Search Engine: Elastic

Article ID: 133483, created on Dec 6, 2018, last review on Feb 4, 2019

  • Applies to:
  • Operations Automation 8.0
  • Operations Automation 7.2
  • Operations Automation 7.3
  • Operations Automation 7.4
  • Business Automation 8.0
  • Business Automation 7.2
  • Business Automation 7.3
  • Business Automation 7.4

Table of Contents

Release Notes

You can read the complete Office 365 18.4.1 Release Notes here. Also, you can download the PDF version.

Dependencies and Pre-Requisites

The Office 365 application package requires:

  • Odin Automation 8.0.0 or a later 8.0.x version
  • Odin Automation 7.4.0 or a later 7.4.x version
  • Odin Automation 7.3.0 or a later 7.3.x version
  • Odin Automation 7.2.0 or a later 7.2.x version

Fixed Issues

  • APSA-20624 [Documentation] Remove the 'DNS Hosting' resource from the 'Office 365' service template.
  • APSA-20786 The reseller relationship between a partner tenant and a customer tenant must be removed if all Office 365 subscriptions related to the customer tenant are removed.
  • APSA-20767 The apsType field of an APSSubscriptionResource object can be null, and this should be handled correctly in request filters.
  • APSA-20764 The application does not reactivate a subscription because its "Quantity" is greater than 1 in the endpoint database.
  • APSA-20489 A #EXT# user is set in "AdminLogin" during the initial provisioning of a subscription.
  • APSA-20716 The automatic synchronization procedure is not described properly.
  • APSA-20771 A wrong path in Office 365 Provider's Guide, Synchronizing Changes from Office 365 Portal.
  • APSA-20670 The Microsoft Cloud Agreement e-mail address validator allows unsupported symbols in e-mail addresses.
  • APSA-20630 On the 'Licenses' screen, all licenses have PROVISIONING status when only some of those licenses are being provisioned.
  • APSA-20169 Multi-Factor Authentication (MFA) on the Microsoft side breaks Office 365 integration.
  • APSA-20628 Blinking tabs in MyCP for disabled subscriptions.
  • APSA-20592 Domain verification failed: 'Verification of federated domains is not allowed.'.
  • APSA-20746 autoconf.py sets 'overusage fee' to 1 instead of 0.
  • APSA-20738 Service plans with the 'Yearly on Statement Day' billing period type should be taken into account by the import tool.
  • APSA-20633 'Unknown error' occurs when the Office 365 service is assigned to a user with a weak password.
  • APSA-20808 Application pool recycling causes "provisioning Migration" tasks to fail. Restarting the migration procedure causes the "user is not present in gateway DB" error.

Important: This section provides the list of fixed issues. To obtain the detailed description of a fixed issue, you must read the corresponding section of the complete release notes. You can read the complete Office 365 18.4.1 Release Notes here. Also, you can download the PDF version.

New Features and Changes

Support of the New Application Security Model

As of February 4, 2019, Microsoft introduces a new application security model for authenticating cloud solution provider partners and control panel vendors (an overview of the new security model and technical details are available at https://docs.microsoft.com/en-us/partner-center/develop/enable-secure-app-model).

As of this version, the Office 365 application supports the new application security model and is compliant with its requirements:

  • The application no longer stores the user credentials of CSP partner accounts. All user credentials will be erased during the upgrade of the application to version 18.4.1.
  • The application no longer requires CSP partners to register any apps in the Azure ADs of their CSP partner accounts. Instead of this, a single app registered in Ingram Micro's control panel vendor account (ingrammicrocpv.onmicrosoft.com) is shared among all Office 365 application instances of all CSP partners. This makes the process of Office 365 application instance configuration simpler and less error-prone.
  • Now, a CSP partner using the application must give explicit consent to the permissions that the application requires to make calls to the Partner Center and Graph APIs on behalf of the CSP partner; as a result of giving consent, the application acquires a refresh token. The application securely stores and uses this refresh token to make calls to the Microsoft APIs on behalf of the CSP partner.

    A CSP partner can give consent and acquire a refresh token from the UI of the application; during this procedure, signing in to the Microsoft Partner Center as an administrative user of the CSP partner account is required.

  • A refresh token has a 90 day lifetime. A CSP partner must give consent and acquire a new refresh token before the current refresh token expires.

Warning: Service providers using the Office 365 application on their Odin Automation installations need to upgrade the application to version 18.4.1 before February 4, 2019. Otherwise, the application will not be able to manage existing Office 365 subscriptions or create new ones.

Please refer to Odin Automation Office 365 Integration Provider's Guide >> Cloud Solution Provider Scenario to learn more.

