Follow

Create workspace tenants

In workspace365 you can have multiple tenants within your instance!
These tenants are easily created with the powershell script posted below.

Note: Please temporary disable MFA on the accout you're using during povisioing a new tenant. This is because the Powershell modules being used doesn't support MFA. Yep, even app passwords wont work.... When you have setup SSO (step 2) correctly, you can enable it again.

As an admin it is possible to create a workspace from your instance. You need to update the $hostname and $provisioningKey to your own parameters. You can find the $provisioningKey in: 

\inetpub\wwwroot\Workspace 365\Workspace 365\Configs\NDAW.Html.Front.config

As a partner you should be aware of your own hostname. Fill in the details in the script below and execute the .ps1 script.

###########################################################################

###########################################################################

# Copyright (C) New Day at Work B.V. - All Rights Reserved

# Unauthorized copying of this file, via any medium is strictly prohibited

# Proprietary and confidential

# Written by Wesley de Graaf <contact@workspace365.net> , February 2020

###########################################################################

###########################################################################

# Prerequisites:

# - Install-Module MSOnline

###########################################################################

###########################################################################

# Workspace 365 URL/Hostname e.g. demo.workspace365.net

$workspace365Hostname = 'HOSTNAME without HTTPS'

# Workspace 365 Instance provisioningskey

$provisioningKey = 'PROVISIONINGSKEY'

###########################################################################

###########################################################################

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

Function ValidateAndRun() {

  $Credentials = Get-Credential

  Connect-MsolService -Credential $Credentials

  $O365ROLE = Get-MsolRole -RoleName "Company Administrator"

  $GlobalAdmins = (Get-MsolRoleMember -RoleObjectId $O365ROLE.ObjectId).EmailAddress

  $AdminUser = $Credentials.UserName

  Foreach ($Admin in $GlobalAdmins) { 

    if ($Admin -match $AdminUser

      { 

        $isAdmin = 'True'

        RunProvisioning($Credentials)

      }

  }

  if (!$isAdmin) {

    Write-Host "This user is not global admin, please login with a global admin" -ForegroundColor Red

    break;  

  }

}

Function RunProvisioning($Credentials) {

  $SecurePassword = $Credentials.Password

  $BSTR = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($SecurePassword)

  $W365Password = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)

  $o365user = $Credentials.UserName

  $o365password = "$W365Password"

  $environmentNameRaw = Read-Host "Please enter Workspace name, this name cannot contain spaces"

  $environmentName = $environmentNameRaw.ToLower()

  $TenantName = (Get-MsolDomain | Where-Object {$_.Name -like '*.onmicrosoft.com'}).Name.Split('.')[0]

  $Firstname = (Get-MsolUser -UserPrincipalName "$o365user").FirstName

  $LastName = (Get-MsolUser -UserPrincipalName "$o365user").LastName

  $SecondaryEmailAddress = (Get-MsolUser -UserPrincipalName "$o365user").AlternateEmailAddresses

  if ([string]::IsNullOrWhiteSpace($LastName)) {

    $LastName = 'Workspace 365'

  } 

  if ([string]::IsNullOrWhiteSpace($SecondaryEmailAddress) -or ($SecondaryEmailAddress -eq $o365user)) {

    $SecondaryEmailAddress = 'support@newdayatwork.com'

  }

  $ProvisionInformation = @{

    office365User = $o365user

    office365Password = $o365password

    office365TenantName = $TenantName

    office365Firstname = $Firstname

    office365Lastname = $LastName

    office365SecondaryEmail = $SecondaryEmailAddress

    workspace365environmentname = $environmentName

  }

  CreateWorkspaceEnvironment($ProvisionInformation)

}

Function CreateWorkspaceEnvironment($ProvisionInformation) {

  $Workspace365environmentName = $ProvisionInformation.workspace365environmentname

  Write-Host 'Creating Workspace...' -ForegroundColor Yellow

  $requestBody = @{

    EnvironmentName = $Workspace365environmentName

    EmailAddress = $ProvisionInformation.office365User

    Password = $ProvisionInformation.office365Password

    FirstName =  $ProvisionInformation.office365Firstname

    LastName = $ProvisionInformation.office365Lastname

    SecondaryEmailAddress = $ProvisionInformation.office365SecondaryEmail

  }

  $json = $requestBody | ConvertTo-Json

  Try {

    Invoke-RestMethod -Method Post -Uri "https://$workspace365Hostname/Provisioning/Environment" -ContentType "application/json" -Header @'ProvisioningKey' = $provisioningKey } -Body $json | Out-Null

    Write-Host 'Workspace provisioned successful' -ForegroundColor Green

    $isCreated = 'True'

  } Catch {

    Write-Host "Failed to create the Workspace, please check below error message:" -ForegroundColor Red

    $_.ErrorDetails.Message

    Break;

  }

  Write-Host 'Configuring Documents...' -ForegroundColor Yellow

  $requestBody = @{

    DefaultUrl = "https://$($ProvisionInformation.office365TenantName).sharepoint.com"

    AuthenticationType = "Online"

  }

  $json = $requestBody | ConvertTo-Json

  Try {

    Invoke-RestMethod -Method Put -Uri "https://$workspace365Hostname/Provisioning/$Workspace365environmentName/SharePointSettings" -ContentType "application/json" -Header @'ProvisioningKey' = $provisioningKey } -Body $json | Out-Null

    Write-Host 'Documents configured successful' -ForegroundColor Green

  } Catch {

    $_.ErrorDetails.Message

    Write-Host "Error setting the Documents automatically, please do it manual" -ForegroundColor Yellow

  }

  Write-Host 'Configuring Exchange...' -ForegroundColor Yellow

  $requestBody = @{

    PowerShellUrl = "https://outlook.office365.com/powershell-liveid/"

    ServerType = "Office365"

    DefaultEwsUrl = "https://outlook.office365.com/EWS/Exchange.asmx"

  }

  $json = $requestBody | ConvertTo-Json

  Try {

    Invoke-RestMethod -Method Put -Uri "https://$workspace365Hostname/Provisioning/$Workspace365environmentName/ExchangeSettings" -ContentType "application/json" -Header @'ProvisioningKey' = $provisioningKey } -Body $json | Out-Null

    Write-Host 'Exchange configured successful' -ForegroundColor Green

  } Catch {

    $_.ErrorDetails.Message

    Write-Host "Error setting the Exchange automatically, please do it manual" -ForegroundColor Yellow

  }

  if($isCreated) { 

    WriteInformationToHost($Workspace365environmentName)

  }

}

Function WriteInformationToHost(){

  $url = "https://$workspace365Hostname/$Workspace365environmentName/AdminPage/ConfigureSingleSignOn"

  Write-Host "----------------------------------------###----------------------------------------" -ForegroundColor Green

  Write-Host "Workspace: $Workspace365environmentName created successfull, you can now Sign In to the URL:" -ForegroundColor Green

  Write-Host "$url" -ForegroundColor Green

  Write-Host "----------------------------------------###----------------------------------------" -ForegroundColor Green

  # If you directly want to start the Workspace 365 URL, uncomment this Start-Process

  # Start-Process $url

}

# Initialize the script

ValidateAndRun;