Teams

Overview

glueckkanja-gab (GKGAB) delivers standardized processes for managing the Microsoft Teams environment. With the use of the Teams Management service, tasks are performed by a dedicated team of experienced engineers from initial request to delivery.

Cost base

Services costs for this Module are calculated based on the active user count of the customer. The number of active users equals the amount of Microsoft 365 user subscriptions and are predefined between the parties.

Standard services and tasks

The following section lists the standard tasks and services included in the service.

Administrative roles

In Azure AD there are several built-in roles groups that are preconfigured with the appropriate rights and permissions to perform specific tasks in Microsoft Teams.

The service provider will support the customer on selecting the correct role and assignment for privileged users. A detailed list of available roles can be found here: Teams Admin Roles

User profile management

Teams uses the Azure Active Directory for the standard user profile data. Therefore, the naming and user profile data shall be managed by a customer's Identity Management System (IDM). User attributes such as, but not limited to, first name, last name, department, address, city, office location attributes that are provisioned to the users' accounts based on HR systems or similar services automatically. The user sign-in name (UserPrincipalName) shall be built by an automatic pattern (i.e. first.lastname@companydomain.com). For the ease of use, the UserPrincipalName shall be identical to the user's primary e-mail address.

Some attributes can also be maintained by the user in self-service in Azure Active Directory, such as profile picture, or Teams group membership. The customer supports the concept of user self-service and will support the service provider by propagating the self-service approach to the users.

License assignments are automated by upfront agreed user account properties, such as group membership or other properties. Individual settings must not be applied to any user. Teams License assignment is part of Identity Management. Specific Licenses like Phone System, Audio Conferencing should be covered also by this part of the service

In case the automated provisioning of some vital user attributes requires manual intervention, the service provider supports actions such as add, modify, or delete user profile information on request or through an administration tool.

User Phone Number format

The office phone number (number used by teams) must follow the international ITU standard based on E.164 and E.123 (Example: +31 42 123 4567 or +49 151 12345678). For ease of use, the phone number can also store in the following format: +CC (NDC) SN (Example: +49 (151) 12345678 )

General enablement of users for Teams

Except for joining Teams meetings anonymously, each user in an organization must have a Teams license before they can use Teams. License assignments are automated by upfront agreed user account properties, such as group membership or other properties.

Policies are used to control which features and capabilities are available to users (owners and members) in Microsoft Teams. The service provider will agree with the customer the use of the global (Org-wide default) policy that's created automatically or create and assign custom messaging policies. Individual settings must not be applied to any user. The service provider will support the customer on assigning predefined roles based on the required user profile.

Assign Teams add-on licenses to users

Add-on licenses are licenses for specific Teams features such as Audio Conferencing, Phone System, and Calling Plans. Add-on license assignments are automated by upfront agreed user account properties, such as group membership or other properties. Individual licenses must not be applied to any user. Assing Teams AddOn Licenses

Creation of a Team

The customer supports the concept of user self-service and will support the service provider by propagating the self-service Team creation approach to the users.

• The service provider supports the customer to create and manage teams.
• The service provider will support the customer in creating Teams on predefined settings through an administration tool.

Archive a Team

Archiving a team puts the team into a read-only mode within Teams.

• The service provider will support the customer on archive and un-archive teams on request.

External access

External access allows Teams users to communicate with users who are outside of their own organization. By default, external access is turned on in Teams, which means that the organization can communicate with all external domains.

• Open Federation is recommended

The configuration of blocked domains will prevent communication to these domains, while all other domains will be allowed. In case only an allowed domains list will be used, all other domains will be blocked. This is a global setting and always applies to all users.

• The service provider supports the customer to add or remove domains from the allowed or blocked specific domains list on request.

Guest management

Microsoft Teams allows users to invite external guests. External guests will be onboarded as guest user in the customer Azure AD tenant and will get access to the invited team. Invited guests gain the same permissions and features to communicate and collaborate as a corporate user.

The guest management feature in Microsoft Teams depends on and affects many other Microsoft 365 services like SharePoint and Azure Active Directory and need to be aligned with these services.

The service provider supports the customer in configuring the guest user settings.

Managing apps and channel connectors

The service provider supports the customer to add or remove third-party apps and connectors which can be used by the users on request.

Upload Custom Apps

By default, the upload of custom apps will be disabled. The user can't upload a custom app to any team in your organization or in the personal context. The preparation of all required components to register an application is the responsibility of the customer.

• The service provider will support the customer in controlling the app setup policies.
• The service provider supports the customer to add or remove custom apps.

User policy

The service provider will support the customer to add, modify, or remove a policy assignment for a specific user.

eDiscovery

The service provider supports the customer in the authorization assignment for eDiscovery. The service provider enables the customer to determine a contact person who is authorized to use the eDiscovery tools.

Reporting Details

The reports include the following scope. We continuously revise them (adjust or remove if needed, add new if it makes sense)

• Get overall number of users using Teams
• Gain insights into the Microsoft Teams apps used in your organization.

On-Demand services and tasks

The tasks and services described in the following section are not included as part of the Service but may be requested and delivered via On-Demand Services.

Ramp-Up

The initial commissioning and setup of our service is defined as ramp-up and is not part of our service. The ramp-up can be carried out via on-demand services or consulting services.

Customer requests and incidents

Requests that do not fall into the items listed under Standard services and tasks and are from direct customer requests will be treated as a normal change and serviced through On-Demand services. \ An excerpt of supported topics for our on-demand services can be found below:

• Add, modify, or remove Teams policies
• Add, modify, or remove updates policies
• Add, modify, or remove a network location
• Create a Microsoft Teams Call Records and Session Details Report via API integration
• Setup support for Teams Room Systems
• Skype for Business Hybrid deployments

Prerequisites

Services

An IT-Service agreement with glueckkanja-gab is required. The glueckkanja-gab Service Level Agreement and Request definitions also apply to this Service Description.

The Identity Module is required as the basis for the Office 365 Module.

Technical requirements

Teams service dependencies

Due to this close integration and dependency on the other services, some agreements, like naming conventions, licensing tasks, guest management etc. need to be aligned with Active Directory and Azure Active Directory.

This service description is based on a Microsoft Teams deployment in Teams Only mode.

License

The Customer is responsible for the correct licensing of all Microsoft services used and affected.

Optional

• Optionally, the customer can add one of the on-call duty packages (defined in more detail in the Service Level Agreement).

Exclusion

The following tasks are not part of the managed service offering and are not supported by GKGAB:

• The administration of phone numbers is performed in each location individually. The service provider will not maintain a numbering plan or a data repository to manage assigned or unassigned phone numbers.
• Add, modify, or remove Teams templates
• Create or develop custom apps
• Support for third-party or custom apps
• Plan for current and future needs for both user and consumption-based licensing (Calling Plans and Communication Credits) by leveraging the PSTN usage report and PSTN minute pools report.
• Execution of eDiscovery queries
• Add, modify, or remove PSTN calling relevant settings