User Profile
helloitsliam
MVP
Joined 8 years ago
User Widgets
Recent Discussions
Cannot create Information Barrier Policy
Hi, I have created two segments within Information Barriers in Microsoft Purview. I have then tried to create a Policy that blocks one segment from the other using both the UI and PowerShell, but I get the same error every time. "Could not run the command New-InformationBarrierPolicy. Cause of the problem: The parameter(s) ModerationAllowed of the cmdlet New-ExoInformationBarrierPolicy is not allowed for the app 00000007-0000-0ff1-ce00-000000000000" Am I missing something? Is anyone else seeing this, or is it just me? Right now, I can create many policies at all.SolvedRe: Programmatic way to add a shortcut to OneDrive for users?
HansBrender Because of the limitation of the group policy, would like to script it out, as links in OneDrive, almost a pre-provision process. Users will of course add their own as they see fit, but for day one launch, there needs to be a few auto added. Just intrigued to know if API is available to do it yet.22KViews2likes0CommentsRe: Programmatic way to add a shortcut to OneDrive for users?
HansBrender From testing, the only issue I see is that the group policy piece did not work for communication sites, only for Team Sites. Can you confirm? Also no PowerShell or Graph API yet? Is that still the case? Thanks23KViews1like2CommentsRe: Restrict access to DWS.asmx and People.asmx on a Forms Based Authentication Site.
Hey Luis, hope you are well. Added some comments for you: 1. As an anonnymous user: I can go to _vti_bin/DWS.asmx, and see the contract of the services, according to the client thats a vulnerability, is it? Not really, as you cannot interact with it. To change that you can add web.config entries to make it so that it prompts for authetication when someoine trieds to access that. This is done using something like this where you are allowing Auth'd users and blocking Anonymous, or just set it to allow Auth'd users. Of course you need to test this: <location path="_vti_bin/DWS.asmx"> <system.webServer> <security> <authorization> <allow users="*" /> <deny users="?" /> </authorization> </security> </system.webServer> </location> 2. Same applies for people.asmx Same thing can be done here too. 3. When logged in as a Forms Based Authentication User, then with SOAPUI, those users can interact with the services, retrieveing information from users. This is expected behaviour, as you are authneticated user and should be able to call into the services to retrieve data. You could once again modify who can get access to the endpoints using the same approach but this time, restrict to specific groups, roles or even accounts. Using something similar to this: <add accessType="Allow" roles="Administrators" /> Hope this helps. Liam2.4KViews1like0CommentsUsing Apply-PnPProvisioningTemplate fails with Column '' does not exist
Hey, I am using SharePoint Online, simpoly using PnP-PowerShell to export the template from one site collection to another. No colums or content types are in the Content Type Hub, so synching them instead. Everything works fine at export, but then when I apply it, I get one specific field that says it does not exist or may have been deleted. Everything seems to go across but assume something is failing somewhere. Any tips on how to resolve?6.3KViews0likes6Comments
Recent Blog Articles
No content to show