Archive

Posts Tagged ‘SharePoint’

Microsoft Releases SharePoint Framework Developer Preview!

August 18, 2016 Leave a comment

Microsoft just made the SharePoint Framework Developer Preview available via GitHub which was originally announced back in May 2016.  Please see the links below for more details:

Dev Center announcement: http://bit.ly/2bAkSKC
GitHub repository: http://bit.ly/2bq2ENg

The post Microsoft Releases SharePoint Framework Developer Preview! appeared first on blog about technology….

from blog about technology… http://bit.ly/2bAkmMJ

Jin Kang
I am an ECM Solutions Architect with over 7 years of experience envisioning, architecting, and implementing enterprise solutions using various technologies including Azure, Office 365, and SharePoint.

Currently I work at ConocoPhillips, providing problem resolution capabilities for systemic environment faults and outages, assist with automating and improving operational process, and collaborate with Operations and Support teams to evaluate, design, and introduce technologies to solve real business problems. I also provide subject matter expertise support to customers.

This article has been cross posted from jinkang.us (original article)

OneDrive for Business – Configurable Retention Period for Orphaned OneDrives!

August 11, 2016 Leave a comment

Hello again! It’s a well-known fact in On-Premise SharePoint world that ever since SharePoint 2010, My Site Clean Up Timer Job is set up 14 days before the MySite is deleted, and there’s nothing you can do about that other than disable the timer job and/or write your own timer job. Matter of fact, I recall countless SP conferences recommending you disable this timer job and handle retention via custom process where you have more visibility and control. In SharePoint Online world, this was changed to 30 days and if you’re like me and have corporate retention policies that are longer than 30 days, you would have to go thru series of workarounds to extend the retention period by leaving the Office 365 account active one way or another.

Well let me tell you that the days of that for SharePoint Online are gone now! I was surprised to see that the May 2016 release of the SharePoint CSOM (v 16.1.5312.1200) introduced ad new property called OrphanedPersonalSitesRetentionPeriod that allows you to get or set the default retention days to OneDrive for Business sites. Even better, the values can be set between 30 to 3650. That’s measured in DAYS! Which means max value is 10 years!!

I’m glad Microsoft has added this option as it now gives a lot of flexibility for organizations to ensure OneDrive retention meets their corporate retention policies.

Easiest way to change the retention is via SharePoint Online PowerShell commands:
…and you can download the latest SharePoint Online PowerShell from here

#Connect to SharePoint Online Admin (change URL to your SPO tenant Admin URL)
Connect-SPOService -Url http://bit.ly/2bkvM95-Credential (Get-Credential)

#Set Retention period – change the value of ‘3650’ to value you prefer
Set-SPOTenant -OrphanedPersonalSitesRetentionPeriod 3650

#Run the following command to confirm value has been applied
(Get-SPOTenant).OrphanedPersonalSitesRetentionPeriod

Here are some links to where you can find out more about this:

Good luck!

The post OneDrive for Business – Configurable Retention Period for Orphaned OneDrives! appeared first on blog about technology….

from blog about technology… http://bit.ly/2bkvHCr

Jin Kang
I am an ECM Solutions Architect with over 7 years of experience envisioning, architecting, and implementing enterprise solutions using various technologies including Azure, Office 365, and SharePoint.

Currently I work at ConocoPhillips, providing problem resolution capabilities for systemic environment faults and outages, assist with automating and improving operational process, and collaborate with Operations and Support teams to evaluate, design, and introduce technologies to solve real business problems. I also provide subject matter expertise support to customers.

This article has been cross posted from jinkang.us (original article)

[Nintex Workflow] Add user to Site Collection Administrator group with REST API

Helping people to automation their workplace is my passion and lucky for me I also get paid to do so !

This week I was finishing working with a partner to improve the (poor) automation steps required by Matter Center, which no-one can really complain because Microsoft made it open-source.
Matter Center documentation requires to create each client as a new site collection in PowerShell, but this is not quite possible if the users registering these new clients on a daily basis are regular Office 365 users and not SharePoint Administrators.Thanks to a few Nintex Workflows we managed to do all the configuration in the background.

Thanks to a few Nintex Workflows we managed to do all the configuration in the background.
Today’s post is not about the site collection creation so I will spare the details, but in summary and very high level, I developed 4 workflows, 1 CSOM Javascript to be executed on the browser, and 1 Nintex Form of course for submitting the new client on desktop or mobile.

Now this quick blog post is regarding the challenge that we had to add the user as a Site Collection Administrator of that newly created site collection.

