UPDATE: Create Office 365 Groups with team sites from SharePoint home moving beyond First Release
We recently completed the worldwide rollout for Office 365 Groups getting full-powered SharePoint team sites at the end of January 2017. Our next step is to now bring the ability to create SharePoint team sites connected to Office 365 Groups from SharePoint home beyond First Release. This next phase of rollout will begin today, and is expected to reach all customers worldwide over the next month. We also wanted to share some of the additional capabilities we’ve added to group-connected team sites since we first began roll out to First Release. No matter where you create an Office 365 Group from – whether SharePoint, Outlook, Microsoft Teams, Yammer, or elsewhere – you consistently get the full collaborative power of a connected SharePoint Online team site among the other services groups provides (shared inbox, shared calendar, Planner plan, team notebook, and more). This move beyond First Release includes the capabilities described in our November blog post: Fast creation of sites connected to Office 365 Groups from the SharePoint home page Editable team site home pages that look great at your desk and on your phone Modern creation panels for new libraries and lists In-place navigation editing Site settings panels for editing site information and site permissions Modern page creation in classic sites Admin controls for team site creation The site permissions panel listed above has been enhanced to include options for adding members to the site’s Office 365 Group or simply sharing only the team site without providing access to other group resources. The panel is intended to provide simple permissions management, but also includes a link to ‘Advanced permission settings’ for site owners that have a need to do things like add custom SharePoint permissions & mappings. Note this panel also allows you to add users or groups to the ‘Site Visitors’ permissions group, so it is easy to provide read-only access to the site. All you need to do is add a new person or group via the ‘Invite people’ button, and then change their permission level to ‘Read’. The user or group’s permission level determines which permission group they appear under – those with ‘Read’ permission will appear in the ‘Site Visitors’ category. Managing group-connected team sites Since new team sites are connected to Office 365 Groups, managing them involves possible interactions with Office 365 Group settings in addition to those provided by SharePoint. Examples include settings that apply to groups such as whether group creation is allowed in the tenant, which users are permitted to create groups, usage guidelines URL or group classification labels. Once the group-connected site is created, management of the site is likewise split between Azure Active Directory (AAD) PowerShell cmdlets and the SharePoint Online Management Shell. Anything dealing with creation, deletion, un-delete (restore) or membership happens through AAD. SharePoint-specific management, such as storage quota and link sharing policies, take place using the SharePoint management tools. For governing modern site creation, this support page details the administrative controls, but is useful to summarize the relationship between a group’s policy settings and how the SharePoint ‘Create site’ experience behaves. By default, if group creation is enabled in the tenant, the ‘Create site’ command will appear on SharePoint home, and if a user is permitted to create groups they will get the site creation experience. If the user is *not* permitted to create groups, they will get the classic self service provisioning experience that results in the creation of a subsite. The table below describes how the combination of group and site creation settings work together: * The current user is considered to have group creation permissions if the AAD property EnableGroupCreation is true, or it is false but the user is a member of the security group assigned to the GroupCreationAllowedId AAD property. ** Site creation is enabled via SharePoint Admin Center under Site creation settings: In addition to managing site creation, we are also enabling the SharePoint Online PowerShell cmdlets to administer modern, group-connected site collections. This means that modern team site collections can now be enumerated with the Get-SPOSite cmdlet with the following example: Get-SPOSite -Template GROUP#0 -IncludePersonalSite:$false Most parameters for these site collections can also be set using the Set-SPOSite cmdlet, with the exception of those that would result in breaking connection with their corresponding Office 365 Group (e.g. you cannot set the Owner property using this cmdlet – you would need to set the Group’s owners via AAD). Please refer to the respective documentation for each of the above cmdlets for additional details. For more information on using PowerShell to manage Office 365 Groups, this article may be helpful as well. What else is new? In addition to the above, this phase of the rollout includes a couple of previously unannounced capabilities. The first is a group membership management experience that lives in SharePoint itself. Now, when you click on the member count of the group in the site header, you will be presented with a new group membership panel that allows you to add members and change their roles between owners and members, or remove them outright. Users will no longer need to jump to Outlook to manage the group’s membership. The second is Content Type Hub syndication – modern sites can now consume content types that have been published from a central content type hub. We heard feedback that this is an important feature to enable, and we are including it in this rollout. As noted above, this rollout will take place over the course of a few weeks. We are very excited for you to take advantage of modern, connected team sites and look forward to any feedback or questions you may have. As always, please ask in a reply to this thread. Thanks, Tejas
