Announcing the private preview of improved sensitive information types (aka classification depth preview) in M365 Services. This preview will include multiple features over the course of the program while we introduce improvements to the sensitive information types and how they can be used. The initial feature for preview is the introduction of 65 new/improved sensitive types for EU GDPR (57 SITs) and APAC (8 SITs).
The easiest way to test these types will be:
We are currently reviewing release cycles to plan when these will be available to additional clients (such as Microsoft 365 Apps – formerly Office 365 Pro Plus).
An important aspect of this preview is sharing the results of your testing with our preview team.
The private preview will begin rolling out this week. You can sign up to express your interest in joining this preview program by completing the following form.
Every month, tens of millions of people turn to SharePoint lists to track and manage critical business and team data. Lists enable organizations and teams to store and visualize rows of data to share and collaborate on scenarios like inventory management, status reporting, deal milestones and more. They are easy to use, secure, with high capacity up to 30 million items in a single list.
Today, we’re pleased to announce lists from Excel is now rolled out worldwide to customers in Microsoft 365. This is a new way to create a list, saving you time while putting the data in a location that opens new scenarios.
Let’s dive into the details…
Lists from Excel
To create a list from Excel, you can select a table from the Excel files in the SharePoint site, or from your device. You can change the field type of the column if needed, and all your table data will be copied to the new list.
When you create a list from Microsoft Excel, you map table data to a new list – adjusting column types before you click Create.
A quick step-by-step ‘how to’
- From within your SharePoint site, click the upper-right gear icon and select Site contents*
- At the top of the Site contents page, Click New > List
- Click the From Excel tab
- Enter a name for your new list
- Click Upload file to select from your local device or pick from files already in Microsoft 365
- Update the column type headers; for example, change “Number” to Date and time; choice fields work, too, automatically aggregating unique values.
- Click Create to import the Excel table data and create a new SharePoint list
Adjust the SharePoint column types before you import the Excel table data into Microsoft 365.
Your Excel data is now intact; your SharePoint list ready to extend in numerous ways:
- Further assign and adjust data types to columns in your list
- Enhance visuals by designing list row and column formatting
- Use conditional formatting rules to make the list data intuitive and helpful
- Set reminders on list items
- Build productivity apps with Power Automate (custom flows) and Power Apps (custom forms); your list becomes the foundational data source.
Further refine your list with conditional formatting on rows and columns.
Note: You can analyze SharePoint list items from a view of the list to Excel – to work with the data in a spreadsheet; simply click Export to Excel. Note: Excel creates an Excel table with a one-way data connection based on a web query file. To bring a fresh copy of the SharePoint list to Excel, select Refresh All on the Data tab from within Excel. Changes made to the Excel table will not be sent to the SharePoint list. Learn more how to export to Excel from SharePoint.
In Summary
It is easier than ever to get started with SharePoint lists – using Excel as shown above or based on existing lists. No matter how you start, it’s then easy to further configure lists by using views, filters, rules and reminders to increase the usefulness of your data – especially as data changes or is missing.
You can further customize lists, too. It is possible to further extend with native integrations leveraging Power Apps and Power Automate. And when your forms and workflows get more complex or pull from multiple sources lean on the Power Platform tools directly available from your list.
Note | We recently announced Microsoft Lists and how it is an evolution of SharePoint lists. For the list from Excel announcement above, we want to emphasize that you will be able to create a list from Microsoft Excel today and in the future when Microsoft Lists begins to roll out and broaden the lists story.
Learn more about how to create a list from Microsoft Excel.
Want to see it in action? Click into the SharePoint list: “Create list from Excel” click-thru demo.
Additional resources:
Thanks, Mark Kashman, senior product manager – Microsoft
*Frequently Asked Question
Q: When will I see the new list creation user interface from a team site home page (New > List) drop-down menu?
A: We are planning to include the New > List entry point from a site home page early Summer 2020. Until then, you can accomplish the above actions from the site’s Site Contents page, accessed from the upper-right gear icon menu.
![General availability of automatic classification with sensitivity labels in Microsoft 365 services]()
Microsoft runs on trust. With digital data growing exponentially, online threats becoming very sophisticated, and remote work necessary, it is more important than ever to safeguard your corporate data.
