Pre-requisites for Monitoring Microsoft OneDrive for Business

Before attempting to monitor Microsoft OneDrive for Business, make sure that the following pre-requisites are fulfilled:

  1. The eG agent should be deployed on a remote host running one of the following Windows versions:

    • Windows 10
    • Windows 8.1
    • Windows Server 2016
    • Windows Server 2019
    • Windows Server 2012 or Windows Server 2012 R2
    • Windows Server 2008 R2 SP1

  2. The Windows system hosting the remote agent should have internet connection.
  3. .NET 4.5 (or above) should pre-exist on the eG agent host.
  4. Windows Management Framework (WMF) 5.1.14 (or above) should be installed on the eG agent host
  5. The eG agent runs Powershell cmdlets to pull a few metrics from OneDrive for Business. To enable the eG agent to run these cmdlets, the following need to be installed and run on the eG agent host:

    • A 64-bit version of the Microsoft Online Services Sign-in Assistant for IT Professionals RTW: You can download its installable from the URL : https://download.microsoft.com/download/7/1/E/71EF1D05-A42C-4A1F-8162-96494B5E615C/msoidcli_64bit.msi. After downloading, use the installable to install the sign-in assistant, and then start it.
    • A 64-bit version of the Microsoft Azure Active Directory Module for Windows PowerShell: To install this module, do the following:

      • First, install the PackageManagement and PowerShellGet modules on the eG agent host. You can download the installable from the URL: https://download.microsoft.com/download/C/4/1/C41378D4-7F41-4BBE-9D0D-0E4F98585C61/PackageManagement_x64.msi
      • Once the PackageManagement and PowerShellGet modules are successfully installed, open Windows PowerShell ISE in elevated mode on the eG agent host.
      • Then, run the cmdlet depicted by .

        Figure 87 : Installing the Microsoft Azure Active Directory Module for Windows PowerShell

  6. To run PowerShell cmdlets for metrics collection, the eG agent requires the privileges of a user who has been assigned the Service support admin and SharePoint admin roles and is vested with the View-Only Audit Logs permission. For this purpose, each test the eG agent runs on SharePoint Online should be configured with the credentials of a user who has been assigned the aforesaid roles and permission.

    While you can use the credentials of any existing O365 user with the aforesaid privileges, it is recommended that you create a special user for monitoring purposes using the Office 365 portal and configure the eG tests with the credentials of that user. To know how to create a new user using the Office 365 portal and assign the required privileges to that user, refer to Creating a New User in the Office 365 Portal topic.

  7. To enable the eG agent to collect critical statistics on site collections, site connectivity, health score, tenant storage usage, and file operations, you need to make sure that the SharePoint Online Management Shell is installed and run on the eG agent host. You can download the installable for the SharePoint Online Management Shell from the URL: https://www.microsoft.com/en-in/download/details.aspx?id=35588

  8. To enable the eG agent to monitor the OneDrive for Business service health, site usage, Message Center communications, and user activity, you need to ensure that the Microsoft Graph App is installed on Azure Active Directory (AD), with the following permissions:

    • ServiceHealth.Read permission, which will allow the app to read the service health information for your organization;
    • MyFiles.Read permission, which will allow the app to read from and write to user files;
    • Sites.Read.All permission, which will allow the app to read items in all site collections;
    • User.Read permission, which will allow the app to sign in and read the user profile;
    • Group.Read.All permission, which will allow the app to read all groups;
    • User.Read.All permission, which will enable the app to read the full profile of all users;
    • Reports.Read.All permission, which will permit the app to read all usage reports;

    The steps for manually installing this app and granting the aforesaid permissions are detailed in Installing the Microsoft Graph App On Microsoft Azure Active Directorytopic.

To ensure that pre-requistes 5, 6, 7, and 8 above are fulfilled without a glitch, eG Enterprise provides proprietary PowerShell scripts, which you can run and have these requirements automatically fulfilled. These scripts and their purposes are discussed in the table below:

Script name

Purpose

O365_Step2_ModulesDwnldnInstall.ps1

Automatically installs the modules/packages required for monitoring OneDrive for Business

O365SetRolesAndpermissions.ps1

  • Automatically creates a user and grants that user the permission to run Powershell cmdlets
  • If you want to use an existing user for this purpose, then you can run the same script to assign cmdlet execution permissions to that user;
  • Creates a Microsoft Graph app on Microsoft Azure Active Directory and assigns the required permissions to it

To know how to use these scripts, refer toUsing Powershell Scripts to Fulfill Requirements for Monitoring Microsoft OneDrive for Business topic.