SharePoint Online (SPO) is the Microsoft 365 document management system. Its service is consumed by other applications like Teams, OneDrive for Business, and Planner.
On August 21, 2024, news emerged that the PnP PowerShell module will transition from using a multi-tenant Entra ID app to a tenant-specific app. The change is scheduled for September 9, 2024, which doesn’t leave a lot of time available for developers to review, update, and test PowerShell scripts based on PnP PowerShell. Some extra warning would have been nice.
Microsoft announced their plan to charge for unlicensed OneDrive for Business accounts in July. Now we have an unlicensed OneDrive accounts report in the SharePoint Online admin center. The report divides unlicensed OneDrive accounts into four categories and it’s up to Microsoft 365 tenant administrators to figure out whether to retain or remove unlicensed accounts before automatic archival comes into force in January 2025.
In a change designed to reduce the consumption of storage quota, Stream video versions are no longer being generated for non-video updates such as changes to video metadata. Anything that alters the video content, like trimming some seconds from the start or end of a video, will create a new version. It seems like a perfectly reasonable change to make that might help SharePoint storage not be consumed quite so quickly.
Microsoft says they will remove the Remove-SPOExternalUser cmdlet starting July 29. They recommend using Remove-AzureADUser as a replacement. It’s a bad call because that cmdlet is part of a now-retired and soon to be deprecated module. Overall, recommendations like this make you think that Microsoft doesn’t know what’s happening across the whole of Microsoft 365. And you might be right.
A very useful update to support sharing links expiration for all link types used by SharePoint Online and OneDrive for Business is now rolling out and should be available in all Microsoft 365 tenants soon. Until now, expiration dates were only available for anyone links. Many organizations don’t allow anyone links, so enabling the feature for company-wide and specific people links will be much appreciated.
Some folks wonder why they can’t use documents shared with them using company-wide links with Copilot for Microsoft 365. As it turns out, the answer is simple. People must redeem a sharing link before SharePoint validates their access to a shared file. Copilot cannot use a document unless it has access to it. All of which brings up the point if it’s a good idea to use company-wide sharing links.
Our review of the Videos chapter for the Office 365 for IT Pros eBook found a Teams meeting policy setting we hadn’t documented to block downloads for channel meeting recordings. Naturally, this was a disaster, so we spent some time investigating what the policy setting does and if it’s useful in practice. It works, but do you want to block downloads of channel meeting recordings?
Office 365 Connectors bring data from external sources into Microsoft 365 apps like Teams and Outlook. Workflows and Power Automate are replacing Connectors for Microsoft 365 Groups (Outlook groups) and SharePoint Online. Connectors are still available in Teams but for how long? No one knows, but it does seem like Microsoft is rationalizing no-code automation around Power Automate.
Understanding SharePoint Online storage used to be easy. Then applications like Loop arrived. Other influences like retention and archive can affect storage too. It’s a complicated situation before you throw OneDrive for Business into the mix and consider that Microsoft has removed unlimited OneDrive storage while an increasing number of apps store files in OneDrive. It’s a complicated situation.
A recent SharePoint Onlne update enables folder deletion when items are present in a folder. This is probably the way that things should have always worked. Even so, it’s good to have this capability because it helps site users clean out old and obsolete information, something that’s becoming increasingly important in the AI era for Microsoft 365.
On March 27, SharePoint history reached its 23rd year. That’s a great achievement and SharePoint Online powers many apps. But dark clouds are on the horizon as information governance becomes a real issue for Microsoft 365 tenants. Too much information that is never cleared out is held in SharePoint, a fact revealed by the ability of Copilot to find and consume documents.
Microsoft’s support for SharePoint Online PowerShell has degraded over the last few years. Pnp.PowerShell is now the best option as not much is happening in the official SharePoint Online management module or the tenant settings Graph API. the lack of progress is a pity, but perhaps it’s also true that community-driven projects sometimes deliver better results.
Restricted SharePoint Search is an answer for customers who don’t like the idea of Copilot for Microsoft 365 being able to find documents in any site the signed-in user has access to. A curated list of 100 sites will be avialable to Copilot along with user data in OneDrive and files that have been shared with or worked on by a user. Will this scheme allow tenants to deploy Copilot while they sort out site permissions? Time will tell, starting in April 2024.
