Install KanBo as Office 365 Groups extension

Purpose

Installing KanBo as Office 365 Groups Extension lets you integrate KanBo deeper with Microsoft Teams (Groups), Outlook (Groups) and Yammer (Groups). KanBo will use the same Documents as the Group and vice versa and KanBo will inherit the User Management from the Office Group the KanBo Board is attached to.

Prerequisites

  1. KanBo installation package and KanBo.app.
  2. Office 365 Enterprise E1 environment (or a higher version) and administrator access to it.
  3. Administrator access to the Azure portal.
  4. One SQL Database on Basic: 5 DTU, 2 GB pricing tier created manually for the initial installation process (will be removed after the installation).
  5. Optional - having a custom domain and SSL certificate for your KanBo Web App (in case you would like to have your KanBo running at a custom address, not a default Azure address)

(Important information - KanBo database will be created automatically and charged on Azure during the final steps of the installation process, however, you can change KanBo Content database pricing tier to recommended version for a certain number of KanBo users. See the details about recommended pricing tiers for databases in Configuring KanBo Content Database on Azure part of the installation).


Creating the hosting site

Creating a Web App

First of all, we need to start with creating a new Web App on your Azure. It will be used to host the application.

Go to your Azure management page, click on +New and search for Web App.

Full KanBo installation on Office 365 SharePoint Azure Microsoft



Choose a Web App.

Full KanBo installation on Office 365 SharePoint Azure Microsoft



Click on "Create button".

Full KanBo installation on Office 365 SharePoint Azure Microsoft



Provide the name URL of your site, in our case, it will be "kanboinstallation".

Choose your Subscription, Resource Group (create new and name it "Kanbo") and choose the App Service plan/location. Select OS as Windows.





Configuring a Custom Domain and SSL certificate for Web App (Optional)

In case you would like to have your KanBo running on a custom domain and not at Azure default address (azurewebsites.net), you need to prepare the following:

Map an existing custom DNS name to Azure Web App

Bind an existing custom SSL certificate to Azure Web Apps

Follow the Microsoft Technet manuals above to set a custom domain and a SSL certificate to the Web App.



Configuring the new Web App

After the page has been created, we need to change some settings. Click on 

 Web Apps icon on the left pane and search for your application. Click on your page to navigate to its options.





After the page has loaded, scroll the menu down and click on the "Application settings". You will see the configuration screen, find the Web Sockets option and turn it on. Save your changes.





Creating an SQL database

Enter link https://portal.azure.com/#create/Microsoft.SQLDatabase to create an SQL Database.

The new database is only temporary as it is needed only to configure DB connectivity in the further steps of the installation. In the last step of the installation procedure we will ask you to delete it - it will not be used.
You can name it "kanboinstallation_db" or use any other name. Please set the pricing tier to "Basic: 5 DTU, 2 GB", collation to SQL_Latin1_General_CP1_CI_AS and leave all other parameters as they are.

Click on Create to save your database.



Configuring the DB connectivity

Use the Azure portal to obtain the connection string necessary for your Web App to connect with Azure SQL Database:

Click on SQL Databases icon and then, search for your temporary database.



Click on your database, then click Show database connection strings.



If you are going to use ADO.NET connection library, copy the string of ADO.NET.







Go to the web.config file where we have previously entered the ClientId and ClientSecret. Search for <connectionstrings> section.

Paste the connection string there in the place of an old string. Please modify added connection string - add your user ID and password (use server admin's credentials).


Save the changes.


There are two important things:


a) Put "MultipleActiveResultSets=True" at the end of each connection string.


b) Find out a new Database name (ex. KanBoContent_db) so it is unique for the chosen database. (the name can't be the same as the name of the database we've created for the Azure site). Delete a previous name and replace it with new one.



Now you can delete the previously created temporary database (in our scenario it will be "kanboinstallation_db").

Uploading the KanBo installation package

You can do it in two different ways.

Option 1 - Use FTP

After all changes to the web.config have been made, save the file and upload the whole content of the .rar to the {yourAzureFTPRootFolder}/site/wwwroot/. ATTENTION: DO NOT DELETE EXISTING SITE STRUCTURE!

Full KanBo installation on Office 365 SharePoint Azure Microsoft



Option 2 - Use KUDU service

Navigate to your Azure website KUDU service (add .scm just before azurewebsites.net e.g https://kanbo-online-kanbo.scm.azurewebsites.net, then select Debug console -> PowerShell).

Then enter site folder -> wwwroot.

Pack all your files into a .zip file (but please don't add the folder!)

Now drag and drop your .zip archive into left upper part of KUDU service.



Configure Microsoft Graph connectivity



Go to Office 365 admin panel, extend Admin centers and select Azure Active Directory.



Select Azure Active Directory in the Azure portal.



Find App Registrations.



Select the new Application registration.



 Type a name, example: KanBoInstallation. In Sign-on URL give existing address of KanBo Application, https://kanboinstallation.azurewebsites.net. Hit on create to finish.



Now you are in the Registered App directory. Select Settings.



Go to Reply URLs. Start editing the existing url by adding /* to it. Click on Save.



Now go to Required Permissions and select +Add.



In Select API choose Microsoft Graph.



Give the following permissions.

    Application permissions:

    • Read all groups
    • Read all users' full profiles
    • Read files in all site collections







    Delegated Permissions:

    • Read all groups



    Save these changes.

    Now in Select an API choose Office 365  SharePoint Online.


    Select in SP Online APIs:

    Application Permissions:

    Read and write items in all site collections

    Delegated Permissions:

    Read and write items and lists in all site collections.

     

    Click save.

    Now, when all permissions are selected, click on Grant Permissions.

      Create a pair of certificates using this manual or purchase a pair of certificates for MS Graph authorization.





      Go to Keys section in App registrations to register a certificate.

      Click on Upload public key and select your .cer certificate. Now click Save.

        Your certificate should be now visible. 

        Get Application ID and save it for later as this would be used in the KanBo configuration.



        Go back to Azure Active Directory. Look for properties. Copy the Directory ID and save it for later as this would be used in the KanBo configuration.



            Upload the certificate to KanBo

            You can upload a certificate to Azure portal and use it as a certificate from Store using this manual https://docs.microsoft.com/en-us/azure/app-service/app-service-web-ssl-cert-load.

            Or you can use certificate from file (less recommended because of security concerns).

            Go to Kudu (https://{your kanbo address}.sc.azurewebsites.net) -> Debug console -> Powershell -> site and create a Certs folder there.



            In the Certs folder, upload your certificates pair (drag and drop certificates, packaged in the .zip file into the right top side of Kudu).

            .

            Copy the path to certificate using the path in Powershell console. Example D:\Home\site\Certs\KanBoCert.pfx.



            Adjust KanBo configuration

            Enter Kudu services -> Debug Console -> Powershell -> site -> wwwroot and start editing the web.config.

            Delete the entire section from web.config.

            <kanbo>
                <plugins>
                  <plugin-loader.directory path="/Extensions">
                  <load-packages>
                  <package name="standard">
                  <package name="search-db">
                  <!-- 
                    <package name="search-solr" user="" pass="" url-to-core="" />
                  -->
                  <!--
                  <plugin alias="job.security-group-sync-source" name="ad-sync" />
                  <plugin alias="security-group-sync-source.active-directory" />
                  <plugin alias="job-host" name="ad-sync-host" background="true" options="repeat wait_after(60s) catch log_time(debug)">
                     <job name="ad-sync" />
                  </plugin>
                   -->
                </package></package></load-packages></plugin-loader.directory></plugins>
                <authentication>
                  <!-- <on premise> -->
                  <provider id="sp" type="Sharepoint" sphosturl="{SPHOSTURL}" clientid="{CLIENTID}" issuerid="{ISSUERID}">
                    <!-- signer is described below, this one must contain a private key -->
                    <signer type="X509SignerFromStore" storename="My" storelocation="LocalMachine" key="Thumbprint" value="{Thumbprint}">
                  </signer></provider>
                  <!-- </on premise> -->
                  <!-- <o365> -->
                  <provider id="sp" type="Sharepoint" sphosturl="{SPHOSTURL}" clientid="{CLIENTID}" clientsecret="{CLIENTSECRET}">
                  <!-- </o365> -->
                  <!-- <o365 client delegation> -->
                  <!--
                  <provider id="sp" type="Sharepoint"
                    clientId="{CLIENTID}"
                    clientSecret="{CLIENTSECRET}"
                    redirectUrl="https://broker.kanbo.com/Pages/Default.aspx?kanboReturn={EncodedUrlWthoutQueryString}&{QueryString}">
                        <acceptableAudience>broker.kanbo.com</acceptableAudience>
                    </provider>
                  -->
                  <!-- </o365 client delegation> -->
                  <!--
                  <provider id="user" type="AppSignedUser">
                    <signer type="X509SignerFromFile" file="C:\\certs\\user.cer" />
                  </provider>
                  <provider id="app" type="AppSignedService" name="Some service">
                    <signer type="X509SignerFromFile" file="c:\\certs\\service.cer" />
                  </provider>
                  -->
                </provider></authentication>
              </kanbo>



            Paste this in the place of the deleted entries.

            <kanbo>
                <plugins>
                  <plugin-loader.directory path="/Extensions" to-memory="true">
                  <load-packages url="pkgs">
                  <package name="kanbo">
                  <package name="search-db">
                  <users-source.fake>
                  <outlook-app path="">
                  <docsource.sharepoint>
                    <event-listener type="soap11">
                  </event-listener></docsource.sharepoint>
                  <board-installer.graph>
                  <docsource.graph>
                    <!-- <event-listener type="soap11" /> -->
                  </docsource.graph>
                  <profiles-provider.graph>
                    <mapping graph="responsibilities" kanbo="AskMeAbout" type="string[]" separator=", ">
                    <mapping graph="aboutMe" kanbo="AboutMe">
                    <mapping graph="mail" kanbo="Email">
                    <mapping graph="givenName" kanbo="Name">
                    <mapping graph="surname" kanbo="Surname">
                    <mapping graph="mobilePhone" kanbo="Phone">
                    <mapping size="360x360" kanbo="Picture" type="photo">
                  <mapping></mapping><mapping></mapping><mapping></mapping></profiles-provider.graph>
                  <users-source.graph>
                   <job-host name="external-groups-web" background="true" options="repeat wait_after(1m) log_time(debug) catch">
                      <job name="external-groups-job">
                  </job></job-host>
                  <job.security-group-sync-source name="external-groups-job">
                  <security-group-sync-source.graph>
                  <attach-o365-groups.graph>
                  <no-group-management> 
                </no-group-management></attach-o365-groups.graph></security-group-sync-source.graph></job.security-group-sync-source></users-source.graph></board-installer.graph></outlook-app></users-source.fake></package></package></load-packages></plugin-loader.directory></plugins>
                <authentication>
                  <provider id="sp" type="Graph" sp-host-url="{SharePoint Root site URL}" client-id="{APP ID}" tenant="{DIRECTORY ID}">
                       <signer type="X509SignerFromFile" file="{PFX certificate path}" key="{Key to certificate}"> </signer></provider>
                </authentication>
              </kanbo>







            Configure the following section with your data:

            {SharePoint Root site url} - the root site address of your SharePoint

            {APP ID} - App ID copied in previous steps in AAD

            {DIRECTORY ID} - Directory ID copied from the previous steps in AAD

            {PFX Certificate path} - Path to your PFX certificate in Kudu (while using certificate from file)

            {Key to the certificate}- Password to the certificate



            Save the web.config.

