question

MichaelHan-MSFT avatar image
0 Votes"
MichaelHan-MSFT asked BakerKong-MSFT answered

Issue while Adding Tenant admin to a sharepoint site in office 365 using CSOM.

we have a requirement for which we are creating an automated process to get site owners/ members of site owner group using azure function with Tenant Admin Creds. However there are few confidential sites where a tenant admin that doesnt have access. The plan is to add the tenant admin to the site collection as site admin get the site owner info and then remove the permission of the tenant admin from these site. I found a piece of code from Link to add tenant admin as in the site collection.

 using (ClientContext clientContext = new ClientContext("https://testtenant-admin.sharepoint.com"))
             {
                 clientContext.Credentials = new SharePointOnlineCredentials(userMail, password);
                 var tenant = new Tenant(clientContext);
                 List<string> siteCollList = new List<string>();
                 int startIndex = 0;
                 SPOSitePropertiesEnumerable siteProperties;
                 do
                 {
                     //Get urls of site collections in the tenant in batches of 300 (Does not include the OneDrive for Business sites)
                     siteProperties = tenant.GetSiteProperties(startIndex, false);
                     clientContext.Load(siteProperties, siteProps => siteProps.Include(site => site.Url));
                     clientContext.ExecuteQuery();
                        
                     //Iterate the site collectio urls
                     foreach (var siteProperty in siteProperties)
                     {
                            
                         try
                         {
                             siteCollList.Add(siteProperty.Url);
                             if (siteProperty.Url.Contains(@"https://testtenant.sharepoint.com/sites/GetSiteOwnerSite"))
                             {
                                 //assign the specified user (current user in this case) as the site collection admin. 
                                 tenant.SetSiteAdmin(siteProperty.Url, "amteam@testtenant.com", true);
                                    
    
                                 clientContext.ExecuteQuery();
    
                                 System.Console.WriteLine(siteProperty.Url);
                             }
                         }
                         catch (Exception ex)
                         {
                             System.Console.WriteLine("Error on: " + siteProperty.Url + " " + ex.Message);
                         }
                     }
    
                     startIndex += 300;
    
                 } while (siteProperties.Count >= 300);
             }

The issue that I am facing with this is that siteProperties = tenant.GetSiteProperties(startIndex, false) is only getting me the classic sites and not the modern sites for some reason and hence I am not able to add tenant admin.

Is this an expected behavior. what can i do to add tenant admin to any site collection even if the tenant admin doesnt have permission to that specific site. With UI it is possible to add tenant admin to a site collection via admin centre.

Source link from TechNet


office-sharepoint-online
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

BakerKong-MSFT avatar image
0 Votes"
BakerKong-MSFT answered

Hi MichaelHan-MSFT,

If you want to enumerate all sites including modern sites, please take a reference of the below method:

In the tenant admin site, there is a hidden list named DO_NOT_DELETE_SPLIST_TENANTADMIN_AGGREGATED_SITECOLLECTIONS that store a copy of aggregated site collections data from all contentdb.

You can get it like below: 

 var siteurl = "https://tenant-admin.sharepoint.com"  // Tenant site!
  List AllSiteList = Context.Web.Lists.GetByTitle("DO_NOT_DELETE_SPLIST_TENANTADMIN_AGGREGATED_SITECOLLECTIONS");
  ListItemCollection AllSiteItems = AllSiteList.GetItems(CamlQuery.CreateAllItemsQuery());
                    
  Context.Load(AllSiteItems);
  Context.ExecuteQuery();

The corresponding rest api is:

 /_api/web/lists/getbytitle('DO_NOT_DELETE_SPLIST_TENANTADMIN_AGGREGATED_SITECOLLECTIONS')/items

Best Regards,
Baker Kong

If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.