In one of my previous post I had demonstrated how to, Download Large Files from SharePoint Online. While the file download is working perfectly fine, but, I was constantly getting the following error while trying to load/access it’s properties,
Value was either too large or too small for an Int32
It’s pretty easy now to get your Office 365 tenant ID. Here, I will demonstrate three ways, by which you can retrieve your tenant ID :-
In this post, I’ll be retrieving a SharePoint site’s TimeZone using CSOM.
var context = SP.ClientContext.get_current(); var timeZone = context.get_web().get_regionalSettings().get_timeZone(); context.load(timeZone); context.executeQueryAsync(successHandler, errorHandler);
using (ClientContext ctx = new ClientContext("siteUrl"))
{
ctx.Credentials = new SharePointOnlineCredentials("userId", secureStringPassword);
Microsoft.SharePoint.Client.TimeZone sharePointTimeZone = ctx.Web.RegionalSettings.TimeZone;
ctx.Load(sharePointTimeZone);
ctx.ExecuteQuery();
}
The output, in both the cases, will be:
Continue reading
This is the first of the 2 series blog. In this, I’ll explain how to do create a read-only Office365 User, directly from the client PowerShell. And then there’s a complete code snippet to achieve the same from a C# Console App in the 2nd part of this blog[Coming soon]. Before delving deep, I would like to highlight the fact, that you’ll NOT be charged for this User a/c by Microsoft. We’ll be barely creating a User, not assigning any license to it.
The entire process can be broadly classified into 4 major steps:
Open Windows PowerShell and enter the cmdlet,
"Connect-MsolService".
A dialogue will pop-up seeking the userId & password.
Provide an administrators credential here. Note, you’ll not be notified for wrong userID or password. In the event of providing wrong credential, the following cmdlets will refuse to run. So, make sure, that the credential is correct.
Once, the authentication is done, we’ll then create a new Office365 user. We’ll be providing basic user details, like FirstName, LastName, LoginID [or, UserPrincipal(compulsory)]. But, we’ll never set the password. The password will be returned back to us, once the user has been created. Another important thing to note here is the password policy we’re enforcing here. First, we’re setting, “ForceChangePassword” to false. This implies that when the User will login for the very first time, he/she will not be prompted to change it. Next, we’re setting “PasswordNeverExpires“, to true which, is pretty much self-explanatory.
Once the User has been created, its basic details like, UserPrincipalName, newly created Password, etc, will be displayed in the Shell. One can also specify their preferred password also by adding, “-Password “Password123” at the end of the above cmdlet.
Note: There can be multiple Users with identical DisplayName but not UserPrincipalName. It has to be unique.
This is simple. We’ll be assigning the “Service Support Administrator” role to this newly created User.
This role group is specific to Exchange. The objective is to assign only view permission to this user. To accomplish this, we’ll execute the cmdlet, “Add-RoleGroupMember“. One problem, this cmdlet is not a part of SharePoint Online Management Shell. So we cannot directly run it. We have to, first, establish a remote connection to the Exchange Server, and temporarily import it’s commands to the local PowerShell session. Only then, we can execute the cmdlet, “Add-RoleGroupMember“. Once the job’s done, we should also remove this session. To know more about this, plz visit the site, http://technet.microsoft.com/en-us/library/dd335083(v=exchg.150).aspx
Since, here, we’ll be executing a series of commands, I have put it all down in a script file. Here’s the content,
Say, we saved the file in D drive, with the name, addExchngViewRole.ps1. So to execute the same, just run from powershell, D:/addExchngViewRole.ps1. A dialog box will be prompted (same as above). Here again, you need to specify the admin’s credential. Once validated, it will import the Exchange commands.
Next, you’ll be asked to provide the PrincipalID or LoginName of the User who will be assigned to the RoleGroup, View-Only Organization Management [in this case, pk@company.onmicrosoft.com]. After that the user will be added to the given group and the current session will be removed from your machine, as per Microsoft’s guideline.
Note: ConnectionUri has been fixed to https://ps.outlook.com/powershell. This is valid for Exchange Online only. If you’re using on-premise, plz replace the url with this one, http:///PowerShell/.
SideLoading of apps is disabled by default on SharePoint sites. So in order to publish our app directly from visual studio, we need to enable this option. However, do remember that Sideloading apps is a developer/test feature not intended for production use.Before proceeding further please make sure that you have already installed the Sharepoint Online Management Shell. Next follow the steps described below:-
* Save the following code to your machine as “EnableSideLoading.ps1“.
$programFiles = [environment]::getfolderpath("programfiles")
add-type -Path $programFiles'\SharePoint Online Management Shell\' + `
'Microsoft.Online.SharePoint.PowerShell\Microsoft.SharePoint.Client.dll'
Write-Host `
'To enable SharePoint app sideLoading, ' + `
'enter Site Url, username and password'
$siteurl = Read-Host 'Site Url'
$username = Read-Host "User Name"
$password = Read-Host -AsSecureString 'Password'
if ($siteurl -eq '') {
$siteurl = 'https://mytenant.sharepoint.com/sites/mysite'
$username = 'me@mytenant.onmicrosoft.com'
$password = ConvertTo-SecureString -String 'mypassword!'`
-AsPlainText -Force
}
$outfilepath = $siteurl -replace ':', '_' -replace '/', '_'
try
{
[Microsoft.SharePoint.Client.ClientContext]$cc = `
New-Object Microsoft.SharePoint.Client.ClientContext($siteurl)
[Microsoft.SharePoint.Client.SharePointOnlineCredentials]$spocreds = `
New-Object `
Microsoft.SharePoint.Client.SharePointOnlineCredentials($username, $password)
$cc.Credentials = $spocreds
$sideLoadingEnabled = `
[Microsoft.SharePoint.Client.appcatalog]::IsAppSideloadingEnabled($cc);
$cc.ExecuteQuery()
if($sideLoadingEnabled.value -eq $false) {
Write-Host -ForegroundColor Yellow `
'SideLoading feature is not enabled on the site:' $siteurl
$site = $cc.Site;
$sideLoadingGuid = `
new-object System.Guid "AE3A1339-61F5-4f8f-81A7-ABD2DA956A7D"
$site.Features.Add($sideLoadingGuid, $false, `
[Microsoft.SharePoint.Client.FeatureDefinitionScope]::None);
$cc.ExecuteQuery();
Write-Host -ForegroundColor Green `
'SideLoading feature enabled on site' $siteurl
}
Else {
Write-Host -ForegroundColor Green `
'SideLoading feature is already enabled on site' $siteurl
}
}
Catch {
Write-Host -ForegroundColor Red `
'Error encountered when trying to enable SideLoading feature' `
$siteurl, ':' $Error[0].ToString();
}
Once your job is done, make sure to disable this option. To do that run the following script from PowerShell just as it has been described above.
$programFiles = [environment]::getfolderpath("programfiles")
add-type -Path $programFiles'\SharePoint Online Management Shell\' + `
Microsoft.Online.SharePoint.PowerShell\Microsoft.SharePoint.Client.dll'
Write-Host 'To disable sideLoading, enter Site Url, username and password'
$siteurl = Read-Host 'Site Url'
$username = Read-Host "User Name"
$password = Read-Host -AsSecureString 'Password'
if ($siteurl -eq '') {
$siteurl = 'https://mytenant.sharepoint.com/sites/mysite'
$username = 'me@mytenant.onmicrosoft.com'
$password = ConvertTo-SecureString -String 'mypassword!' `
-AsPlainText -Force
}
Try {
[Microsoft.SharePoint.Client.ClientContext]$cc = `
New-Object Microsoft.SharePoint.Client.ClientContext($siteurl)
[Microsoft.SharePoint.Client.SharePointOnlineCredentials]$spocreds = `
New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($username, $password)
$cc.Credentials = $spocreds
$site = $cc.Site;
$sideLoadingEnabled = `
[Microsoft.SharePoint.Client.appcatalog]::IsAppSideloadingEnabled($cc);
$cc.ExecuteQuery()
if($sideLoadingEnabled.value -eq $false)
{
Write-Host -ForegroundColor Green `
'SideLoading is alreday disabled on site' $siteurl
}
else
{
Write-Host -ForegroundColor Yellow `
'Disabling SideLoading feature on site' $siteurl
$sideLoadingGuid = `
new-object System.Guid "AE3A1339-61F5-4f8f-81A7-ABD2DA956A7D"
$site.Features.Remove($sideLoadingGuid, $true);
$cc.ExecuteQuery();
Write-Host -ForegroundColor Green `
'SideLoading disabled on site' $siteurl
}
} catch {
Write-Host -ForegroundColor Red `
'Error encountered when trying to disable side loading features' `
$siteurl, ':' $Error[0].ToString();
}
For further details, visit the following site:
http://blogs.msdn.com/b/officeapps/archive/2013/12/10/enable-app-sideloading-in-your-non-developer-site-collection.aspx
get-command | Where-Object { $_.ModuleName -eq "Microsoft.Online.SharePoint.PowerShell" }
A sample list of available cmdlets are displayed in the following screenShot.
This is the error message I received when trying to assign a ListItem (Word Document), Limited Access permission.
To get a grip on this, first take a look at the following table. The table illustrates a list of all the Permission Level in Windows SharePoint Services 3.0
| PERMISSION LEVEL | DESCRIPTION |
| Full Control | This permission level contains all permissions. Assigned to the Site name Owners SharePoint group, by default. This permission level cannot be customized or deleted. |
| Design | Can create lists and document libraries, edit pages and apply themes, borders, and style sheets in the Web site. Not assigned to any SharePoint group, by default. |
| Contribute | Can add, edit, and delete items in existing lists and document libraries. Assigned to the Site name Members SharePoint group, by default. |
| Read | Read-only access to the Web site. Users and SharePoint groups with this permission level can view items and pages, open items, and documents. Assigned to the Site name Visitors SharePoint group, by default. |
| Limited Access | The Limited Access permission level is designed to be combined with fine-grained permissions to give users access to a specific list, document library, item, or document, without giving them access to the entire site. However, to access a list or library, for example, a user must have permission to open the parent Web site and read shared data such as the theme and navigation bars of the Web site. The Limited Access permission level cannot be customized or deleted.
NOTE You cannot assign this permission level to users or SharePoint groups. Instead, Windows SharePoint Services 3.0 automatically assigns this permission level to users and SharePoint groups when you grant them access to an object on your site that requires that they have access to a higher level object on which they do not have permissions. For example, if you grant users access to an item in a list and they do not have access to the list itself, Windows SharePoint Services 3.0 automatically grants them Limited Access on the list, and also the site, if needed. |
Now, I was trying to assign, from C# code, using Client Object Model, various Roles, to a user, like,
As it turns out, this permission level, Limited Access, is for SharePoint’s internal use only. So basically, we don’t have to be bothered about this.
There is a complete article about this on MSDN, http://office.microsoft.com/en-us/windows-sharepoint-services-help/permission-levels-and-permissions-HA010100149.aspx
