Webcast of SharePoint Virtual Summit:

sharepoint-virtual-summit-2017.jpg

For those who missed to attend the SharePoint Virtual Summit session which was held on May 16th , please make use of the link below to watch the webcast on demand

https://event.microsoft.com/events/2017/1705/SharepointSummit/

Watch the webcast to learn how to create a connected workplace in Office 365 with OneDrive and SharePoint, integrated with Yammer, Microsoft Teams, Windows, PowerApps and Microsoft Flow.

In this webcast , Microsoft has unveiled the latest innovations and roadmap, and you’ll learn how industry-leading customers are leveraging these technologies as part of their digital transformation. Discover how Office 365, connected with Windows and Azure, is reinventing productivity for you, your teams and your organization.

Happy SharePointing !!!

Terminologies one must be aware of in Office 365:

Listed below are the few important topologies one must be aware of while working on Office 365.Office 365

  1. Active Directory Federated Services (AD FS):

On-premises security token service (STS) that provides simplified, secure identity federation and Web single sign-on (SSO) capabilities for users who want to access applications within an AD FS-secured enterprise, in federation partner organizations, or in the cloud. Federated identities with Modern Authentication-enabled clients interoperate with EvoSTS, which is the Azure AD STS.

AD FS indirectly supports CA scenarios, as it offers a set of controls known as client access filtering that allow the creation of perimeter network-based policies for IP range filtering, accessed workload, or client type (browser vs rich client).

  1. Multi-Factor Authentication (MFA):

Protects access to data and applications by requiring a second form of authentication. Strong authentication is available through a range of verification options.

  1. Azure Active Directory Premium:

All CA scenarios that leverage Azure AD require Azure AD Premium. Azure AD Premium adds feature-rich enterprise-level identity management capabilities and enables hybrid users to seamlessly access on-premises and cloud capabilities. It includes everything you need for information worker and identity administrators in hybrid environments across application access, self-service identity and access management, identity protection and security in the cloud.

  1. Azure Rights Management Services (RMS):

Uses encryption, identity, and authorization policies to protect files and email. Information protection that is applied by using Azure RMS stays with the files and emails independently of the location, allowing customers to remain in control of their data even when this data is in motion.

  1. Conditional Access (CA):

CA allows customers to selectively allow or disallow access to Office 365 based on attributes such as device enrollment, network location, group membership, etc.

  1. Device-based CA restricts access to devices that are managed by the organization and are in a healthy state. Device-based CA is a feature of Intune. Users must enroll their devices in Intune and validate that the device meets the organization’s access rules regarding device health and security.
  2. There are other CA scenarios that do not require device enrollment, such as restrict access only from specific locations. These scenarios do not require Intune and are provided through Azure AD Premium access control features.
  1. Data Loss Prevention (DLP):

Helps identify and monitor sensitive information, such as private identification numbers, credit card numbers, or standard forms used in your organization. DLP Policies enable you to notify users that they are sending sensitive information and to block the transmission of sensitive information.

  1. Microsoft Enterprise Mobility + Security (EMS):

Provides identity and access management, MDM, MAM and Azure RMS. Intune is a part of EMS.

  1. Microsoft Intune (Intune):

Intune is a cloud-based service that helps you manage Windows PCs, and iOS, Android, and Windows mobile devices. Intune also helps protect corporate applications and data. You can use Intune alone or you can integrate it with Microsoft System Center Configuration Manager 2012 R2 to extend your management capabilities.

  1. Mobile Application Management (MAM):

Controls how corporate-managed applications work and interact with other managed applications and unmanaged applications (e.g., provides the ability to restrict user actions such as copy, paste, download, etc.). Available through Intune.

  1. Mobile Device Management (MDM):

Provides the ability to configure mobile device policies, such as enforcing complex PINs or passwords, blocking devices that have been jail broken or rooted from syncing email, disabling Bluetooth, etc. Available through Office 365 MDM and Intune.

