Tuesday, 3 May 2016

How to grant permission for specific attributes in AD

As an Active Directory admin sometimes we may require to allow and deny permission for only specific attributes on AD user object or container (OU) object. In this post, I am going to write steps to assign or remove permissions on Active Directory attributes.

Note: To perform this action, you must be a member of the Domain Admins group, or the Enterprise Admins group in AD, or you must have been delegated the appropriate authority.

Follow the below steps to set permission for individual AD attributes:

  • Open Active Directory Users and Computers console (Start -> Control Panel -> Administrative Tools -> Active Directory Users and Computers). 
  • Click on the View menu, select Advanced Features.
  • Right-click the object (user or ou) for which you want to assign or remove permissions, and then click Properties.
  • On the Security tab, click Advanced to view all the available permissions.
  • Click the button Add, find user or group account whom you want provide access, and click OK.
  • In the "Permission for object name" dialog, go to the "Properties" tab, and select the required properties and desired permissions from the list and save the changes.
Read More...

Thursday, 28 April 2016

Update AD User Home Directory by using PowerShell

Sometimes Active Directory Administrator requires to change user's 'Home Folder' profile mapping location from old file server to new file server. We can use the AD powershell cmdlet Set-ADUser to update user detail. It has a parameter -HomeDirectory , which allows you to set the user's home directory and it also has a parameter -HomeDrive that update the drive letter for their home directory.

Before proceed run the following command to import Active Directory module.
Import-Module ActiveDirectory
The below powershell command set the home directory path and link home drive for the user 'Smith'
Set-ADUser -Identity "Smith" -HomeDirectory "\\fileServer\Users\Smith" -HomeDrive H
You can also find an user and set their DisplayName or samAccountName as home directory folder.
# Get the user, based on their "samAccountName"
$user = Get-ADUser -LDAPFilter '(samAccountName=Smith)';
# Change the user's samAccountName as home directory
$homeDirectory = '\\fileserver\users\' + $user.SamAccountName;
Set-ADUser -Identity $user.SamAccountName -HomeDirectory $homeDirectory -HomeDrive H

Set Home Directory for all AD users from OU:

When we change user's home folder while migrating file server, we need to update for bulk of AD users. If you placed group of users under certain OU, you can get all users from that OU by setting target OU scope in Get-ADUser cmdlet and change home directory path for every user.
$users = Get-ADUser -Filter * -SearchBase "OU=TestOU,DC=TestDomain,DC=com" 
$users | ForEach-Object {
# Assign user's home directory path
$homeDirectory = '\\fileserver\users\' + $_.SamAccountName;
Set-ADUser -Identity $_.SamAccountName -HomeDirectory $homeDirectory -HomeDrive H;
}

Update Bulk AD Users Home Directory from CSV:

We can also set bulk AD users home directory path by importing user details from CSV file. First consider the csv file Users.csv which includes user's display name or samaccountname, the following powershell script import AD user's display name from csv file and set home directory path by using their samAccountName.
# Import user details from CSV
$users = Import-Csv -Path "C:\Users.csv"

# Iterate every row to set each user ...
foreach ($user in $users) {
    # Get the user, based on their "displayName". If you have samAccountName in you csv file,
    # you can replace displayName by samAccountName
    $userAccount = Get-ADUser -LDAPFilter ('(displayname={0})' -f $user.DisplayName);
    # Assign user's home directory path
    $homeDirectory = '\\fileserver\users\' + $userAccount.SamAccountName;
    # Finally set their home directory and home drive letter in Active Directory
    Set-ADUser -Identity $userAccount.SamAccountName -HomeDirectory $homeDirectory -HomeDrive H
}
Read More...

Add or Remove Item Level Permission in SharePoint using CSOM

In this article I am going to write C# code sample to Add or Remove Item Level Permissions using CSOM (Client Object Model). Sometimes we might have a business requirement to give read permission for some users on certain document item and give write permission to other users on the same list item. To achieve this need, we need to add explicit permission for the particular list item. To add unique permission, first we need to stop inheriting permissions (break the inheritance) of the particular document item.

