Create workspace tenants
In workspace365 you can have multiple tenants within your instance!
These tenants are easily created with the powershell script posted below.
Note: Please temporary disable MFA on the accout you're using during povisioing a new tenant. This is because the Powershell modules being used doesn't support MFA. Yep, even app passwords wont work.... When you have setup SSO (step 2) correctly, you can enable it again.
As an admin it is possible to create a workspace from your instance. You need to update the $hostname and $provisioningKey to your own parameters. You can find the $provisioningKey in:
\inetpub\wwwroot\Workspace 365\Workspace 365\Configs\NDAW.Html.Front.config
As a partner you should be aware of your own hostname. Fill in the details in the script below and execute the .ps1 script.
###########################################################################
###########################################################################
# Copyright (C) New Day at Work B.V. - All Rights Reserved
# Unauthorized copying of this file, via any medium is strictly prohibited
# Proprietary and confidential
# Written by Wesley de Graaf <contact@workspace365.net> , February 2020
###########################################################################
###########################################################################
# Prerequisites:
# - Install-Module MSOnline
###########################################################################
###########################################################################
# Workspace 365 URL/Hostname e.g. demo.workspace365.net
$workspace365Hostname = 'HOSTNAME without HTTPS'
# Workspace 365 Instance provisioningskey
$provisioningKey = 'PROVISIONINGSKEY'
###########################################################################
###########################################################################
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Function ValidateAndRun() {
$Credentials = Get-Credential
Connect-MsolService -Credential $Credentials
$O365ROLE = Get-MsolRole -RoleName "Company Administrator"
$GlobalAdmins = (Get-MsolRoleMember -RoleObjectId $O365ROLE.ObjectId).EmailAddress
$AdminUser = $Credentials.UserName
Foreach ($Admin in $GlobalAdmins) {
if ($Admin -match $AdminUser)
{
$isAdmin = 'True'
RunProvisioning($Credentials)
}
}
if (!$isAdmin) {
Write-Host "This user is not global admin, please login with a global admin" -ForegroundColor Red
break;
}
}
Function RunProvisioning($Credentials) {
$SecurePassword = $Credentials.Password
$BSTR = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($SecurePassword)
$W365Password = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)
$o365user = $Credentials.UserName
$o365password = "$W365Password"
$environmentNameRaw = Read-Host "Please enter Workspace name, this name cannot contain spaces"
$environmentName = $environmentNameRaw.ToLower()
$TenantName = (Get-MsolDomain | Where-Object {$_.Name -like '*.onmicrosoft.com'}).Name.Split('.')[0]
$Firstname = (Get-MsolUser -UserPrincipalName "$o365user").FirstName
$LastName = (Get-MsolUser -UserPrincipalName "$o365user").LastName
$SecondaryEmailAddress = (Get-MsolUser -UserPrincipalName "$o365user").AlternateEmailAddresses
if ([string]::IsNullOrWhiteSpace($LastName)) {
$LastName = 'Workspace 365'
}
if ([string]::IsNullOrWhiteSpace($SecondaryEmailAddress) -or ($SecondaryEmailAddress -eq $o365user)) {
$SecondaryEmailAddress = 'support@newdayatwork.com'
}
$ProvisionInformation = @{
office365User = $o365user
office365Password = $o365password
office365TenantName = $TenantName
office365Firstname = $Firstname
office365Lastname = $LastName
office365SecondaryEmail = $SecondaryEmailAddress
workspace365environmentname = $environmentName
}
CreateWorkspaceEnvironment($ProvisionInformation)
}
Function CreateWorkspaceEnvironment($ProvisionInformation) {
$Workspace365environmentName = $ProvisionInformation.workspace365environmentname
Write-Host 'Creating Workspace...' -ForegroundColor Yellow
$requestBody = @{
EnvironmentName = $Workspace365environmentName
EmailAddress = $ProvisionInformation.office365User
Password = $ProvisionInformation.office365Password
FirstName = $ProvisionInformation.office365Firstname
LastName = $ProvisionInformation.office365Lastname
SecondaryEmailAddress = $ProvisionInformation.office365SecondaryEmail
}
$json = $requestBody | ConvertTo-Json
Try {
Invoke-RestMethod -Method Post -Uri "https://$workspace365Hostname/Provisioning/Environment" -ContentType "application/json" -Header @{ 'ProvisioningKey' = $provisioningKey } -Body $json | Out-Null
Write-Host 'Workspace provisioned successful' -ForegroundColor Green
$isCreated = 'True'
} Catch {
Write-Host "Failed to create the Workspace, please check below error message:" -ForegroundColor Red
$_.ErrorDetails.Message
Break;
}
Write-Host 'Configuring Documents...' -ForegroundColor Yellow
$requestBody = @{
DefaultUrl = "https://$($ProvisionInformation.office365TenantName).sharepoint.com"
AuthenticationType = "Online"
}
$json = $requestBody | ConvertTo-Json
Try {
Invoke-RestMethod -Method Put -Uri "https://$workspace365Hostname/Provisioning/$Workspace365environmentName/SharePointSettings" -ContentType "application/json" -Header @{ 'ProvisioningKey' = $provisioningKey } -Body $json | Out-Null
Write-Host 'Documents configured successful' -ForegroundColor Green
} Catch {
$_.ErrorDetails.Message
Write-Host "Error setting the Documents automatically, please do it manual" -ForegroundColor Yellow
}
Write-Host 'Configuring Exchange...' -ForegroundColor Yellow
$requestBody = @{
PowerShellUrl = "https://outlook.office365.com/powershell-liveid/"
ServerType = "Office365"
DefaultEwsUrl = "https://outlook.office365.com/EWS/Exchange.asmx"
}
$json = $requestBody | ConvertTo-Json
Try {
Invoke-RestMethod -Method Put -Uri "https://$workspace365Hostname/Provisioning/$Workspace365environmentName/ExchangeSettings" -ContentType "application/json" -Header @{ 'ProvisioningKey' = $provisioningKey } -Body $json | Out-Null
Write-Host 'Exchange configured successful' -ForegroundColor Green
} Catch {
$_.ErrorDetails.Message
Write-Host "Error setting the Exchange automatically, please do it manual" -ForegroundColor Yellow
}
if($isCreated) {
WriteInformationToHost($Workspace365environmentName)
}
}
Function WriteInformationToHost(){
$url = "https://$workspace365Hostname/$Workspace365environmentName/AdminPage/ConfigureSingleSignOn"
Write-Host "----------------------------------------###----------------------------------------" -ForegroundColor Green
Write-Host "Workspace: $Workspace365environmentName created successfull, you can now Sign In to the URL:" -ForegroundColor Green
Write-Host "$url" -ForegroundColor Green
Write-Host "----------------------------------------###----------------------------------------" -ForegroundColor Green
# If you directly want to start the Workspace 365 URL, uncomment this Start-Process
# Start-Process $url
}
# Initialize the script
ValidateAndRun;