Modern Search Results and file shares


September 25, 2020 - 10:30, by Steven Van de Craen - 0 Comments

In an hybrid search environment the Cloud Search Service Application indexes local file shares and ships the index to SharePoint Online for querying. If you are indexing a local file share then you’ll notice something funny with those search results in Modern Search in SharePoint Online.

FileshareFileModernSearchResult

As you see the Modern Search just renders the result as non-clickable. Now you could still use Classic Search, but then it would get blocked if you click on it in a modern browser (which you should) due to security concerns.

NotAllowedToLoadLocalResource

Not allowed to load local resource: file://myserver/testfileshare/test.txt

 

The first issue (the visualisation in Modern Search) could be handled by using your own Modern Search results, for example via the PnP Modern Search Solution or use classic search result pages, so I’m not digging into this. The second issue however is generic and requires some thought.

 

I have seen environments that link directly to file servers for content and ideally that content would be moved into the environment. But there are still valid reasons for file shares and organisations may want to expose them to users through search. So for those cases you would need to find a solution. Here’s what I came up with…

  1. Use Internet Explorer; ugh. I can’t recommend this anymore but since it technically solves the issue so I’m adding it to the list.
  2. Start the browser with a flag to allow loading local resources (eg Chrome used to have --allow-file-access-from-files but this no longer works); it cannot be enforced for external users (if applicable) and it doesn’t feel like the right approach.
  3. Use a browser extension; there are browser extensions that restore the functionality when clicking on a file:// link. The issue I have with extensions is are they safe and trustworthy?
  4. Use Microsoft Edge IE Mode; users still use a modern browser but specific sites will use the IEMode. It would be a shame to have your entire “modern” SharePoint Online environment to run in IE Mode, no? Also it cannot be enforced for external users (if applicable)
  5. Put a web server or application in front of the file share; it shows the directory and file structure of the file share with authentication to ensure results are properly shielded
  6. If you have any other suggestions or solutions feel free to let me know

 

So let’s go with number 5 on the list. Now I want to have my search results coming from the application.

  1. Either the application supports being crawled directly as a website by SharePoint Search, and you just configure the Content Sources as such
    ContentSourceType
  2. Or it may be possible to configure Server Name Mappings to transform the original file share UNC path
    ServerNameMappings
    Run  crawl and voila the search results are transformed into a web url
    ModernSearchResults

 

In either case your search results would now be coming from a web application and you won’t have the issue anymore.

So, what’s your take on this?


Get ItemID of files which have no checked in version


April 9, 2020 - 14:20, by Steven Van de Craen - 0 Comments

Had the requirement to get the CheckedOutFile collection of a SharePoint List programmatically and it had to include the ItemID for the file (for use in further programmation).

Via PowerShell you can quite easily get the Path Identity information which contains the ItemID:

PowerShell CheckedOutFiles

Notice that the number at the end is the ItemID.

However, via C# CSOM this is a lot harder as the ObjectPathIdentity class is “inaccessible due to its protection level”. You can’t directly get to this info so I created an extension method “GetPath” to get this info:

public static class ClientObjectExtensions
{
    public static string GetPath(this ClientObject o)
    {
        string result = null;

        if (o != null)
        {
            var q = o.GetType().InvokeMember("Path", BindingFlags.GetProperty | BindingFlags.Instance | BindingFlags.Public, null, o, null);
            var r = q.GetType().InvokeMember("Identity", BindingFlags.GetProperty | BindingFlags.Instance | BindingFlags.Public, null, q, null);

            result = r.ToString();
        }

        return result;
    }
}

Which can be integrated into the C# CSOM logic

C# CSOM

ConsoleApp3

Now you can extract this value from the string and continue to work with it as needed.


SPFx Web Part assets and external users


March 23, 2020 - 11:34, by Steven Van de Craen - 0 Comments

Last week we ran into an issue where external (guest) users on SharePoint Online needed access to custom developed SharePoint Framework Web Parts deployed to the app catalog. By default don’t have access to this location so they receive an access denied on the web part assets.

We brainstormed about deploying to a public CDN but decided against this as it would open up the assets to potentially everyone rather than all our external users. Perhaps this is an unnecessary concern but we’re rolling with it.

A few years ago Microsoft made a change in how guest users receive access to SharePoint by deprecating/disabling the use of “Everyone” or “All Authenticated Users” for external users. See: https://docs.microsoft.com/en-us/office365/troubleshoot/access-management/grant-everyone-claim-to-external-users

While possible to restore this functionality it is better to introduce a dynamic group in Azure Active Directory to identify guest users. Note that this functionality requires Azure AD Premium P1 or higher.