Set Item Level Permission in SharePoint Online:

The following CSOM based c# code first removes the inheritance of a list item and grant unique permission.
public static void AddItemLevelPermissions()
{
    string sitrUrl = "https://sptenant.sharepoint.com/sites/contosobeta";
    using (var ctx = new ClientContext(sitrUrl))
    {
        var web = ctx.Web;
        ctx.Load(ctx.Web, a => a.Lists);
        ctx.ExecuteQuery();

        List list = ctx.Web.Lists.GetByTitle("TestDocLibrary");
        string itemName = "TestFile.txt";
        CamlQuery camlQuery = new CamlQuery();
        camlQuery.ViewXml = "" +itemName +
            "";
        var listItems = list.GetItems(camlQuery);
        ctx.Load(listItems, a => a.Include(i => i.HasUniqueRoleAssignments));
        ctx.ExecuteQuery();

        foreach (var listItem in listItems)
        {
            if (!listItem.HasUniqueRoleAssignments)
            {
                listItem.BreakRoleInheritance(false, false);
                ctx.ExecuteQuery();
            }
            var roleAssignments = listItem.RoleAssignments;            
            //var user_group = web.SiteGroups.GetByName("Site Members");
            var user_group = web.SiteUsers.GetByLoginName("i:0#.f|membership|admin@sptenant.onmicrosoft.com");
            var roleDefCol = new RoleDefinitionBindingCollection(ctx);
            // Add Role Definition i.e Full Controls, Contribute or Read rights etc..
            roleDefCol.Add(web.RoleDefinitions.GetByType(RoleType.Contributor));
            roleAssignments.Add(user_group, roleDefCol);
            ctx.Load(roleAssignments);
            listItem.Update();                    
            ctx.ExecuteQuery();
        }
    }
}

Remove/Delete Item Level Permission:

You can use the following c# code to remove permission if you no longer need an unique permission on particular list item.
public static void RemoveItemLevelPermission()
{
    string sitrUrl = "https://sptenant.sharepoint.com/sites/contosobeta";
    using (var ctx = new ClientContext(sitrUrl))
    {
        var web = ctx.Web;
        ctx.Load(ctx.Web, a => a.Lists);
        ctx.ExecuteQuery();

        List list = ctx.Web.Lists.GetByTitle("TestDocLibrary");
        string document = "TestFile.txt";
        CamlQuery camlQuery = new CamlQuery();
        camlQuery.ViewXml = "" + document + "";

        var items = list.GetItems(camlQuery);
        ctx.Load(items);
        ctx.ExecuteQuery();
        foreach (var item in items)
        {
            //var user_group = web.SiteGroups.GetByName("Site Members");
            var user_group = web.SiteUsers.GetByLoginName("i:0#.f|membership|admin@sptenant.onmicrosoft.com");
            item.RoleAssignments.GetByPrincipal(user_group).DeleteObject();
            ctx.ExecuteQuery();
        }
    }
}

Delete All Unique Permissions:

Sometimes you may want to remove all the explicit permissions from a list item and reset broken inheritance (recover inheritance). In this case, you can use the following csom code to delete all unique permissions and reset broken inheritance.
public static void ResetRoleInheritanceInListItem()
{
    string sitrUrl = "https://sptenant.sharepoint.com/sites/contosobeta";
    using (var ctx = new ClientContext(sitrUrl))
    {
        var web = ctx.Web;
        ctx.Load(ctx.Web, a => a.Lists);
        ctx.ExecuteQuery();                

        List list = ctx.Web.Lists.GetByTitle("TestDocLibrary");
        string document = "TestFile.txt";
        CamlQuery camlQuery = new CamlQuery();
        camlQuery.ViewXml = "" + document + "";

        var items = list.GetItems(camlQuery);
        ctx.Load(items);
        ctx.ExecuteQuery();
        foreach (var item in items)
        {
            item.ResetRoleInheritance();
            ctx.ExecuteQuery();
        }
    }
}
Read More...

