Project Professional 2024 and Project Server SE OIDC Authentication Issue
Hi all, I have setup a Project Server SE Environment (SharePoint and Project Server Subscription Edition) and configured Custom Open Id Connect Server as Trusted Identity Provider. Everything worked perfectly in the Project Server part from authenticating (redirecting the user to the Open Id connect server for authentication) to everything else except when I open the schedule in Microsoft Project Professional 2024 at first it opens the embedded web browser that it gives me that it can't load jQuery and Bootstrap JS files and CSS and after I enter my credentials it gives me SharePoint Error Page here is a video showing the error unfortunately, I can't upload the logs here if anyone needs it let me know how to send it to him
SharePoint Online REST API using Azure Function Managed Identity
I have created an Azure Function which uses .NET Core 8.0. and i enabled its managed identity:- also i accessed the azure function from "Enterprise Application", and i copied its AppID:- Then i run those commands as per this official documentation for Microsft @ https://learn.microsoft.com/en-us/sharepoint/dev/apis/webhooks/sharepoint-webhooks-using-azd-template#grant-the-function-app-access-to-sharepoint-online :- # This script requires the modules Microsoft.Graph.Authentication, Microsoft.Graph.Applications, Microsoft.Graph.Identity.SignIns, which can be installed with the cmdlet Install-Module below: # Install-Module Microsoft.Graph.Authentication, Microsoft.Graph.Applications, Microsoft.Graph.Identity.SignIns -Scope CurrentUser -Repository PSGallery -Force Connect-MgGraph -Scope "Application.Read.All", "AppRoleAssignment.ReadWrite.All" $managedIdentityObjectId = "******" # 'Object (principal) ID' of the managed identity $scopeName = "Sites.Selected" $resourceAppPrincipalObj = Get-MgServicePrincipal -Filter "displayName eq 'Office 365 SharePoint Online'" # SPO $targetAppPrincipalAppRole = $resourceAppPrincipalObj.AppRoles | ? Value -eq $scopeName $appRoleAssignment = @{ "principalId" = $managedIdentityObjectId "resourceId" = $resourceAppPrincipalObj.Id "appRoleId" = $targetAppPrincipalAppRole.Id } New-MgServicePrincipalAppRoleAssignment -ServicePrincipalId $managedIdentityObjectId -BodyParameter $appRoleAssignment | Format-List and this command, on the Analytics site:- Connect-PnPOnline -Url "https://YOUR_SHAREPOINT_TENANT_PREFIX.sharepoint.com/sites/analytics" -Interactive -ClientId "YOUR_PNP_APP_CLIENT_ID" Grant-PnPAzureADAppSitePermission -AppId "****" -DisplayName "YOUR_FUNC_APP_NAME" -Permissions Manage Everything went well, then I verify the above for the Analytics site, as follow:- here is my code inside Azure Function, to get the items inside a list named "Call Transfer Log Data":- accessToken = await GetJwtTokenUsingSystemManagedIdentity(); try { string siteUrl = "https://***.sharepoint.com/sites/analytics"; string listName = "Call Transfer Log Data"; string tenant = "****"; string site = "analytics"; string listTitle = "Call Transfer Log Data"; siteUrl = $"https://{tenant}.sharepoint.com/sites/{site}"; string apiBaseUrl = $"{siteUrl}/_api/web/lists/GetByTitle('{listTitle}')/items"; var httpClient = new HttpClient(); httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken); httpClient.DefaultRequestHeaders.Accept.ParseAdd("application/json;odata=verbose"); string filterDate = DateTime.UtcNow.AddDays(-120).ToString("yyyy-MM-ddTHH:mm:ssZ"); string requestUrl = $"{apiBaseUrl}?$filter=Modified ge datetime'{filterDate}'&$top=100&$orderby=Modified desc"; bool hasMore = true; int page = 1; List<CallTransferLogData> responseContent = new List<CallTransferLogData>(); while (hasMore) { Console.WriteLine($"Fetching page {page}..."); var request = new HttpRequestMessage(HttpMethod.Get, requestUrl); var response = await httpClient.SendAsync(request); Console.WriteLine("Raw response "); Console.WriteLine(response); string content = await response.Content.ReadAsStringAsync(); using JsonDocument doc = JsonDocument.Parse(content); Console.WriteLine($"Parse doc {page}..."); Console.WriteLine("Raw response content:"); Console.WriteLine(content); var root = doc.RootElement.GetProperty("d"); Console.WriteLine($"Building Root {page}..."); // Process results foreach (var item in root.GetProperty("results").EnumerateArray()) {//code goes here;; }//end of try private static async Task<string> GetJwtTokenUsingSystemManagedIdentity() { string resource = "https://****.sharepoint.com/.default"; var credential = new DefaultAzureCredential(); var tokenRequestContext = new TokenRequestContext(new[] { resource }); var token = await credential.GetTokenAsync(tokenRequestContext); Console.WriteLine("Toekn is " + token.Token) ; return token.Token; } but the content will be {"error_description":"ID3035: The request was not valid or is malformed."