Connect-SPOService : Could not authenticate to SharePoint Online
Hi I am unable to connect to SPO from SharePoint online management shell (6802.1200) using my federated account (no MFA set). I am executing command: Connect-SPOService -Url https://TENANTNAME-admin.sharepoint.com My response is: Connect-SPOService : Could not authenticate to SharePoint Online https://TENANTNAME-admin.sharepoint.com/ using OAuth 2.0 At line:1 char:1 + Connect-SPOService -Url https://TENANTNAME-admin.sharepoint.com + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (:) [Connect-SPOService], Authenti cationException + FullyQualifiedErrorId : Microsoft.Online.SharePoint.PowerShell.Authentic ationException,Microsoft.Online.SharePoint.PowerShell.ConnectSPOService I am able to connect using cloud only account using with using something like this: Connect-SPOService -Url https://$orgName-admin.sharepoint.com -Credential $userCredential Can you please help me to use federated account to connect to SPO? Thanks
How to add alias domain for all users?
Hi, There's a company with their company's full name as their domain name and a shorter domain name. So, contoso.com and conto.so. They need all their users to have an alias of contoso.com and conto.so to be their primary email address. This way, they can: Send/Send as/Receive emails as both domain names for the respective users Receive shared files (OneDrive for Business and SharePoint Online) on both domain names for the respective users Call as/receive call/book meeting on Skype for Business using both domain names for the respective users Send and receive calendar shares or event invitations on both domain names for the respective users This needs to be automatic, rather than adding the domain alias for each user. How can this be configured? Thanks,Enforce MFA to external users
Is there any news on enforcing MFA to O365 external users when they will access externally shared SPO sites? Right now the challenge is we cannot enforce MFA on external users and MFA can be enabled only for licensed users. Azure B2B is in public preview but I am assuming that this capability will be available as part of Azure B2B GA as mentioned in current limitiation https://azure.microsoft.com/en-us/documentation/articles/active-directory-b2b-current-preview-limitations/. So question mark is if it will be enabled then will it also be applicable for normal external sharing scenario (with Azure B2B)?Connect-SPOService : Could not authenticate to SharePoint Online
Hi All! I am unable to connect to SPO from SharePoint online management shell using my account. MFA is enabled. Connect-SPOService -url https://[URL].sharepoint.com I'm getting the following response: Connect-SPOService : Could not authenticate to SharePoint Online https://[URL].sharepoint.com/ using OAuth 2.0 At line:1 char:1 + Connect-SPOService -url https://[URL].sharepoint.com + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (:) [Connect-SPOService], AuthenticationException + FullyQualifiedErrorId : Microsoft.Online.SharePoint.PowerShell.AuthenticationException,Microsoft.Online.SharePoi nt.PowerShell.ConnectSPOService Can anyone help with this? Thanks.
FIDO2 Office 365 and Windows Hello For Business Sign-in?
I saw that this was in preview a year ago. https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/bg-p/Identity Is logging into Windows 10 Hybrid joined systems using FIDO security keys now working? What about signing into Office 365 desktop apps, mobile apps and web apps with FIDO security keys?
How to share confidential files
Hi, not sure if this is the right channel please refer me to the rigth one if not. We would like to share a report (stored in our SharePoint Online) with specific people at one of our clients (who also are in O365 by the way). I wanted to do this by restricting access on the file itself using the built in feature for this and then add those email adresses needed to allow specific people to read the file. However, I ran into multiple issues. 1. When restricting access. No one else in my org. could retain full control access to the file (I want anyone in my org to be able to add recipients, make changes, print etc). Adding users to the list of people who can edit the file is not sufficient. 2. When people at our client clicks on the link they get a prompt saying "Sorry, Word cannot open this document in a browser because it is protected by IRM..." with no link or option to open in desktop instead. 3. when they try to open it from within e.g. Word they still cannot access even if their email-address is in the list of allowed readers. 4. It works if we send a copy of the file - but that is likely less secure and creates unneccessary redundance and diverging versions of the file. What is the "proper" way of doing this?
How can I restrict other team members to view and edit certain sheets within an excel?
We have an excel document to collect team members commission information. Every team member maintains own data in different worksheet in this file. But as it's sensitive data, everyone should only be able to access his/her own data or their own team's data, not other people or teams. Can anyone suggest a way to realize it?
MFA via app on Sharepoint Online
We have already protected our Netscaler login with MFA (MFA server on-prem) and the users authenticate by using the mobile app. Now we're ready for the next step - to protect Sharepoint Online with MFA when accessing from external networks. I know it's possible to use MFA by configure conditional access policies to accomplish that but it seems like that only gives me MFA via OTP. Am I missing something or can I use the MFA server that I already have on-prem and force users to authenticate by using the mobile app as they already know?
Office365 login with ADFS and public Email addresses
Hi, We have a scenario where a client wants to use private email addresses for login-credentials in Office 365. We believe that we need to use ADFS for authentication, but not sure where to start to implement this for emailaddresses that might be john.doe@hotmail.com The users only need to access sharepoint, prefarably via groups, and not using microsoft accounts. Anyone have any thoughts? Thanks in advance Daniel Wahlgren
