| Service | Microsoft Docs article | Related commit history on GitHub | Change details |
|---|---|---|---|
| SharePoint | Prepare IE11 | https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/Prepare-IE11.md | Last updated 03/31/2021 Title: "Prepare your SharePoint environment for the retirement of Internet Explorer 11"----++++ recommendations: true audience: Admin f1.keywords: - NOCSH +ms.localizationpriority: medium search.appverid: - SPO160 - MET150 |
| SharePoint | Assign Roles And Permissions To Manage Term Sets | https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/assign-roles-and-permissions-to-manage-term-sets.md | Last updated 07/11/2018 Title: "Assign roles and permissions to manage term sets"-+ |
| SharePoint | Change History Report | https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/change-history-report.md | Last updated 05/10/2023 Title: "Create change history reports for SharePoint sites"-+ recommendations: true |
| SharePoint | Change Site Address | https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/change-site-address.md | Files in the recycle bin will be restorable as per the usual deletion timeframe. The SharePoint mobile apps will detect the site's new URL. Make sure that users have updated their apps to the latest version. **SharePoint web parts**<br>-Any embedded URLs in any SharePoint web parts (News, List, etc.) will not be updated and may break. After the site address is changed, you might need to update individual web parts to use the new URL. +Any embedded URLs in any SharePoint web parts (News, List, etc.) will not be updated and may break. This includes page thumbnail images in news posts existing on the site. After the site address is changed, you might need to update individual web parts to use the new URL. **SharePoint workflow 2013**<br> SharePoint workflow 2013 will need to be republished after the site address is changed. |
| SharePoint | Create And Manage Terms | https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/create-and-manage-terms.md | Last updated 07/11/2018 Title: "Create and manage terms in a term set"-+ |
| SharePoint | Create B2b Extranet | https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/create-b2b-extranet.md | Title: "Use SharePoint as a business-to-business (B2B) extranet solution"-+ |
| SharePoint | Data Access Governance Reports | https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/data-access-governance-reports.md | Last updated 03/28/2023 Title: "Data access governance reports for SharePoint sites"-+ |
| SharePoint | Find Settings | https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/find-settings.md | - Previously updated : 02/09/2021 Title: "Find OneDrive admin settings"------ NOCSH----- Strat_OD_admin-- M365-collaboration--- admindeeplinkSPO-- onedrive-toc-- ODB160-- ODB150-- MET150 -description: "Learn where to find features from the OneDrive admin center. " ---# Find OneDrive admin settings --This article covers all the features in the OneDrive admin center and where you can find them in other places. --## Sharing page --Go to the <a href="https://go.microsoft.com/fwlink/?linkid=2185222" target="_blank">Sharing page in the new SharePoint admin center</a>. --| OneDrive admin center | SharePoint admin center | -|:--|:--| -|| | --## Sync page --Go to the <a href="https://go.microsoft.com/fwlink/?linkid=2185072" target="_blank">Settings page in the new SharePoint admin center</a>, and select **Sync**. --| OneDrive admin center | SharePoint admin center | -|:--|:--| -|| | --To change the setting "Block sync on Mac OS," you can use the following PowerShell command. [Learn more about this command](/powershell/module/sharepoint-online/set-spotenantsyncclientrestriction) --```PowerShell -Set-SPOTenantSyncClientRestriction -BlockMacSync:$true -``` --## Storage page --Go to the <a href="https://go.microsoft.com/fwlink/?linkid=2185072" target="_blank">Settings page in the new SharePoint admin center</a>. To change the default storage setting, select **Storage limit**. To change the retention setting for deleted users, select **Retention**. --| OneDrive admin center | SharePoint admin center | -|:--|:--| -|| | --## Device access page --Go to the <a href="https://go.microsoft.com/fwlink/?linkid=2185071" target="_blank">Access control page in the new SharePoint admin center</a>. To control access based on network location, select **Network location**. To control access from apps that can't enforce device-based restrictions, select **Apps that don't use modern authentication**. --| OneDrive admin center | SharePoint admin center | -|:--|:--| -|| | --The policy settings under "Mobile application management" are no longer being updated. We recommend [creating app protection policies](https://endpoint.microsoft.com/?ref=AdminCenter#blade/Microsoft_Intune_DeviceSettings/AppsMenu/appProtection) in the Microsoft Endpoint Manager admin center. [Learn how](/mem/intune/apps/app-protection-policies). Refer to the following table to identify the Intune settings that correspond with the settings in the OneDrive admin center. --| OneDrive | Intune | -|:--|:--| -|Block downloading files in the apps |Save copies of org data <br/> | -|Block taking screenshots in the Android apps <br/> |Screen