SharePoint PowerShell Quick Guide

If you manage an online SharePoint tenant you will run into a lot of situations where PowerShell will be the surest way to accomplish your tasks.

Permanently deleting a site via PowerShell
Remove-SPOSite -Identity https://site.sharepoint.com

Managing Hub Sites
  • 2,000 hub sites per tenant
  • A modern SharePoint site can be promoted to a Hub site
  • As a team site
  • As a communications site
  • Global navigation added automatically
  • Configure who is allowed to add sites to the hub
  • Can also configure an approval workflow
  • Hub site can be registered in the admin center
  • Admins can choose who can associate sites with hub - Users, Security Groups, Office 365 Groups
  • Hub site can be registed with PowerShell (to make it a hub site)
    • Register-SPOHubSite -Site https://site.sharepoint.com/sites/hubsite -Principals $null

To associate other sites to a hub
Unregistering a hubsite disconnects it from the hub
Unregister-SPOHubSite
    -Identity https://sites.sharepoint.com/sites/an-existing-associated-site

In the admin center you can go to Active sites and select one site and register as hub site, or associate with a hub.  Unregistering a site as a hub site will disassociate all associated sites with it.

Managing Hub Navigation
  • To do global navigation you have to join sites to the hub
  • Navigation management is manual (cannot connect to managed metadata navigation)
  • Hub navigation is separate from site navigation
This PowerShell cmdlet will add Research with the following URL to the top navigation bar:
Add-PnPNavigationNode
    -Location TopNavigationBar
    -Title "Research"
    -Url https://site.sharepoint.com/sites/site
When doing PowerShell the page cache isn't refreshed, and the navigation is cached.  But if you Edit the menu in the hub site you'll see the change.

Managing Permissions
There are 4 site permission levels
  • Site administrators
  • Site owners
  • Site members (edit permissions on the site)
  • Site visitors - read-only
Who can assign what?
  • Primary/secondary administrators can be assigned in SPO admin center
  • Other site administrators can be assigned by primary/secondary admins
  • Site owners can be assigned by site administrators
  • Site members can be assigned by other site members
  • Site visitors can be assigned site members or higher
Adding site owners and site collection admins using PowerShell:
Set-SPOSite
    -Identity https://site.sharepoint.com/sites/thehub
    -Owner jack@smith.com
Set-SPOUser
    -Site https://site.sharepoint.com/sites/thehub
    -LoginName jack@smith.com
    -IsSiteCollectionAdmin $True

Intro to modern SharePoint info architecture
  • No subsites anymore
  • Modern SharePoint template
  • Managing Hub Sites
  • Managing Navigation
  • Managing Permissions
Configuring External Sharing
  • At the tenant level
  • At the site collection level
Types of external users
  • Authenticated external users (prove you own an email address)
  • Anonymous users - anyone via a link (only to specific documents or folders in libraries)
Types of links
  • Anyone| - a link that will work anytime by anyone if transferred, can be revoked/cancelled
  • People in my organization - a link that will work anytime by people only in our organization (IP restricted?)
  • Specific people 
    • A link that's non-transferable, won't work if forwarded
    • Access can be revoked anytime
  • Cannot be shared with anyone other than the specific person (emailed code confirmation)
  • A link that's non-transferable, won't work if forwarded
  • Access can be revoked anytime
  • Cannot be shared with anyone other than the specific person (emailed code confirmation)
  • A link that's non-transferable, won't work if forwarded
  • Access can be revoked anytime
  • Cannot be shared with anyone other than the specific person (emailed code confirmation)
External user licensing
  • No cost inviting external users in O365 to collab on docs
  • Users can read/create/update/delete docs using office online
  • Users cannot get the offline desktop client for free (you must assign them a license)
Sharing docs externally 
  • Copy link - creates a link, permissions are shown below (i.e. Anyone with the link can view)
  • Can set expiry date - how long a link is valid
  • Can set a password when sharing
  • Can block download of a file (viewable only in a browser)
  • Can create a Microsoft account with any email address to share documents with
In the demo, an external user got access to a SharePoint Online site using his/her Gmail account by creating a Microsoft account using that Gmail address.

Where can we control settings - external sharing
  • Tenant level
  • Site collection level - more restrictive

Types of sharing controls
  • Internal only
  • External authenticated
  • Existing external users
  • Anonymous
  • Limit external by domain
  • Can specify a group of people that can share externally
  • More settings exist
Anonymous access links expiration & permissions
  • Maximum length until anonymous link expires - 7 days
  • Set max permissions for anonymous links
    • Files - View, view and edit
    • Folders - View, edit, and upload
Who can share outside your organization
  • You can set which users can share externally at two levels
  • Only users in selected security groups share with authenticated external users
  • Only users in selected security groups share with authenticated external users and using anonymous links
You can plan governance / training before users are allowed to share.
There are lots of checks that can be implemented to abide by standards.

Default link type
  • Type of link that is created by default when users get a link
  • Can limit external sharing by domains (known partners)
  • Block specific domains (all allowed except the ones on a list) although "Anyone" links will still be accessible
  • Additional settings
    • Prevent external users from sharing items they don't own
    • External users must accept invitations using the same account that invitations were sent to
    • Continue recipients to continually prove account ownership when they access items
    • Customized external sharing policy URL - users trying to share but aren't allowed to
Notifications
SharePoint can add email address to BCC on all notifications like sharing notifications.

Admin center > Policies > Sharing
  • External sharing section
  • This section is the overall policy that dictates how permissive your SharePoint and OneDrive sharing can be
  • SharePoint sharing permissions will need to be more permissive than OneDrive
Advanced settings
  • Allow specific domains list
  • Block specific domains list (one or the other)
  • Guests must sign in using the same account to which sharing invitations are sent - setting is not enabled by default (but should be)
  • Allow guests to share items they don't own - should stay disabled.

Other popular notes

Popular posts from this blog

Installing Git on Windows

At the GNU General Public License, hit Next Select Destination Location C:\Program Files\Git Select Components Checked Associate .git* configuration files with the default text editor Associate .sh files to be run with Bash (NEW!) Scalar (Git add-on to manage large-scale repositories) Select Start Menu Folder Git Choosing the default editor used by Git Use Notepad as Git's default editor Adjusting the name of the initial branch in new repositories Override the default branch name for new repositories main Adjusting your PATH environment Git from the command line and also from 3rd-party software Choosing the SSH executable Use bundled OpenSSH Choosing HTTPS transport backend Use the native Windows Secure Channel library Configuring the line ending conversions Checkout Windows-style, commit Unix-style line endings Configuring the terminal emulator to use with Git Bash Use Windows' default console window Choose the default behavior of 'git pull' Fast-forward or merge - thi...
Read more

SharePoint Online Wiki Sites

This quick reference article goes over how to create a simple wiki knowledge base site on SharePoint Online. Create a brand new site It's best if you are a SharePoint Online admin. Which template to use? Communication site or team site? Use the team site without the Teams space, this requires the SharePoint Admin role Metadata Add columns in grid view Pin columns to filters pane (so you can filter on them quickly) Once you apply a filter, you can save the view as a new view (Save the view as). For example, if you want to create a new web part with most recently created articles, you can create a new view Create a front-page view, i.e. Recent Changes, and limit to about 10, make the window height flexible to as big as it gets Audience targeting It's possible to set audience targeting on quick links and left-hand side navigation Edit the web part on the page, and select Enable audience targeting on the web part itself, i.e. quick links web part Edit the quick link, and select the...
Read more