At Microsoft, our goal is to provide a built-in, intelligent, unified, and extensible solution to protect sensitive data across your enterprise – in Microsoft 365 cloud services, on-premises, third-party SaaS applications, and more. With Microsoft Information Protection, we are building a unified set of capabilities for classification, labeling, and protection across Microsoft 365 apps (Word, PowerPoint, Excel, Outlook) and productivity services like OneDrive, SharePoint, Teams, and Exchange.
Sensitivity labels are central to how your business-critical data can be protected using Microsoft Information Protection. You can create a sensitivity label and associate it with protection like encryption and visual marking. Label-applied protection will persist with the file wherever it goes.
You can start by empowering your users to manually label documents and emails in Office apps across a wide range of platforms (e.g. Windows, Mac, iOS, Android and online). Learn more here on how to enable this manual classification. However, users may forget to label manually or label sensitive data inaccurately. Relying on users alone to manually classify corporate data using labels is not sufficient. The scalable approach is to automatically discover, label, and protect sensitive data. To help you achieve that, we are excited to announce the general availability of automatic classification with sensitivity labels in SharePoint, OneDrive, and Exchange.
You can create an auto-labeling policy with rules tailored for your organization’s sensitive data, targeting specific locations in your enterprise. A policy can either be in simulation or active mode. You can run the policy first in simulation mode and if the results satisfy your organization’s needs then you can proceed and publish the policy.
Figure 1. Auto label policy across two modes: simulation and active modes
With our 100+ out-of-the-box sensitive information types and ability to create custom ones, you have the flexibility to tailor the auto-labelling policy to specific sensitive information types. You can also scope the policy to a specific SharePoint site or OneDrive account or Exchange mailbox.
Policy Simulator provides insight into policy effectiveness and enables you to simulate in your production environment with real data with no impact on end users until the policy is published.
Figure 2. Auto labelling policy simulation mode results
Auto classification with sensitivity labels, along with Policy Simulator, is a powerful capability that enable organizations to automatically designate eligible Excel, PowerPoint, Word files, and emails as sensitive in a scalable way.
Your users can search for content within these protected documents, coauthor using Office web apps and be assured that the protection will persist even after the documents are downloaded. This way your security needs are in harmony with your user’s productivity needs.
Figure 3. Document library experience in SharePoint showing files automatically labelled
Getting Started
As a Microsoft 365 customer, you can turn on this feature in Microsoft 365 compliance center. To learn more about this feature, please read our online documentation. This advanced capability is included with Microsoft 365 SKUs (E5, E5 Compliance and E5 Information Protection & Governance) and Office 365 E5 SKU. You can learn more about our licensing here.
If you are new to Microsoft 365, learn how to try or buy a Microsoft 365 subscription.
As you navigate this challenging time, we have additional resources to help. For more information about securing your organization in this time of crisis, visit our Remote Work site. We’re here to help in any way we can.
Thank you!
Sesha Mani, Principal Group Product Manager, Microsoft
Tony Themelis, Principal PM Manager, Microsoft
Over the last year, SharePoint has embraced the new Microsoft Office icons that were announced in late 2018. A large part of this change is the transition of the SharePoint identity from blue to teal, signaling a shift in the identifying color scheme. In order to best embrace this shift, we are now working to complete an update from blue to teal across the product more broadly. Updating the SharePoint default theme from blue to teal is the final step to adopting the new SharePoint identity.
With this update, you will see classic and modern SharePoint communication sites and team sites (new and existing) update to the teal theme if they have not been customized. A site is considered customized when a custom theme has been selected in the Change the look panel or customizations have been made for classic. This will not impact your sites in any way beyond changing colors from blue to teal as seen in the images below.
How will this impact you?
All new sites from the time of change to teal will be created with teal as the default theme color. This change will happen for any communication site, regardless of modern or classic and for classic team sites. Any modern team site that is group connected will still be created in the existing color selection associated to the M365 group.
This update will not impact custom themes, settings, or the content and structure of sites. This update will only change the theme of new and existing sites that have not been customized.
Current blue theme on a communication site:
New Teal theme on a communication site:
SharePoint Communication Site – Teal Theme
Do I need to do anything?
This update is automatic, and no action is required by admins or users.
