Recently I fall in love with Microsoft Graph. 🙂 I was honored invited to MMSMOA talk about Intune Graph with David Falkus and Timmy Andersson. We talked about what is Microsoft Graph, how to start use it and how to use Intune Graph PowerShell SDK. Last week,  Tom Degreef asked if there is PowerShell Module for Microsoft Planner. So I did some research, and got an idea that how about make my own PowerShell module for Microsoft Planner using Microsoft Graph. I have never upload anything to PowerShell Gallery, this will full fill my bucket list as well. 🙂

You can find the module directly from PowerShell Gallery and my Github

Let’s break down some details of this module.

Authentication

The module is using Native Application that hosted in my own tenant by default, it uses permission Group.Read.All, Group.ReadWrite.All, User.Read and User.ReadBasic.All, these are the minimum permission requirement to create Planner plans, buckets and tasks. But, I would really hope you use own application for this module, because it will give you more control of those permissions, or if you wants to add more actions in your scripts. Here are the steps how to create this native app.

  1. Go to your Azure Portal, Click on Azure Active Directory, click on App registrations, then New registration

  2. Input a name example Planner PowerShell. Supported account types choose organizational directory only. You can also use any organizational directory,  if you manage multiple tenants and wants use this app to all your tenants.
    Redirect URI, choose Public client (mobile & desktop), and value as urn:ietf:wg:oauth:2.0:oob

  3. After registered this app, go to Authentication, change Default client type from to Yes, so that this will be  a public native client

  4. Click on API permissions, choose Microsoft Graph, then add Delegated permissions: Group.Read.All, Group.ReadWrite.All, User.Read and User.ReadBasic.All

  5. (Optional) Grant admin consent. This is very much depend on your own environment and usage. Without admin consent, normal users aren’t able to run this application. If you are the only admin who use this app, then you don’t need grant consent to others. But if you want another non-admin person use this module, you should grant admin consent. Because this is using delegated permission, the required permissions will be a combination of 1) what the user has permissions to do and 2) what the application has permissions to do. (Read the details from this blog https://developer.microsoft.com/en-us/graph/blogs/30daysmsgraph-day-11-azure-ad-application-permissions/ )

 

Update Planner Module environment

After register your own app, copy it’s application client ID to your note.

Then install the PlannerModule, and update the module to use your own application instead of the default one.

 

How to use this module

At first, this module is not 100% ready, there is no delete function yet, it can create plans, buckets, tasks, assign tasks to users, add checklist, add labels, assign labels, add descriptions, create Office 365 groups, add user to Office 365 groups.  It doesn’t handle “for each” objects, only the Invoke-AssignPlannerTask can add multiple array.

Here are some examples. Note: I will update those example in my Github.

# PlannerModule
PowerShell module for Microsoft Planner

#Examples:

#Check Planner PowerShell module

$PlannerModule = Get-Module -Name "PlannerModule" -ListAvailable

if ($PlannerModule -eq $null)
{
  Write-host "Planner PowerShell module not found, Start install the module"
  Install-Module "PlannerModule" -AllowClobber -Force
}


#Connect to Microsoft Planner
#Connect-Planner
Connect-Planner -ForceNonInteractive True

#Definde variables
$GroupName = "A NewPlan 01"
$PlanName = "PowerShell Test Plan 03"
$BucketName = "PowerShell bucket"
$TaskName = "Test Task"

#Create new plan with Private O365 Group (this will also create new O365 Group), can also create public group
#$result01 = New-PlannerPlan -PlanName $PlanName -visibility Private
#$PlannerPlanID = $result01.id


#Create New Office 365 Group
$responde = New-AADUnifiedGroup -GroupName $GroupName -visibility Private
$GroupID = $($responde.id)

#sometimes there is delay creating the group.
Start-Sleep 10

#create new plan using exsiting O365 Group
$responde1 = New-PlannerPlanToGroup -PlanName $PlanName -GroupID $GroupID
$PlannerPlanID = $($responde1.id)

#Create new Bucket
$responde2 = New-PlannerBucket -PlanID $PlannerPlanID -BucketName $BucketName
$PlannerPlanBucketID = $responde2.id

#Create task
$responde3 = New-PlannerTask -PlanID $PlannerPlanID -TaskName $TaskName -BucketID $PlannerPlanBucketID -startDate "2019.6.3" -dueDate "2019.6.30"
$PlannerPlanTaskID = $responde3.id

#Assign task to users
Invoke-AssignPlannerTask -TaskID $PlannerPlanTaskID -UserPrincipalNames "[email protected]", "[email protected]"

#Add task check list
Add-PlannerTaskChecklist -TaskID $PlannerPlanTaskID -Title "Check1" -IsChecked $false
Add-PlannerTaskChecklist -TaskID $PlannerPlanTaskID -Title "Check2" -IsChecked $true
Add-PlannerTaskChecklist -TaskID $PlannerPlanTaskID -Title "Check3" -IsChecked $false

#add task description
Add-PlannerTaskDescription -TaskID $PlannerPlanTaskID -Description "This is test task created by powershell planner module"

#Add or update labels
Update-PlannerPlanCategories -PlanID $PlannerPlanID -category1 "Kieken" -category2 "smart" -category3 "very smart" -category4 "wise" -category5 "something"

#Assign Planner Task lables
Invoke-AssignPlannerTaskCategories -TaskID $PlannerPlanTaskID -category1 $false -category2 $true -category3 $true -category4 $false -category5 $false -category6 $false

 

Hope you like this module. 🙂

 

 

 

(955)

There are no comments.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.