Exercise 3: Manage group lifecycle

In this exercise, you’ll modify the existing Azure AD application registration using the Azure Active Directory admin center, a .NET Core console application, and use Microsoft Graph to manage the lifecycle of Office 365 groups. You’ll also learn how to create a Microsoft Teams team from an existing Office 365 group.

[!IMPORTANT] This exercise assumes you have created the Azure AD application and .NET console application from the previous unit in this module. You’ll edit the existing Azure AD application and .NET console application created in that exercise in this exercise.

Task 1: Update the .NET Core console app

In previous exercises, you created a .NET console application that retrieved and displayed various Office 365 group details on the console. Let’s modify the application by removing the code specific to the last exercise.

  1. In the Program.cs file, locate the following line in the Main method:
Console.WriteLine("Hello " + profileResponse.DisplayName);
  1. Delete or comment out all the code in the Main method after the above line.

Task 2: Create an Office 365 group

  1. In this section, you’ll create a new Office 365 group. This requires an extra permission that the existing Azure AD application and .NET console app don’t yet have. The first step is to grant the applications those permissions:

Grant more permissions to the Azure AD application

  1. The next step is to update and grant the new permission Group.ReadWrite.All to the Azure AD application.

  2. Open a browser and navigate to the Azure Active Directory admin center (https://aad.portal.azure.com). Sign in using a Work or School Account that has global administrator rights to the tenancy.

  3. Select Azure Active Directory in the left-hand navigation. Locate the Azure AD app by selecting Manage > App Registrations and selecting the app Graph Console App:

Screenshot

  1. Select API Permissions in the left-hand navigation panel.

Screenshot of the API Permissions navigation item

  1. Select the Add a permission button.

  2. In the Request API permissions panel that appears, select Microsoft Graph from the Microsoft APIs tab.

Screenshot of Microsoft Graph in the Request API permissions panel

  1. When prompted for the type of permission, select Delegated permissions.

  2. Enter Group.R in the Select permissions search box and select the Group.ReadWrite.All permission. Then select the Add permission button at the bottom of the panel to add the permissions to the app.

  3. In the Configured Permissions panel, select the button Grant admin consent for [tenant], and then select the Yes button in the consent dialog to grant all users in your organization this permission.

Update console app to create an Office 365 group

  1. Add the following using statement to the top of the Program.cs file with the other using statements:
using System.Threading.Tasks;
  1. To create a new Office 365 group, you need to submit the new group details to the /groups endpoint using an HTTP POST request. To do this, add the following method to the existing Program.cs file:
private static async Task<Microsoft.Graph.Group> CreateGroupAsync(GraphServiceClient client) {
}
  1. When creating a new group, the developer can specify the owners and members of the group using the AdditionalData property on the group object. First, locate the IDs of a few users you want to assign as owners and members to the group. To do this, within the Azure AD admin center, select Manage > Users. Select a wanted user from the list and copy their Object ID property. Ensure the account you’ll use to run the console app is one of the users.

Screenshot of a user's properties in the Azure AD admin center

  1. Repeat this process a few more times to get the IDs of a few users.

  2. Back in the .NET console app, add the following code to the new CreateGroupAsync method. Replace the IDs of the users in this code with the IDs you copied from the Azure AD admin center. Make the account you’ll use to run the console app the owner of the group:

// create object to define members & owners as 'additionalData'
var additionalData = new Dictionary<string, object>();
additionalData.Add("owners@odata.bind",
  new string[] {
    "https://graph.microsoft.com/v1.0/users/d280a087-e05b-4c23-b073-738cdb82b25e"
  }
);
additionalData.Add("members@odata.bind",
  new string[] {
    "https://graph.microsoft.com/v1.0/users/70c095fe-df9d-4250-867d-f298e237d681",
    "https://graph.microsoft.com/v1.0/users/8c2da469-1eba-47a4-9322-ee0ddd24d99a"
  }
);
  1. Next, add the following code to the CreateGroupAsync method to create a new group object:
var group = new Microsoft.Graph.Group
{
  AdditionalData = additionalData,
  Description = "My first group created with the Microsoft Graph .NET SDK",
  DisplayName = "My First Group",
  GroupTypes = new List<String>() { "Unified" },
  MailEnabled = true,
  MailNickname = "myfirstgroup01",
  SecurityEnabled = false
};
  1. Finally, add the following code to the end of the CreateGroupAsync method to use the Microsoft Graph .NET SDK to create the new group:
var requestNewGroup = client.Groups.Request();
return await requestNewGroup.AddAsync(group);
  1. The last step is to call this new method from the Main method. Add the following code to the end of the Main method:
// request 1 - create new group
Console.WriteLine("\n\nREQUEST 1 - CREATE A GROUP:");
var requestNewGroup = CreateGroupAsync(client);
requestNewGroup.Wait();
Console.WriteLine("New group ID: " + requestNewGroup.Id);

Build and test the application

  1. Run the following commands in a command prompt to compile and run the console application:
dotnet build
dotnet run

You now need to authenticate with Azure Active Directory. A new tab in your default browser should open to a page asking you to sign-in. After you’ve logged in successfully, you’ll be redirected to a page displaying the message, “Authentication complete. You can return to the application. Feel free to close this browser tab”. You may now close the browser tab and switch back to the console application.

