Sonntag, 8. Februar 2015

Getting Emails with Attachments from Office Graph using REST API

Email attachments are now also covered by the Office Graph and Delve

Since a couple of days Delve is showing Email attachment:
More details about this, the Delve card for “Emails with Attachments” and its functions can be found in this blogpost: Delve starts to add emails with attachments to results

Using the REST API we can get this data, too. Getting all emails with attachments for the signed in user we can use this call:

The contentcalass filter 'contentclass:exchangeattachment’ is scoping the result only to mails with attachments.
This query only returns result for the user who runs the query. Because of Email contentclass results are only shown in the Home Feet in Delve it is a private signal. In Detail every person who received the mail and within the mail also the attachment gets it in his Delve Home Feet:

Montag, 12. Januar 2015

O365 Groups – new feature

Opening a document attached to a Group discussion is showing a new feature. The document opens in Office WebApps and the discussion thread is showing at the right side.
Cool new feature.

Sonntag, 4. Januar 2015

The anatomy of Office 365 Groups

Microsoft released a new feature called „Groups“. This article is about the anatomy of this feature, the architecture and the structures in the backend.
For common information and the ideas behind Groups check out this link:

Create a Group

Groups are actually only available in O365 using Outlook online. You can create a new Group by navigating to Outlook online “Group” tab and press “Create Group”:

This starts a dialog for to collect the needed information’s like Name, Privacy settings etc.
Default setting for Groups in O365 allows everyone to start a new Group. To change this we need PowerShell:
Connect to your O365 Tenant -> Exchange Online:
Then we can use this commands:
-          to disable Groups: Set-OwaMailboxPolicy -Identity\OwaMailboxPolicy-Default -GroupCreationEnabled $false
-          to enable Groups: Set-OwaMailboxPolicy –Identity\OwaMailboxPolicy-Default -GroupCreationEnabled $true

Groups architecture

After a new Group is created you see a new tab in Outlook online for this Group. For every Group we have an overview page like this:

We can see all the conversations for this Group. Based on the “subscribe setting” during the create dialog every post in a conversation will result in an Email to all members of this Group. Insofar we are still in Exchange online.
We can also see that per Group we have elements like Calendar and Files. Calendar is also based in Exchange online but Files are based in SharePoint online. Navigating to the Files of a Group redirects to the MySite of the user:

But the MySite host is not where the documents a stored. For every Group a hidden Site Collection is created in SharePoint online. We cannot see this Site Collection in SharePoint online administration, but you see the URL for example in the hover-panel of a document:

So in my example the URL of the hidden Site Collection associated to my Group is:
We cannot access this Site Collection. Navigation to this URL automatically redirects us to the Group Files overview page located in users MySite. This is also true for every other Sub-URL. So if we try to go to _layouts/15/seetings.aspx or to the _layouts/15/listedit.aspx to change Document Library Setting etc. we are redirected to the Group Files overview page located in users MySite. The only way to manipulate settings is using SharePoint Designer or SharePoint Client Browser. Opening the Site in SharePoint Designer looks like this:

As we see we can manipulated some settings using SharePoint Designer. BUT this is not supported and can only be useful as part of testing and troubleshooting scenarios!
Last component is Azure AD. As we see so far Groups are using Exchange online and SharePoint online. So question is what kind of objects are Groups – and the answer is that Groups are Azure AD objects.

As you can see we have a Groups tab in Azure AD and there we can find a list of all Groups. Navigating to a Group we have several settings and information’s, amongst other things we can see the Objekt-ID which is the unique identifier for the Group.
So Groups are not a SharePoint online thing and also not an Exchange- or Outlook online thing. Groups are located in Windows Azure AD and Groups are a Office 365 feature. Because of this: Groups can easily be used in all features belonging to Office 365 and the underlying Windows Azure AD. The article I mentioned at the start of this post talks about “…In upcoming phases, we will add Yammer and Lync to the Groups experience to help you do even more”. Now we understand that this can easily be done based on the underlying Azure AD.


Samstag, 15. November 2014

Delve and the Office Graph for IT-Pros & Admins

There are a couple of really good post from Richard Dizerega, Elio Struyf, Mikael Svenson  and Waldek Mastykarz. But everyone is talking about dev. stuff or end-user perspective.
In this article I will show the idea of Delve, the Graph and how it is working and what can be done from an IT-Pro / Administrator perspective.


We can enable or disable Delve and control access to the Office graph in SharePoint Online administration. To do this we had to navigate to Admin > SharePoint > Settings. Under Office graph, select one of the following options:
-          Don’t allow access to the Office graph

-          Allow access to the Office graph
Delve can also be disabled or enabled per user. To do this the user must go to Office 365 > Delve > Delve settings.
To store this setting we have a new property in User Profile Store: OfficeGraphEnabled.
The OfficeGraphEnabled property is only used when a user actively turns off Delve for themselves.
The property also results in a crawled and managed property which can be used in Search.
So the Administrator can query that property in Search to find out all people within his organization who turned off Delve.
This can be useful to get an overview about Delve usage in you organization.
We have several other properties in the User Profile service used by Delve.
·         SPS-UserType
·         SPS-HideFromAddressLists
·         SPS-RecipientTypeDetails

The SPS- properties are there to help the Office graph to determine if user in Exchange Online is a non-person entity such as a meeting room.
Users aren’t able to set these properties directly in their SharePoint Online profiles.

Working with Delve for IT-Pro´s and Admin

From IT-Pro & Administrator perspective Delve is a kind of service we have to write code to tweak it. Actually there are no out-of-the-box WebParts etc. we can use to work with Delve.
But we have a bunch of preconfigured code snippets, examples, SharePoint Apps and tools which can be very useful also for Admins and IT-Pros.

SharePoint 2013 Search Query Tool

The SharePoint 2013 Search Query Tool support with version 2.2 also GQL (Graph Query Language). For more details about GQL follow this link:

Office graph queries within your SharePoint search center

Elio Struyf did a great job with his code sample to use SharePoint search center to visualize Graph Queries.
All you need is a Script WebPart, a Search Box WebPart and a Search Result Webpart. The script is overriding the default Srch.U.fillKeywordQuery function, manipulating some parameters and doing a call to the original fillKeywordQuery function. The scripts and details can be found here:
The result looks like this:
We can use this script to fire queries against the Graph. Modifying the “Me or Actor ID” field give us an option to impersonate the query. The Graph always respects your privacy so we cannot see private object from another person. Details see here:  Privacy in Delve and Office Graph
But we can see all public objects for a given Actor ID to verify our security concept works well.
In my example I fire the query as user “Oliver Hardy”:

SharePoint Apps around Delve

In the SharePoint App store we can find a bunch of useful Apps around Delve and the Graph. Most of them are from Mavention / my MVP colleague Waldek Mastykarz. To test Delve and work with the Graph the most useful is the Office Graph Query Tester
This app showes the query which is used to get a result. This query can then be used and modified in the SharePoint 2013 Search Query Tool.

SharePoint 2013 Search API Results Webpart

I have a codeplex project for an experimental SharePoint 2013 Search API Results Webpart. This WebPart is visualizing the JSON result comming from search service as a simple list. Modifying the query in the script you can use this script to show Graph results where ever you have to.
Here I use the script in a Script WebPart to visualize the following query: ACTOR(ME)
This can be useful to show Graph results as part of you intranet landing page which is maybe not SharePoint etc.

Further information and events

·         More and further information about Delve can be found at IT-Unity:
·         IT-Unity also hosts a survey about delve: First Impressions of Office Delve
·         and there is a upcoming webinar series about Delbe at IT-Unity homepage:

Samstag, 25. Oktober 2014

Deactivate social feature MySite, Newsfeed, OneDrive, Sync, Share & Follow in SharePoint 2013

In several project I had the request to deactivate one or all of the following features. Poorly there is no consistent way to do it.

Sync button

To deactivate that feature we can use the SPList.ExcludeFromOfflineClient property. With this PowerShell Script we can set the value to 1 which deactivates the Synch function everywhere.

THX Sahil Malik for that script

Get-SPSite -limit all | get-SPWeb -limit all | Foreach {$_.Title = $_.Title;
$_.ExcludeFromOfflineClient=1; $_.Update()}


If we can start with a fresh system we can remove the permissions to create MySites. If already MySites are created we first must delete them. Only the MySites, not the MySite host!
Do not give the user the option to set up MySites will also remove the Newsfeed and the OneDrive link in the SharePoint top link bar.


This script disables the “Allow access request” setting under Site Settings -> Site Permissions -> Allow access request for all Sites and SubSites und the configured URL

$Webapp = Get-SPWebApplication "http://MySharePointURL"
ForEach ($site in $webapp.Sites)
{ForEach ($web in $site.AllWebs | where {$_.RequestAccessEnabled -and $_.Permissions.Inherited -eq $false})
write-host $web.Title, $web.URL updated}}

The “Share” button and also the entries in the HoverPannels and context menus are still there but the user get the message that he did not have the right to share content or sites. Another option is to set the max allow documents, sites and users to follow to 0. We can do this in Manage Profile Service -> MySites settings section -> Manage Following


This script goes through the hierarchy and disables the Following Content feature in every WebSite. You get an error message for every site where the feature is not active or missing. This can be ignored

$w = Get-SPWeb http://MySharePointURL | ForEach{ $_.URL }
Get-SPFeature -Web $w |%{ Disable-SPFeature -Identity "FollowingContent" -URL $w -Confirm:$false}