AXForum  
Вернуться   AXForum > Microsoft Dynamics AX > DAX Blogs
All
Забыли пароль?
Зарегистрироваться Правила Справка Пользователи Сообщения за день Поиск

 
 
Опции темы Поиск в этой теме Опции просмотра
Старый 17.10.2024, 07:13   #1  
Blog bot is offline
Blog bot
Участник
 
25,617 / 848 (80) +++++++
Регистрация: 28.10.2006
ievgensaxblog: MSDyn365FO. Configure SharePoint storage with Sites.Selected permissions
Источник: https://ievgensaxblog.wordpress.com/...d-permissions/
==============

Earlier this year, Satya Nadella sent a note to Microsoft employees, emphasising the need to prioritise security above all else. In line with this directive, the new “SharePoint user authentication” feature is introduced in 10.0.40, enabled by default in 41. Given that security is the highest priority, Microsoft provides guidance on how to set this up without any granular permissions Steps provided require granting the Microsoft Dynamics ERP service principal full access to all SharePoint sites that is very secure indeed. Currently, using Sites.Selected is not supported.

However, you are covered, below is a PowerShell script that will get you there

$tenantid = ""#guid, can get using https://companyname.sharepoint.com/sites/sitename/_api/site/id$siteid = ""$sharePointScope = "Sites.Selected"Connect-MgGraph -TenantId $tenantid -Scope AppRoleAssignment.ReadWrite.All#Office 365 SharePoint Online first party app $sharePointServicePrincipal = Get-MgServicePrincipal -Filter "AppId eq '00000003-0000-0ff1-ce00-000000000000'"$sharePointRole = $sharePointServicePrincipal.AppRoles | ? Value -eq $sharePointScope#Microsoft Dynamics ERP first party app $appSp = Get-MgServicePrincipal -Filter "AppId eq '00000015-0000-0000-c000-000000000000'"write-output $ObjectId$appRoleAssignment = @{ "principalId" = $appSp.Id "resourceId" = $sharePointServicePrincipal.Id "appRoleId" = $sharePointRole.Id}New-MgServicePrincipalAppRoleAssignment -ServicePrincipalId $appSp.Id -BodyParameter $appRoleAssignment | Format-ListConnect-MgGraph -TenantId $tenantid -Scope AppRoleAssignment.ReadWrite.All$targetSite = Get-MgSite -SiteId $siteidNew-MgSitePermission -SiteId $targetSite.id -Roles @("write") -GrantedToIdentities @(@{Application=@{Id=$appSp.AppId;DisplayName=$appSp.AppDisplayName}}) -Verbose

Источник: https://ievgensaxblog.wordpress.com/...d-permissions/
__________________
Расскажите о новых и интересных блогах по Microsoft Dynamics, напишите личное сообщение администратору.
 

Похожие темы
Тема Автор Раздел Ответов Посл. сообщение
ievgensaxblog: D365FO. Working with Azure File storage. Blog bot DAX Blogs 0 16.07.2017 13:14
atinkerersnotebook: Creating Your Own Document Management System With SharePoint Blog bot DAX Blogs 0 02.10.2013 21:12
Microsoft Dynamics CRM Team Blog: Understanding Storage and Storage Notifications in Microsoft Dynamics CRM Online Blog bot Dynamics CRM: Blogs 0 25.07.2013 08:12
gustafwesterlund: SharePoint as document management storage for Dynamics CRM Blog bot Dynamics CRM: Blogs 0 12.11.2012 01:12
Microsoft Dynamics CRM Team Blog: How To: Configure Tracing for Microsoft Dynamics CRM List Component for Microsoft SharePoint Server 2010 Blog bot Dynamics CRM: Blogs 0 21.12.2010 23:12

Ваши права в разделе
Вы не можете создавать новые темы
Вы не можете отвечать в темах
Вы не можете прикреплять вложения
Вы не можете редактировать свои сообщения

BB коды Вкл.
Смайлы Вкл.
[IMG] код Вкл.
HTML код Выкл.
Быстрый переход

Рейтинг@Mail.ru
Часовой пояс GMT +3, время: 08:26.