Export Office365 User Roles to CSV

$User = “user@tenant.onmicrosoft.com”
#$User = Read-host “Please enter Office365 Admin User name username@domain.onmicrosoft.com. “
$Creds = Get-Credential

#Connect-SPOService -Url https://tenant-admin.sharepoint.com -Credential $Creds
Connect-MsolService -Credential $Creds

$AllUserRoles = @()

$Users = Get-MsolUser -All
foreach($user in $Users)
    $UserRoles = Get-MsolUserRole -UserPrincipalName $User.UserPrincipalName
    foreach($role in $UserRoles)
        $aRole = New-Object PSObject
        $UserName = $User.UserPrincipalName
        $RoleName = $role.Name.ToString()

        Add-Member -input $aRole noteproperty ‘UserName’ $UserName
        Add-Member -input $aRole noteproperty ‘RoleName’ $RoleName
        $AllUserRoles += $aRole

$AllUserRoles | export-csv -Path C:\Scripts\SPOUserRoles.csv -NoTypeInformation -Force

Export All SharePoint Online Term Group, Term Sets and Terms to CSV

param (

# Paths to SDK. Please verify location on your computer.
Add-Type -Path “c:\Program Files\Common Files\microsoft shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll”
Add-Type -Path “c:\Program Files\Common Files\microsoft shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll”
Add-Type -Path “c:\Program Files\Common Files\microsoft shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Taxonomy.dll”

$Credentials = Get-Credential -Message “Please enter SPO Admin User Name and Password”
$ctx=New-Object Microsoft.SharePoint.Client.ClientContext($RootSiteCollectionUrl)
$ctx.Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Credentials.UserName, $Credentials.Password)

$session = [Microsoft.SharePoint.Client.Taxonomy.TaxonomySession]::GetTaxonomySession($ctx)

$termstore = $session.GetDefaultSiteCollectionTermStore();



  $Termstring = “”
  $Termstring = $Header
  foreach($group in $groups)
    Write-Output $group.Name
    $Termstring +=”$($group.Name)`r`n”
    foreach($termset in $group.TermSets)
        Write-Output ”    $($termset.Name)”
        $Termstring +=”,$($termset.Name)`r`n”
        foreach($term in $termset.Terms)
            Write-Output ”        $($term.Name)”
            $Termstring +=”,,$($term.Name)`r`n”

Out-File -InputObject $Termstring C:\Scripts\Terms.csv -Encoding ascii -Force

List and Export External Users to CSV

This windows application allows SharePoint Online Administrators to list and export all external users to CSV.  You can run the script to iterate all site collections or against the list provided as CSV.  You can double click on a row to open external user management in internet explorer.  Next steps for me would be to allow you to remove the user without going to the site.

I have tested this tool with tenants of 4K and 10K sites without any issue.

Note: The Root Site Collection URL must be SharePoint Admin Url. Not the root site collection url as asked

#To Generate the Input CSV


= Get-SPOSite -Limit All | Where-Object {$_.SharingCapability –ne “Disabled”}


| Select Url | Export-Csv -Path C:\Scripts\InputCSV.csv -NoTypeInformation -Verbose -Force



Enable Auditing – SharePoint Online Site Collection

Auditing is normally a required feature for most organization which wants to track user actions on a SharePoint site.  The functionality can be enabled at site collection level.  But most organizations try to enable it when they already have large number of of site collections.  Doing it manually by going to Site settings – Site collection audit settings would be a tough job if you have large number of site collections.  I wrote the script which may help someone.

The script uses both Client Side Object Model and SharePoint Online Management Shell cmdlets.  Make sure you change the location of SharePoint Client OM dlls.  I have set it as C:\CSOM.  You do not need to specify the Admin Url as I am creating it from User name.

function Enable-SPOAuditing
        Enables or disables Auditing on SharePoint ONline Sites
        Enables or disables Auditing on SharePoint ONline Sites
        explains how to use the command
        can be multiple lines
        another example
        can have as many examples as you like
    $spoCtx = New-Object Microsoft.SharePoint.Client.ClientContext($SPOSiteUrl)
    $spoCredentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($UserName, $Password)
    #SPO Client Object Model Context
    $spoCtx.Credentials = $spoCredentials
    $spoSite = $spoCtx.Site
    $Audit = $spoSite.Audit
    $All = [Microsoft.SharePoint.Client.AuditMaskType]::All;
    $None = [Microsoft.SharePoint.Client.AuditMaskType]::None;
    $CheckIn = [Microsoft.SharePoint.Client.AuditMaskType]::CheckIn;
    $CheckOut = [Microsoft.SharePoint.Client.AuditMaskType]::CheckOut;
    $ChildDelete = [Microsoft.SharePoint.Client.AuditMaskType]::ChildDelete;
    $CheckIn = [Microsoft.SharePoint.Client.AuditMaskType]::CopyCheckIn;
    $Move = [Microsoft.SharePoint.Client.AuditMaskType]::Move;
    $ObjectDelete = [Microsoft.SharePoint.Client.AuditMaskType]::ObjectDelete;
    $ProfileChange = [Microsoft.SharePoint.Client.AuditMaskType]::ProfileChange;
    $SchemaChange = [Microsoft.SharePoint.Client.AuditMaskType]::SchemaChange;
    $Search = [Microsoft.SharePoint.Client.AuditMaskType]::Search;
    $SecurityChange = [Microsoft.SharePoint.Client.AuditMaskType]::SecurityChange;
    $Undelete = [Microsoft.SharePoint.Client.AuditMaskType]::Undelete;
    $Update = [Microsoft.SharePoint.Client.AuditMaskType]::Update;
    $View = [Microsoft.SharePoint.Client.AuditMaskType]::View;
    $Workflow = [Microsoft.SharePoint.Client.AuditMaskType]::Workflow;
    $Audit.AuditFlags = $Search, $Update, $Undelete, $Workflow, $SecurityChange
    $spoSite.AuditLogTrimmingRetention = 60
    $spoSite.TrimAuditLog = $true
    #Enable All Options Auditing
    $Audit.AuditFlags = $All
    #Disable Auditing
    $Audit.AuditFlags = $None

$User = “firstnane.lastname@domain.onmicrosoft.com”
$Password = ConvertTo-SecureString “pass@word1” -AsPlainText –Force

#Or Use Get-Credentials to create the object.
$Creds = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $User,$Password


$ClientDllPath         = $CSOMAssembliesPath +  “\Microsoft.SharePoint.Client.dll”
$ClientRunTimeDllPath  = $CSOMAssembliesPath +  “\Microsoft.SharePoint.Client.Runtime.dll”       
Add-Type -Path $ClientDllPath -ErrorAction SilentlyContinue
Add-Type -Path $ClientRunTimeDllPath -ErrorAction SilentlyContinue

$AdminUrl = $User
$AtSepPostion = $AdminUrl.IndexOf(‘@’) + 1
$DotPostion = $AdminUrl.LastIndexOf(“.onmicrosoft”)
$DomainName = $AdminUrl.Substring($AtSepPostion, $DotPostion – $AtSepPostion)
$FinalAdminUrl = “https://$DomainName-admin.sharepoint.com”

Connect-SPOService -Url $FinalAdminUrl -Credential $Creds
#To Test

#$Sites = Get-SPOSite -Limit 1

$Sites = Get-SPOSite -Limit All | Select Title, Url, Owner

foreach($Site in $Sites)
    Enable-SPOAuditing -SPOSiteUrl $Site.Url -UserName $User -Password $Password

Microsoft Office Developer Tools Preview 2 for Visual Studio 2015


This preview ships with new templates that support SharePoint 2016 for SharePoint solutions and add-ins.

Microsoft Office Developer Tools Preview 2 for Visual Studio 2015 enables you to develop SharePoint solutions and add-ins for SharePoint 2016.
This preview also includes the latest features in Microsoft Office Developer Tools Update 2 for Visual Studio 2015–you can create new Office add-in projects using templates specific to an Office application (Word, Excel, Outlook, and PowerPoint). These new templates support new Office features such as add-in commands, Fabric UI, and new functionalities in Office.js.
This preview must be installed on top of an earlier version of the Microsoft Office Developer Tools for Visual Studio 2015. Before installing this preview, go to aka.ms/officedevtoolsforvs2015 to get the tools.

