SharePoint 2019 Solution: “Sorry, apps are turned off. If you know who runs the server, tell them to enable apps.”

Photo by Artem Beliaikin from Pexels

Without an App Catalog and a setting enabled, your users may run into the following error when attempting to access the SharePoint Store from the “Add an app” dialog:

“Sorry, apps are turned off. If you know who runs the server, tell them to enable apps.”

If you’ve run into this issue and are a farm admin, you can enable the app store and ability in SharePoint 2019 by following these steps. If you’ve already created the App Catalog site collection, skip to step 4.

1. Log onto your central admin server and open central admin

Click to enlarge

2. Choose Apps > Manage App Catalog. Make sure the Web Application shown is the correct web application then click OK to create a new App Catalog (or enter a URL for one if you’ve already created one)

Click to enlarge

3. Set the App Catalog site name and description, URL, admin, and then end users who should see apps in the catalog.

Click to enlarge

4. Once you have an App Catalog, go back to Apps > Configure store settings.

Click to enlarge

5. Confirm the Web Application shown is the correct web app, then change App Purchases to Yes. Save your changes.

Now when users who were granted access to view apps in the store choose SharePoint Store from the “Add an app” dialog, they’ll be able to get marketplace apps as well.

Click to enlarge

Export a report of all SharePoint lists, libraries, discussion boards, calendars, and more from all site collections with PowerShell

Photo by Tiger Lily from Pexels

I wanted to get an idea of how many people were using discussion boards in my SharePoint Server environment and in what sites. I modified a script I found to create the sort of inventory list I needed and ended with a script that:

  • Provides a list within PowerShell of each URL, site name, and list name found matching a specific list type.
  • Provides a total count and save location confirmation at the end.
  • Exports a CSV file of the details to a specified location.

Find the Template ID for the list you’re searching for

List template ID options are as follows, taken from this Docs article. You’ll need the Template ID of the type of list you wish to search in your SharePoint environment.

List template typeTemplate IDBase typeDescription
Custom List1000A basic list that can be adapted for multiple purposes.
Document Library1011Contains a list of documents and other files.
Survey1024Fields (2) on a survey list represent questions that are asked of survey participants. Items in a list represent a set of responses to a survey.
Links1030Contains a list of hyperlinks and their descriptions.
Announcements1040Contains a set of simple announcements.
Contacts1050Contains a list of contacts used for tracking people in a site (2).
Calendar1060Contains a list of single and recurring events. An events list has special views for displaying events on a calendar.
Tasks1070Contains a list of items that represent finished and pending work items.
Discussion Board1080Contains discussions entries and their replies.
Picture Library1091Contains a library adapted for storing and viewing digital pictures.
DataSources1101Contains data connection description files.
Form Library1151Contains XML documents. An XML form library can also contain templates for displaying and editing XML files through forms, as well as rules for specifying how XML data is converted to and from list items.
No Code Workflows1171Contains additional workflow definitions that describe new processes that can be used in lists. These workflow definitions do not contain advanced code-based extensions.
Custom Workflow Process1180Contains a list used to support custom workflow process actions.
Wiki Page Library1191Contains a set of editable Web pages.
CustomGrid1200Contains a set of list items with a grid-editing view.
No Code Public Workflows1221A gallery for storing workflow definitions that do not contain advanced code-based extensions.
Workflow History1400Contains a set of history items for instances of workflows.
Project Tasks1500Contains a list of tasks with specialized views of task data in the form of Gantt chart.
Public Workflows External List6000An external list for viewing the data of an external content type.
Issues Tracking11005Contains a list of items to track issues.
Table of list template IDs taken from https://docs.microsoft.com/en-us/openspecs/sharepoint_protocols/ms-wssts/8bf797af-288c-4a1d-a14b-cf5394e636cf.

Modify the PowerShell script to suit your needs

Once you have the list template ID you wish to query from the table above, modify the PowerShell script found below as follows:

  1. Replace the $ListTemplateId variable value with your desired template ID.
  2. Replace the -WebApplication parameter’s URL value with your own SharePoint web app address.
  3. Replace the $saveCSVLocation value inside the double-quotes with the path to where you’d like the export to be written.

Get all SharePoint list types in one report

Want it all? You could modify the script by replacing -eq $ListTemplateId on line 15 with -gt 0. Then replace line 21 with:

@{Site=$web.Title;ListName=$list.Title;Type=$list.BaseTemplate;URL=($web.Url + "/" + $i.DefaultView.Url)}) | % { New-Object object | Add-Member -NotePropertyMembers $_ -PassThru }

And replace line 25 with:

write-Output ($web.Title + "," + $list.Title + "," + $list.BaseTemplate + "," + $web.Url + "/" + $i.DefaultView.Url) | Out-File $SaveLocationFinal -Append

Now your report will include all list types, and an added column to specify that list type. Note that this will take a while to run in larger environments.

You could also modify the script to only display in PowerShell (delete lines 23-25 and 31-33) or only export to CSV (delete lines 19-22 and 31-33) but I wanted both outputs for my purposes.

Idea: Take it further with Power BI

Take this to the next level by automating the PowerShell script to run on a schedule exporting results to a folder Power BI reads on an automatic refresh. This is an easy way to get a hands-off dashboard of SharePoint usage by list type.

Create a custom permission level in SharePoint

Photo by Markus Spiske from Pexels

I’m often asked for a way to modify permissions beyond what’s available out of the box, but without using workflows.

There are settings that allow item-level permissions in lists (List Settings > Advanced Settings > Item-level Permissions) so that users can only see and/or edit their own items, but this may not solve your need. If so, ta-da! If not, keep reading.

Click to enlarge

In this post, I’ll cover one solution in which we create a custom permission level at the site level that we’ll assign to a group on a specific list’s permissions. This new, custom permission level will be the same as the Contribute level (out of the box) but removes the ability for users to delete items or versions.

Creating a custom permission level involves a couple main steps:

  1. Create the new permission level.
  2. Change permissions on the list so that the group of users who should have the new permission level are assigned the new permission level.

Create the new, custom permission level

1. Go to Site Settings

2. Under Users and Permissions, select Site permissions

3. Click Permission Levels

4. You could click Add a Permission Level but I typically prefer to copy an existing level (like Contribute) and just make a couple small changes. For this tutorial, I’m going to select Contribute.

Click to enlarge

If copying a level, scroll down to the bottom after selecting a level and click Copy Permission Level.

5. Name and describe the new permission level, then check and uncheck as needed to create the permission level desired. In my example, I want to copy Contribute, but remove the delete ability so I’ve unchecked the two options involving deletion of items and versions.

Click to enlarge

6. Scroll down and click Create.

Change permissions on the list

Now we need to assign our new permission level to users on the list for which we’re preventing deletion.

1. Go to List Settings.

2. Under Permissions and Management, select Permissions for this list.

3. Select the box next to the name of the group for which you’re modifying permissions.

4. Click Edit User Permissions from the top ribbon menu.

5. Uncheck the current permission level assigned to the group, and check the new custom permission level.

6. Click OK.

Change the email address used for Access Requests on all SharePoint sites and subsites in a web app using PowerShell

Photo by Karolina Grabowska from Pexels

Perhaps you’ve changed SharePoint administrators or a site owner or two recently. Where are the SharePoint site Access Requests they were receiving now going?

This post covers two PowerShell methods of updating the email address used across all sites in bulk:

  • Replace the email address used on ALL sites, no exceptions (reset all requests throughout the web app to be sent to one address)
  • Change all instances of a specific address to a replacement across ALL sites (i.e. replace the former site owner’s address used in 12 sites’ Access Request Settings with the new site owner’s address)

The second method is particularly nice because it eliminates any guesswork involved in wondering where the former admin/owner may have been listed as the recipient.

Replace the email address used on ALL sites

To modify the email address used for all SharePoint sites and subsites in a web app, run the PowerShell script below from a SharePoint server. You’ll need to replace the $webapp and $requestemail values at the top.

Caution: This action cannot be undone. It replaces the Access Request email on all sites and subsites.

Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue 
  
$webapp = Get-SPWebApplication https://sharepoint.contoso.com  
$requestemail = "new-request-recipient@demo.com"   
  
foreach($site in $webapp.Sites)  
{  
   foreach($web in $site.AllWebs)  
   {  
     $url = $web.url  
     Write-host "Checking "$url  
     if (!$web.HasUniquePerm)  
     {  
            Write-Host "Site inherits Access Request settings from parent." -ForegroundColor Yellow  
     }  
     else  
     {  
       if($web.RequestAccessEnabled)  
       {  
            Write-Host "Site utilizes Access Requests."   
            $web.RequestAccessEmail = $requestemail  
            $web.Update()  
            Write-Host "Email changed to " $requestemail -ForegroundColor Green
        }  
            else  
      {  
            Write-Host "Site is not utilizing Access Requests." -ForegroundColor Yellow  
      }  
   }  }
}

Replace all instances of a specific user across all sites in the web app

Perhaps a particular individual left their site owner/admin role and you just want to replace any instance of THAT user in Access Request settings throughout the web app. In that case use the following script instead (updating the three parameters at the top, $webapp, $oldrequestemail, and $newrequestemail):

Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue 

$webapp = Get-SPWebApplication https://sharepoint.contoso.com
$oldrequestemail = "old-request-email@contoso.com"  
$newrequestemail = "new-request-email@contoso.com"   

foreach($site in $webapp.Sites)  
{  
   foreach($web in $site.AllWebs)  
   {  
        $url = $web.url  
          Write-host "Checking "$url  
          if (!$web.HasUniquePerm)  
          {  
                 Write-Host "Site inherits Access Request settings from parent." -ForegroundColor Yellow  
     }  
          else  
     {  
            if($web.RequestAccessEnabled)  
                   {  
                   if($web.RequestAccessEmail -eq $oldrequestemail)
            {
            Write-Host "Site utilizes Access Requests sent to old email ("$web.RequestAccessEmail")." -ForegroundColor Red
            $web.RequestAccessEmail = $newrequestemail  
            $web.Update()  
            Write-Host "Email changed to" $newrequestemail -ForegroundColor Green
        }  
                    else 
               {            
                    Write-Host "Email ("$web.RequestAccessEmail") does not match old email address. No change made." -ForegroundColor Yellow
               }}
            else  
      {  
            Write-Host "Site is not utilizing Access Requests." -ForegroundColor Yellow  
      }  

   }  
   }  
   }

Note: If you’ve changed the Access Request recipient and the new person is receiving a “Sorry, this site hasn’t been shared with you” error when attempting to approve requests, check out this post for help.

Credit and gratitude to Ketak Bhalsing and his post on bulk-updating for pointing me in the right direction on this one.

Solution: SharePoint site owner with full control unable to approve access requests; site is missing a default members group

In this post I’ll cover two symptoms commonly seen when subsites evolve from inheriting permissions (using existing groups) to being given unique permissions (having their own groups at the site’s level).

Symptoms

  • A site owner with full control gets “Sorry, this site hasn’t been shared with you” when trying to approve access requests.
  • When reviewing Access Request Settings, a user or owner sees the message “Members cannot share this site because this site is missing a default members group.”

Cause

Chances are the site was never set up with default, unique permissions groups. Perhaps the creator of the site chose to inherit permissions from the parent (using existing groups from a hierarchical level higher than the new site), then later decided to manually build out groups that resemble the traditional visitors, members, and owners groups at the new site’s level. Or perhaps the default groups were deleted. Either way, the following solution should set it straight:

Solution

We need to either officially designate or build new default groups for the site, using the same dialog you see when creating a new site. Since we can’t “reconfigure” the site with a wizard, we need to manipulate the site’s URL a bit to get to the configuration screen we’re looking for.

Add “_layouts/15/permsetup.aspx” to the end of the site URL. For example, it may resemble sharepoint.contoso.com/sites/ABC/EA/_layouts/15/permsetup.aspx. This takes you to the permissions setup page.

IF YOU HAVE GROUPS YOU WANT TO SET AS THE DEFAULTS

Perhaps after site creation, you created groups intended to be used like the visitors, members, and owners groups. Go to your site’s _layouts/15/permsetup.aspx page and simply:

Leave “Use an existing group” selected, and change the dropdown for each to the groups that were created and intended to be the new defaults. Click OK when finished. This will make them “official.”

IF YOU DON’T HAVE GROUPS YOU WANT TO SET AS DEFAULT

Change “Use an existing group” to “Create a new group” for at least the Members and Owners options. Here you can add the appropriate persons to each group, or add them at a later time via Site Settings > Site Permissions. Be sure to add your owners (approvers/permissions managers) to the new owner group.

Disable modern page comments globally for all sites in SharePoint 2019 and SharePoint Online

Photo by Lukas from Pexels

Those of you with Office 365/SharePoint Online have a simple path to disabling modern page commenting via the admin center. But for those of you, like myself, who also work in SharePoint 2019, your method involves PowerShell and is a bit more laborious. In this post, I’ll cover both methods: Disabling comments via PowerShell for SharePoint 2019 (server) and then via the admin center for SharePoint Online (O365).

Firstly, why disallow commenting altogether instead of giving site owners and page editors the choice? Some organizations have compliance regulations that require any sort of conversational transaction to meet certain criteria. Perhaps you only need to disable commenting temporarily while you build a case to prove compliance. Or perhaps you’ve determined it’s not compliant or have some other reason for wishing to globally disable page comments.

No matter your reasoning, here’s the how:

Disable modern page/news comments globally in SharePoint 2019 via PowerShell

The script below will iterate through all site collections in a web application, and all of the subsites within each site collection, and turn off page comments for sites that haven’t already had them disabled. This does not delete page comments. If you re-enable the feature later, the comments that were there previously will be restored.

Log onto a SharePoint server and run the following PowerShell script, replacing the site URL with your own web app’s URL:

Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue
Get-SPWebApplication "https://sharepoint.contoso.com" | Get-SPSite –Limit All | Get-SPWeb -Limit All | ForEach-Object {
    if($_.CommentsOnSitePagesDisabled = "False")
    {
        $_.CommentsOnSitePagesDisabled = $True
        $_.Update()
        Write-Host "Disabled page comments on " $_.URL -ForegroundColor Green
    }
    else
    {
        Write-Host "Page comments already disabled on " $_.URL -ForegroundColor Yellow
    }
}

If you want a read-out to validate current status (False = not disabled, True = disabled), you can run the following script (again, replacing the URL with the web app of your own):

Get-SPWebApplication "https://sharepoint.contoso.com" | Get-SPSite –Limit All | Get-SPWeb -Limit All | ForEach-Object {
Write-Host $_.CommentsOnSitePagesDisabled $_.URL
}

Disable modern page/news comments globally in SharePoint Online/O365

1. Go to the SharePoint admin center at yourdomain-admin.sharepoint.com and select Settings from the left navigation menu.

2. Select Pages.

3. Uncheck Allow commenting on modern pages and click Save.

How to save a SharePoint site as a template

Photo by Andre Mouton from Pexels

What does a site template do?

Saving a SharePoint site as a template saves you a time by making it so you don’t have to recreate similar apps (lists and libraries) and views for multiple sites that are mostly the same in structure and function. You can even save a site as template including its content (documents/items) so that you don’t need to re-upload the same content to each (such as blank worksheets, forms, guides, etc. you’ll complete/utilize on each site).

Examples of what to use site templates for

Frequently people might use site templates for project sites, where each project is going to have the same needs for communication and collaboration, and sometimes the same content such as project and budget worksheets or documents. You may also wish to use site templates for regular committee or group work such as annual event or semi-annual review processes and projects where you want a separate site to archive for each regular iteration of the group’s function.

How to create site templates

There are two methods I use to create templates of SharePoint sites. Either via Site Settings, or by simply modifying the URL of the site. Once created using one of the these methods, the template is saved to your site’s solution gallery and available to users creating new sites on the “Custom” tab of site template selection:

Save SharePoint site as template URL modification

To save a site as template, add _layouts/15/savetmpl.aspx to the end of the specific site or subsite’s URL. For example if you wanted Subsite C to be a reusable site template, you’d modify:

WebApp/sites/SiteCollection/SubsiteA/SubsiteB/SubsiteC

to this:

WebApp/sites/SiteCollection/SubsiteA/SubsiteB/SubsiteC/_layouts/15/savetmpl.aspx

Then complete the fields (file name, template name, description, etc.) and choose whether or not the template should include the site’s existing content (documents and items) or if the lists/libraries should be empty on sites created using the template.

If you get the error The “Save site as template” action is not supported on this site, follow these steps then try again.

Save SharePoint site as template via settings

This requires the site to have never had SharePoint Server Publishing (site feature) activated on the site. See next section if it already has.

To save a site as a template via site settings:

1. Click on the settings wheel (upper right corner)

2. Click site settings (if classic) or site information > view all site settings (if modern).

3. Choose Save site as template from under Site Actions

Save site as template option missing from Site settings?

The option is removed when users activate SharePoint Server Publishing Infrastructure (site collection feature) or SharePoint Server Publishing (site feature). You can still activate the “save site as template” ability separately via PowerShell for the site then follow the steps for URL modification above to get to the “Save as template” form.

Where to find a SharePoint site’s solution gallery

A SharePoint site’s solution gallery is where you’ll find custom apps or lists and sites saved as templates to be used throughout the site collection by those with appropriate permissions. The SharePoint solution gallery exists at site collection root/top levels only (so you won’t find a separate solution gallery for subsites, just their shared top-level parent site).

There are three common ways you might get to the SharePoint solution gallery for a particular site collection. In this post, I’ll cover these three methods:

  • via URL modification
  • via modern experience settings wheel
  • via classic experience settings wheel

Navigate to SharePoint solution gallery via URL modification

I prefer this method as it remains the same regardless of whether you’re currently on a modern or classic experience page. To get to the solution gallery for a site collection, simply modify the URL of the site you’re on to replace everything after the site collection’s URL with the following:

/_catalogs/solutions

Append this to your site’s URL to access its solution gallery.

