A great bunch of new features coming soon for SharePoint Modern Experience !

SharePoint product team just revealed news about a fantastic set of modernization features which are planned to release in the 1st quarter 2019. Microsoft been aggressively improving the user experience of SharePoint, OneDrive, in fact the whole Office 365 umbrella for the past few years.

Some of these features are brand new while some are updates for legacy SharePoint capabilities. Nevertheless, each of them looks cool and would definitely great to have. The best thing everyone love about Office 365 is, there is no additional cost for any of these updates. Let’s find out what we are going to get soon.

Bulk Check In/Check Out


Microsoft previously released bulk edit for list and libraries and now with this update you will have the ability to check in/out multiple records/documents at once. Have a look at the following screenshot comes from Chris MacNulty.

Document Sets


Document sets group related documents together with shared metadata, routing and visual experiences. They’ve been available in classic mode previously, and now you can work with them in the modern experience starting March 2019 onwards.

Signal Icons


Isn’t that cool when you have a nice visual cue right next to each file as the status? Here are the new list of status signals that you will soon be able to see in your tenant. There will be more signals and the best news is its not going to just limit to SharePoint but also will be available on OneDrive, Teams, and Office Clients too. Wait no longer than February !

Column Totals


Custom views allow you to add calculated fields, such as totals or averages, to the footer of a group or the entire list. Now, totals will display in the modern view without forcing users back to the classic interface. Totals will also show in the modern web parts for lists and libraries.

Sticky Headers

SharePoint is known to have large repositories. Large lists and libraries always takes a scroll vertically and horizontally. With Sticky headers, you will have the column headers pinned at the top of the scrolling window so it helps you identify list values as you move vertically and horizontally through the view. And ! column headers will also remain in place inside the list/library web parts across any page you have added them.

Add Columns In-between Column


Soon you will be able to add a column in between another columns which cuts off the time it takes to reach the end of the column headers. Again, this will help a lot in wider lists/library views where you have lots of columns added in to. Just hover you mouse on the edge between two columns and you will immediately notice the (+) icon.

Column Drag and Drop


Guess what! You don’t have to dig in and modify the views anymore. Moving a column within a list or a library, simply drag it and drop to where you want it to be. Easier right ?

In a quick note: Microsoft always commits to deliver efficiency, reliability and usability across all products. Feel free to raise you voice if you have any idea you think worth actioning here – https://sharepoint.uservoice.com/forums/329214-sites-and-collaboration

Images: Microsoft (original post is here)


Azure AD App Only Authentication

In a simple way, App Only authentication is the ideal method if you want to execute  a task by daemon. This allows you to execute some code without the permissions of a user or without an auth token of a user.

As part of a series of articles, idea of this 1st post is to give you an basic  fundamental understanding on creating an Azure AD App and grant permissions for this App to communicate with SPO.

let’s get this started. Simply head on to your Office365 home page and switch to Admin Centers. From the left pane, click on “Azure Active Directory”. From Azure AD, search for “App Registrations” and click “Add new application registration” link.

A new application interface will pop-up for you. Enter a name, Application type and Sign-on URL and click “Create”. Sign-in URL can be any and it also can be amended later to reflect a different one. A future post will discuss this again on what sort of URLs are used here.


Once the app creation done, you will be given with the app ID and other details related to it.


Next- Select Settings –> Required permissions and Add



In this case the API going to be SPO. You can choose the right API based on the requirement.


Next, hit “Grant Permission” button on the required permissions tab to provide none-tenant admin user access the application.

A self-signed or public (commercial) certificate must be provided now and then update the Azure AD manifest accordingly.

Following PS can be used to provision the certificate but ensure you have installed OfficeDev PnP PowerShell.

$certroot = 'C:\Site Creator'
$certname = "IntelAi-Cert-1"
$password = ConvertTo-SecureString "P@$$w0rd" -AsPlainText -Force
$startdate = Get-Date
$enddate = $startdate.AddYears(4)
makecert.exe -r -pe -n "CN=$certname" -b ($startdate.ToString("MM/dd/yyyy")) -e ($enddate.ToString("MM/dd/yyyy")) -ss my -len 2048
$cert = Get-ChildItem Cert:\CurrentUser\My | ? {$_.Subject -eq "CN=$certname"}
Export-Certificate -Type CERT -FilePath "$certroot\$certname.cer" -Cert $cert -Force
Export-PfxCertificate -FilePath "$certroot\$certname.pfx" -Cert $cert -Password $password -Force

Following line will copy a string to your clipboard

Get-PnPAzureADManifestKeyCredentials -CertPath 'C:\Site Creator\IntelAi-Cert-1.cer' | clip

Following is how the copied string would look like. It has to be added to the manifest file of the Azure AD application.

"keyCredentials": [
  "customKeyIdentifier": "5lca+kziogw7T6MB4kUrxseK5m8=",
  "keyId": "84153f1a-90b7-4802-b99a-bb75d4f9a35b",
  "type": "AsymmetricX509Cert",
  "usage": "Verify",

Select your application under app registrations in Azure AD. Replace the “KeyCredentials”:[], section, as shown below.


Now this can be tested whether the application has required permissions to connect to the SharePoint Online site. For the ClientID, you need to provide application ID of the app you have created.

$password = ConvertTo-SecureString "P@$$w0rd" -AsPlainText -Force
Connect-PnPOnline -Url https://site.sharepoint.com/ -ClientId 0c01f61e-ba27-4ae7-ab19-174884a949fc -CertificatePath 'C:\Site Creator\Site-Cert-1.pfx' -CertificatePassword $password -Tenant intelai.onmicrosoft.com
$myWeb = Get-PnPWeb

DISCLAIMER NOTE: This is an enthusiast post and is not sponsored by Microsoft or any other vendor.

APP Model is the Future of SharePoint – Part A: Configuring APP Domain for In-Premise SharePoint 2013

With the release of SharePoint 2013, APP Model was the biggest change which made a big noise with Lots of Promises in the whole arena. Though you are having an In-Premise SharePoint environment, you can enable the APP Model to retrieve and add SharePoint Store Apps. This post was in my OneNote draft for so long and just found it to polish a bit and publish. Yeah I know I’m quite late 🙂

With this post we will go through the step by step guidance on configuring SharePoint APP Store for In-Premise Environments. Nothing much !, just to get few steps done properly. Take a note that your SharePoint Servers should have joined to AD to do this. This is not targeting standalone SharePoint deployments with Workgroups.

Assuming you already got a SharePoint 2013 Environment which could be Multi-Server or Single Server doesn’t matter at all. If you open up a Site you already have and go to Site Actions –> Add an App from the admin Panel, You will be directed to the local APPs Location of your site. And then If you switch to SharePoint Store from the left panel links it will direct to the SharePoint APP Store which looks like this.


Does it mean you have the APPS Configured and you can go ahead and Add any of them to enjoy ? Not really !. Just click on a one APP and try to add. ADD Button grayed out and Probably you can’t if you haven’t configured APPS for your Farm, that’s what the Yellow Balloon says right there below the ADD Button.


So let’s get this guy implemented so you can go ahead and play with so Cool APPs ! We need to achieve this scope to get it done.

  1. Configure APP Domain DNS Entries which Links APP Domain to SharePoint Farm
  2. Enabling Services
  3. Create Service Applications
  4. Configure APP URLs
  5. Create APP Catalog
  6. Enabling Internet Faced End-Points (Optional)

Make Sure Your Frontend Servers (if a Single Server that should have Internet) having Internet Access. Mostly the Production Environments are anyway has Internet for Frontends so not a big deal here.

1. Configure APP Domain DNS Entries

The Start we are going to take with little bit of DNS here. You should ask your AD team to set this up based on your inputs if you are not granted to deal with DNS.

First thing to create a New Zone for Your SharePoint APP Domain. Open up DNS console and right click on Forward Lookup Zones Under Root Server and Click on New Zone .


This Wizard will pop out. Simply hit next to start here.


Nothing to change here, Just leave it with default and ‘Next’. We are about to create a Primary DNS Zone for our APP Store.


Here too, nothing needs to be changed but depends on your Environment. I have only one Domain and one forest. Choosing first choice will be the highest level that applies for all the forests and domains you have if you are about to deal in a Large Environment.


Provide a name for the Zone here. Microsoft Recommends to go with a Root Level (contosoapps.com) unique domain for production environments. If you are having a environment which is production and externally accessed, It’s always best to have a purchased top level domain for this. simply give that name here and for me just a test one goes in.

apps.northwind.int is my sample apps domain to get this done. If you noticed that this is a child level one, yes it is but just for experimental purpose. Don’t go like this for productions.


Nothing here to change simply ‘Next’.


Hit ‘Finish’ to complete.


You will see the New Forward Look up zone created under our Root Server. Now to get the Alias Created for the created zone. Right click on the created Zone and click on ‘New Alias (CNAME) to create a one.


Fill the three fields here. Put the ‘*’ in to the Alias Name and FQDN should be the same name as you created the Zone for the APP Domain in the earlier step.


Browse to locate the FQDN for the Target host. Below box will appear and drill down in to the Forward Lookup Zones under out root Domain (northwind.int) and find the same as Parent folder with relevant subnet(Network). Choose it and click OK.


That completes the deal with DNS. Let’s check whether we have done it right so far.

Open up PowerShell on CMD from your Server SharePoint or AD Server. Try to Ping a third level entry like below.

anything.apps.contoso.com (anything-Tenant | apps.contoso.com – APP Domain)

Whatever the entry you put in to the third level here (my entry is ‘anything’ here) should resolve by the root level. That’s the whole idea and this is some kind of a Multi-Tenancy we are talking about. If the reply comes we are cool so far !


2. Enabling Services

Before we create Service applications, we now need to enable the Below highlighted Services. If any of these two services isn’t running on your farm, do not proceed with the next step which might cause issues. Get them in to running state first.

Launch the Central Administration and direct to Services on Server under the System Setting. Make sure these two services are in green state.

APP Management Service – Running

Microsoft SharePoint Foundation Subscription Settings Service – Running


3. Create Service Applications

Let’s create Service Applications for those two Services started. App management and SharePoint Subscription Settings Services Applications has to be created for specific purposes.

APP management Service Application is obviously the core while Subscription Setting Services takes care of tenancy. Both are key facts for the entire scenario.

We will be using a small script for this. copy these lines and customize Names such as Database, APP, Pool before you execute it.

   1: $account = Get-SPManagedAccount "Northwind\sp_farm_svc" 

   2: # Gets the name of the Farm administrators account and sets it to the variable $account for later use.


   4: $appPoolSubSvc = New-SPServiceApplicationPool -Name SubscriptionSettingsServiceAppPool -Account $account

   5: # Creates an application pool for the Subscription Settings service application. 

   6: # Uses the Farm administrators account as the security account for the application pool.

   7: # Stores the application pool as a variable for later use.


   9: $appSubSvc = New-SPSubscriptionSettingsServiceApplication –ApplicationPool $appPoolSubSvc –Name SubscriptionSettingsServiceApp –DatabaseName Northwind_Subscriptions_Service_AppDB

  10: # Creates the Subscription Settings service application, using the variable to associate it with the application pool that was created earlier.

  11: # Stores the new service application as a variable for later use.


  13: $proxySubSvc = New-SPSubscriptionSettingsServiceApplicationProxy –ServiceApplication $appSubSvc

  14: # Creates a proxy for the Subscription Settings service application.


   2: $account = Get-SPManagedAccount "Northwind\sp_farm_svc" 

   3: # Gets the name of the Farm administrators account and sets it to the variable $account for later use.


   5: $appPoolAppSvc = New-SPServiceApplicationPool -Name AppManagementServiceAppPool -Account $account

   6: # Creates an application pool for the Application Management service application. 

   7: # Uses the Farm administrators account as the security account for the application pool.

   8: # Stores the application pool as a variable for later use.


  10: $appAppSvc = New-SPAppManagementServiceApplication -ApplicationPool $appPoolAppSvc -Name AppManagementServiceApp -DatabaseName Northwind_AppManagementDB

  11: # Creates the Application Management service application, using the variable to associate it with the application pool that was created earlier.

  12: # Stores the new service application as a variable for later use.


  14: $proxyAppSvc = New-SPAppManagementServiceApplicationProxy -ServiceApplication $appAppSvc

To execute, right click on SharePoint management Shell and run it as administrator. Run one at a time as shown below. Each script creates a Specific Service Application for the subjected purpose. Direct to file location which you saved the script with .ps1 extension and hit ‘Enter’ to execute.


It won’t take more than a minute which depends on your server Performance. So that step completes Service Application Creation Part. Almost done here.

4. Configuring APP URLs

Now to configure the APP URLs based on our New APP Domains created. This is the Basic idea of the APP domain and App URL concepts. Hope you can grab an overall knowledge here.


Open up Central Administration and Direct to ‘APP’ Category from Root left panel.


Direct to Configure APP URLs from APP Management. It will pop out below page, Provide the APP Domain and Prefix based on the details of our Previous steps of APP Domain Creation. Prefix you will need to decide (not a big deal to think much about)


5. Create APP Catalog

So the next big step Is here, almost the final ! . From the APP Page shown above direct to ‘Manage APP Catalog’ which allows you to create a New Catalog. You should have created an New Web Application and a Site Collection under it in order to enable APP Catalog and Test it out. I have created a one here under Port 7070 just for experimenting.

Choose the Web Application from the dropdown shown in the screenshot and hit ‘OK’ to proceed.


Below Page will be appeared. Give it a Name (I don’t think anything else suits better than ‘APPCatalog’ here), URL and Primary Site Collection Admin and End Users. Hit ‘OK’ to complete and give it a moment to create.


Just Give it a while to create the catalog.


You Should be now able to see the created catalog.


Click on the Site URL and check whether you get it working.


6. Activating External Facing End-Points (Optional)

The SharePoint Store contains apps for SharePoint intended for use with sites that require Internet-facing endpoints. By default, these apps are not available (greyed out and cannot be purchased) because they are incompatible with most sites. However, if your farm is configured to allow internet-facing end points

and finally launch the Central Administration –> Application Management –> Manage Web Applications –> Manage Web Application Features –> Activate ‘Apps That Require Accessible Internet facing Endpoints’ feature.


That’s all on configurations. Let’s open our Target Site and check the APPS Thingy !!

Open up your Target Site (if you don’t have a one you should have created before the Catalog Creation) and try to add an App in to it.


It’s Not an Error here ! Select the Language as you are checking this out for first time. Click on the SharePoint Store from the Left Panel to grab online stored stuff.


There It opens the Store for your.


Just select a one you like and try to ADD. ofcource a FREE one First 🙂


We have to use a Windows Live Account for Adding the APP. I’m using my one here. Yep you can send me queries to the same address !!


Continue here.


So far so cool ! We got our very first custom APP Added to our Site.


When you add an APP Once it’s just once and can be used across the sites under ‘APPs You Can Add Category’ like you can see below.


Keep Loving SharePoint Folks, Lots more Impressive stuff yet to come ……………….