capture and Google Assistant <br/> | -|Block copying files and content within files <br/> |Restrict cut, copy, and paste between other apps <br/> | -|Block printing files in the apps <br/> |Printing org data <br/> | -|Block backing up app data <br/> |Prevent backups <br/> | -|Require an app passcode <br/>Number of attempts before app is reset <br/>Passcode length <br/>Require complex passcode <br/>Allow fingerprint instead of passcode (iOS only) <br/> |PIN for access <br/> MAX PIN attempts<br/>Select minimum PIN length<br/>Simple PIN<br/>Allow fingerprint instead of PIN<br/>| -|Block opening OneDrive and SharePoint files in other apps <br/> |Send org data to other apps <br/> | -|Encrypt app data when the device is locked <br/> |Encrypt org data <br/> | -|Require Office 365 sign-in every 7 days <br/> |Recheck the access requirements after (minutes of inactivity) <br/> | -|When a device is offline: Minutes to verify user access after <br/> |Offline grace period (for "Block access") <br/> | -|When a device is offline: Days to wipe app data after <br/> |Offline grace period (for "Wipe data") <br/> | --## Compliance --This page contains links to Office 365 Security & Compliance. [View the compliance and risk management solutions available in Microsoft 365](https://compliance.microsoft.com/solutioncatalog) --- [Search the audit log](https://compliance.microsoft.com/auditlogsearch?viewid=Search)-- [Create a DLP policy](https://compliance.microsoft.com/datalossprevention?viewid=policiesn)-- [View DLP policy match reports](https://compliance.microsoft.com/reports/dlppolicymatchesreport)-- [Create a retention policy](https://compliance.microsoft.com/informationgovernance?viewid=retention)-- [Create an eDiscovery case](https://compliance.microsoft.com/classicediscovery)-- [Create an alert](https://compliance.microsoft.com/compliancealerts)--## Notifications --For the "Display device notifications to users when OneDrive files are shared with them" setting, Go to the <a href="https://go.microsoft.com/fwlink/?linkid=2185072" target="_blank">Settings page in the new SharePoint admin center</a>, and select the OneDrive **Notifications** setting. --| Classic | New | -|:--|:--| -|| | --For info about the "E-mail OneDrive owners when" settings, refer to the following table. --| Classic | New | -|:--|:--| -|Other users invite additional external users to shared files <br/> |This setting is available in PowerShell (`Set-SPOTenant -NotifyOwnersWhenItemsReshared`). <br/> | -|External users accept invitations to access files <br/> |This setting no longer works for the new sharing experience that appears in most places. <br/> | -|An anonymous access link is created or changed <br/> |This setting is available in PowerShell (`Set-SPOTenant -OwnerAnonymousNotification`). <br/> | --## Data migration --This page redirects to the <a href="https://go.microsoft.com/fwlink/?linkid=2185075" target="_blank">Migration page in the new SharePoint admin center</a>. [Learn about migrating content to Microsoft 365](/sharepointmigration/migrate-to-sharepoint-online). --## Geo locations --Go to the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Geo locations page in the new SharePoint admin center</a>. --| OneDrive admin center | SharePoint admin center | -|:--|:--| -||| |
| SharePoint | Managed Metadata | https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/managed-metadata.md | Title: "Introduction to managed metadata"-+ |
| SharePoint | Open Term Store Management Tool | https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/open-term-store-management-tool.md | Last updated 07/23/2018 Title: "Open the Term Store Management Tool"-+ |
| SharePoint | Recent Actions Panel | https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/recent-actions-panel.md | Last updated 05/05/2023 Title: "Review recent SharePoint site actions"-+ recommendations: true |
| SharePoint | Remove Users | https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/remove-users.md | Last updated 01/07/2019 Title: "Remove users from SharePoint" + Title: Troubleshoot user profile removal issues in SharePoint search.appverid: - GSP150 - MET150 ms.assetid: 494bec9c-6654-41f0-920f-f7f937ea9723-description: "In this article, you'll learn how to remove users from SharePoint in different scenarios." +description: "In this article, you'll learn how to troubleshoot user profile removal issues in SharePoint." -# How to remove users from SharePoint +# Troubleshoot user profile removal issues in SharePoint This article describes how to remove users so they no longer appear in SharePoint. It should be used to troubleshoot Profile Property synchronization or mismatched ID issues only as advised by Microsoft Customer Support Services. |
| SharePoint | Set Up New Group For Term Sets | https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/set-up-new-group-for-term-sets.md | Last updated 07/11/2018 Title: "Set up a new group for term sets"-+ |
| SharePoint | Set Up New Term Set | https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/set-up-new-term-set.md | Last updated 07/11/2018 Title: "Set up a new term set"-+ |
| SharePoint | Sync Health | https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/sync-health.md | Last updated 04/27/2021 Title: "OneDrive sync reports in the Apps Admin Center"-+ |