Since there is no mention of the sort in http://bit.ly/1TUw4AY it may useful for someone, so here it is:

  1. Create a new Nintex workflow in an Office 365 site list.
  2. Download and Import the .NWP workflow file available here to replace the blank workflow
  3. Edit a few of the actions at the beginning of the workflow to set the variables (I never hard-code UserName and Password for instance, so you will see a few Lookup to a different list to get the value, which you can replace since they will be showing an error once imported into your list)

Note: In this workflow, the “user” I am adding to the Site Collection Administrators group is actually the “CreatedBy” of the list item, which may sound strange since the user running that workflow may be the CreatedBy. However this is NOT the case (refer to above point: we do not want all users to be SharePoint admins!), here is how you should sequence the workflow to start:
1) After the List Item is created, a first workflow (run by CreatedBy) i.e. called “Start and Call workflow 2” and in the workflow we just add a “Start Workflow”

2) then within that first workflow we just add a “Start Workflow” making sure that this action is bein executed in an “App Step” in order to use “elevated privilege”.

Nintex_Workflow_for_Office_365

3) finally all the actions are happening in Workflow2 (which you imported in step 2)

 

Hope this helps someone.

François.

via François on SharePoint & more http://bit.ly/1TUwgjP

François Souyri
French native Sharepoint Consultant living in London. A crossway between a designer, developer and system architect. Prefers stretching the limit of out-of-the-box features rather than breaking them into code. When not working with Microsoft Sharepoint François is often found on Web2.0 News sites and related social networking tools.

This article has been cross posted from sharepointfrancois.wordpress.com/ (original article)

Categories: Work Tags: ,

So, you want to delete users with the Azure AD Graph API? Good luck with that!

You might think that deleting users using the Azure AD Graph API would be pretty straightforward right?  You already have a registered application that succeeds in updating and creating new users.  This link doesn’t provide any warnings about hidden dragons or secret pitfalls.

Rest assured, there is at least one gotcha that’s primed to eat your lunch when it comes to deleting users.  Fortunately for you, True Believers, I’m here to show you how you too can quickly overcome this less than obvious configuration issue.

According the the Azure AD Graph Reference deleting user the is a simple operation.  All you have to do is send the HTTP Verb “DELETE” to the URL of the user you want to delete.

Example:

http://bit.ly/1VZ0GVf{user_id}[?api-version]

The user_id can be the UserPrincipalName. In other words, the E-mail address of the user.

As an example, I will delete a pesky AD user named “John Doe”.  This John Doe character has got to go!

Azure

I use PostMan to to get my API calls properly formatted.  It also helps to ferret out problems with permissions or configurations. This helps me to *know* that it works before I write my first line of application code.

Note: Notice that I have an OAuth Bearer token specified in the header.  I won’t cover how I got this token in this post.  If you want to know more about how I acquire tokens for Console Applications send me an E-mail!

PostmanDelete1

Assuming you have your tenant ID, user ID, and OAuth token all set correctly then all you need to do is click “Send”.  Your user is deleted as expected… right?

NOPE! you encounter the following JSON error response:

{
“odata.error”: {
“code”: “Authorization_RequestDenied”,
“message”: {
“lang”: “en”,
“value”: “Insufficient privileges to complete the operation.”
}
}
}

Your first reaction may be verify that your application registration is assigned the proper permissions on the AD Graph.  However, there is no permission that allows you to delete. You can only get variations of Reading and Writing.

AzurePermission

What do you do?  If you Google Bing around a bit you will find that your Application needs to be assigned an administrative role in Azure. It needs a ServicePrincipal.  So, off you go searching the competing, overlapping, portals of Azure trying to figure out how to assign an application roles within a resource.  You may even be successful.  We weren’t.

I had to use remote PowerShell to add my application to the appropriate role in order to delete users from AD.

REMOTE POWERSHELL TO AZURE AD

I used instructions from this MSDN article to download and install the Azure AD Module.  First I downloaded the Microsoft Online Services Sign-In Assistant for IT Professionals RTW.  Next, I grabbed the Active Directory Module for Windows PowerShell (64-bit version).  Once I had my PowerShell environment up and running, I cobbled together a quick script to Add my Application registration to the “User Account Administration” role.  Here is how I did it!

