3/10/2016

SharePoint: Undocumented Pending Shares Page

 

Article applies to SharePoint 2013, SharePoint Online and SharePoint 2016.

 

image

Did you ever wonder after using the Share buttons in SharePoint if the Site Owner ever responded to your request, responded with a question, or approved the request?

The My Permissions page

As I can’t find any documentation, I’ll call this undocumented for now… After a bit of web searching I did find a mention of the page in an Ignite presentation. In any case, this page lists the status of pending requests and lets the user who made the request check and send messages to the site owners. Requests that have been approved or declined will not be listed here.

The site owner can see your requests by going to Settings (gear), Site Settings, Site Permissions and clicking “Show access requests and invitations”. This will take them to the Access Requests page at _layouts/Access%20Requests/pendingreq.aspx.

You can check your pending requests by going to:
http://yourDomain/sites/yourSite/_layouts/mypermissions.aspx
This link will redirect to /_layouts/15 for now and may change in future versions.

Of course, no one knows about this page. There are no out of the box links to it. And… the site owner will probably not know to click the “SEND” button to start a conversation with the person who made the request.

If “Sharing” is important in your organization, you will need to provide some training, easy access to a link to the MyPermissions page, and do some work to “drive adoption”.

image

 

Details:

  • Only “Pending” requests are displayed. Approved requests are not.
  • You can click the “…” to see messages from the site owner, or to send a message to the site owner.
    image
  • This pending invites listed are unique to the current site. I.e. each site has its on MyPermissions page.

 

.

3/08/2016

SharePoint PowerShell Training for Auditing and Site Content Administration

 

image

If you have followed this blog, you know that I’m kind of a SharePoint nut who’s also a PowerShell nut. Over the years I have created a lot of PowerShell scripts while working with SharePoint and answering questions in my classes and in the TechNet forums. There’s plenty of resources for installing and configuring SharePoint using PowerShell, but there’s little on dealing with all of the daily questions on premise admins get that can be quickly answered using PowerShell. I was just going to take my 100+ scripts and create something like a “cookbook”, but instead created a class. The class handout kind of ended up as the cookbook… 85 pages and 175 sample scripts, or maybe more like a giant PowerShell cheatsheet for SharePoint.

This class is for on-premise SharePoint 2010, 2013 and 2016 administrators. A SharePoint Online version is in the works, but not available yet.

If you would like to attend this class, delivered by the author (your’s turely!), we are offering it next Monday, March 14th, at MAX Technical Training in Cincinnati, Ohio. You can attend this class at MAX or remotely from anywhere. If you can’t attend this class, it is available from trainging centers all over the world.

March 14th class at MAX: SharePoint 2010 and 2013 Auditing and Site Content Administration using PowerShell

Search for this class at other training centers: https://www.bing.com/search?q=55095%20powershell

If you would like to see some of the other courses and books I’ve written, then click here.

 

55095 SharePoint 2010 and 2013 Auditing and Site Content Administration using PowerShell

This one day instructor-led class is designed for SharePoint 2010 and 2013 server administrators and auditors who need to query just about anything in SharePoint. The class handout is effectively a cheat sheet with over 175 PowerShell scripts plus the general patterns to create your own scripts. These scripts cover:

  • using the SharePoint Management Shell and the ISE
  • general tips for counting, reformatting and exporting results;
  • drilling up and down the SharePoint object model
  • getting lists / inventories of servers, services web applications, sites, webs, lists, libraries, items, fields, content types, users and much more
  • finding lists by template type, content type and types of content
  • finding files by user, content type, file extension, checked out status, size and age
  • finding inactive sites
  • finding and changing SharePoint Designer settings and finding and resetting customized pages
  • inventorying and managing features
  • deleting and recycling files and list items
  • inventorying users and user permissions and finding out “who can access what”
  • creating sites, lists and libraries
  • uploading and downloading files
  • and much more…

At Course Completion

After completing this course, students will be able to:

  • Use PowerShell to query just about anything inside of SharePoint.
  • Understand the core SharePoint object model and object hierarchy as seen from PowerShell.
  • Format PowerShell output in to reports.
  • Manage resources to limit the impact on production servers.
  • Create and delete Site Collections, subsites, lists, libraries and content.

