Enable Auditing – SharePoint Online Site Collection


Auditing is normally a required feature for most organization which wants to track user actions on a SharePoint site.  The functionality can be enabled at site collection level.  But most organizations try to enable it when they already have large number of of site collections.  Doing it manually by going to Site settings – Site collection audit settings would be a tough job if you have large number of site collections.  I wrote the script which may help someone.

The script uses both Client Side Object Model and SharePoint Online Management Shell cmdlets.  Make sure you change the location of SharePoint Client OM dlls.  I have set it as C:\CSOM.  You do not need to specify the Admin Url as I am creating it from User name.

function Enable-SPOAuditing
{
    <#
        .SYNOPSIS
        Enables or disables Auditing on SharePoint ONline Sites
        .DESCRIPTION
        Enables or disables Auditing on SharePoint ONline Sites
        .EXAMPLE
        Enable-SPOAuditing
        explains how to use the command
        can be multiple lines
        .EXAMPLE
        Enable-SPOAuditing
        another example
        can have as many examples as you like
    #>
    [CmdletBinding()]
    param
    (
        [Parameter(Mandatory=$true)]
        [System.String]
        $SPOSiteUrl,
        [Parameter(Mandatory=$true)]
        [System.String]
        $UserName,
        [Parameter(Mandatory=$true)]
        [System.Security.SecureString]
        $Password
    )
    $spoCtx = New-Object Microsoft.SharePoint.Client.ClientContext($SPOSiteUrl)
    $spoCredentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($UserName, $Password)
    #SPO Client Object Model Context
    $spoCtx.Credentials = $spoCredentials
    $spoSite = $spoCtx.Site
    $spoCtx.Load($spoSite)
    $Audit = $spoSite.Audit
    $spoCtx.Load($Audit)
    $spoCtx.ExecuteQuery
    $All = [Microsoft.SharePoint.Client.AuditMaskType]::All;
    $None = [Microsoft.SharePoint.Client.AuditMaskType]::None;
    $CheckIn = [Microsoft.SharePoint.Client.AuditMaskType]::CheckIn;
    $CheckOut = [Microsoft.SharePoint.Client.AuditMaskType]::CheckOut;
    $ChildDelete = [Microsoft.SharePoint.Client.AuditMaskType]::ChildDelete;
    $CheckIn = [Microsoft.SharePoint.Client.AuditMaskType]::CopyCheckIn;
    $Move = [Microsoft.SharePoint.Client.AuditMaskType]::Move;
    $ObjectDelete = [Microsoft.SharePoint.Client.AuditMaskType]::ObjectDelete;
    $ProfileChange = [Microsoft.SharePoint.Client.AuditMaskType]::ProfileChange;
    $SchemaChange = [Microsoft.SharePoint.Client.AuditMaskType]::SchemaChange;
    $Search = [Microsoft.SharePoint.Client.AuditMaskType]::Search;
    $SecurityChange = [Microsoft.SharePoint.Client.AuditMaskType]::SecurityChange;
    $Undelete = [Microsoft.SharePoint.Client.AuditMaskType]::Undelete;
    $Update = [Microsoft.SharePoint.Client.AuditMaskType]::Update;
    $View = [Microsoft.SharePoint.Client.AuditMaskType]::View;
    $Workflow = [Microsoft.SharePoint.Client.AuditMaskType]::Workflow;
    $Audit.AuditFlags = $Search, $Update, $Undelete, $Workflow, $SecurityChange
    $Audit.Update()
    $spoSite.AuditLogTrimmingRetention = 60
    $spoSite.TrimAuditLog = $true
    #Enable All Options Auditing
    $Audit.AuditFlags = $All
    $Audit.Update()
    #Disable Auditing
    $Audit.AuditFlags = $None
    $Audit.Update()
    $spoCtx.ExecuteQuery()
}

$User = “firstnane.lastname@domain.onmicrosoft.com”
$Password = ConvertTo-SecureString “pass@word1” -AsPlainText –Force

#Or Use Get-Credentials to create the object.
$Creds = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $User,$Password

$CSOMAssembliesPath=”C:\CSOM”

$ClientDllPath         = $CSOMAssembliesPath +  “\Microsoft.SharePoint.Client.dll”
$ClientRunTimeDllPath  = $CSOMAssembliesPath +  “\Microsoft.SharePoint.Client.Runtime.dll”       
Add-Type -Path $ClientDllPath -ErrorAction SilentlyContinue
Add-Type -Path $ClientRunTimeDllPath -ErrorAction SilentlyContinue

$AdminUrl = $User
$AtSepPostion = $AdminUrl.IndexOf(‘@’) + 1
$DotPostion = $AdminUrl.LastIndexOf(“.onmicrosoft”)
$DomainName = $AdminUrl.Substring($AtSepPostion, $DotPostion – $AtSepPostion)
$FinalAdminUrl = “https://$DomainName-admin.sharepoint.com”

Connect-SPOService -Url $FinalAdminUrl -Credential $Creds
#To Test

#$Sites = Get-SPOSite -Limit 1

$Sites = Get-SPOSite -Limit All | Select Title, Url, Owner

foreach($Site in $Sites)
{
    Enable-SPOAuditing -SPOSiteUrl $Site.Url -UserName $User -Password $Password
}

Microsoft Office Developer Tools Preview 2 for Visual Studio 2015


https://www.microsoft.com/en-us/download/details.aspx?id=51683

This preview ships with new templates that support SharePoint 2016 for SharePoint solutions and add-ins.

Microsoft Office Developer Tools Preview 2 for Visual Studio 2015 enables you to develop SharePoint solutions and add-ins for SharePoint 2016.
This preview also includes the latest features in Microsoft Office Developer Tools Update 2 for Visual Studio 2015–you can create new Office add-in projects using templates specific to an Office application (Word, Excel, Outlook, and PowerPoint). These new templates support new Office features such as add-in commands, Fabric UI, and new functionalities in Office.js.
This preview must be installed on top of an earlier version of the Microsoft Office Developer Tools for Visual Studio 2015. Before installing this preview, go to aka.ms/officedevtoolsforvs2015 to get the tools.

Extract All User Properties from Active Directory to CSV


Below script allows you to use CSV to extract profile properties from active directory and then export to CSV.

Import-Module ActiveDirectory -ErrorAction SilentlyContinue
$Data = Import-Csv -Path “C:\Scripts\NoSPProfileAccounts.csv”
$Users = $null
$Users = @();
if($Data)
{
    $Data | ForEach-Object { Write-Host $_.Account; $User = Get-ADUser -properties * -Filter “UserPrincipalName -eq ‘$($_.Account)'”;$Users +=$User;}
}
$Users | Export-Csv -NoTypeInformation -Path “C:\Scripts\Users.csv”
$Users | Out-GridView