  1. Modern Authentication:

Provides OAuth-based authentication for Office clients against Office 365 using Active Directory Authentication Library (ADAL). Replaces the Microsoft Office Sign-In Assistant. Allows for CA policies, so administrators can define granular applications and device-based controls for corporate resources.

Thanks for reading this post ….Good luck with Office 365 !!!

 

 

Great opportunity for Office 365 folks:

office 365.png

Microsoft has  planned and set up 8 different Office 365 Labs webcasts that will be delivered during September and these are the topics that will be discussed in the webcast.

1. Office 365 Labs – Using PowerShell to automate tasks
2. Office 365 Labs – Mastering Azure AD Connect
3. Office 365 Labs – Mail flow
4. Office 365 Labs – Getting the best out of Outlook and Exchange Online
5. Office 365 Labs – OneDrive Synchronization 101
6. Office 365 Labs – Sharing and collaboration with internal and external users in SharePoint Online
7. Office 365 Labs – AD FS and multi-factor authentication explained
8. Office 365 Labs – Exchange Online compliance features (In-Place Archive, In-Place Hold, eDiscovery)

Please use this link below to enroll yourself for these sessions

Office 365 Labs webcasts coming in September

Part 2: Useful Office 365 cmdlets to generate SharePoint Online reports and also for SharePoint Online site administration:

Followed to my previous article about useful office 365 cmdlets in SharePoint Online, in this article I’ll be showing you some more useful PowerShell cmdlets to generate SharePoint Online reports /SharePoint Online site administration. I see a lot of misconception with my fellow SharePoint workers on understanding the difference between SharePoint on-premises cmdlets and Office 365(SharePoint Online) cmdlets, please note that they all don’t have the same functionality even though they almost look similar. There is a lot of difference in what they exactly do, so please pay close attention while utilizing them.

1

So let’s get into the real meats and potatoes now…

  1. To create a new SPO Site collection:

SyntaxNew-SPOSite -Url https://vigx.sharepoint.com/sites/Vignesh -Title “Vignesh” -Owner “vigganesan89@vigx.onmicrosoft.com” -Template “STS#0” -TimeZoneId 10 -StorageQuota 200

2

Note: In the above mentioned command you need to specify the URL of your new site collection, Title Name, Template ID, Time Zone and Storage quota size. Please check my previous article on SharePoint Online command to get to know about SharePoint Online Template ID’s

Running this command will create a new site collection in SPO and you can verify this in your SPO admin center as shown below.

3

2.To list the groups, and all the group memberships, for all of your SharePoint Online sites.

Syntax:

$x = Get-SPOSite

 

foreach ($y in $x)

    {

        Write-Host $y.Url -ForegroundColor “Yellow”

        $z = Get-SPOSiteGroup -Site $y.Url

        foreach ($a in $z)

            {

                 $b = Get-SPOSiteGroup -Site $y.Url -Group $a.Title

                 Write-Host $b.Title -ForegroundColor “Cyan”

                 $b | Select-Object -ExpandProperty Users

                 Write-Host

            }

    }

Running the above mentioned command will display the results as shown below,

4.png

3.To list the groups, and all the group memberships, for a single site collection:

Syntax:

First let me assign the $siteURL variable to the site collection in question.

$siteURL = “https://vigx.sharepoint.com/teams/test”–> Site in question.

$siteURL = “https://vigx.sharepoint.com/teams/test”

$x = Get-SPOSiteGroup -Site $siteURL

foreach ($y in $x)

    {

        Write-Host $y.Title -ForegroundColor “Yellow”

        Get-SPOSiteGroup -Site $siteURL -Group $y.Title | Select-Object -ExpandProperty Users

        Write-Host

    }

Running this command will display the results as shown below .

5

 4.To lock a SharePoint Online site:

SyntaxSet-SPOSite -Identity $site -Lockstate NoAccess

Specify the $site variable to the site which you want to lock.

6

Running this command will lock the site and when you try to access it you will get a 403 Forbidden error.

