Sharepoint online vermeer packet calls failing against sharepoint online
I am troubleshooting a very old sharepoint integration program we have. We make calls against sharepoint to place documents in it. And we use a very old sharepoint api (Vermeer packets) This is using some very old code that was originally for on-prem sharepoint but which we have patched over the years to work with sharepoint online. We're finding that with one particular customer that we're getting 500 errors along with the text "Operation is not valid due to the current state of the object." when making calls like I'll show below the break. Now this all works in dozens of other customer installs (yes even sharepoint 365 ones). I'm wondering if there are any sharepoint settings anyone knows about that might cause issues like this. Some type of security hardening switch that may have been flipped to dissallow calls like this? It may very well be that MS doesn't allow calls like this anymore in newer environments but that the older ones are grandfathered in. I'd love to see some type of documentation about something like that, but have found none so far. Below is the call and response I'm getting --- We make the http call POST https://CUSTOMER.sharepoint.com/_vti_bin/shtml.dll/_vti_rpc HTTP/1.1 Content-Type: application/x-www-form-urlencoded X-Vermeer-Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/4.0 (compatible; MSIE 4.01; windows NT; MS Search 6.0 Robot) Host: esrtcloud.sharepoint.com Content-Length: 46 Cache-Control: no-cache method=url+to+web+url:6.0.2.5420&url=/&flags=0 And Receive the response HTTP/1.1 500 Internal Server Error Content-Length: 62 P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 1,525568,0,3568,358383,0,228305,6 IsOCDI: 0 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: 96d380a1-00cc-8000-1d92-1db10c88e0c6 request-id: 96d380a1-00cc-8000-1d92-1db10c88e0c6 MS-CV: oYDTlswAAIAdkh2xDIjgxg.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=00000000-0000-0000-0000-000000000000&destinationEndpoint=Edge-Prod-EWR31r5b&frontEnd=AFD&RemoteIP=64.20.162.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com teams.cloud.microsoft *.office365.com goals.cloud.microsoft *.powerapps.com *.powerbi.com *.yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft *.officeapps.live.com *.office.com *.microsoft365.com m365.cloud.microsoft *.cloud.microsoft *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com http://onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com; SPRequestDuration: 11 SPIisLatency: 1 X-Powered-By: http://ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25722 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 203E3FC24FC84560B6FBE9F468E72B68 Ref B: EWR311000104035 Ref C: 2025-02-12T16:44:53Z Date: Wed, 12 Feb 2025 16:44:52 GMT Operation is not valid due to the current state of the object. For comparison, a successful response to the call looks like this HTTP/1.1 200 OK Server: Microsoft-IIS/10.0 Date: Wed, 12 Feb 2025 20:45:51 GMT Connection: close Content-type: text/html; charset=utf-8 <html><head><title>vermeer RPC packet</title></head> <body> <p>method=url to web url:6.0.2.5420 <p>webUrl=/ <p>fileUrl= </body> </html>
401 unauthorised for ExecuteQuery in sharepoint CSOM
Hi, I am trying to connect the sharepoint site with client id and secret but getting 401 unauthroised error while hitting the executequery() method. While doing app registrations both Microsoft graph and share point API permissions with full site control has been given including trusted the app through appinv.aspx. Still getting 401 unauthorised error. Since ACS is retiring, do we need to follow any other permissions for share point level site access. The same execute query is working fine for client id, certificate combination. But not working for client id and secret. static void Main(string[] args) { var authManager = new AuthenticationManager("***************************", "C:\\Program Files\\OpenSSL-Win64\\bin\\certificate.pfx", "*******", "********.onmicrosoft.com"); using (var cc = authManager.GetContext("https://****.sharepoint.com/sites/****")) { cc.Load(cc.Web, p => p.Title); cc.ExecuteQuery(); Console.WriteLine(cc.Web.Title); ListCollection listCollection = cc.Web.Lists; cc.ExecuteQuery(); // this is working fine }; // Replace with your SharePoint Online details string siteUrl = "****************************"; string tenantId = "***************************"; string clientId = "********************************"; string clientSecret = "******************************"; // App secret try { using (var context = GetClientContextWithOAuth(siteUrl, tenantId, clientId, clientSecret)) { // Example: Retrieve web title Web web = context.Web; context.Load(web, w => w.Title); context.ExecuteQuery(); // this is throwing 401 unauthorized error Console.WriteLine("Connected to: " + web.Title); } } catch (Exception ex) { Console.WriteLine("Error: " + ex.Message); } } private static ClientContext GetClientContextWithOAuth(string siteUrl, string tenantId, string clientId, string clientSecret) { // Azure AD OAuth 2.0 endpoint string authority = $"https://login.microsoftonline.com/*******************"; // Use MSAL to acquire an access token var app = ConfidentialClientApplicationBuilder.Create(clientId) .WithClientSecret(clientSecret) .WithAuthority(new Uri(authority)) .Build(); var authResult = app.AcquireTokenForClient(new[] { $"{siteUrl}/.default" }).ExecuteAsync().Result; if (authResult == null) { throw new Exception("Failed to acquire the access token."); } // Use the access token to authenticate the ClientContext var context = new ClientContext(siteUrl); context.ExecutingWebRequest += (sender, e) => { e.WebRequestExecutor.WebRequest.Headers["Authorization"] = "Bearer " + authResult.AccessToken; }; return context; }
How to Get the Correct Client ID for Graph API Authentication in SPFx Without Forcing Login?
Hello everyone, I'm trying to connect my SPFx web part to the Microsoft Graph API in the most modern and seamless way possible, avoiding any additional login prompts for the user. Here's the setup I'm currently using: _graph = graphfi().using(graphSPFx(context as ISPFXContext)); It's crucial for me to retrieve all the Graph API credentials directly from the SharePoint context to ensure a seamless experience for users. However, I'm encountering a 400 error when trying to acquire the token: AADSTS500011: The resource principal named 806f609a-6160-4235-ab06-91c8fe86ccee was not found in the tenant named ***. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant... The issue here is that the clientId mentioned (806f609a-6160-4235-ab06-91c8fe86ccee) does not exist in our tenant's Azure AD, and it never has. From my research, this seems like some kind of fallback client ID from Microsoft. The only way I can get it to work is by explicitly adding the correct clientId manually like this: _graph = graphfi().using(graphSPFx(context as ISPFXContext)).using(MSAL({ authParams: { scopes: [...] }, configuration: { auth: { clientId: "CORRECT_CLIENT_ID", // copied from AD authority: "https://login.microsoftonline.com/{tenantId}" }, cache: {...} } })); However, this approach causes a redirect or popup prompt, often requiring users to use multi-factor authentication on their mobile devices. My goal is to avoid this entirely. Questions: How can I retrieve the correct clientId directly from the SharePoint context? The context itself doesn't seem to expose what client ID is being used to authenticate to the Graph API. Is there any way to handle this without modifying the context or forcing a re-login? Why does SharePoint seem to be using this "mysterious" fallback client ID that doesn't exist in the tenant? I've looked at multiple tutorials, but most of them are outdated by several years (some over 8 years old). Even following those tutorials results in the same error when testing in the Workbench or after deployment. Does anyone know a way to address this issue without combing through outdated documentation? I’d appreciate any guidance or insights! Thank you in advance! Best regards, Mario
In SharePoint we have "Everyone except external users" AD Group but can't be synced by SCIM
We are using SharePoint online and SharePoint server 2016, 2019, subscription edition and we are seeing some issues and Azure AD. I have synced a customer's Azure AD using SCIM . Also synced SharePoint site in a SharePointCustomApp that we have using SharePoint APIs. Now for SharePoint we get pages with ACL for groups and one of the group's name is "Everyone except external users". All the pages have groups associated and they are federated from Azure AD and we found all groups. However "Everyone except external users" group cannot be synced via IDC SCIM protocol. Other groups we are able to sync properly(can get its members). Our other customers are also facing same issue for this "Everyone except external users" group. We need this group ("Everyone except external users") also to return proper members.Prevent Automatically Opening the File Explorer on the Upload Tab (filepicker)
I am working on an application customizer that will inject custom UI into the File Picker's Upload tab. Because of this, I want to prevent the file explorer from automatically opening when the user clicks on the Upload tab. I’ve tried several methods to achieve this by manipulating the DOM through my custom code in the application customizer. I even tried removing the "file" input element from my custom code. However, the file explorer still opens automatically when the user clicks on the Upload tab. Is there any way to prevent this?Microsoft Graph Search API Not Searching Image Titles