THE CODEZ

# Log me into my MSDN tenant using an account I set up as “global admin”.
$tenantUser = ‘admin@mytenant.onmicrosoft.com’
$tenantPass = convertto-securestring ‘Hawa5835!’ -asplaintext -force
$tenantCreds = new-object -typename System.Management.Automation.PSCredential -argumentlist $tenantUser, $tenantPass

Connect-MsolService -Credential $tenantCreds

# Get the Object ID of the application I want to add as a SPN.
$displayName = “MyAppRegistrationName”
$objectId = (Get-MsolServicePrincipal -SearchString $displayName).ObjectId

# Set the Role name and the Add the Application as a member of the Role.
$roleName = “User Account Administrator”
Add-MsolRoleMember -RoleName $roleName -RoleMemberType ServicePrincipal -RoleMemberObjectId $objectId

PLAY IT AGAIN SAM

If you execute the PowerShell above (and it’s successful) then you can attempt to invoke the API again.  Click Send!

DeleteSuccess

Notice this time PostMan returns an HTTP status of 204 (no content).  This is the appropriate response for a DELETE.  Let’s check our tenant to ensure Jon Snow is dead or rather John Doe is deleted.

DeleteProof

He’s gone!  You are good to go.

CONCLUSION

Azure is a dynamic, new technology.  Documentation is changing almost daily. It can be frustrating to navigate the changing landscape of marketing terms and portals.

All the information you need to sort out this error is out there. However, I found it to be scattered and not exactly applicable to what I was doing.  The PowerShell snippets existed in parts, one to log in to a remote tenant, one to add the role.  This post simply serves to bring the information together so you can quickly get past this problem and on to writing more code.

 

Cheers!

 

 

Chris Clements
I am a senior software developer and development team lead in Houston Texas. I am passionate about the “art” of software development. I am particularly interested in software design patterns and the principles of SOLID object-oriented code. I am an evangelist for test driven development. I love to think and write about my day-to-day experiences in the trenches of enterprise IT. I relish the opportunity to share my experiences with others.

From the wire to the presentation, I am holistic solutions guy. I have broad experience in client side technologies such as Javascript, Ajax, AngularJS, Knockout, and Bootstrap. I have extensive experience with MVC, MVVM, and ASP.NET Web Forms. I am strong in SQL Databases, performance tuning, and optimization. I also have a background in network engineering, wide-area and inter-networking.

This article has been cross posted from jcclements.wordpress.com/ (original article)

Reading a SharePoint Online (Office 365) List from a Console Application (the easy way)

In a previous post I talked about our strategy of using scheduled console applications to perform tasks that are often performed by SharePoint timer jobs.

As we march “zealously” to the cloud we find ourselves needing to update our batch jobs so that they communicate with our SharePoint Online tenant.  We must update our applications because the authentication flow between on premise SharePoint 2013 and SharePoint Online are completely different.

Fortunately for us, we found the only change needed to adapt our list accessing code was to swap instances of  the NetworkCredentials class for the SharePointOnlineCredentials class.

Imagine that this is your list reading code:

using (var client = new WebClient())
{
client.Headers.Add(“X-FORMS_BASED_AUTH_ACCEPTED”, “f”);
client.Credentials = _credentials;  //NetworkCredentials
client.Headers.Add(HttpRequestHeader.ContentType, “application/json;odata=nometadata”);
client.Headers.Add(HttpRequestHeader.Accept, “application/json;odata=nometadata”);

/* make the rest call */
var endpointUri = $”{_site}/_api/web/lists/getbytitle(‘{_listName}’)/Items({itemId})”;
var apiResponse= client.DownloadString(endpointUri);

/* deserielize the result */
return _deserializer.Deserialize(apiResponse);
}

The chances are your _credentials object is created like this:

_credentials= new NetworkCredentials(username,password,domain);

Here, the username and password are those of a service account specifically provisioned a for SharePoint list access.

In order to swap the NetworkCredentails class for SharePointOnlineCredentails first, you  need to download and install the latest version of the SharePoint Online Client Components SDK here (http://bit.ly/1rKS6N8).

Once the SDK is installed  add a reference to the Microsoft.SharePoint.Client and Microsoft.SharePoint.Client.Runtime libraries.  Assuming a default installation, these binaries can be found here: C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\.

Be certain to reference the 16.0.0.0 version of the dlls.  If you get the 15.0.0.0 version (which is currently the version in NUGet) your code may not work!

Now you can “new up” your _credentials like this:

_credentails = new SharePointOnlineCredentials(username,password);

But “TV Timeout!” (as a colleague likes to say after a couple brews at the pub) the password argument is a SecureString rather than the garden variety string.  You will need a helper method to transform your plain old string into a SecureString.  Here is how we do it:

public static SecureString GetSecureString(string myString)
{
var secureString = new SecureString();
foreach (var c in myString)
{
secureString.AppendChar(c);
}
return secureString;
}

One last thing to note; the SharePointOnlineCredentials class implements the System.Net.ICredentials interface. That’s what allows us to simple swap one class for another.

