Demo how to create JSON inventory of full tenant SPO site collections. Lookup Site Owner in Azure AD and expand JSON with AD properties such as user, manager, department, and more. Cheers.
https://github.com/spjeff/office365/blob/master/office365-site-directory/PnP-Site-Directory-JSON.ps1
Wanted to share quick code snippet for how to detect if current PS1 host environment is Azure RUNBOOK or LOCAL console like POWERSHELL_ISE or POWERSHELL.EXE. Cheers.
if ($host.Runspace) {if ($host.Runspace[0].GetType().Name -eq “LocalRunspace”) {$local=$true; “LOCAL”}} else {“RUNBOOK”}
Wanted to share quick trick on how to detect where your M365 tenant is hosted. Simply open URL below with tenant URL in the middle. Response JSON contains property “tenant_region_scope”:”NA” showing the physical host location. Cheers.
NOTE – For tenants hosted on GCC or you will see an extra property “tenant_region_sub_scope”:”GCC”
https://login.microsoftonline.com/SPJEFF.COM/.well-known/openid-configuration
{“token_endpoint”:”https://login.microsoftonline.com/0a9449ca-3619-4fca-8644-bdd67d0c8ca6/oauth2/token”,”token_endpoint_auth_methods_supported”:[“client_secret_post”,”private_key_jwt”,”client_secret_basic”],”jwks_uri”:”https://login.microsoftonline.com/common/discovery/keys”,”response_modes_supported”:[“query”,”fragment”,”form_post”],”subject_types_supported”:[“pairwise”],”id_token_signing_alg_values_supported”:[“RS256″],”response_types_supported”:[“code”,”id_token”,”code id_token”,”token id_token”,”token”],”scopes_supported”:[“openid”],”issuer”:”https://sts.windows.net/0a9449ca-3619-4fca-8644-bdd67d0c8ca6/”,”microsoft_multi_refresh_token”:true,”authorization_endpoint”:”https://login.microsoftonline.com/0a9449ca-3619-4fca-8644-bdd67d0c8ca6/oauth2/authorize”,”device_authorization_endpoint”:”https://login.microsoftonline.com/0a9449ca-3619-4fca-8644-bdd67d0c8ca6/oauth2/devicecode”,”http_logout_supported”:true,”frontchannel_logout_supported”:true,”end_session_endpoint”:”https://login.microsoftonline.com/0a9449ca-3619-4fca-8644-bdd67d0c8ca6/oauth2/logout”,”claims_supported”:[“sub”,”iss”,”cloud_instance_name”,”cloud_instance_host_name”,”cloud_graph_host_name”,”msgraph_host”,”aud”,”exp”,”iat”,”auth_time”,”acr”,”amr”,”nonce”,”email”,”given_name”,”family_name”,”nickname”],”check_session_iframe”:”https://login.microsoftonline.com/0a9449ca-3619-4fca-8644-bdd67d0c8ca6/oauth2/checksession”,”userinfo_endpoint”:”https://login.microsoftonline.com/0a9449ca-3619-4fca-8644-bdd67d0c8ca6/openid/userinfo”,”kerberos_endpoint”:”https://login.microsoftonline.com/0a9449ca-3619-4fca-8644-bdd67d0c8ca6/kerberos”,“tenant_region_scope”:”NA”,”cloud_instance_name”:”microsoftonline.com”,”cloud_graph_host_name”:”graph.windows.net”,”msgraph_host”:”graph.microsoft.com”,”rbac_url”:”https://pas.windows.net”}
Wanted to share step-by-step procedures for how to connect PNP.PowerShell console to SharePoint Online. Three major methods are outlined below, each slightly more advanced than the previous. Drop any questions or comments at bottom of post. Cheers.
Demo how to connect with Client ID and Client Secret plain text running PNP.PowerShell.
