CHUVASH.eu

CHunky Universe of Vigourous Astonishing SHarepoint :)

Category Archives: sharepoint

Sites.Selected and Governance

The new permission in Graph API – Sites.Selected – is a step in the right direction. Since long we have been looking for ways of scoping the accesses to live up to the least privilege principle. It was either nothing or everything. I have tried out the new Sites.Selected permission and here are my findings.

First of all, if you haven’t heard about Sites.Selected, please visit these pages to find out more. I am skipping the introduction, since there are already good resources on that out there.

List of resources

How to grant permissions

Once you have your Azure AD App and the admin consent for Graph Sites.Selected, all you need is the Azure AD Application Id and Site Collection Administrator on a particular site. The simplest way is to use PnP.PowerShell:

Grant-PnPAzureADAppSitePermission -AppId $appId -DisplayName 'MyTest' -Site $url -Permissions Write

How to see the granted permissions

The only way to the application permissions is PowerShell or Graph, there is no indication on the site.

Get-PnPAzureADAppSitePermission 

What about governance

A site collection administrator can grant Read or Write permissions on a site. It gives the desired granularity for application access. But on the other side, there is no way (as of writing) to get all the sites that an Azure AD Application has permissions to.

Which leads me to the biggest weakness of the today’s implementation. Of course, we can traverse through all the sites using powershell and get the summary of all application permissions. The problem is that it can be time consuming in a bigger where you have plenty of sites. Also, it requires that your account that runs the script is a Site Collection Administrator on every site, which is a complete opposite of the granularity goal that Sites.Selected permission tries to achieve.

With that you might end up with several applications that have Write permissions to many sites and you might not have any clue wether it is used or not, who has access to those applications and if they need it.

My wish is that:

  • There will be an api (graph) or azure cli (or similar) that can list all the sites that an application with Sites.Selected has access to, without me being a Site Collection Admin on every site.
  • There will be transparency in the user interface, so that users and site owners can see which applications can read and write content on their sites, the same way as we can see the members of a site.

Smarter way of loading SharePoint CSOM dll in PowerShell

Have you also got a legacy powershell script that loads SharePoint dlls and runs CSOM code directly? It’s quite easy to convert to PnP PowerShell. But if you run out of time and just need to execute the script, then I have a quick tip for you.

First of all, a CSOM script can be recognized by Add-Type commands (or Import-Module) plus the SharePoint dll paths.

Loading the dll the old way.

The odds are high that you don’t have those directories and files, unless you run it on a SharePoint Server (who would do that at all?) or you have installed the SharePoint SDK.

SharePoint SDK can be downloaded and installed (as suggested here), but why would you want to do that? An easier way is just to locate the files that are distributed with the PnP.PowerShell module, let me show how to do that.

All the dlls are available from the PnP.PowerShell module directory:

So the only thing you need to do is to re-point the path from the original (the “GAC”) folder to the PnP.PowerShell folder. You don’t need to guess the folder. It’s easy.

Thanks to the PowerTip: Find the Path to a PowerShell Module (Scripting Guy) I could find a way to read the information dynamically, so it doesn’t matter where your folder actually is. The fact what version number the module has, what OS you run on, and whether or not you installed it for your user account only or for all users on your computer – allt that has impact on the folder location. So we need to read the right path and then use it in the Add-Type command.

$pnpModule = Get-Module ListAvailable PnP.Powershell
$base = $pnpModule.ModuleBase
Connect-PnPOnline $url Interactive
Add-Type Path "$base\Framework\Microsoft.SharePoint.Client.dll"
Add-Type Path "$base\Framework\Microsoft.SharePoint.Client.Runtime.dll"

Other notes

The PnP.PowerShell is built on top of.NET Core and it works cross plattform, that’s better.

Loading dlls on a Mac.

If your legacy script does not work with the newer PnP.PowerShell, you might need to install the older PnP PowerShell and adjust the module name in the script above accordingly.

The SharePoint SDK is built on top of .NET Framework (as of my understanding) and it can only be installed on a Windows machine.

The SharePoint SDK requires local administrator rights to be installed. The PnP.PowerShell can be installed for a user without beeing an administrator by adding -Scope CurrentUser (to the Install-Module), which makes the work much smoother.