Prerequisites

Before attending this course, students must:

  • Very good knowledge of SharePoint and its features.
  • Good experience using PowerShell 2 or later or recent completion of a PowerShell class such as 10961 or 50414.

Course Outline

Module 1:  SharePoint and PowerShell

This module provides an introduction to the topics covered in the class, introduces SharePoint PowerShell terminology and provides a review of important PowerShell features.

Lessons:

  • History of PowerShell in SharePoint
  • PowerShell vs. Search
  • PowerShell, SharePoint Management Shell and cmdlets
  • Security and Permissions Needed
  • Getting Started with PowerShell: Counting Items, Custom Columns, Reformatting Numbers, Saving Results to a File
  • Changing and Updating Content: Creating SharePoint Objects, Changing Objects

Lab:

  • Using PowerShell with SharePoint

After completing this module, students will be able to:

  • Get started using PowerShell to inventory and update SharePoint.

Module 2: Working with SharePoint CMDLETs and Objects

This module introduces the SharePoint object model and some important terminology.

Lessons:

  • GUIDs
  • Sites vs. Webs
  • The SharePoint Object Hierarchy

Lab:

  • Get a list of all Site Collections and their GUIDs
  • Get a list of all Webs in all Site Collections
  • Given a web’s URL get its parent web and web application

After completing this module, students will be able to:

  • Explore sites and webs using PowerShell.
  • Retrieve important properties of common SharePoint objects

Module 3: Managing Memory and Limiting Performance Impact

This explores limiting impact on server memory usage and performance.

Lessons:

  • Memory Management and Disposing Objects
  • Limiting Impact on Production Servers

Lab:

  • Exploring PowerShell’s use of system memory.
  • Testing the impact of scripts on server performance

After completing this module, students will be able to:

  • Recognize and manage the impact of PowerShell on a SharePoint server.

Module 4: Working with Content

This module explores SharePoint using PowerShell from the Farm down to individual list items.

Lessons:

  • Getting Farm Information: version, services, services, features
  • Getting Web Application information
  • Exploring Site Collections: retrieve Site Collections, Site Collection Administrators, quotas
  • Working with the Recycle Bins: finding items, getting file counts and bytes, deleted sites
  • Exploring Webs: web templates, finding webs, finding webs based on template, Quick Launch and Top Link Bar navigation
  • Exploring Lists and Libraries: finding all lists, lists by type, lists by Content Type, columns/fields, document count by web or library
  • Exploring Content Types
  • Finding documents: by a word in the title, file type, content type, size, date age, checked out status, approval status and many more…
  • Deleting content
  • Downloading and uploading files

Lab:

  • Explore the farm.
  • Inventory site collections.
  • Create a recycle bin report.
  • Finding all blog sites.
  • Find all picture libraries.
  • Find all PDF files over 5 MB.
  • Delete all videos in a site collection.

After completing this module, students will be able to:

  • Explorer, inventory and maintain SharePoint content using PowerShell.

Module 5: Users and Security

This module covers the use of PowerShell to explore and document SharePoint permissions.

Lessons:

  • Users: find a user, get a list of all users, working with Active Directory groups
  • SharePoint groups: Get lists of groups, get the members of a group, find all groups a user belongs to, find the groups associated with a web
  • Expanding users lists that include Active Directory groups
  • Documenting Broken Inheritance / Unique Permissions: webs, lists, libraries, folders, items
  • Working with Role Assignments

Lab:

  • Get a list of all users who have access to a Site Collection.
  • Get a list of all groups in a Site Collection.
  • Get a list of all groups a user belongs to.
  • List all users who may have access to a SharePoint securable.
  • Get a list of all securables with broken inheritance.

After completing this module, students will be able to:

  • Explore and document users and user permissions.
  • Explore and document SharePoint groups.
  • Explore and document broken inheritance.

Module 6: Managing Sites

This module explorers Site Collection and Web management from PowerShell.