Site Collection Admin for over quota ODfB
As a Global Admin I went to help a user with an A1 license where the ODfB had been set with a quota of 100GB (Microsoft's new A1 storage quotas - ref https://techcommunity.microsoft.com/t5/education-blog/program-updates-in-microsoft-365-for-education/ba-p/3885932). Because the ODfB was "over quota", I was unable to add a new Site Collection Admin. So I can't see what is using up the space and therefore am unable to assist the user. I tried adding the global admin acount via the SharePoint User Profile element in SharePoint admin centre but this failed with a "No Space" message. Given that we soon won't be able to extend an A1 licensed user's quota beyond the 100GB enforced MS quota, how are we supposed to assist users if we cannot add a global admin / sharepoint admin account to the collection admins to assist the user in getting their usage under quota? SharePoint admins / Global Admins should still be able to add themselves to view a OneDrive to assist a user in getting their usage under control.The Future of SharePoint - 7 videos - Demos and tours from the May 2016 announcement
Foundation for the Future: SharePoint Server 2016 Your Intranet in Your Pocket: The SharePoint mobile app The Mobile and Intelligent Intranet: SharePoint sites and PowerApps Effortless File Sharing on Any Device: OneDrive for Business and SharePoint Security, Privacy and Compliance for SharePoint and OneDrive for Business Accelerating Innovation with Hybrid: SharePoint Server 2016 and Office 365 Open and Connected Platform: The SharePoint Framework
SharePoint Security and Compliance Updates [VIDEO]
Principal engineer and SharePoint security expert, Navjot Virk to demonstrate security and compliance updates in SharePoint. Conditional access controls to safeguard against insecure networks and devices. Data governance capabilities for site classification. Unified auditing within hybrid environments.
Major Data Breach Possibility - SharePoint Retention Policy includes Team Channel Sites (Orphaned)
This post is to highlight a serious issue with regards to one of the static Retention Policy templates that includes Microsoft Teams Shared and Private Channels which can ultimately leave the Channel sites orphaned when you delete the Microsoft Team, and ultimately lead you to a potential data breach. Due to this issue, we identified almost six hundred orphaned Channel sites in our tenant. I've provided full details in the SharePoint Feedback forum so Microsoft customers are aware of the issue and hopefully we can get Microsoft to fix it urgently. Major Data Breach Possibility - SharePoint Retention Policy includes Team Channel Sites (Orphaned Channel Sites) · Community
SharePoint permission group expiration
Please consider creating an expiration property for SharePoint permission groups. This would be especially handy in the university setting for SharePoint groups which are created for research projects and classes. Since SharePoint groups can be created by mortals (site owners), this setting could be added/edited without intervention from O365 admins. Thank you! --Susan Pierce University of Texas Arlington
Restore default SharePoint groups (Owners, Members, Visitors)
Hello All, I just learned how to restore the deleted default SharePoint access groups: Owners, Members, Visitors. For those still looking for a way to do this: just open <siteurl>/_layouts/15/permsetup.aspx, and you will be offered to create them or select existing ones. Click OK and you are done. The part I am stuck is, how to assign these groups to the items with broken inheritance? I have already pulled a report and identified 39 items (files and folders) with custom permissions, do I just go to each and assign the 3 groups, or is there a better way to do it? I appreciate your help in this. Regards, AdrianCustomize Default Sharing options per Site Collection
Noticed this sitting in Admin messages just now. Have one reaction to it :). New feature: Customized Sharing Defaults per SharePoint Site Collection MC138254 Stay Informed Published On : May 16, 2018 In SharePoint Online, Default sharing link types and Default sharing link permissions are now available to be customized per site collection. We’ve begun rolling this out now, and it will be available worldwide by the end of June. While our goal is to ensure we notify you in advance of upcoming changes, we acknowledge we did not provide timely notice for this change. We will continue to look for ways to improve our notifications. This message is associated with Office 365 Roadmap ID https://products.office.com/business/office-365-roadmap?filters=&featureid=30568. How does this affect me? You can now configure the default link type and default link permission for your users in SharePoint Online and OneDrive for Business. With this change, you may now further customize the default sharing settings on a per site collection basis. These settings may be set via the classic SharePoint admin center or viahttps://support.office.com/article/introduction-to-the-sharepoint-online-management-shell-c16941c3-19b4-4710-8056-34c034493429?. What do I need to do to prepare for this change? There is nothing you need to do to prepare for this change. Please click Additional Information to learn more. https://support.office.com/article/change-the-default-link-type-when-users-get-links-for-sharing-81b763af-f301-4226-8842-8d13bd07face
SharePoint Online Preview What a Guest User Sees
Hello, Is it possible for a Site Owner to be able to preview what a Guest in a SharePoint site can see what they visit a site? Currently, a customer I am working with only allows Guest users from a limited number of domains, and a Site Owner has asked if it possible to be able to preview what they actually see when they visit the site. Seems a simple ask, but cannot find the setting anywhere