Dear, I am using the Microsoft Graph Search API (https://graph.microsoft.com/beta/search/query) to search files based on their names and content. While the API performs well for most file types, I have noticed that it does not return image files (e.g., PNG, JPG) when the search term matches the title of the image. Here are the key observations: Expected Behavior: When a search term matches the title of an image file, the image should appear in the search results, just as other file types like documents and spreadsheets do. Current Behavior: Image files with titles matching the search term are not being returned in the search results. However, these files are retrievable using their metadata or direct path, suggesting they exist in the index. Additional Notes: Non-image files with matching titles are successfully retrieved. This behavior persists even when explicitly specifying the entityTypes as driveItem. Questions: Is there a limitation in the Microsoft Graph Search API that prevents searching for image files based on their titles? If this is not a limitation, could you provide guidance on how to structure the query to include image files based on their titles? Are there specific configurations or indexing processes required to enable title-based searches for image files? This functionality is critical for our use case, as we need to perform consistent and comprehensive searches across all file types, including images. Your assistance in resolving this issue or providing clarification would be greatly appreciated.How to add buttons in context menu in a Doc Library which is added as a WebPart inside a SP page
Hi, I created list view command set extension application for adding a custom button into the context menu. I have a SharePoint Page in which I added a document library as a webpart. In the Serve.Json of my application I have given this page URL to apply the custom button into the library. Around 2 weeks back this approach worked and the buttons were shown in the context menu but now they are not showing. In a normal document library it is working and showing the Custom button. but in a page where a document library is added as a web part it is not showing. How can we achieve this? What could be the Reason? And Please give me any solution to achieve this functionality. Note: I have tried this solution with different SharePoint Sites but it didn't worked. Thanks in Advance
How to stop SharePoint list custom column formatting affecting form display?
Hello, I am trying to apply custom formatting to a multi-select 'Choices' column in a SharePoint list. The custom formatting applies consistent capitalisation to choices, and joins them with a delimiter (required as just applying the style removes spaces between choice items). The custom formatting JSON is as below: { "$schema": "https://developer.microsoft.com/json-schemas/sp/v2/column-formatting.schema.json", "elmType": "div", "txtContent": "=join(@currentField,', ')", "style": { "text-transform": "capitalize" } } However, when I apply this style to the column through the JSON editor it affects the display of the corresponding field in the form, adding line breaks where they are not wanted, as below. I have tried adding "word-wrap": "nowrap" in the style element of the column format, which works to stop the new lines being added where they are not wanted but prevents logical new lines being added to show all selected elements. I've also tried variations of the "width" property in the style element to try and force the form to use all available space, but to no avail. Interestingly, this only affects 'edit' and 'view' forms (where you are interacting with an existing item) and is not affecting the 'new' form when creating new items. I have custom JSON formatting in the 'Head' section of the form itself, but nothing in the 'Body' or 'Footer' sections. I've tried removing the customisation in the 'Head' but this doesn't resolve the issue. If anyone has any solutions they can offer they would be very much appreciated.
How to read file content for a IRM Protected PDF?
I have a SharePoint Document Library with IRM Protection turned on. I need to read content of the IRM Protected PDF file at the code level (.NET API Endpoint). I am able to get the binary content of the file at the code level, but no PDF Reader is able to read the content of the IRM Protected file. Is there a work around?
