Category Archives: Configuration

Windows PowerShell ISE

Configuring SharePoint & Microsoft Teams PowerShell environment

Here is a list of steps that I usually complete when configuring a PC, so that I can run PowerShell script that connects to SharePoint Online and Microsoft Teams.

SharePoint Online Client Components SDK

The SharePoint Online Client Components SDK can be used to enable development with SharePoint Online. …[Microsoft] recommend using NuGet packages rather than installing CSOM assemblies to GAC. However, I find these DLLs useful when writing CSOM directly within my PowerShell scripts. 

Click here to select and download the relevant MSI file.

Open Windows PowerShell ISE as Administrator

To be able to complete the other steps that follow, we need to run the Windows PowerShell ISE as Administrator. If you would like to make this a more “permanent” action, follow these steps:

  • Search for Windows PowerShell ISE and Pin to the Start menu
  • Right click on the pinned tile and click on More and Open file location
  • Locate the Windows PowerShell ISE shortcut, right-click and select Properties 
  • Click Advanced… and select Run as administrator
  • Finish by clicking OK, Apply and OK 

From now on, when opening the Windows PowerShell ISE application from the Start menu, you will be prompted by: “Do you want this App to change your device.” Don’t forget to click Yes.

Note: If you do not open Windows PowerShell ISE with “Run as Administrator” you will not be able to set the Execution Policies. 

Check Your PowerShell Version 

The Microsoft Teams PowerShell Module has some known issues with PowerShell 7.
For the best experience, [Microsoft] recommend that you use PowerShell 5.1. If we are running anything newer than 5.x then you may need to down-grade… 

Run the following PowerShell code to check the PowerShell version

Get-Host | Select-Object Version; 

Execution Policies 

Generally, the execution policies on new machines are set to a level that will restrict the installation and running of our scripts. See the About Execution Policies article for information on how to manage them. Running the following PowerShell cmdlet to see what your current Execution Policy is set to:


I usually set my Execution Policy to Unrestricted, by running the following PowerShell cmdlet:

Set-ExecutionPolicy -ExecutionPolicy Unrestricted; 

Install SharePoint Online Management Shell 

The SharePoint Online Management Shell is a tool that contains a Windows PowerShell Module to manage your SharePoint Online subscription in Office 365. 

I would recommend using the PowerShell cmdlet instead of the .MSI files, as the process for updating modules later are simpler. Click here for more information about the SharePoint Online Management Shell.

Run the following cmdlet, in administrative mode, to see if the SharePoint Online Management Shell has already been installed:

Get-Module -Name Microsoft.Online.SharePoint.PowerShell -ListAvailable | Select Name,Version;

Or run the following cmdlet, in administrative mode, to install the latest version of the SharePoint Online Management Shell:

Install-Module -Name Microsoft.Online.SharePoint.PowerShell;

Install PnP PowerShell Library

SharePoint Patterns and Practices (PnP) contains a library of PowerShell commands (PnP PowerShell) that allows you to perform complex provisioning and artifact management actions towards SharePoint. The commands use CSOM and can work against both SharePoint Online and SharePoint On-Premises (depending on the modules installed)

Click here for more information or run the following cmdlet to install the SharePoint Online PnP PowerShell library:

Install-Module SharePointPnPPowerShellOnline;

Install Microsoft Teams PowerShell

Microsoft Teams PowerShell is a set of cmdlets for managing Teams directly from the PowerShell command line.

Warning: There are known issues with PowerShell 7 and Teams PowerShell. For the best experience, we recommend that you use PowerShell 5.1.

Click here for more information or run the following cmdlet to install the Microsoft Teams library:

Install-Module MicrosoftTeams; 

Upgrading PowerShell Libraries

As a rule, I avoid using the Update-Module cmdlet as this results in having multiple versions of the same library installed. Instead, I like to use the Uninstall-Module cmdlet before then installing the latest version.

SharePoint/SPFx: Returning to Webpart Development Part #1

Recently I was asked to develop a webpart for a modern SharePoint site. My first thoughts were; where do I start, I haven’t done any webpart development for years? I would like to share my journey with you over the next few posts and hope my experience will help new and returning developers along the way.

Development Environment & Tools

Development Tools

Code Editor or Integrated Development Environment (IDE).

If you have not done so already, install your preferred Integrated development environment (IDE). My choice is Visual Studio Code, however there are three supported code editors:

Now you are ready to install or in my case update the development toolchain prerequisites. Pop back to the Microsoft article and follow the steps.

Tip: Hold [Ctrl]+[`] will open the Terminal window in VS Code.

Set up your SharePoint Framework development environment

In my opinion Microsoft has done a good job in publishing a collection of articles describing how to build and deploy your first webpart. I would recommend starting by reading the “Set up your SharePoint Framework development environment” articles to get yourself up and running


  1. At the time of writing this article, the SPFx Framework does not support the latest TLS (long term support) version of Node.js. Installing the wrong version will cause you headaches, so read “Important” notes under the Install Node.js section before you install Node.js
  2. Click here to navigate the Node.js v10.x, use the Node.js > Downloads > Previous Releases page.

Already have Node.js installed?

As a Windows 10 user, I opened “Add or remove programs” and entered Node into “Search this list” and checked the version before running executing the node-v10.22.0-x64.msi file.

The following command can be used to check the version installed:

node -v

Trusting the self-signed developer certificate

Don’t forget to configure a self-signed SSL certificate which can be done by running the following command.

gulp trust-dev-cert

You will use this when testing your custom solutions from your development environment which uses HTTPS by default.

Modern Browsers

Even though Google Chrome  is my preferred browser, I like to have Microsoft Edge and Firefox installed for additional testing capabilities.

Tip: I use Google Chrome’s persons (profiles) to switch between Tenants and Accounts. I understand that other browsers now include similar functionality.

Other Tools


I like this code editor for its simplicity and Plugins, such as: JSON Viewer and XML Tools.


Captures all HTTP(S) traffic between your computer and the Internet with Fiddler HTTP(S) proxy. Inspect traffic, set breakpoints, and fiddle with requests & responses.


Helps you build, connect and test APIs. An example is testing the Microsoft Graph API.

VS Code Extensions

Focused on SPFx development:

  • Debugger for Chrome
  • Debugger for FireFox
  • Debugger for Microsoft Edge
  • ESLint
  • jshint
  • Markdownlint
  • React Native Tools

For Source control:

  • Git Merger
  • GitLens

General Development:

  • Azure Account
  • Azure Functions
  • Azure Repos
  • Beautify
  • C#
  • Code Spell Checker
  • Edit CSV
  • Paste JSON as Code
  • PowerShell
  • Rainbow CSV

Frameworks & Fashion

Back in the mid 2010’s I built a lot of SharePoint webparts and worked with numerous JavaScript frameworks including: jQuery, jQuery UI, Underscore.js, Knockout, Vie.js and experimented AngularJS.

When the SPFx framework came on the scene the “AngularJS verses React (ReactJS)” conversation was fresh. While I built a handful of SPFx Webparts and Extensions I have to acknowledge things have moved on since then…

Back to School

Even though I had done these tutorials a few years ago, I found it invaluable to do them again:

Another great place to start with is the SharePoint Framework Client-Side Web Part Samples website and check out the Getting Started page. You can either clone the GitHub repository or just explore the code online.

