Register for Semperis' Hybrid Identity Protection (HIP) Conference - June 30 - July 1 Register for Semperis' Hybrid Identity Protection (HIP) Conference - June 30 - July 1
PowerShell|SharePoint

PowerShell for SharePoint Online Usage Scenarios

PowerShell is not only a powerful tool to administer and manage a SharePoint Online (SPO) tenant but also for common activities as an Office 365 Administrator or an SPO. In this article, I will cover some of the most common PowerShell for SharePoint Online usage scenarios as described in Figure 1.

 

 

Figure 1– Common PowerShell for SPO Usage Scenarios.

Service Configuration and Administration Scenarios

Under these scenarios, we have any action that implies to apply specific SPO settings available through SPO PowerShell cmdlets and/or SPO APIs. Some examples of typical operations that fall under these scenarios are the following ones:

  • While it’s true that OneDrive for Business (ODFB) and SPO provides support for hashtag and percent symbols in files names and folder names, you need to explicitly enable in your tenants by using PowerShell. Note that there is not a way to enable the support for these characters in the SPO Administration UI. To enable the support for these symbols in ODF and SPO, you must use Set-SPOTenant cmdlet as follows:

Set-SPOTenant -SpecialCharactersStateInFileFolderNames Allowed
$O365SPOTenant=Get-SPOTenant
$O365SPOTenant.SpecialCharactersStateInFileFolderNames

  • Configuring sharing capability at the tenant or site collection level is very important when we want to share an Office 365 Group site with external users without adding them as a guest in the Group. To enable external users sharing in an Office 365 Group site, we only need to use Set-SPOSite cmdlet as detailed below:

$sO365GroupSite="https://<Your_Group_Site_Url>"
Set-SPOSite -Identity $sO365GroupSite -SharingCapability ExternalUserSharingOnly

Auditing Operations and Reporting scenarios

On the one hand, Auditing Operations scenario is intended to provide information about what is happening at any logical containers in an SPO tenant (Site Collections, Sites, Lists, Document Libraries, etc) in regards to common operations, such as creating or updating content, making updates in SPO security model and so on. On the other hand, reporting generation scenario is about activities taking place in SPO that are also covered in this PowerShell usage scenario. Some good examples of these scenarios:

  • Get information about the SPO tenant logical and information architecture in terms deployed Site Collections, Sites, Lists and document libraries.
  • Get detailed information about security settings at different levels (Site Collections, Sites, Lists and document libraries, list elements and documents) such as:
    • SharePoint security groups in use
    • Users/Group members of each SharePoint security group

 

 

For instance, if you are asked to provide a report with all the members of each SharePoint Security Group configured on an SPO site, you only need to execute the following PowerShell script that uses SPO Get-SPOSiteGroup and Get-SPOUser cmdlets:

$spoSharePointGroups=Get-SPOSiteGroup -Site $sSiteUrl
foreach($spoSharePointGroup in $spoSharePointGroups){ 
Write-Host "Users in " $spoSharePointGroup.Title ":"
$spoUsers=Get-SPOUser -Site $sSiteUrl -Group $spoSharePointGroup.Title
Write-Host “ -> “ $spoUsers.LoginName
Write-Host “--------------------------------“ -ForegroundColor Green
}

  • Get detailed information about a SPO tenant:
    • Storage used in each site collection in the tenant
    • Changes happening in the tenant

For instance, to query the Office 365 audit log and get information about file activities happening in all the sites in the tenant simply execute the following PowerShell script:

$PSSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $Cred -Authentication Basic -AllowRedirection
Import-PSSession $PSSession
Search-UnifiedAuditLog -StartDate 12/1/2017 -EndDate 12/7/2017 -RecordType SharePointFileOperation -Operations FileAccessed -SessionId "Docs_SharepointViews"-SessionCommand ReturnNextPreviewPage

SPO Solutions Deployment Scenario

PowerShell is a common vehicle to deploy solutions on top of SPO that also includes any kind of customization to new or existing SPO Sites. Under this scenario, we can find a wide range of possibilities:

  • Apply a common look and feel (for instance a theme) to all the sites defined under a specific site collection.
  • Provision the full information architecture required for an SPO solution being developed: Site Collections, Sites, Site Columns, Content Types, etc.
  • Deploy Apps or WebParts to new or existing SPO Sites.
  • Configure security model for the solution (SharePoint security groups, permissions level, permissions inheritance mechanism, etc).

As an example, you can create a new SPO list in an SPO site using the following PowerShell script that makes use of the client-side object model (CSOM) SPO API:

#Adding the Client OM Assemblies 
$sCSOMRuntimePath=$sCSOMPath + "\Microsoft.SharePoint.Client.Runtime.dll" 
$sCSOMPath=$sCSOMPath + "\Microsoft.SharePoint.Client.dll" 
Add-Type -Path $sCSOMPath 
Add-Type -Path $sCSOMRuntimePath 
#SPO Client Object Model Context
$spoCtx = New-Object Microsoft.SharePoint.Client.ClientContext($sSiteUrl)
$spoCredentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($sUserName, $sPassword) 
$spoCtx.Credentials = $spoCredentials 
#Creating the List
$spoWeb=$spoCtx.Web
$spoListCreationInformation=New-Object Microsoft.SharePoint.Client.ListCreationInformation
$spoListCreationInformation.Title=$sListName
$spoListCreationInformation.TemplateType=[int][Microsoft.SharePoint.Client.ListTemplatetype]::GenericList
$spoList=$spoWeb.Lists.Add($spoListCreationInformation)
$spoList.Description=$sListDescription
$spoCtx.ExecuteQuery()
$spoCtx.Dispose()

 

Information Loading and Migration scenarios

Finally, last scenarios cover situations where it’s required either to upload data to SPO sites or to move/migrate information to SPO sites. Make note that this information could come from another SPO Site or event SPO tenant, from a SharePoint OnPremises farm or even from a corporate file server. Some examples of situations that are under these scenarios are the following:

  • Move documents from Local File Systems, Other Cloud Storage Services (DropBox, Box, GDrive), SharePoint On-Premises to SPO, and OneDrive For Business.
  • Load information in SPO coming from different information sources (Local files, SQL Database, non-SQL database, etc).

For instance, the following PowerShell script allows to upload information from a CSV file to an SPO list using SPO CSOM API:

$spoCtx = New-Object Microsoft.SharePoint.Client.ClientContext($sSiteUrl)
$spoCredentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($sUserName, $sPassword) 
$spoCtx.Credentials = $spoCredentials 
#Adding Data to an existing list
$spoList = $spoCtx.Web.Lists.GetByTitle($sListName)
$spoCtx.Load($spoList)
foreach ($sItem in $tblItems) {
Write-Host "Adding " $sItem.SPOListItem " to $sListName"
$spoListItemCreationInformation = New-Object Microsoft.SharePoint.Client.ListItemCreationInformation
$spoListItem=$spoList.AddItem($spoListItemCreationInformation)
$spoListItem["Title"]=$sItem.SPOListItem.ToString()
$spoListItem.Update()
$spoCtx.ExecuteQuery() 
} 
$spoCtx.Dispose()

 

 

Conclusions

PowerShell for SPO is a tool not only for platform administration and configuration tasks but also for doing many other common activities as an SPO Administrator (or an Office 365 one) can require: Auditing Operations, Reporting, SPO Solutions Deployment, Data Loading, and Migration.

Related Topics:

BECOME A PETRI MEMBER:

Don't have a login but want to join the conversation? Sign up for a Petri Account

Register
Comments (0)

Leave a Reply

Register for the Hybrid Identity Protection (HIP) Europe Conference!

Hybrid Identity Protection (HIP) Europe 2021 - Virtual Conference

Mobile workforces, cloud applications, and digitalization are changing every aspect of the modern enterprise. And with radical transformation come new business risks. Hybrid Identity Protection (HIP) is the premier educational forum for identity-centric practitioners. At the inaugural HIP Europe, join your local IAM experts and Microsoft MVPs to learn all the latest from the Hybrid Identity world.