 

Specify the membership type during group creation:

Specify the membership type during group creation

 

Next use the rule builder to select all guest users (or other requirements you might have). My query is (user.userType -eq "Guest")

(user.userType -eq "Guest")

 

It may take a few minutes before the group membership reflects the rule(s).

It may take a few minutes before the group membership reflects the rule(s).

 

Finally, when the group is fully propagated it can be added to the SPO App Catalog with read rights. Note that it might take up to 24 hours (not official) for the group to show up in the People Picker.

Guest Users in People Picker

 

Hope this helps.


Cannot add comments to Microsoft Planner


March 12, 2020 - 16:10, by Steven Van de Craen - 0 Comments

At one of my customers we recently switched to using Microsoft Planner for basic task management and follow up of our team.

When I tried to update several tasks assigned to me I noticed an issue with posting comments:

You no longer have access to "a2e47746-ab52-4774-bba0-905b138c5c7f". Technical details

Correlation Id: 72bb4c8e-f5bb-4f8d-8e3c-03630559263e

Time Stamp: Thu, 12 Mar 2020 11:08:52 GMT

I could change other properties of the task without issues.

Planner Comment Error

 

FIX: The issue was that my account didn’t have a subscription, more importantly I needed an Exchange Online mailbox. Once that was provisioned the issue was resolved!


Failed to queue mysite for provisioning for user


March 4, 2020 - 11:00, by Steven Van de Craen - 0 Comments

I was seeing this issue in a SharePoint 2016 environment (Event Log ID 8144 and ULS logs):

Failed to queue mysite for provisioning for user:[domain\user-DELETED-12066432-19B1-4F17-82C9-CF3FC9385325] with correlationid:[12066432-19b1-4f17-82c9-cf3fc9385325] on queue type:[Interactive]. Error:[Microsoft.SharePoint.SPException: The specified user domain\user-DELETED-12066432-19B1-4F17-82C9-CF3FC9385325 could not be found.
   at Microsoft.SharePoint.SPWeb.EnsureUser(String logonName)
   at Microsoft.Office.Server.UserProfiles.MySiteInstantiationManager.EnsureUserAndFixQuota(String owner, SPSite rootSite)
   at Microsoft.Office.Server.UserProfiles.SiteInstantiationWorkItemJobDefinition.<>c__DisplayClass19.<AddWorkItemElev>b__18(SPWeb web)]


This error repeats every 5 minutes as the timer job tries to provision a MySite for this user, however it no longer exists (can happen in some edge case scenario’s mostly related to Active Directory).

Navigate to the User Profile overview, find the user profile and delete it to fix the issue.

Manage User Profiles


Microsoft Edge workaround for saving Windows Credentials


February 26, 2020 - 15:17, by Steven Van de Craen - 0 Comments

I’ve been using the new Microsoft Edge (Chromium based, Insider, Chredge, …) ever since the beginning and have loved it from the start. But a recent change (version 79 ?) has an issue with Windows Credentials, something I run into for SharePoint environments with Windows Authentication (NTLM, Kerberos).

Before the update it would prompt with a prefilled credential prompt:

Sign in to access this site

I could just press “Sign in” to continue.

But after the update it would prompt a different style prompt without prefilled credentials or option to save the credentials, forcing me to enter the full username and password every time.

Sign in to access this site

It seems this will be fixed properly in a future update, but for now it is possible to revert to the original credential prompt and functionality via the following workaround:

  1. Browse to edge://flags/#edge-windows-credentials-for-http-auth
  2. Change this setting to Disabled (and restart the browser)

 

allow windows credentials for HTTP Authentication Challenges

 

Credits & Info: https://techcommunity.microsoft.com/t5/discussions/windows-integrated-authentication-not-working-canary-amp-dev/m-p/934866/highlight/true#M14559


Open document in browser, open document in client


February 6, 2019 - 12:40, by Van de Craen Steven - 0 Comments

"Hey I have a link to a Word document in a SharePoint document library and I have this link on a page to it that I want to open directly in the browser [Word Online]."

"Sure no problem, just append ?web=1 to the link"

"Wow, cool! Can you do the same for opening directly in Word?"

"Errrrr….."


Just linking to the document would offer it as download

download.png


I considered a complex hyperlink with an onclick handler that would then open it in Word etcetera etcetera, very convoluted and a thing from the past really.

Then I found out about the Office URI Schemes:

  • ms-word:ofv|u|https://mysharepoint/mylibrary/mydocument.docx
  • ms-word:ofe|u| https://mysharepoint/mylibrary/mydocument.docx

ofv = open for view, ofe = open for edit

You can read up on them here: https://docs.microsoft.com/en-us/office/client-developer/office-uri-schemes

Even works in emails if you can construct the hyperlink href yourself. In a simple text mail it will not detect as a hyperlink and just render plain text.

openword.png

Must admit that was a TIL.