My Pitfalls

If you are anything like me, I would recommend avoiding the following pitfalls:

  1. Using someone else’s code may seem like a great idea, however unless it does 90% or more of what you require you may find yourself spending more time trying to understand the code rather than writing new functionality.
  2. Getting bogged down in detail; this can easily happen if like me you enjoy detail. My strategy to avoid this is to draw wire-frames and carry out research (e.g. frameworks etc) before the build officially begins.
  3. Avoid the muddying of data and presentation code/layers; this is an area I can get bogged down in, however on a positive side the cleaner the separation the easier the code is to support and maintain.
  4. Unable to upgrade frameworks. It’s not always obvious what is going on, however if you find your projects are being scaffolded with old version npm packages then try retracing your steps and uninstalling everything including Node, before reinstalling again.

Next time

For my next post I will focus on design and frameworks.

Demo of the PnP Modern Search solution

Demo of the PnP Modern Search solution

A demo of the PnP Modern Search webparts put together to replicate some of the functionality found in the “Classic” Search Centre.

For more information on the PnP Modern Search Webparts click here:

For an extended* version of the Search Verticals webpart click here:

*Forwards the query string parameters or fragment to the next page.

Connect-PnPOnline: unwanted credential caching

UPDATE: May 2021

This problem, as described in my original post below, has been fixed for the Connnect-PnPOnline, when using the UseWebLogin param. Plus, the ClearTokenCache parameter is no longer available…

Connect-PnPOnline -Url "https://[tenant]" -UseWebLogin; 

The “new” (or orignal) experience when calling the above Cmdlet will look like the following screen shot:

Login screen: That didn’t work … Here are a few ideas…

For more options, see

An alternative is to use the Interactive prameter:

Connect-PnPOnline -Url "https://[tenant]" -Interactive; 

For more information, see

Original Post

Since creating a new Windows 10 profile (new PC) the Connect-PnPOnline PowerShell CmdLet has been caching my primary credentials while using the UseWebLogin parameter.

Connect-PnPOnline -Url "https://[tenant]" -UseWebLogin; 

This wouldn’t be a problem if I only worked with on tenant…

After a fair amount of Google searching, mucking around with Internet Explorer and Microsoft Edge settings I found that running the Connect-PnPOnline CmdLet with the following parameters worked:

Connect-PnPOnline -Url "https://[tenant]" -SPOManagementShell -ClearTokenCache;

Once signed you can revert back to using the UseWebLogin parameter, well until the next time the PowerShell console caches the wrong details… 😉

For more information see:

Office 365 Service Health

Need to check the health of your Office 365 Tenant and Services?
Here are some links that may help:

Office 365 (Tenant) Service health

Microsoft 365 Service health status

Office 365 outage map

Manage the life cycle of private channels in Microsoft Teams

Microsoft has published a very useful article in “Manage the life cycle of private channels in Microsoft Teams”, which can be found here:

In this post I have added my thoughts below some of their key points.

Set whether team members can create private channels

Team owners can turn off or turn on the ability for members to create private channels in team settings. To do this, on the Settings tab for the team, turn off or turn on Allow members to create private channels.

Microsoft Teams: Team Settings

As an admin, you can use Graph API, however currently there is not an option available for PowerShell (e.g. using the Set-Team PowerShell cmdlet – version 1.0.3).

Set whether users in your organization can create private channels

As an admin, you can set policies by using the Microsoft Teams admin center or PowerShell to control which users in your organization are allowed to create private channels.

Using the Microsoft Teams admin center

Use teams policies to set which users in your organization are allowed to create private channels. To learn more:


Using PowerShell

Use CsTeamsChannelsPolicy to set which users in your organization are allowed to create private channels. Set the AllowPrivateChannelCreation parameter to true to allow users who are assigned the policy to create private channels. Setting the parameter to false turns off the ability to create private channels for users who are assigned the policy.


NOTE: This cmdlet is currently (20/11/2019) only available in limited preview in the pre-release Teams PowerShell module.

Create a private channel on behalf of a team owner

As an admin, you can use PowerShell or Graph API to create a private channel on behalf of a team owner. For example, you may want to do this if your organization wants to centralize creation of private channels.