} the full response will be:- 2025-04-22T16:31:38Z [Information] StatusCode: 401, ReasonPhrase: 'Unauthorized', Version: 1.1, Content: System.Net.Http.HttpConnectionResponseContent, Headers: 2025-04-22T16:31:38Z [Information] { 2025-04-22T16:31:38Z [Information] Cache-Control: private 2025-04-22T16:31:38Z [Information] Server: Microsoft-IIS/10.0 2025-04-22T16:31:38Z [Information] X-NetworkStatistics: 0,********0 2025-04-22T16:31:38Z [Information] x-ms-diagnostics: 3001000;reason="There has been an error authenticating the request.";category="invalid_client" 2025-04-22T16:31:38Z [Information] IsOCDI: 0 2025-04-22T16:31:38Z [Information] X-DataBoundary: NONE 2025-04-22T16:31:38Z [Information] X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ 2025-04-22T16:31:38Z [Information] X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ 2025-04-22T16:31:38Z [Information] SPRequestGuid: 4***2 2025-04-22T16:31:38Z [Information] request-id: 4***2 2025-04-22T16:31:38Z [Information] MS-CV: o****/Q8g.0 2025-04-22T16:31:38Z [Information] SPRequestDuration: 56 2025-04-22T16:31:38Z [Information] SPIisLatency: 2 2025-04-22T16:31:38Z [Information] X-Powered-By: ASP.NET 2025-04-22T16:31:38Z [Information] MicrosoftSharePointTeamServices: 16.0.0.26002 2025-04-22T16:31:38Z [Information] X-Content-Type-Options: nosniff 2025-04-22T16:31:38Z [Information] X-MS-InvokeApp: 1; RequireReadOnly 2025-04-22T16:31:38Z [Information] P3P: CP="ALL ****" 2025-04-22T16:31:38Z [Information] WWW-Authenticate: Bearer realm="e****20",client_id="00000003-******00-000000000000",trusted_issuers="00000001-0000-0000-c000-000000000000@*,D****@*,https://sts.windows.net/*/,https://login.microsoftonline.com/*/v2.0,00000003-0000-0ff1-ce00-000000000000@***b",authorization_uri="https://login.microsoftonline.com/common/oauth2/authorize" 2025-04-22T16:31:38Z [Information] Date: Tue, 22 Apr 2025 16:31:36 GMT 2025-04-22T16:31:38Z [Information] Content-Length: 74 2025-04-22T16:31:38Z [Information] } Also when i decode the token, i got those valid claims for all the properties.. So why the code is not working? Thanks
SharePoint Activity w/PowerShell vs Purview
Hello everyone, Any insight would be very helpful; I am doing a huge companywide SharePoint clean. Most of them are Microsoft 365 groups so later I will need to check mailbox activity, OneNote, Teams, Yammer and so forth. For now, I am looking over the SharePoint activity. Snippet of PowerShell: $results = Search-UnifiedAuditLog ` -StartDate $startDate ` -EndDate $endDate ` -RecordType SharePoint ` -ObjectId $siteUrl ` As shown above I am checking all SharePoint activity. I am not filtering by ANY operation so in theory it should show me all "Operations". However, I am beginning to think there may be limitations to "Operations". One site for example only showed "GroupUpdated" operations for a specific site when I ran the PowerShell script but when I run the same audit on Microsoft Purview this same site shows more entries with for example "Added user or group to SharePoint group". In the snippet of PowerShell above I am excluding "-ResultSize 5000". I understand that the limitation is a result of 5000. When I discovered "-ObjectId $siteUrl" I began to receive an error regarding ResultSize so I no longer include it. Even the most popular sites only show a max of 100 entries. I am assuming how it works is I am pulling 5000 results and then it is filtered by the "ObjectId". I have two suspicions: Because the result size is so small it is possible that I am missing info for each site because there have been well over 5000 actions across all sites in the last 180 days. I may consider changing the code to rerun itself individually for each day or few days samples. Then again for the few days before those days. Basically, to be able to pull all entries for the last 180 days but splitting it into multiple runs where I feed different dates in. Not necessarily an issue but does not feel like it would be the best idea. There has to be a better way. Another potential idea I had was filtering by operations, like "PageViewed" to track SharePoint activity. There may be a limitation to the operations available to retrieving activity when running a script. However, I believe this is less likely since from everything I have seen there is more info/data overall available with PowerShell over Microsoft Purview. Please let me know your thoughts!
Unable to Add Tabs to Chats Consistently in Teams via GraphAPI
Expected Behavior: Tabs should be consistently added to chats when using the Graph API, provided all necessary permissions and conditions are met.Description We are encountering an issue when using the Microsoft Graph API to create chats and install apps and tabs in Microsoft Teams. While we have the necessary permissions, the process of adding a tab to a chat works intermittently. Sometimes the tab is successfully added, but most of the time it fails, even though the app is installed correctly, with the following error: Failed to execute MsGraph backend request GetUserLicenseDetailsS2SRequest. Workload MsGraph_DirectoryServices. Request Url: https://graph.microsoft.com/v1.0/users/c0cfdd6b-d64d-42e1-8111-0881725f68ff/licenseDetails?$select=skuId,skuPartNumber,servicePlans, Request Method: GET, Response Status Code: NotFound, Response Headers: Strict-Transport-Security: max-age=31536000\r\nrequest-id: c86b5fbd-4224-486b-8f3e-8ad3f561a377\r\nclient-request-id: c86b5fbd-4224-486b-8f3e-8ad3f561a377\r\nx-ms-ags-diagnostic: {\"ServerInfo\":{\"DataCenter\":\"North Europe\",\"Slice\":\"E\",\"Ring\":\"4\",\"ScaleUnit\":\"011\",\"RoleInstance\":\"DB1PEPF00075073\"}}\r\nx-ms-resource-unit: 1\r\nDate: Tue, 22 Apr 2025 09:47:03 GMT\r\n, Reason Phrase: Not Found, Request ID 1F9FFBD00A5F489E9B7CABDCFB857858. Reproduction steps: Create an AAD App registration with required application permissions (to install apps and manage tabs in chats), ie at least the following: TeamsAppInstallation.ReadWriteAndConsentForChat.All TeamsTab.ReadWriteForChat.All Create a Teams application with a static tab with "groupChat" scope Install app in chat: POST https://graph.microsoft.com/v1.0/chats/:chatId/installedApps with body below Add (pin) tab to chat: POST https://graph.microsoft.com/v1.0/chats/:chatId/tabs with body below {"email address removed for privacy reasons" : "https://graph.microsoft.com/v1.0/appCatalogs/teamsApps/{{AppId}}"} Expected Behavior: Tabs should be consistently added to chats when using the Graph API, provided all necessary permissions and conditions are met. Current Behavior: The process of adding tabs to chats is unreliable. Sometimes the tab is added, but most times, the request fails without clear reasoning. All required permissions appear to be in place since it works occasionally. Note that this issue started to occur at the beginning of the month, around the 8th of April apparently, has anything changed around this date? Also note I also found traces of this issue in our logs but it is apparently resolved now.Power Query Dropping Decimals with Accounting Format
I'm encountering what seems like a bug in Power Query. I have a table with data that contains numbers with more than 4 decimal places. When this data is in the Accounting format, Power Query is only picking up 4 decimal places, even if the Query is formatting the data is Decimal Number (Changed Type). When the data is formatted as Number, Power Query is able to pick up all decimal places (Some numbers have 10+ decimals) Is this normal behavior? I would like to use the Accounting format because it looks cleaner, but obviously I cannot sacrifice data accuracy. It is also very illogical to have a format labeled "Accounting" only hold 4 decimal places when passed through Power Query I did try restarting Excel multiple times, refreshing queries, the only thing that resolved it was changing the local format to Number.
Set work location via API (Graph?)
Hey community! The new work hours and location feature is rolling out for Outlook and Teams: Work Hours and Location in Outlook for Efficient Collaboration (admindroid.com) Does anyone know who to read and write this information (especially the location) via API / Microsoft Graph? This is a nice feature and we would like to set this programmatically. Thank you very much! Best regards, Jens
Linking Access to Excel does not work
I have created a simple Access that is connected to a linked table to an Excel file as a data source. I can run the Access without any problems. It accesses the data and everything is fine. But when my colleague wants to run the Access, she gets the following error message "Microsoft Access “C:\Users\User\ [Source Path] .xlsx” is not a valid path. Please ensure that the path is entered correctly and that you are connected to the server where the file is located." We use OneDrive/SharePoint in our company and the colleague has access to the folder where the Excel and Access files are located. But it doesn't work. I think it's the path, as it seems to be local. But I don't understand why. This Access in turn serves as a source for another Excel (the target file). There it has a similar error message: ‘’Microsoft Excel [DataFormat.Error] “ [File Name] .accdb” is not a valid path. Please ensure that the path is entered correctly and that you are connected to the server where the file is located." I can open and run both the Access and the target Excel without any problems. Thanks a lot in advance. I appreciate your help a lot.Access changing lettercase - redux
This has probably been beaten to death, but I'm fuming, so here goes. I want Microsoft to DO SOMETHING to help. Access has the highly annoying habit of changing lettercase on identifiers, seemingly at random. This is a real pain when using add-ins like MSAccessVCS, which makes it possible to use git for source code control. Here' what I've deduced is happening: There exists a dictionary/symbol-table containing every identifier used in a project. The symbol table contains ALL identifiers, including those defined by MSAccess, referenced libraries, and your code. Searching that table is case-insensitive, but it stores the canonical version of the identifier with case preserved. Normally, when you type an identifier that already exists in the table, the VBA editor "corrects" the lettercase of your entry to match the table's entry. The extremely annoying part is that sometimes that last step works in reverse. You type an existing identifier, but with a different lettercase. Instead of correcting what you typed to match the table, it instead updates the table with the version you typed, and decides that's the way future and existing identifiers should be spelled. Here's a recent example. I tried to create a class module constructor (Class_Initialize) but typed it "class_initialize" implicitly expecting that the VBA editor would "fix" it. Instead, it updated the symbol table and set the canonical lettercase to the all-lowercase version... and then proceeded to change the lettercase on the Class_Initialize() method in all my class modules. It has now decided the canonical lettercase is "class_initialize" and that's what it "corrects" to from now on. Of course, when I did the next MSAccessVCS export, git showed a bunch of unwanted (but cosmetic) changes. This pollutes the changeset and makes source control more difficult. THIS. IS. A. BUG. My workaround is, when starting a checkin, I go through the list of changes and group all such changes into one commit called "VBA Artifacts". But come on, this shouldn't be necessary. At least let us know WHY this happens, and give us some control of the process. A way to specify/correct the canonical casing would help.