Lessons:

  • Finding Inactive Webs
  • Creating and Deleting Site Collections
  • Getting Site Collection Data
  • Creating and Deleting Subsites
  • Working With SharePoint Designer Settings

Lab:

  • Create a report for inactive sites.
  • Create a site collection and subsites.
  • Delete a site.
  • Delete a site collection.
  • Disable SharePoint Designer in all site collections.

After completing this module, students will be able to:

  • Manage SharePoint Site Collections and webs from PowerShell.

Audience

  • SharePoint server administrators.
  • SharePoint auditors.
  • Also valuable for SharePoint developers.

3/06/2016

SharePoint: The Waffle button is the Waffle button!

 

Something for the SharePoint trivia department…

What do you call this:

image

I had always thought that calling the App Launcher button in Office 365 and SharePoint 2016 the “waffle button” was a bit of a joke. It does look kind of like a waffle, there is no mouse-over tip to give a hint, and no one would ever guess “App Launcher”. Turns out that the word “waffle” is actually in the HTML! So going forward, I will consider both to be an acceptable name for the button.

image

 

Ok, back to work… do something useful…

 

.

2/21/2016

Hide the Attachments Link in a SharePoint Form

 

The problem… While we do want site visitors to see the list items, we don’t want them to see or click the list’s attachments.

More SharePoint Customization tricks!
More Site Owner articles.
More articles about the SPSecurityTrimmedControl
image

One approach is to use CSS and a handy SharePoint control. You could also write a JavaScript solution. Here we will look at the CSS option.

Note: This is not security! This is hiding some HTML using CSS. Users can right-click and select View Source to discover the text hidden by the CSS.

 

General pattern:

  1. View the DispForm.aspx page (the view properties popup in SP 2010) for an item in the list.
  2. Press F12 to open the IE Developer Tools.
  3. Use the Internet Explorer F12 panel’s Select Element button to discover an appropriate tag and ID that could changed by CSS to show/hide the content.  (For this example it happens to be “idAttachmentsRow”.)
    image
  4. Edit the DispForm.aspx page using SharePoint Designer.
  5. Add CSS to hide the tag from everyone.
  6. Add a SharePoint control with additional CSS to unhide the content for users with at least the Edit permission. Set the SharePoint control to only display its content for people who can edit list items.

The SPSecurityTrimmedControl

The magic here is that the SPSecurityTrimmedControl can selectively display content based on a user’s assigned permission. As an example, users with the Read permission level do not have the EditListItems permission while members and owners do. Note that the control can only be set to a single permission, not a Permission Level or group.

More detailed steps:

  1. Open SharePoint Designer and your site.
  2. Click Lists and Libraries and your list.
  3. Click the DispForm.aspx file.
  4. In the ribbon click Advanced Mode.
  5. Find the PlaceholderMain Content tag (<asp:Content ContentPlaceHolderId="PlaceHolderMain" runat="server">)
  6. Add the following block of HTML just after that tag.
  7. Save your changes and test.

 

SharePoint 2010 (and probably 2007) version:

<style type="text/css">
  #idAttachmentsRow { display:none }
</style>
<Sharepoint:SPSecurityTrimmedControl runat="server" PermissionsString="EditListItems">
  <style type="text/css">
    #idAttachmentsRow { display:inline }
  </style>
</Sharepoint:SPSecurityTrimmedControl>

SharePoint 2013 and SharePoint Online / O365 (and probably 2016) version:

<style type="text/css">
  #idAttachmentsRow { display:none !important }
</style>
<Sharepoint:SPSecurityTrimmedControl runat="server" PermissionsString="EditListItems">
  <style type="text/css">
    #idAttachmentsRow { display:table-row !important}
  </style>
</Sharepoint:SPSecurityTrimmedControl>

A list of the PermissionsStrings can be found here: https://msdn.microsoft.com/en-us/library/microsoft.sharepoint.spbasepermissions.aspx

More about using SPSecurityTrimmedControl can be found here: http://techtrainingnotes.blogspot.com/2009/07/sharepoint-run-javascript-based-on-user.html

 

.

2/20/2016

If you have not finished your SharePoint 2013 Dev Certs… better get to work!

 

Microsoft is “expiring” a long list of exams in September.

