MS Teams Stage

Ivanti Neurons Bots integrates with Microsoft Teams. This allows Ivanti Neurons to message a user via MS Teams using Neurons Bots. The message can contain action buttons for the user to interact with to trigger next stage actions or to provide feedback. Interacting with an end user is a great way to unlock more powerful remediation. For example, getting a user's permission before performing disruptive maintenance, as well as helping the user choose the most contextually appropriate remediation based on their circumstances. It can also be used as an orchestration tool to collect user input and sentiment.

There are two MS Teams stages currently supported in Neurons Bots:

  • MS Teams Interaction
  • MS Teams Message

Configuration requirements

The Neurons Bots MS Teams stages require additional configuration before a bot can communicate with MS Teams. Upload the bot manifest into the MS Teams admin center, and deploy to users.

Ivanti Neurons Bots will be available on the Microsoft marketplace in the future, but for now you need to upload the bot manifest. The manifest can be requested via the email address in the stage description.

The devices the bot is targeting must be registered to Azure AD, and the Azure AD connector run against the Ivanti Neurons tenant that will be using the MS Teams Stages.

The Ivanti Neurons AAD connector looks up the user/device from the Azure Graph API and Ivanti Neurons queries Data Services to determine the correct MS Teams address to send the message to. If using auto detection, the user that receives the teams message will be the user that was associated with the device the last time the AAD connector ran.

We use the UserGID from Data Services to send the Teams message.

Environment checklist

  • Microsoft Office 365 subscription.
  • Ivanti Neurons AAD connector, configured with device permissions in AAD perms assignment (per intune), and has been run, so it can pull in device/user information.

Setup Requirements

The following must be configured before using the MS Teams Stages:

  1. In https://admin.teams.microsoft.com, from the menu, select Teams apps > Setup policies.
  2. In the Add installed apps panel, locate the Ivanti Neurons Teams Bot, click Add.
  3. Once complete, click Save. The Ivanti Neurons Bot is now ready to deploy to users.
  • An endpoint can be on a local AD domain or a Workgroup.
  • Ivanti Neurons AAD connector required.
  • Supported on Windows 10.
  • At time of Microsoft Teams setup, the user must allow the organization to manage the device.
  1. Go to the Azure Portal.
  2. Follow the instructions at How to setup Active Directory AD Connector.
  3. On setup you must include the following device permissions so that the connector can populate the device view with the Teams user information:
    • DeviceManagementApps.Read.All: Read Microsoft Intune apps
    • DeviceManagementApps.ReadWrite.All: Read and write Microsoft Intune apps

    Remember to grant admin consent for the permissions to take effect.

  1. In the Ivanti Neurons platform; Add, Configure, Save, and Run the connector.

Testing Teams

Ivanti recommend having a test environment to test the MS Teams bot to a targeted group of user accounts and test devices.

  1. In the Ivanti Neurons platform go to Devices, add your test endpoint to a test public group.
  2. In the Ivanti Neurons platform go to Neurons Bots, build a simple bot including one of the MS Teams Stages.
  3. Assign the bot to a Target Group.
  4. Run the bot.