Back to Details

mcp-deploy-manage-agents

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese
prompt
---
mode: 'agent'
tools: ['changes', 'search/codebase', 'edit/editFiles', 'problems']
description: 'Deploy and manage MCP-based declarative agents in Microsoft 365 admin center with governance, assignments, and organizational distribution'
model: 'gpt-4.1'
tags: [mcp, m365-copilot, deployment, admin, agent-management, governance]
---
prompt
---
mode: 'agent'
tools: ['changes', 'search/codebase', 'edit/editFiles', 'problems']
description: '在Microsoft 365管理中心部署和管理基于MCP的声明式Agent,涵盖治理、分配和组织分发'
model: 'gpt-4.1'
tags: [mcp, m365-copilot, deployment, admin, agent-management, governance]
---

Deploy and Manage MCP-Based Agents

部署和管理基于MCP的Agent

Deploy, manage, and govern MCP-based declarative agents in Microsoft 365 using the admin center for organizational distribution and control.
在Microsoft 365中使用管理中心部署、管理和治理基于MCP的声明式Agent,实现组织级分发与管控。

Agent Types

Agent类型

Published by Organization

组织发布的Agent

  • Built with predefined instructions and actions
  • Follow structured logic for predictable tasks
  • Require admin approval and publishing process
  • Support compliance and governance requirements
  • 基于预定义指令和操作构建
  • 遵循结构化逻辑执行可预测任务
  • 需要管理员审批和发布流程
  • 支持合规性和治理要求

Shared by Creator

创建者共享的Agent

  • Created in Microsoft 365 Copilot Studio or Agent Builder
  • Shared directly with specific users
  • Enhanced functionality with search, actions, connectors, APIs
  • Visible to admins in agent registry
  • 在Microsoft 365 Copilot Studio或Agent Builder中创建
  • 直接与特定用户共享
  • 具备搜索、操作、连接器、API等增强功能
  • 管理员可在Agent注册表中查看

Microsoft Agents

Microsoft官方Agent

  • Developed and maintained by Microsoft
  • Integrated with Microsoft 365 services
  • Pre-approved and ready to use
  • 由Microsoft开发和维护
  • 与Microsoft 365服务深度集成
  • 已预先审批,可直接使用

External Partner Agents

外部合作伙伴Agent

  • Created by verified external developers/vendors
  • Subject to admin approval and control
  • Configurable availability and permissions
  • 由经过验证的外部开发者/供应商创建
  • 需经过管理员审批和管控
  • 可配置可用性和权限

Frontier Agents

前沿Agent

  • Experimental or advanced capabilities
  • May require limited rollout or additional oversight
  • Examples:
    • App Builder agent: Managed via M365 Copilot or Power Platform admin center
    • Workflows agent: Flow automation managed via Power Platform admin center
  • 具备实验性或高级功能
  • 可能需要有限范围部署或额外监管
  • 示例:
    • App Builder agent:通过M365 Copilot或Power Platform管理中心进行管理
    • Workflows agent:通过Power Platform管理中心管理的流程自动化Agent

Admin Roles and Permissions

管理员角色与权限

Required Roles

所需角色

  • AI Admin: Full agent management capabilities
  • Global Reader: View-only access (no editing)
  • AI Admin:具备完整的Agent管理权限
  • Global Reader:仅查看权限(无法编辑)

Best Practices

最佳实践

  • Use roles with fewest permissions
  • Limit Global Administrator to emergency scenarios
  • Follow principle of least privilege
  • 使用权限最少的角色
  • 仅在紧急场景下使用Global Administrator角色
  • 遵循最小权限原则

Agent Management in Microsoft 365 Admin Center

Microsoft 365管理中心中的Agent管理

Access Agent Management

访问Agent管理功能

  1. Go to Microsoft 365 admin center
  2. Navigate to Agents page
  3. View available, deployed, or blocked agents
  1. 访问Microsoft 365 admin center
  2. 导航至Agents页面
  3. 查看可用、已部署或已阻止的Agent

Available Actions

可用操作

View Agents
  • Filter by availability (available, deployed, blocked)
  • Search for specific agents
  • View agent details (name, creator, date, host products, status)
Deploy Agents Options for distribution:
  1. Agent Store: Submit to Partner Center for validation and public availability
  2. Organization Deployment: IT admin deploys to all or selected employees
Manage Agent Lifecycle
  • Publish: Make agent available to organization
  • Deploy: Assign to specific users or groups
  • Block: Prevent agent from being used
  • Remove: Delete agent from organization
Configure Access
  • Set availability for specific user groups
  • Manage permissions per agent
  • Control which agents appear in Copilot
查看Agent
  • 按可用性筛选(可用、已部署、已阻止)
  • 搜索特定Agent
  • 查看Agent详情(名称、创建者、日期、宿主产品、状态)
部署Agent 分发选项:
  1. Agent Store:提交至Partner Center进行验证,供公众使用
  2. 组织部署:由IT管理员部署至全部或选定员工
管理Agent生命周期
  • 发布:将Agent设为组织内可用
  • 部署:分配给特定用户或用户组
  • 阻止:禁止使用该Agent
  • 移除:从组织中删除Agent
配置访问权限
  • 为特定用户组设置可用性
  • 按Agent管理权限
  • 控制哪些Agent在Copilot中显示

Deployment Workflows

部署工作流

Publish to Organization

发布至组织

For Agent Developers:
  1. Build agent with Microsoft 365 Agents Toolkit
  2. Test thoroughly in development
  3. Submit agent for approval
  4. Wait for admin review
For Admins:
  1. Review submitted agent in admin center
  2. Validate compliance and security
  3. Approve for organizational use
  4. Configure deployment settings
  5. Publish to selected users or organization-wide
面向Agent开发者:
  1. 使用Microsoft 365 Agents Toolkit构建Agent
  2. 在开发环境中充分测试
  3. 提交Agent以供审批
  4. 等待管理员审核
面向管理员:
  1. 在管理中心查看已提交的Agent
  2. 验证合规性和安全性
  3. 批准其在组织内使用
  4. 配置部署设置
  5. 发布至选定用户或全组织

Deploy via Agent Store

通过Agent Store部署

Developer Steps:
  1. Complete agent development and testing
  2. Package agent for submission
  3. Submit to Partner Center
  4. Await validation process
  5. Receive approval notification
  6. Agent appears in Copilot store
Admin Steps:
  1. Discover agents in Copilot store
  2. Review agent details and permissions
  3. Assign to organization or user groups
  4. Monitor usage and feedback
开发者步骤:
  1. 完成Agent开发和测试
  2. 打包Agent以提交
  3. 提交至Partner Center
  4. 等待验证流程
  5. 接收审批通知
  6. Agent在Copilot商店中上线
管理员步骤:
  1. 在Copilot商店中发现Agent
  2. 查看Agent详情和权限
  3. 分配至组织或用户组
  4. 监控使用情况和反馈

Deploy Organizational Agent

部署组织内Agent

Admin Deployment Options:
Organization-wide:
- All employees with Copilot license
- Automatically available in Copilot

Group-based:
- Specific departments or teams
- Security group assignments
- Role-based access control
Configuration Steps:
  1. Navigate to Agents page in admin center
  2. Select agent to deploy
  3. Choose deployment scope:
    • All users
    • Specific security groups
    • Individual users
  4. Set availability status
  5. Configure permissions if applicable
  6. Deploy and monitor
管理员部署选项:
全组织范围:
- 所有拥有Copilot许可证的员工
- 在Copilot中自动可用

按组部署:
- 特定部门或团队
- 安全组分配
- 基于角色的访问控制
配置步骤:
  1. 导航至管理中心的Agents页面
  2. 选择要部署的Agent
  3. 选择部署范围:
    • 所有用户
    • 特定安全组
    • 单个用户
  4. 设置可用性状态
  5. (如适用)配置权限
  6. 部署并监控

User Experience

用户体验

Agent Discovery

Agent发现

Users find agents in:
  • Microsoft 365 Copilot hub
  • Agent picker in Copilot interface
  • Organization's agent catalog
用户可在以下位置找到Agent:
  • Microsoft 365 Copilot中心
  • Copilot界面中的Agent选择器
  • 组织的Agent目录

Agent Access Control

Agent访问控制

Users can:
  • Toggle agents on/off during interactions
  • Add/remove agents from their experience
  • Right-click agents to manage preferences
  • Only access admin-allowed agents
用户可:
  • 在交互过程中开启/关闭Agent
  • 在个人体验中添加/移除Agent
  • 右键点击Agent管理偏好设置
  • 仅能访问管理员允许的Agent

Agent Usage

Agent使用

  • Agents appear in Copilot sidebar
  • Users select agent for context
  • Queries routed through selected agent
  • Responses leverage agent's capabilities
  • Agent显示在Copilot侧边栏
  • 用户选择Agent以获取对应上下文
  • 查询请求路由至选定的Agent
  • 响应内容利用Agent的能力

Governance and Compliance

治理与合规

Security Considerations

安全考量

  • Data access: Review what data agent can access
  • API permissions: Validate required scopes
  • Authentication: Ensure secure OAuth flows
  • External connections: Assess risk of external integrations
  • 数据访问:审核Agent可访问的数据范围
  • API权限:验证所需的权限范围
  • 身份验证:确保采用安全的OAuth流程
  • 外部连接:评估外部集成的风险

Compliance Requirements

合规要求

  • Data residency: Verify data stays within boundaries
  • Privacy policies: Review agent privacy statement
  • Terms of use: Validate acceptable use policies
  • Audit logs: Monitor agent usage and activity
  • 数据驻留:验证数据是否保留在指定边界内
  • 隐私政策:审核Agent的隐私声明
  • 使用条款:验证可接受使用政策
  • 审计日志:监控Agent的使用和活动

Monitoring and Reporting

监控与报告

Track:
  • Agent adoption rates
  • User feedback and satisfaction
  • Error rates and performance
  • Security incidents or violations
跟踪以下内容:
  • Agent采用率
  • 用户反馈和满意度
  • 错误率和性能
  • 安全事件或违规行为

MCP-Specific Management

MCP专属管理

MCP Agent Characteristics

MCP Agent特性

  • Connect to external systems via Model Context Protocol
  • Use tools exposed by MCP servers
  • Require OAuth 2.0 or SSO authentication
  • Support same governance as REST API agents
  • 通过Model Context Protocol连接至外部系统
  • 使用MCP服务器暴露的工具
  • 需要OAuth 2.0或SSO身份验证
  • 支持与REST API Agent相同的治理规则

MCP Agent Validation

MCP Agent验证

Verify:
  • MCP server URL is accessible
  • Authentication configuration is secure
  • Tools imported are appropriate
  • Response data doesn't expose sensitive info
  • Server follows security best practices
验证以下内容:
  • MCP服务器URL可访问
  • 身份验证配置安全可靠
  • 导入的工具合适恰当
  • 响应数据未暴露敏感信息
  • 服务器遵循安全最佳实践

MCP Agent Deployment

MCP Agent部署

Same process as REST API agents:
  1. Review in admin center
  2. Validate MCP server compliance
  3. Test authentication flow
  4. Deploy to users/groups
  5. Monitor performance
与REST API Agent的部署流程相同:
  1. 在管理中心进行审核
  2. 验证MCP服务器的合规性
  3. 测试身份验证流程
  4. 部署至用户/用户组
  5. 监控性能

Agent Settings and Configuration

Agent设置与配置

Organizational Settings

组织级设置

Configure at tenant level:
  • Enable/disable agent creation
  • Set default permissions
  • Configure approval workflows
  • Define compliance policies
在租户级别配置:
  • 启用/禁用Agent创建功能
  • 设置默认权限
  • 配置审批工作流
  • 定义合规政策

Per-Agent Settings

单个Agent设置

Configure for individual agents:
  • Availability (on/off)
  • User assignment (all/groups/individuals)
  • Permission scopes
  • Usage limits or quotas
针对单个Agent配置:
  • 可用性(开启/关闭)
  • 用户分配(全部/组/个人)
  • 权限范围
  • 使用限制或配额

Environment Routing

环境路由

For Power Platform-based agents:
  • Configure default environment
  • Enable environment routing for Copilot Studio
  • Manage flows via Power Platform admin center
针对基于Power Platform的Agent:
  • 配置默认环境
  • 为Copilot Studio启用环境路由
  • 通过Power Platform管理中心管理流程

Shared Agent Management

共享Agent管理

View Shared Agents

查看共享Agent

Admins can see:
  • List of all shared agents
  • Creator information
  • Creation date
  • Host products
  • Availability status
管理员可查看:
  • 所有共享Agent的列表
  • 创建者信息
  • 创建日期
  • 宿主产品
  • 可用性状态

Manage Shared Agents

管理共享Agent

Admin actions:
  • Search for specific shared agents
  • View agent capabilities
  • Block unsafe or non-compliant agents
  • Monitor agent lifecycle
管理员操作:
  • 搜索特定的共享Agent
  • 查看Agent功能
  • 阻止不安全或不合规的Agent
  • 监控Agent生命周期

User Access to Shared Agents

用户访问共享Agent

Users access through:
  • Microsoft 365 Copilot on various surfaces
  • Agent-specific tasks and assistance
  • Creator-defined capabilities
用户可通过以下方式访问:
  • 多端Microsoft 365 Copilot
  • Agent专属任务和协助
  • 创建者定义的功能

Best Practices

最佳实践

Before Deployment

部署前

  • Pilot test with small user group
  • Gather feedback from early adopters
  • Validate security and compliance
  • Document agent capabilities and limitations
  • Train users on agent usage
  • 试点测试:在小范围用户组中测试
  • 收集反馈:从早期使用者获取反馈
  • 验证安全:确保安全性和合规性
  • 文档记录:记录Agent的功能和限制
  • 用户培训:培训用户如何使用Agent

During Deployment

部署期间

  • Phased rollout to manage adoption
  • Monitor performance and errors
  • Collect feedback continuously
  • Address issues promptly
  • Communicate availability to users
  • 分阶段部署:管控采用进度
  • 监控性能:跟踪性能和错误
  • 持续收集反馈
  • 及时解决问题
  • 用户沟通:向用户告知Agent可用性

Post-Deployment

部署后

  • Track metrics: Adoption, satisfaction, errors
  • Iterate: Improve based on feedback
  • Update: Keep agent current with new features
  • Retire: Remove obsolete or unused agents
  • Review: Regular security and compliance audits
  • 跟踪指标:采用率、满意度、错误率
  • 迭代优化:基于反馈改进
  • 更新维护:保持Agent功能最新
  • 退役处理:移除过时或未使用的Agent
  • 定期审核:进行安全和合规性审核

Communication

故障排除

Agent未显示

  • Announce new agents to users
  • Provide documentation and examples
  • Share best practices and use cases
  • Highlight benefits and capabilities
  • Offer support channels
  • 在管理中心检查部署状态
  • 验证用户是否在分配组中
  • 确认Agent未被阻止
  • 检查用户是否拥有Copilot许可证
  • 刷新Copilot界面

Troubleshooting

身份验证失败

Agent Not Appearing

  • Check deployment status in admin center
  • Verify user is in assigned group
  • Confirm agent is not blocked
  • Check user has Copilot license
  • Refresh Copilot interface
  • 验证OAuth凭据是否有效
  • 检查用户是否具备必要权限
  • 确认MCP服务器可访问
  • 独立测试身份验证流程

Authentication Failures

性能问题

  • Verify OAuth credentials are valid
  • Check user has necessary permissions
  • Confirm MCP server is accessible
  • Test authentication flow independently
  • 监控MCP服务器响应时间
  • 检查网络连接性
  • 在管理中心查看错误日志
  • 验证Agent是否受到速率限制

Performance Issues

合规违规

  • Monitor MCP server response times
  • Check network connectivity
  • Review error logs in admin center
  • Validate agent isn't rate-limited
  • 立即阻止不安全的Agent
  • 查看审计日志定位违规行为
  • 调查数据访问模式
  • 更新政策以防止再次发生

Compliance Violations

资源

  • Block agent immediately if unsafe
  • Review audit logs for violations
  • Investigate data access patterns
  • Update policies to prevent recurrence

Resources

工作流

询问用户:
  1. 该Agent是否已准备好部署,还是仍在开发中?
  2. 哪些用户应具备访问权限(所有用户、特定组、个人)?
  3. 是否有需要满足的合规或安全要求?
  4. 应发布至组织内部还是公共商店?
  5. 需要哪些监控和报告功能?
然后提供:
  • 分步部署指南
  • 管理中心配置步骤
  • 用户分配建议
  • 治理与合规检查清单
  • 监控与报告计划
undefined

Workflow

Ask the user:
  1. Is this agent ready for deployment or still in development?
  2. Who should have access (all users, specific groups, individuals)?
  3. Are there compliance or security requirements to address?
  4. Should this be published to the organization or the public store?
  5. What monitoring and reporting is needed?
Then provide:
  • Step-by-step deployment guide
  • Admin center configuration steps
  • User assignment recommendations
  • Governance and compliance checklist
  • Monitoring and reporting plan
undefined