This means that:
  • Anyone working on the related certifications has six months to complete these exams, or never be able to finish certifications they have been working on.
  • Anyone wanting these certifications better get started ASAP.
  • Time to review your study and training plans and budgets!
  • You should review the rest of the “Expiring exams list” to see what else is going away, and check this list periodically . (dates currently range from March to Sept 2016.)
  • New certifications, exams and classes are going to be announced soon.

 

These certifications are Impacted. (The tests for them expire 9/16.)

  • MCSD: Windows Store Apps Using HTML5 (481, 482, 490)
  • MCSD: Windows Store Apps Using C# (484, 485, 491)
  • MCSD: SharePoint Applications 2013 (488, 489, 517)

These exams are going away in September:

  • 481: Essentials of Developing Windows Store Apps Using HTML5 and JavaScript
  • 482: Advanced Windows Store App Development Using HTML5 and JavaScript
  • 484: Essentials of Developing Windows Store Apps Using C#
  • 485: Advanced Windows Store App Development Using C#
  • 488: Developing SharePoint Server 2013 Core Solutions
  • 489: Developing SharePoint Server 2013 Advanced Solutions
  • 490: Recertification for MCSD: Windows® Store Apps using HTML5
  • 491: Recertification for MCSD: Windows Store Apps using C#
  • 492: Upgrade Your MCPD: Web Developer 4 to MCSD: Web Applications Examination
  • 499: Recertification for MCSD: Application Lifecycle Management
  • 517: Recertification for MCSD: SharePoint Applications

 

Links:

 

.

2/19/2016

Azure Exams 70-532, 70-533 and 70-534 Getting an Update!

 

Working on your Azure certifications? Take a break and go look at the list of announced updates. While they are listed as being updated as of March 16th, 2016, at least some the listed changes have already been applied.

The exams:

  • 70-532 Developing Microsoft Azure Solutions
  • 70-533 Implementing Microsoft Azure Infrastructure Solutions
  • 70-534 Architecting Microsoft Azure Solutions

 

The links to the exam changes PDFs:

 

.

2/17/2016

Azure Cloud – 5TB free space

 

You have to think a little differently when working in the cloud… (and sometimes I’m easily impressed with big numbers…)

  • Created an Azure Storage File Share.
  • Went to a VM running in Azure and connected to the share.
  • 5TB free space! (per share, and you only pay for what you use!)
    image

(Disclaimer: Free space on disk, not 5TB of free ($) space.)

 

image

 

Note: Azure Shares are only usable from machines running in Azure in the same region.

 

.

2/14/2016

All About Office 365 Groups

 

I’ve been collecting some notes on Office 365 Groups for my classes for a while. Here’s what I’ve got so far. Keep in mind that this feature is still evolving. Please post any corrections or updates!

 

Which Group?

SharePoint frequently reuses terms, which often makes conversations and forum posts a lot of fun. There’s at least three “Groups” in Office 365:

  • Active Directory Groups: Groups at the AD level. Outside of SharePoint. Useable across all site collections, and other applications. A “Sales Managers” AD group can be created once, updated in one place and used across all site collections in the tenant.
  • SharePoint Groups: Collections of users (people) and AD groups. Scoped to a single site collection. A “Sales Managers” SharePoint group would need to be created in each of the site collections and all updates repeated across all of the site collections.
  • Office 365 Groups: A new collaboration option! A combination of a mailbox and a site collection. Not a group useable for managing access to SharePoint sites.

 

Office 365 Groups

Office 365 Groups are a combination of an Exchange email account with the group’s name that is used to store conversations, and a “OneDrive – like” site collection to store files.

A collection of Office 365 Groups facts:

  • Internally, to distinguish traditional groups from the new Office 365 Groups, Groups are called “Unified Groups”. Externally they should be called “Office 365 Groups”, not “SharePoint Groups”.
  • Creating a Group creates an AD Distribution group, an email address and a “hidden” SharePoint Site Collection. The site collection is not visible in the tenant admin pages. The AD group is not manageable from Azure AD, only from the tenant admin Groups pages. (You can see members in Azure AD, but cannot edit them.)
  • Groups can be created from:
    • Outlook (OWA).
    • A user’s OneDrive.
    • The “GROUPS” page in the tenant Admin site. Here you can create both “Office 365 Groups” and “security groups”.
  • Conversations are stored in Exchange inboxes and files are stored in SharePoint Site Collections.
  • Groups are defined and managed in Azure AD. (Which explains why the PowerShell cmdlets for Groups are not in the SharePoint Online cmdlet library.)
  • Each user may create up to 250 Groups and can be a member of up to 1,024 Groups. There’s no limit for number of Groups per tenant.
  • Emails can be sent in the name of the group by members. (Requires a PowerShell based change.)
  • Groups will not be deleted if the Group’s owner is deleted.
  • Groups use a OneDrive for Business site under the covers. (Template: GROUP#0)
  • URL for the files site collection looks like a normal team site instead of a OneDrive site:  https://yourdomain/sites/groupsitename
  • If there is a URL conflict, a number is appended to the name: https://yourdomain/sites/groupsitename51
  • URL for the mailbox is “guessable”: https://outlook.office365.com/owa/#path=/group/yourGroupName@yourDomain.onmicrosoft.com/people
  • Groups site collections are not (currently) displayed in the admin Site Collections page. You may discover their existence when you create a new site collection that has the same name as a group site. “The site collection already exists. Please enter a different address.
  • PowerShell:
    • Get-SPOSite does not return Groups site collections, but you can access a Groups site by URL.
    • Get-SPOUser does not return users for Groups sites.
  • Groups file storage is counted against the tenant quota. It’s not considered to be a personal OneDrive. There is no “user” for the Group OneDrive. The mailbox can store up to 50GB of messages, posts and calendar entries. The SharePoint Site Collection has a max of 1TB.
  • Search: There is a search box, but it opens the Search Center in a new window/tab and searches all of SharePoint, not just the Groups file site.
  • The document library in the Group site is very much like a OneDrive for Business library. No ribbon, no custom columns, no metadata and no Content Types. The Groups library is very limited:
    • Only one library, and it’s not customizable. 
    • Can’t check out/in. (I saw this listed as a feature, but it’s not in my tenants.)
    • Versioning is enabled (Major only)
    • Cannot add/delete columns (i.e. use any custom metadata that might be useful to search or eDiscovery.)
    • Cannot use workflows.
    • Cannot audit security from the browser. 
    • No branding. Cannot be opened by SharePoint Designer.
  • The Site Collection is VERY limited.
    • Almost all of the links for site or list maintenance are redirected to the home page.
    • There is no Settings page.
    • There is no Site Permissions page, so there’s no Site Permissions page or 2nd tier recycle bin.
    • You cannot create new lists or libraries.
  • Library Sync: The Sync button works with the new OneDrive for Business sync client. So, keep in mind that group members of easily offline all of the content.
  • Recycle Bin:
    • There is a recycle bin, but you can only access the user level.
    • If you share a file with a non-member with “Edit”, they can delete the file, but get “Sorry, you don't have access to this page” when they click the Recycle Bin link.
    • There is no Site Collection recycle bin page available. The Groups “owner” can’t recover files deleted by members.
  • Can be administered and reported on from PowerShell as part of the Exchange Online cmdlets.
    https://technet.microsoft.com/en-us/library/jj200780(v=exchg.160).aspx
    cmdlets: Get/Set/New/Remove-UnifedGroup and Get/Add/Remove-UnifiedGroupLinks
    https://support.office.com/en-us/article/Use-PowerShell-to-manage-Office-365-Groups-aeb669aa-1770-4537-9de2-a82ac11b0540
  • Groups can be disabled for all users. (PowerShell)
  • Groups can be disabled for a subset of users. (Requires PowerShell.)
  • Security:
    • New groups default to “Public”. Everyone has access. You must remember to choose Private when you create the group.
    • I can’t find a place to change Public/Private status after the group has been created.
    • The names of groups are not private. They will be seen in “Send to”, “Share” and other places where user names can be seen. All groups, public and private, are listed in the “Browse Groups” screens. (Train your users not to use group names that reveal confidential data. You know, names like “IT Layoff Planning Group”. :-) )
    • Files can be shared with the “group”. They will be listed in the “Shared with us” tab.
    • Files that are shared with the “group” will be visible to all users even for Private groups! (I think this is a bug!) (The user must know the URL to the Files site.)
    • Files can be “reshared”. Sam has a site named “My Private Group”, which is Private, He shares a file with Robert (with Edit or View). Robert can only see that one file in the group site. Robert shares with Susan. Susan can then share with………
    • Users who guess the URL to the file site can see the site, but no files, or only files shared with them. They can see the list of “members” and who the owner is.