Microsoft Cloud Germany Is No Longer Supported

As of Office 365 18.4.1, the application no longer supports the national cloud Microsoft Cloud Germany.

Important: If you have application instances configured for Microsoft Cloud Germany, do not upgrade the application to 18.4.1.

Known Issues and Limitations

  • Office 365 and Azure CSP resources cannot be sold in the same service template and service plan. You must use separate service templates and service plans for selling Office 365 and Azure CSP resources.
  • Upgrading trial Office 365 subscriptions from trial service plans to paid service plans does not work in CCP v1. To work around this issue, you can switch customers with trial Office 365 subscriptions from CCP v1 to UX1 for Customers.
  • In UX1 for Customers of Odin Automation 7.2, adding trial Office 365 services to users does not work on the Users screen. To work around this issue, customers can use the Office 365 screen.

Obtaining

Contact your Ingram Micro Support account manager to obtain the new version of the Office 365 application package.

Installation

To install the Office 365 application, use the instructions provided in the Odin Automation Office 365 Integration Provider's Guide.

Upgrade Procedure (from Version 18.3)

The upgrade procedure consists of the following steps:

  1. Prepare the necessary information for upgrading the Office 365 application endpoint (collect Office 365 gateway site parameters).
  2. Stop provisioning Office 365 services.
  3. Upgrade the Office 365 application endpoint.
  4. Upgrade the Office 365 application.
  5. Acquire refresh tokens for all application instances.
  6. Remove the o365_based_on_email service parameter from all Office 365 service templates.
  7. Update the OA Billing control panel and online store customizations.
  8. Perform post-upgrade validation.
  9. Start provisioning Office 365 services.

Important:

  • The upgrade procedure is not reversible.
  • Upgrade steps 1-9 are mandatory.
  • Make sure the current version of the Office 365 application is 18.3. Upgrading from other versions is not supported.
  • Before upgrading the Office 365 application from one version to another, make sure that you are going to follow the allowed upgrade paths. See KB article #130752 for details.
  • If a non-LocalDB edition of SQL Server is used by your Office 365 application endpoint, make sure all SQL Server logins of Office 365 gateway application databases have the sysadmin server role. See Odin Automation Office 365 Integration Provider's Guide >> Cloud Solution Provider Scenario > Deployment Architecture > Preparing SQL Server Databases for details.
  • The names of the Office 365 gateway sites must not be changed after the installation of the Office 365 application endpoint. If you have changed them, reinstate the original names before upgrading the Office 365 application endpoint.

To upgrade an existing installation of the Office 365 application, perform the following steps:

  1. Prepare the necessary information for upgrading the Office 365 application endpoint. You must prepare the name of the Office 365 gateway site, the name of the Office 365 gateway application, the hostname of the Office 365 gateway site, and the IP address of the Office 365 gateway site. This can be done in the following way:

    1. Log in to Provider Control Panel.
    2. Go to Service > Applications and click the Office 365 application.
    3. Select the Instances tab and click the target application instance.
    4. Select the General tab.
    5. Obtain the value of the Application API end-point URI setting. This is a URL that is structured in the following way: https://<Hostname_of_Office_365_Gateway_Site>/<Name_of_Office_365_Gateway_Application>/aps/.
    6. Write down the name of the directory from the URL. This is the name of the Office 365 gateway application.
    7. Write down the hostname from the URL. This is the hostname of the Office 365 gateway site.
    8. Resolve and write down the hostname from the URL into the IP address. This is the IP address of the Office 365 gateway site.
    9. Log on to the Office 365 Application Endpoint Host as Administrator via RDP.
    10. Open Internet Information Services (IIS) Manager.
    11. Go to the list of sites.
    12. From the list, select the site with the IP address obtained above.
    13. Write down the name of the site. This is the name of the Office 365 gateway site.
  2. Stop provisioning Office 365 services:

    1. Stop provisioning Office 365 services. For example, deactivate the Office 365 service template in OA Operations.
    2. In OA Operations, go to Operations > Tasks and make sure all Office 365 tasks are processed.
  3. Upgrade the Office 365 application endpoint:

    1. Upload the Office 365 application package to the Office 365 Application Endpoint Host.
    2. Unpack the application package.
    3. Unblock the contents of the O365-Web.zip file. To do this, right-click the file in Windows Explorer, click Properties, click Unblock, and click OK.
    4. Unpack the O365-Web.zip file.
    5. Start Windows PowerShell Console and go to the directory where the contents of the O365-Web.zip file are located.
    6. Run the following command:

      .\setup.cmd -GatewaySiteName <The name of the Office 365 gateway site> -GatewayAppName <The name of the Office 365 gateway application> -GatewayIPAddress <The IP address of the Office 365 gateway site> -GatewaySiteCertSubject <The hostname of the Office 365 gateway site> -Force
      
    7. Run the iisreset command.

    Note: If you have several Office 365 gateway sites on the Office 365 Application Endpoint Host, use the procedure provided above to upgrade each Office 365 gateway site.

