Microsoft Releases Teams Administrative Roles

Teams Splash

Teams Roles Now Available

In a surprise move because we expect Microsoft to keep all announcements until the Ignite conference rolls around next week, Microsoft released four new administrative roles to help Office 365 tenants to manage Teams more effectively, especially when the complexity of the Teams infrastructure for video and audio meetings and calling scales up.

Four New Roles

This move is to help organizations move from Skype for Business Online to Teams. Office 365 tenant administrators already have the necessary rights to manage Teams through the Teams and Skype for Business Admin Center or PowerShell. In small tenants, it’s likely that the tenant administrator will manage Teams along with all the other workloads. However, if you run a larger tenant, you can assign the new administrative roles to users to allow them to perform specific management actions for Teams. The new roles are:

  • Teams Service Administrator: This role can perform every action available in the Teams and Skype for Business Admin Center. Anyone assigned the role can also run the equivalent PowerShell cmdlets.
  • Teams Communications Administrator: Anyone assigned this role can manage the meetings and voice settings for Teams, including the ability to troubleshoot call quality problems. This role is typically given to those responsible for managing the video and audio meeting infrastructure for a tenant, something that often needs specialized knowledge and experience that might not be possessed by the average Office 365 tenant admin.
  • Teams Communications Support Engineer: This role is intended for people who use Call Analytics to monitor and address issues in call quality. People with this role access user information to see call data, but they have no access to policies, org-wide settings, or meeting configuration.
  • Teams Communications Support Specialist: This role allows a specialist to perform basic troubleshooting for calls for a specific user and is intended for first-level support staff.

The four roles might appear to complicate administration. However, the full set is designed to accommodate the needs of the most complex Office 365 tenants and you do not have to use any of these roles if you don’t see the need. Documentation explaining the details of what each role can do is available online.

Assignment Through Azure Active Directory

Unlike other Office 365 custom roles, the Teams roles do not yet appear in the Office 365 Admin Center.  This is probably just a timing issue and I expect Microsoft will close this gap soon. For now, to assign a Teams administrative role, go to the Azure Active Directory portal, select the target user, then Directory role, and then pick the role or roles you want to assign (Figure 1).

Teams Admin Role
Figure 1: Assigning a Teams administrative role (image credit: Tony Redmond)

Checking with PowerShell

Behind the scenes, Azure Active Directory adds the user to a directory role group. To see details of the role groups in your tenant, connect to PowerShell with the Azure Active Directory module and run:

Many of these role groups are familiar because they underpin the custom administrative roles assigned in the Office 365 Admin Center.
Notice that only two of the four Teams administrative roles are present. This is because Azure Active Directory only creates the role the first time someone is assigned it.
To see who holds a certain role, use the Get-AzureADDirectoryRoleMember cmdlet and pass the object identifier of the role. For example.

If you want to see the cmdlets assigned to a role, run PowerShell and log in as someone holding the role you want to examine. Connect to the Skype for Business PowerShell module and create a new session. PowerShell gives the session a name and you can run the Get-Command cmdlet to see the list of cmdlets available in the session.

Maturing Teams

Custom administrative roles are not a new concept, but it’s nice to see them arriving for Teams as it marks an increasing maturity in the administrative processes surrounding the product. The next thing you know, we’ll get an enhanced PowerShell module for Teams

Follow Tony on Twitter @12Knocksinna.

Want to know more about how to manage Office 365? Find what you need to know in “Office 365 for IT Pros”, the most comprehensive eBook covering all aspects of Office 365. Available in PDF and EPUB formats (suitable for iBooks) or for Amazon Kindle.


Don't have a login but want to join the conversation? Sign up for a Petri Account

Tony Redmond has written thousands of articles about Microsoft technology since 1996. He covers Office 365 and associated technologies for and is also the lead author for the Office 365 for IT Pros eBook, updated monthly to keep pace with change in the cloud.