             <authentication>
                  <provider id="sp" type="Graph" sp-host-url="{SharePoint Root site URL}" client-id="{APP ID}" tenant="{DIRECTORY ID}">
                       <signer type="X509SignerFromFile" file="{PFX certificate path}" key="{Key to certificate}"> </signer></provider>
                </authentication>

            If you wish to use a certificate from the store, use this entry instead. Adjust the thumbprint and save the web.config.



            <signer type="X509SignerFromStore" storeName="My" storeLocation="CurrentUser" key="Thumbprint" value="{Your certificate's thumbprint}" />
            

            First run

            Creating the databases

            On the first run of the KanBo, the databases will be created.


            Go to https:{your kanbo address}.azurewebsites.net\setup and you will be directed to the KanBo Setup page. Choose the Automatic Setup option.

            Full KanBo installation on Office 365 SharePoint Azure Microsoft

            After clicking on the Automatic Setup option, installation of KanBo Setup will proceed. Wait a couple of seconds until it is finished.

            Full KanBo installation on Office 365 SharePoint Azure Microsoft



            When the process succeeds you'll be presented with the following communicate (in the screen below in Obtaining the licence key part).


            Obtaining the license key

            You will get the following communicate. In order to obtain the license key, you will need to send us your KanBo.

            The selected string is essential for the license key creation process. Please send the KanBo ID to support@kanbozone.com so a license key can be generated and send to you.




            After obtaining the key you have to paste it into the web.config file. To achieve that, please follow these steps:

            Go to KUDU service (https://YOURNAME.scm.azurewebsites.net). Please navigate to: Debug console -> Powershell -> site ->wwwroot and open the web.config file.






            Enter the web.config and paste the license key in the following place.



            After updating the pasting the KanBoLicenseKey save the web.config.

            Running the app

            Go to https://{your kanbo address}.azurewebsites.net\setup and you will be directed to the KanBo Setup page. Choose the Automatic Setup option.

            Full KanBo installation on Office 365 SharePoint Azure Microsoft



            After clicking on the Automatic Setup option, installation of KanBo Setup will proceed. Wait a couple of seconds until it is finished.

            Full KanBo installation on Office 365 SharePoint Azure Microsoft





            Click on Go back. You will be redirected to your KanBo Landing Page.

            Full KanBo installation on Office 365 SharePoint Azure Microsoft



            Your KanBo has been successfully installed.



            Use it!

            Now when you create a Board, you will be able to choose a group site which will lay under this board.


             

            KanBo will inherit the User Management from the Office Group the KanBo Board is attached to and the users will be synced after 1 minute from any membership change.




            When you look into the Documents section, you will see that all documents are coming from the group's site document source.




            Add a job to synchronize user profiles and user membership changes

            Follow https://community.kanbozone.com/knowledge-bases/2/articles/7903-synchronize-user-profiles-and-membership-changes-in-kanbo-installed-as-office-365-group-extension to configure the synchronization jobs.

            Configure email notifications

            Follow http://community.kanbozone.com/topics/76-setting-up-kanbo-email-notifications-on-azure/ to configure email notifications.



            Configure KanBo Search

            Follow https://community.kanbozone.com/knowledge-bases/2/articles/2546-kanbo-search-installation-and-configuration-for-kanbo-27 to configure KanBo Search (Solr).




            Configuring KanBo Content Database on Azure

            As soon as your KanBo is installed, please delete your temporary SQL database (in this scenario "kanboinstallation_db"). When it is deleted from Azure, we recommend you to purchase a more advanced Pricing Tier for KanBo Content Database.

            You can purchase a new pricing plan in the settings of your SQL Database in Azure. Read more about upgrading pricing tiers here.

            A change will be necessary for a good performance of KanBo Content Database which has been created during the Setup installation.

            You can see dependencies on the table below:



            Number of users on your KanBo instanceRecommended Pricing Tier for KanBo Content Database
            20+ usersS0
            50+ usersS1
            100+ usersS2







            Azure databases groups KanBo o365 Office365 SharePoint

            Is this article helpful for you?