For example, to get to the solution gallery associated with Subsite C, we’d modify this URL:

WebApp/sites/SiteCollection/SubsiteA/SubsiteB/SubsiteC

to this:

WebApp/sites/SiteCollection/_catalogs/solutions

When not working with a site collection (or its subsites), you might be working with your root/home site (http://WebApp/). Just add the same suffix to the URL like http://WebApp/_catalogs/solutions.

You can also find a link to your site collection’s solutions in your site collection settings. In the following two sections, we’ll cover where to find that from a modern or classic experience suite bar.

Navigate to SharePoint solution gallery via modern experience (O365/2019) settings wheel

You’re likely using this modern experience if you’re in SharePoint Online (O365) or SharePoint 2019 which gained the modern experience. Even in O365 or 2019, though, you may find yourself on a classic experience page instead in which case you should check the next section on navigating to the solution gallery via classic experience suite bars.

If you’re on a modern experience page, follow these steps to find the solution gallery:

1. Click on the settings wheel (upper right corner)

2. Click on Site Information > View all site settings.

3. Look for and select Solutions under Web Designer Galleries.

Navigate to SharePoint solution gallery via classic experience settings wheel

If you’re on SharePoint 2013/2016 or a classic experience page on more recent versions you’ll have a slightly different experience finding the solution gallery:

1. Click on the settings wheel

2. Click Site settings.

3. Look for and select Solutions under Web Designer Galleries.

Web Designer Galleries > Solutions option missing?

If you don’t see Web Designer Galleries > Solutions setting, you’re most likely looking at the Site settings page for a subsite and not a site collection. Just click the Go to top level site settings link under Site Collection Administration (requires appropriate permissions). Then go back to step 3.

Read vs Restricted Read vs View Only Permission in SharePoint

I recently had a SharePoint admin assigning Restricted Read permissions to users and out of curiosity wanted to refresh my memory on what distinguishes Read from Restricted Read. While I was at it, I took a look at View Only as well.

Basically, Read and View Only are nearly identical. The only distinction is that Read can download documents, while View Only can only open them and view them in the browser.

Restricted Read is minimally permissive, and doesn’t include the ability to create alerts, view versions, download, or exercise some site abilities (see table below for specifics).

You’ll also notice in the table below that View Only can Open, but not Open Items like Read. According to documentation, the difference is this:

  • Open Items (list permission): “View the source of documents with server-side file handlers.” Requires Open permission:
  • Open (site permission): “Enables users to open a website, list, or folder to access items inside that container.”

In the table below, list permissions are blue and site permissions are red. Download Documents is not a listed permission, but added for clarity to distinguish Read and View Only.

View OnlyRestricted ReadRead
Browse User Information XX
Create Alerts XX
Download DocumentsX
OpenXXX
Open ItemsXX
Use Client Integration Features XX
Use Remote Interfaces XX
Use Self Service Site Creation XX
View Application PagesXX
View Items XXX
View Pages XXX
View Versions XX
Permissions comparison matrix for read, restricted read, and view only in SharePoint.

Source: https://docs.microsoft.com/en-us/sharepoint/sites/user-permissions-and-permission-levels

How to clear the SharePoint Server configuration cache using PowerShell

If you have several servers in your SharePoint Server (on-premises) farm, repeating the manual steps for clearing the configuration cache on each can be time consuming. PowerShell really shines in situations like these to help us be more productive and efficient.

The following PowerShell script can be used to clear the SharePoint configuration cache on a server. I’ve recently tested this on SharePoint 2019 servers with success. Just be sure to run it on each server for which you’re clearing the cache, then remember to go back to each and press “ENTER” in each PowerShell window as the script instructs you so that it restarts the timer service after all servers have had their cache cleared.

This script follows the same steps you’d perform manually. It loads the SP snap-in if needed, stops the timer service, deletes the xml files in the Config directory, sets the cache.ini file’s value to 1 to reset the cache, then restarts the timer service (once you press Enter).

Clear SharePoint configuration cache using PowerShell

  1. Run PowerShell as administrator (right-click, run as administrator).
  2. Copy and paste the following script, making no changes to its contents. It will work as-is.
  3. Hit Enter to run the script (unless using ISE, then click “Run”).
  4. Repeat steps 1-3 for each SharePoint server on which you’re clearing the cache.
  5. When this has run on all SharePoint servers you wish, go back to each and hit Enter in PowerShell to restart the timer service on each.