If you decide to keep the blue theme – or just want to change the theme – site owners can edit the theme in the Change the look panel. This change can be made at any time, and each site will require a manual change.
To automate this process, create a site design that is configured to apply a custom theme. Site designs are a reusable script that will allow site owners and creators to easily apply your organization’s preferred default theme in site settings. Learn more about SharePoint site design scripts.
Below is the sample code of the blue theme if this theme is preferred:
Blue standard theme JSON code:
{
“themePrimary”: “#0078d4”,
“themeLighterAlt”: “#eff6fc”,
“themeLighter”: “#deecf9”,
“themeLight”: “#c7e0f4”,
“themeTertiary”: “#71afe5”,
“themeSecondary”: “#2b88d8”,
“themeDarkAlt”: “#106ebe”,
“themeDark”: “#005a9e”,
“themeDarker”: “#004578”,
“neutralLighterAlt”: “#faf9f8”,
“neutralLighter”: “#f3f2f1”,
“neutralLight”: “#edebe9”,
“neutralQuaternaryAlt”: “#e1dfdd”,
“neutralQuaternary”: “#d0d0d0”,
“neutralTertiaryAlt”: “#c8c6c4”,
“neutralTertiary”: “#a19f9d”,
“neutralSecondary”: “#605e5c”,
“neutralPrimaryAlt”: “#3b3a39”,
“neutralPrimary”: “#323130”,
“neutralDark”: “#201f1e”,
“black”: “#000000”,
“white”: “#ffffff”
}
If you do nothing?
Starting in June, sites that have not been customized will switch from blue to teal and does not require any action from you. New sites you create will default to the teal theme until you change it either through the Change the look panel or by using a custom Site Design.
This change will not impact any custom themes or settings you have currently installed and applied within your tenant. We do not have an opt-out option for administrators.
What site types and states will be impacted:
|
Site Type
|
Customized state
|
Impacted
|
|
Classic Publishing
|
NOT customized with a theme
|
Yes
|
|
Classic Publishing
|
Customized with a theme
|
No
|
|
Classic Team sites
|
NOT customized with a theme
|
Yes
|
|
Classic Team sites
|
Customized with a theme
|
No
|
|
Modern Communication sites
|
NOT customized with a theme
|
Yes
|
|
Modern Communication sites
|
Customized with a theme
|
No
|
|
Group connected Team Sites
|
N/A
|
No
|
Captain’s log, stardate 365.0602.0609.2, our destination – to boldly go where no virtual conference has gone before.
The Galactic Collaboration Summit is about to hit warp speed 10, to help you explore a Milky Way Galaxy full of sessions. Set your phasers on fun, to learn, and engage!
Jeff “Captain” Teper (CVP, Microsoft) will be giving a keynote that’ll be out of this world, plus Microsoft speakers delivering breakout sessions among thought leaders and members of the community from around the world. Review all sessions and start your Galactic exploration today.
What: Galactic Collaboration Summit to learn more | Get your ticket today
When: June 2nd & 9th, 2020 (unique content on both days)
I’m a presenter, not a doctor: 65+ speakers (MVPs, RDs, Microsoft and community members)
Cost: Free and voluntary payment
Primary Twitter hashtag: #GalacticSummit (join in) & follow @CollabSummit
Galactic Collaboration Summit – June 2nd & 9th, 2020 (online training)
Seal up your helmet and ready your best cosmonaut impersonation. The Galactic Collaboration Summit has something for everyone in all reaches of the Microsoft 365 galaxy: far, far away. You’ll find no star or cluster uncharted: modern workplace, remote working and distance learning topics on Microsoft’s technologies, such as Microsoft 365, Microsoft Teams and SharePoint, Microsoft Azure topics relevant to the modern workplace, as well as different Business App topics (Power Apps, Logic Apps, Power Automate, Planner, Yammer), and more.
