Azure Active Directory : Bulk Create + License assignment / attribution via Powershell

One of my colleagues told me, how she struggles with creating 10 CRM Accounts everytime she has a new Demo(she does more than 3 a week). Plus manually assigning the licenses.

And as a hero i told her that Powershell is always the solution, so i wrote this script that bulk creates and assigns licenses.

This script creates Azure Active Directory accounts, that means it can be also used for Office365, SharePoint, CRM…etc

Azure Active Directory Powershell

The script uses the AzureAD Powershell.

First you need to install it on your computer by running this cmdlet :

Install-Module AzureAD

How to use it

Just download the 2 files and start the ps1 script.

Input.Json : input

Script : New-AzureADAccountBulk

Script Logic

The script’s Input is a file Input.json that provied those Infos

  • Tenant Name
  • Admin Login
  • Admin Password
  • List of Users to create
    • Display Name
    • Mail NickName(the email’s preffix)
    • Password
    • List of Licenses to Assign

License Names could be listed by running this command

Connect-AzureAd
Get-AzureADSubscribedSku

License samples :

  • SHAREPOINTENTERPRISE
  • DYN365_ENTERPRISE_PLAN1
  • POWER_BI_PRO
  • ENTERPRISEPACK

 

The Script

The scripts can be downloaded here. I changed the extension to pdf, because WordPress doesn’t allow ps1 and json extensions.

Input.Json : input

Script : New-AzureADAccountBulk

I will not go through the whole document, but i will comment the improtant commands.

 

$config = Get-Content .\input.json | Out-String | ConvertFrom-Json
#Reading the json file

$adminPwrd = ConvertTo-SecureString -String $config.AdminPassword -AsPlainText -Force
$Credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $config.AdminLogin, $adminPwrd

#Using -Credential was to avoid the login popup
Connect-AzureAd -Credential $Credential

…..

#Loading the License from Azure Active Directory. If license not found, a warning is displayed
$liceTemp = (Get-AzureADSubscribedSku | Where-Object -Property SkuPartNumber -Value $license -EQ)

try
{
#check if the User already exists
$user = Get-AzureADUser -ObjectId $userPrincipalName
}
catch
{
$user = $null
}
if($user -eq $null)
{
write-host “Creating User ” $account.DisplayName
#Create the User. -UsageLocation is important for the license attribution
$newUSer = New-AzureADUser -DisplayName $account.DisplayName -PasswordProfile $PasswordProfile -UserPrincipalName $userPrincipalName -AccountEnabled $true -MailNickName $account.MailNickname -UsageLocation DE
write-host “User Created ” $account.DisplayName -ForeGroundColor Green
}
else
{
write-host “User ” $userPrincipalName ” already exsitst. Trying assigning License”
}
…..
if($licensesObj.AddLicenses.Count -ne 0)
{

#Set the license only if found
Set-AzureADUserLicense -ObjectId $userPrincipalName -AssignedLicenses $licensesObj
write-host “Licenses for User ” $userPrincipalName -ForeGroundColor Green
}

Advertisements

SharePoint Search crawler : Object was not found sps3

Today i ran into a problem while trying to crawl/index from the User Profile :

The start address sps3://…. cannot be crawled

The object was not found

sps3 is the protocol to crawl User Profile informations on SharePoint.

Possible reasons :

  • You are having a multi farm architecture and configured AAM : solution is to change the URL after sps3 to use the Url you configured on your DNS and AAM
  • You are using HTTPS : change sps3:// with sps3s://

 

If it helped you, please leave a comment.

SharePoint : Connection with Office Web Apps via SSL/HTTPS : new-spwopibinding the server did not respond

Office Web Apps, which is now Office Online Server, allows to display/edit Office documents(Word, Powerpoint, Excel…etc) on a Web Browser, which is advantageous when working with SharePoint, thus Users don’t have to switch from a Browser to Office App to see or to edit a document.

Today i faced a Problem that made me crazy while connecting SharePoint and Office Webapps(Office Server Online).

When i run the command

New-SPWOPIbinding -ServerName srv-apps

I got the error : “The Server does not respond, trying again”, if i add the parameter -AllowHttp it works though… but here i am trying to implement a HTTPS connection.

So here the steps that i followed to resolve the problem.

