Prerequisites for SharePoint Online

  1. Access to the internet from all end users workstations, make sure that the following domains are not blocked by the browser: "azurewebsites.net" and "windows.net"
  2. The URL of the SharePoint admin center of the SharePoint tenant you will be setting CardioLog Analytics on.

  3. At least one Power BI pro account (there is no need to install Power BI for desktop, users will login to the Power BI web interface). This user will become the owner of the app workspace in Power BI and will be able to share it with others in the organization and collaborate on reports. End users who just need to consume reports, do not need a Power BI pro account. You can export reports for them (to CSV, PDF, Excel) or embed the report within SharePoint (using the publish to web - creates a public link to the report).

  4. Microsoft Office 365 Global Admin permissions are required in order to approve the CardioLog Analytics SaaS App installation request.
  5. Prepare a Microsoft Office 365 service account with the following permissions in order to install CardioLog Analytics SaaS:
    • SharePoint tenant administrator account; 
    • Site collection administrator (not just administrator) of the app catalog site collection of your tenant;
    • Administrator of all the site collections that you are looking forward to include in the CardioLog Analytics SaaS reports.
  6. Make sure you have PowerShell version 5.1 or higher, with the MSOnline module installed.
  7. Make sure that your tenant allows custom Apps authentication in order to install the CardioLog Analytics App.

    Note: In case your tenant has this option disabled and DisableCustomAppAuthentication is set to True (note that it is disabled by default for SharePoint Online tenants created on August 2020 or later), you can execute the following command in SharePoint Online Management Shell in order to enable it:

    Set-SPOTenant -DisableCustomAppAuthentication $false


  8. Make sure any SharePoint preservation policies you may have are temporarily turned off, while installing the CardioLog Analytics SaaS App, in order to approve the App:
    Office 365 Admin > Security and Compliance > Data governance > Retention > Policies > set Status Off



  9. Make sure control access based on specific network locations is turned off, in order to allow communications to CardioLog Analytcs SaaS.
    Office 365 Admin > Admin Centers > SharePoint Admin Center > Device access > Control access based on network location > Uncheck "Only allow access from specific IP address locations"


  10. Make sure custom scripts are turned on (changes in this setting take up to 24 hours to apply):
    Office 365 Admin > Admin Centers > SharePoint Admin Center > Settings > Custom Script > Select Allow in both options





    Note: In case a specific site collection does not inherit these settings from SharePoint Central Administration, you can execute the following commands in SharePoint Online Management Shell (replace the placeholders for [company] and [site collection url]):

    $url = "https://[company]-admin.sharepoint.com"
    $User = Read-Host -Prompt "Enter username for $url"
    $Password = Read-Host -Prompt 'Enter password' -AsSecureString
    $credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($User, $Password)
    $adminContext = New-Object Microsoft.SharePoint.Client.ClientContext($url)
    $adminContext.Credentials = $credentials
    $tenant = New-Object Microsoft.Online.SharePoint.TenantAdministration.Tenant($adminContext)
    $adminContext.Load($tenant)
    $adminContext.ExecuteQuery()
    $props = $tenant.GetSitePropertiesByUrl("[site collection url]", $false)
    $adminContext.Load($props)
    $adminContext.ExecuteQuery()
    $DenyAddAndCustomizePagesStatusEnum = [Microsoft.Online.SharePoint.TenantAdministration.DenyAddAndCustomizePagesStatus]
    $props.DenyAddAndCustomizePages = $DenyAddAndCustomizePagesStatusEnum::Disabled
    $props.Update()
    $adminContext.ExecuteQuery()



  11. Verify an App Catalog is available in the SharePoint Online tenant:
    1. Sign in to Office 365 with your SharePoint Online global admin account.
    2. Go to the SharePoint admin center.

    3. Select Apps from the Quick Launch bar on the left, and then select App Catalog
    4. If there is no app catalog site created yet, select Create a new app catalog site, and then select OK.



