Azure AD PowerShell Management Agent for B2B users

Azure AD PowerShell Managment Agent

Full Code on : https://github.com/islamkhattab/AzurePSMA

This is a custom MIM Managment agent to import Azure AD users using Msol module,users could be either Member or Guest (B2B), then send them back in SharePoint 2016 User Profiles

This agent is tested on the following scenario:

• SharePoint 2016 On-Prem Farm (Aug 2017 PU) - With User Profile Service Configured and Syncronization Service Configured using MIM 2016
• Azure AD with Guest (B2B) users added and immutible id set

Import PowerShell File Configurations

• $usersType variable - 'All' for all user types, 'Member' for Azure AD Users and 'Guest' for B2B users
• $restrictImmutableId - Imports only users with ImmutableId property set
• $DebugFilePath - Outputs powershell messages

Import PowerShell File Changes

• You can update the properties and mappings to fit your scenario
• Any changes in the import.ps1 should reflect in the schema.ps1 file as well

User photos is still not implemented

Prerequisites

SharePoint Managment Agent installed and configured

• Step by Step: Installation of Microsoft Identity Manager for SharePoint 2016 User profile Service
• Step by Step: Configuration of Microsoft Identity Manager for SharePoint 2016 User profile Service

Enable Msol on MIM Server

• Install required software These steps are required once on your computer, not every time you connect. However, you'll likely need to install newer versions of the software periodically.

1. Install the 64-bit version of the Microsoft Online Services Sign-in Assistant: Microsoft Online Services Sign-in Assistant for IT Professionals RTW.
2. Install the 64-bit version of the Windows Azure Active Directory Module for Windows PowerShell with these steps:
   1. Open the Azure Active Directory Connection web page.
   2. In Files in Download at the bottom of the page, click Download for the AdministrationConfig-V1.1.166.0-GA.msi file, and then install it.

Store Azure AD Global Admin in a secure file

• Get latest PowerShell script file from PowerShell-Stored-Credentials
• For full steps follow the following link (https://practical365.com/blog/saving-credentials-for-office-365-powershell-scripts-and-scheduled-tasks/)
• Save the generated file i.e. azure.admin@yourdomain.onmicrosoft.com.cred

Install The Granfeldt PowerShell Management Agent (MA)

• Full GitHub Repo
• Installation Steps

AzureADPSMA Installation

Before Begining, Please first read How to create an AzureAD Microsoft Identity Manager Management Agent using the MS GraphAPI and Differential Queries, to get overview of the idea we are intoducing here as it is based on the same idea

• Create a folder 'AzurePSADMA' for example that will contain mainly the following files

File Name	Description
Import.ps1	The main import sequence script
azure.admin@yourdomain.onmicrosoft.com.cred	Azure Admin Cred file
Password.ps1	Password PowerShell File, You must have a Password.ps1 file. Even though we’re not doing password management on this MA, the PS MA configuration requires a file for this field. The .ps1 doesn’t need to have any logic/script inside it. It just needs to be present
Export.ps1	Export PowerShell File, You must have a Export.ps1 file. Even though we’re not doing Export on this MA, the PS MA configuration requires a file for this field. The .ps1 doesn’t need to have any logic/script inside it. It just needs to be present
Functions-PSStoredCredentials.ps1	Creditial Manager
Schema.ps1	The schema of the AzureADUser that will be imported to MIM

• Management Agent Configuration
  • With the Granfeldt PowerShell Management Agent installed on your FIM/MIM Synchronisation Server, in the Synchronisation Server Manager select Create Management Agent and choose "PowerShell" from the list of Management Agents to create. As this example is for Users, I’ve named my MA accordingly "AzureADUsers"
  
  • For the schema script add your schema.ps1 file full path and the azure ad amdin account, the password will not be used from this screen as well use the stored cred file instead
  
  • Paths to the Import, Export and Password scripts. Note: the Export and Password PS1 scripts files exist but are empty.
  
  • Object Type as configured in the Schema.ps1 file.
  
  • Attributes as configured in the Schema.ps1 file
  
  • Anchor as per the Schema.ps1 file.
  