Below is a list of the Microsoft sessions – including Jeff’s keynote:
- The latest innovations in SharePoint, OneDrive, and Office for content collaboration [Microsoft keynote] | by Jeff Teper
- Microsoft 365 Live Events and remote work | by Lorena Huang Liu & Christina Torok
- Knowledge and Project Cortex – the Microsoft 365 Vision | by Naomi Moneypenny and Chris McNulty
- Share and track your information with Microsoft Lists across Microsoft 365 | by Lincoln DeMaris
- Design productivity apps with SharePoint lists and libraries, Power Apps, and Power Automate | by Chaks Chandran
- The New Yammer | by Jason Mayans
- Migration to SharePoint, OneDrive, and Microsoft Teams in Microsoft 365, free and easy | by Hani Loza & Eric Warnke
- Security and compliance in SharePoint and OneDrive | by Sesha Mani
- Jump start your projects with community projects from Patterns and Practices (PnP) | by Vesa Juvonen
Shout out to community members Spencer Harbar, Adis Jugo and the #GalacticSummit crew who are giving the conference all they got, soon transporting you into the online holodeck and beyond, navigating the far reaches and for supporting and promoting the knowledge and expertise that reaffirms this: Microsoft 365 has the best tech community in the galaxy – one that shall live long and prosper.
Beam me up Spency, Mark
In this weekly discussion of latest news and topics around Microsoft 365, hosts – Vesa Juvonen (Microsoft), Waldek Mastykarz (Rencore), are joined by Rabia Williams – MVP, Developer with Engage Squared in Brisbane, Australia.
This episode’s conversation evolves from the ease of working with SharePoint Framework, to challenges of cloud-based authentication, to being involved with the tremendous growth of Microsoft Teams apps and extensions. On becoming an MVP – focus on creating awareness and on sharing your interests and learnings with others. On PnP awareness – the reality is there are more newbies than experts out there, it’s incumbent on us to keep learning how to explain the basics better.
The trio agrees – contributing to an open-source effort is a different type of developer experience. It’s people to people focused, it’s inclusive, it’s addictive and it’s rewarding
This episode was recorded on Monday, May 18, 2020.
Did we miss your article? Please use #PnPWeekly hashtag in the Twitter for letting us know the content which you have created.
In this weekly discussion of latest news and topics around Microsoft 365, hosts – Vesa Juvonen (Microsoft), Waldek Mastykarz (Rencore), are joined by Paul Schaeflein – MVP, Developer, Technical Architect and Microsoft 365 Podcaster in Chicago, Illinois, based Addin365.
Paul is focused on helping peers and customers use the parts of Microsoft 365 that are relevant to their job. What is the Microsoft 365 opportunity for developers? Of course, that depends. Microsoft 365 provides many options. First understand and bridge the gap between what your staff can do (their knowledge) and what the service can do for you/them. Key focus areas for newbies?
Learn how to write and secure an API, understand React and now React hooks, know your native coding tool – editor, know how to use search engines to find people and information efficiently, understand how to interact with a service you don’t own and finally, keep learning.
As always, if you need help on an issue, want to share a discovery, or just want to say: “Job well done”, please reach out to Vesa, to Waldek or to your PnP Community.
This episode was recorded on Monday, May 11, 2020.
Did we miss your article? Please use #PnPWeekly hashtag in the Twitter for letting us know the content which you have created.
The Microsoft Information Protection (MIP) and Compliance Customer Experience (CXE) team are part of M365 Security Engineering at Microsoft. We work with Microsoft’s largest enterprise customers to help them accelerate deployment of our features by providing deployment guidance and advisory services.
An important part of our function is to gather customer feedback and present this back internally to the team to improve our MIP and Compliance products. We can’t work with every customer, so we have combined all these experiences into a deployment acceleration guide. This document will guide our customers on their information protection and compliance journey, learn best practices and key benefits to help get the most out of their Microsoft 365 investments.
Attached to this post you will find a link to download our deployment acceleration guide.
We hope you will find it useful and beneficial.
Feel free to send us feedback!
mipsccxe@microsoft.com
![General availability of automatic classification with sensitivity labels in Microsoft 365 services]()
Welcome to Part 3 of this blog series. First I want to apologize for the delay in getting this Part 3 published, my day job got in the way a bit! If you have not already read the first two parts I recommend it prior to reading this one. In Part 1 we discussed why a company would want to use EDM and the benefits it provides. We also began the setup of EDM in our tenant. Part 2 finished up the overall configuration of EDM, specifically the rule pack file. We ended Part 2 with the upload of our datastore. We are now ready to work on the DLP Policies that will utilize the EDM sensitive info types we created.
