Teams Private Channels and SharePoint Search

Microsoft recently launched private channels in Microsoft Teams. This allows a subset of a team to communicate securely and in private without involving all team members. Previously, people would create entirely new teams with different groups of people leading to a proliferation of teams a.k.a ‘Teams Sprawl’.

The architecture of a Microsoft Team in terms of storage of files for a Team in SharePoint is:

Site Collection>Document Library>Folder Per Team Channel

Now the idea of private channels sounds great, as files for a channel are stored in a folder in a Teams document library, surely it means just a new folder type with some security applied? Wrong, it is an entirely new site collection with a url format of <ExistingTeamUrl>-<PrivateChannelName> with a document library hosting just one folder for the private channel.

If the team URL is ‘https://mycompany.sharepoint.com/sites/team1‘ a private channel called ‘ConfidentialProject’ will have a URL of ‘https://mycompany.sharepoint.com/sites/team1-confidentialproject‘.

So for every private channel created in a team, a new site collection will be provisioned which might lead to a new problem going forward called ‘Private Channel sprawl’ unless some governance is put in place around who can create private channels. I am guessing this was the architecture chosen for security reasons as security can be guaranteed at this highest level.

Search and Private Channels

As these are site collections you may start seeing them appearing in the results of any predefined SharePoint searches you have defined e.g. to list all Site collections in your Office 365 tenant. They are just like any other site collection but they can be specifically asked for in a search query.

A site collection search result that is a private channel site collection has a WebTemplate property value of ‘TEAMCHANNEL’ and this allows us to create queries that either filter out private channel site collections or ask for only them specifically in search queries :

SearchSiteCollections

So if you need to identify or remove the private channel site collections in your search queries this is a way to easily identify them. To return all private channel site collections you have access to in SharePoint the following KQL query will give you them:

contentclass=”sts_site” AND WebTemplate=”TEAMCHANNEL”

What language does SharePoint online use for displaying terms and taxonomy to a user?

Having recently completed a project on our OnePlaceMail App to support Enterprise Keywords and Managed metadata columns saving content to SharePoint and Teams, we had to work out the logic SharePoint uses to decide what language to return the terms to the user so they can select them for tagging.

This was not a straightforward task and several factors influence what language SharePoint chooses to display the terms for you to choose and save on an item in SharePoint.

The different languages in Office 365/SharePoint

There are multiple different language settings at play that influence what language the user gets terms back from the term store in SharePoint.

1) Office 365 user profile languages

To get to your Office 365 languages settings, go to your Office Profile in Office 365:

office profile menu

Then update your profile:

updateprofile

Then edit your language and region settings:

changelanguagesprofile

editdetailsprofile

Once here you can add and sort your languages in order of preference to use when available in SharePoint with the topmost your preferred language:

languageorder

2) Languages available on a SharePoint site with a default language

Each site in SharePoint has Language settings. Go to Site Settings, Language settings to configure them:

languagesettings

spsitelanguages

The default language is set to the language chosen when the site was created:

sitelanguagecreation

3) Termstore languages and a termstore default

In term Store administration in Office 365 you can set the default store language and the other languages that are enabled. This allows you to then translate terms into different languages by providing different label values:

termstoreadmin

termstorelanguages

termtranslated

What languge is used?

So we have the following:

  • Office 365 languages specified by the user in their Ofice 365 profile, ranked in order of preference to determine the order to use them when enabled in SharePoint.
  • Languages enabled in the SharePoint site and a default language set for the site.
  • Languages enabled in the term store in SharePoint and a default language specified for the term store. In addition, each term in the term store can have a translation into each of the languages enabled in the termstore.

Having gone through testing of all scenarios I have done a Visio diagram to try and explain what happens:

LanguageUseSharePointTaxonomyBlog

  1. The users display languages in their user profile are checked in order of preference.
  2. The language is checked to see if it is enabled on the SharePoint site.
  3. If it is enabled, the term store is checked to see if the language is enabled.
  4. If it is enabled, the terms are checked for a translation in this language.
  5. If there are is a terms with labels in this language they are returned to the user.

The above scenario is when everything lines up, but when one does not match or is enabled SharePoint has to revert to a default behaviour.

Each language in the user profile is checked until one is found that is enabled on the current site. If none match the site default language is used. The termstore is then checked to see if this language is enabled. If not the termstore default language is used for terms. If the language is enabled in the term store, each term is checked for a label in this language. If the term does not have a label in this language the term is returned in the termstore default language.

So as you can see there are settings at different levels that determine the language terms are returned to the user. Hopefully this helps you to answer a question from a user asking why terms are being returned in a specific language!

 

Set a default Label in a SharePoint Online Document Library

Office 365 Labels are a feature of Office 365 that allows you to manually or automatically label content across all of Office 365 including SharePoint online. Check out my other blog post for some more background:

https://colinjwood.wordpress.com/2018/07/19/using-office-365-labels-with-sharepoint-search/

One of the really useful features of Labels and SharePoint is that you can set a default label on a per document library basis. What this means is that all content going into your document library will be set with a default label and making the process of applying a label to content less onerous on the user.

