Tech Aarya

Friday, June 26, 2020

SHAREPOINT - DELETED AND RECREATED USER DOESN’T HAVE PERMISSIONS TO SITE, ACCESS DENIED! Reused email causes SharePoint Issue

Problem

When onboarding a new employee for a customer, we ran into an issue when giving the new user access to sites in SharePoint. Assigning the license to the user and initially adding her to SharePoint went smoothly. But when it came to giving her site permissions (in the site settings), we ran into an issue.

The actual process of adding her to sites appeared to work – until you refreshed the user lists on that site. She wasn’t actually being added. We went through the process a few times, with the same result.

That’s when we noticed something funny – the new user wasn’t being added. An old user, however, WAS being added.

Root Cause

It turns out – the old user being added was the key to figuring out what was going on.

This customer uses the first name@company for their email addresses and Office 365 aliases. The customer previously had an employee with the same name and the same email address who was no longer at the company.

When trying to add the new user, SharePoint was associating the email with the old user (who previously used on SharePoint) and pulling her in rather than the new user.

The old user had been deleted entirely from their Office 365 tenant. For some reason, despite that, the user wasn’t deleted entirely from SharePoint. When we talked to Microsoft, we were told it was a glitch in their system. Not great news, but it did mean there wasn’t anything we (or the customer) could’ve done differently while offboarding the old user.

How to Fix

This turned out to be an easy fix once the root problem was discovered. We just had to completely delete the old user from SharePoint.

To do this, we had to bring up the list of ALL users for each SharePoint site. The easiest way to get to this list is by replacing the last number In the URL for the site with zero. Once we were on that screen, we deleted the old user from each site (this had to be done individually).

Once the old user was deleted, the new user was added to the sites using the normal method.

Browse to the site and edit the URL by adding the following string to the end of it: /_layouts/15/people.aspx?MembershipGroupId=0
For example, the full URL will resemble the following: https://fabrikam.sharepoint.com/_layouts/15/people.aspx/membershipGroupId=0
Select the person from the list, and then on the Actions menu, select Delete Users from Site Collection.
Now add the user again following normal process & now the new profile should get picked up.

Above issue occurs due to mismatch in PUID - Read More

Clear browser history

SharePoint uses browser caching in several scenarios, including in the people picker. Even when a user is fully removed, he or she may still remain in the browser cache. Clearing the browser history resolves this issue. For info about doing this in Edge,

Restore SharePoint Deleted Site

Restore SharePoint Deleted Site

When you delete a user in the Microsoft 365 admin center (or when a user is removed through Active Directory synchronization), the user's OneDrive will be retained for the number of days you specify in the OneDrive admin center. (For info, see Set the default file retention for deleted OneDrive users.) The default is 30 days. During this time, shared content can still be accessed by other users. At the end of the time, the OneDrive will be in a deleted state for 93 days and can only be restored by a global or SharePoint admin.

For info about using Files Restore to restore a OneDrive to a previous point in time, see Restore your OneDrive.

For info about restoring items from the recycle bin in OneDrive, see Restore deleted files or folders.

Restore a deleted OneDrive when the deleted user no longer appears in the Microsoft 365 admin center

If the user was deleted within 30 days, you can restore the user and all their data from the Microsoft 365 admin center. To learn how, see Restore a user in Microsoft 365. If you deleted the user more than 30 days ago, the user will no longer appear in the Microsoft 365 admin center, and you'll need to use PowerShell to restore the OneDrive.

Download the latest SharePoint Online Management Shell.
Note
If you installed a previous version of the SharePoint Online Management Shell, go to Add or remove programs and uninstall "SharePoint Online Management Shell."
On the Download Center page, select your language and then click the Download button. You'll be asked to choose between downloading a x64 and x86 .msi file. Download the x64 file if you're running the 64-bit version of Windows or the x86 file if you're running the 32-bit version. If you don't know, see Which version of Windows operating system am I running?. After the file downloads, run it and follow the steps in the Setup Wizard.
Connect to SharePoint as a global admin or SharePoint admin in Microsoft 365. To learn how, see Getting started with SharePoint Online Management Shell.
Determine if the OneDrive is available for restore

If you know the URL of the OneDrive, run the following command:

PowerShell

Get-SPODeletedSite -Identity <URL>

A user's OneDrive URL is based on their username. For example, 
https://microsoft-my.sharepoint.com/personal/user1_contoso_com. You can find their username on the Active users (or Deleted users) page in the Microsoft 365 admin center.

If you don't know the URL of the deleted OneDrive, run the following command:

PowerShell

Get-SPODeletedSite -IncludeOnlyPersonalSite | FT url

If the OneDrive appears in the results, it can be restored.

