#region AboutMe
####################################################################################################
# ABOUT: Restore Permissions on an OneDrive Site by adding the admin account as Site Coll Admin
# ParametersInput: User account and OneDrive Url
#
# Date: 19/Sep/2019
# Author: Jaqueline Goncalves
####################################################################################################
#endregion AboutMe
#region Variables
$env = "Company'sEnvironmentName"
$config = @{
siteAdminUrl = "https://$($env)-admin.sharepoint.com"
}
#endregion Variables
Function Add-SiteCollectionAdministrator{
Param(
$siteAdminUrl,
$siteColUrl,
$siteColAdminUser
)
Update-SiteCollectionAdministrator -siteAdminUrl $siteAdminUrl -siteColUrl $siteColUrl
-siteColAdminUser $siteColAdminUser -isSiteColAdmin:$true
}
Function Remove-SiteCollectionAdministrator{
Param(
$siteAdminUrl,
$siteColUrl,
$siteColAdminUser
)
Update-SiteCollectionAdministrator -siteAdminUrl $siteAdminUrl -siteColUrl $siteColUrl
-siteColAdminUser $siteColAdminUser -isSiteColAdmin:$false
}
## Internal Function
Function Update-SiteCollectionAdministrator{
Param(
$siteAdminUrl,
$siteColUrl,
$siteColAdminUser,
[bool]
$isSiteColAdmin
)
## Check Connection
Try{
$siteCheck = Get-SPOSite $siteAdminUrl
}
Catch{
Connect-SPOService -Url $siteAdminUrl
}
$updateSiteAdmin = Set-SPOUser -Site $siteColUrl -LoginName $siteColAdminUser
-IsSiteCollectionAdmin $isSiteColAdmin
if($updateSiteAdmin){
write-host "$($siteColUrl) \>" -NoNewline -ForegroundColor Gray
write-host " Is " -NoNewline
write-host "$($updateSiteAdmin.DisplayName) " -NoNewline -ForegroundColor Green
write-host "Site Coll Admin?" -NoNewline
switch($isSiteColAdmin){
$true{
write-host " $($isSiteColAdmin)." -ForegroundColor Green
}
$false{
write-host " $($isSiteColAdmin)." -ForegroundColor Yellow
}
}
}
}
## Example:
$properties = @{userAccount = "someemailaddress@domain.onmicrosoft.com"
userOneDrive = "https://$($env).sharepoint.com/sites/OneDriveIssue"}
$user = New-Object PSObject -Property $properties
Add-SiteCollectionAdministrator -siteAdminUrl $config['siteAdminUrl']
-siteColUrl $user.userOneDrive -siteColAdminUser $user.userAccount
Disconnect-SPOService
Friday, 25 October 2019
Update Site Collection Administrator
Handy script that can be used for removing or adding a Site Collection Administrator.
Tuesday, 22 October 2019
TypeError: Unable to get property 'replace' of undefined or null referenceTypeError: Unable to get property '_events' of undefined or null reference
We ran into an issue where a SharePoint 2013 farm was upgraded and after the upgrade the Managed Metadata Service wasn't running correctly for a while.
After investigation and lots of reading, I came across many people reporting that it was a permission issue.
Initially the error we were getting was:
(The Managed Metadata Service or Connection is currently not available. The Application Pool or Managed Metadata Web Service may not have been started. Please contact your administrator).
In ULS, the error was:
Failed to get term store during cache check for changes. Proxy 'Managed Metadata Service'. Exception: System.Security.SecurityException: Requested registry access is not allowed.
There was also another error reported on workflows that could not be completed:
Error from ULS: Failed to load product component ifsFileNames.xml. Web virtual root may be installed improperly.
The two references below were the key for the resolution of the problems in the environment:
“6616 Critical Requested registry access is not allowed.”
Chadd Talks | INFOPATH – REQUESTED REGISTRY ACCESS IS NOT ALLOWED – EVENT ID 6616 / 5369
MSDN | Requested registry access is not allowed when opening Infopath Forms on Sharepoint 2013
"psconfig -cmd secureresources" command had to be run on all the servers.
Once this was run on the server where Managed Metadata was inaccessible, this particular issue was resolved. Just be aware that this command can perform IIS reset on the server which will cause some down time if this is a web front end server.
Once this issue was resolved though, users started to report a new error while trying to access a list which was grouped by a Metadata column.