 


SharePoint 2019 not loading style sheets in document libraries


February 5, 2019 - 15:18, by Van de Craen Steven - 0 Comments

Reblogging this for reference…

An issue I ran into during an upgrade to SharePoint 2019 with custom branding was that the style sheets weren't loaded correctly by the browser. The console logs showed these resources being downloaded as application/octet-stream mime type rather than text/css.

Stefan Goßner has a blog post about this explaining that the mime type cannot be determined properly for files hosted in document libraries. Currently a workaround exists that enables the IIS 6 Metabase Compatibility Windows Feature:

import-module servermanager

install-windowsfeature web-metabase

https://blogs.technet.microsoft.com/stefan_gossner/2018/11/30/common-issue-sp2019-items-in-document-libraries-are-downloaded-with-mime-type-application-octet-stream-rather-than-the-accurate-one/

A fix is in the works and should resolve the issue permanently without the need for the workaround.


SharePoint Server Search and TIF file indexing


November 23, 2018 - 16:30, by Steven Van de Craen - 0 Comments

A client who was using TIF files in SharePoint 2016 reported that the search results didn’t link to the file directly, but rather to the List Item Display Form (DispForm.aspx?ID=x) for these files and wanted that changed.

Most info on the web on how to configure for TIF file indexing is rather outdated and incomplete so here’s an update for SharePoint 2016 and 2019.

 

1. Enable the TIFF iFilter on all servers configured for “Content Processing” in the Search Topology

Install-WindowsFeature -Name "Windows-TIFF-IFilter"

 

2. [Windows Server 2012 (R2) only] Enable the Windows Search Service Feature on all servers configured for “Content Processing” in the Search Topology

Install-WindowsFeature -Name "Search-Service"

 

3. Add both tif and tiff to the list of Crawled File Types for the Search Service Application

Add to Crawled File Types

 

4. Add both tif and tiff as a file format to the Search Service Application

$ssa = Get-SPEnterpriseSearchServiceApplication

New-SPEnterpriseSearchFileFormat -SearchApplication $ssa tif "TIFF Image File" "image/tiff"

New-SPEnterpriseSearchFileFormat -SearchApplication $ssa tiff "TIFF Image File" "image/tiff"

 

5. Restart the SharePoint Search Host Controller on all servers configured for “Content Processing” in the Search Topology

Restart-Service SPSearchHostController

 

6. Run a Full Crawl

 

You should now have proper indexing of TIF files.

Crawl Log

TIF search result


SharePoint 2019 and the new OneDrive Sync Client


November 20, 2018 - 14:34, by Steven Van de Craen - 0 Comments

I’ve been running various tests and scenario’s with the new SharePoint 2019 that released about a month ago and ran into an issue with the new OneDrive Sync Client (aka NGSC or Next Generation Sync Client).

OneDrive sync error

Sorry, we couldn’t sync this folder. Contact your IT administrator to configure OneDrive to sync SharePoint on-premise folders

Aside from the obvious grammar error (on-premise vs on-premises) I didn’t expect this issue as I had Windows 10, the latest OneDrive client and SharePoint 2019 as outlined here: https://docs.microsoft.com/en-us/sharepoint/install/new-onedrive-sync-client. Except I ignored the part where it says you need to configure Group Policy objects for it to work.

To set up OneDrive with SharePoint Server 2019, configure the following Group Policy objects:

  1. SharePoint on-premises server URL and tenant folder name The URL will help the sync client locate the SharePoint Server and allows the sync client to authenticate and set up sync. The tenant folder name lets you specify the name of the root folder that will be created in File Explorer. If you don’t supply a tenant name, the sync client will use the first segment of the URL as the name. For example, office.sharepoint.com would become “Office.”
  2. SharePoint prioritization setting for hybrid customers that use SharePoint Online (SPO) and SharePoint on-premises server This setting lets you specify if the sync client should authenticate against SharePoint Online or the SharePoint on-premises server if the identity exists in both identity providers. Learn how to manage OneDrive using Group Policy

Now a quick way to configure these values is using the registry editor.

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\OneDrive

 

  • Name: SharePointOnPremPrioritization
  • Type: REG_DWORD
  • Value:
    • 0: prioritizes for SharePoint Online (“PrioritizeSPO”)
    • 1: prioritizes for SharePoint 2019 (“PrioritizeSharePointOnPrem”)

 

Registry

 

Once you configure these values you can sync a SharePoint 2019 library with the new sync client.


 Next >>