Therefore,  if you are following the SOLID principles and using dependency injection then the extent of your code changes may look like this:

var securePassword = SecureStringService
.GetSecureString(settings.SPOPassword);

container.Register<ICredentials>(()
=> new SharePointOnlineCredentials(username, securePassword));

Now that is cool!

Cheers and Happy Coding!

 

Chris Clements
I am a senior software developer and development team lead in Houston Texas. I am passionate about the “art” of software development. I am particularly interested in software design patterns and the principles of SOLID object-oriented code. I am an evangelist for test driven development. I love to think and write about my day-to-day experiences in the trenches of enterprise IT. I relish the opportunity to share my experiences with others.

From the wire to the presentation, I am holistic solutions guy. I have broad experience in client side technologies such as Javascript, Ajax, AngularJS, Knockout, and Bootstrap. I have extensive experience with MVC, MVVM, and ASP.NET Web Forms. I am strong in SQL Databases, performance tuning, and optimization. I also have a background in network engineering, wide-area and inter-networking.

This article has been cross posted from jcclements.wordpress.com/ (original article)

Office 365 is trying humour … will you recognise the quote from ?

November 18, 2015 Leave a comment

After the first funny quotes started some years back with the 404 not found pages showing “oops… something happened”, making them more friendly and less scary, it seems that the whole IT industry is trying to have humour, even on “serious” screens like Office 365 Admin center…

I think I like it!  better have fun at work, right? (and with all the TV geeks in SharePoint, it makes sense…)

Office 365 has humour

Office 365 has humour

via François on SharePoint & more http://bit.ly/1NbbPyF

François Souyri
French native Sharepoint Consultant living in London. A crossway between a designer, developer and system architect. Prefers stretching the limit of out-of-the-box features rather than breaking them into code. When not working with Microsoft Sharepoint François is often found on Web2.0 News sites and related social networking tools.

This article has been cross posted from sharepointfrancois.wordpress.com/ (original article)

Categories: Work Tags: ,

Bad Onedrive Business Sync bug (SP31654) if you use it with Office 2013 – install update required

October 21, 2015 Leave a comment

Over the past days several Office 365 client users reported a OneDrive For Business synchronisation issue, and I have to say that I usually just direct them to the IT Helpdesk but yesterday I decided that there was one too many so I went to troubleshoot it at a user’s desktop myself.

Nothing could be done to fix the random “red” icon when adding a SharePoint library to sync with user’s windows, remove the folder from OneDrive, uninstall and re-install OneDrive, none. And literally random, some files were also synchronising but still marked as red, and the Errors logs showing “please enter your credentials” but no option to enter them…

I was in a dead-end, until I found out that it is a current issue reported on the 15th October 2015 (5 days ago) and is actually clearly showing in the SHD (Office 365 Service Health Dashboard in the Admin center, see below post on Office 365 community).  The resolution is to update Office 2013.

But my main take away from this is that as much as I thought that no-one would seriously read the SHD every morning (and you can’t receive them by email!), I now realised that I should have started searching through the various incidents list, so I will pay more attention in the future when an user issue comes up.

I believe we have had so much frustration over the years of not finding the answer in Microsoft provided sources that we (I) have the reflex of Googling (binging..) an issue straight away and not actually checking the official source.

Now go on your mobile device and make sure you have the mobile app to see SHD installed !

Office 365 Service Health Dashboard

Office 365 Service Health Dashboard

This issue is now reported at Service Health Dashboard (SHD) as incident SP31654 starting at Thursday, October 15, 2015, at 3:00 PM UTC. The user experience of this incident is: Affected users are unable to sync files with OneDrive for Business. Users may see repeated prompts to enter their credentials, but entering them will not result in a successful sync. Tenant administrators can view current information and updates on SHD at the link here .

Source: Onedrive Business Sync – Credentials Required | Manage Office 365 | Microsoft Office 365 Community

via François on SharePoint & more http://bit.ly/1M7wYsZ

François Souyri
French native Sharepoint Consultant living in London. A crossway between a designer, developer and system architect. Prefers stretching the limit of out-of-the-box features rather than breaking them into code. When not working with Microsoft Sharepoint François is often found on Web2.0 News sites and related social networking tools.

This article has been cross posted from sharepointfrancois.wordpress.com/ (original article)

Categories: Work Tags: ,
%d bloggers like this: