Speed of Technology podcast – SharePoint and OneDrive

Yesterday,   Jay Leask and I published our latest episode of the OnTheSPoT – The Speed of Technology podcast where we talk Microsoft collaboration systems, specifically SharePoint and OneDrive. To oversimplify, it’s our thoughts inspired by the recently released Document Circle of Life in Office 365, the two ultimately agree that SharePoint is for co-authoring and publishing, while OneDrive is for individuals working on individual content — but there’s always more to it than any simplification can properly document.

Visit the OnTheSPoT – The Speed of Technology podcast to for a complete transcript, to subscribe, or listen to past episodes.

Hope you enjoy!

Craig

SharePoint Online Management Shell – Root Certificate is Not Trusted by the Trust Provider

Today I had a co-worker reach out with an error he was getting when trying to run a PowerShell script in the SharePoint Online Management Shell:  Certificate is Not Trusted by the Trust Provider…

SPO_Managment_Shell

Researching the issue led him to some suggestions about installing trusting certificates and that was something  he wanted to do if he could avoid it.

This seemed similar to an error I have been running into lately when trying to run scripted OneDrive migrations.  My error was also about not trusted or digitally signed scrips.  The digitally signed part lead me to the Microsoft documentation on the PowerShell command-let Set-ExecutionPolicy:

The Set-ExecutionPolicy cmdlet changes the user preference for the PowerShell execution policy.

The execution policy is part of the security strategy of PowerShell. It determines whether you can load configuration files (including your PowerShell profile) and run scripts, and it determines which scripts, if any, must be digitally signed before they will run.

I only wanted to run my script once without changing machine setting, and I didn’t want it to be blocked so I ran the below line of code first:

Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass

-ExecutionPolicy (required parameter)

Specifies the new execution policy. The acceptable values for this parameter are:

  • Restricted. Does not load configuration files or run scripts. Restricted is the default execution policy.
  • AllSigned. Requires that all scripts and configuration files be signed by a trusted publisher, including scripts that you write on the local computer.
  • RemoteSigned. Requires that all scripts and configuration files downloaded from the Internet be signed by a trusted publisher.
  • Unrestricted. Loads all configuration files and runs all scripts. If you run an unsigned script that was downloaded from the Internet, you are prompted for permission before it runs.
  • Bypass. Nothing is blocked and there are no warnings or prompts.
  • Undefined. Removes the currently assigned execution policy from the current scope. This parameter will not remove an execution policy that is set in a Group Policy scope.
-Scope (optional parameter)

Specifies the scope of the execution policy. The default is LocalMachine. The acceptable values for this parameter are:

  • Process: The execution policy affects only the current PowerShell process.
  • CurrentUser: The execution policy affects only the current user.
  • LocalMachine: The execution policy affects all users of the computer.

You can change -Scope Process to -Scope LocalMachine in an administrator session and it should hold for future sessions.

Both my co-worker and I were able to run our scripts after that.

Hope this helps!

Craig

How to do a tenant-to-tenant OneDrive for Business batch migration using Sharegate and PowerShell

I have been working on a few OneDrive for Business migrations.  The most recent one is a tenant-to-tenant migration.  The client had bought Sharegate, so that is the tool we were going to use to do the migration.

One of the challenges with OneDrive for Business migrations is that each user’s OneDrive is its own site collection.  That means each site source site has to be mapped to each destination site.  Using the user interface is rather tedious and time consuming.  Fortunately Sharegate has a PowerShell module attached to it that allows you to run a PowerShell script that references a .csv file with the mappings already paired up.

I was able to reference Sharegate’s Powershell documentation: https://support.share-gate.com/hc/en-us/categories/204661007-PowerShell to create the necessary script and .csv file to run a batch migration:

Step 1: Create a .csv file with the URL mappings.

OneDrive_Migration_csvfile

Step 2:  Write your tenant to tenant migration script.

#################
#CSV file with columns titled Name, SourceURL and DestinationURL:
$csvFile = "C:\OneDriveMigrations\TenantOneDriveMigration.csv"

#load the CSV file into a table
$table = Import-Csv $csvFile -Delimiter ","

#Convert your password to a SecureString
$mysrcpassword = ConvertTo-SecureString "********" -AsPlainText -Force
$mydstpassword = ConvertTo-SecureString "********" -AsPlainText -Force

$total++
#Cycle through each row
foreach ($row in $table)
{


#Set variables to blank incase a connection to one site fails, the site from the last loop isn't used.
$srcSite=''
$srcList=''
$dstSite=''
$dstList=''
$total++

Write-Host “”
Write-Host “************************************************************”
Write-Host “”

#connect to the destination OneDrive URL
$srcSite = Connect-Site -Url $row.SourceURL -UserName O365_Admin@source.onmicrosoft.com -Password $mysrcpassword
Write-Host “Connected to source site: ” $srcSite.Title

#select destination document library, named Documents by default in OneDrive
$srcList = Get-List -Name Documents -Site $srcSite

#connect to the destination OneDrive URL
$dstSite = Connect-Site -Url $row.DestinationURL -UserName O365_Admin@destination.onmicrosoft.com -Password $mydstpassword
Write-Host “Connected to destination site: ” $dstSite.Title

#select destination document library, named Documents by default in OneDrive
$dstList = Get-List -Name Documents -Site $dstSite

#Uncomment below code if running incremental migration
#$copysettings = New-CopySettings -OnContentItemExists IncrementalUpdate
Write-Host $total “- Attempting Migration: ” $row.Name

#Copy the content from your source URL Documents in OneDrive to the Destination document library
if($srcSite -ne “” -and $dstSite -ne ”){
$result = Copy-Content -SourceList $srcList -DestinationList $dstList -InsaneMode # -copysettings $copysettings
Write-Host “Migration completed”

#setName for logfile
$fileName = $row.Name

#Export a report for each OneDrive migration
#Any folder specified in the path has to exist before running the script
Export-Report $result -Path C:\MyReports\$fileName
}
else {
Write-Host “Migration could not be completed”
$total–
$failed++
}
Write-Host “”
Write-Host “************************************************************”
Write-Host “”
}

Write-Host $total “Migrations Attempeted”
Write-Host ($total-$failed) “Migrations Completed”
Write-Host $failed “Migrations Failed”

################

Step 3: Open Sharegate and click on the PowerShell module:

ShareGate_PowerShell

Step 4: Run your script:

runPowerShell

You should see something like this at the completion of the run:

afterPowerShellRun

Then you can review the reports and have the user’s verify their content has been moved.

Hope this helps!

Craig

Groups and Teams

Why is Office 365 Group missing from Add a group in O365 Admin center?

Last week I wrote a post about Office 365 admin center missing from New Group and how you can get around it by creating a SharePoint site, I thought it was because the general availability to create a group had been turned off:  Creating an Office 365 Group with Team Site when Create O365 Groups is Disabled I have since update that post and while that is partly right, I figured out a simpler reason.   As a consultant, when I request Global Admin rights to a tenant, often I am given an account with Global Admin rights, but as an Unlicensed user.  If I use that user to go into Office 365 Admin -> Groups -> New Groups I see the below:

newgroup

What, no Office 365 group choice???

Also you can’t create a Microsoft Teams since there is no configuration setting in Office 365 to provision Teams, so you only have the option of creating it in the Exchange admin center or the SharePoint admin center as referenced in the post above.

But when I add a licence, such as E3, to the Global Admin account, I see below:

Office 365- Groups

And there is my Office 365 Group!!!

And now I also get access to Teams, so I can create my Team there as well.

Microsoft Teams

The nice think about creating it there is that it automatically creates the Office 365 group and SharePoint site behind the scenes.

Hope this helps!

Craig

Creating an Office 365 Group with Team Site when Create O365 Groups is Disabled

Here is an interesting scenario I ran into this week.  I was asked to do a tenant to tenant migration of some Office 365 Groups.  No big deal, just create new groups with the same name in the destination tenant and use a third party tool to move the content. <– Yes I said content, at this time you can’t move conversations.

So I go into the Office 365 Admin Center -> Group and click Add a group…

newgroup

Unfortunately Office 365 Group is not available.  So I got to check the Azure AD general settings for Groups and see Office 365 Group creation is set to No.

*** Update 07/23/2018*** This was partially caused by the Global Admin was set to an unlicensed user.

Microsoft Azure

I then find out that the company has a group policy that only members of the Office 365 Creators security group can create Office 365 groups.  I get added to that, but I still have a problem, it doesn’t add the option of Office 365 Group back to New Group page in the Office 365 admin center.  You can only add a new Office 365 group through the Exchange Admin center.   What’s the problem with that? It doesn’t create the SharePoint site on the back-end, so you can’t migrate your data.

I was stuck for a bit, because I didn’t want to enable Office 365 Group creation in Azure and when I went to the SharePoint admin center, it didn’t look like I could create one there, but it turns out you kind of can…  Not in the old admin center, but Microsoft has released the preview of the admin center.

Oldl Manage site collections

I clicked on Try the preview, went to Sites -> Site management and their is the option to Create site.

SharePoint Admin Center Preview

I clicked Create site and I get a pop up that asks me the type of site I want.  The first option is exactly what I am looking for… Team site connected to Office 365 group.

create Team site with Office 365 Group

I click on Team site and from there you just follow the wizard and you will end up with a SharePoint Team site connected to an Office 365 Group.  🙂

create Team site connected to Office 365 Group

Hope this helps you out!

Craig

4 Reasons Companies Move to Office 365

I have worked with several clients who are moving their data from on-premises to Office 365.  This usually leads to the conversation about how they want to use and the platform, security settings, and how employees will be sharing the data.  I like to start the conversation covering  4 main reasons companies move to the Office 365:

1.  Access any time, any where, any device

 

anytime

One of the main reasons company’s want to move to Office 365 is to access the files they need, when they need them. They don’t want to have to go into the office or remote desktop into the network so they can access files stored in their personal folders or in SharePoint.  This is especially common for employees who work from home, sales people, project manager, basically anyone who works remotely.

It is important assess how the client plans to access access and use Office 365, especially when talking about mobile access:

  • Are they reviewing documents?
  • Do they need to edit documents?
  • Will they be sharing documents?
  • How sensitive is the information they will be accessing?
  • What types of devises will they be using?

How clients answer these questions will help to determine how Office 365 should be configured.

2. Collaboration

Collaboration

One of the biggest benefits of moving to Office 365 is the ability to collaborate in so many ways: OneDrive, SharePoint Online, Planner, Teams, Yammer, and Skype.  I always ask what is the plan for OneDrive?  Will your users be sharing documents internally or is there a need for external sharing?  What will they be sharing? Documents they want to work on collaboratively, or documents they may want someone else to just view?

Typically best practice, and what I recommend is to consider OneDrive the “Me” folder.  It is for documents meant for me.  My personal stuff, documents that I want to keep, rough drafts, things to be shared only to a small number of people.

I consider Teams the “We” folder, things that we are going to work on as a “team”.  We will be making edits and providing feedback and using all the tools of Teams to work collaboratively together.

SharePoint Online is the “Everyone” folder.  This is for thing we want to publish for other to consume.  It is your intranet to the company where you share templates, policies, keep records, etc.

3.  Security

security

Some companies what to make the move for Security reasons.  They are looking for more security and a better way to manage their data.  Office 365 tremendous security options that it hard to match such as 24/7 monitoring, a secured platform backed by one of the most respected companies in IT that is constantly being updated, a Security & Compliance center that can help a company apply its own labels to data, set up alerts, configure data loss prevention rules, and the ability to review logs and run reports on the system.  With Office 365 it is much easier to keep your data secure than trying to plug holes in your own data centers.

4. Moving Infrastructure to the Cloud

Infrastructure

Another big reason for moving to Office 365 is that companies want to get out of the infrastructure business.   Managing hardware, licenses, and other resources is hard.  Moving to a service like O365 allow the customer to make sure they are always running on the latest hardware, getting the most update features and options, and take the responsibility of maintaining the hardware and the resources to maintain them out of their hands and puts it into Microsoft.

Once you determine a company’s main drivers for making the move to Office 365, you can than work with them to develop strategies for getting them there and set up an environment that is configured to their specific needs.

3 Hidden Costs of Going to the Cloud

It seems like everyone one is going to the Cloud these days.  It makes a lot of sense for a lot of reasons:

  • Shifts the costs of running your own data center and having to maintain hardware
  • More secure – best of the best are running and monitoring
  • Scalability – Use only the power you need when you need it
  • Automatically upgraded systems pushed out by the Cloud Providers
  • More features and options than you can do yourself

Those are just some of the reasons to go to the Cloud, but if your not careful going to the Cloud can be more expensive than you think for numerous reasons.  Here are 3 reasons that a lot companies don’t think about:

  1. Migration Costs – Getting to the Cloud costs time and money.  The planning process itself can take month to years depending on what you are trying to move.  If you are using the Cloud for app development, it is easier than if you are moving file shares or Collaboration environments like SharePoint to Office 365.  From planning comes running the migration jobs, monitoring, and remediation.  All take time and money.
  2. Mismanagement of Resources – Everything in the Cloud costs money: storage, processing power, data streaming, using services, etc.  In efficient code or leaving test environments running when not in use are slow drains on your system that quickly add up to big money.  Also failing to manage users who leave your organization is just trowing money away to user based subscriptions models like Salesforce or Office 365.
  3. Change Management – Businesses under estimate the cost of re-educating and re-training users on the new system.  It costs time and money to create training materials, train users, and get them up to speed quickly.  Loss of productivity can be experienced during the transition and should be planned for.

These are just a few of the way reasons companies don’t see as much ROI on their Cloud investments as they would like.  The good news is with proper planning, budgeting, and monitoring, these drains on ROI can be minimized and companies can make the most of transitioning to the Cloud