Create a Communication Site from code in SharePoint Online using PowerShell

Lately Microsoft released the new  and long awaited modern site template for publishing sites in SharePoint Online (Office 365). The site templates is named “Communication Site” and is the second template released after the modern “Team Site”. This site template can be created if you have permissions from the SharePoint Home page using the “Create a site” form:

cpcomsite1

This approach is fine if you have permissions to create sites and are happy with the default setup. For my case this is almost never the case. Often the tenants I work with have restricted who can create new sites/groups, and also requires additional configuration after it has been created. This can be accomplished for the new “Team site” template, so I was curious how this can be done for the Communication site.

At the time of writing Microsoft have not released any documentation on how to do this, so this was done by re-creating the steps of the “Create a site” wizard (found by using Fiddler). I assume and hope that we sooner or later will find official documentation from Microsoft on how to do this. They might provide us with a bit more elegant way to use their API’s. But if you are familiar with using general REST API’s, this is pretty straight forward as soon you get authenticated with SharePoint.

 

PowerShell script for creating a Communication site

This script requires the “SharePoint Online Client Components” to be installed.

Disclaimer: This approach is not documented by Microsoft, so assume that this will change in the future and only use for testing at this time.

Summary

With the modern sites Microsoft has created several new REST based API’s used in their own wizards. These API’s can be used as long as you have a user authenticated context.

This code demonstrates how you can create the new Communication Site from code. After the site have been created you are free to connect to the site and apply customizations using in example the PnP PowerShell framework.

Problem with connecting to SharePoint Online in Office 365 with PowerShell, SharePoint Designer and other 3. party tools

You are not any longer able to log into SharePoint using PowerShell, SharePoint Designer and other 3. party tools (ex. ShareGate, SharePoint Search Query Tool etc). The error message states something that you are “Unauthorized” and “…the web site does not support SharePoint Online credentials” even though you username and password is fine.

Example: Error while logging in with PnP PowerShell

Connect-PnPOnline : Cannot contact web site ‘https://TENANTID.sharepoint.com/‘ or the web site does not support SharePoint Online credentials. The response status code is ‘Unauthorized’.  The response headers are ‘X-SharePointHealthScore=0, X-MSDAVEXT_Error=917656; Access+denied.+Before+opening+files+in+this+location%2c+you+must+first+browse+to+the+web+site+and+select+the+option+to+login+automatically.,

Example: Stuck while logging in with SharePoint Designer

Reason

SharePoint Online has a setting named “LegacyAuthProtocolsEnabled” with the purpose “Prevents Office clients using non-modern authentication protocols from accessing SharePoint Online resources .”.

By default this is allowed in all tenants. But as an administrator it is possible to tighten up the security and disallow us to login with these non-modern approaches.

More details can be found here: https://technet.microsoft.com/en-in/library/fp161390.aspx

Solution

1. Start using modern authentication (recommended)

Check if your application support the use of modern authentication through either WebLogin or using application credentials (ClientId/ClientSecret) authentication. This is advice to be the recommended and a more secure approach.

Not all tools, like SharePoint Designer, supports this modern authentication and if you are required to continue to use these apps further on, you might have to re-enable the support as described in the next point.

2. Re-enable support for legacy apps (temporary fix)

Note: Your company might have performed a security hardening and disabled this by purpose. If so it would not be advisable to continue without verifying the reason for this change.

Using “SharePoint Online Management Shell” login in with “Connect-SPOService”.


Connect-SPOService -Url "https://TENANTID-admin.sharepoint.com"

Verify the value of “LegacyAuthProtocolsEnabled”.


$TenantSettings = Get-SPOTenant

$TenantSettings.LegacyAuthProtocolsEnabled

If this value is “False”, then this issue will be solved by setting this to “True”.


Set-SPOTenant -LegacyAuthProtocolsEnabled $True

Updating you SharePoint Online tenant settings does not take immediate effect. So you need to while a while, exact how long can be from from minutes to 24 hours with the different settings, before you retry.

Summary

Changing the value of “LegacyAuthProtocolsEnabled” can cause issues for some existing applications. Checking if you can start using more modern authentication options will solve the issue in many apps, but for  some you might still need to keep this support open.

“Create a team” is missing in Microsoft Teams

I came across a rare scenario when I was going to convert an existing Office 365 group to a Team. In Microsoft Teams ( https://teams.microsoft.com) I was unable to find the “Create a team” button. In my case I was logged on as a Global Admin and thought that I ruled the whole world, but then again no.

