Following sites not working in a Hybrid Sites scenario – 401 Unauthorized

Earlier this week, I was at one of my customers which has a SharePoint 2013 implementation. They had an issue where following sites was not working anymore. When they clicked the Follow link, they got an error that the site could not be followed.

They have a hybrid implementation with OneDrive for Business and Hybrid Sites setup.
When I looked in the ULS, I saw the following error popping up

Loud and clear… authentication issues.

Microsoft has an excellent resource where they outline the roadmap to implement hybrid features.

Both roadmaps outline the steps which are needed to set up those features. Since OneDrive for Business was working fine, I focused on the Hybrid Sites features and started going through the steps of the roadmap to see if everything was set up correctly.

  1. Configure Office 365 for SharePoint hybrid – Check!
  2. Set up SharePoint services for hybrid environments – Check!
  3. Install the September PU for SharePoint Server 2013 – We were on the December 2016 CU, so … Check!
  4. Configure S2S authentication from SharePoint Server 2013 to SharePoint Online –  Hmmm… I don’t recall doing this in the past.
  5. Configure hybrid sites features in Central Administration – Check!

Since I was getting authentication issues, and I didn’t recall me doing the S2S authentication configuration step, I figured that this was the cause of the problem.

When you follow the link for that step, you will see that there’s some work to do to set it up. Luckily, Microsoft provided a tool which actually does it for you. It’s called the Hybrid Picker. This simplifies things a bit.

Read more

Manage Office 365 using PowerShell

As someone who’s primary job is being a SharePoint administrator, the Rise of the Cloud (Office 365) was something which scared me in the beginning. Was my job doomed? Well, not exactly. You see, Office 365 is complex and it evolves constantly. Yes, a lot of stuff you do as an administrator on-premise is taken off your hands by Microsoft engineers at the datacenters but there’s plenty of stuff to “administer” in a cloud environment. You still need to manage users and their habits of losing passwords. You still need to create site collections, manage mailboxes, set up retention policies, and so on. Microsoft did a great job of providing a nice administration portal for all of these tasks but they also provide PowerShell management modules for all of the services in Office 365 to allow administrators to manage their tenant locally from their machine. This post gives an overview of the things you need to manage the different areas (services) in your Office 365 tenant.

Users/Licenses/Subscriptions 

A few weeks ago, the Azure AD PowerShell v2.0 module hit general availability and is now the recommended module to use when you want to do Azure AD management using PowerShell. At the time of this update, the latest stable version is 2.0.0.33. The old module (msonline) will be deprecated in the near future.

To use this new module, you need to install it from the PowerShell Gallery. To install a module from the PS Gallery, you need to install PowerShellGet on your machine. If you have a Windows 10 machine, this will already be installed and you can proceed with the installation of the module itself. If you have Windows 7 or 8.x, you have to install PowerShellGet first. You can find a link to the .MSI on the link below.

Once this package is installed, you can proceed with the installation of the AzureAD module.

The first line will set the PowerShell Gallery as a trusted repository. If you don’t set it as a trusted repository, you will see a warning when you run the Install-Module command.
If you have already an earlier version of this module (ex. 2.0.0.30), you can update it to a newer version by specifying the -Force parameter with the Install-Module command.

After the module has been installed, you can use it to manage your users, groups, licenses, and so on.

Skype for Business Online

To manage Skype for Business Online, you need to install the following package:

Once the package is installed, you can open a PowerShell console and connect to Skype for Business Online.

SharePoint Online

To manage SharePoint Online, you need to install the following package:

Once the package is installed, you can open a PowerShell console and connect to SharePoint Online.

The URL you need to provide to connect to SharePoint Online, is the URL of the SharePoint admin center in the Office 365 portal. For instance: https://mytenant-admin.sharepoint.com.

Exchange Online

To manage Exchange Online, you don’t need to install additional packages. You can execute the lines of PowerShell below to get started. When these lines are executed, the Exchange Online cmdlets are imported in your session. When you change Management Roles in Exchange Online however, you need to relaunch the session because changing roles also means that the cmdlets you CAN use, will change.

Rights Management

To manage Azure RMS in your Office 365 tenant, you need to install the following package:

When this package is installed, the PowerShell module will be installed on your machine.