To start creating the DLP Policies, go to the new Compliance Center, compliance.microsoft.com. This site is not 100% completed with the move away from the Security and Compliance Center (SCC), protection.office.com, but is making great progress. Once in the Compliance Center, we can check on the new Sensitive Info Types that were created as part of the EDM setup. To do this go to the Data Classification blade in the left-hand menu. Select Sensitive Info Types from the top menu and you should then be able to find the four new types we created. Two of them we already went over when setting up the Rule Pack, and the two newer ones were created once the rule pack was uploaded.
Now that we have verified the new ExactMatch custom Sensitive info types, we can build a DLP policy using them. If you do not see “Data loss prevention” on the left-hand menu, scroll all the way down to the bottom and select “Show all” Once you do this you will see all the menu items, select Data loss prevention.
Note: If you want an option to always be present in the navigation, click on “Show in Navigation” in the upper right of the screen. Now the item will always be visible in the navigation without the need to select “Show all” first.
- From the Data Loss Prevention blade, select Create policy
- Keep custom policy selected and press Next
- Give the policy a name and description. Click Next
- Select Let me choose specific locations, click Next
- De-select SharePoint Sites (currently EDM does not work with SharePoint Sites, but will support soon), click Next
- Select Use advanced settings, click Next
- Select New Rule
- Give the rule a name and description
- Click Add Condition then Content Contains in the Conditions section
- Select Add then Sensitive Info Type
- Select Add then locate and select the Superhero-SRN-EDM and Superhero-Nickname-EDM sensitive info types, click Add
- Click done
- I then modified the Match Accuracy to be between the Confidence Levels set within the Rulepack for just finding the SRN and Nickname without any other fields. Also be sure that Any of These is present, this results in an OR situation, where the service can find an SRN or Nickname, but both do not need to be present. Editing the fields by just selecting the numbers and changing them.
Note: You could use the Add group button to add more Sensitive info types and require either an AND or OR criteria with the first set of sensitive info types.
- Click add a condition and content is shared and then choose with people outside my organization.
Note: you can add additional conditions if you wish, but for this rule I only am configuring the Content is shared condition
- For this rule I am not going to have any actions taken, just notify the user, the next rules will have actions.
- Within User Notifications, turn them on and then you can configure what notifications are sent to whom and customize the messages if you would like. I have elected to notify the user who sent, shared, or last modified the content and I also customized the email and policy tip for the rule.
- Because we do not have any actions on this rule, I do not have to configure User overrides, we will do this in later rules
- Next configure Incidents Reports, for this low rule condition I might not normally configure this but will for this demo. I am specifically keeping the severity for this rule as low and just including the Admin for both alert and incident report notification.
- After setting up Incident reports, you can click Save. Will discuss rule priority later
20. That will bring you back to the Policy settings page again, select New rule again and give the rule a name and description
- For Conditions add the same two sensitive info types as the previous rule, but this time I am going to change the match accuracy to match on the SRN and Nickname with supporting info. For SRN this is 75-84, which means the system will have found the SRN and 2 other fields of data. For Nickname it will be 75-84, which means the system will have found Nickname with 2 other fields. I am taking these ranges from the rulepack file created in Part 2 again.
- Add in the same condition as the previous rule, Content is shared with people outside my organization
- For this rule we will add an action “Restrict or encrypt the content” keep the defaults to “block people from sharing…and Only people outside your organization…”
- The User actions section is like the last rule, just changed the wording in the email and policy tip
- For this rule will allow User Overrides, I am setting it to require a business justification. If you are familiar with DLP, this will require the user to give justification for overriding a policy and will become an auditable entry as well.
- Incident reports section will be the same as the first rule except will raise the severity of this alert to medium.
- Options will remain unchanged, click save.
- From the Customize Type of content to protect screen click on New rule one last time
- Name the Rule
- Add the same two sensitive info types as the previous two rules for the condition. This time I am raising the Match accuracy to match additional criteria found as configured in the rulepack. Also set the same condition as the 2nd rule for sharing with people outside my organization.
- In Actions I am setting the same action as rule two, block people from sharing with people outside my organization.
- User notifications are like the last two rules
- No User overrides, this requires that the data be removed before the action attempted (sharing, sending email) can be completed
- Incident reports, only change it to set the sensitivity as High
- Click save and done creating the rules for the Policy
- Back at Policy settings, you can turn rules on or off as well as select the 3 dots you can move the priority of the rule up or down. Click Next
- Select to turn the policy on or put it in test mode first. Since I am working in a demo lab I will turn in on, click Next
- Review the settings and click Create
- I changed the order so my new Superhero Secret Identity Protection Policy would be set at 0 or the first policy evaluated. In my lab it did not matter much as I only have 1 active Policy. But you will want to pay attention to Order when you have multiple policies and specifically if you select the “Stop processing additional DLP Policies and rules if this rule matches” option
Next step is to test out the Policy and the Rules! Best to let the policy replicate for a couple hours before testing to ensure it will be fully enabled.
For testing the Policy and rules I am going to switch to login as Megan Bowen to do the test. I have logged into Office 365 as Megan and going to start by showing the Policy and rules in action via email.
- Now I am going to compose an email to Adele Vance, another internal SIPA employee, and provide information about Superman
- I have highlighted the data that is present in the email that is also in the datastore CSV that we uploaded. Why did I not get a Policy tip for finding this data in the email? I did not get a policy tip because Adele, as mentioned, is an internal employee and my rules only apply to sharing with people outside my organization. Now I will add an additional recipient to someone outside the organization and see what happens, lets try sending to Lex Luthor of Legion of Doom.
- Now see the highlighted Policy tip, this is the policy tip from our 3rd rule we created within the DLP Policy. Let’s examine the show details
Now I see the reason for the alert is that Lex.luther@legionofdoom.org is not authorized to receive this type of info. I also see what sensitive message type was found.
- If I try to send the email without removing Lex or the sensitive data then this pops up, not allowing the email to be sent.
5. When I attempt to share a file that contains Sensitive Info to someone outside my organization, I am blocked from doing so as well
The above shows how the Office 365 DLP policy uses EDM data. What about Microsoft Cloud App Security (MCAS)? It is just as easy. For MCAS I will create a simple File Policy, here are the steps
- Login to the MCAS Admin portal at Portal.cloudappsecurity.com, select Control and Policies on the left-hand menu and then select Create Policy
- Select File Policy from the drop-down menu
- Give the policy a name and description. For this policy I will not use any filters as I want to include all files.
- Now select Data Classification for the Inspection method and the choose to add the two EDM Sensitive Information type created previously, set the Alerting you wish
- You can elect to provide Governance Actions if you want. Once the policy is completed, sit back, and wait for the alerts to come in
I can see alerts show up in the Alerts Area
Clicking on the Top alert allows me to review the information
Clicking on the 1 Policy Match I can see the actual data the caused the file to be alerted.
This is going to wrap up the blog series. Hope you found this informative and useful when you look to integrate EDM into your DLP solution!
I was working on a case recently, where the users were trying to delete the Index from SharePoint Cloud SSA and when followed the article https://docs.microsoft.com/en-gb/archive/blogs/spses/cloud-search-service-application-removing-items-from-the-office-365-search-index , it had the script to perform the same.
However, the end user had their accounts configured with Multi Factor Authentication and the above didn’t have the context.
Went ahead and tweaked the script and wrote one to leverage the App Context and connect to the SPO Service.
Alternatively, You can use
PowerShell PnP authentication manager which allows for a web login to provide your SPO credentials, which will allow for MFA.
<#
.SYNOPSIS
Issue a call to SharePoint Online to delete all metadata from on-premises content that was
indexed through cloud hybrid search. This operation is asynchronous.
.PARAMETER PortalUrl
SharePoint Online portal URL, for example ‘https://abhassai.sharepoint.com‘.
.PARAMETER Credential
Logon credential for tenant admin. Will prompt for credential if not specified.
#>
param(
[Parameter(Mandatory=$true, HelpMessage=”SharePoint Online portal URL, for example ‘https://contoso.sharepoint.com‘.”)]
[ValidateNotNullOrEmpty()]
[String] $PortalUrl,
[Parameter(Mandatory=$false, HelpMessage=”Logon credential for tenant admin. Will be prompted if not specified.”)]