  • Project the output to person object
  
  • Configure Attribute flow
  
• Add two Run Profiles to your Managment Agent [FullImport - FullSync], You can use any configurations as you needs this is just for the sake of the demo

• Run AzureADUsers MA Full Import Profile
• Run AzureADUsers MA Full Sync Profile
• Run SPMA MA Full Import Profile
• Run SPMA MA Full Sync Profile
• Run SPMA MA Export Profile

Verify the results

• After a successfull AzureADUsers MA Full import run, you should find additions according to the users type found on Azure AD

• An example of user properties imported

• After AzureADUser MA Full Sync

• Azure User Profile

• SharePoint 2016 on-prem User Profile

Automatically adding friendly Url to SharePoint Page according to its level/sub level

Friendly URLs

SharePoint 2013’s friendly URLs capability is extremely straightforward in that these URLs are links that correspond directly to a term within your organization or on a particular site or page as well as correspond to your organization’s navigation term set.

The .aspx ending is no longer required after site or page name as well as the default.aspx page can be dropped from the URL's reference entirely.

One of the most important point that would make you implement friendly Urls is the advantage of SEO, as now your Urls will not be like http://yourdoamain/en/MediaGallery/AlbumDetails.aspx?Id=3 , instead you will have  http://yourdoamain/en/MediaGallery/Albums/season-1, Which can highly indicates the content I'll be reading in this url

The issue

When you enable Managed Metadata Navigation, you could have this option "Create friendly URLs for new pages automatically", This will create a Term for each page and attach this term to the Page Urls, Till this point everything is wonderful .

This feature in action will behave in a strange way, which will give us a non desirable results, For example , let's assume having a Variation site collection with a News sub-site http://mySiteCollection/en/News, The default page for this sub-site is http://mySiteCollection/en/News/Pages/default.aspx.

Now we enabled the Managed Metadata Navigation to have Smart Urls, So the default page now would be connected to a Managed Navigation Term "News & Articles" , So the Url will be http://mySiteCollection/en/news-articles.

Add new Article Page under this sub-site let's say its title will be "Article 1", After the page creation you will find that the new page is attached to the parent navigation term

SharePoint adds new page terms to the root Term Set assigned for site navigation, no matter any  level the new page has been created.

The Solution

When creating a SharePoint page, A List Item Event Receiver could be attached to the sub-site pages library to check if the current sub-site default page is attached to a Navigation Term, If so the page event receiver will create a new Navigation Term under the default page term based on the page title as a child to maintain the same hierarchy.

So, In our example when creating a new page under the News sub-site, The event receiver will check the sub-site default page and will found it is attached to "News & Articles" Navigation term, Then the new page navigation term will be created under this term, The result will be http://mySiteCollection/en/news-articles/article-1

This solution is easy to apply but there are some challenges to keep in mind:

Page titles and special characters

As we are handling creating the new terms, We should handle the term friendly url segment the same way SharePoint handles it to avoid any broken urls, and to keep consistency

string formattedFriendlyUrlSegment = PageTitle.RemoveAccent();
friendlyUrlterm.FriendlyUrlSegment.Value = formattedFriendlyUrlSegment.Slugify();

//Removes white spaces
public static string RemoveAccent(this string txt)
{
 byte[] bytes = System.Text.Encoding.GetEncoding("Cyrillic").GetBytes(txt);
 return System.Text.Encoding.ASCII.GetString(bytes);
}

public static string Slugify(this string phrase)
{
 string str = phrase.RemoveAccent().ToLower();
 str = System.Text.RegularExpressions.Regex.Replace(str, @"[^a-z0-9\s-]", ""); // Remove all non valid chars          
 str = System.Text.RegularExpressions.Regex.Replace(str, @"\s+", " ").Trim(); // convert multiple spaces into one space  
 str = System.Text.RegularExpressions.Regex.Replace(str, @"\s", "-"); // //Replace spaces by dashes
 return str;
}

Variations 
In some cases we have we needed to maintain the same term for both variation labels (Source and target) for both pages, So our plan will be to create a Term, and for each variation language will create a navigation term label to translate the term

Full Code:
Here is the full code for this article 

///<summary>
/// Creates a Friendly URL for a Publishing Page
/// </summary>
/// <param name="contextWeb">SPWeb Object which contains Publishing Page</param>
/// <param name="parentName">Parent Navigation Term</param>
/// <param name="page">Publishing Page for which the Friendly URL is added</param>
/// <param name="friendlyName">Friendly Name for the Page</param>
/// <param name="AddToNavigation">Flag to indicate whether to add this Navigation Term to Quick Launch and Top Naviagation</param>
/// <returns></returns>
public static string AddFriendlyUrl(SPWeb contextWeb, PublishingPage page, bool AddToNavigation)
{
 return AddFriendlyUrl(contextWeb, page, AddToNavigation, GetWebDefaultPageTerm(contextWeb));
}

public static string AddFriendlyUrl(SPWeb contextWeb, PublishingPage page, bool AddToNavigation, NavigationTerm ParentNavigationTerm)
{
 string relativeUrl = string.Empty;
 SPSecurity.RunWithElevatedPrivileges(() =>
 {
  try
  {
   IList<NavigationTerm> terms = TaxonomyNavigation.GetFriendlyUrlsForListItem(page.ListItem, true);