  4. Upgrade the Office 365 application:

    1. Import the Office 365 application package to Odin Automation. See APS Application Hosting Guide >> Application Hosting Configuration > Managing Applications > Importing Application for details.
    2. Upgrade existing Office 365 application instances. See APS Application Hosting Guide >> Application Hosting Configuration > Bulk Application Upgrades for details.
  5. For every application instance of the Office 365 application, acquire a refresh token by following these steps:

    1. Prepare the credentials of a user with the Global admin and Admin agent roles in the CSP partner account that the application instance belongs to. Also, make sure that Multi-Factor Authentication (MFA) is enabled for the user, as described at https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-userstates.
    2. In the Provider Control Panel, perform the following:

      1. Go to Services > Applications and click on the Office 365 application.
      2. Select the Instances tab and click on the application instance that belongs to the CSP partner account.
      3. Select the Office 365 tab and select the Settings subtab.
      4. Click on the Manage Refresh Token button.
      5. In the Automatic Update area, click on the Update Refresh Token button. This will open the Microsoft Partner Center login page in a new browser window.
    3. In the new browser window, perform the following:

      1. Sign in using the credentials of the user that you prepared.
      2. Click on the Accept button to give consent to the permissions that the Office 365 application requires. You will be redirected from the Microsoft Partner Center to a special site.
      3. Make sure that the The consent has been granted successfully. The authorization code has been sent ... message is shown on the Partner Onboarding Web Application page of the site. After that, close the new browser window.
    4. In the Provider Control Panel, perform the following:

      1. Make sure that the Your refresh token has been updated successfully message or similar is shown.
      2. Click on the Test Connection button to check that the Office 365 application can make calls to the Partner Center and Graph APIs on behalf of the CSP partner account using the refresh token.

    Warning: A refresh token has a limited lifetime of 90 days. This means that you must acquire a new refresh token before the current refresh token expires.

    Note: You can also update a refresh token using another update procedure. To learn more, see Odin Automation Office 365 Integration Provider's Guide >> Cloud Solution Provider Scenario > Deploying 'Office 365' Application > Giving Consent and Acquiring Refresh Token.

  6. Remove the o365_based_on_email service parameter from all Office 365 service templates in OA Billing. After removing the parameter, synchronize all online stores that are used for selling Office 365 services.

  7. Update the installed OA Billing control panel and online store customizations. Use KB article #130232 to find the necessary customizations and update instructions.

    Important: After upgrading Odin Automation, make sure the installed OA Billing control panel and online store customizations belong to the current version of Odin Automation. If necessary, update them. Use KB article #130232 to find the necessary customizations and update instructions.

  8. Perform the following post-upgrade validation steps:

    1. In Task Manager, make sure that there are no unprocessed Office 365 tasks scheduled during the upgrade.
    2. For each Office 365 application instance, make sure that all settings are correctly specified and all necessary Microsoft APIs are accessible. To do this, select the application instance you need to check and click Test Connection.
  9. Start provisioning Office 365 services. For example, activate the Office 365 service template in OA Operations.

Upgrade Procedure (from Version 18.4)

The upgrade procedure consists of the following steps:

  1. Prepare the necessary information for upgrading the Office 365 application endpoint (collect Office 365 gateway site parameters).
  2. Stop provisioning Office 365 services.
  3. Upgrade the Office 365 application endpoint.
  4. Upgrade the Office 365 application.
  5. Update the OA Billing control panel and online store customizations.
  6. Perform post-upgrade validation.
  7. Start provisioning Office 365 services.

Important:

  • The upgrade procedure is not reversible.
  • Upgrade steps 1-7 are mandatory.
  • Make sure the current version of the Office 365 application is 18.4. Upgrading from other versions is not supported.
  • Before upgrading the Office 365 application from one version to another, make sure that you are going to follow the allowed upgrade paths. See KB article #130752 for details.
  • If a non-LocalDB edition of SQL Server is used by your Office 365 application endpoint, make sure all SQL Server logins of Office 365 gateway application databases have the sysadmin server role. See Odin Automation Office 365 Integration Provider's Guide >> Cloud Solution Provider Scenario > Deployment Architecture > Preparing SQL Server Databases for details.
  • The names of the Office 365 gateway sites must not be changed after the installation of the Office 365 application endpoint. If you have changed them, reinstate the original names before upgrading the Office 365 application endpoint.

