The information needed to integrate your CSP Direct tenant

� Integrate your CSP Direct Agreement

Overview: - The information needed to integrate your CSP Direct tenant is contained in

this PDF Guide. You will be asked to create and access various authentication keys and

which you need to do in the Microsoft Partner Centre and Azure Portal for which you will

be required to have the appropriate permissions.

Important - CSP template file.

As you go through this process, capture the inputted information, along with the screen

prints, in the CSP template file (click to open)

This completed document will be required by Cloudmore support if you have any

problems.

© Cloudmore of 1 24 v5 2017 06

http://web.cloudmore.com/hubfs/Training%20Guides/CSP%20Setup%20/CSP%20Set%20Up%20Template.docx


Follow these steps instructions below to integrate your CSP Direct Tenant.

1. Add the 0365 CSP direct service from your marketplace

2. Find your partner tenant ID

3. Create your partner centre application ID

4. Create a user for Cloudmore SDK

5. Create your graph application

6. Set your permissions (Azure graph API)

7. Create your graph application secret

8. Find your graph application ID URL

9. Set your permissions (Partner centre native App)

10. Enter the information in Cloudmore

11. Run the PowerShell scripts

Do not enter the information in the Cloudmore platform until you have completed step 9. Save the information in the CSP template file until it is needed.


You must use a Global Admin account when

completing each step in this guide.

http://web.cloudmore.com/hubfs/Training%20Guides/CSP%20Setup%20/CSP%20Set%20Up%20Template.docx


Step 1: Add the 0365 CSP direct service from your marketplace

Log in to Cloudmore. Navigate to your reseller menu, then click on marketplace.

Locate the Microsoft 0365 CSP direct service.

Click on service to add and follow on screen instructions.



Step 2: Find your partner tenant ID

With your Global Admin Account - Login to your partner center, https://partnercenter.microsoft.com.

Navigate to account settings, then select

organizational profile.

Copy the Microsoft ID (Partner Tenant ID)

to the CSP template file.

Screen print the page and save in theCSP template file under the correct

heading.


xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx

https://partnercenter.microsoft.com

http://www.apple.com


Step 3(a): Create your partner centre application ID

Navigate to account settings, then select app management.


Click add new native app.


Step 3 (b): Create your partner centre application ID


Copy the app name to the

CSP template file.

Copy the app ID to the CSP

template file.

Screen print this page and savein the CSP template file under the correct heading.

xxxxxxx-xxxx-xxxx-xxxx-xxxxxx






Step 4(a): Create a user for Cloudmore SDK

Navigate to account settings.

Select user management.

Click add new native app.



1

Name the account

Cloudmore SDK account. Note: Do not use an existing

account.

2

Select admin agent in the

“Assists your customers as”

Select not an admin in the

“Manages your company

as”.

3

Click add. A temporary

password will be displayed.

Login immediately using this

account and reset the

password.

4

Copy the PC user name

(email address) and the new

PC password to the CSP

template file.


Step 4(b): Create a user for Cloudmore SDK


Step 5(a): Create your graph application

Using your Global Admin Account

Login to your azure portal

https://portal.azure.com.

Navigate to azure active directory.


Navigate to app registrations.

https://portal.azure.com


Step 5(b): Create your graph application

Click + add.

Enter the name azure graph API

production.

Select web app / API under Application

type.

Enter http://localhost under Sign-On URL.

You need to click outside of the box to

make the Create button turn blue. Then

you can click on create.

Once the app is created and you see a

successful message in the top right corner.

Click on the app you just created.

© Cloudmore of 10 24 v5 2017 06


Step 6: Set your permissions (Azure graph API)

Copy the application IDto the CSP template file.

Click requiredpermissions.

© Cloudmore of 11 24 v5 2017 06


1

Click + add

Select an API, select window

azure service management

API.

2

Check the delegated

permission (access azure

service management…), click

select > done to save the API.

3

Screen print the page and save

in the CSP template file under

the correct heading.

4

Click windows azure active

directory. Set the permissions

as highlighted below. Click

save.

© Cloudmore of 12 24 v5 2017 06

Step 6(a): Set your permissions (Azure graph API)


Step 6(b): Set your permissions (Azure graph API)

Tick the 4 permissions

boxes that are marked.

After saving, ensure the

number of permissions

allocated is showing 1

and 3.

Screen print the page

and save in the CSP

template file under the

correct heading.

© Cloudmore of 13 24 v5 2017 06


Step 7: Create your graph application secret

Click Keys. Enter a description, for instance “graph API Key”.

Select “never expires”

under Expires. Then click save.

A value will be displayed.

You won’t be able to view it again.

© Cloudmore of 14 24 v5 2017 06

Copy the value immediately (Graph Application Secret) to the CSP template file.

xxxxxxx-xxxx-xxxx-xxxx-xxxxxx


Step 8: Find your graph application ID URL

Click properties.

Under properties set multi-tenanted to yes.

Copy the app ID URI to the

template document.

Screen print the page and

save in the CSP template

file under the correct

heading.

© Cloudmore of 15 24 v5 2017 06


Step 9(a): Set your permissions (Partner Centre Native App)

Navigate to app registrations.

Then select partner center native app.

© Cloudmore of 16 24 v5 2017 06


Step 9(b): Set your permissions (Partner Centre Native App)

Click required permissions

Click windows azure active

directory…”.

Tick the 3 permissions boxes

that are marked. Click save.

After you save make sure the

number of permissions

allocated is 3.


save in the CSP template file

under the correct heading.

© Cloudmore of 17 24 v5 2017 06


Step 9(c): Set your permissions (Partner Centre Native App)

Click + add.

Click select an API, Select azure graph API

production (that was created

in step 5), click select.

Add the permission called

access azure graph API, click

select and then done to save

the API.


save in the CSP template file

under the correct heading.

© Cloudmore of 18 24 v5 2017 06


Step 10(a): Enter the details into Cloudmore

Log in to Cloudmore. Navigate to

your reseller menu.

Click on my services, Microsoft 0365 CSP direct.

Click on authentication keys.

© Cloudmore of 19 24 v5 2017 06


Step 10(b): Enter the details into Cloudmore

© Cloudmore of 20 24 v5 2017 06

Copy the keys from the template

document and paste into

Cloudmore.


Step 11(a): Run the PowerShell Scripts

Requirements

You need to use a 64-bit version of Windows and any of the following are

supported:

• Windows 10 • Windows 8.1 or Windows 8 • Windows 2012 R2 or Windows Server 2012 • Windows 7 Service Pack 1 (SP1) • Windows Server 2008 R2 SP1

(a)

Install Microsoft Online Services Sign-in

Assistant (64-bit version).

From https://www.microsoft.com/en-

us/download/details.aspx?id=41950 Then follow the on-screen installation

instructions.

(b)

Install Windows Azure Active Directory

Module for Windows PowerShell.

From http://go.microsoft.com/fwlink/

p/?linkid=236297

Then follow the on-screen installation

instructions.

Choose to place an icon on the desktop

during installation so you easily can find

the application in next step.

(c)

Start the Windows Azure Active

Directory Module for Windows

PowerShell from the icon you placed on

the desktop (otherwise you find it on

the start menu).This will start a Windows PowerShell

window with Azure.

© Cloudmore of 21 24 v5 2017 06

https://www.microsoft.com/en-us/download/details.aspx?id=41950



http://go.microsoft.com/fwlink/p/?linkid=236297




(d) Assign credentials

In the powerShell window type:

$UserCredential = Get-Credential

And then click enter. This will bring a credentials prompt.

Enter the same credentials you used to login to the Azure

portal.

Once done you have saved your login credentials in the

variable $UserCredentials, we will use this in next step to

login.

(e) Connect to Microsoft Azure

Run the following command to use your credentials and

login to Microsoft with PowerShell:

Connect-MsolService -Credential $UserCredentialIf no error was received, that means you connected

successful.

The window should now look like this:

© Cloudmore of 22 24 v5 2017 06

Step 11(b): Run the PowerShell Scripts


(f) Save your "Azure Graph App" ID to variable.

Run the following command to save your "Azure Graph App” ID to a PowerShell variable: $AppID = “<enter-your-Azure Graph App-id-here>”

(g) Run the following command one by one.

$group = Get-MsolGroup | ? {$_.DisplayName -eq 'AdminAgents'}

$principal = Get-MsolServicePrincipal | ? {$_.AppPrincipalId -eq $AppID}

Add-MsolGroupMember -GroupObjectId $group.ObjectId -GroupMemberType ServicePrincipal -GroupMemberObjectId $principal.ObjectId

(h) Finished

Now you are done. Close the PowerShell window to disconnect from Microsoft.

© Cloudmore of 23 24 v5 2017 06

Step 11(c): Run the PowerShell Scripts


Step 12: Completing your setup

1. Import organizations/customers - Do this now if you have not already done so.

2. Link your CSP customer tenants - Enables data processing in Cloudmore.

3. Test CSP setup - Do this after you have linked your customer tenants.

Click the links to access the relevant setup guides.

END.

© Cloudmore of 24 24 v5 2017 06

http://web.cloudmore.com/guides/how-to-add-organizations

http://web.cloudmore.com/guides/testing-your-csp-setup

http://web.cloudmore.com/guides/link-0365-tenants-to-organization

Documents

The information needed to integrate your CSP Direct tenant