A longstanding problem (SP676147) open since September 2023 causes problems retrieving important SharePoint usage data like site URLs and user activity data. The problem shows up in the usage reports section of the Microsoft 365 admin center and affects any attempt to fetch SharePoint usage data via Graph API requests. It’s odd that the problem has lasted so long.
Document mismatch notifications tell users when they apply a higher-priority sensitivity label to documents than applied to the site. Some organizations don’t like these messages because they think the notifications confuse recipients. In this article, we discuss how to use a mail flow rule to redirect the messages to an address who can help people understand how to use sensitivity labels.
This article explains how I use custom document properties with SharePoint Online to track the topics covered by blog articles that I write. The custom document properties allow me to track where and when articles appear and the technology areas covered in their text. It’s a very easy update that can be applied in many situations where SharePoint is used to store documents.
The Sensitive by Default control allows tenants to prevent external access to newly uploaded documents until DLP processing checks their content. The idea is to close off the opportunity external users have to access control between its upload and DLP scanning of the content. You can combine the sensitive by default control with sensitivity labels to exert maximum control over confidential material.
Cloudy attachments are links to files sent in messages. An auto-label policy can capture copies of cloudy attachments and make them available for eDiscovery. Sounds good, but you need Office 365 E5 or above licenses to use an auto-label policy and Purview eDiscovery (premium). Even so, it’s a nice example of applying technology to solve a problem, even if it does use up some valuable SharePoint Online storage quota.
SharePoint Embedded is a new Microsoft offering for application developers. The big upside is that apps can take advantage of the Microsoft 365 ecosystem. Cost is the potential downside. Microsoft will charge using a pay-as-you-go model, but estimating the likely cost could be difficult until more experience about how apps use SharePoint Embedded emerges.
When Microsoft put the Loop app into preview, they didn’t impose any restrictions in terms of licensing or workspace storage. MC678308 announces that Loop workspace storage will count against the tenant SharePoint Online storage quota. This article explains how to use the Get-SPOContainer cmdlet to fetch information about Loop workspaces and the storage they consume.
Loop components have been available for Teams chat for nearly two years. Now they’re coming to channel conversations. The loop files generated for the components are stored in the channel folder of the SharePoint Online site belonging to the team. Once posted, every channel member can edit the Loop component.
An article last week discussed how to create SharePoint lists with the PnP.PowerShell module. In this article, we do the same with cmdlets from the Microsoft Graph PowerShell SDK. The results achieved with the Graph SDK aren’t as good as those gained with PnP.PowerShell. Some of the SDK cmdlets don’t function as expected and the resulting list is not as functional as the one generated by PnP. Oh well…
This article explains how to create SharePoint lists using cmdlets from the PnP.PowerShell module. The original data comes from a script to create a Teams Directory in HTML and CSV format files. The CSV data is imported into SharePoint to populate a list in a communications site. Everything works very smoothly, which begs the question why this kind of import isn’t done more often. Perhaps it’s because people don’t know that it’s possible. They do now.
It’s possible to use PowerShell to create a report detailing the SharePoint Online site URLs used with Teams. My first attempt used the Exchange Online module, but is the Graph any faster? As it turns out, not really. At least, not for interactive sessions using the Microsoft Graph PowerShell SDK (things are different when running SDK code using a registered app). I tried several approaches, but Graph permissions got in the way every time.
For whatever reason, SharePoint Online doesn’t allow administrators to control the settings of document libraries. In particular, default sensitivity labels. It seems crazy that other Microsoft 365 workloads allow administrators to manage the settings of things like mailboxes, groups, plans, and teams, but SharePoint Online holds steadfast to not allowing administrators go deeper than a site. It would be nice to see consistency around administrator access across all workloads.
The SharePoint News in Outlook feature allows users to email news items to recipients within the same tenant. It’s like the Teams Share to Outlook feature and is just about as exciting. Some new templates allows users to post and email news items by displaying a screen to collect email properties. Interestingly, the feature supports multi-tenant organizations, but I suspect that this is an error.
A new setting for SharePoint Online sites turns them into “restricted sites,” meaning that only site members noted in assigned groups can access site content. I thought that’s the way sites connected to Microsoft 365 groups work, but this is the “to be sure, to be sure” lockdown features. You can also restrict sites that aren’t connected to Microsoft 365 Groups. Add some sensitivity labels and the block download policy, and sites can be pretty secure.
For years, I have scanned the audit log to find FileDeleted events to report deletions of SharePoint and OneDrive documents. Now, FileRecycled audit events are used instead. This wouldn’t be a problem if Microsoft had told customers, but not a trace can be found to let organizations know that the audit data they use for compliance operations has changed. I don’t know if this is the only activity name change, but given that one update has happened (and for a relatively important audit event), it’s likely that others lurk in the undergrowth.
Microsoft 365 apps now boast a simplified sharing experience. In other words, Microsoft has overhauled and revamped the dialogs used to create and manage sharing links. This is the first real change in the area since 2020-21. It’s a good time to make sharing easier for people because the introduction of Microsoft 365 Copilot means that overshared files and folders will be exposed.
On July 31, Microsoft announced that Clipchamp for Work will roll out to targeted release Microsoft 365 commercial tenants in the next few weeks. Although it’s good that Microsoft 365 tenants will get a very capable video editor, the goodness of the announcement is reduced by the fact that Microsoft is not making Clipchamp for Work available for Office 365 enterprise SKUs. That seems like a great pity, but it’s all part of Microsoft’s plan to nudge customers toward Microsoft 365.
At the Inspire conference, Microsoft briefed their partners about the Microsoft 365 Backup and Microsoft 365 Archive products they plan to launch at some time in the future. Microsoft’s biggest advantage is their access to data and the speed at which they can process the information. Whether this gets people past the “all digital eggs in the Microsoft basket” issue remains to be seen.
Sensitivity Label PDF support is now available in SharePoint Online and OneDrive for Business. In effect, this means that SharePoint can protect and process PDFs in the same way as it handles Office documents. Given the widespread use of PDFs in many organizations, this is an important step forward for those wishing to protect their most sensitive information.
SharePoint Online makes extensive use of file versioning. Coming in November 2023, we will see SharePoint Intelligent Versioning based on usage and the probability that a version will be needed for a restore. The new intelligent mechanism will replace the current method of setting a fixed version count for document libraries. Sites that need fixed version counts can continue, but SharePoint intelligent versioning should become the default when the feature reaches general availability in early 2024.
The SharePoint Preservation Hold Library is where files needed for retention or hold purposes are stored. In the past, the library stored separate copies of each version of a retained file. Now it stores files complete with the entire version history, which is more intelligent and means that SharePoint consumes less storage for retention.
The need to find SharePoint documents with sensitivity labels might arise during a tenant divestiture to decrypt the documents before the split. As it turns out, searches against the SharePoint InformationProtectionLabelId property is a good way to find the files. After that, the need arises to decrypt the documents, which is where Microsoft Purview eDiscovery (premium) might come in handy.
Microsoft 365 tenants have long been able to define file type exclusions for the OneDrive for Business sync client through the SharePoint Online admin center, PowerShell, or GPO. A change in the client now exposes the excluded file types to user view for the first time. Meantime, the OneDrive Personal client also gains support for file type exclusions.
Although SharePoint Online doesn’t support the allocation of OneDrive storage quotas via group membership, this is an easy solution to code with PowerShell. In this article, we discuss the steps needed to use groups to set a desired storage allocation for group members and how to apply those allocations to OneDrive for Business accounts. If you don’t want to use groups, Azure AD administrative units or even Exchange Online dynamic distribution lists would work too.
When Microsoft released the preview of the Loop app, we figured out that Loop uses a special form of SharePoint Online to store its workspaces and pages. Now we know that Loop uses Syntex Repository Services (SharePoint Embedded), a new offering that allows apps to create storage partitions within SharePoint Online and use those repositories to store the files needed by the app. It’s still early days for both the Loop app and Syntex Repository Services (in private preview) and many operational details need to be explored, but the new offering is an interesting choice for app developers when it comes to deciding where to store their data.
SharePoint Online now supports the Request Files feature to allow users to create links for external people to upload files to a folder in a document library. It’s a feature that will appeal to some organizations and horrify others who see the ability for external people to upload files to SharePoint Online as just another avenue for attack. The feature depends on the tenant allowing Anyone links, which are blocked by many organizations.
SharePoint Online has a new block download file policy that stops users from downloading Teams meeting recordings. The policy applies to all sites and OneDrive for Business accounts in the tenant and is due to be part of the feature set covered by the Syntex-SharePoint Advanced Management license.