Many resources suggested that if the problem was global across the environment and lists, this was likely related to updates and further updates and KB would need to be installed.
Luckily, this time this wasn't necessary. The issue didn't seem to be affecting other lists and it was affecting just the view which was grouped by the Metadata column which was a good hint.
Having a closer look in PowerShell, I could see that the issue was because one of the items didn't have any value assigned to it, which was very likely caused because of the other issue mentioned here. Once some value was assigned to that particular item, the issue was resolved.
Initially the error we were getting was:
(The Managed Metadata Service or Connection is currently not available. The Application Pool or Managed Metadata Web Service may not have been started. Please contact your administrator).
In ULS, the error was:
Failed to get term store during cache check for changes. Proxy 'Managed Metadata Service'. Exception: System.Security.SecurityException: Requested registry access is not allowed.
There was also another error reported on workflows that could not be completed:
Error from ULS: Failed to load product component ifsFileNames.xml. Web virtual root may be installed improperly.
The two references below were the key for the resolution of the problems in the environment:
“6616 Critical Requested registry access is not allowed.”
Chadd Talks | INFOPATH – REQUESTED REGISTRY ACCESS IS NOT ALLOWED – EVENT ID 6616 / 5369
MSDN | Requested registry access is not allowed when opening Infopath Forms on Sharepoint 2013
"psconfig -cmd secureresources" command had to be run on all the servers.
Once this was run on the server where Managed Metadata was inaccessible, this particular issue was resolved. Just be aware that this command can perform IIS reset on the server which will cause some down time if this is a web front end server.
Once this issue was resolved though, users started to report a new error while trying to access a list which was grouped by a Metadata column.
Many resources suggested that if the problem was global across the environment and lists, this was likely related to updates and further updates and KB would need to be installed.
Luckily, this time this wasn't necessary. The issue didn't seem to be affecting other lists and it was affecting just the view which was grouped by the Metadata column which was a good hint.
Having a closer look in PowerShell, I could see that the issue was because one of the items didn't have any value assigned to it, which was very likely caused because of the other issue mentioned here. Once some value was assigned to that particular item, the issue was resolved.
Wednesday, 4 September 2019
Retrieve Permissions on Folders and Files level in PowerShell
I would like to share a script I had to use when having to extract a report of Folders and Files that had Unique Permissions on a SharePoint Site.
In my case, I had to use it an OneDrive Site Collection but it also works for any other site.
While working with OneDrive you should pay attention to the Permissions in the Site Collection as by default you will probably not have access to it.
https://sharepoint.stackexchange.com/questions/221118/retrieve-permissions-at-folder-and-file-level-in-powershell/268867#268867
In my case, I had to use it an OneDrive Site Collection but it also works for any other site.
While working with OneDrive you should pay attention to the Permissions in the Site Collection as by default you will probably not have access to it.
$foldersUniquePermissions = @()
$filesUniquePermissions = @()
foreach($doc in $documents){
$context.Load($doc)
switch($doc.FileSystemObjectType){
'Folder'{
$folder = Get-PnPFolder -Url ($doc.FieldValues.FileRef).Substring(37)
-Includes ListItemAllFields.RoleAssignments, ListItemAllFields.HasUniqueRoleAssignments
if($folder.ListItemAllFields.HasUniqueRoleAssignments){
$foldersUnique += $doc
}
}
'File'{
$file = Get-PnPFile -Url ($doc.FieldValues.FileRef).Substring(37) -AsListItem
Get-PnPProperty -ClientObject $file -Property HasUniqueRoleAssignments, RoleAssignments
if($file.HasUniqueRoleAssignments -eq $True){
$filesUnique += $doc
}
}
}
}
Posted Here:https://sharepoint.stackexchange.com/questions/221118/retrieve-permissions-at-folder-and-file-level-in-powershell/268867#268867
Wednesday, 17 July 2019
Keep track of all your meeting notes in OneNote
We often need to save meeting notes and even though it is possible to save them on each meeting in Outlook, what to do when you need to review them at a later stage? Instead of keeping your meeting notes in the meeting itself, why not keeping it all in one place in OneNote?
8. Once that is complete, you should see a OneNote link added to your meeting.
Here is a step by step to link Outlook meetings to OneNote and keep your meeting notes all in one place.