Scenario

In Microsoft Teams:

  1. Selected “Add team” in the lower right
  2. Expected to find the “Create a team” button (but where is it?)

Solution

In this tenant the creation of Office 365 groups had been restricted for the end-users. This includes setting a AD group with the users allowed to do this.

Tips: How to restrict Office 365 Groups creation

My Global Admin user was not added to this AD group. It turns out a requirement for also converting existing group to teams also are affected by this policy. So simply by adding my user into this group I was able to see the missing button:

Summary

When restricting creation of Office 365 Groups, admin users must also explicit be added to this group to maintain full control over Groups and Teams creation.

Create list from custom template in SharePoint with PowerShell

This examples shows how to create new lists from custom list templates in SharePoint using PowerShell and CSOM. Custom list templates are STP-files uploaded to the List Template Gallery on the site. This should work both on-premises (2013/2016) and Online (Office 365).

Note: This example uses commands from the Office Dev PnP PowerShell library, ex. “Connect-PnPContext”. I recommend using this library for working this PowerShell and SharePoint (both Online and On-Premises).

Enable ratings in SharePoint with PowerShell and CSOM

In document libraries it is possible to enable ratings, both likes and average score (1-5). In this article I will cover how to enable “Likes” on the Pages library in a publishing site.

When configuring libraries manually, this is enabled from the “Rating settings” in the library:

enableratings

But when we follow the remote provisioning pattern to create new sites by using PowerShell and CSOM, there is currently no available function in the API for this. This pattern is the recommenced approach when working with SharePoint Online or SharePoint 2013/2016 without access to server side PowerShell or code.

To understand what is required to programmatic enable ratings I had to, as always with SharePoint, inspect the code behind with a reflection tool like DotPeek.

How to enable likes ratings

This show the procedure to enable ratings with Likes on a Pages library. To enable “Star rating” (1-5 average) this would be similar, but not covered in this post.

  1. Add the required fields to the library
    FieldName Guid
    AverageRating 5a14d1ab-1513-48c7-97b3-657a5ba6c742
    RatingCount b1996002-9167-45e5-a4df-b2c41c6723c7
    RatedBy 4D64B067-08C3-43DC-A87B-8B8E01673313
    Ratings 434F51FB-FFD2-4A0E-A03B-CA3131AC67BA
    LikesCount 6E4D832B-F610-41a8-B3E0-239608EFDA41
    LikedBy 2CDCD5EB-846D-4f4d-9AAF-73E8E73C7312
  2. Add “LikesCount” to default view
  3.  Add “Ratings_VotingExperience” to RootFolder’s property bag

Use PowerShell to enable ratings

Note: This function requires the Office Dev PnP PowerShell library to be installed and loaded in the current PowerShell session. I recommend using this library for working with PowerShell and SharePoint (both Online and On-Premises).

Example: How to use this function with a site

Using this with subsites within the Site Collection would require some extension to the function, as the Fields always are loaded form the RootWeb, but the library reside in the subsite.

When we have run the “Enable-CustomLikesRatingsOnLibrary” function on the desired library, we can see that Likes now are available:

ratings-library

Summary

Using this function it is now possible to provision new sites with PowerShell and CSOM and enable likes rating on libraries.

Add AD security group as Site Collection administrator with PowerShell in SharePoint

In provisioning solutions it can be a good practice to add a security group from Active Directory as an additional site collection owner. Unfortunately a security group is not accepted as either primary or secondary owner. So to set a group as site collection administrator, the easiest approach I could find was to set the “IsSiteAdmin” property on the User object.

Enabling scheduling on Publishing Pages in SharePoint Online (Office 365) using CSOM and PowerShell

Scheduling is easily enabled through the web interface when configuring the “Pages” library, but when deploying solutions using PowerShell, this must be automated as part of the configuration. Unfortunately, as many other sources also state, this is not directly supported in the Client Side API (CSOM).

The solution is to manually set up the Pages library the same way Microsoft does by adding two event receivers, changing some columns from hidden to visible and adding them to the default view.

Note: This example uses commands from the Office Dev PnP PowerShell library, ex. “Get-SPOContext”. I recommend using this library for working this PowerShell and SharePoint (both Online and On-Premises).

Function to enable Scheduling on a library on a given web site:

On line 11 an additional function is needed to create the parameters for the “Load” method:

How to enable scheduling: