USERS IN THE CLOUD By Michael Doyle SharePoint Friday Honolulu

WHO IS MICHAEL DOYLE? SharePoint Consultant Worked for EPA, Intel, Propoint, HCA, Deloitte, US Navy, CA State Lottery, Air Resources Board, Waggener Edstrom, Fedex, Dealertrack, Vanderbilt etc. Exam Ref: Customizing My Site (2010) Other Books SharePoint 2010 Inside Out SharePoint 2010 Inside Out Tale of Two Stones

KINDS OF USERS IN OFFICE 365? The core user in Admin in O365 SharePoint Users Exchange User

THE CORE O365 USER? Based on address Set number of attributes Use admin console or Azure PowerShell to modify

TYPES OF USERS

PROPERTIES OF A CORE USER User Principle Name Additional Address City Country Department Display Name Fax First Name Last Name Office Phone Number Postal Code Preferred Language State Street Address Title

ADMINISTRATION OF USERS Using the Admin UI in Office 365

USER DASHBOARD IN OFFICE 365

EDIT PROPERTIES

EDIT DETAILS

AZURE ACTIVE DIRECTORY MODULE Located at us/library/jj aspx#bkmk_installmodulehttps://msdn.microsoft.com/en- us/library/jj aspx#bkmk_installmodule Allows you to use PowerShell commands to manage users Can be controlled via code

SERVER FOR RUNNING CODE Windows 2008 or Windows 2012 SharePoint 2013 bits (no need to configure) Internet connection Visual Studio (free version works fine)

GETTING CONNECTED Connect-MsolService

COMMANDS TO MANAGE USERS Convert-MsolFederatedUser Get-MsolUser New-MsolUser Remove-MsolUser Restore-MsolUser  Set-MsolUser Set-MsolUser  Set-MsolUserPassword Set-MsolUserPassword  Set-MsolUserPrincipalName Set-MsolUserPrincipalName  Redo-MsolProvisionUser Redo-MsolProvisionUser

NEW-MSOLUSER New-MsolUser -DisplayName -UserPrincipalName [- Alternate Addresses ] [-BlockCredential ] [-City ] [- Country ] [-Department ] [-Fax ] [-FirstName ] [- ForceChangePassword ] [-ImmutableId ] [-LastName ] [- LicenseAssignment ] [-LicenseOptions ] [-MobilePhone ] [-Office ] [-Password ] [-PasswordNeverExpires ] [- PhoneNumber ] [-PostalCode ] [-PreferredLanguage ] [-State ] [-StreetAddress ] [-StrongPasswordRequired ] [-TenantId ] [-Title ] [-UsageLocation ] [ ] Example New-MsolUser -UserPrincipalName -UsageLocation US - ForceChangePassword $false -LicenseAssignment 'companyname:ENTERPRISEPACK' -Password ‘NewUserPassword'

SET-MSOLUSER Set-MsolUser [-Alternate Addresses ] [-BlockCredential ] [-City ] [-Country ] [-Department ] [- DisplayName ] [-Fax ] [-FirstName ] [-ImmutableId ] [-LastName ] [-MobilePhone ] [-ObjectId ] [- Office ] [-PasswordNeverExpires ] [-PhoneNumber ] [-PostalCode ] [-PreferredLanguage ] [-State ] [- StreetAddress ] [-StrongPasswordRequired ] [-TenantId ] [-Title ] [-UsageLocation ] [-UserPrincipalName ] [ ] Example Set-MsolUser –UserPrincipalName –Title ‘Chief Executive

SWAPPING USER NAMES Set-MsolUserPrincipalName -UserPrincipalName OldUserName -NewUserPrincipalName NewUserName

HOW TO USE POWERSHELL COMMANDS IN VISUAL STUDIO 1.Reference Automation DLL 2.Create an instance of PowerShell 3.Import Azure AD module 4.Connect with credentials 5.Build strings with PowerShell commands 6.Invoke the commands with script invoker

AUTOMATING POWERSHELL - 1 Add a reference to System.Management.Automation Add the following using statements in your code using System.Management.Automation; using System.Management.Automation.Runspaces;

AUTOMATING POWERSHELL - 2 //Create PowerShell instance PowerShell shell = PowerShell.Create(); //Create Session state InitialSessionState initial = InitialSessionState.CreateDefault(); //Create Runspace Runspace runspace = RunspaceFactory.CreateRunspace(initial); runspace.Open(); //Create Invoker RunspaceInvoke scriptInvoker = new RunspaceInvoke(runspace);

AUTOMATING POWERSHELL - 3 //Import Azure AD Module scriptInvoker.Invoke("Import-Module 'MSOnline'"); //Elevate execution rights scriptInvoker.Invoke("Set-ExecutionPolicy Unrestricted"); //Create secure password string scriptInvoker.Invoke("$PW = ConvertTo-SecureString –String Password –AsPlainText -Force"); //Create user string scriptInvoker.Invoke("$User = //Create credential string scriptInvoker.Invoke("$cred = New-Object –TypeName System.Management.Automation.PSCredential –ArgumentList $User, $PW"); //Connect to Office 365 scriptInvoker.Invoke("Connect-MsolService -Credential $cred");

SHAREPOINT USERS Data is transferred from Office 365 Users Additional Fields can be added Updated under the SharePoint link in Office 365 Admin

CREATING A NEW PROFILE PROPERTY

WHY DON’T COMPANIES USE ADDRESSES TO IDENTIFY USERS? 1. People change their names 2. Companies use to signify types of employees 3. Companies get bought and sold

TYING AN EMPLOYEE ID TO A PROFILE Create a new profile property Set the property to indexed Set the property to be crawled in search settings Populate the property Write code to search for the person based on new property

MAKING A PROFILE PROPERTY SEARCHABLE Navigate to Search Schema Add a Managed Property for Employee ID profile property Make the Managed Property Searchable, Queryable, and Retrievable Populate Employee ID after you set the managed property values NOTE: You cannot force an Office 365 full crawl so values added before the managed property is created may not show up in search.

CONNECTING TO OFFICE 365 USER PROFILES Build credentials Connect to user profile web service ( mx) mx Use cookies to authenticate Use claims authentication to get users or set properties i.e. i:0#.f|membership|

BUILD A SECURE PASSWORD string password = “Password"; var securePassword = new SecureString(); foreach (char c in password) { securePassword.AppendChar(c); }

CONNECT TO WEB SERVICE UPS.UserProfileService upserv = new UPS.UserProfileService(); Uri webUrl = new Uri(" string userName = SharePointOnlineCredentials onlineCredentials = new SharePointOnlineCredentials(userName, securePassword); CookieContainer authContainer = new CookieContainer(); string authCookieValue = onlineCredentials.GetAuthenticationCookie(webUrl); authContainer.SetCookies(webUrl, authCookieValue); upserv.UseDefaultCredentials = false; upserv.Url = webUrl.AbsoluteUri; upserv.CookieContainer = authContainer;

QUERY THE EMPLOYEE ID using (ClientContext clientContext = new ClientContext(" { clientContext.Credentials = onlineCredentials; KeywordQuery keywordQuery = new KeywordQuery(clientContext); keywordQuery.QueryText = "EmployeeID:" + strEmployeeID; keywordQuery.HiddenConstraints = "scope:" + "\"People\""; keywordQuery.RankingModelId = "D9BFB1A B2-BBD9983AC8A1"; keywordQuery.SourceId = new Guid("B09A EA-4AF9-81EF-EDFAB16C4E31"); keywordQuery.SelectProperties.Add("EmployeeID"); keywordQuery.SelectProperties.Add("Work "); SearchExecutor searchExecutor = new SearchExecutor(clientContext); ClientResult results = searchExecutor.ExecuteQuery(keywordQuery); clientContext.ExecuteQuery(); foreach (var resultRow in results.Value[0].ResultRows) { sAccountName = resultRow["Work "].ToString();} }

PROFILE EXAMPLE 1

PROFILE EXAMPLE 2

PROFILE EXAMPLE 3

BUILD YOUR OWN PROFILE PAGE Make a copy of person.aspx Work on copy in SharePoint Designer (Edit File in Advanced Mode) Delete existing controls you want to replace Use HTML/CSS to design page and outline page Use SharePoint controls to insert profile data

PROFILE CONTROLS Load Profile Data Profile field examples Profile Picture Mobile Phone

DEALING WITH LISTS var emp = document.getElementById('txtEmploy'); var emp2 = emp.innerText; var divEmployee = document.getElementById('divEmploy'); if(emp2.length > 7) { var sEmploy2 = emp2.split(";"); for (var i in sEmploy2) { sEmploy = sEmploy + " " + sEmploy2[i] + " "; } sEmploy = sEmploy.substring(0,sEmploy.length-5); divEmployee.innerHTML = sEmploy + " "; divEmployee.style.display = "block"; emp.style.display="block"; }

MICHAEL Questions 37

SPECIAL THANKS TO OUR SPONSORS! Platinum Silver Gold T-Shirts Prize sponsors include: Mahalo!