If you have two or more versions of the PnP.PowerShell module installed, you have to adjust the script a little by loading only the latest version of the module:

$pnpModule = Get-Module PnP.PowerShell ListAvailable | Sort-Object Version Descending | Select-Object First 1

That was a quick tip on how you can use the types from the original CSOM libraries when you don’t have time to convert a script to a PnP code or if there is some functionality that is not covered in PnP yet (not quite sure if there is something you cannot do with PnP that you can do with CSOM).

The good sides of that approach:

  • it can be a step towards rewriting a legacy script to a newer PnP.PowerShell
  • the dlls are up-to-date thanks to an easy way to update the PowerShell Module (Update-Module)
  • it is cross platform, meaning you can execute your legacy script on a linux or on a Mac as well, good for automation!

1TB=1024GB in SPO Storage

You want to calculate your storage capacity in SharePoint Online? Here is how:

  • Every 1TB is 1024GB (it might be confusing, see my previous post, but it’s how it is calculated)
  • A tenant gets 1024GB by default
  • For every user license of a product that includes the service plan called “SHAREPOINTSTANDARD”/SharePoint Online (Plan 1) you get 10 GB extra
  • For every user license of a product that includes the service plan called “SHAREPOINTENTERPRISE”/SharePoint Online (Plan 2) you get 10 GB extra
  • For every user license of a product that includes the service called “ONEDRIVEBASIC”/SharePoint Online OneDrive Basic you get 0.5 GB extra

Products vs. Service Plans

A product (a.k.a. SKU) consists of service plans. E.g. Office 365 E3 (product) consists of SharePoint Online Enterprise among others. It is a Service Plan that gives you additional storage, not a product. The information on “SharePoint Limits” page is (over-)simplified. Simplified for a good reason of course – to give a rule of thumb for calculating your storage.

But if you want to calculate the exact storage capacity, like I do, and even break it down into different departments etc based on licenses, then you need to be aware of the fact that a service plan makes you eligible of more space. A service plan, such as SharePoint Online (Plan 1) can be part of 1 or more products.

Service Plans eligible additional storage and the corresponding SKUs

  • SharePoint Online (Plan 1) – “SHAREPOINTSTANDARD” – 10 GB per user license
    • Project Online Plan 1 – PROJECT_P1
    • Office 365 Enterprise E1 – STANDARDPACK
  • SharePoint Online (Plan 2) – “SHAREPOINTENTERPRISE” – 10 GB per user license
    • OFFICE 365 E5 – ENTERPRISEPREMIUM
    • OFFICE 365 E3 – ENTERPRISEPACK
    • MICROSOFT 365 E3 – SPE_E3
    • PROJECT ONLINE ESSENTIALS – PROJECTESSENTIALS
    • PROJECT ONLINE PROFESSIONAL – PROJECTPROFESSIONAL
    • PROJECT ONLINE PREMIUM – PROJECTPREMIUM
    • DYNAMICS 365 CUSTOMER ENGAGEMENT PLAN ENTERPRISE EDITION – DYN365_ENTERPRISE_PLAN1
    • Dynamics 365 Customer Service Professional – DYN365_CUSTOMER_SERVICE_PRO
    • DYNAMICS 365 FOR SALES ENTERPRISE EDITION – DYN365_ENTERPRISE_SALES
    • DYNAMICS 365 FOR TEAM MEMBERS ENTERPRISE EDITION – DYN365_ENTERPRISE_TEAM_MEMBERS
  • “ONEDRIVE_BASIC” – 0.5 GB per user license
    • VISIO Online Plan 2 – VISIOCLIENT
    • VISIO ONLINE PLAN 1 – VISIOONLINE_PLAN1

ActiveUnits vs. WarningUnits vs. ConsumedUnits

You can ignore the ConsumedUnits, because they are not used in the storage calculation. The ActiveUnits are the ones that are purchased. The WarningUnits are the licenses that have not been renewed and will be removed after 30 days.

So you need to count both the ActiveUnits and WarningUnits. Licenses = ActiveUnits + WarningUnits.

Further reading

Print2SPO – en enkel utskrift till SharePoint

Den här bloggposten är ett (en aning större) användar- (eller verksamhetsutvecklar-)tips om hur man kan sätta upp smarta utskrifter till SharePoint Online – utan några extraappar eller lösningar.

Först och främst, stort tack till min kollega Shahram som har presenterat idén för mig. Tänk dig ett följande scenario:

Du har en mall i Word som du fyller i, skriver ut på papper. Låt säga, det är en plockorder. Du vill digitalisera processen genom att skicka pdf:en till ett gemensamt dokumentbibliotek i SharePoint eller Teams.

Tekniskt är det enkelt, bara man i sin grupp kan komma överens om att göra det så. Då finns många möjligheter, både för att spara skog och kunna samarbeta smartare.

SharePoint-bibliotek

I det här scenariot använder jag ett bibliotek i SharePoint Online, men du kan koppla det även till Teams eller personliga OneDrive. Låt oss kalla det “Plockordrar”

OneDrive-genväg

Nästa steg är att lägga till en genväg till min personliga OneDrive. Man kan såklart synkronisera direkt, men i det här fallet väljer jag en OneDrive-genväg.

Mappen dyker snyggt upp på min dator:

Utskrift

Jag trycker på “Srkiva ut” och väljer “Microsoft Print to PDF”

Sedan väljer jag min OneDrive och “Plockordrar” och skriver in namn på filen

Det dyker upp i dokumentbiblioteket.

Smarta funktioner

Nu är jag inte längre begränsad till det analoga. Jag kan jag göra all magi som finns i SharePoint Online för att sätta upp ett smart samarbete med mina kollegor, som till exempel:

  • Lägga till kolumn Ansvarig och en vy “Mina plockordrar”
  • Lägga till kolumn Status för att skilja på aktiva och färdiga plockordrar
  • Lägga till kolumn Datum för att hålla en eventuell deadline
  • Använda kommentarer för att samarbeta med mina kollegor
  • Sätta upp alerts och påminnelser
  • Sätta upp godkännande-flöden etc
  • Formatera listan med olika färger för att kunna se bättre aktuellt arbete

Nästa gång du skriver ut från Word till PDF, kommer systemet ihåg ditt senaste val, så att det kan gå riktigt snabbt.

Det analoga

Den här processen betyder inte att det en tvär övergång till digitalisering heller. Det går fint att kombinera speciellt om man föredrar att ha det på papper! Mer än så. Du kan skriva ut den flera gånger om så behövs. Du minskar risken att det faller mellan stolarna (bokstavligt) och kan minska stressen för dig och dina kollegor.

Andra appar

Det finns dedikerade appar för att skriva ut till SharePoint, de kan vara mer precisa i vissa fall, men även med befintliga medel och smarta processer kan man ha ett smart samarbete i Office 365.

1 TB = 1024 GB in SPO?

There is confusion around how the storage is calculated in SharePoint Online. I believe, in SharePoint Online 1 TB is 1024 GB (based on powers of two), although the SI Prefix is for numbers based on powers of 10 (1TB = 1000GB, Wikipedia). In this post I would like to summarize the results of my investigations and I hope Microsoft or the community can confirm or disconfirm this.

First, let me explain why we care about it. The storage in SharePont is limited and we need to keep an eye on it. Especially in our case, where we need to track storage utilization across different parts of the organization/our tenant. The storage in SharePoint is calculated like so:

1 TB + 10GB * E-licensed users

The tricky part, though, is how to convert it into TB correctly.

Why I believe Microsoft treats 1 TB as 1024 GB

First of all, I can see it clearly in my dev tenant with exactly 25 licenses.

That would give 1TB + 10GB*25 = 1,25 TB if it would be based on powers of 10. But it isn’t because the storage I get is 1,24 TB, or 1,244 to be precise.

That means, for every E-license you get 10 GB or 10/1024 TB.

That also means you need more licenses to get the desired storeage. E.g. 10 TB more storage requires 1024 licenses and not 1000, 10 TB = 10240 GB, 10240 GB / 10 = 1024 E-licenses.

Also in OneDrive, the initial space I get, is 1024 GB (or 1TB). If 1TB = 1024GB in OneDrive, why should SPO be different?