    5.  On the Create App Catalog Site Collection page, enter the required information, and then select OK.



  12. If end users are using IE 9/10/11 with Medium-High security level and above, they will have to manually enable the IE Active Scripting option for the appropriate security zone as follows: Open IE -> Tools -> Internet Options -> Security -> Choose the appropriate security zone (Internet Zone most likely) -> Custom Level... -> Scripting -> Enable the Active Scripting option. Another option is to add the event listener host URL to a IE security zone with Medium or lower security level (e.g. Trusted Sites) or to add the Azure event listener host URL to Trusted Sites. If end users are using IE 9, they will also have to manually enable the Access data sources across domain option as follows: Open IE -> Tools -> Internet Options -> Security -> Choose the relevant security zone (Internet Zone most likely) -> Custom Level... -> Miscellaneous -> Enable the Access data sources across domains option.

Prerequisites for SharePoint On-Prem

  1. Access to the internet from all end users workstations, make sure that the following domains are not blocked by the browser: "azurewebsites.net" and "windows.net"
  2. If end users are using IE 9/10/11 with Medium-High security level and above, they will have to manually enable the IE Active Scripting option for the appropriate security zone as follows: Open IE -> Tools -> Internet Options -> Security -> Choose the appropriate security zone (Internet Zone most likely) -> Custom Level... -> Scripting -> Enable the Active Scripting option. Another option is to add the Azure event listener host URL to Trusted Sites. If end users are using IE 9, they will also have to manually enable the Access data sources across domain option as follows: Open IE -> Tools -> Internet Options -> Security -> Choose the relevant security zone (Internet Zone most likely) -> Custom Level... -> Miscellaneous -> Enable the Access data sources across domains option.
  3. At least one Power BI pro account (there is no need to install Power BI for desktop, users will login to the Power BI web interface). This user will become the owner of the app workspace in Power BI and will be able to share it with others in the organization and collaborate on reports. End users who just need to consume reports, do not need a Power BI pro account. You can export reports for them (to CSV, PDF, Excel) or embed the report within SharePoint (using the publish to web - creates a public link to the report).
  4. The SharePoint farm admin service account credentials (make sure the farm admin account has full access rights to the selected web applications in SharePoint Central Administration > Manage Web Application > User Policy).
  5. Configure a site-to-site VPN to securely access the customers' SharePoint environment from Intlock's Azure network. The list of supported VPN devices and instructions on configuring the VPN can be found here. Contact us for more details.
  6. Make sure you have PowerShell version 5.1 or higher.
  7. Verify your environment supports using Apps for SharePoint 2019 and enable Apps for your farm:
    1. Go to the SharePoint Central Administration.
    2. Navigate to Apps and Configure Store Settings.



    3. Make sure you have the App Purchases enabled.
      SharePoint Central Administration > Apps > Configure Store Settings > App Purchases > Select Yes for 
      Should end users be able to get apps from the SharePoint Store?



Prerequisites for Yammer

  1. A dedicated service account that is a Verified Admin in the Yammer network.
  2. At least one Power BI pro account (the Yammer reports are displayed in Power BI). This user will become the owner of the app workspace in Power BI and will be able to share it with others in the organization and collaborate on reports.
  3. Enable 3rd Party Applications (to install the CardioLog Analytics SaaS app from the Yammer Apps Directory)
    1. Log on to Yammer with a verified admin and click on the gear icon to open Settings.



    2. Settings > Network Admin > Network > Configuration > Enabled Features > select 3rd Party Applications.








  4. Enable Archive data retention policy (to import data about deleted content).
    1. Log on to Yammer with a verified admin and click on the gear icon to open Settings.
    2. Settings > Network Admin > Content and Security > Data Retention > select Archive option.



  5. Enable Private Content mode (to import data about private groups)
    1. Log on to Yammer with a verified admin and click on the gear icon to open Settings.
    2. Settings > Network Admin > Content and Security > Content Mode > select Private Content mode and click Save.

Prerequisites for Microsoft Teams and Exchange Online

  1. Disable concealed user, group, and site names (to import actual user names).
    1. Log on to Microsoft 365 admin center.
    2. Go to Settings > Org settings > Reports.
    3. Clear the Display concealed user, group, and site names in all reports option. 


 

 

Note: Intlock supports merely products and/or solutions within third party vendor’s Mainstream Support policy, including but not limited to Windows (OS), Windows Server, SQL Server databases, browsers, etc. Intlock support for products and/or solutions under third party vendor’s Extended Support policy, might requires further efforts based on professional services, which will be priced separately by Intlock upon Client’s request. Intlock at its sole discretion might not provide any support services whatsoever to any third party vendor products and/or solutions that are not being included under third party vendors' Mainstream or Extended Support policies.

  • No labels