1. If you already have a Notebook that you would like to use, open it locally in your device. If you don't have a Notebook, can create one either on a Team Site or locally. Currently SharePoint Modern Team sites by default come with a OneNote Notebook. To open it locally, navigate to File:
2. Open:
3. Browse:
4. If your Notebook is stored in SharePoint, copy the link of the site only and paste in the navigation bar as below:
5. Wait for the site to load and select the location. If the OneNote was created with the site, it is normally stored in Site Assets. Open the location and open the OneNote:
6. Once your OneNote notebook is open, create a new section where you are going to store your meeting notes:
7. Now that you have opened your OneNote, Navigate to your Outlook. Create a new meeting. Select the OneNote icon (Meeting Notes) and select if you would like to share the notes with the other participants:
8. Once that is complete, you should see a OneNote link added to your meeting.
If you navigate to the OneNote, you will see all the meeting details stored there:
Wednesday, 19 June 2019
Microsoft Flows - Send e-mail with items that need to be reviewed
Summary of steps
Description
Recurrence - Only for testing
varApprovalRequiredItems - items that required approval and that will be sent by email to approver.
Get Request Items - Get SharePoint list items based on filter
Apply to each Pending Request - If conditional checking if request is not Data Sensitive and External request.
If doesn't meet the condition, item will be added to array.
Condition CheckIfArrayIsNotEmpty - Send e-mail only if there are items that require approval:
Expression to check if array is not null:
length(variables('varApprovalRequiredItems'))
Tuesday, 18 June 2019
Microsoft Flows - Update SharePoint List Items - Target Date for next working day
Requirement
A customer has a list of new requests and one of the staff member had to manually process the incoming requests and set a Due date for an item to be processed and also automatically assign an item to a her. The request is to automatically check if a request can be set as ready to be provisioned and set a Due date.Challenge
To determine the working dates and set dates that come on a Friday to the following Monday instead of the next day.
The Flow
I have created a Flow that is going to run on a schedule and the cool thing I find to set Flows on a recurrence is that you can select to run it only on working days if you required. I currently have another Flow that relates to this same requests process and I like the way it only runs on working days and it runs a few times a day. As this other Flow sends out emails, there is no spam sent during non working days.
I then had to Get the List Items from the Request List, filtering it by the Choice column Status:
Once I have grabbed the items, I have added a "Apply to each" action, based on the value returned. I have also added a condition, the items could be processed only if the "Data Sensitive" column was not set to "Sensitive Data". Once that was in place I then added an "Update Item" action like below:
As the final formula is based on the current date of the processed Item, I needed to have a way of testing the functionality and see how the formula would work on Fridays and Saturdays. So I temporarily created a Date column called 'TempCreated'.
The formula below has 2 IF statements, if a request comes on a Friday, it will add 3 days to the value, IF it comes on a Saturday, 2 days will be added. Else, 1 day will be added and the request target date will be set to the next day.
if(equals(dayOfWeek(items('Apply_to_each')?['TempCreated']),5), addDays(items('Apply_to_each')?['TempCreated'],3), if(equals(dayOfWeek(items('Apply_to_each')?['TempCreated']),6),addDays(items('Apply_to_each')?['TempCreated'],2),addDays(items('Apply_to_each')?['TempCreated'],1)))
The next step now is to be able to determine the public bank holidays.
Final Formula
The final version of the working formula is below:
if(equals(dayOfWeek(utcNow()),5), addDays(utcNow(),3),if(equals(dayOfWeek(utcNow()),6),addDays(utcNow(),2),addDays(utcNow(),1)))
Thursday, 30 May 2019
Add External Users to a SharePoint Site
When adding External Guests to a SharePoint Online site in the browser you might be prompted an error "Couldn't add user@external.ie as a member."
In order to resolve that, navigate to the group as per below:
1.
2.
3. Click in the 'go to Outlook' link:
4.
It is important to note that the External Users must have a Microsoft account in order to be invited to a SharePoint site / Teams. Once they are added to the site, they will receive an invitation by e-mail which must be accepted. If the invitation is not accepted the user will be prompted a Access Denied message stating that the no record for the user was found in the environment.
Also another requirement is that the site has to be configured to be shared externally, some organizations don't allow external sharing and you should contact your administrator to clarify if that is configured.
Useful resources:
- How to register for a Microsoft Account
Subscribe to:
Comments (Atom)