  1. The application will display the new group’s ID. Let’s see the group in Office 365.

  2. Within a browser, navigate to https://www.outlook.com and sign-in with the same account you used to run the console app.

  3. In the primary navigation, select Groups > Manage Groups.

Screenshot of Outlook.com's navigation

  1. On the next screen, select Groups > Owner and locate the group you created. It may take a minute or two to appear while Office 365 creates all the resources for the group.

  2. After selecting the group, select the Members pivot to see a list of all users that have been added to the group. You should see both the owner(s) and member(s) you specified when creating the group:

Screenshot of the group details in Outlook.com

Task 3: Create a Microsoft Teams team from an Office 365 group

In this section, you’ll create a Microsoft Teams team from the Office 365 group you created in the previous section.

  1. First, to avoid any issues with duplicate groups, locate the following lines and comment them out in the Main method. This will keep the console app from creating another group:
// request 1 - create new group
Console.WriteLine("\n\nREQUEST 1 - CREATE A GROUP:");
var requestNewGroup = CreateGroupAsync(client);
requestNewGroup.Wait();
Console.WriteLine("New group ID: " + requestNewGroup.Id);
  1. The next step is to obtain the ID of the group you created in the previous section. Add the following code to the end of the Main method.
// request 2 - teamify group
// get new group ID
var requestGroup = client.Groups.Request()
                                .Select("Id")
                                .Filter("MailNickname eq 'myfirstgroup01'");
var resultGroup = requestGroup.GetAsync().Result;
  1. Now, add the following method to the Program.cs class. This method uses a GraphServiceClient and the group ID to create a Microsoft team under the existing Office 365 group:
private static async Task<Microsoft.Graph.Team> TeamifyGroupAsync(GraphServiceClient client, string groupId)
{
  var team = new Microsoft.Graph.Team
  {
    MemberSettings = new TeamMemberSettings
    {
      AllowCreateUpdateChannels = true,
      ODataType = null
    },
    MessagingSettings = new TeamMessagingSettings
    {
      AllowUserEditMessages = true,
      AllowUserDeleteMessages = true,
      ODataType = null
    },
    ODataType = null
  };

  var requestTeamifiedGroup = client.Groups[groupId].Team.Request();
  return await requestTeamifiedGroup.PutAsync(team);
}
  1. Call this method by adding the following code to the end of the Main method:
// teamify group
var teamifiedGroup = TeamifyGroupAsync(client, resultGroup[0].Id);
teamifiedGroup.Wait();
Console.WriteLine(teamifiedGroup.Result.Id);

Build and test the application

  1. Run the following commands in a command prompt to compile and run the console application:
dotnet build
dotnet run

  1. After you’ve logged in, you’ll see the console app display the new team ID. Let’s see the team in Microsoft Teams.

  2. Within a browser, navigate to https://teams.microsoft.com and sign-in with the same account you used to run the console app.

  3. In the left-hand navigation, select Teams. You should see the team displayed in the list of Your teams as shown in the following screenshot. If it doesn’t appear, wait a minute and refresh the page.

Screenshot of Microsoft Teams

Task 4: Delete an Office 365 group

In this section, you’ll delete the Office 365 group you created in a previous section.

  1. First, to avoid any issues with the previous sections, locate the following lines and comment them out in the Main method. This will keep the console app from creating another Microsoft Teams team:
// teamify group
var teamifiedGroup = TeamifyGroupAsync(client, resultGroup[0].Id);
teamifiedGroup.Wait();
Console.WriteLine(teamifiedGroup.Result.Id);
  1. Next, add the following method to the Program.cs file. This will delete the specified Office 365 group:
private static async Task DeleteTeamAsync(GraphServiceClient client, string groupIdToDelete) {
  await client.Groups[groupIdToDelete].Request().DeleteAsync();
}
  1. Finally, add the following code to the end of the Main method to call the method you previously added:
// request 3: delete group
var deleteTask = DeleteTeamAsync(client, resultGroup[0].Id);
deleteTask.Wait();

Build and test the application

  1. Run the following commands in a command prompt to compile and run the console application:
dotnet build
dotnet run

  1. After you’ve logged in, the console app will display a message that the group has been deleted.

  2. Confirm this by repeating the process from a previous section to find the group within Outlook.com. When looking at a list of groups, you’ll notice the group is no longer present:

Screenshot of Outlook.com

Summary

In this exercise, you modified the existing Azure AD application registration using the Azure Active Directory admin center, a .NET Core console application, and used Microsoft Graph to manage the lifecycle of Office 365 groups. You also learned how to create a Microsoft Teams team from an existing Office 365 group.