Extract All User Properties from Active Directory to CSV

Below script allows you to use CSV to extract profile properties from active directory and then export to CSV.

Import-Module ActiveDirectory -ErrorAction SilentlyContinue
$Data = Import-Csv -Path “C:\Scripts\NoSPProfileAccounts.csv”
$Users = $null
$Users = @();
    $Data | ForEach-Object { Write-Host $_.Account; $User = Get-ADUser -properties * -Filter “UserPrincipalName -eq ‘$($_.Account)'”;$Users +=$User;}
$Users | Export-Csv -NoTypeInformation -Path “C:\Scripts\Users.csv”
$Users | Out-GridView

Installing SharePoint 2016 Part 8

Creating Project Server 2016 Web App

Around 10 years ago, I was on a full time job of working as Project Server consultant and developer working with project managers and team leads in writing project plan and then creating SQL reports that helped the company making informed decision on the workforce. Project server has changed allot since then but with SharePoint 2016 a lot has changed now.


Step 1 – Download Project Server 2016 installation files. Stop! Just Kidding. Project Server 2016 is now part of SharePoint 2016 setup. You just need the License key of Project Server and a single line of PowerShell will enable the project server on the server.

You can get the SharePoint Server 2016 ISO and License keys for both Project Server and SharePoint Server from http://www.microsoft.com/en-us/download/details.aspx?id=51493

Enabling Project Server 2016

Open PowerShell ISE as administrator – add the SharePoint snapin and run the following cmdlet.

Add-PSSnapin microsoft.sharepoint.powershell -ErrorAction SilentlyContinue
Enable-ProjectServerLicense -Key “Y2WC2-K7NFX-KWCVC-T4Q8P-4RG9W”


Creating Project Server Service Application

This is simple process using PowerShell or User Interface.

$ApplicationPool = Get-SPServiceApplicationPool “SharePoint Web Services Default”

$ProjectServiceApp = New-SPProjectServiceApplication -Name “Project Service Application” -ApplicationPool $ApplicationPool -Verbose

New-SPProjectServiceApplicationProxy -Name “Project Service Application Proxy” -ServiceApplication $ProjectServiceApp -Verbose


Creating Project Server Web App

First choose the web application where you want to create the site. We will do all the steps with PowerShell.

If you are not familiar with Project Server then you need to know that the database structure of Project Server is different than a SharePoint content database. It has its own tables and schema. Traditionally Project Server used to have 4 Databases which were later merged to single. Content database is always there to store the Project sites which store project documents.

So as a step one we will create a new content database and set it site limit to one so no one can create the site again.

$WebApplication = Get-SPWebApplication https://portal16.contoso.com

$ProjectDB = New-SPContentDatabase -Name “WSS_Content_ProjectSite” -WebApplication $WebApplication -MaxSiteCount 1 -WarningSiteCount 0


Note: You can also create new SPSite object directly in a new content database but if you are on a heavily used SharePoint Farm it is highly likely that another site collection will be create in the same DB.

You can create the project web app like https://portal.com/sites/pwa but traditionally it is created as https://portal.com/pwa. So I will first add a new managed path as explicit inclusion.

New-SPManagedPath “PWA” -Explicit -WebApplication $WebApplication -Verbose

To create the Web app run the following cmdlet.

$Site = “https://portal16.contoso.com/PWA&#8221;

$Template = “pwa#0”

$Name = “Project Web App”

New-SPSite -Url $Site -Template $Template -Name $Name -Description $Name -ContentDatabase $ProjectDB -OwnerAlias contoso\spadmin

Wait for few minutes to complete the process. We are not done yet. We have just created a project web app site collection. We now need to provision the database schema by running the following

Enable-SPFeature pwasite -Url $Site -Verbose

Start-Sleep 300

I also kept my ULSViewer started and filtered to see “Product” eq “Project Server”.


Wait for few minutes to see some activity in Project Server e.g. Queue etc. This will ensure that all components are project server have come online.


Let’s browse the site.


Here you go.