Further, the MSDocs page reveals that the 25 TB are 25600 GB (which is exactly the product of 25 and 1024):

One contradictory page, though is the news about storage increase:

The calculations there are based on the decimal system:

Calculation of MB and GB

Just to verify how the storage is calculated in KB, MB and GB, I looked at the Storage of a SharePoint site. Luckily, I can get the storage used in Bytes, MB and GB (from different sources) and compare them to each other.

When I calculate back and forth I can defnitely see, it is multipled/divided by 1024, hence powers of 2:

The values in blue are the reported values. The other values are calculated.

The values in GB are exactly the same, the Bytes, KB and MB differ a bit due to rounding

Demote News in SharePoint Online

In case you published a news in SharePoint Online and you now want to “downgrade” it to a regular page, I have a solution for you.

The reasons why you would like to demote a News might vary:

  • You publish an important message, perhaps a note about an operational disturbance. It might not relevant anymore, but you still want to keep the page in case someone wants to access the information.
  • You accidentally create a page as a news.
An example of a news of a temporary character

The News “Promotion” is controlled through the field called “Promoted State”. You cannot edit, but you can include it in a view to check the current state of it.

  • “0” means a regular site page
  • “2” means News
Show the “Promoted State” and ID to check the current status and identify pages and news

So in order to convert a news to a regular page, you need to update the list item’s field “Promoted State” from 2 to 0.

Unfortunately, the Promoted State field is read only. Hence we need to make it editable first, edit it, and in the end, reset the field.

Lucky us, that is easily done with PnP 🙏🙏🙏🙏🙏

$site = "https://{tenant}.sharepoint.com/sites/{site}"
Connect-PnPOnline Url $site SPOManagementShell ClearTokenCache
$field = "Promoted State"
$list = "Site Pages"
$id = 85 #the item id of the news
Set-PnPField Identity $field List $list Values @{ReadOnlyField=$false}
#make sure to enclose the number into quotation marks
Set-PnPListItem List $list Identity $id Values {"Promoted State"="0"}
#reset the field
Set-PnPField Identity $field List $list Values @{ReadOnlyField=$true}
view raw demote-news.ps1 hosted with ❤ by GitHub

That’s it. Easy, isn’t it?. I wonder why the field is readonly, though. What downsides might this procedure have? What do you think?

Kombinera två SharePoint-listor i PowerBI

Det här är en enkel guide på svenska om hur du kan ladda in data från två eller fler listor i SharePoint och lägga ihop dem till en.

Scenariot är följande. Du har två eller fler sajter i SharePoint Online som har var sin lista (med samma kolumner). Du vill ladda in data från båda och se en aggregerad/summerad version. Alternativet är att ha en delad lista, men ibland (av behörighetskäl eller av behovet för smärre anpassningar av enskilda listor), ligger det i separata listor/sajter.

För enkelhetens skull, har jag följande demouppsättning:

  • Två enkla listor i samma sajt:
    • ShapesA
    • ShapesB
  • Listorna innehåller två exakt likadana kolumner
    • Shape
    • Color
Första listan
Andra listan

Målet är att addera raderna ifrån två listorna till en större lista.

Power BI

Att läsa in SharePoint-listor in i Power BI är ganska enkelt. Starta Power BI Desktop på din Windows-dator.

Man börjar med Get Data…
Filtrera på SharePoint och välj SharePoint Online List
Klistra in länken till din sajt
Välj listorna
Viktigt! Tryck på “Transform Data” först
Radera alla kolumner du inte behöver. Gör det på båda listorna.

Nästa steg är det vikigaste i den här guiden: Kombinera de här två listorna: Append Queries

Append Queries
Välj “Append Queries as New”
Välj lista 1 och lista 2 och klicka på OK
När den är färdig, klicka på Close & Apply

Den kombinerade datan ligger i “Append1”

Append1

Resten är “bara” visualisering. “Bara”, eftersom det hårdaste jobbet (Tranformation, kombinering) är redan bakom oss. Testa olika alternativ.

Visualisering

Ett exempel är Treemap:

Treemap
För att få till Treemap i det här exemplet behövde jag ha Title (=Shape) både i Group och Values

Summering och reflektion

Den här guiden visar hur man kombinerar (lägger på) två listor och jobbar med dem som om de vore en lista. Hör av dig om det har varit till hjälp eller om du har frågor eller funderingar.