| SharePoint | Use Silent Account Configuration | https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/use-silent-account-configuration.md | New-ItemProperty -Path $DiskSizeregistryPath -Name $TenantGUID -Value '102400' - SilentAccountConfig creates a SilentBusinessConfigCompleted registry entry once SilentAccountConfig has successfully provisioned the user in OneDrive.exe. This prevents SilentAccountConfig from reprovisioning the user in OneDrive.exe if the user manually stops syncing. -If SilentAccountConfig has successfully completed on a computer you're going to use to build a Windows deployment image (for example, SysPrep), you need to ensure this registry key is removed before you prepare your image. You can do so by running the following command: +If SilentAccountConfig has successfully completed on a computer you're going to use to build a Windows deployment image (for example, SysPrep), you need to ensure this registry key and also ClientEverSignedIn and PersonalUnlinkedTimeStamp registry keys are removed before you prepare your image. You can do so by running the following commands: ```console reg delete HKCU\Software\Microsoft\OneDrive /v SilentBusinessConfigCompleted /f+reg delete HKCU\Software\Microsoft\OneDrive /v ClientEverSignedIn /f +reg delete HKCU\Software\Microsoft\OneDrive /v PersonalUnlinkedTimeStamp /f ``` <a name="VerifySilentAccountConfig"></a> |
| SharePoint | Set Up Oidc Auth In Sharepoint Server With Msaad | https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointServer/security-for-sharepoint-server/set-up-oidc-auth-in-sharepoint-server-with-msaad.md | Replace TenantID with the **Directory (tenant) ID** saved in the third step ment | issuer | `https://sts.windows.net/<tenantid>/` | | jwks_uri | `https://login.microsoftonline.com/common/discovery/keys` | -Open jwks_uri (`https://login.microsoftonline.com/common/discovery/keys`) and save the **x5c** certificate string of the first key for later use in SharePoint setup (if the first key doesnΓÇÖt work, try the second or third key). +Open jwks_uri (`https://login.microsoftonline.com/common/discovery/keys`) and save all the **x5c** certificate strings for later use in SharePoint setup. :::image type="content" source="../media/sharepoint-setup-keys.png" alt-text="Discovery keys"::: In this step, you create a `SPTrustedTokenIssuer` that will store the configurat ```powershell # Define claim types-$email = New-SPClaimTypeMapping "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" -IncomingClaimTypeDisplayName "EmailAddress" -SameAsIncoming +$oidClaimMap = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.microsoft.com/identity/claims/objectidentifier" -IncomingClaimTypeDisplayName "oid" -SameAsIncoming # Public key of the AAD OIDC signing certificate. Please replace <x5c cert string> with the encoded cert string which you get from x5c certificate string of the keys of jwks_uri from Step #1-$encodedCertStr = <x5c cert string> -$signingCert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 @(,[System.Convert]::FromBase64String($encodedCertStr)) +$encodedCertStrs = @() +$encodedCertStrs += <x5c cert string 1> +$encodedCertStrs += <x5c cert string 2> +... +$signingCert = @() +foreach ($encodedCertStr in $encodedCertStrs) { + $certificates += New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 @(,[System.Convert]::FromBase64String($encodedCertStr)) +} + # Set the AAD OIDC URL where users are redirected to authenticate. Please replace <tenantid> accordingly $authendpointurl = "https://login.microsoftonline.com/<tenantid>/oauth2/authorize" $registeredissuernameurl = " https://sts.windows.net/<tenantid>/" $signouturl = " https://login.microsoftonline.com/<tenantid>/oauth2/logout" $clientIdentifier = <Application (Client)ID> # Create a new SPTrustedIdentityTokenIssuer in SharePoint-New-SPTrustedIdentityTokenIssuer -Name "contoso.local" -Description "contoso.local" -ImportTrustCertificate $signingCert -ClaimsMappings $email -IdentifierClaim $email.InputClaimType -RegisteredIssuerName $registeredissuernameurl -AuthorizationEndPointUri $authendpointurl -SignOutUrl $signouturl -DefaultClientIdentifier $clientIdentifier +New-SPTrustedIdentityTokenIssuer -Name "contoso.local" -Description "contoso.local" -ClaimsMappings $oidClaimMap -IdentifierClaim $oidClaimMap.InputClaimType -DefaultClientIdentifier $clientIdentifier -MetadataEndPoint $metadataendpointurl -Scope "openid profile" ``` Here, `New-SPTrustedIdentityTokenIssuer` PowerShell cmdlet is extended to support OIDC by using the following parameters: With the following PowerShell example, we can use metadata endpoint from Azure A ```powershell # Define claim types-$email = New-SPClaimTypeMapping "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" -IncomingClaimTypeDisplayName "EmailAddress" -SameAsIncoming +$oidClaimMap = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.microsoft.com/identity/claims/objectidentifier" -IncomingClaimTypeDisplayName "oid" -SameAsIncoming # Set the AAD metadata endpoint URL. Please replace <TenantID> with the value saved in step #3 in AAD setup section $metadataendpointurl = "https://login.microsoftonline.com/<TenantID>/.well-known/openid-configuration" |