Office Server Online :

Before starting the Setup.exe from the Installation DVD, you should install those Windows-Feature prerequisites :

   Add-WindowsFeature Web-Server,Web-Mgmt-Tools,Web-Mgmt-Console,
     Web-WebServer,Web-Common-Http,Web-Default-Doc,Web-Static-Content,Web-Performance,
     Web-Stat-Compression,Web-Dyn-Compression,Web-Security,Web-Filtering,Web-Windows-Auth,
     Web-App-Dev,Web-Net-Ext45,Web-Asp-Net45,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Includes,
     NET-Framework-Features,NET-Framework-45-Features,NET-Framework-Core,NET-Framework-45-Core,NET-HTTP-Activation,NET-Non-HTTP-Activ,
     NET-WCF-HTTP-Activation45,Windows-Identity-Foundation,Server-Media-Foundation

Now you are ready to start the Setup.exe.

After the installation let’s configure our Office Server Online Farm :

New-OfficeWebAppsFarm -ExternalUrl “https://webapps.sharepoint.yourdomain.com” -InternalURL “https://webapps.sharepoint.yourdomain.com” -EditingEnabled -CertificateName “SharePoint Certificate”

3 important things :

  • The Url i chose was a subdomain of my sharepoint domain for the only reason that i wanted to use one single Certificate for both of them
  • ExternalURL and InternalURL are also the same : it was unfortunately the only solution i found to bypass the LoadBalancer problem
  • Of course don’t forget the DNS entry webapps.sharepoint.yourdomain.com <-> Officer Server Online

Last step on the Office Online Server is to load the certificate on IIS :

 

SharePoint :

Now lets move on to SharePoint and it is quite easy, we first need to set a Property on the Farm’s Propertybag.

$farm = Get-SPFarm

$farm.Properties.Add(“WopiLegacySoapSupport”, “https://webapps.sharepoint.yourdomain.com/x/_vti_bin/ExcelServiceInternal.asmx&#8221;)

$farm.Update()

Another step is to allow OAuth over HTTP

$config = (Get-SPSecurityTokenServiceConfig)

$config.AllowOaAuthOverHttp = $true

$config.Update()

Next Step is to create the Binding

New-SPWOPIBinding -ServerName webapps.sharepoint.yourdomain.com

Here it is important to give the FQDN that you used as internal URL, if you just use the server name you will get the error mentioned up.

and last but not Least set the Zone, you can use “internal-https” if your farm is only internally accessible, otherwise you should use “external-https”

Set-SPWOPIZone -zone “external-https”

 

Finally :

To test if it worked navigate to a SharePoint SiteCollection and you will notice that when you click on “+ new” inside a Library you will now get the Office Templates, instead of the Upload Pop-Up.

You will also be able to see the Document Preview and of course open the document in the Browser instead of getting it downloaded.

SharePoint – AAM : Alternate Access Mapping with HTTPS/SSL

When you install a new SharePoint Farm the default URL will be the name of the server, which is usually not beautiful(http://sp-srv, http://sharepoint…etc).

Today we will se how to configure the AAM with HTTPS.

Certificate :

I will not explain how to get the certificate in this article, you can also use a self signed one.

Once you have the .ptx Certificate you double click on it(on the SharePoint Frontend Server) and follow the Wizard to install it on the computer.

IIS :

We need to extend the Bindings of the SharePoint Website on IIS.

  1. Select the SharePoint Website
  2. Click on Bindings
  3. Add a new binding with 443 port and https
  4. Select the Certificate(the Certificate should appear on the list after being installed, if not you can import it via IIS).

 

SharePoint :

It is not enough to install the certificate on the server, this one should be also uploaded to SharePoint.

Open the Central Administration and then click on “Manage Trust” under “Security” and then click on new :

If you get an error that SharePoint doesn’t support certificates with password, don’t panic, you can export a copy of the certificate, that doesn’t require passwords.

  1. open “Manage Computer Certificates” on the Server(where you installed your certificate).
  2. Navigate to “SharePoint”
  3. right click on the Certificate(not the root!)
  4. Under “All Tasks” click on Export
  5. Click on “Next”
  6. Choose “do not export the private key”
  7. Choose the first format “DER encoded binary X.509”
  8. Choose a location and voila

Alternate Access Mapping :

Last but not least we should tell SharePoint that he has now to respond to requests from the adjusted URL.

Central Administration -> Application Management -> Configure alternate access mappings -> Edit Public URLs

  1. Select the correct Webapplication
  2. On the zone “Internet” add the full url with https
  3. Save

Your AAM settings should look like this now

 

 

SharePoint custom fonts and styles

SharePoint is also considered as a Web CMS. Whether it is a Content Editor Webpart, a Rich HTML Field or a Publishing page the Ribbon offers formatting and design capabilities, which looks like all Office Products.

 

To make the redaction of articles easy and standard(in case of a corporate design) we can add both custom fonts and text styles to the ribbon elements, such Headlines, HR News…etc

Fonts

We can add more fonts, which are either based on standard ones, or on custom fonts that you purchase. And it is very easy within SharePoint. You should just add some special classes to your loaded CSS.