Restore the OneDrive to an active state:

PowerShell

Restore-SPODeletedSite -Identity <URL>

Assign an administrator to the OneDrive to access the needed data:

PowerShell

Set-SPOUser -Site <URL> -LoginName <UPNofDesiredAdmin> -IsSiteCollectionAdmin $True

For more info about these cmdlets, see Get-SPODeletedSite and Restore-SPODeletedSite.

Permanently delete a OneDrive

After you recover the data you need from the OneDrive, we recommend that you permanently delete the OneDrive by running the following command:

PowerShell

Remove-SPODeletedSite -Identity <URL>

Caution

When you permanently delete a OneDrive, you will not be able to restore it

Deleted from the Microsoft 365 admin center but still appears in SharePoint

Remove people from the UserInfo list

Scenario 1: Someone is deleted from the Microsoft 365 admin center but still appears in SharePoint.

When a user or guest browses to a SharePoint site, their user information is cached in the UserInfo list. When the user or guest is deleted, their related UserInfo information is not removed. Their profile still appears, which may cause confusion when people view the people picker.

Scenario 2: A mismatched PUID.

This issue most frequently occurs when a user is deleted and the account is then re-created with the same user name. The account in the Microsoft 365 admin center or Active Directory (in directory synchronization scenarios) is deleted and re-created with the same user principal name (UPN). The new account is created by using a different PUID value. When the user tries to access a site collection or their OneDrive, the user has an incorrect PUID. A second scenario involves directory synchronization with an Active Directory organizational unit (OU). If users have already signed in to SharePoint, and then are moved to a different OU and resynced with SharePoint, they may experience this problem.

Remove people from the UserInfo list

The preceding steps removed access to Microsoft 365 and SharePoint. However, the user or guest still appears in people searches and in the SharePoint Online Management Shell when you use the Get-SPOUser cmdlet. To completely remove people from SharePoint, you must remove them from the UserInfo list. There are two ways to do this:

Note

This option is available only if the user previously browsed to the site collection. They won't be listed if they were granted access but never visited the site

Browse to the site and edit the URL by adding the following string to the end of it: /_layouts/15/people.aspx?MembershipGroupId=0
For example, the full URL will resemble the following: https://fabrikam.sharepoint.com/_layouts/15/people.aspx/membershipGroupId=0
Select the person from the list, and then on the Actions menu, select Delete Users from Site Collection.

Using the SharePoint Online Management Shell

Download the latest SharePoint Online Management Shell.
Connect to SharePoint as a global admin or SharePoint admin in Microsoft 365. To learn how, see Getting started with SharePoint Online Management Shell.
Run the following command:
PowerShell
```
Remove-SPOUser -Site https://fabrikam.sharepoint.com -LoginName jondoe_fabrikam.com#EXT#@fabrikam.onmicrosoft.com
```
Note
Replace the _jondoe_fabrikam.com#EXT#@fabrikam.onmicrosoft.com_ placeholder with the person in question.

Clear browser history

Tuesday, June 23, 2020

Restore Soft Deleted MailBox To Shared Mail Box

Restore Soft Deleted MailBox To Shared Mail Box

Connect PowerShell to Exchange Online using below command:

$LiveCred = Get-Credential

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic –AllowRedirection

Import-PSSession $Session

Then checked the old user in Soft Delete

Get-Mailbox –SoftDeletedMailbox //Check the deleted user details

Get-mailbox –SoftDeletedMailbox –Identity “Name of the mailbox” | fl *guid*

Copy the GUID (not Exchange GUID) in a notepad (1)

Get-mailbox –Identity “Email address of the new user” | fl *guid*

Copy the GUID (2)

Following command will copy the old mailbox’s email to the new mailbox.

New-MailboxRestoreRequest -SourceMailbox "GUID (1)" -TargetMailbox "GUID (2)" -TargetRootFolder "Old Mailbox" –AllowLegacyDNMismatch

Since user had Archive enabled we restored the archive mailbox seperately

We ran the below commands to get the ArchiveGuid

Get-Mailbox -Identity user@domain.com -SoftDeletedMailbox |fl " ArchiveGuid"

Get-Mailbox -Identity user@domain.com |fl "ArchiveGuid"

New-MailboxRestoreRequest -SourceMailbox "GUID (1)" -TargetMailbox "GUID (2)" -TargetRootFolder "Old Mailbox" –AllowLegacyDNMismatch

Thursday, June 11, 2020

Whitelist Email Address in O365

Whitelist Email Address in O365

How to Whitelist Email Address in Office 365

Open the Exchange Admin Center.
Click on Protection.
Click on Spam Filter.
Double click on Default.
Click on Allow Lists.
Under Allow Lists, click the + to add a new email address.
In the window that pops up, add the address you’d like to let through.
Click Save.
Click Save again.

That’s it! Now email from that address will be delivered to your organization’s inboxes, not marked as junk.

More Detailed Instructions for Whitelisting Emails

Sign into Office 365: Go to https://portal.office.com and sign in.
Click on Admin from your list of apps.
In the left-hand column, click on the Admin Center icon, then click Exchange to open the Exchange Admin Center.
Click on Protection from the left-hand menu.
Click on Spam Filter.
Double-click on Default.
In the pop-up window, click on Allow Lists.
Under Allowed Sender or Allowed Domain, click the + to add a new email address. Be careful about allowing whole domains, as entering popular domains here like gmail.com can allow bad actors to bypass filtering.
In the window that pops up, add the address you’d like to let through.
Click OK.
Click Save.

That’s it! Now email from that address will be delivered to your organization’s inboxes, not marked as junk.

Sunday, March 15, 2020

How to fix disks remaining offline when Windows 2008 R2 (W2K8 R2) or Windows 2008 (W2K8) SAN volumes (non-local) go OFFLINE on system restart or power-on

How to fix disks remaining offline when Windows 2008 R2 (W2K8 R2) or Windows 2008 (W2K8) SAN volumes (non-local) go OFFLINE on system restart or power-on

The problem is generally expressed as "my drives do not automatically come online after I reboot Windows". Occasionally with W2K8 R2 or W2K8 iSCSI volumes may come up OFFLINE on a system restart or power up for various reasons. In general they can be set online. However, if a specific setting is changed, they may fail to come online when attempted to set online.

On system boot up, the OS will scan the iSCSI disks and restore the mount points if the disks have been formatted and mounted on this system before. In the iSCSI initiator panel of Windows Server 2008, this is configured in the tab called "Volumes and Devices". After the user has mounted the iSCSI disks first time, they can click the Auto configure button in this label tab and the action will bind the device id of iSCSI disk with the drive letter (or mount point).This will assist the OS to restore the mount point when the system boots. But each time the users change the iSCSI disk mount point setting, they must update this setting again.

If the above has been done and there is still an issue that the iSCSI volume will not allow placing ONLINE it is possible that the SAN policy for the OS has been set to "Offline Shared". Changing the configuration to "OnlineAll" will resolve this and allow the volume to be placed ONLINE. This is a function of Diskpart and can be changed via Windows command line.
SAN policy has been introduced in Windows Server 2008 to protect shared disks accessed by multiple servers. The first time the server sees the disk, it'll be offline, but after being brought online once, should be online even after reboot.

You can use POLICY=OnlineAll setting to get around this, but it must be very clear that if the disks are shared among servers that are not using a clustering file system, this can lead to data corruption. Users are encouraged to use the proper SAN policy to protect data.

Procedure:

Check the current SAN policy of the servers disks:
From a Windows command prompt type: diskpart. Once at the Diskpart prompt type SAN.
(i.e. DISKPART> SAN)
If the current policy shows the following:
SAN Policy: Offline Shared
This means the disks will not come online by default even if they have been set using AutoConfigure in the MS initiator.
Change the policy using: SAN Policy=OnlineAll
Now run SAN again to check.
If a specific disk is having an issue coming online it may be necessary to select the disk first using the disk select option under Diskpart before issuing an "online disk" command at the Diskpart prompt.
Type Exit to exit the Diskpart application.
Go back in the MS initiator after closing it and reopening and click the Autoconfig button option again to make sure all iSCSI targets are updated. Now restart the host to check that all disks come online.

Saturday, March 7, 2020

Grant One Drive Access to another User/ Get access to and back up a former user's data

Grant One Drive Access to another User/

Get access to and back up a former user's data

When an employee leaves your organization, you probably want to access their data (documents and emails) and either reviews it, back it up, or give it to a new employee.

Access a former user's OneDrive documents

If you remove a user's license but don't delete the account, you can give yourself access to the content in the user's OneDrive. If you delete the user's account, you have 30 days by default to access the former user’s OneDrive data. Learn how to set the OneDrive retention for deleted users. If you don't rrestore a user account within this time, their OneDrive content is deleted.

To preserve a former user's OneDrive files, first give yourself access to their OneDrive, and then move the files you want to keep.

Note

If you're not using the new Microsoft 365 admin center, you can turn it on by selecting the Try the new admin center toggle located at the top of the Home page.

1. In the admin center, go to the Users > Active users page.

2. Select a user.

3. In the right pane, select OneDrive. Under Get access to files, select Create link to files.

4. Select the link to open the file location. Download the files to your computer, or select Move to or Copy to to move or copy them to your own OneDrive or to a shared library.

Note

You can move or copy up to 500 MB of files and folders at a time.
When you move or copy documents that have version history, only the latest version is moved.

Revoke admin access to a user’s OneDrive

As global admin, you can give yourself access to the content in a user’s OneDrive, but you may want to remove your access when you no longer need it.

1. Sign in to the admin center as a global admin or SharePoint admin.

If you get a message that you don't have permission to access the admin center, then you don't have administrator permissions in your organization.

2. In the left pane, select Admin centers > SharePoint. (You might need to select Show all to see the list of admin centers.)

3. If the classic SharePoint admin center appears, select open it now at the top of the page to open the new SharePoint admin center.

4. In the left pane, select more features.

5. Under User profiles, select Open.

6. Under People, select Manage User Profiles.

7. Enter the user's name and select Find.

8. Right-click the user, and then choose Manage site collection owners.

9. Remove the person who no longer needs access to the user's data, and then select OK.

Shop For All Technical Books Online & Technical Products Online

Exam Ref AZ-900 Microsoft Azure Fundamentals

INR 2,175.00
More offers

Pages

Friday, June 26, 2020

Clear browser history

Restore a deleted OneDrive when the deleted user no longer appears in the Microsoft 365 admin center

Permanently delete a OneDrive

Clear browser history

Tuesday, June 23, 2020

Thursday, June 11, 2020

How to Whitelist Email Address in Office 365

More Detailed Instructions for Whitelisting Emails

Sunday, March 15, 2020

Saturday, March 7, 2020

Exam Ref AZ-900 Microsoft Azure Fundamentals

Microsoft Azure Cloud - Complete Practical Guide for Ultimate Beginners: Step By Step Azure Cloud Lab Manual Guide

Azure: Microsoft Azure Tutorial The Ultimate Beginners Guide

DCA Computer Course Book - Complete Microsoft Office Package Book

Hands-On Cloud Administration in Azure: Implement, monitor, and manage important Azure services and components including IaaS and PaaS

Microsoft Excel 2016 - Data Analysis and Business Modeling

Azure: Microsoft Azure Tutorial for Beginners

Microsoft Visual C# Step by Step

Microsoft Office 2010

Microsoft Office 2016 All-In-One for Dummies

Microsoft Surface Laptop 2 Intel core i5 8th Gen 13.5 inch Touchscreen Laptop (8GB/128GB/Windows 10 Home/Integrated Graphics/Platinum/1.252kg), 1769

Microsoft Surface Pro 6 1796 2019 12.3-inch Laptop (8th Gen Intel Core i5-8250U/8GB/128GB/Windows 10 Home/Integrated Graphics), Platinum

Microsoft Lumia 550 4G (Black)

Microsoft Surface Arc Mouse - Light Grey

Microsoft Surface Go (Intel Pentium Gold, 8GB RAM, 128GB)

Microsoft Surface Go MCZ-00015 2019 10-inch Laptop (Pentium Gold 4415Y/8GB/128GB/Windows 10 Home in S Mode/Integrated Graphics), Platinum

Microsoft SurfacePro Intel Core i5 7th Gen 12.3-inch Touchscreen 2-in-1 Thin and Light Laptop (8GB/256GB/Windows 10 Pro/Silver/0.771Kg), 1796

Microsoft Lumia 950 XL (Black, 32GB)

Microsoft P3Q-00001 Display Adapter (Black)

Microsoft Surface Mobile Mouse (Silver)

Salesforce CRM - The Definitive Admin Handbook: Build, configure, and customize Salesforce CRM and mobile solutions, 5th Edition

The Lean Six Sigma Pocket Toolbook: A Quick Reference Guide to Nearly 100 Tools for Improving Quality and Speed

Salesforce Crm Admin Cookbook, Second Edition

Salesforce CRM - The Definitive Admin Handbook - Fourth Edition

Salesforce CRM Admin Cookbook

PC Hardware and A+ Handbook (Pro - Admin. PC)

Salesforce Crm - The Definitive Admin Handbook - Third Edition

300+ Successful Business Letters for All Occasions (Barron's 300+ Successful Business Letters for All Occasions)

Holacracy: The New Management System for a Rapidly Changing World

Linux Administration: The Linux Operating System and Command Line Guide for Linux Administrators

Disclaimer

Search This Blog