To do this, go into your document library settings and click on ‘Apply label to items in this list or library’:

defaultlibrarysetting

Then you can select the default label from all the labels enabled on your site:

labeloptions

Now when a user saves content to the document library it will default to this label:

defaultlabelapplied

It is also possible to set the default label for a document library programmatically which is really useful especially if you are provisioning a lot of document libraries using code or PowerShell.

SPPolicyStoreProxy.SetListComplianceTag

SetListComplianceTag(ClientRuntimeContext context, string listUrl, string complianceTagValue, bool blockDelete, bool blockEdit, bool syncToItems);

SPPolicyStoreProxy

Unfortunately I can’t find much documentation on this method at this stage as it only recently has been added to SharePoint Online CSOM.

Using Office 365 Labels with SharePoint Search

What are Office 365 Labels?

Label the right content with the right actions against it. Across your organization, you probably have different types of content that require different actions taken on them in order to comply with industry regulations and internal policies. Labels allow users to classify data within their organisation for governance and enforce retention based on the classification of content in Office 365.

Labels are configured in your Office 365 tenant under the Security and Compliance Administration Center:Office365center.png

createlabel

In short, you create a Label and Publish it as part of a policy that can target specific areas of Office 365 or across the entire Office 365. Labels can be set to automatically be applied to content that match either search queries or match specific information types such as credit card numbers or passport numbers, identified as personal information, or they can be manually applied by users.

Labels can have retention settings specified and any content that has the label applied can be set to being declared as a record:

retentionsettings

Searching for SharePoint content with specific Labels

As there will be lots and lots of content in SharePoint online with different labels applied, it becomes important that users can search and identify different content:

  • Records Managers need to identify content with specific retention policies applied across all of SharePoint
  • Project Management officers need to identify all project content with specific labels and related to specific projects that match specific contract obligations
  • Ensure sensitive and other content related to an individual is identified and removed from SharePoint to comply with GDPR policies

If you have been granted the appropriate permissions in SharePoint and the Office 365 Security and Compliance Center you can perform searches for specific labels across all of Office 365 (Exchange, SharePoint, Teams, OneDrive):

ContentSearchSandC

Looking at how you search for specific labels it seems the search is against a ComplianceTag property:

searchsandc

Based on this information, it would seem that there is a Managed Search Property called ‘ComplianceTag’. Looking at the SharePoint online search schema confirms this and because it is searchable it can be used by any search queries against SharePoint:

searchschema

This opens up the potential that content can be searched for by specific labels in SharePoint online by any users. The example below shows a simple search across SharePoint online for content matching two different labels:

searchlabels

ComplianceTag:”Project Documentation” OR ComplianceTag:”Marketing Material”

As mentioned previously this content could have actions associated with it such as a disposition review as it is tagged with a specific label. As there could be numerous SharePoint site collections, using search to bring this content together that match specific labels is really powerful. You can then use the power of search to preview content or open it up or edit metadata.

Combining an Office 365 label search with other search parameters

As labels are exposed as a normal Managed Property in search we can use it like any other property in a Keyword Query Lanaguage (KQL) query. Taking the example above I can extend it further by checking for all content matching labels and where the author is myself:

ComplianceTag:”Project Documentation” OR ComplianceTag:”Marketing Material” AND Author:”Colin Wood”

SearchUser

So you can now build up simple or more advanced queries that returns content matching specific labels in addition to other search parameters which gives users even more powerful options in terms of returning content against specific criteria. It maybe that we need to identify sensitive content relating to specific projects or users for example.

OnePlaceLive and Office 365 Labels

OnePlaceLive is one our products here at OnePlace Solutions. It allows you to reduce the complexity of SharePoint by delivering SharePoint locations and content to different groups of users inside their favorite applications such as Outlook: https://www.oneplacesolutions.com/solution-profiles.html

We deliver these using ‘Solution Profiles’ that in essence are a search query against SharePoint that can be defined once and dynamically executed by users. They can be targeted to different groups of users such as users of a Legal Matter Management System, Project Management System or Records Managers.

Now that we have identified we can find content matching specific labels with a SharePoint search we can create solution profiles that can search for content matching specific labels and/or combined with any other search properties you want to search on. We can then deliver this content to users inside Outlook for example, where they spend most of their time day in day out.

solutionprofilecreation

We create the solution profile above where we define the search query. In the example above I am creating a solution profile that could be used by records managers. It is looking for content with specific labels and because I know that any content with these labels are declared as records, it will identify all records across all of SharePoint online. I then publish this profile and it automatically appears inside Outlook, where the Records Manager can click on it and execute the query and view all records in SharePoint online inside Outlook:

allrecords

I can then add specific profiles for say, Marketing Records to just show Marketing Records.

marketingrecords

These are fairly simple examples but you get the idea, the queries can be as simple or as complex as you want or need it to be and can target different groups of users.

So hopefully what you can now see is that you can use labels in Office 365 as part of your SharePoint search queries. What is really powerful is the ability to use labels in combination with other search properties to identify content that is particularly sensitive or has certain compliance actions associated with it. This is really beneficial from a GDPR perspective to identify personal GDPR data (content that may be labelled with specific GDPR related Office 365 labels and specific to a user) and really useful for Records Managers and many other business applications. Once content is labelled, it is important that this content can be found and identified so actions can be performed on it.

Provision multiple SharePoint Online site collections with PnP PowerShell

This blog post follows on from my previous blog post on basic SharePoint site collection provisioning in Office 365: https://colinjwood.wordpress.com/2017/12/14/create-a-sharepoint-site-collection-in-an-office-365-tenant-with-pnp-powershell/

In this post I will go through how you can provision multiple site collections in an Office 365 tenant using a csv file which specifies configuration information about each site collection:

  • Url
  • Site Owner
  • Template
  • Timezone
  • Title

The source code for this post is in my GitHub repo at: https://github.com/colinjwood/CodeCobra/tree/master/CSVProvisioning

The script is here: https://github.com/colinjwood/CodeCobra/blob/master/CSVProvisioning/createSiteCollectionsFromCSV.ps1

I have included an example csv file in the repo that the script uses. It needs to be located in ‘C:\\temp’ on local machine running the script. This step could also be automated so that the csv file is downloaded from GitHub to the temp folder on the local machine, then used by the script for site collection provisioning. I use this technique in one of my other GitHub repos here at OnePlace Solutions to provision Site Columns in SharePoint. The provisioning xml is downloaded then used by the PowerShell script : https://github.com/OnePlaceSolutions/EmailColumnsPnP/blob/master/installEmailColumns.ps1

image

To run the SharePoint site collection provisioning script perform the following:

  • Create your csv file with all the site collection configuration information based on the example csv provided and locate it in c:\temp on your machine running the PowerShell script.
  • Run Windows PowerShell and copy and paste the following command at the command prompt:
Invoke-Expression (New-Object Net.WebClient).DownloadString(‘https://raw.githubusercontent.com/colinjwood/CodeCobra/master/CSVProvisioning/createSiteCollectionsFromCSV.ps1')
  • Enter the url of your SharePoint online tenant:

image

  • The site collections will be provisioned in your tenant based on the configurations provided in the csv file. To confirm progress check the Site list in the SharePoint Admin are of your tenant.

This gives you an example of how to configure all or some of the site collections in your Office 365 tenant and create them with one script. This could form the basis of any scripts you write to perform site collection provisioning.

Create a SharePoint site collection in an Office 365 Tenant with PnP PowerShell

Before getting started with PnP PowerShell you need to ensure you have the pre-requisites enabled on your machine. I have detailed the pre-reqs here in previous GitHub repos I have done for our products here at OnePlace Solutions and as we will be targeting SharePoint Online we need to ensure we install the PnP cmdlets for SharePoint online only: https://github.com/OnePlaceSolutions/EmailColumnsPnP

This blog post details how you can create a site collection in an Office 365 tenant using PowerShell.

I have added a PowerShell script to my GitHub repo https://github.com/colinjwood/CodeCobra which I will go through in more detail.

The script that provisions the site collection is here: https://github.com/colinjwood/CodeCobra/blob/master/createSiteCollection.ps1

This script prompts for key information to provision the site collection with. The site template is based on the standard ‘Team Site’ template in SharePoint, however this information could be prompted for and added dynamically to your script.

To execute this script and provision a site collection do the following:

  • Start PowerShell on your machine
  • Copy and paste the following command into your PowerShell command window:
    Invoke-Expression (New-Object Net.WebClient).DownloadString(‘https://raw.githubusercontent.com/colinjwood/CodeCobra/master/createSiteCollection.ps1')
    
  • Enter your SharePoint tenant url and you will be prompted to login, use your email address :

SNAGHTML8f385c2

  • Enter the url of your new site collection to be provisioned:
  • SNAGHTML9009eba

    • Enter the site owner of your new site collection by typing in the email address
    • Enter the timezone, I type 76 as I live in Sydney
    • The new site collection will now be provisioned in Office 365. To confirm and check progress go into the SharePoint Admin area of your tenant and go to the list of site collections and you will see your new site collection:

    SNAGHTML961a9ce

    The command used in this script is:

    New-PnPTenantSite

    Here is the official documentation on this cmdlet: https://github.com/SharePoint/PnP-PowerShell/blob/master/Documentation/New-PnPTenantSite.md

    I extend the provisioning process in my other blog post where administrators can create a csv file defining multiple site collections, the template they are based on, the urls, site owners, regional settings etc. and provision them all with PowerShell in an Office 365 tenant:

    https://colinjwood.wordpress.com/2017/12/14/provision-multiple-sharepoint-site-collections-with-pnp-powershell/

    Save emails and documents to SharePoint in the background

    Recently, myself and the dev team at OnePlace Solutions completed a challenging yet very rewarding project.

    We are all about user productivity and SharePoint adoption and the results of this project are significant gains in both of these areas.

    Please check out my blog on our company website which details the new background save of emails and documents to SharePoint:

    https://www.oneplacesolutions.com/news/increase-user-productivity-by-saving-documents-and-emails-to-sharepoint-while-working-on-other-tasks.html