Pretty straight forward, for more information see the links below:

Find SharePoint URLs for all private channels in a team

Whether you’re looking to perform eDiscovery or legal hold on files in a private channel or looking to build a line-of-business app that places files in specific private channels, you’ll want a way to query the unique SharePoint site collections that are created for each private channel.

As an admin, you can use PowerShell or Graph APIs commands to query these URLs.

$sites = get-sposite -template "teamchannel#0" 
$groupID = “<group_id>" 
foreach ($site in $sites) {
  $x= Get-SpoSite -Identity $site.url -Detail; 
  if ($x.RelatedGroupId -eq $groupID) {
GET<group_id>/channels?$filter=membershipType   eq 'private'    

Compliance, eDiscovery and legal hold are all very important considerations when working with SharePoint and Microsoft Teams and I don’t see Private Channels being different. With that in mind, being able to quickly locate and manage the Site Collections (and data) is essential.

Currently there is not way to list and manage site collections created by Private Channel within the SharePoint Admin Center. Plus the PowerShell implementation is lagging behind the Graph API. That said with a little effort we can work around these limitations.

List and update roles of owners and members in a private channel

You may want to list out the owners and members of a private channel to decide whether you need to promote certain members of the private channel to an owner. This can happen when you have owners of private channels who have left the organization and the private channel requires admin help to claim ownership of the channel.

As an admin, you can use PowerShell or Graph APIs commands to query these URLs.


Pretty straight forward, for more information see the links below:

Microsoft Teams: Team Settings

First impressions of Private Channels in Microsoft Teams

We finally have Private Channels in Microsoft Teams, here are some of my first impressions.

👍 Private Channels are created without the Wiki tab

👉 Private Channels create a new SharePoint site collection (based upon a modern Team)

👉 A Private Channel’s site collection’s Alias (URL) is prefixed with its “parent” Team’s Alias (URL):

  • Team Name: Human Resources
  • Private Channel Name: Annual Reviews
  • https://[company]

👍 Space re removed from a Private Channel’s title when a site collection’s Alias (URL) is created:

  • Private Channel Name: Annual Reviews
  • https://[company]

👎 Private Channels’ site collections are not available to see within the ‘modern’ SharePoint Admin Center. Other site collections are listed under the Active Sites page.

💀 Deleting a Private Channel also deletes the site collections (as expected). However the site collections is not available for recovery within the SharePoint Admin Center, under the Deletes Sites page.

👉 Private Channels site collection’s logo is not inherited from the Team and cannot be updated using the Microsoft Teams App. However it can be changed using the modern SharePoint UI.

👉 A Private Channel’s site collection’s homepage is the Documents library. It does not have the Site Pages feature activated and therefore does not have a Site Pages library.

SharePoint Online Permissions

Overview of SharePoint Online’s “out-of-the-box” permissions:

Permission Restricted View Read Contribute Edit Design Full Control
Can view pagesYesYesYesYesYes Yes
Can view list items
and documents
YesYesYesYes Yes Yes
Download documentsNoYesYesYes Yes Yes
Can add, update
and delete list items
and documents
NoNoYesYes Yes Yes
Can add, edit and
delete lists
NoNoNoYes Yes Yes
Can approve
and customize
NoNoNoNoYes Yes
Has full controlNoNoNoNoNoYes

SharePoint Online permissions, listed in reverse order:

  • Restricted View
    View pages and documents, but not historical versions or user permissions
  • Read
    View pages and items in existing lists and document libraries and download documents
  • Contribute
    View, add, update, and delete list items and documents
  • Edit
    Add, edit, and delete lists; view, add, update, and delete list items and documents. By default, this permission level is assigned to the Members group
  • Design
    Create lists and document libraries, edit pages and apply themes, borders, and style sheets on the site. There is no SharePoint group that is assigned this permission level automatically
  • Full Control
    Contains all available SharePoint permissions. By default, this permission level is assigned to the Owners group. It can’t be customized or deleted.

For more information, see Microsoft pages: