To configure Azure Active Directory for Content Registration you need to be an Azure AD Global Administrator or Application Administrator.
To run the Content Registration script, you need user accounts that can access the content you are looking to register in SharePoint Online or OneDrive for Business, as well as for Records365. These may not be the same credentials. Users backed by Active Directory Federated Services (ADFS) or that have Multi-factor Authentication (MFA) enabled are not currently supported.
Once the relevant Connector has been set up and enabled, any new documents created in SharePoint Online or OneDrive for Business, and any modifications to existing documents, will be managed by Records365. What about any existing content that pre-dated the Connector, you may ask?
The Content Registration process provides a tailored method of locating documents and folders in SharePoint Online or OneDrive for Business and passing them to their respective Connector for submission to Records365.
The Content Registration process for SharePoint Online and OneDrive for Business requires a level of familiarity with Microsoft PowerShell and the ability to install client libraries and PowerShell modules. Most likely, an Administrator or IT professional will be required for some or all of this process.
Please, feel free to contact our support team at firstname.lastname@example.org to obtain the script and to ensure that you have the required level of technical support to successfully complete the process.
Content Registration Architecture
Content Registration is a scripted process driven by Microsoft PowerShell. RecordPoint provides a template script that you can customize according to your requirements and Records365 exposes an API endpoint that this script will call with the details of the documents to be registered by the relevant Connector.
To securely authenticate against SharePoint Online or OneDrive for Business and submit content to Records365, a number of prerequisites are required:
- User Credentials that have access to the relevant location in SharePoint Online and OneDrive for Business.
- User Credentials for Records365. These may not be the same credentials. See how to Add Users to Records365.
- Azure AD Native Application Registration to delegate authentication to Records365 to the Content Registration script.
Registering an Azure AD Native App
Please note that this process is subject to changes from Microsoft. Please refer to Microsoft Documentation if you’re having difficulties.
- Sign in to the Azure portal.
- If your account gives you access to more than one, click your account in the top right corner, and set your portal session to the desired Azure AD tenant.
- Search for App Registrations, and then click New Registration.
- On the Register an application page, enter the following information and click Register:
- Name: Content Registration for Records365.
- Supported account types: Select “Accounts in any organizational directory (Any Azure AD directory – Multitenant)”.
- Redirect URI:
- Select “Public client/native (mobile & desktop)”
- Enter “https://login.microsoftonline.com/common/oauth2/nativeclient”
- You will be taken to the application’s main registration page.
- Make a note of the Application (client) ID value. This will be required to run the Content Registration script.
- Make a note of the Application (client) ID value. This will be required to run the Content Registration script.
- Click on Authentication on the sidebar:
- Select “Yes” for the “Treat application as a public client.” option
- Click “Save” at the top
- Click on API permissions on the sidebar:
- Click Add a permission.
- Click the APIs my organization uses tab.
- Search for ‘Records365’ and click on it.
- Select user_impersonation (Access Records365) under Permissions.
- Click Add permissions.
- Grant Admin Consent for the recently added permission
Running the Content Registration script
SharePoint Client Side Libraries
The Content Registration script uses the SharePoint Online Client Side Object Model to connect to SharePoint Online or OneDrive for Business. The Microsoft.SharePoint.Client and Microsoft.SharePoint.Client.Runtime libraries must be present in the /bin folder in the directory where the script is run. Please use version 16.1.6420.1200 or later of CSOM. RecordPoint provides these libraries with the Content Registration script.
Azure AD PowerShell module
A specific version of the Azure AD PowerShell module must be installed to run the script. Install from the Powershell Gallery by running Install-Module AzureAD -RequiredVersion 184.108.40.206.
The Content Registration script requires a number of parameters. These describe:
- The Records365 tenant where the script should submit content.
- The SharePoint Online or OneDrive for Business locations to connect to and find content.
- Authentication for Records365 and SharePoint Online or OneDrive for Business.
- Settings that determine how the script runs.