   // create Taxonomy Session for the context web
   TaxonomySession taxonomySession = TaxonomyNavigation.CreateTaxonomySessionForEdit(contextWeb);

   //Page is already attached to a navigation term / Page Updated
   if (terms.Count > 0)
   {
    //already associated to Metadata navigation
    NavigationTerm friendlyUrlterm = terms[0].GetAsEditable(taxonomySession);
    Term taxonomyTerm = friendlyUrlterm.GetTaxonomyTerm(taxonomySession);

    //for variation taxonomy terms
    if (!taxonomyTerm.IsSourceTerm)
    {
     friendlyUrlterm.FriendlyUrlSegment.UsesDefaultValue = false;
     taxonomyTerm = taxonomyTerm.SourceTerm;
    }


    bool labelUpdated = false;
    //Iterate through all labels for term translation  
    foreach (Microsoft.SharePoint.Taxonomy.Label label in taxonomyTerm.Labels)
    {
     //Update the label that suites the cuurent web, i.e if current web is en-US then this will update the English Value
     //if this web is ar-SA this will update the Arabic label value
     if (label.Language == contextWeb.Language)
     {
      label.Value = page.Title;
      labelUpdated = true;
     }
     
     //Always build the FriendlyUrlSegment from the English label
     if (label.Language == 1033)
     {
      string formattedFriendlyUrlSegment = label.Value.RemoveAccent();
      friendlyUrlterm.FriendlyUrlSegment.Value = formattedFriendlyUrlSegment.Slugify();
     }
    }

    //Create the language label if it doesn't exist
    if (!labelUpdated)
    {
     taxonomyTerm.CreateLabel(page.Title, (int)contextWeb.Language, false);
    }

    taxonomyTerm.TermStore.CommitAll();
   }
   else
   {
    //New Page 
    if (page.PublishingWeb.Label.IsSource)
    {
     // get the current Navigation Term Set
     NavigationTermSet currNavTermSet = TaxonomyNavigation.GetTermSetForWeb(contextWeb, StandardNavigationProviderNames.GlobalNavigationTaxonomyProvider, true);

     // Make the Term Set Editable
     NavigationTermSet editableTermSet = currNavTermSet.GetAsEditable(taxonomySession);

     // Get the Parent Term using the Parent Name Parameter matching the term Label
     NavigationTerm defaultPageFriendlyUrlterm = ParentNavigationTerm;

     // if a matching parent Term exists get a refernce to it
     if (defaultPageFriendlyUrlterm != null && !String.IsNullOrEmpty(page.Title))
     {
      // make the parent Term editable
      NavigationTerm editNewTerm = defaultPageFriendlyUrlterm.GetAsEditable(taxonomySession);

      // create the new FriendlyUrl along with the new Navigation Term
      relativeUrl = page.AddFriendlyUrl(page.Title, editNewTerm, AddToNavigation);
     }
    }
   }

   if (page.ListItem[new Guid(Constant.PublishingIsFurlPageId)] != null && !Boolean.Parse(page.ListItem[new Guid(Constant.PublishingIsFurlPageId)].ToString()))
   {
    page.ListItem[new Guid(Constant.PublishingIsFurlPageId)] = true;
    page.ListItem.SystemUpdate();
   }

  }
  catch (Exception ex)
  {
   Logger.LogException(ex);
   Logger.LogException(new Exception("StackTrace : " + ex.StackTrace));
   throw ex;
  }
 });
 return relativeUrl;
}

public static NavigationTerm GetWebDefaultPageTerm(SPWeb web)
{
 //list for saving the urls
 NavigationTerm friendlyUrlterm = null;

 //check if the current web is a publishing weg
 if (PublishingWeb.IsPublishingWeb(web))
 {
  PublishingWeb publishingWeb = PublishingWeb.GetPublishingWeb(web);
  SPListItem DefaultPage = publishingWeb.DefaultPage.Item;

  //get the pages list id
  Guid listId = PublishingWeb.GetPagesListId(web);

  //retrieve the pages list
  SPList pagesList = web.Lists[listId];


  //retrieve the terms used for the navigation (this can be multiple terms)
  IList<NavigationTerm> terms = TaxonomyNavigation.GetFriendlyUrlsForListItem(DefaultPage, true);

  string url = string.Empty;

  //check if the pages has terms associated with it
  if (terms.Count > 0)
  {
   //use the GetResolvedDisplayUrl to retrieve the page friendly urls
   friendlyUrlterm = terms[0];
  }

 }

 return friendlyUrlterm;
}

Hope you found this article useful :) 

Deploying Managed Metadata Fields declaratively in SharePoint - Tips and Tricks

In this article, we will see how we can deploy Managed metadata fields in a declarative way in SharePoint 

A managed metadata column lets you control the information that people can enter into a column. Users select the terms or phrases that they enter in the column from a pre-defined set of managed terms.

The challenge comes when you want to provision your custom managed metadata navigation field in a declarative way, and adding this column to a content type or a list instance without losing all the powerful features that comes along using this field type.

Out of the Box, if you added a managed column to your list SharePoint performs some actions behind the scene:

1. Creates a hidden note field attached to your column
2. Attached your list to two event receivers to update the taxonomy hidden list .
3. Fills in some properties related to the current web and taxonomy list id
4. Creates a taxonomy search managed  property after a full crawl that could be used as a refiner or even as a category column if you are planning to use the Product Catalog model.

So there are a lot of articles explaining how to deploy Managed Metadata Fields declarative in SharePoint, but they are scattered :) , so I decided to aggregate all the tips and tricks to cover this task.

• Taxonomy Field  declarative XML, no tricks here :)

<Field ID="{20A3C69E-FFFB-43F4-BBDF-2D22BAF0EB84}"
         Type="TaxonomyFieldType"
         DisplayName="$Resources:myResourceFile,EventType"
         ShowField="Term1033"
         Required="TRUE"
         EnforceUniqueValues="FALSE"
         Group="Custom"
         StaticName="CustomEventType"
         Name="CustomEventType"
         Filterable="TRUE"
         Sortable="TRUE" />

• SharePoint creates a hidden note field to be field with selected values while filling the taxonomy field, here comes the tricky part, while adding your custom field to the list you MUST add this hidden field along with it, The Display name should follow the following convention 'TaxonomyField_0' and the static name should follow the following convention 'TaxononmyFieldTaxHTField0', without following this conventions SharePoint search will not generate the crawled property for your custom column 'ows_taxId_CustomEventType', and for sure will not create the managed property 'owstaxidKataraEventType' 

<Field ID="{09F37A61-50FE-413E-941F-3BEE2A1B5BF8}"
         Name="CustomEventTypeTaxHTField0"
         StaticName="KataraEventTypeTaxHTField0"
         SourceID="http://schemas.microsoft.com/sharepoint/v3/fields"
         Type="Note"
         DisplayName="CustomEventType_0"
         Group="Katara"
         Hidden="TRUE" />

• After declaring the schema of both field you should get them connected together, and should attach the created column to a specific Term Set and specific Term to choose from as a source, this could be achived by adding a feature event receiver using the following code snippet.

SPSite site = properties.Feature.Parent as SPSite;
Guid eventFieldId = new Guid("{20A3C69E-FFFB-43F4-BBDF-2D22BAF0EB84}");

if (site.RootWeb.Fields.Contains(eventFieldId))
{
 TaxonomySession session = new TaxonomySession(site);
 if (session.TermStores.Count != 0)
 {
  var termStore = session.TermStores["Managed Metadata Serivce"];
  var group = termStore.Groups["YOUR GROUP NAME"];
  var termSet = group.TermSets["YOUR TERM SET NAME"];

  var eventTypeTerm = termSet.Terms["THE TERM NAME CONTAINING YOUR VALUE"];

  TaxonomyField eventField = site.RootWeb.Fields[eventFieldId] as TaxonomyField;
  
  //Attach the note field to the taxonomy field
  eventField.TextField = new Guid("{09F37A61-50FE-413E-941F-3BEE2A1B5BF8}"); 