Recent Changes:

 

 

One of the more detailed articles on Office 365 Groups:
http://windowsitpro.com/office-365/exploring-office-365-groups

An Ignite 2015 session on groups:
https://channel9.msdn.com/events/Ignite/2015/BRK3114


And for fun… a less than positive view of Groups:
Office 365 Groups: The Duck-Billed Platypus of Collaboration Tools
https://futuretechnologygroup.wordpress.com/2015/08/11/office-365-groups-the-duck-billed-platypus-of-collaboration-tools/

 

Groups vs. Team Sites

  Groups Team Sites
Can add lists/libraries No Yes
Can add pages No Yes
Can add columns/metadata No Yes
Can use Content Types No Yes
Can hide membership No Yes
Can brand No Yes
Can be fully managed with PowerShell No Yes

See a pattern?

 

 

.

2/08/2016

Azure PowerShell: New-AzureRmAutomationCredential : Input string was not in a correct format.

 

Not an obvious error message:

New-AzurermAutomationCredential -AutomationAccountName "PStest" -Name "myPsredential"

New-AzurermAutomationCredential : Input string was not in a correct format.

image

Turns out it means you already have an Azure Automation credential with that name (“myPsCredential” in this example).

 

Wasted some time google/binging that one!

.

1/14/2016

Azure: PowerShell to List All Blobs in Storage

 

I have an Azure account for development and testing purposes that I want to keep as clean as possible. Part of my routine is clearing out unneeded blobs in the Storage Accounts. To do this using the Portal UI would take a long time… so PowerShell to the rescue.

I thought there would be a quick like piped command something like this:
Get-AzureStorageAccount | Get-AzureStorageContainer | Get-AzureStorageBlob

But no such luck. There’s extra steps to access the Storage Key and to create an Azure Storage Context object needed.

# optional!
$PreviousVerbosePreference = $VerbosePreference
$PreviousWarningPreference = $WarningPreference
$VerbosePreference = "SilentlyContinue"
$WarningPreference = "SilentlyContinue"


# if not alreay logged in to your Azure account...
# Add-AzureAccount
# if more than one subscription
# Select-AzureSubscription -SubscriptionName ????

Get-AzureStorageAccount |
  foreach {

    $acct = $_.label; $storageKey = (Get-AzureStorageKey -StorageAccountName $acct ).Primary;

    $ctx = New-AzureStorageContext -StorageAccountName $acct
-StorageAccountKey $storageKey;

    Get-AzureStorageContainer -Container * -Context $ctx } |

  foreach { $container = $_.Name; $_ } |

  Get-AzureStorageBlob |

  Select {$_.context.StorageAccountName}, {$container}, name,blobtype,length |

  Format-Table -autosize

# optional!
$VerbosePreference = $PreviousVerbosePreference

Select @{label="Storage Account";expression={$_.context.StorageAccountName}},
       @{label="Container";expression={$container}},
       name,
       blobtype,
       @{label="Bytes";expression={"{0,20:N0}" -f $_.length}} |

$WarningPreference = $PreviousWarningPreference

 

And if you like pretty columns then replace the Select line with this:

Select @{label="Storage Account";expression={$_.context.StorageAccountName}},
       @{label="Container";expression={$container}},
       name,
       blobtype,
       @{label="Bytes";expression={"{0,20:N0}" -f $_.length}} |

 

There’s got to be a better way to do this. So post any better solution as a comment!

 

Total storage?

Replace the Format-Table line with “Measure-Object -Property length -Sum” and you can get a file count and total bytes. (Don’t combine this with the “pretty columns” change!)

.

Note to spammers!

Spammers, don't waste your time... all posts are moderated. If your comment includes unrelated links, is advertising, or just pure spam, it will never be seen.