[PSCredential] $Credential
)
$AzureEnvironment = “AzureCloud”
$IsGermanCloud = $false
$IsChinaCloud = $false
$IsITARvNext = $false
If ($Portalurl.EndsWith(“.de”) -or $Portalurl.EndsWith(“.de/”))
{
$IsGermanCloud = $true
$AzureEnvironment = “AzureGermanyCloud”
}
If ($Portalurl.EndsWith(“.cn”) -or $Portalurl.EndsWith(“.cn/”))
{
$IsChinaCloud = $true
$AzureEnvironment = “AzureChinaCloud”
}
If ($Portalurl.EndsWith(“.dps.mil”) -or $Portalurl.EndsWith(“.dps.mil/”) -or $Portalurl.EndsWith(“.sharepoint-mil.us”) -or $Portalurl.EndsWith(“.sharepoint-mil.us/”) -or $Portalurl.EndsWith(“.sharepoint.us”) -or $Portalurl.EndsWith(“.sharepoint.us/”))
{
$IsITARvNext = $true
$AzureEnvironment = “USGovernment”
}
If ($IsPortalForUSGovernment)
{
$AzureEnvironment = “USGovernment”
}
$SP_VERSION = “15”
$regKey = Get-ItemProperty -Path “HKLM:SOFTWAREMicrosoftOffice Server15.0Search” -ErrorAction SilentlyContinue
if ($regKey -eq $null) {
$regKey = Get-ItemProperty -Path “HKLM:SOFTWAREMicrosoftOffice Server16.0Search” -ErrorAction SilentlyContinue
if ($regKey -eq $null) {
throw “Unable to detect SharePoint Server installation.”
}
$SP_VERSION = “16”
}
$code = @”
using System;
using System.Net;
using System.Security;
using Microsoft.SharePoint;
using Microsoft.SharePoint.Administration;
using Microsoft.SharePoint.Client;
using Microsoft.SharePoint.IdentityModel;
using Microsoft.SharePoint.IdentityModel.OAuth2;
static public class ClientContextHelper
{
public static ClientContext GetAppClientContext(string siteUrl)
{
SPServiceContext serviceContext = SPServiceContext.GetContext(SPServiceApplicationProxyGroup.Default, SPSiteSubscriptionIdentifier.Default);
using (SPServiceContextScope serviceContextScope = new SPServiceContextScope(serviceContext))
{
ClientContext clientContext = new ClientContext(siteUrl);
ICredentials credentials = null;
clientContext.ExecutingWebRequest += (sndr, request) =>
{
request.WebRequestExecutor.RequestHeaders.Add(HttpRequestHeader.Authorization, “Bearer”);
request.WebRequestExecutor.WebRequest.PreAuthenticate = true;
};
// Run elevated to get app credentials
SPSecurity.RunWithElevatedPrivileges(delegate()
{
credentials = SPOAuth2BearerCredentials.Create();
});
clientContext.Credentials = credentials;
return clientContext;
}
}
}
“@
$assemblies = @(
“System.Core.dll”,
“System.Web.dll”,
“Microsoft.SharePoint, Version=$SP_VERSION.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c”,
“Microsoft.SharePoint.Client, Version=$SP_VERSION.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c”,
“Microsoft.SharePoint.Client.Runtime, Version=$SP_VERSION.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c”
)
Add-Type -AssemblyName (“Microsoft.SharePoint.Client, Version=$SP_VERSION.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c”)
Add-Type -AssemblyName (“Microsoft.SharePoint.Client.Search, Version=$SP_VERSION.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c”)
Add-Type -AssemblyName (“Microsoft.SharePoint.Client.Runtime, Version=$SP_VERSION.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c”)
Add-Type -TypeDefinition $code -ReferencedAssemblies $assemblies
<# if ($Credential -eq $null)
{
$Credential = Get-Credential -Message “SharePoint Online tenant admin credential”
} #>
Connect-MsolService -AzureEnvironment $AzureEnvironment
$cctx = [ClientContextHelper]::GetAppClientContext($PortalUrl)
$manager = New-Object Microsoft.SharePoint.Client.Search.ContentPush.PushTenantManager $cctx
$task = $manager.DeleteAllCloudHybridSearchContent()
$cctx.ExecuteQuery()
Write-Host “Started delete task (id=$($task.Value))”
