Error connecting to SharePoint Online with PowerShell

While I was doing some PowerShell scripting for a client, I received a weird error in SharePoint Online, the console it was throwing errors like “Unauthorized” and “…the web site does not support SharePoint Online credentials” even though my username and password is fine.

I tried with Connect-PnPOnline and other legacy commands, with the same bad result, but what is happenning backwards?

SharePoint Online has a setting named “LegacyAuthProtocolsEnabled” with the purpose “Prevents Office clients using non-modern authentication protocols from accessing SharePoint Online resources .”.

By default this is allowed in all tenants. But as an administrator it is possible to tighten up the security and disallow us to login with these non-modern approaches.

More details can be found here:


1. Start using modern authentication (recommended)

Check if your application support the use of modern authentication through either WebLogin or using application credentials (ClientId/ClientSecret) authentication. This is advice to be the recommended and a more secure approach.

2. Re-enable support for legacy apps

connect-sposervice “”
set-spotenant -legacyauthprotocolsenabled $True

Updating SharePoint Online tenant settings does not take immediate effect. So is it possible that you will need to wait a while, exact how long can be from from minutes to 24 hours with the different settings.

Till next time!



Unable to discover PowerShell endpoing URI error

While I was trying to connect to the S4B Online admin center by PowerShell I received the following error: “Unable to discover PowerShell endpoing URI”

I used the following PowerShell commands to connect to the admincenter:


So, as you can see the only method allowed to connect to the S4B admin center is by explicity using the domain:

$cssession = New-CsOnlineSession –Credential $credential –OverrideAdminDomain “”

It is very straightforward to solve the error, but I hope that it will help someone

How to replicate a SharePoint farm


The other day I found this interesting article from Nik Charlebois, he talks about how to automate a replicate farm of SharePoint, this farm can be used as development farm or even Test farm.

What he is explaining in the article, is how can we retrieve all the information from our SharePoint 2013/2016 farm by PowerShell (he wrote a PS1 to do that) and collect all this information to create a series of PowerShell codes.

Once this information has been retrieved, is it possible to replicate your environment to another location on-premises.

Hope it helps!


How to Disable “Open with Explorer” View


In a project we got a requirement to hide the “Open with explorer view” from the ribbon, this can be done by PowerShell by creating a custom action in the library/list

The following code will be used to hide the action from the ribbon:

$sites = get-spwebapplication http://yourwebappurl | Get-spsite -limit ALL
foreach ($site in $sites) {
foreach ($web in $site.AllWebs) {
foreach ($list in $web.Lists) {
$CustomAction = $list.UserCustomActions.Add()
$CustomAction.Title = "Hide Explorer View"
$CustomAction.Location = "CommandUI.Ribbon"
$CustomAction.commandUIExtension = "
<CommandUIDefinition Location='Ribbon.Library.Actions.OpenWithExplorer' />

After the code has been executed, the action will disappear from the ribbon.

If you need to recover the action from the ribbon, the following PowerShell can be used for this:

$CustomActionTitle = "Hide Explorer View"
$sites = get-spwebapplication http://yoururlwebapp | Get-spsite -limit ALL
foreach ($site in $sites) {
foreach ($web in $site.AllWebs) {
foreach ($list in $web.Lists) {
$CustomAction = $list.UserCustomActions | where {$_.title -eq $CustomActionTitle}

#Delete the custom action from list
if ($CustomAction)

That’s all!


Run IISReset on All Servers in your farm at the same time

In case you have a large number of servers in a farm, the following script will help you to do a iisreset in all servers at the same time:

#Specify servers in an array variable
[array]$servers = “Server1″,”Server2″,….”

#Step through each server in the array and perform an IISRESET
foreach ($server in $servers)
Write-Host “Restarting IIS on server $server…”
IISRESET $server /noforce
Write-Host “IIS status for server $server”
IISRESET $server /status
Write-Host IIS has been restarted on all servers

Till next time!

Enable remote PowerShell for SharePoint 2013

Hi all,

Due to requierements of a project I needed to explain to a customers how to enable remote PowerShell for SharePoint, so I decided to documentated it. In order to run SharePoint PowerShell, the following steps need to be followed:

On the SharePoint Server

Open local groups and add your user to the following groups:

  1. Remote Desktop Users
  2. WinRMRemoteWMIUsers__

Open the SharePoint Shell as admin an execute the following: Enable-PSRemoting -Force

Enable-WSManCredSSP -Role Server

winrm set winrm/config/winrs ‘@{MaxShellsPerUser=”25″}’

winrm set winrm/config/winrs ‘@{MaxMemoryPerShellMB=”600″}’ #is it possible to change to a higher value

Get-SPDatabase | Add-SPShellAdmin DOMAINUserName

#to give permission of shell admin to every SharePoint database

Type Get-SPShellAdmin  and The user you added should now be listed

Set-PSSessionConfiguration -Name Microsoft.PowerShell32 –ShowSecurityDescriptorUI

  1. This will open up a dialog box. Add the user(s) with Read and Execute permissions then click OK
  2. Run the command again to ensure the permissions were applied correctlty

Type Set-PSSessionConfiguration -Name Microsoft.PowerShell32 –ShowSecurityDescriptorUI

  1. This will open up a dialog box. Add the user(s) with Read and Execute permissions then click OK
  2. Run the command again to ensure the permissions were applied correctly

On the client Machine

Open PowerShell as Administrator

Enable-WSManCredSSP -Role client -DelegateComputer “SharePointServerName”

In case you receive an error like “Enable-WSManCredSSP : The client cannot connect to the destination specified in the request. Verify that the service on the
destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination
to analyze and configure the WinRM service: “winrm quickconfig”.

Will say that in Windows 7 or Windows 8.1 or Windows 10 your Windows Remote Management service is not started, and also not set in Automatic Startup mode, to set Windows Remote Management Service just run following cmdlets:

Set-Service winrm -StartupType Automatic
get-service winrm | Start-Service


$s=new-PSsession “SharePointServerName” -authentication credssp -credential $cred

Invoke-Command -Session $s -ScriptBlock {Add-PSSnapin Microsoft.SharePoint.PowerShell;}

And you are ready to go, if you need more info abou the process, you can visit the following post for more info or post in the comments and I will try to help you

Access Requests in SharePoint

The access request feature allows people to request access to content that they do not currently have permission to see. As a site owner, you can configure the feature to send you mail when someone requests access to a site. You can then choose whether to approve or decline their request. If you approve the request, you can also specify the specific level of permission you’d like to assign to a user.

But, if you are in my case that I needed to configure the access request in all the web app, you can use the following PowerShell:

$spsites = get-spsite -Limit All

foreach($spsite in $spsites)


foreach($SPweb in $spsite.AllWebs)


# if a site inherits permissions, then the Access request mail setting also will be inherited

if (!$SPweb.HasUniquePerm)


write-host $SPweb "Inheriting from Parent site";




$SPweb.RequestAccessEmail = "";


write-host $SPWEB "Configured"




Hope it helps!