Graph Call.

#Variables
$AppID = "b1fe3302-d057-4fe3-84ac-c507ecdb6d0d"
$Thumbprint = '4F1C474F862679EC35650824F73903041E1E5742'
$TenantId = "icewolfch.onmicrosoft.com"
$Certificate = Get-Item "Cert:\CurrentUser\My\$Thumbprint"

#Get AccessToken with MSAL Certificate Auth
Import-Module MSAL.PS
Clear-MsalTokenCache
$RedirectUri = "https://login.microsoftonline.com/common/oauth2/nativeclient"
$Token = Get-MsalToken -ClientId $AppID -TenantId $TenantID -RedirectUri $RedirectUri -ClientCertificate $Certificate
$AccessToken = $Token.AccessToken

#Get Availability (aka Free/Busy)
$From = "postmaster@icewolf.ch"
$URI = "https://graph.microsoft.com/v1.0/users/$From/calendar/getSchedule"
$ContentType = "application/json"
$Headers = @{"Authorization" = "Bearer "+ $AccessToken}

$Body = @{
    Schedules = @(
        "max.muster@icewolf.ch"       
    )
    StartTime = @{
        DateTime = "2022-06-06T06:00:00"
        TimeZone = "W. Europe Standard Time"
    }
    EndTime = @{
        DateTime = "2022-06-12T19:00:00"
        TimeZone = "W. Europe Standard Time"
    }
    AvailabilityViewInterval = 60
}
$jsonBody = $Body | ConvertTo-Json -Depth 4

$result = Invoke-RestMethod -Method "POST" -Uri $uri -Headers $Headers -ContentType $ContentType -Body $JsonBody
$Result.value.scheduleItems



If we change the Permission to Reviewer

Set-MailboxFolderPermission -Identity max.muster@icewolf.ch:\Kalender -User Default -AccessRights Reviewer

We can now even see the Subject and some more Details. But not for the Item with the Private Flag. We see only that he is not available then.

$result = Invoke-RestMethod -Method "POST" -Uri $uri -Headers $Headers -ContentType $ContentType -Body $JsonBody
$Result.value.scheduleItems




Summary:
This is an easy way to read the Calendar of your Organization Mailbox Users.
It respects the MAPI Permissions set to a Calendar.
You can add your ServiceAccount as a dedicated Permission Entry on the Calendar

Add-MailboxFolderPermission -Identity max.muster@icewolf.ch:\Kalender -User postmaster@icewolf.ch -AccessRights Reviewer


Regards
Andres Bohren


posted @ Monday, June 6, 2022 8:47 AM | Filed Under [ Exchange PowerShell ]

Microsoft Teams Fluid Components

Hi All,

I've only worked a few Times with Loop Components in Teams so far.
Just a few things that are good to know:
  • Loop Components are saved on OneDrive (with all the Hassle of one User leaving the Company)
  • Loop Components can only used be on Chat (Channels not supportet so far)
  • There are some Limitations to Loop Components with Compliance Search (no viewer so far)

Overview of Loop components in Teams

Manage Loop components in SharePoint

First things to know about Loop components

Transforming creation and collaboration with Microsoft Loop components in Teams chat now available!

Check if the Fluid Settings in Sharepoint are enabled (was by default in my case)

Connect-SPOService -Url https://icewolfch-admin.sharepoint.com
Get-SPOTenant | fl *fluid*



Send a Loop component in Teams chat

In the Chat cklick at the Fluid Symbol and select a Component


Give it a Tile and add the Items. Then hit send



As you can see the *.fluid File has been saved on my OneDrive



If you click on the Item, you can edit the Item in the Browser (works also with OneDrive Sync and opens the Browser too)



Regards
Andres Bohren


posted @ Sunday, June 5, 2022 11:06 AM | Filed Under [ Microsoft365 MicrosoftTeams ]

Microsoft Teams Calling Outlook Contacts

Hi All,

In May Microsoft has anouced, that Calling Pickers in Teams will also use Exchange Contacts.
The Rollout started in May and should be finished in mid June.


 I have created a Contact called "Werner Beinhart" as a Reference to a Comic Movie from 1990.


When i search in Teams Calling for that user it will be found and presented to Call



Regards
Andres Bohren


posted @ Sunday, June 5, 2022 9:07 AM | Filed Under [ MicrosoftTeams ]

Powered by:
Powered By Subtext Powered By ASP.NET