Tuesday, 26 April 2016

Reset Unique Permissions (Reset Broken Inheritance) In SharePoint using CSOM - C#

Sometimes we may require to delete unique permissions and reset broken inheritance (recover inheritance) for a particular site, or list library, or list item. In this post, I am going to write C# code to reset stopped role inheritance using CSOM (Client Object Model).

Reset Role Inheritance of a Site

The following C# code reset the broken inheritance of a sharepoint site.
private static void ResetRoleInheritanceInSite()
{
    string sitrUrl = "https://sptenant.sharepoint.com/sites/contosobeta/sbeta";
    using (var ctx = new ClientContext(sitrUrl))
    {
        var site = ctx.Web;
        //Stop Inheritance from parent site
        site.ResetRoleInheritance();
        ctx.Load(site);
        ctx.ExecuteQuery();
    }
}

Reset Broken Inheritance of a List Library

The following C# code reset the broken inheritance of a sharepoint list library.
private static void ResetRoleInheritanceInList()
{
    string sitrUrl = "https://sptenant.sharepoint.com/sites/contosobeta";
    using (var ctx = new ClientContext(sitrUrl))
    {
        var web = ctx.Web;
        ctx.Load(ctx.Web, a => a.Lists);
        ctx.ExecuteQuery();

        List list = ctx.Web.Lists.GetByTitle("TestDocLibrary");
        //Stop Inheritance from parent
        list.ResetRoleInheritance();
        list.Update();
        ctx.ExecuteQuery();
    }
}

Reset Unique Permissions for a List Item

The following C# code reset the broken inheritance for a sharepoint list document item.
private static void ResetRoleInheritanceInListItem()
{
    string sitrUrl = "https://sptenant.sharepoint.com/sites/contosobeta";
    using (var ctx = new ClientContext(sitrUrl))
    {
        var web = ctx.Web;
        ctx.Load(ctx.Web, a => a.Lists);
        ctx.ExecuteQuery();                

        List list = ctx.Web.Lists.GetByTitle("TestDocLibrary");
        string document = "TestFile.txt";
        CamlQuery camlQuery = new CamlQuery();
        camlQuery.ViewXml = "" + document + "";

        var items = list.GetItems(camlQuery);
        ctx.Load(items);
        ctx.ExecuteQuery();
        foreach (var item in items)
        {
            item.ResetRoleInheritance();
            ctx.ExecuteQuery();
        }
    }
}
Read More...

Break permission inheritance in SharePoint using csom via C#

Sometimes we may require a business need to grant or set explicit permission for a particular site or list library, or listitem. To add explicit permission, we need to first break the inheritance (stop inheriting permissions) of the particular object.

Break Permission Inheritance in Site

The following C# code break the inheritance for a sharepoint site and add explicit permission for a particular user or group with csom (client object model).
private static void BreakRoleInheritanceForSite()
{
    string sitrUrl = "https://sptenant.sharepoint.com/sites/contosobeta/sbeta";
    using (var ctx = new ClientContext(sitrUrl))
    {    
        var site = ctx.Web;
        //Stop Inheritance from parent site
        site.BreakRoleInheritance(false, false);
        ctx.Load(site);
        ctx.ExecuteQuery();

        var roleAssignments = site.RoleAssignments;
        //Use below line, if you want to give access to a Group
        //var user_group = web.SiteGroups.GetByName("Site Members");
        var user_group = site.SiteUsers.GetByLoginName("i:0#.f|membership|admin@sptenant.onmicrosoft.com");

        var roleDefBindCol = new RoleDefinitionBindingCollection(ctx);
        // Add Role Definition i.e Full Controls, Contribute or Read rights etc..
        roleDefBindCol.Add(site.RoleDefinitions.GetByType(RoleType.Contributor));
        roleAssignments.Add(user_group, roleDefBindCol);
        ctx.Load(roleAssignments);
        site.Update();
        ctx.ExecuteQuery();
    }
}

Break Permission Inheritance in List Library:

The following C# code break the inheritance for a list library.
private static void BreakRoleInheritanceForList()
{
    string sitrUrl = "https://sptenant.sharepoint.com/sites/contosobeta";
    using (var ctx = new ClientContext(sitrUrl))
    {
        var web = ctx.Web;
        ctx.Load(ctx.Web, a => a.Lists);
        ctx.ExecuteQuery();

        List list = ctx.Web.Lists.GetByTitle("TestDocLibrary");
        //Stop Inheritance from parent
        list.BreakRoleInheritance(false, false);
        list.Update();
        ctx.ExecuteQuery();     
    }
}

Stop Permission Inheritance in List Item::

The following C# code stop the inheritance from parent for a particular list item.
private static void SetItemLevelPermissions()
{
    string sitrUrl = "https://sptenant.sharepoint.com/sites/contosobeta";
    using (var ctx = new ClientContext(sitrUrl))
    {
        var web = ctx.Web;
        ctx.Load(ctx.Web, a => a.Lists);
        ctx.ExecuteQuery();

        List list = ctx.Web.Lists.GetByTitle("TestDocLibrary");
        string documentName = "TextFile.txt";
        CamlQuery camlQuery = new CamlQuery();
        camlQuery.ViewXml = "" +documentName +
            "";
        var items = list.GetItems(camlQuery);
        ctx.Load(items, a => a.Include(i => i.HasUniqueRoleAssignments));
        ctx.ExecuteQuery();

        foreach (var listItem in items)
        {
            if (!listItem.HasUniqueRoleAssignments)
            {
                listItem.BreakRoleInheritance(false, false);
                ctx.ExecuteQuery();
            }
        }
    }
}
Read More...

Set List Item Level Permission using CSOM - C# in SharePoint

In this post, I am going to explain how to add SharePoint listitem level permissions programmatically by CSOM (Client Object Model) in C#. Sometimes we may have a business requirement to grant or set explicit permission for a particular list item. To add explicit permission, we need to first break the inheritance (stop inheriting permissions) of the particular document item, then we need to create Role Definition object (i.e Full Controls, Contribute or Read rights etc...), then need to add new RoleAssignment for user or group object and finally we need to update the ListItem object to finish the work.

You can use the following C# code to set sharepoint list item level permission for a particular user or group with csom (client object model).
public static void SetItemLevelPermissions()
{
    string sitrUrl = "https://sptenant.sharepoint.com/sites/contosobeta";
    using (var ctx = new ClientContext(sitrUrl))
    {
        var web = ctx.Web;
        ctx.Load(ctx.Web, a => a.Lists);
        ctx.ExecuteQuery();

        List list = ctx.Web.Lists.GetByTitle("TestDocLibrary");
        string documentName = "TextFile.txt";
        CamlQuery camlQuery = new CamlQuery();
        camlQuery.ViewXml = "" +documentName +
            "";
        var items = list.GetItems(camlQuery);
        ctx.Load(items, a => a.Include(i => i.HasUniqueRoleAssignments));
        ctx.ExecuteQuery();

        foreach (var listItem in items)
        {
            if (!listItem.HasUniqueRoleAssignments)
            {
                listItem.BreakRoleInheritance(false, false);
                ctx.ExecuteQuery();
            }

            var roleAssignments = listItem.RoleAssignments;
            //Use below line, if you want to give access to a Group
            //var user_group = web.SiteGroups.GetByName("Site Members");
            var user_group = web.SiteUsers.GetByLoginName("i:0#.f|membership|admin@sptenant.onmicrosoft.com");

            var roleDefBindCol = new RoleDefinitionBindingCollection(ctx);
            // Add Role Definition i.e Full Controls, Contribute or Read rights etc..
            roleDefBindCol.Add(web.RoleDefinitions.GetByType(RoleType.Contributor));
            roleAssignments.Add(user_group, roleDefBindCol);
            ctx.Load(roleAssignments);
            listItem.Update();                    
            ctx.ExecuteQuery();
        }
    }
}
Read More...

Thursday, 21 April 2016

Get AD User Home Directory using PowerShell

We can easily retrieve AD user's home directory path by using the Active Director powershell cmdlet Get-ADUser. In this post, I am going to write powershell script get home directory path for an ad user, users from specific OU and set of users from text file.

Before proceed run the following command to import Active Directory module.
Import-Module ActiveDirectory
The following command return the home directory path for the user Morgan.
Get-ADUser -Identity 'Morgan' -Properties sAMAccountName,HomeDirectory |`
   Select sAMAccountName,HomeDirectory
The following command find and list all the available users in AD.
Get-ADUser -Filter * -Properties sAMAccountName,HomeDirectory |`
  Select sAMAccountName,HomeDirectory

Get home directory for users from specific OU:

We can find and get a list of all users from a certain OU by setting target OU scope by using the parameter SearchBase. The following powershell command select home directory for all users from the Organization Unit 'TestOU'.
Get-ADUser -Filter * -SearchBase "OU=TestOU,DC=TestDomain,DC=com" `
 -Properties sAMAccountName,HomeDirectory | Select sAMAccountName,HomeDirectory

Export AD user details to CSV:

We can export all users details to csv file by using the powershell cmdlet Export-CSV.
Get-ADUser -Filter * -SearchBase "OU=TestOU,DC=TestDomain,DC=com" `
-Properties sAMAccountName,HomeDirectory | Select sAMAccountName,HomeDirectory |
 Export-CSV "C:\\UserHomeDirectory.csv" -NoTypeInformation -Encoding UTF8

Get home directory for set of users from text file:

Use the below powershell script to read the home directory path for set of users from text file. First create the text file Users.txt which includes one user name (samaccountname) in each line.
Get-Content "C:\Users.txt" | 
ForEach-Object {Get-ADUser $_ -properties sAMAccountName,HomeDirectory | 
 Select sAMAccountName,HomeDirectory } |
 Export-CSV "C:\\UserHomeDirectory.csv" -NoTypeInformation -Encoding UTF8
Read More...

SharePoint Online Site Usage Reports (Popularity Trends)

After the introduction of SharePoint 2013 server, now users can easily view the site usage reports from SharePoint site settings itself. We can generate set of usage reports via Excel, such as, number of views and unique users/visitors, number of queries, top queries by day and month, abandoned queries by day and month, etc..

Follow the below steps to get usage reports in sharepoint online/office 365:

1. Connect the sharepoint online site home page and click Site Settings under Settings gear icon in top-right corner.
SharePoint Online Site Usage and Popularity Trends

2. In Site Settings page, click on Popularity and Search Reports under Site Collection Administration and if you want site level usage report, click on Popularity Trends under Site Administration.

SharePoint Online Site Usage Reports and Popularity Trends

3. Now, click on any of the analytic report to download report as Excel file

SharePoint Online/2013 Site Usage Reports and Popularity Trends

Following usage and analytic reports are supported in both sharepoint online and on-premises (2013 and 2016):

Usage

This report shows historical usage information about the site collection, such as the number of views and unique users. Use this report to identify usage trends and to determine times of high and low activity.

SharePoint Online/2016 Site Usage Reports and Popularity Trends

Number of Queries

This report shows the number of search queries performed. Use this report to identify search query volume trends and to determine times of high and low search activity.

Top Queries by Day

This report shows the most popular search queries. Use this report to understand what types of information visitors are seeking.

Top Queries by Month

This report shows the most popular search queries. Use this report to understand what types of information visitors are seeking.

Abandoned Queries by Day

This report shows popular search queries that received low click-through. Use this report to identify search queries that might create user dissatisfaction and to improve the discoverability of content. Then, consider using query rules to improve the query's results.

Abandoned Queries by Month

This report shows popular search queries that received low click-through. Use this report to identify search queries that might create user dissatisfaction and to improve the discoverability of content. Then, consider using query rules to improve the query's results.

No Result Queries by Day

This report shows popular search queries that returned no results. Use this report to identify search queries that might create user dissatisfaction and to improve the discoverability of content. Then, consider using query rules to improve the query's results.

No Result Queries by Month

This report shows popular search queries that returned no results. Use this report to identify search queries that might create user dissatisfaction and to improve the discoverability of content. Then, consider using query rules to improve the query's results.

Query Rule Usage by Day

This report shows how often query rules fire, how many dictionary terms they use, and how often users click their promoted results. Use this report to see how useful your query rules and promoted results are to users.

Query Rule Usage by Month

This report shows how often query rules fire, how many dictionary terms they use, and how often users click their promoted results. Use this report to see how useful your query rules and promoted results are to users.
Read More...

Wednesday, 20 April 2016

Change List View Threshold in SharePoint Online

For SharePoint online the list view threshold limit be modified (the list view threshold is 5,000). You can modify this limit in SharePoint on-premises, but not Office 365. You will receive the following error message when selecting a view of a list which contains items more than threshold limit (5000):
The number of items in this list exceeds the list view threshold, which is 5000 items. 
Tasks that cause excessive server load (such as those involving all list items) are currently prohibited.
To overcome this issue, review the recommendations, techniques, and tips outlined in the “Ways to manage lists and libraries with many items” section of the “Manage lists and libraries with many items” guidance located at the following Microsoft website: Manage lists and libraries with many items

You can also checkout this thread: https://community.office365.com/en-us/f/148/t/79787
Read More...

The view cannnot be displayed because it exceeds the list view threshold

Problem

I am receiving the following error message when selecting a view of a document library which contains items more than threshold limit (5000):
This view cannot be displayed because it exceeds the list view threshold (5000 items) enforced by the administrator.
The problematic document library does not have an indexed column and we cannot create new index because of the threshold error.

Solution : Create Index Column in Threshold Limit reached List

To solve this problem, we should create index column in the problematic list. Follow the below steps to create index columns in the threshold limit reached list.
  • Login into Central Administration
  • Go to Application Management -> Manage Web Applications
  • Select web application that hosts your list.
  • In the ribbon above, select the General Settings and select Resource Throttling/li>
  • Now, you can reset the List View Threshold limit value into high value (i.e 10,000)
  • Click OK to save the changes
  • Now, create the indexes in your list for commonly used columns
  • Finally, revert the List View Threshold limit to default value (5000)

Read More...

How to change List View Threshold in SharePoint 2013 and Online

List View Threshold feature was created to set limits on how severely users can put the beat down on your servers. The List throttling states that you cannot have more than 5,000 items (by default) returned in your list view. When the list view threshold is reached in a particular list or library, users will see the friendly error message "This view cannot be displayed because it exceeds the list view threshold (5000 items) enforced by the administrator"

Change the List View Threshold Limit in SharePoint on-premise:

For on-premise SharePoint, we can easily change this limit through sharCentral Administration but it is not recommended unless you are 100% sure that it will not negatively affect your system.
  • Login into Central Administration
  • Go to Application Management -> Manage Web Applications
  • Select the Web application for which you want to change the LVT.
  • In the ribbon above, click General Settings. That will bring down a menu, from which you select Resource Throttling
  • Change the List View Threshold to another value and click OK

Change the List View Threshold Limit in SharePoint Online:

For SharePoint Online, the list view threshold is 5,000 which cannot be modified.

To work around this issue, review the recommendations, techniques, and tips outlined in the “Ways to manage lists and libraries with many items” section of the “Manage lists and libraries with many items” guidance located at the following Microsoft website: Manage lists and libraries with many items

You can also checkout this thread: https://community.office365.com/en-us/f/148/t/79787
Read More...

List View Threshold in SharePoint 2013 and Online

What is List View Threshold:

The List View Threshold states that you cannot have more than 5,000 items (by default) returned in your list view. This does not mean you can only have 5,000 items in a list. It means that when a user clicks into a list view, the number of items returned to the user should not exceed 5,000. One of the major reasons that this List View Threshold (LVT) feature was created is to protect the server from unintentional load that may either bring it down, or at least cause other users higher latency or failures. Changing this limit (default 5000) is quite simple in SharePoint 2013/2016, but it is not recommended unless you are 100% sure that it will not negatively affect your system.
Note: For SharePoint Online, the list view threshold is 5,000 which cannot be modified.

What will happen when the list view threshold limit is reached:

When the list view threshold is reached in a particular list or library, users will see the error message "The number of items in this list exceeds the list view threshold" instead of seeing the content they requested.

In SharePoint 2013/2016 server, you will see the below error message:
This view cannot be displayed because it exceeds the list view threshold (5000 items) enforced by the administrator.
In SharePoint Online, you will see the below error message:
The number of items in this list exceeds the list view threshold, which is 5000 items.
Tasks that cause excessive server load (such as those involving all list items) are currently prohibited.

How to change the list view threshold limit:

For on-premise SharePoint, we can easily change this limit through Central Administration but it is not recommended unless you have specific need.

Follow the below steps to set the list view threshold limit in SharePoint on-premise:
  • Login into Central Administration
  • Go to Application Management -> Manage Web Applications
  • Select the Web application for which you want to change the LVT.
  • In the ribbon above, click General Settings. That will bring down a menu, from which you select Resource Throttling
  • Change the List View Threshold to another value and click OK

For SharePoint Online, the list view threshold is 5,000 which cannot be modified.

To work around this issue, review the recommendations, techniques, and tips outlined in the “Ways to manage lists and libraries with many items” section of the “Manage lists and libraries with many items” guidance located at the following Microsoft website: Manage lists and libraries with many items

You can also checkout this thread: https://community.office365.com/en-us/f/148/t/79787
Read More...

Tuesday, 19 April 2016

Get external users list in Sharepoint Online using Powershell

We can use the SharePoint Online powershell cmdlet Get-SPOExternalUser to get a list of external users who has access to view or edit one of your site. This cmdlet can return external users in whole tenant or external users only belong to a specific site. Before proceed, run the following command to connect sharepoint online powershell module.
Connect-SPOService -Url https://mytenant-admin.sharepoint.com -credential admin@mytenant.com
The below command retutns all the external users in sharepoint online tenant.
Get-SPOExternalUser
You can set PageSize to specify the maximum number of users to be returned in the collection. The value must be less than or equal to 50. The below command returns first 20 external users in the collection
Get-SPOExternalUser -Position 0 -PageSize 20
The below command returns first 20 external users from second page.
Get-SPOExternalUser -Position 1 -PageSize 20
You can use filter option with this cmdlet to limit the results to only those users whose first name, last name or email address begins with the text in the string.

The following command returns the first 20 users whose name or email start with the string 'admin'.
Get-SPOExternalUser -Position 0 -PageSize 20 -Filter admin
You can get external users for a specific site by setting the siteurl with Get-SPOExternalUser cmdlet.
Get-SPOExternalUser -SiteUrl https://mytenant.sharepoint.com/sites/contosobeta
Read More...

Get external users list in Sharepoint Online

External Users:

An external user is someone outside of your organization who can access your SharePoint Online sites and documents but does not have a license for your SharePoint Online or Microsoft Office 365 subscription. External users are not employees, contractors, or onsite agents for you or your affiliates.

To view all the external users in a SharePoint online tenant, go to Office 365 Admin portal.

In the left side navigation, expand EXTERNAL SHARING and click External Users. Now, you can see the list of external domain users who are received invitations to access your sites and documents.

Get external users list in Sharepoint Online

Read More...

How to enable external sharing for Site Collection in SharePoint Online

If you anticipate to collaborate your content with any of your external vendors, clients or external partners, SharePoint online has feature called External Sharing. To achieve External Sharing, the first step as a SharePoint Online Administrator is to turn on external sharing. By turning on this feature, users outside of your organization can be invited to SharePoint Online to view or edit your document, list or site page.

Steps to enable enable external sharing for a Site Collection

You must be a SharePoint Online admin to configure external sharing for individual site collections. Site collection administrators are not allowed to change external sharing configurations.

1. Go to Office 365 Admin portal.
2. In the left side navigation, expand Admin and click SharePoint to connect the SharePoint online admin center.

How to enable external sharing for Site Collection in SharePoint Online

3. Click site collections, and check the box next to site collection that you want enable external sharing.
4. In the ribbon, click Sharing action.

How to enable external sharing in SharePoint Online

5. Now, check on of the sharing option and click Save button.

How to enable external sharing in SharePoint Online

That's all, now you can share any sites and documents under this site collection with external users.
Read More...