Below you will find pages that utilize the taxonomy term “Security”
posts
Remove Expired Sharing Links and Update Sharing Link Role to Read
Updating the expiration time and role for sharing links is still limited. Although it seems possible through the Graph API Update permission, I have been unable to pass the roles as body parameters.
Graph Explorer Attempts Using the following script:
Invoke-PnPGraphMethod -Url "v1.0/drives/$driveId/items/$driveItemId/permissions/$($ShareLink.Id)" -Method Patch -Content @{ roles = @("read") } threw the error message
“Invalid input: No Information provided to update the specifed permission”
From the UI Anyone link can’t be edited Organisation link can’t be edited Specific people links can be edited Using the network tab from the browser developer tools enables identifying the endpoint to update specific people links only.
posts
PowerShell: Removing Web API Permissions for SPFx Solutions used by EntraId SharePoint Online Web Client Extensibility
The script checks the ‘SharePoint Online Web Client Extensibility’ Principal within Entra ID for the actual assigned permissions as the SPFx solutions requests are all be added to that single shared permission group.
As hilghlighted by “Wes Hackett”:
I’ve personally seen plenty of tenants with Mailbox permissions with no corresponding solutions live in the app catalogs. Early SPFx doc examples encouraged the use of MS Graph into Mailbox permissions in one of the how to learn samples, older tenants sometimes have this breadcrumb left behind.
posts
Retrieve SPFx Details from Tenant and Site Collection App Catalogs Using PowerShell
Have you ever needed to gather detailed information about SPFx solutions installed in your SharePoint environment, such as API permissions, for auditing, inventory, or compliance purposes? The PowerShell script below helps you retrieve these details from both the tenant-level and site collection app catalogs for auditing with the aim to improve security posture by removing unneeded apps and access rights.
To execute this script, you must have Global Administrator or SharePoint Administrator roles.
posts
Oversight of Sharing Information in SharePoint sites using PowerShell and CSOM, REST and PnP PowerShell
Oversight of Sharing Information in SharePoint sites using PowerShell and CSOM, REST and PnP PowerShell Effective oversight of sharing links and sharing information are paramount to ensuring data security, compliance, and optimal collaboration experiences.
As organisations migrate to M365 environments, they inherit powerful collaboration tools that facilitate seamless sharing of documents and resources. However, without proper governance, these capabilities can lead to unintended consequences such as data breaches, compliance violations, and loss of intellectual property.
posts
PowerShell Script to Query Unique Permissions in SharePoint
Query Unique Permissions in SharePoint using CSOM and PnP PowerShell Managing permissions in SharePoint is a critical aspect of maintaining data security and compliance within organisations. However, as SharePoint environments grow in complexity, manually auditing and managing permissions becomes increasingly challenging. To address this challenge, PowerShell scripts can be leveraged to automate the auditing process, providing administrators with valuable insights into permission structures across SharePoint sites and libraries.
What do SharePoint permissions have to do with Copilot for Microsoft 365?
posts
Recreating Deleted Owners Group for M365-Connected SharePoint Sites
Recreating Deleted Owners Group for M365-Connected SharePoint Sites If out-of-the-box (OOB) groups such as owners, members, or visitors have been deleted accidentally from your SharePoint site, this article may assist you in recovering those vanished groups specifically for M365 linked Team site. I recently encountered a distress call from an end user facing data access issues on a SharePoint Team site. To my dismay, I discovered that the SharePoint Owners group had been accidentally deleted, prompting me to seek and implement a solution to restore access.