5.To unlock as SharePoint Online site:

Syntax:  Set-SPOSite -Identity $site -Lockstate Unlock

7.png

This will unlock the site that we just locked in the previous command.

6.To disable external sharing for a SharePoint Online site collection:

Syntax:

$siteURL = “https://vigx.sharepoint.com/teams/test”–> Site in question

Set-SPOSite -Identity $siteURL -SharingCapability Disabled

8.png

You can verify this in your SharePoint Online admin center as shown in the image below. The site in question will have external sharing disabled as shown below.

9

7.To enable external user and guest sharing:

Syntax:

Set-SPOSite -Identity $siteURL -SharingCapability ExternalUserandGuestSharing

10.png

Running this command will enable external user and guest sharing in a SPO site collection and you can verify that in the screenshot below.

11.png

Note: By default, this feature will be disabled for SPO sites and this has to be enabled if required.

8.To enable only external user sharing:

Syntax:  Set-SPOSite -Identity $siteURL -SharingCapability ExternalUserSharingOnly

12.png

 Running this command will only enable external user sharing in a SPO site collection and you can verify that in the screenshot below.

15.png

9.To get the list of sites where sharing capability has been enabled:

Syntax:    Get-SPOSite | Where {$_.SharingCapability -ne “Disabled”}

13

  1. To get the list of sites where sharing capability is disabled:

Syntax:  Get-SPOSite | Where {$_. SharingCapability -eq “Disabled”}

14.png

 11.To change the owner of site:

Syntax:

First let me assign the $siteURL variable to the site collection in question.

$siteURL = “https://vigx.sharepoint.com/teams/test”–> Site in question

Set-SPOSite -Identity $siteURL -Owner “pritham@vigx.onmicrosoft.com”

16

12.To change the storage and resource quota of a site:

Syntax:

Set-SPOSite -Identity $siteURL -StorgaeQuota 1000 -ResourceQuota 500

13.To change the Title of the site:

Syntax:

Set-SPOSite $siteURL -Title “New Title”

17.png

This will change the title of the site in question. You can verify this below.

18.png

Thanks for reading this article. This is all I have for this post and I’ll be back with Part 3 of this article very soon.

Happy SharePointing !!!

Part 1: Useful Office 365 cmdlets to generate SharePoint Online reports and also for SharePoint Online site administration:

Presentation1.png

In this post I’ll be showing you how to use Office 365 PowerShell cmdlets to generate useful SharePoint Online reports from your SharePoint Online tenant and also I’ll be discussing on certain useful cmdlets that can be used for SharePoint Online site administration. Let’s get started.

Note: Before we get started, please ensure that you’ve configured your PC to run SharePoint Online (Office 365) cmdlets. If not, please take a look on this article which I’ve already written about how to configure that. Also make sure that you’re a member of the SharePoint Online administration role in Office 365.

  1. Get-SPOSite -Detailed

This command will give a detailed list of all the site collections in your SharePoint Online tenant as shown in the screenshot below.

1.png

2. To get a list of SharePoint groups in your tenant.

Syntax:   Get-SPOSite | ForEach-Object {Get-SPOSiteGroup -Site $_.Url} |Format-Table 

Running this command will generate the results as shown in the image below. Also please note that this command will display the default SharePoint groups as well as the custom SharePoint groups that was created manually.

2.png

3.png

3. Adding a user to the Site collection administrators group.

Before I go ahead and show the syntax for this, let me go ahead specify the variables here so that it will be easy for us to use that in the command.

$tenant =  “https://vigx-admin.sharepoint.com “–>This would be my tenant URL

$site = “https://vigx.sharepoint.com/teams/test” –>This will be the SharePoint site collection URL

$user =” kamaleshg@vigx.onmicrosoft.com” –> This will be the UPN for the user who will be added as the SCA.

Since we have already specified all the variables, let’s go ahead and run the syntax.

