Office365

Watch the keynote "The Future of SharePoint" here.

Lots of changes and innovations have been announced at the 'Future of SharePoint' conference last month. We've watched the keynote and found it very interesting. We think you might find this interesting as well. So below, find the full keynote!

Full keynote presentation "Future of SharePoint"

Want to know more?

Read more in-depth information in other blogs/articles by myself and my colleagues: List of #FutureOfSharePoint posts

This blog post is part of the series Future of SharePoint. More on this topic can be found athttp://08b.4d7.myftpupload.com/tag/FutureOfSharePoint/

Convert security groups to mail-enabled and universal for Office 365 with PowerShell

by Thomas Verwer, Technical Consultant @ Rapid Circle When carrying out projects for Enterprise clients I commonly face challenges with companies not meeting the system requirements for Office 365. One of the most commonly seen missing requirements are on the Identity and Access Management part of Office 365.

When migrating legacy Identity and Acces Management infrastructures to Office 365 you quickly bump in to Microsoft’s Active Directory Services (ADS). To migrate this service to Windows Azure Active Directory – which is part of every Office 365 license – you can use the Windows Azure Active Directory Sync tool. Or as most IT Professionals know it “DirSync”, this is a special edition in the history of FIM.

Now back to businness. To migrate legacy security groups to Windows Azure Active Directory, for products such as Exchange Online it is a requirement to have a GroupScope of Universal.(see image below)

Get-ADGroup-GroupScope

Since most companies still use Global security groups these need to be converted. Therefore I use a PowerShell script which automates this proces. For this script to work, import the ActiveDirectory module in PowerShell or run the script with Active Directory Module for Windows PowerShell.

Clear-Host

if((Get-Module | where {$_.Name -eq “ActiveDirectory”}) -eq $null){ Import-Module ActiveDirectory } $scriptPath = split-path -parent $MyInvocation.MyCommand.Definition Set-Location $scriptPath Write-Output “Output will be stored in ” (Get-Location)

$SeaBase = “DC=corp,DC=local” $SeaVal = “CN=Mailbox_*” $SeaScope = “Subtree” $GrpList = “ADSecGrp.csv” $UniGrpList = “Uni_ADSecGrp.csv” $strLogFile = “ErrorLog.txt” $DomainAdmin = Get-Credential

#Search for all Groups that are of type Security and scope is Global and starts with “Mailbox_” $SecGrps = Get-ADGroup -SearchScope $SeaScope -SearchBase $SeaBase -Filter {GroupCategory -eq “Security” -and GroupScope -eq “Global”}

foreach ($secGrp in $SecGrps) { try { $DN = $secGrp | Where-Object {$_.DistinguishedName -like $SeaVal} $DN | Export-Csv $GrpList -Append } catch { throw Break } }

(Get-Content $GrpList | Select-Object -Skip 1) | Set-Content $GrpList

Write-Output “Check $GrpList to verify all exported security Groups are of type Global” Write-Output “Press Y to continue” $selection = read-host if ($selection -eq “y” -or $selection -eq “Y”){ Write-Output “$GrpList CSV File Checked….” foreach($G in Import-Csv $GrpList){ try { $D = $G.DistinguishedName Get-ADGroup -Identity $G.SID Set-ADGroup -Identity $G.SID -GroupScope Universal -Credential $DomainAdmin } catch { $ErrorMessage = $_.Exception.Message Write-Output “Error converting for $D ..`n Error Message : $ErrorMessage” | Add-Content $strLogFile Throw Break } $DN = Get-ADGroup -Identity $G.SID $DN | Export-Csv $UniGrpList -Append } (Get-Content $UniGrpList | Select-Object -Skip 1) | Set-Content $UniGrpList Write-Output “Check $UniGrpList to verify all modified security Groups are of type Universal” }else{ Write-Output “Script Stopped by User” | Add-Content $strLogFile Break }

As you can see the script contains several variables. With these you can define the scope of OU’s or name convention for existing security groups. When running the PowerShell script it builds up a CSV-file called Uni_ADSecGrp.csv. When paused you can open and check the file to see if it contains the groups which you wish to convert. If so, you can insert “Y” to the script and it proceeds running.

After we have succesfully changed the GroupScopes to Universal we can carry on and use the second PowerShell script which mail-enables the security groups so they meet the requirements for Exchange Online. Besides the conversion to mail-enabled it also hides the groups from the Global Address List.

Run this script on one of the legacy Exchange servers with the use of the  Exchange Management Shell.

Clear-Host

#if((Get-Module | where {$_.Name -eq “ActiveDirectory”}) -eq $null){ # Import-Module ActiveDirectory #}

#Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010 # $env:ExchangeInstallPathbinRemoteExchange.ps1 #Connect-ExchangeServer -auto

Write-Output “Output will be stored in ” (Get-Location)

$GrpList = “Final_ADSecGrp.csv” $strLogFile = “enableErrorLog.txt” $log = “AfterLog.txt” $ErrorLog = “ErrorLog.txt”

foreach($G in Import-Csv “Uni_ADSecGrp.csv”){

try { Get-ADGroup -Identity $G.SID

Enable-DistributionGroup -Identity $G.DistinguishedName -Alias $G.Name Set-DistributionGroup -Identity $G.DistinguishedName -HiddenFromAddressListsEnabled $true Get-DistributionGroup -Identity $G.DistinguishedName | Add-Content $Log $x = Get-DistributionGroup -Identity $G.DistinguishedName if($x -ne $Null){ Write-Output $G.DistinguishedName }else{ Write-Output $G.DistinguishedName | Add-Content $ErrorLog } } catch { $ErrorMessage = $_.Exception.Message Write-Output “Error Enabl-DistributionGroup for $G.DistinguishedName …..`nError Message : $ErrorMessage” | Add-Content $strLogFile throw Break }

}

Once you have succesfully executed the second script you can add these objects to your Windows Azure Directory Sync cycle. Please be aware that when you convert the groups, the groups may not contain unsupported characters such as namespaces or & characters.

Best of luck to you all with carrying out succesfull Office 365 deployments. Before I publish the post, I have to share my respect to my colleague and teammate Dev Chaudhari for working on the scripting!

Original blog on: thomasverwer.com

SharePoint 2013 Hosted App

This will be my first post on SharePoint 2013. The buzz around the App Model is huge and so I dove in on a very basic level. Just to show how easy an App can be hosted in SharePoint and can consume Data or connect to popular websites. Like Facebook. No worries, no Authentication is being used. This Post it’s just to show how easy it is to create a SharePoint App and consume “free” data.

First things first

The very first thing we should do is follow the steps described by MS to setup your development machine for App Development. http://msdn.microsoft.com/en-us/library/office/apps/fp179923%28v=office.15%29

Andrew Connell created a PS Script for this: http://www.andrewconnell.com/blog/archive/2012/08/07/registering-sharepoint-2013-high-trust-apps-using-s2s-the-easy.aspx

Create a new App

First start Visual Studio 2012 RC. Create a new Project and choose App for SharePoint 2013

Schermafbeelding 2012-08-21 om 17.08.34

Next give your App a name and fill in the Developer Site (created while setting up your app domain). I chose my default webapplication to be a Developer Site.

For this App we choose SharePoint-hosted.

Schermafbeelding 2012-08-21 om 17.09.46

Now we can see the App Template contains some modules for Scripts, Images, Pages and CSS files. Also notice the AppManifest.xml file which holds important info about your App.

Schermafbeelding 2012-08-21 om 17.19.38

Facebook Data

For this app I use the standard Facebook Graph API. We can use jQuery to get JSON data from the url we like. In this example I chose Microsofts Facebook page.

http://graph.facebook.com/microsoft

To simply bind the data on my Default.aspx page I use KnockOut JS. This is a very easy and fast way of binding data.

Result

The project that you can download, results in an App that is displaying Page data from Facebook. It looks like this:

Schermafbeelding 2012-08-21 om 16.58.10

Schermafbeelding 2012-08-21 om 16.57.40

DOWNLOAD MyFBPage.proj

Content Type Hub "Lite" in Office 365

Content Type Hubs or centrally managed content types were one of the biggest (and under appreciated) additions to SharePoint 2010. When working with several web applications and site collections (which is inevitable most of the time), keeping content types up to date over several location can become a drag and easy to make mistakes. So Microsoft added the possibility to have a centrally managed hub, were site collections and web application can subscribe to and still have local content types.

As Office 365 is based on the SharePoint 2010 framework, The Content Type Hub is available to be activated as site collection feature. But beware! On a SP 2010 server, we can activate the feature for any web app/site collection. This way you define one or more web applications/site collections as content type hub and name them appropriately.   This can not be done in Office 365. You receive 1 Content Type Hub which is by default https://[account].sharepoint.com/sites/contenttypehub and this is "by design" (in case you were wondering). Yes, you have the option in all web applications and site collections to activate the content type hub, but it will not work! You will found only after you're done with setting it all up (Technet: Configuring the Content Type Hub), creating the content types and getting ready to start the sync. The moment you are settings subscriptions, you will find out that you can only get 1 subscriptions, which is the default /sites/contenttypehub.

In short you receive the Lite version of the Content Type Hub in Office 365. So make sure when planning your Office 365 infrastructure, that you only have 1 Content Type Hub and it's available to you only at the default location. I found out the hard way, so you don't have to :)

 

List view Lookup threshold in Office365

I created a list which uses 12 Person or Group fields. So I changed the resource throttling in Manage Web Applications > General Settings in Central Admin. Customer happy, so I'm happy too. Now we have to the move this list to Office365 because their intranet is moving to the cloud. But changing the resource throttling settingis not possible in Office365 (yet?). So now we have to create a new solution.

So keep in mind when working with Office365, you can't change the list view lookup threshold.

*UPDATE*; waiting for reaction Microsoft if the settings will be made available in the future

*UPDATE 20110829*; Microsoft Customer Support has confirmed that the settings will not be available as of yet, but this may change in the future...