4 ways to fix error AADSTS65001 (The user or administrator has not consented to use the application)

Azure AD Login error

Fixing issues with Azure AD authentication for Enterprise applications can be tricky. This article contains multiple different fixes to an issue, where granting admin consent has somehow failed. Not all of the different solutions will work for all situations, though! That’s why I included a couple of different options to try… 🙂

Why do you even get issues with Admin Consent (like AADSTS65001)?

You’re trying to add or use an app, that requires such permissions from your tenant, that can only be granted by an administrator. Typically this app has to be added by a global administrator. If it’s an enterprise application, it could also be in an invalid state after someone tried adding the app without sufficient permissions.

Our investigation was focused on a mobile app, that’s deployed as an enterprise app. Most of the things should apply for web-based apps or console programs or whatever else you’re deploying, too.

The whole error might look something like this: Continue reading

The effect of using Managed Navigation instead of Structural on SharePoint Online

SharePoint_aint_broken

 Have you ever noticed that your SharePoint site just gets slower and slower? That’s probably because the performance of Structural Navigation is absolutely horrible, especially vs. Managed Navigation. This blog post includes our findings about the issue, and I also include some explanation of the reasons behind the difference and a simple comparison to Search-based navigation.

Continue reading

Solving Microsoft Teams Licensing Error “errorCodeTeamsDisabledForTenantForbidden”

Launching Microsoft Teams

This post explains how to fix the “errorCodeTeamsDisabledForTenantForbidden” error when trying to add guest users to Microsoft Teams channel. This issue might arise when a user is invited to a channel in your organization’s Microsoft Teams for the first time. Fixing it usually just requires a flip of a switch, but might also include some waiting.

Symptoms

You get an error screen like this, when trying to join a Teams channel as a guest user.

Teams Guest access error

Teams Guest access error

No fear, though – likely an easy fix!

Continue reading

Google Analytics with SharePoint

Google Analytics logo

This post describes why it’s beneficial to use a user analytics tool in your intranet. I use Google Analytics as an example of such tool, and different deployment options for SharePoint intranets are covered briefly.

Why would I use Google Analytics with my SharePoint intranet?

In general, it’s absolutely necessary for you to know your users, if you want to deliver an enjoyable user experience. One key aspect of knowing them is knowing what they do, while they use your system or service. SharePoint being a web-based software, it’s quite logical to use one of the many user analytics suites available for web sites to also analyze your intranet users.

Continue reading

Remove-SPODeletedSite – Actually removing a SharePoint Online Site Collection

Delete site collection

This post describes the actual, working and fast process of removing a site collection in SharePoint Online using the Remove-SPODeletedSite commandlet in SharePoint Online Management Shell (a flavor of PowerShell).

Description

Sometimes you need to get rid of a site collection you’ve created in SharePoint Online. The most typical example perhap being removing the team site created for a group of people working together. That’s pretty simple and there are a few ways of doing that – namely, deleting the site from Site Settings or removing the site collection from SharePoint Administration. However, sometimes you need to recreate a new site using the same url as the one you removed – and that’s not going to be possible.

"Delete this site" on SharePoint Online

“Delete this site” on SharePoint Online

Delete site collection

Delete site collection on SharePoint Administration

Why is that, you ask?

Well, after you remove the site collection, it actually goes to the recycle bin. The bad thing is, that this recycle bin is NOT accessible using web browser, but only by PowerShell. SharePoint Online still reservers that url for the site, though, so you can’t create a new one with the same url!

Continue reading

Solving Azure Web Application’s first load perfomance issues

Microsoft Azure logo

Is your Azure Web Application suffering from absolutely horrible load times every time someone access it for the first time every 15 minutes or so? Mine was.

I was developing a web-based service using EF6 and ASP.NET MVC 5, where all the assets were hosted in the Azure. Even though the app was reasonably lightweight and usually responded very fast, the first time someone accessed it in a while it took 20-60 seconds to load AND sometimes even timeouted (especially with mobile clients). Load testing revealed only the what I already knew: initial load times were horrendous, but after that everything worked fine. I did eventually find the solution, though!

Continue reading

Disabling anonymous access on a single site through PowerShell

Anonymous access in SharePoint 2013

This post is about managing Anonymous Access on a SharePoint site (SPWeb) using PowerShell commandlets. It’s often a lot more feasible and even easier than using the browser interface!

Description

Assume you have a site collection that’s published to the whole world. You’ll have anonymous access enabled at both web application and site collection -levels, and configured permissions at the root web -level. Now, let’s assume you want to disable anonymous access on a certain site deeper in the site structure. This way anonymous users could access your site at http://site.com and http://site.com/subsite, but not at http://site.com/subsite/deepsubsite. As an added bonus, that web would even be removed from the navigation for anonymous users (security trimming).

Solution(s)

Of course, you could do this through site permissions -page via browser (http://site.com/_layouts/15/user.aspx) by breaking permissions inheritance and disabling anonymous access, but there are multiple situations when this is not feasible – say, for example, that you already have a redirection for that certain url set in the IIS or gateway, and can’t access the page. Luckily, this can also be done with PowerShell.

 

This is a lot faster than through browser, right? 🙂 Just remember to use the right url for the web, SharePoint will find out the right zone for you!