SyntaxSet-SPOUser -Site $site -LoginName kamaleshg@vigx.onmicrosoft.com -IsSiteCollectionAdmin $true

Check the screenshot below for reference:

4.png

5.png

So this will add the user to the SCA group of  a site collection.

4. To get the list of users in my SharePoint Online Tenant:

Syntax:  Get-SPOSite | ForEach-Object {Get-SPOUser -Site $_.Url} 

Running this command will display the results as shown in the screenshot below.

replace.PNG

 

 

5.To get a report of the user’s in a site, their display names, permission levels and other properties:

Before I go ahead and execute the command for this, let me specify the $site variable for the site in question.

$site = “https://vigx.sharepoint.com/teams/test” –>This will be the SharePoint site URL

Note: It’s not necessary that you need to keep specifying the variables every time in a command unless you’re planning to use a different value apart to the one specified for that variable. PowerShell will automatically store it for you till the session is live.

Syntax:  Get-SPOUser -Site $site | select * | Format-table -Wrap -AutoSize | Out-File G:\UsersReport.txt -Force -Width 360 -Append

8.png

Running this command will generate a report as shown in the screenshot below.

9.png6. To get a report of the all user’s in your SharePoint Online Tenant, their display names, permission levels and other properties

$tenant =  “https://vigx-admin.sharepoint.com “–> This would be my tenant URL

Syntax:

Get-SPOSite | ForEach-Object {Get-SPOUser -Site $_.Url} | Format-Table -Wrap -AutoSize | Out-File G:\UsersReport.txt -Force -Width 360 -Append

10.png

Note: PowerShell might throw you some errors while running this command but that can be safely ignored.

Running this command will generate a report as shown below.

11.png

If you want to export the result to a CSV file, try running the below mentioned command.

Command 1 : For setting the headers in the CSV file

“Display Name`tLoginName`tGroups” | Out-File C:\UsersReport.csv

 12.png

Command 2: Once you’re done executing the first line, run the below syntax to get the report in the form a CSV file.

Syntax:

Get-SPOSite | ForEach-Object {Get-SPOUser -Site $_.Url -ErrorAction SilentlyContinue | %{ $_.DisplayName + “`t” + $_.LoginName

 + “`t” + $_.Groups | Out-File c:\UsersReport.csv -Force -Append}}

13

This will generate a CSV file as shown in the image below,

14.png

 7. To create a new SharePoint Group in a site collection.

Before I mention the syntax, let’s specify the necessary variables.

$tenant = “https://vigx-admin.sharepoint.com” –>Tenant URL

$site = “https://vigx.sharepoint.com/teams/test “–> Site collection URL

$group = “Test Site Owners2” –>SharePoint Group Name

$level = “Full Control” –> Permission level

Syntax:

New-SPOSiteGroup -Group $group -PermissionLevels $level -Site $site

15.png

Running the above command will create a new SharePoint Group in the targeted site collection and will give the results as shown below.

16.png

8. To create an inventory of all the SharePoint site collections in your Tenant which has the information of the Site Name, URL, Quota, compatibility level and other information etc.… and to export the results to a CSV file:

Syntax:

Get-SPOSite -Detailed | Export-CSV -LiteralPath G:\SiteInventory.csv -NoTypeInformation

17.png

Running this command will generate a CSV file in specified path as shown in the image below.

18.png

 9. To get your SharePoint Online Tenant information

Syntax: Get-SPOTenant

This will give the complete tenant information as shown in the image below.

19.png

  1. To get the list of site templates in your SharePoint Online tenant

Syntax: Get-SPOWebTemplate

Running this command will give the list of site templates in SharePoint Online as shown below

20.png

This concludes part 1 of this article, I’ll be creating part 2 of this article where I’ll be taking you through few more SharePoint Online PowerShell cmdlets that can help us to generate useful reports and also for site administration.

Thanks for reading this post.

Happy SharePointing!!!  

Signing up for Office 365 trial plan:

This is going to be a simple article where I’ll be explaining  how to sign up for a free Office 365 trial plan and make use of its services. As you must be aware, Office 365 gives you a one month free trial version where you can sign in for Office 365 and play around with the services and gain some knowledge on what Office 365 is all about, what are the services it offers and  how to manage users/services etc.…

I’m going to make this post pretty  basic by just discussing the steps involved in signing up for an Office 365 trial version and utilizing the services offered by it. So if you’re someone who is new to Office 365 and would like to understand how to get started with using Office 365 services, then this article would be a good primer article for you guys …..

Alright let’s jump in …

  1. Please go to https://products.office.com as shown in the screenshot below.

1

2. Choose “For business” option, it will take you to a screen as show below. You can also choose “For home” if you would like to explore the features in that plan. I’m going with the business option here as it gives you more features when compared with the home plan.

2

3. Once you’re done clicking “For business” option, it’s going to take you to a screen as shown below. You can notice all the available Office 365 business plans here …If you scroll down it would give you a detailed explanation about what’s included in each plan and the licensing cost. So carefully take a look at the plans before choosing it.

3

4. I’m choosing the “Office 365 Enterprise E5 “free trial plan as you can see in the screenshot below. You need to click on the “Free trial “button if you want to subscribe for a trail version. Also please notice that the free trail plan is valid only for one month.

4.PNG

5. You would be taken to a form as shown in the screenshot below asking for your details. Please fill in the appropriate information and click next. Also please bear in mind that you won’t be able to change your country after you have successfully signed up for Office 365.

5

6. The next screen would be asking your username, password & Company name .Please key in those values and click next

Note: The Company name which you key in here will become a part of your Office 365 tenant url , SharePoint Online sites url , Skype for Business meeting url &  Email addresses of those users who are synced with Office 365.  Also while entering the Company name, please make sure that you’re entering an imaginary name or the name of a domain that you own and not a real company name .It’s strictly not recommended to enter your company name without consulting your IT team .

7

7. Once you’re done entering the values, click next and it’s going to ask you to enter your mobile number just to make sure that you’re not a robot. So enter your mobile number and then key in the verification code which is sent to you as a text.

8

9

8. Once you’re done entering all these details you’re all set now and you will see the below mentioned screen which says that its saving all your details …

109. Please remain patient for few mins until your Office 365 tenant is completely set up, you will get a screen like this as shown in the screenshot below.

11

10 .However , please note that by this time your Office 365 tenant is not yet completely set up .The app launcher is still configuring things for you …so please remain patient for few more minutes . You can click the app launcher and check the status….

You can see the note which says, “Setting up “.

12

11. So finally after few minutes, you can notice the apps getting displayed in the app launcher indicating that your Office 365 tenant is set up successfully.

13

12. You can also take a look at the “service overview” page to check the health status of all the services.

14

13. Please click on the “Admin” option towards your left hand side to access all the services.

admin page

14. This is how the admin center for each service looks like ….

For Exchange

Exchnage admin centre

For SharePoint

SharePoint Admin centre

 

For Skype for Business

Sfb admin centre

15. You can use the “USERS” option towards your left hand side to manage users and their licenses in the Office 365 admin center.

Managing users.PNG

16. To make any changes to a user’s account such as resetting his/her password , edit the user’s details and to assign licenses etc. …please select the user first and then it will give you an option towards your right hand side to do that …(please see below )

User info.png

17. Azure Active Directory is only available for paid customers, so if you’re trying to access it on a trial version you’re likely gonna end up with the error as shown in the screenshot below.

Azure for AD

18. I’ve also created few more articles in my blog about Office 365 Identity management, Office 365 Troubleshooting tools, Useful Office 365 PowerShell commands & Required ports for Office 365 implementation…Please go through the below mentioned links to read them.

Office 365 Identity management

Office 365 Troubleshooting Tools

Useful Office 365 commands

Required ports for Office 365

Thanks for reading this post!!!