Forum Widgets
Latest Discussions
Abnormal FileRef for document library file
Hi, we found an abnormal api behavior when attempting to get file with sharepoint api When we use sharepoint api https://ferociagroep.sharepoint.com/sites/****************/_api/Web/Lists(@lid)/Items(@iid)?@lid=guid%27****************%27&@iid=****************&$select=FileRef to get file, we found the FileRef as below: /sites/*******************/_vti_rb/0/19386/Berekening Inlenersbeloning en salaris/Berekening salaris Rishi Djairam .docx However, the site root is supposed to be /sites/*******************/document, instead of the _vti_rb, does anyone what is _vti_rb? Thank you, Best regards, Ethan Fang
Sharepoint online vermeer packet calls failing against sharepoint online
I am troubleshooting a very old sharepoint integration program we have. We make calls against sharepoint to place documents in it. And we use a very old sharepoint api (Vermeer packets) This is using some very old code that was originally for on-prem sharepoint but which we have patched over the years to work with sharepoint online. We're finding that with one particular customer that we're getting 500 errors along with the text "Operation is not valid due to the current state of the object." when making calls like I'll show below the break. Now this all works in dozens of other customer installs (yes even sharepoint 365 ones). I'm wondering if there are any sharepoint settings anyone knows about that might cause issues like this. Some type of security hardening switch that may have been flipped to dissallow calls like this? It may very well be that MS doesn't allow calls like this anymore in newer environments but that the older ones are grandfathered in. I'd love to see some type of documentation about something like that, but have found none so far. Below is the call and response I'm getting --- We make the http call POST https://CUSTOMER.sharepoint.com/_vti_bin/shtml.dll/_vti_rpc HTTP/1.1 Content-Type: application/x-www-form-urlencoded X-Vermeer-Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/4.0 (compatible; MSIE 4.01; windows NT; MS Search 6.0 Robot) Host: esrtcloud.sharepoint.com Content-Length: 46 Cache-Control: no-cache method=url+to+web+url:6.0.2.5420&url=/&flags=0 And Receive the response HTTP/1.1 500 Internal Server Error Content-Length: 62 P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 1,525568,0,3568,358383,0,228305,6 IsOCDI: 0 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: 96d380a1-00cc-8000-1d92-1db10c88e0c6 request-id: 96d380a1-00cc-8000-1d92-1db10c88e0c6 MS-CV: oYDTlswAAIAdkh2xDIjgxg.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=00000000-0000-0000-0000-000000000000&destinationEndpoint=Edge-Prod-EWR31r5b&frontEnd=AFD&RemoteIP=64.20.162.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com teams.cloud.microsoft *.office365.com goals.cloud.microsoft *.powerapps.com *.powerbi.com *.yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft *.officeapps.live.com *.office.com *.microsoft365.com m365.cloud.microsoft *.cloud.microsoft *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com http://onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com; SPRequestDuration: 11 SPIisLatency: 1 X-Powered-By: http://ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25722 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 203E3FC24FC84560B6FBE9F468E72B68 Ref B: EWR311000104035 Ref C: 2025-02-12T16:44:53Z Date: Wed, 12 Feb 2025 16:44:52 GMT Operation is not valid due to the current state of the object. For comparison, a successful response to the call looks like this HTTP/1.1 200 OK Server: Microsoft-IIS/10.0 Date: Wed, 12 Feb 2025 20:45:51 GMT Connection: close Content-type: text/html; charset=utf-8 <html><head><title>vermeer RPC packet</title></head> <body> <p>method=url to web url:6.0.2.5420 <p>webUrl=/ <p>fileUrl= </body> </html>
401 unauthorised for ExecuteQuery in sharepoint CSOM
Hi, I am trying to connect the sharepoint site with client id and secret but getting 401 unauthroised error while hitting the executequery() method. While doing app registrations both Microsoft graph and share point API permissions with full site control has been given including trusted the app through appinv.aspx. Still getting 401 unauthorised error. Since ACS is retiring, do we need to follow any other permissions for share point level site access. The same execute query is working fine for client id, certificate combination. But not working for client id and secret. static void Main(string[] args) { var authManager = new AuthenticationManager("***************************", "C:\\Program Files\\OpenSSL-Win64\\bin\\certificate.pfx", "*******", "********.onmicrosoft.com"); using (var cc = authManager.GetContext("https://****.sharepoint.com/sites/****")) { cc.Load(cc.Web, p => p.Title); cc.ExecuteQuery(); Console.WriteLine(cc.Web.Title); ListCollection listCollection = cc.Web.Lists; cc.ExecuteQuery(); // this is working fine }; // Replace with your SharePoint Online details string siteUrl = "****************************"; string tenantId = "***************************"; string clientId = "********************************"; string clientSecret = "******************************"; // App secret try { using (var context = GetClientContextWithOAuth(siteUrl, tenantId, clientId, clientSecret)) { // Example: Retrieve web title Web web = context.Web; context.Load(web, w => w.Title); context.ExecuteQuery(); // this is throwing 401 unauthorized error Console.WriteLine("Connected to: " + web.Title); } } catch (Exception ex) { Console.WriteLine("Error: " + ex.Message); } } private static ClientContext GetClientContextWithOAuth(string siteUrl, string tenantId, string clientId, string clientSecret) { // Azure AD OAuth 2.0 endpoint string authority = $"https://login.microsoftonline.com/*******************"; // Use MSAL to acquire an access token var app = ConfidentialClientApplicationBuilder.Create(clientId) .WithClientSecret(clientSecret) .WithAuthority(new Uri(authority)) .Build(); var authResult = app.AcquireTokenForClient(new[] { $"{siteUrl}/.default" }).ExecuteAsync().Result; if (authResult == null) { throw new Exception("Failed to acquire the access token."); } // Use the access token to authenticate the ClientContext var context = new ClientContext(siteUrl); context.ExecutingWebRequest += (sender, e) => { e.WebRequestExecutor.WebRequest.Headers["Authorization"] = "Bearer " + authResult.AccessToken; }; return context; }
How to Get the Correct Client ID for Graph API Authentication in SPFx Without Forcing Login?
Hello everyone, I'm trying to connect my SPFx web part to the Microsoft Graph API in the most modern and seamless way possible, avoiding any additional login prompts for the user. Here's the setup I'm currently using: _graph = graphfi().using(graphSPFx(context as ISPFXContext)); It's crucial for me to retrieve all the Graph API credentials directly from the SharePoint context to ensure a seamless experience for users. However, I'm encountering a 400 error when trying to acquire the token: AADSTS500011: The resource principal named 806f609a-6160-4235-ab06-91c8fe86ccee was not found in the tenant named ***. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant... The issue here is that the clientId mentioned (806f609a-6160-4235-ab06-91c8fe86ccee) does not exist in our tenant's Azure AD, and it never has. From my research, this seems like some kind of fallback client ID from Microsoft. The only way I can get it to work is by explicitly adding the correct clientId manually like this: _graph = graphfi().using(graphSPFx(context as ISPFXContext)).using(MSAL({ authParams: { scopes: [...] }, configuration: { auth: { clientId: "CORRECT_CLIENT_ID", // copied from AD authority: "https://login.microsoftonline.com/{tenantId}" }, cache: {...} } })); However, this approach causes a redirect or popup prompt, often requiring users to use multi-factor authentication on their mobile devices. My goal is to avoid this entirely. Questions: How can I retrieve the correct clientId directly from the SharePoint context? The context itself doesn't seem to expose what client ID is being used to authenticate to the Graph API. Is there any way to handle this without modifying the context or forcing a re-login? Why does SharePoint seem to be using this "mysterious" fallback client ID that doesn't exist in the tenant? I've looked at multiple tutorials, but most of them are outdated by several years (some over 8 years old). Even following those tutorials results in the same error when testing in the Workbench or after deployment. Does anyone know a way to address this issue without combing through outdated documentation? I’d appreciate any guidance or insights! Thank you in advance! Best regards, MarioManaged metadata showing up randomly in lists (might be PnP Provisioning related)
Dear people, I have SharePoint sites with a lot of lists each containing a couple of managed metadata columns. The sites are defined in a template and get rolled out via PnP provisioning. I did that many times before and never had this: The lists show a weird behavior: some items get randomly the value of a specific managed metadata (it's always the same). None of the columns have set a default value. All lists have only list content types - no site content types. The lists where the metadata shows up don't even have a column where this metadata is set. I was suspecting the -1 setting in the default value in the columns to connect to the Hidden Taxonomy List so I removed all default values. But the issue persists. Has anyone ever experienced this? Thank y'all!In SharePoint we have "Everyone except external users" AD Group but can't be synced by SCIM
We are using SharePoint online and SharePoint server 2016, 2019, subscription edition and we are seeing some issues and Azure AD. I have synced a customer's Azure AD using SCIM . Also synced SharePoint site in a SharePointCustomApp that we have using SharePoint APIs. Now for SharePoint we get pages with ACL for groups and one of the group's name is "Everyone except external users". All the pages have groups associated and they are federated from Azure AD and we found all groups. However "Everyone except external users" group cannot be synced via IDC SCIM protocol. Other groups we are able to sync properly(can get its members). Our other customers are also facing same issue for this "Everyone except external users" group. We need this group ("Everyone except external users") also to return proper members.
Unable to edit Sharepoint list item - Invalid date-time value
Hi. I've run into a weird problem with one of my Sharepoint lists. When trying to edit any field in said list, I get the following error: Invalid date-time value. The only "Date and time" columns in my list are the default Created and Modified columns. When I added these fields to the list view the dates are in the following format: 2022-10-27T09.09.14Z I have added a new item to the list on 27.10.2022 and had no problems adding that, so this issue is pretty new. Other lists can be edited on the site just fine, and their Created/Modified Columns are displayed in a different format (Yesterday, May 9 etc..). Any clues as to what could be causing this issue or how to fix it would be appreciated. I would've included pictures, but am unable to post them (probably because I've just signed up). Thanks in advance, aapok
