Team Owner/ Member/ Global Admin Activities Test

As an administrator, you can use app permission policies to control what apps are available to Microsoft Teams users in your organization. You can allow or block all apps or specific apps published by Microsoft and third-parties in your organization. When you block an app, users who have the policy are unable to install it from the Teams app store. You must be a global admin or Teams service admin to manage these policies.

Similarly, Every member in Teams has a role, and each one has different permissions.

  • Owners: Team owners manage certain settings for the team. They add and remove members, add guests, change team settings, and handle administrative tasks. There can be multiple owners in a team.

  • Members: Members are the people in the team. They communicate with other team members in conversations. They can view and usually upload and change files. They also do the usual sorts of collaboration that the team owners have permitted.

It is important to keep track of the activities of administrators/owners/members on Microsoft Teams, as the changes they make may impact the way Microsoft Teams functions and how it performs. This is why, it is good practice to periodically run the Team Owner/ Member/ Global Admin Activities test.

This test keep tabs on the activities performed by administrators/team owners/members on Microsoft Teams. In the process, the test reports the number of times tenant settings were modified by the global administrator. This test also reveals the number of times channel settings were modified by member of a team. Also, the test reports the number of members added to/removed from the team by the team owners, the count of teams deletedand the number of times the team settings were modified. If you notice any sudden change in the way the Microsoft Teams operates or any unexpected dip in the performance of Microsoft Teams, you can use this test and its detailed metrics to figure out if any critical configuration change was made, and if so, what change is it and which administrator effected the change.

Target of the test : Microsoft Teams

Agent deploying the test : A remote agent

Outputs of the test : One set of results for the monitored Microsoft Teams

Configurable parameters for the test
Parameters Description

Test period

How often should the test be executed

Host

The host for which the test is to be configured. By default, this is portal.office.com

Tenant Name

This parameter applies only if you want the eG agent to use Azure AD Certificate-based Authentication for accessing and monitoring an O365 tenant and its resources.

Azure AD certificate-based authentication (CBA) enables customers to allow or require users to authenticate with X.509 certificates against their Azure Active Directory (Azure AD) for applications and browser sign-in. When monitoring highly secure Office 365 environments, you can configure the eG agent to identify itself to a tenant using a valid X.509 certificate, so that it is allowed secure access to the tenant and its resources.

By default, the value of this parameter is none. This means that, by default, the eG agent does not use certificate-based authentication to connect to an O365 tenant.

On the other hand, if you want the eG agent to use this modern authentication technique to securely access a tenant's resources, you should do the following:

  1. Enable Azure AD Certificate-based authentication for the target O365 tenant; this can be achieved manually, via the Office 365 portal, or automatically, using Powershell scripts we provide. For the manual procedure, refer to Manually Enabling Certificate-based Authentication For an Office 365 Tenantunder Microsoft Office 365. For the automatic procedure, refer to Automatically Fulfilling Pre-requisites in a Modern Authentication-Enabled Environmentunder Microsoft Office 365.

    When enabling certificate-based authentication, an X.509 certificate will be generated for the target tenant.

  2. Configure the Tenant Name parameter with the name of the tenant for which certificate-based authentication is enabled. Using the tenant name, the eG agent will be able to read the details of the X.509 certificate that is generated for that tenant, and use that certificate to access that tenant's resources. To determine the tenant name, do the following:

    • Log in to the Microsoft 365 Admin Center as an administrator.

    • Under Setup, click on Domains.

    • Find a domain that ends with .onmicrosoft.com - this is your Microsoft O365 tenant name.

O365 User Name, O365 Password, and Confirm Password

These parameters need to be configured only if the Tenant Name parameter is set to none. On the other hand, if a valid Tenant Name is configured, then you should set these parameters to none .

For execution, this test requires the privileges of an O365 user who has been assigned the Service support admin role and is vested with the View-Only Audit Logs and Team administrator permission. Configure the credentials of such a user against O365 User Name and O365 Password text boxes. Confirm the password by retyping it in the Confirm Password text box.

While you can use the credentials of any existing O365 user with the afore-said privileges, it is recommended that you create a special user for monitoring purposes using the Office 365 portal and use the credentials of that user here. To know how to create a new user using the Office 365 portal and assign the required privileges to that user, refer to Creating a New User in the Office 365 Portal under Microsoft Office 365. You can also use eG's proprietary PowerShell script to automatically create a new user, or assign the required privileges to an existing user. To know how to use this script, refer to theAutomatically Fulfilling Pre-requisites in a Basic Authentication-Enabled Environmenttopicunder Microsoft Office 365 .

Domain Name, Domain User Name, Domain Password, and Confirm Password

These parameters are applicable only if the eG agent needs to communicate with the Office 365 portal via a Proxy server.

In this case, in the Domain text box, specify the name of the Windows domain to which the eG agent host belongs. In the Domain User Name text box, mention the name of a valid domain user with login rights to the eG agent host. Provide the password of that user in the Domain Password text box and confirm that password by retyping it in the Confirm Password text box.