You should just add a class definition named “ms-rteFontFace-XXX”, where XXX is a random ID.

.ms-rteFontFace-132{
-ms-name:”Gotham Book”;
font-family:”Gotham Book”;
font-size:13px;
}

This will add a new Font “Gotham Book”.

PS: the font files should be loaded using “@font-face”

@font-face {
font-family: ‘Gotham Book’;
src: url(‘path/GothamBook.ttf’) format(‘truetype’);
}

 

Styles

We can add preconfigured text styles, and here we will add a Headline with the font Gathoma Light, red color and with 30px size.

.ms-rteStyle-CustomHeadLines{
-ms-name:”CustomHeadLines”;
font-weight:300;
font-family:’Gotham Light’;
font-style:normal;
color : red;
font-size: 30px;
}

Hyper-V Copy VM : blinking point on boot

Today i needed another dev VM(SharePoint 2013), i wanted to copy my 2016 VM and reinstall SharePoint, without having to install sql and AD again.

I copied the vhdx and created a new VM based on it.

When i started it a black screen with a blinking point comes

 

Solution :

I figured out that to be able to copy vhdx you will start thenew one with Generation2(thirs step when you configure your new VM)

 

 

SharePoint foundation 2013 Offline Installation

I was trying today to install SharePoint foundation 2013. The Prerequisites Installer could not download the dependencies, i did not search why and i wanted to perform an offline installation.

Solution :

  1. Download all the prerequisites.
  2. Extract the sharepoint installer : sharepoint.exe /extract:”C:\SharePoint2013\prerequisiteinstallerfiles”
  3. Copy the downloaded prerequisites to “C:\SharePoint2013\”
  4. Run again the prerequisiteinstaller.

 

Microsoft .NET Framework 4.5

(Full Stand alone package)

http://go.microsoft.com/fwlink/?LinkId=225702
Windows Management Framework 3.0 http://www.microsoft.com/en-us/download/details.aspx?id=34595
Microsoft SQL Server 2008 R2 SP1 Native Client http://www.microsoft.com/en-us/download/details.aspx?id=26728
Windows Identity Foundation (KB974405) http://go.microsoft.com/fwlink/p/?LinkID=226830
Windows Identity Extensions http://go.microsoft.com/fwlink/?LinkID=252368
Microsoft Sync Framework Runtime v1.0 SP1 (x64) http://go.microsoft.com/fwlink/p/?LinkID=224449
Windows Server AppFabric http://go.microsoft.com/fwlink/?LinkId=235496

 

 

Microsoft Information Protection and Control Client http://go.microsoft.com/fwlink/p/?LinkID=219568
Microsoft WCF Data Services 5.0 http://www.microsoft.com/en-us/download/details.aspx?id=29306
Cumulative Update Package 1 for Microsoft AppFabric 1.1 for Windows Server (KB2671763  

http://www.microsoft.com/en-us/download/details.aspx?id=29241

 

 

SharePoint 2013 Foundation Installation : This product requires Microsoft .Net Framework 4.5

I was trying to install SharePoint 2013 Foundaiton on a Windows Server 2012 R2. Microsoft says that only a SP1 pack is installable on a Windows Server 2012 R2.

I run the prerequisites and installed the dependencies offline including .Net Framework 4.5.

Problem :

When i start the installation i get this error :

This product requires Microsoft .Net Framework 4.5

It was very weird because when i try to add the .Net Framework 4.5 Feature, The Server Manager shows that it is already installed.

 

 

 

 

 

 

 

 

 

 

 

 

Solution :

My first thought was : maybe i am missing some updates. I checked The Microsoft Updates center and everything was up-to-date… and that is the Problem, Sharepoint 2013 is since 2013, and having a very up-to-date Server could cause issues.

I checked the .Net Framework Version :

 Set-Location 'HKLM:\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4\Client'
 Get-ItemProperty -Path . | Select-Object Version

And i found that the 4.7 version was installed. To Uninstall it i had to uninstall the Update KB3186539 .

Open the Windows Update Center and search for this KB.

Be carefull : The KB depends on which version of .Net framework you found, search for “The .NET Framework XX.XX offline installer for Windows” and you will find which KB is related to it and just uninstall it.

SharePoint does not overwrite documents with the same name, he creates a new one!

I always thought that SharePoint overwrites files with the same name(of course when you check this checkbox).

Unfortunately it is not the case, SharePoint does not “overwrites” it, he deletes the documents and creates a new one while keeping the name.

Who says a new item, says a new ID….The problem is if you have an application who is based on the document’s IDs…

The solution is to change your code and use the document URL(FileLeafRef Property) instead of the ID.