  // Connect to MMS
  eventField.SspId = termSet.TermStore.Id;
  eventField.TermSetId = termSet.Id;
  eventField.TargetTemplate = string.Empty;
  eventField.AnchorId = eventTypeTerm.Id;
  eventField.LookupWebId = site.RootWeb.ID;
  
  if (eventField.TypeAsString == "TaxonomyFieldTypeMulti")
   ageGroupField.AllowMultipleValues = true;
   
  eventField.Update();
 }
}

• In this stage we have our field provisioned and added to our site as a site column, the next step is to add it to a content type, the trick here is we must add two hidden fields 'TaxCatchAll' & 'TaxCatchAllLabel' fields,If it doesn’t, then you won’t get facets showing up correctly in faceted search. Note that not having the TaxCatchAll and TaxCatchAllLabel pair of columns in your list or library or content type can cause that - See more at: http://magenic.com/BlogArchive/CorrectlyProvisioningManagedMetadataTaxonomyF#sthash.hlkj6Xqo.dpuf
•  so our field references will be like the following 

<FieldRef ID="{20A3C69E-FFFB-43F4-BBDF-2D22BAF0EB84}" DisplayName="$Resources:FILENAME_Columns,EventType;" Required="TRUE" Name="CustomEventType" Filterable="TRUE" Sortable="TRUE" />
<FieldRef ID="{09F37A61-50FE-413E-941F-3BEE2A1B5BF8}" DisplayName="CustomEventType_0" Hidden="TRUE" Name="CustomEventTypeTaxHTField0" />
<FieldRef ID="{f3b0adf9-c1a2-4b02-920d-943fba4b3611}" DisplayName="Taxonomy Catch All Column" Required="FALSE" Hidden="TRUE" Name="TaxCatchAll" Sealed="TRUE" Sortable="FALSE" />
<FieldRef ID="{8f6b6dd8-9357-4019-8172-966fcd502ed2}" DisplayName="Taxonomy Catch All Column1" Required="FALSE" Hidden="TRUE" Name="TaxCatchAllLabel" ReadOnly="TRUE" Sealed="TRUE" Sortable="FALSE" />

•  Now we come to the next trick, referencing those columns to a list template in the schema.xml file , the trick here is to declare the TaxHiddenList  'TaxCatchAll' & 'TaxCatchAllLabel' correctly to the the list schema, those fields are a lookup columns so they need the information list (source), following is the definetion, NOTE the List attribute. 

<Field Type="LookupMulti" DisplayName="Taxonomy Catch All Column" StaticName="TaxCatchAll" Name="TaxCatchAll" ID="{f3b0adf9-c1a2-4b02-920d-943fba4b3611}" ShowInViewForms="FALSE" List="Lists/TaxonomyHiddenList" Required="FALSE" Hidden="TRUE" CanToggleHidden="TRUE" ShowField="CatchAllData" SourceID="{1e46f7fe-3764-40b5-abd1-1746c716214b}" Mult="TRUE" Sortable="FALSE" AllowDeletion="TRUE" Sealed="TRUE" Version="2" />
<Field Type="LookupMulti" DisplayName="Taxonomy Catch All Column1" StaticName="TaxCatchAllLabel" Name="TaxCatchAllLabel" ID="{8f6b6dd8-9357-4019-8172-966fcd502ed2}" ShowInViewForms="FALSE" List="Lists/TaxonomyHiddenList" Required="FALSE" Hidden="TRUE" CanToggleHidden="TRUE" ShowField="CatchAllDataLabel" FieldRef="{F3B0ADF9-C1A2-4b02-920D-943FBA4B3611}" SourceID="{1e46f7fe-3764-40b5-abd1-1746c716214b}" ReadOnly="TRUE" Mult="TRUE" Sortable="FALSE" AllowDeletion="TRUE" Sealed="TRUE" Version="2" />

• Finally, we need to attache the "TaxonomyItemSynchronousAddedEventReceiver" & "TaxonomyItemUpdatingEventReceiver" to update all the hidden fields.

<Receiver>
  <Name>TaxonomyItemSynchronousAddedEventReceiver</Name>
  <Type>ItemAdding</Type>
  <Assembly>Microsoft.SharePoint.Taxonomy, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c</Assembly>
  <Class>Microsoft.SharePoint.Taxonomy.TaxonomyItemEventReceiver</Class>
  <SequenceNumber>10000</SequenceNumber>
</Receiver>
<Receiver>
  <Name>TaxonomyItemUpdatingEventReceiver</Name>
  <Type>ItemUpdating</Type>
  <Assembly>Microsoft.SharePoint.Taxonomy, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c</Assembly>
  <Class>Microsoft.SharePoint.Taxonomy.TaxonomyItemEventReceiver</Class>
  <SequenceNumber>10000</SequenceNumber>
</Receiver>

Now you are all set to enjoy many many features and ideas that this colum type offers :)