To upgrade an existing installation of the Office 365 application, perform the following steps:

  1. Prepare the necessary information for upgrading the Office 365 application endpoint. You must prepare the name of the Office 365 gateway site, the name of the Office 365 gateway application, the hostname of the Office 365 gateway site, and the IP address of the Office 365 gateway site. This can be done in the following way:

    1. Log in to Provider Control Panel.
    2. Go to Service > Applications and click the Office 365 application.
    3. Select the Instances tab and click the target application instance.
    4. Select the General tab.
    5. Obtain the value of the Application API end-point URI setting. This is a URL that is structured in the following way: https://<Hostname_of_Office_365_Gateway_Site>/<Name_of_Office_365_Gateway_Application>/aps/.
    6. Write down the name of the directory from the URL. This is the name of the Office 365 gateway application.
    7. Write down the hostname from the URL. This is the hostname of the Office 365 gateway site.
    8. Resolve and write down the hostname from the URL into the IP address. This is the IP address of the Office 365 gateway site.
    9. Log on to the Office 365 Application Endpoint Host as Administrator via RDP.
    10. Open Internet Information Services (IIS) Manager.
    11. Go to the list of sites.
    12. From the list, select the site with the IP address obtained above.
    13. Write down the name of the site. This is the name of the Office 365 gateway site.
  2. Stop provisioning Office 365 services:

    1. Stop provisioning Office 365 services. For example, deactivate the Office 365 service template in OA Operations.
    2. In OA Operations, go to Operations > Tasks and make sure all Office 365 tasks are processed.
  3. Upgrade the Office 365 application endpoint:

    1. Upload the Office 365 application package to the Office 365 Application Endpoint Host.
    2. Unpack the application package.
    3. Unblock the contents of the O365-Web.zip file. To do this, right-click the file in Windows Explorer, click Properties, click Unblock, and click OK.
    4. Unpack the O365-Web.zip file.
    5. Start Windows PowerShell Console and go to the directory where the contents of the O365-Web.zip file are located.
    6. Run the following command:

      .\setup.cmd -GatewaySiteName <The name of the Office 365 gateway site> -GatewayAppName <The name of the Office 365 gateway application> -GatewayIPAddress <The IP address of the Office 365 gateway site> -GatewaySiteCertSubject <The hostname of the Office 365 gateway site> -Force
      
    7. Run the iisreset command.

    Note: If you have several Office 365 gateway sites on the Office 365 Application Endpoint Host, use the procedure provided above to upgrade each Office 365 gateway site.

  4. Upgrade the Office 365 application:

    1. Import the Office 365 application package to Odin Automation. See APS Application Hosting Guide >> Application Hosting Configuration > Managing Applications > Importing Application for details.
    2. Upgrade existing Office 365 application instances. See APS Application Hosting Guide >> Application Hosting Configuration > Bulk Application Upgrades for details.
  5. Update the installed OA Billing control panel and online store customizations. Use KB article #130232 to find the necessary customizations and update instructions.

    Important: After upgrading Odin Automation, make sure the installed OA Billing control panel and online store customizations belong to the current version of Odin Automation. If necessary, update them. Use KB article #130232 to find the necessary customizations and update instructions.

  6. Perform the following post-upgrade validation steps:

    1. In Task Manager, make sure that there are no unprocessed Office 365 tasks scheduled during the upgrade.
    2. For each Office 365 application instance, make sure that all settings are correctly specified and all necessary Microsoft APIs are accessible. To do this, select the application instance you need to check and click Test Connection.
  7. Start provisioning Office 365 services. For example, activate the Office 365 service template in OA Operations.

Helpful Resources

7a5878a42567edb0161242dfb779bb04 8fc71f07abe5b233fea1ae0377cd5e3d 198398b282069eaf2d94a6af87dcb3ff 32fa47ebf508ad023157e68950b7e180 55fe109b4b4fe3fbb893f22dbb85a41a 5356b422f65bdad1c3e9edca5d74a1ae 1941880841f714e458ae4dc3d9f3062d dd79f16c76b9dca75205ab5e9f5465ea ef171e3fccb12bd8e09076a7b49212c0 b2c3b33425dfc50c7d41a2efaa7f84f3 31987597efff5a3a9ce779cc203bbe5e 67bf0c33402940a92c4c607f18ded5c9 1def515ca613a5505aa21a4affa96e6b adc6deaa66054d8a194d131ba07f2785 aab95f5cf9bcfa920cc1dda8487f084a

Email subscription for changes to this article
Save as PDF