Steps are included for
# PNP Client Secret # https://medium.com/ng-sp/sharepoint-add-in-permission-xml-cheat-sheet-64b87d8d7600 # https://www.koskila.net/fastest-way-to-verify-your-client-id-and-client-secret-are-valid-with-powershell/ <# The app identifier has been successfully created. Client Id: 12306f98-2d2f-49b8-88b3-0eddd71ec25f Client Secret: OhYnQV2Hq888LoZOz7C8QSKr81VCNyOWQG9XEjQP111= Title: PNP-PowerShell App Domain: localhost Redirect URI: https://localhost #> # Scope $tenant = "spjeff" $clientId = "1236f98-2d2f-49b8-88b3-0eddd71ec25f" $clientSecret = "OhYnQV2Hq888LoZOz7C8QSKr81VCNyOWQG9XEjQP111=" # Connect Connect-PnPOnline -Url "https://$tenant.sharepoint.com/" -ClientId $clientId -ClientSecret $clientSecret Get-PnPWeb | Format-Table -AutoSize
Demo how to connect with PFX Certificate running PNP.PowerShell locally given PFX input file.
Steps are included for
# PNP Register # https://pnp.github.io/powershell/articles/connecting.html # https://pnp.github.io/powershell/articles/authentication.html # https://docs.microsoft.com/en-us/powershell/module/sharepoint-pnp/register-pnpazureadapp?view=sharepoint-ps # https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredApps # https://mmsharepoint.wordpress.com/2018/12/19/modern-sharepoint-authentication-in-azure-automation-runbook-with-pnp-powershell/ # Scope $tenant = "spjeff" $clientFile = "PnP-PowerShell-$tenant.txt" # Register $password = ConvertTo-SecureString -String "password" -AsPlainText -Force $reg = Register-PnPAzureADApp -ApplicationName "PnP-PowerShell-$tenant" -Tenant "$tenant.onmicrosoft.com" -CertificatePassword $password -Interactive $reg."AzureAppId/ClientId" | Out-File $clientFile -Force
# PNP Connect # https://pnp.github.io/powershell/articles/connecting.html # https://pnp.github.io/powershell/articles/authentication.html # https://docs.microsoft.com/en-us/powershell/module/sharepoint-pnp/register-pnpazureadapp?view=sharepoint-ps # https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredApps # https://mmsharepoint.wordpress.com/2018/12/19/modern-sharepoint-authentication-in-azure-automation-runbook-with-pnp-powershell/ # Scope $tenant = "spjeff" $clientFile = "PnP-PowerShell-$tenant.txt" # Connect $clientId = Get-Content $clientFile $password = "password" $secPassword = $password | ConvertTo-SecureString -AsPlainText -Force Connect-PnPOnline -ClientId $clientId -Url "https://$tenant.sharepoint.com" -Tenant "$tenant.onmicrosoft.com" -CertificatePath '.\PnP-PowerShell-$tenant.pfx' -CertificatePassword $secPassword Get-PnPTenantSite | Format-Table -AutoSize
Demo how to connect with PFX Certificate running PNP.PowerShell in Azure Automation Runbook given PFX input file.
Steps are included for
# PNP Connect
# https://pnp.github.io/powershell/articles/connecting.html
# https://pnp.github.io/powershell/articles/authentication.html
# https://docs.microsoft.com/en-us/powershell/module/sharepoint-pnp/register-pnpazureadapp?view=sharepoint-ps
# https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredApps
# https://mmsharepoint.wordpress.com/2018/12/19/modern-sharepoint-authentication-in-azure-automation-runbook-with-pnp-powershell/
# Scope
$tenant = "spjeff"
# Azure Certificate
$password = "password"
$secPassword = $password | ConvertTo-SecureString -AsPlainText -Force
$cert = Get-AutomationCertificate -Name 'PNP-PowerShell-$tenant'
$pfxCert = $cert.Export("pfx" , $password ) # 3=Pfx
$certPath = "PNP-PowerShell-$tenant.pfx"
Set-Content -Value $pfxCert -Path $certPath -Force -Encoding Byte
# Connect
$clientId = Get-Content $clientFile
$password = "password"
$secPassword = $password | ConvertTo-SecureString -AsPlainText -Force
Connect-PnPOnline -ClientId $clientId -Url "https://$tenant.sharepoint.com" -Tenant "$tenant.onmicrosoft.com" -CertificatePath '.\PnP-PowerShell.pfx' -CertificatePassword $secPassword
# Display
Get-PnPTenantSite | Format-Table -AutoSize
Fun software I work with every day.
Return to Top ▲