Själva behovet är verkligt. I SharePoint har det alltid varit en utmaning att samla ihop datan från olika sajter och listor. Vi har använt oss av söken (med Sökcenter och DisplayTemplates) och andra tekniker. Visst vore det enklare att ha det samlat i en central databas eller en lista. Det är dock en viss frihet att låta olika organisatoriska enheter “äga” sina delar (användare kan justera sina vyer, ordna formatering, lägga till extrakolumner och annat trevligt). Aggregeringsbehovet kan nu, med Power BI, lösas på ett relativt smidigt och användarvänligt sätt.

Add a security group as hubbers using PowerShell

Today I needed to add a security group to “People who can associate sites with this hub” through PowerShell. Here is quick how-to. I usually say “hubbers” instead of the long “People who….”. By the way, if you want to know what prerequisites there are for being a hubber, read my other blog post

An example of how to add a security group is missing in the MS Docs:

This is easy, all you have to do is to find out the security group id, prepend it with “c:0t.c|tenant|” and run the command.

$url = "https://tenant.sharepoint.com/sites/hubsite1"
$groupId = "0b2d5885-158a-4aa1-bea3-cd28f71fcc37"
$securityGroup = "c:0t.c|tenant|$groupId"
Grant-SPOHubSiteRights $url -Principals $securityGroup -Rights Join

That’s it. I’ll try to provide this example to the MSDocs github.

Two workarounds for overcoming the listview threshold

These are two workarounds to see documents / list items in a view that exceeds the listview threshold of 5000 items.

Overcoming the listview threshold is as fun as succeeding in the limbo games.

This is changing all the time. When you read this, it might have changed. Today, 2021-01-05, me and my colleague found following two workarounds for listing over 5000 items in a list view in SharePoint Online:

  1. Sorting by name in a view
  2. Adding a shortcut to OneDrive

Both methods require the Modern UI in SharePoint Online.

In our case we have a migrated document library with many items. In the source, the threshold was much higher, in SharePoint Online some folders didn’t show anything. It showed only “Something went wrong”:

The classic view had a better error message, but no solution for that:

This view cannot be displayed because it exceeds the list view threshold (5000 items) enforced by the administrator.
To view items, try selecting another view or creating a new view. If you do not have sufficient permissions to create views for this list, ask your administrator to modify the view so that it conforms to the list view threshold.

Sorting by Name

We will split those big folders into smaller ones. But while trying things out, we found that having Sorting by name, suddenly showed the documents in the big folders.

As a user you have to scroll a lot to find your document (because of the infinite scroll), but still, now you are able to see your documents!

Also, you can start selecting files and re-organizing them by using “MoveTo”.

Adding shortcut to OneDrive

Another workaround (or I’d rather say trick) is to open the folder from within your personal OneDrive by adding a shortcut:

With that you’ll get the folder linked in your OneDrive.

Even with a big number of files, OneDrive will list the folder. Why is that? Maybe, Microsoft treats personal OneDrives differently, more gently, in a more forgiving way.

On your computer you’ll see the linked OneDrive folder, too.

Daniel Chronlund Cloud Tech Blog

News, tips and thoughts for Microsoft cloud fans

Вула Чăвашла

VulaCV - Чăвашла вулаттаракан сайт

Discovering SharePoint

And going crazy doing it

Bram de Jager - Architect, Speaker, Author

Microsoft 365, SharePoint and Azure

SharePoint Dragons

Nikander & Margriet on SharePoint

Mai Omar Desouki

PFE @ Microsoft

Cameron Dwyer

Office 365, SharePoint, Azure, OnePlace Solutions & Life's Other Little Wonders

paul.tavares

Me and My doings!

Share SharePoint Points !

By Mohit Vashishtha

Jimmy Janlén "Den Scrummande Konsulten"

Erfarenheter, synpunkter och raljerande om Scrum från Jimmy Janlén

Aryan Nava

DevOps, Cloud and Blockchain Consultant

SPJoel

SharePoint for everyone

SharePointRyan

Ryan Dennis is a SharePoint Solution Architect with a passion for SharePoint and PowerShell

SharePoint 2020

The Vision for a Future of Clarity

Aharoni in Unicode

Treacle tarts for great justice

... And All That JS

JavaScript, Web Apps and SharePoint

blksthl

Mostly what I know and share about...