| Service | Microsoft Docs article | Related commit history on GitHub | Change details |
|---|---|---|---|
| SharePoint | Remove Search Results | https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/remove-search-results.md | description: "As a search administrator, you can temporarily remove items from t # Remove search results -As a Global Administrator or SharePoint Administrator in Microsoft 365, you can temporarily remove items from search results with immediate effect. The items that you can remove can be documents, pages, or sites that you don't want users to see. An example of this could be a Word document containing an invitation to an event that has been canceled, but the organizer has not removed the document from the site yet. Removing a result removes it from both classic and modern search results. +As a Global Administrator or SharePoint Administrator in Microsoft 365, you can temporarily remove items from search results with immediate effect. The items that you can remove can be documents or pages that you don't want users to see. An example of this could be a Word document containing an invitation to an event that has been canceled, but the organizer has not removed the document from the site yet. Removing a result removes it from both classic and modern search results. > [!IMPORTANT] > This is only a quick fix! Unless you delete the items or change the permissions of items manually, they will show up again in your search results after the next crawl. |
| SharePoint | Configure Server To Server Authentication | https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointServer/hybrid/configure-server-to-server-authentication.md | + - azure-ad-ref-level-one-done ms.assetid: 9cd888dc-9104-422e-8d8a-d795f0b1c0d0 description: Learn how to build a server-to server trust between SharePoint Server and SharePoint in Microsoft 365. Here's a high-level view of the procedures you have to complete in this section: To continue, you need to install these tools on an on-premises SharePoint Server web server: -- Azure Active Directory module for Windows PowerShell+- Microsoft Graph PowerShell - SharePoint in Microsoft 365 Management Shell Authentication to SharePoint Server, SharePoint in Microsoft 365, and Microsoft To install the online service management tools and configure the PowerShell window: -1. Install the [latest version of the Azure Active Directory module for Windows PowerShell](https://social.technet.microsoft.com/wiki/contents/articles/28552.microsoft-azure-active-directory-powershell-module-version-release-history.aspx) +1. Install the [latest version of the Microsoft Graph PowerShell](/powershell/microsoftgraph/installation) 2. Install the SharePoint in Microsoft 365 Management Shell: To install the online service management tools and configure the PowerShell wind ```powershell Add-PSSnapin Microsoft.SharePoint.PowerShell Import-Module Microsoft.PowerShell.Utility- Import-Module MSOnline -force + Import-Module Microsoft.Graph ``` If you need to run any of the configuration steps again later, remember to run these commands again to load the required modules and snap-ins in PowerShell. To install the online service management tools and configure the PowerShell wind 9. Enter the following commands to sign in to SharePoint in Microsoft 365, from the PowerShell command prompt: ```powershell- $cred=Get-Credential - Connect-MsolService -Credential $cred + Connect-MgGraph -Scopes "Group.ReadWrite.All","RoleManagement.ReadWrite.Directory" ``` - You are prompted to sign in. You need to sign in using a Microsoft 365 global admin account. + You are prompted to sign in. You need to sign in using a Microsoft 365 global admin account. You can explore [other ways to connect to Microsoft Graph](/powershell/microsoftgraph/authentication-commands). Leave the PowerShell window open until you've completed all the steps in this article. You need it for a variety of procedures in the following sections. $spcn="*.<public_root_domain_name>.com" $spsite=Get-Spsite <principal_web_application_URL> $site=Get-Spsite $spsite $spoappid="00000003-0000-0ff1-ce00-000000000000"-$spocontextID = (Get-MsolCompanyInformation).ObjectID -$metadataEndpoint = "https://accounts.accesscontrol.windows.net/" + $spocontextID + "/metadata/json/1" +$spocontextID = (Get-MgOrganization).Id +$metadataEndpoint = "https://accounts.accesscontrol.windows.net/" + $spocontextID + "/metadata/json/1 ``` After you populate these variables, you can view their values by entering the variable name in the PowerShell window. For example, entering `$metadataEndpoint` returns a value similar to the following: The commands in this step add the on-premises STS certificate (public key only) From the PowerShell command prompt, type the following commands. ```powershell-$stsCert=(Get-SPSecurityTokenServiceConfig).LocalLoginProvider.SigningCertificate -$binCert = $stsCert.GetRawCertData() -$credValue = [System.Convert]::ToBase64String($binCert); -New-MsolServicePrincipalCredential -AppPrincipalId $spoappid -Type asymmetric -Usage Verify -Value $credValue +Import-Module Microsoft.Graph.Applications ++$params = @{ + keyCredential = @{ + type = "AsymmetricX509Cert" + usage = "Verify" + key = [System.Text.Encoding]::ASCII.GetBytes("MIIDYDCCAki...") + } + passwordCredential = $null + proof = "eyJ0eXAiOiJ..." +} ++Add-MgServicePrincipalKey -ServicePrincipalId $spoappid -BodyParameter $params ``` <a name='step-3-add-an-spn-for-your-public-domain-name-to-azure-active-directory'></a> If the common name in your certificate is sharepoint.adventureworks.com, the syn Using a wildcard value lets SharePoint in Microsoft 365 validate connections with *any host* in that domain. This is useful if you ever need to change the host name of the external endpoint (if your topology includes one) or if you want to change your SharePoint Server web application, in the future. -To add the SPN to Microsoft Entra ID, enter the following commands in the Azure Active Directory module for Windows PowerShell command prompt. +To add the SPN to Microsoft Entra ID, enter the following commands in the Microsoft Graph PowerShell command prompt. ```powershell-$msp = Get-MsolServicePrincipal -AppPrincipalId $spoappid -$spns = $msp.ServicePrincipalNames -$spns.Add("$spoappid/$spcn") -Set-MsolServicePrincipal -AppPrincipalId $spoappid -ServicePrincipalNames $spns +$msp = Get-MgServicePrincipal -Filter "AppId eq '$spoappid'" +$params =@{ + "servicePrincipalNames"="$spoappid/$spcn" +} +Update-MgServicePrincipal -ServicePrincipalId $msp.Id -BodyParameter $params ``` -To validate that the SPN was set, enter the following commands in the Azure Active Directory module for Windows PowerShell command prompt. +To validate that the SPN was set, enter the following commands in the Microsoft Graph PowerShell command prompt. ```powershell-$msp = Get-MsolServicePrincipal -AppPrincipalId $spoappid +$msp = Get-MgServicePrincipal -Filter "AppId eq '$spoappid'" $spns = $msp.ServicePrincipalNames $spns ``` This step registers the SharePoint in Microsoft 365 application principal object From the PowerShell command prompt, type the following commands. ```powershell-$spoappprincipalID = (Get-MsolServicePrincipal -ServicePrincipalName $spoappid).ObjectID +$spoappprincipalID = (Get-MgServicePrincipal -Filter "servicePrincipalName eq '$spoappid'").Id $sponameidentifier = "$spoappprincipalID@$spocontextID" $appPrincipal = Register-SPAppPrincipal -site $site.rootweb -nameIdentifier $sponameidentifier -displayName "SharePoint" ``` |