SHAREPOINT ONLINE/OFFICE 365: HOW TO DEVELOP APPROVAL WORKFLOWS ON LIST ITEM UPDATE EVENT USING MICROSOFT FLOWS

In this article we will see how to deal with SharePoint Online List Item update event.

For the demo in this article I will consider a business scenario where on update of any Product in the Product list, an approval process will execute and an email is send to approver for the selection of Price Range for the Product just updated.

To start with a demo I have a Product List in SharePoint Online Site as shown below-

2

Go to “Flow” Menu and Click on “Create a Flow”

3

Here we have two choices either we can use any available workflow template that suites our requirements or we can create a new one from scratch

4

For this demo we will create a Flow using blank template

Go to Flow Site by clicking “See you flow” links

5

Click on “Create from blank” this will launch Workflow Designer

6

On the Workflow Designer, Select the Trigger

We can select trigger from the any of the available services as shown highlighted below-

7

Select SharePoint Online as target service & select for the Trigger “SharePoint-When an existing item is modified”

8

Provide the Title to the Workflow “Product Details Modification Approval Request”

9

Create SharePoint context by providing Site URL and List Name as shown-

10

You can optionally rename the Step by selecting “Rename” option as shown below-

11

Here I have changed the name of Step to “Get SharePoint Context”

12

Add another action to the workflow by clicking “Add an action” option

13

Send email by selecting “Office 365 Outlook” Service and “Office 365 Outlook-Send approval email” action

14

Rename the name of Step to “Request Approval”

15

Choose or approver’s email in “To”, here I am just selecting the email of the person who has originally created the Product in list by choosing “Created By Email” field

Specify Subject as applicable

Specify User Options that allows approver to select the approval options from within the mail

Specify the Body content as required. This content can consist of dynamic tokens provided by Workflow runtime as shown below-

16

Update List Item by selecting “SharePoint Online” Service and “SharePoint-Update item” action

17

Rename the step to “Update item”

Specify Site URL & List Name

In Id field select “ID” token provided by workflow runtime. This token represents the List item Id of the item that triggered this workflow to execute.

It is important to note that values to all mandatory fields in the list must be provided. If you don’t want to change the values you can choose same values again.

18

For Title field we have selected “Title” token that represent current value present in list for the Title field of this item

19

In “Product Price Range” field choose “SelectedOption” token that will hold the value selected by the approver from within the mail

20

Once all the Steps are configure as required we can save the workflow by clicking “Save flow”

21

Click “Done” to return back to the workflow dashboard

22

On the workflow dashboard we can see the details of services used with in this workflow

23

Now modify and the Product in Product List and notice the “Product Price Range” field which is currently set to “Low”

24

Once the Product details has been changed, this will trigger the workflow that we have developed

25

On execution the workflow we can see a new email hitting the inbox of the approver

26

Let’s consider the approver submitted “High” as approval option

27

This action will update the “Product Price Range” field for the list item to “High” as shown below-

28

Hope you find it helpful.

Advertisements

Office 365: Security Groups Management using Powershell

Security Groups are the crucial part of any system as they define the Authorization on the available resources for the Users requesting access. They are also important to categorize permission boundaries for the set of users at once. So it is really important to streamline the process of managing Security Groups for any system.

Though the management activities are repetitive and boring if we need to repeat same steps again and again over the period of time.

Thankfully we can automate these repetitive tasks using PowerShell Scripts which can take inputs from the CSV or Text Files for the input values and perform necessary actions.

In this article we will discuss the automation scripts required for managing Security Groups in Office 365 using PowerShell.

If you want to follow along then the prerequisite for this article are:

  • Having a O365 Account created
  • PowerShell for Office 365 configured

If the above prerequisites does not meet then I would recommend you to read one of my earlier article “Office 365: How to Configure PowerShell for O365” to get to know the steps of installing prerequisites.

Lets’ login to O365 Account and visit the Admin Center

1

Navigate to Admin Center by clicking the “Admin” Tile on the Application Dashboard as shown below

2

Now in the upcoming sections we will see to the respective PowerShell Commands to deal with each of the management tasks

How to Add new Security Groups

Navigate Admin Center => Groups

For the first time in my case there are no security groups are present since this is a new O365 Account

3

Run “New-MsolGroup” command where “DisplayName” specify the name of the Security Group and “Description” specify the description for the group as shown below

New-MsolGroup -DisplayName “Test Security Group” -Description “This is created for testing.”

4

Once the command gets executed successfully, navigate Admin Center  => Groups to verify that new group has been added.

It is worth to note that “Default Group Type” for any group added using the above command will be “Security”

5

 How to export all Security Groups

We can export all the Security Groups from the O365 account by using “Get-MsolGroup” command as shown below

Get-MsolGroup

6

Once the command is executed successfully we can see the details of all the available Security Groups on the Host Window. Alternatively we can export the results to text files by piping the results to “Out-File” command.

How to export all Security Groups filtered by Group Properties

We can export a filtered set of Security Groups from the O365 account based on any property of the Group. In the following example I am using “DisplayName” property to filter the results as shown below

Get-MsolGroup | Where-Object {$_.DisplayName -eq “Test Security Group”}

7

Once the command is executed successfully we can see the details of the specific Security Groups matching the filter criteria

How to export all Security Groups filtered by Group Type

We can export a Security Groups based on its type also by using “GroupType”. In the following example we are going to filter all Security Groups which are of type “Security” from the O365 account.

Get-MsolGroup -GroupType “Security” | Where-Object {$_.DisplayName -eq “Test Security Group”}

8

Once the command is executed successfully we can see the details of all the Security Group of type “Security” and with DisplayName = “Test Security Group”

 How to Add Users to Security Groups

Run the following command to check the existing members which are present in the Security Group

$securityGroup = Get-MsolGroup -GroupType “Security” | Where-Object {$_.DisplayName -eq “Test Security Group”}

Get-MsolGroupMember -GroupObjectId $securityGroup.ObjectId

9

Once the command executed successfully we will get the list of Users already added to the group

We can see the same information by Editing the Group with in the Browser as shown below:

10

11

We can add new members to the Security Group by using the following command

Create Object required Security Group

$securityGroup = Get-MsolGroup -GroupType “Security” | Where-Object {$_.DisplayName -eq “Test Security Group”}

Create Object of the member depicted by “UserPrincipalName” parameter that needs to be added to the group

$member = Get-MsolUser -UserPrincipalName spdev001@spdevs001.onmicrosoft.com

Then use the following command to add the member to the group by specifying Group Object ID & Member Object ID

Add-MsolGroupMember -GroupObjectId $securityGroup.ObjectId -GroupMemberType “User” -GroupMemberObjectId $member.ObjectId

12

Once the command gets executed successfully we can see a new member has been added to the group.

We can verify the result of operation by using PowerShell Command

$securityGroup = Get-MsolGroup -GroupType “Security” | Where-Object {$_.DisplayName -eq “Test Security Group”}

Get-MsolGroupMember -GroupObjectId $securityGroup.ObjectId

13

We can also verify the result of operation by Browser as shown below

14

15

How to remove Users from Security Groups

We can we remove the Users from specific security group by using following set of commands

Create the Object of the respective group from which the user needs to be removed

$securityGroup = Get-MsolGroup -GroupType “Security” | Where-Object {$_.DisplayName -eq “Test Security Group”}

Create the object of the respective member that needs to be deleted from the group

$member = Get-MsolUser -UserPrincipalName spdev001@spdevs001.onmicrosoft.com

Then we can use “Remove-MsoLGroupMember” command to remove the member depicted by “Groupmemberobjectid” parameter from the group depicted by “GroupObjectId” parameter as shown below

Remove-MsoLGroupMember -GroupObjectId $securityGroup.ObjectId -GroupMemberType User -Groupmemberobjectid $member.ObjectId

16

Once the command gets executed successfully we can see the respective member gets deleted from the Security Group in question.

Now we can verify the delete operation by using the following PowerShell Command

$securityGroup = Get-MsolGroup -GroupType “Security” | Where-Object {$_.DisplayName -eq “Test Security Group”}

Get-MsolGroupMember -GroupObjectId $securityGroup.ObjectId

17

Or we can verify the same via Browser by Editing the Security Group as shown below

18

19

How to Remove Security Groups

We can use the following command to remove the Security Groups

Create object to the respective group

$securityGroup = Get-MsolGroup -GroupType “Security” | Where-Object {$_.DisplayName -eq “Test Security Group”}

Execute “Remove-MsolGroup” command to remove the group depicted by “objectid” parameter as shown below

Remove-MsolGroup -objectid $securityGroup.ObjectId

On execution this command will ask you for the confirmation on delete action

Enter your choice “Y” to continue “N” to cancel

20

21

Once the command is executed successfully we can go back to Groups section in Admin Center to verify the Delete Action

22

All of the above tasks can be automated by incorporating the CSV files to receive input from and perform the respective actions.

Hope you find it helpful.

Office 365: User Management using Powershell

In this article we will discuss some of the useful PowerShell Commands for managing Users in Office 365 (O365)

If you want to follow along then the prerequisite for this article are:

  • Having a O365 Account created
  • PowerShell for Office 365 configured

If the above prerequisites does not meet then I would recommend you to read one of my earlier article “Office 365: How to Configure PowerShell for O365” to get to know the steps of installing prerequisites.

  • Login to O365 Portal

1

  • Click on the Admin Center Tile

2

  • Click on “Active Users” navigation link under “Users” in the left navigation

Currently we can see only one Active User “Prashant Bansal”.

Since this is a free trail account so we cannot have more than one user here, but if you go for a paid plan then you can get multiple users as well.

3

Now in the following sections we will be looking into some of the useful operation and corresponding PowerShell commands regarding User Management

Export All Users

Command

Get-MsolUser

Usage

This command returns all the active users present in your O365 Account

Output

4

5

Export All Users with matching filter

Let’s see some of the properties of the User Profile available for every User added. Based on these properties we can export filtered set of Users. Lets’ check for the User properties first –

  • Select the User
  • Click Edit on the Profile Card on the right

6

  • Expand Additional Details
  • I have updated the User properties and now going to filter the Users based on “Job Title” property

7

Command

Get-MsolUser -Title “SharePoint Technical Consultant”

Usage

This command export all the Users where “Job Title = SharePoint Technical Consultant”

Output

8

 Export All Users with matching filter and selected properties

Command

Get-MsolUser -Title “SharePoint Technical Consultant” | Select DisplayName

Usage

This command export only “Display Names” for all the Users where “Job Title = SharePoint Technical Consultant”

Output:

9

Export All Users with matching filter and selected properties to a file

Command

Get-MsolUser -Title “SharePoint Technical Consultant” | Select DisplayName > “C:\SharePoint-Online-User-Data.txt”

Usage

This command export only “Display Names” for all the Users where “Job Title = SharePoint Technical Consultant” to a Text File at the specified path

Output

10

Create New Users

Command

New-MsolUser -UserPrincipalName “spdev002@spdevs001.onmicrosoft.com” -DisplayName “Prashant Bansal New User” -LastName “New User” -LicenseAssignment “spdevs001:DEVELOPERPACK” -UsageLocation “IN”

Usage

This command Adds a new User to the O365 Account specified by parameter “UserPrincipalName” and sets its basic properties like “Display Name, Last Name” and so on. It also assigns the license to the user specified by the parameter “LicenseAssignment”.

It is important to note that passing location information as specified by the parameter “UsageLocation” is mandatory as this is used by Microsoft for tracking the location where the service is consumed. This valid value for this parameter could be a two letter country code like for India it should be “IN”

If I execute this command I would get the following error since a free trail O365 account grant me a Single User license only.

If I am having proper license supporting multiple Users, this command would add a new User to my O365 Account.

Output

11

Modify Existing Users

Command

Set-MsolUser -UserPrincipalName “spdev001@spdevs001.onmicrosoft.com” -LastName “Mohan Bansal” -DisplayName “Prashant Mohan Bansal”

Usage

Using this command we can modify an existing User in our O365 Account specified by parameter “UserPrincipalName” and providing its properties like “Display Name, Last Name” and so on that needs to be updated.

Output

12

Once update is performed it might take a couple of minutes to take effect in O365 Account.

User Properties before update command executed:

13

User Properties after update command executed:

14

15

That all for this article on User Management using PowerShell for O365.

All of the above Operations can be automated and using same PowerShell Development paradigms as we followed for On Premise SharePoint Implementations.

Hope you find it helpful.