On the other hand, if the eG agent is not behind a Proxy server, then you need not disturb the default setting of these parameters. By default, these parameters are set to none.

Proxy Host, Proxy Port, Proxy User Name, Proxy Password and Confirm Password

These parameters are applicable only if the eG agent needs to communicate with the Office 365 portal via a Proxy server.

In this case, provide the IP/host name and port number of the Proxy server that the eG agent should use in the Proxy Host and Proxy Port parameters, respectively.

If the Proxy server requires authentication, then specify the credentials of a valid Proxy user against the Proxy User Name and Proxy Password text boxes. Confirm that password by retyping it in the Confirm Password text box. If the Proxy server does not require authentication, then specify none against the Proxy User Name, Proxy Password, and Confirm Password text boxes.

On the other hand, if the eG agent is not behind a Proxy server, then you need not disturb the default setting of any of the Proxy-related parameters. By default, these parameters are set to none.

DD Frequency

Refers to the frequency with which detailed diagnosis measures are to be generated for this test. The default is 1:1. This indicates that, by default, detailed measures will be generated every time the test runs, and also every time the test detects a problem. You can modify this frequency, if you so desire. Also, if you intend to disable the detailed diagnosis capability for this test, you can do so by specifying none against DD Frequency.

Detailed Diagnosis

To make diagnosis more efficient and accurate, the eG Enterprise embeds an optional detailed diagnostic capability. With this capability, the eG agents can be configured to run detailed, more elaborate tests as and when specific problems are detected. To enable the detailed diagnosis capability of this test for a particular server, choose the On option. To disable the capability, click on the Off option. The option to selectively enabled/disable the detailed diagnosis capability will be available only if the following conditions are fulfilled:

  • The eG manager license should allow the detailed diagnosis capability
  • Both the normal and abnormal frequencies configured for the detailed diagnosis measures should not be 0.
Measurements made by the test
Measurement Description Measurement Unit Interpretation

Team deletions

Indicates the teams that were deleted in the last measurement period.

Number

The detailed diagnosis of this measure lists the log time, the name of the team, the user who deleted the team and the Team GUID.

Tenant setting modifications

Indicates the number of tenant settings that were modified during the last measurement period.

Number

The detailed diagnosis of this measure lists the log time, the user ID, the user type, the user key, Extra properties, name and the new value.

Team setting modifications

Indicates the number of team settings that were modified during the last measurement period.

Number

The detailed diagnosis of this measure lists the name of the team, the log time, the setting name, the new value, the old value, the user ID, the user type and the Team GUID.

Member removals from a team

Indicates the number of members removed from a team during the last measurement period.

Number

The detailed diagnosis of this measure lists the name of the team, the log time at which the member was deleted, the name of the deleted member, the user who deleted the member, the user type and the Team GUID.

Role modifications in a team

Indicates the number of times the role of the users within a team was modified during the last measurement period.

Number

The detailed diagnosis of this measure lists the log time, name of the team, the display name of the team, the name of the role, UPN, the team owner, the user type and the Team GUID.

Member additions to team

Indicates the number of members added to a team during the last measurement period.

Number

The detailed diagnosis of this measure lists the name of the team, the time at which the team was created, the name of the added member, the team owner, the user type and the Team GUID.

Channel setting modifications

Indicates the number of times the settings of a channel was modified during the last measurement period.

Number

The detailed diagnosis of this measure lists the log time, the name of the team, the name of the channel, the new value, the old value, the user who changed the setting, the user type and the Team GUID.

The detailed diagnosis of the Member additions to team measure lists the name of the team, the time at which the team was created, the name of the added member, the team owner, the user type and the Team GUID.

Figure 1 : The detailed diagnosis of the Member additions to team measure

The detailed diagnosis of the Role modifications in a team measure lists the log time, name of the team, the display name of the team, the name of the role, UPN, the team owner, the user type and the Team GUID.

Figure 2 : The detailed diagnosis of the Role modifications in a team measure

The detailed diagnosis of the Team setting modifications measure lists the name of the team, the log time, the setting name, the new value, the old value, the user ID, the user type and the Team GUID.

Figure 3 : The detailed diagnosis of the Team setting modifications measure

The detailed diagnosis of the Team deletions measure lists the log time, the name of the team, the user who deleted the team and the Team GUID.

Figure 4 : The detailed diagnosis of the Team deletions measure

The detailed diagnosis of the Member removals from a team measure lists the name of the team, the log time at which the member was deleted, the name of the deleted member, the user who deleted the member, the user type and the Team GUID.

Figure 5 : The detailed diagnosis of the Member removals from a team measure

The detailed diagnosis of the Channel setting modifications measure lists the log time, the name of the team, the name of the channel, the new value, the old value, the user who changed the setting, the user type and the Team GUID.

Figure 6 : The detailed diagnosis of the Channel setting modifications measure

The detailed diagnosis of the Tenant setting modifications measure lists the log time, the user ID, the user type, the user key, Extra properties, name and the new value.

Figure 7 : The detailed diagnosis of the Tenant setting modifications measure