An alternative way to dive into Delve

Delve-headerDelve is an interesting part of Office365.

In my previous organization I often received complaints about what was shown in Delve. Exactly like the results you see in Search, what you see is what you have access to, and for many people this was hard to understand. Every time the Search or Delve results got questioned (“Search is broken!”) I could prove that this person saw this search result or this document card on Delve because they had access to it, whether that was desired or not. I loved this demonstration of the importance of proper permissions management 🙂
In Search, any mismanagement of permissions only becomes apparent when you are actively searching, but in Delve “content finds YOU” so it is ruthlessly in-your-face.

Joanne Klein has written a great post on Delve and how to disable it – entirely or partially.

In my current organization we have not promoted it very much yet, so when we recently changed a number of licenses from E1 to F1, we did not consider the fact that the Delve app would no longer be visible for the F1-users, a big risk.
However, we received a question from someone who uses the people-part for looking up managers and direct reports, so I found three alternative options.

1. Via “My Office Profile”

After all, the Delve “Me” page is your profile page, so that should be available for every user. Just click on your picture top right and select “My Office profile”.

Delve-myprofile
“My Office profile” leads to your Delve “Me” page

 

2. Via the URL

Delve is available for users if they are logged in to Office365 and use the following URL: https://<datacenterlocation&gt;.delve.office.com.
For our organization and my own tenant this is https://eur.delve.office.com and for a tenant in the UK this would be https://gbr.delve.office.com
I do not have access to any other tenants so I can not give you the “code” for other data centers but please take a look at your Delve to see what it is. It may come in useful one day.

Delve-Mepage
My Delve page. The URL will resolve itself to yours as soon as you enter the URL.

3. Via Outlook (people data only)

Like Delve, Outlook also uses Active Directory so all people data is also in Outlook.
Users with an F1-license use the Outlook On The Web experience and they can see people’s managers and direct reports in the people card.
When you hover over a person’s name (searched or from an email) you will first see the small card, which expands into a larger card. When you click “Show more” you will see a ton of info, including the “Organisation” which will allow you to see a person’s manager and direct reports. In my case the tab is greyed-out because I am the only one in my tenant and have not set up AD.

Delve-Mepage2
Lots of info available if you click “Show more” on the extended hover card. The “Organization” tab will show you direct reports and managers.

4. “Discover” on the Office 365 start page (documents only)

The Home page in Delve shows a mix of documents that are popular or have been edited recently by people you work with.
The Office365 homepage has a tab called “Discover” which shows you a mix of recent documents from others.

Delve-discover
The “Discover” tab, showing you a mix of documents from your “circle”.

When I compared the two I found these were very similar except for

  • Content: the “Discover” tab on the Office365 homepage only shows documents from OneDrive and SharePoint, while the Delve page shows documents from OneDrive, SharePoint and Outlook
  • Display: Delve shows cards, the “Discover” tab can show tiles or list items
Delve-documentcard
A Delve card, which shows modified date, preview, views, and allows adding to favorites and boards
Delve-documenttile
A tile in the Office365 homepage, showing much less info than the card

Sadly I can not share any comparative screenshots as I can only see this in my work tenant. I am the only user in my tenant so there is nothing to share from others.
But trust me, the Discover tab is an alternative, albeit not a full one, for the Delve Home page.

What’s next for Delve?

My colleague was happy with the alternatives provided.

But when I found this all out I wondered if Delve may be going away as a separate workload as the functionality is now embedded in other, more frequently used, tools. It also has not been included in the recent icon redesign, which may be a clue as well. Would anyone know?
Just as I was writing this post, I found this post from John Liu (in response to a Tweet about Delve from Joanne Klein) who is also wondering about the future of Delve – he has a good idea for its development.

So let’s wait and see if Delve keeps being a separate app, but with added functionality, or will be absorbed into relevant other workloads in Office365…

Photo by Matthew T Rader from Pexels 

Advertisements

SharePoint Holmes and the Online Only

sh-onlineonlyThe case

“ I can not open the embedded document” the user told me.
“Ah”, I thought, “I have once solved a case for that”.
“Please ask the site owner to make sure the library opens in the client application” I told the user. “Because embedded documents do not open in the online version“.
I thought that was the end of it, but some time later the site owner contacted me, telling me that the document library always opened in client so he did not understand what I meant.
To be honest, I did not understand it either anymore, so I needed to put on my sleuthing hat.

The investigation

  1. I checked the library and the settings. Yes, the library was set to open in the client.
  2. I selected the document and opened it with Word. No problem.
  3. I asked the user which version of Word he had. A recent client version.
  4. Then I checked his permissions to the site. Somehow or other I always end up checking permissions. The user had Read permissions, as expected.

    sh-onlineonly-sitesettings
    The user was in the Visitors group with Read permissions to the site (In Dutch it is “Lezen”)
  5. I looked at the items with different permissions and noticed that the document library had different permissions from the site. There I saw that the user had been added with View Only, which according to the description means: View pages, items, and documents. Any document that has a server-side file handler can be viewed in the browser but not downloaded. File types that do not have a server-side file handler (cannot be opened in the browser), such as video files, .pdf files, and .png files, can still be downloaded. 

    sh-onlineonly-librarypermissions
    In the Document Library this group has “View Only” permissions.

6.  I gave my colleague the same permissions to the site and checked what happened. Indeed, she could only open documents in the online version with that role.

sh-onlineonly-opening
The user could only open documents in Word Online. No option to use Word Client.

The solution

The site owner had inherited the site and did not know why this permissions set had been given. To be honest, I have never used it so I wonder what people use it for.
I explained the situation and told him that the determining factor was the need to see the embedded document.

  1. If the user had no need for the embedded document, he could leave the permissions as they were.
  2. If the user needed to see the embedded document, he still had two choices:
    – Make the document available in the document library, instead of embedding it, and leave the permissions as they were
    – Give the user Read permissions

Tips:

  • Be aware that people with View Only can also not Copy or Move.

    sh-onlineonly-nocopyormove
    There are no Copy To or Move To options when you have View Only
  • @Site Owners: stick to the standard roles as much as possible
  • @Site Owners: always ask your predecessor for the why if you see any strange things when the old site owner hands over the site to you. (Yes, I know this will not happen, but a support girl can dream 🙂 )
  • @Support people: You will have noticed by now that you should always check
    – Client/Online opening behaviour
    – Classic/Modern settings (they are not an issue here, but have been unexpected causes of issues in other cases)
    – AND permissions


About SharePoint Holmes:
Part of my role is solving user issues. Sometimes they are so common that I have a standard response, but sometimes I need to do some sleuthing to understand and solve it.
As many of my readers are in a similar position, I thought I’d introduce SharePoint Holmes, SharePoint investigator, who will go through a few cases while working out loud.

Image courtesy of OpenClipart-Vectors on Pixabay.

SharePoint Holmes and the Gone Gallery

800px-Northwestern_High_School_Student_Art_GalleryWhile all consultants are writing about Modern Sites, Hub Sites and Communication sites, I am quite certain that a lot of us practitioners are still working with the Classic sites. Looking at “my own” environment this will not change overnight.

(One of the joys of being a practitioner is that you can watch an intranet grow old…and not always gracefully 🙂 )

So here’s another case of Classic SharePoint Investigation.

The case

“I can only add app parts to the page,” the user said. “I am the owner of the site and I would like to add Summary Links, but I can only see the web parts for the document libraries and lists in my site.”

And indeed, when I looked at her page in Edit mode, it looked like this:

SH-GG-WebParts
Although the user had selected the Web Part Gallery, she only saw the App Parts.

 

SH-GG-AppParts
This is what she saw when she selected the App Parts – exactly the same!

 

The investigation

  1. The site permissions were OK – she indeed had the correct permissions to manage the site.
  2. I checked the permissions for the Pages library and Pages – all were inheriting from the parent so that was not the issue.
  3. I logged in as admin (that account has Administrator permissions on all site collections in the tenant) and I saw all web parts. So it looked like another permissions issue.

    SH-GG-CorrectWP
    Same page, different user: I could see the web parts
  4. I asked the owner to which business she belonged. That was Business B. This gave me the clue that I needed.
  5. I checked the site collection – this was a site collection for Business A.
  6. So I checked her permissions on the site collection level – none, as only employees of Business A had access.
  7. To confirm, I checked her permissions for the Web Part Gallery.  Bingo!

The solution

As we are divesting Business B, we have removed all permissions of the Business B people from all site collections of Business A, and vice versa. This means that the Galleries in the Business A site collections are not accessible to employees of Business B. It is an exceptional case that a Business B owner is an owner of a Business A site, but there was a reason for that.

Fortunately the Web Part Gallery had unique permissions, so I added her to the Gallery and then she could do what she needed to do. I did not have to worry about maintenance as her account will be removed in a few months automatically as the system separation takes place. (I may write about that later.)
Frankly, I do not know which permissions a Web Part Gallery should have by default, as I have seen both “inherited” and “unique” while checking some site collections.

This case is probably not very common, but if you ever get incidents where people can not see the web parts when editing a page, please check permissions of the Web Part Gallery at the site collection level. I remember once accidentally removing all permissions at site collection level, and after I had added the groups back, several Galleries were inaccessible as due to unique permissions the groups had not been added back automatically…

About SharePoint Holmes:
Part of my role is solving user issues. Sometimes they are so common that I have a standard response, but sometimes I need to do some sleuthing to understand and solve it.
As many of my readers are in a similar position, I thought I’d introduce SharePoint Holmes, SharePoint investigator, who will go through a few cases while working out loud.

Photo courtesy of Maryland Pride on Wikimedia.

SharePoint Holmes and the Survey Surprise

Survey-Detective_Maxwell_on_his_desk_in_the_movie_Until_DeathMost questions I receive about SharePoint surveys are permission issues (it is not extremely intuitive that you need to give all your audience Contribute permissions) and the error message that tells people you can not enter this survey twice.
But this time the issue was different.

The case

The site owner had created a survey in which each item had to be completed by two people. When the first person had entered their part, they would send the link to their entry to the second person, who was supposed to enter the rest.
However, the second person could not open the link and got an error message.
“Sorry, something went wrong. No item exists at [location]. It may have been deleted or renamed by another user”.
When that second person went to the site and opened the survey, they could see that an item had been entered but when they clicked “Show all responses” they received a message that there were no responses.
Confusion all around!

The investigation

  1. I checked the permissions, of course.
    The second person had Contribute permissions to the survey, so that was OK. Everyone could see and edit all items, which is a bit scary, but as this was a controlled process with a limited audience, that could work.
  2. People could enter multiple responses, so that was also not a limitation that could cause this issue.
  3. I checked the survey itself. It had some branching. I completed the first part of the survey and clicked Save and close. My entry was saved.
  4. I went to the survey and saw the item and could open and edit it.
  5. I looked at the 2nd part of the survey, which had many required responses and that gave me some ideas to test…

As it turns out,

  • You are unable to save a straightforward Survey item (with no branches) if it contains questions where you have to provide an answer. We know that, it is the same as with List items.

    Survey-needsmandatoryfields
    This survey can not be saved when the required fields have not been completed.
  • A survey with branching however, will save answers, even if you have not entered all mandatory fields. You will get a message and the item will be saved as “not complete”.
    Survey-setup
    With the yellow-marked question the branching occurs, and there are 2 questions which require a response after that.
    Survey-page1filled
    This is what the first part of the survey looks like. The first person would “Save and Close”.
    Survey-messageforsaving
    “This website reports the following” – you are learning Dutch as you go along 🙂
    Survey-part1saved
    When you Save and Close,  the item will be stored and be visible.

    Survey-1responsenotcompleted
    If you click on “Show all responses” you will see that the item is “not completed”.
  • People can only see the completed items of someone else. As the item is “not complete” because the second part with mandatory questions is not completed,  second person Mystery Guest can not open my item, even though she can see there is an item and she has all the permissions.
    Survey-MysteryGuestsees1item
    Mystery Guest can see there is an item added…

    Survey-NoresponsesforMysteryGuest
    …but when she clicks “Show all responses” she gets the above message.
  • When I removed the “requiredness” of the answers of the 2nd part, the survey was marked as “complete” upon saving, and then the 2nd person could open and edit the 2nd part of the survey.

The solution

I discussed my findings with the site owner and suggested to make the answers in the second part of the survey no longer mandatory. I showed him how to create views in a survey to help getting the second part completed.

That worked for him. Case closed!

New experience for Surveys!

I also saw the Survey in Modern SharePoint. I appreciate the new consistency with other lists, but I can imagine that people will be lost without that well-known look-and-feel. But then, I expect that Forms will make the Survey obsolete soon, anyway.
I wanted to share a screenshot, but things are not very stable yet and I kept getting errors and the Classic experience. As soon as I have captured it, I will share!

About SharePoint Holmes:
Part of my role is solving user issues. Sometimes they are so common that I have a standard response, but sometimes I need to do some sleuthing to understand and solve it.
As many of my readers are in a similar position, I thought I’d introduce SharePoint Holmes, SharePoint investigator, who will go through a few cases while working out loud.

Image courtesy of ZaL141TeLq on Wikimedia.

7 Risks of Copy To and Move To (in SharePoint Online)

In my earlier post, I explained what happens when you use Copy To and Move To. CopyMove-Risks

I really like using it, but of course there are some risks too, especially because it is very easy to do.
I have already encountered the first casualties and I assume many more will follow.

So here are some things that I think are a tad dangerous:

  1. Even people with only “Read” permissions can Copy your content to a site they have more permissions to, or to their OneDrive. What does this do for “one version of the truth”?
  2. It is now very easy to Copy confidential content to a location with a completely different audience.
  3. People with Contribute or Edit in your site can Move documents to another site and delete them from your site.
    This has been a recent issue with one of my users. He reported that he had lost a large part of his site’s content and did not know what had happened. Fortunately I found his (200+) documents in the Recycle Bin. They had all been deleted by the same person, in a time span of about 5 minutes. I still do not know if that person had really used the Move option, but it is plausible.
  4. There is no way for you, as a site owner, to see if content has been Copied to a different site.
    You can see in the Document Information Pane if people have deleted content. You could also set an Alert for Deleted Items, so you know quickly if an unexpected large number of documents has been deleted and you can ask the deleter if they have Moved content. But for Copy…no option.
  5. As far as I know, there is no option for the site collection admins to see what has happened, except when documents that have been deleted are mentioned in the Document Information Pane or show up in the Recycle Bin. (Please let me know if you have found how to do it – a third-party tool perhaps?)
  6. You can lose metadata and versions if the target contains fewer than the source. With the new versioning settings the latter will probably not cause many issues.
  7. You can break links as I found out recently. I moved some documents around because I wanted to combine some libraries and I had forgotten these were accessed from Promoted Links. Duh! 🙂

How to counteract:

1. Give everyone only the permissions they really need

Making sure every person has the correct permissions is getting more and more important.
With the defaults for sharing and access requests set to give people “Contribute” or “Edit” permissions accidents with Copy or Move are more likely to happen.
Delve, that shows you potentially interesting information that you have access to, makes this part of site ownership even more important!
I often use an extra permissions set called “Contribute without Delete” which means people can Read, Add and Edit but only the Site Owner can delete content. That reduces the likelihood of content disappearing.

2. Inform users how Copy To and Move To work

If your users know how this works, they may be more aware what they are doing. Perhaps this picture helps to convey quickly what happens.

CopyMove-Versions

3. Inform users of the confidentiality of your content

Always make your site’s audience aware of the confidentiality status of your content. Not everyone may realize that some content (such as new brand names, prices or competitor info) may damage your company, should it fall into the wrong hands.
Tell your audience which content should not be shared and copied, and what the consequences could be if they do, both for the company and perhaps even for themselves.

4. Set Alerts for deleted items

You may want to set an Alert for content that is deleted, so you are warned when you see an unexpected large amount of deletions, for instance. As you can not restore the content someone else has deleted, contact your support team as quickly as possible to restore the content.

Of course I am curious to learn which issues you have encountered, and how you have solved those!

Image by Glenn Wallace on Flickr. 

10 things to know about Copy to and Move to (in SharePoint Online)

CopyMove-headerOf course you all know a number of ways to move documents from one place of SharePoint to another, such as Open With Explorer*, Content and Structure** and 3rd party tools.

But have you tried the “Copy to” and “Move to” options in SharePoint Online?
(I will use the words Copy and Move throughout this blog as this makes it easier to read…and write)

CopyMove-bar
Copy To and Move To become visible when you select one or more documents

I knew that Copy has been available for some time in document libraries, but only recently I have also discovered Move. So I decided to find out how it works and how I can explain this best to our audience. The Microsoft Help is accurate and helpful, but it does not mention everything.

1. This is only available in document libraries with Modern Experience. 

2. Copy and Move are available for Document, Asset and Picture Libraries.

You can Copy and Move folders or individual documents to other Document Libraries.
You can Copy and Move images from Asset and Picture Libraries, but only to the same Asset or Picture Library or other Document Libraries.
In Pages Libraries, you can only Copy a page and then only to the same Pages Library. This is useful when you want to base a page on an existing one.

CopyMove-Pages
In a Pages library, you can only Copy a page to the same library. No other targets are available.

 

CopyMove-targetoptions
Source and possible target libraries

3. Copy and Move can be done between OneDrive and SharePoint Online and vice versa.

CopyMove-OneDrive
Your OneDrive is always shown as option.

4. Copy and Move can be done between different site collections, unlike “Content and Structure”.

5. What you can do depends on your permissions.

a. To Copy, you will need at least “Add” permissions in the target site.
You will be adding documents, so you will need Contribute, Edit or Full Control or similar.
“Read” permissions to the source site are sufficient in order to be able to Copy content.
b. To Move, you will need at least “Add” permissions in the target site AND “Delete” permissions in the source site, as Move deletes the documents in the source site.

CopyMove-Permissions
The roles you need

 

6. Copy only copies the latest version, Move moves all versions.

This is the same as with Content and Structure, but it does not hurt to mention it again, as this is now available for more users and can have consequences!

CopyMove-Versions
Differences in Copy and Move w.r.t. versions

7. Move keeps the original Created and Modified dates and names.

Copy keeps the original Modified date and Modified By name, but Create date will be now and Created By will be the name of the person who copied. This makes sense, as you are creating a new instance with new Create info.
This can also be slightly confusing, as the Create date can be later than the Modified date.
In the screenshots below, I have used the same Source Library and two different Target Libraries, to show the difference between Copy and Move.
The documents have different dates, people and versions.

First, let us Copy the 3 selected documents

CopyMove-Copy3docs
Version number are 3.0, 2.0 and 5.0, respectively. Different names in Modified By and Created By.

 

This is the result:

CopyMove-3docscopied
All documents have been copied as a new version with the Created date of some minutes ago – while the Modified date is earlier! Created By is me (I did it) while the Modified By is still the same.

 

Now, let’s Move the same 3 documents to a different library:

CopyMove-Move3docs
Now we are moving these same 3 documents

This is the result:

CopyMove-3docsmoved
The original names and dates are in Created By, versions are the same.

 

8. You will receive warning messages in certain scenarios.

a. You Move a document to a target document library that has fewer versions enabled than the source. In this case, document Sharing 9 has 5 versions, the target library 3. You will get a useful warning and the option to stop the process. You do not get this warning when you Copy, as this only copies the latest version.
(This will become less of an issue with the changes in versioning coming up)

CopyMove-VersionWarning
Warning about fewer versions

b. You Move a document to a document library with fewer/different metadata. In this case, I am moving a document that has a Topic column to a target without that. Again, you can Copy it with no warning.

CopyMove-metadatawarning
Warning about different metadata

c. You Copy or Move a documents to a target location that already has a document with the same name.

CopyMove-Titlewarning
You can not Copy or Move when a document or folder with the same name exists in the Target library

d. You Copy or Move a document to/within a document library that has Content Approval, and do you not have sufficient permissions to approve content.
Added April 21, 2019, thanks to this blog by Paul Matthews.

041319_1828_accessdenie2
Not enough permissions to approve new content, in this case.

e. When you Move content, you delete content in the source. When you Move (and therefore delete) many documents in one go, you will receive a warning message. This is very considerate, but please be aware that it may freak some users out!
Added April 21, 2019, thanks to a screenshot from Joanne Klein:

IMG_0178
I think this is a helpful email, because it creates awareness of what you have done. 

9. This functionality is not available for guests.

Guests who want to Copy or Move get an error message, even if they have the correct permissions and see the options. Judging from the error message, the sites shown in the panel are sites you follow and/or have recently visited. As externals have no OneDrive to store their Followed sites, nor Delve to see the recently visited sites, this makes sense.
This may get awkward for long-term trusted external partners, though.

CopyMove-MysteryGuestIssue
Even though the option to Copy or Move is displayed, external users/guests can not do this.

10. The sites that are suggested as targets are based on the Office Graph. 

A good reason to Follow your sites – they show in the targets panel and save you searching. The suggestions are based on the Office Graph and this explains why external guests can not Copy or Move – they have no Office Graph. Thanks to Greg Zelfond for providing me with this info! 

CopyMove-followed sites
What is shown here depends on your Office Graph.

 

My two cents

I am quite happy with this functionality. It is very simple and it will be very useful in case of organizational change or archiving a project.
I now use it all the time when I move instruction and help documentation (that I write using a Word template on my laptop) from my OneDrive to SharePoint. Somehow it feels easier.

However, I would not be me if I did not see some risks. But as this is already quite a long post, I will leave that for next time.

Special characteristics of other ways to move documents

*Open with Explorer
• Microsoft help
• Needs Windows on your PC as it opens Windows Explorer
• Needs Internet Explorer 32 bits, does not work with any other browser
• Only works with Classic SharePoint
• Content takes Create/Modify dates and names from the person performing the action and the date/time of the action
• No versions can be copied or moved

**Content and Structure
• Only accessible for people with Contribute or higher
• Only available to copy and move within the site collection
• Only available when your site collection has publishing features enabled

Image courtesy of Baitong333 at FreeDigitalPhotos.net

An unpleasant inheritance

inherit-picInheriting something is a mixed pleasure.
You can become the proud owner of your uncle’s lovely old-timer, or be able to wear your grandmother’s diamond necklace and matching earrings at grand events, but you generally receive those treasures only after a dear one has passed away.
But you can also inherit debts, a house with an expensive mortgage, a nephew or other “things” that you have never wanted.

Inheriting permissions in SharePoint can also be a curse rather than a blessing.
“I have suddenly lost access” has been the title of many recent incidents. No need to blame this on Microsoft, SharePoint or the support team, because in 99% of cases this is a human error:

  • The Site Owner accidentally removed their own permissions while cleaning up a document library’s  or site’s permissions. The support team can easily fix this.
  • The Site Owner accidentally inherits the permissions from the parent site. That is pretty serious and has happened alarmingly often!
inherit-removeuniquepermissions
A dangerous button that will inherit permissions from the parent – this can be wanted in documents, folders and libraries but can wreak havoc in sites.

I have already mentioned in many of our instruction materials: “if you see “this web site has unique permissions” in the yellow bar, DO NOT CLICK “Delete unique permissions” as you will

  • Inherit the permissions from the parent site
  • Lock yourself out of your site if you have insufficient permissions on the parent site
  • Remove all unique permissions in your site (and there is no “undo” or “restore” option)
inherit-thiswebsitehasnqiuepermissions
If you see this text, you are at the site level!

The warning message appears not to be informative enough to keep people from proceeding.

inherit-warning
The warning message before you inherit the permissions from the parent site.

Recently I have guided a few people through “permissions stuff” via screenshare and I notice that they always want to click ‘Delete unique permissions” when they want to remove users. In several cases these users were individuals who were not in a group and therefore were seen as having unique permissions.
On those occasions I have been just in time to guide their mouse pointers to the right button: “Remove User Permissions”.

inherit-removeuserpermissions
Use this when you want to remove  groups or individuals from your site

This has now happened so often, with such serious consequences, that I have added a suggestion to Microsoft SharePoint Uservoice to rename “Delete Unique Permissions” into “Inherit permissions from parent” as this is probably easier to understand for the user than the current wording. If you agree, please support my request. (Happy to return the favour, of course)

You know, like in SharePoint 2007:

Inheritpermissions2007
What it looks like in SharePoint 2007 – much more intuitive! (Pic taken with Phone)

And if you have taken any measures that successfully prevent this accidental inheritance, please share!

Image courtesy of Phil_Bird at FreeDigitalPhotos.net