|ServiceUrl||Records365 Authentication||The URL of the Records365 Content Registration API endpoint. See below for your relevant URL.|
|ServiceUsername||Records365 Authentication||The account used to access the Records365 tenant.|
|ServicePassword||Records365 Authentication||The password of the Records365 tenant. This must be passed to the script as a SecureString.|
|ConnectorId||Records365 Authentication||The ID of your SharePoint Online or OneDrive for Business Connector in Records365. See Connector ID.|
|Tenant||Client Authentication||The name of your Azure Active Directory tenant, eg: contoso.com|
|ClientId||Client Authentication||The Client ID of the Native Application that represents the user when interacting with the Records365 APIs.|
|WebUrl||Client Authentication||The URL of the SharePoint Online or OneDrive for Business site. May be a root site and must end with a “/”.|
|UserName||Client Authentication||The username of the account that has access to the SharePoint Online or OneDrive for Business site.|
|Password||Client Authentication||The password of the account that has access to the SharePoint Online or OneDrive for Business site. This must be passed to the script as a SecureString.|
|Context||Settings||The starting point in your SharePoint Online or OneDrive for Business site for the script to recursively look for content to submit to Records365. May be either Site, Web, List, Folder or Item.|
|Audience||Static||This value is always: https://recordpoint.com/rpfabric|
These parameters describe where the script will look for content to submit to Records365. The script is recursive – for example, if the Context supplied is List, then the script will submit all documents or list items contained within the List or Document Library provided by ListTitle, including any folders within that List or Library. Both Site and Web Contexts use the WebUrl parameter supplied above and do not require additional parameters for Context.
|ListTitle||List||The name of a List that the script will target when the Context is List or Item.|
|ItemTitle||Item||The title of a List Item in a custom List, or the filename (“FileLeafRef”) of a Document in a Document Library when the Context is Item. Also requires ListTitle.|
|FolderPath||Folder||The path (Web Relative URL) to the Folder when the Context is Folder. Must not be prefixed with “/” – eg: Contracts/Subcontract.|
|ScriptMode||Settings||Either “Interactive” or “NonInteractive”. Interactive prompts for parameters, whereas NonInteractive expects parameters to be supplied. Defaults to Interactive.|
|LogToFile||Settings||When True, all events are saved to a log file. Defaults to True.|
|LogToScreen||Settings||When True, all events displayed on screen inline, otherwise events are displayed in a progress window above the script. Defaults to False.|
|PreviousVersionsOnly||Settings||When True, previous versions of SharePoint Online items will be registered in Records365. Defaults to False, where only the latest version will be registered.|
|VersionsStartDate||Settings||Date time as a UTC formatted string. Used as the lower bound of a data range for submitting previous versions. If not supplied then there is no lower bound.|
|VersionsEndDate||Settings||Date time as a UTC formatted string. Used as the upper bound of a data range for submitting previous versions. This parameter is Mandatory when PreviousVersionsOnly is True.|
# Create SecureString password for service [SecureString] $svcPasswordSecure = ConvertTo-SecureString -String "<ServicePassword>" -AsPlainText -Force# Create SecureString password for SPO [SecureString] $spoPasswordSecure = ConvertTo-SecureString -String "<ServicePassword>" -AsPlainText -Force .\SPOContentRegistration.ps1 -ServiceUrl "https://<ServiceUrl>/" -ServiceUsername "<ServiceUsername>" -ServicePassword $svcPasswordSecure -WebUrl "https://<SharePointUrl/Site/SubSite>/" -ListTitle "ListName" -Context List -UserName "<UserName>" -ConnectorId <ConnectorId> -Tenant "<Tenant>.onmicrosoft.com" -Audience "https://recordpoint.com/rpfabric" -ClientId <ClientId> -Password $spoPasswordSecure
To retrieve your Connector ID for SharePoint Online or OneDrive for Business, go to the Connector Gallery by clicking the cog icon in the top right of the screen. Then, click on your SharePoint Online or OneDrive for Business connector tile in the gallery. Your Connector ID will be visible in the Address Bar at the top of your browser window:
Your connector settings will influence on what is submitted to Records365. To make sure the script behaves as you expect, we suggest you review your connector settings by going to the connectors gallery and clicking on the connector you will be performing Content Registration.
Currently, there are two versioning level settings:
- Major Only where the connector submits only records that have their latest changes published or as a major version in the content source (1.0, 2.0, etc)
- Minor and Major where the connector submits both minor and major version changes from the content source (1.0, 1.1, etc)
Registering Previous Versions
In addition to registering the latest version of your SharePoint Online items in Records365 you can choose to register only previous versions of items. This allows you to have a full historical view of the metadata of SharePoint Online items from within Records365. This information will then be available in Records365 and continues to be available in SharePoint Online to your content creators.
To register previous versions of SharePoint Online content in Records365 there are three key parameters;
PreviousVersionOnly, dictates whether previous versions or latest versions only are to be registered. When registering previous versions you can specify which versions to register, as you may only require a certain subset. To limit those registered, the VersionsStartDate and VersionsEndDate parameters need to be supplied. At a minimum the VersionsEndDate needs to be supplied, which limits versions that were created prior to the specified date. Records365 supports registering versions in batches of up to 1000. If a date range specified by the start and end date results in more than 1000 items, the request will be rejected. In such cases we suggest the following;
- fine tune the supplied date time ranges
- remove any versions not required from SharePoint Online
For more information on these parameters, see above Optional Parameters section.