Microsoft Office 365
- Andrea Harvey
- Lindsey Byers (Deactivated)
On This Page
- 1 Microsoft Office 365 Connection Overview
- 2 Create Connection | User Interface
- 3 Features and Limitations
- 3.1 Files/Folders
- 3.1.1 File and Folder Name Restrictions
- 3.1.2 Connection Pooling
- 3.1.3 Delta Job Runs
- 3.1.4 Disabled Users
- 3.1.5 HTML Files
- 3.1.6 Invalid Characters and Spaces
- 3.1.7 Language Translation
- 3.1.8 Link Remediation
- 3.1.9 Lock Events
- 3.1.10 Mapping
- 3.1.11 Metadata Mapping
- 3.1.12 OneNote Files
- 3.1.13 Permissions Preservation
- 3.1.13.1 Inherited Library Permissions
- 3.1.14 Timestamps
- 3.1.15 Version Deletes
- 3.1 Files/Folders
- 4 Corrupt Files
- 5 Platform Item Exception Errors
- 6 Transfer Content to SharePoint Online Shared Document Library | Connection URI and Path Example
- 7 Create Connection | REST API
- 8 Create Job | Impersonation with Admin Connection
- 9 Create Job | with Tenant Level Connection
Microsoft Office 365 Connection Overview
DryvIQ connections to the Microsoft Office 365 platform can be made by using an administrator account with the proper privileges to manage Office 365 configurations. The connection can be made to a single site or to a site collection/tenant root. DryvIQ creates the connection using the OAuth 2.0 flow to simplify login and connection management.
Create Connection | User Interface
Select Connections > Add connection.
Select Microsoft Office 365 as the platform on the Add connection modal.
Enter the connection information. Reference the table below for details about each field.
Select Sign in with Microsoft Office 365.
Enter the email for the account being used to create the connection and click Next. You must use an admin account with the proper privileges to manage Office 365 configurations.
Enter the password for the account and select Sign in.
You will see a "Connection test succeeded" message on the Add connection modal. (If you don't see this message, repeat the sign in and authorization steps above. If the connection fails, verify the URL. DryvIQ cannot create the connection if the URL is incorrect.)
Select Done to finish creating the connection.
Add Connection Modal - Microsoft Office 365
Field | Description | Required |
|---|---|---|
Display as | Enter the display name for the connection. If you will be creating multiple connections, ensure the name readily identifies the connection. The name displays in the application, and you can use it to search for the connection and filter lists. If you do not add a display name, the connection will automatically be named using the URL. For example, Microsoft Office 365 (https://mycompany.sharepoint.com/). If it will be useful for you to reference the connection by account, you should use the default name. | Optional |
URL | Enter the URL of your Office 365 account. You can find the URL by logging into Microsoft Office 365 using the account you want to use to create the connection. The URL in the address bar is the URL you need to use. It will look something like "https://mycompany.sharepoint.com/_layouts/15/viewlsts.aspx?view=14," where mycompany will be the site name of your company. You can copy and paste the full URL or only the part before layouts "layouts" (https://mycompany-my.sharepoint.com/). DryvIQ will ignore the extra part of the URL in most cases. If the connection fails, verify the URL. DryvIQ cannot create the connection if the URL is incorrect. When entering the the path for a tenant-level connection, you need to use %252F instead of a / between “sites” and the site name (for example, /sites%252FTestSite versus /sites/TestSite). | Required |
Token endpoint | This setting is rare for most Microsoft connections and can be left blank. If needed, this value will be provided by your administrator. | Optional |
Graph API endpoint | This setting is rare for most Microsoft connections and can be left blank. If needed, this value will be provided by your administrator. | Optional |
External users notification | This indicates if you want to send notifications to external users. The default value is No, so no notifications will be sent. If you select Yes, notifications will be sent to external users when they have been granted access to content based on permissions. | Optional |
Set Tenant Level Connection | This indicates if the connection should be set at the tenant level. The default value is No, so the connection will be set based on the URL provided. If you select Yes, the connection will override the URL provided and connect to {tenant}-admin.sharepoint.com. Using a tenant level connection allows one connection to be used to create jobs that point at different site collections. When creating a job using the Microsoft Office 365 connection, you will need to make the root an actual site collection since DryvIQ cannot create a new site. Currently, SharePoint Online does not prevent you from creating a document library (subsite) named “sites.” If you will be using a tenant-level connection to SharePoint, you must ensure your site does not contain a document library (subsite) named “sites.” Otherwise, all data for the migration will be transferred to the “sites” library rather than the top-level site. Since “sites” is a managed path in SharePoint, you will not be able to browse to this location to locate the data. | Optional |
Behavior When Deleting Items | Select the type of delete DryvIQ should perform when deleting items: Permanent or Soft. Soft delete is the default delete behavior; however, Permanent is the recommended behavior. A soft delete marks items as a deleted. You can still access them to restore or permanently delete the items. A permanent delete removes the items. This delete is not reversible. | Optional |
Microsoft Sign In Modal
Connection Test Succeeded
Features and Limitations
Platforms all have unique features and limitations. DryvIQ’s transfer engine manages these differences between platforms and allows you to configure actions based on Job Policies and Behaviors. Utilize the Platform Comparison tool to see how your integration platforms may interact regarding features and limitations.
The service account you use to connect to your SharePoint Online must be a Site Collection Admin on every SharePoint site to which DryvIQ needs to migrate content.
SharePoint Tenant Connections must have full control of the SharePoint admin site ({tenant}-admin) as well. This is done by adding the Service Account to the SharePoint admin role in the Office 365 Admin Center (https://admin.microsoft.com).
OneDrive for Business Connections are automatically configured to the Documents library.
When configuring your job JSON, do not include "Documents" in the location path to point to the built-in documents library; you must use “/Shared Documents” for this particular built-in document library.
The correct configuration path is /FolderName.
If you will be using a tenant-level connection to SharePoint, you must ensure your site does not contain a document library (subsite) named “sites.” Otherwise, all data for the migration will be transferred to the “sites” library rather than the top-level site. Since “sites” is a managed path in SharePoint, you will not be able to browse to this location to locate the data.
Files/Folders
Office 365 has the following file/folder restrictions.
Supported Features | Unsupported Features | Other Features/Limitations |
|---|---|---|
Invalid characters: | " \ / : * ? < > | ||
File size maximum: 250 GB Microsoft limit | ||
Segment path length: N/A | ||
Path length maximum: 400 | ||
(See Mapping below for more information) | Maximum number of files per folder: 5000 | |
Maximum Enterprise Keyword length: 255 characters | ||
Restricted characters in Enterprise Keywords: < and > | ||
(See Metadata Mapping below.) | No leading whitespace | |
No trailing periods and whitespace. | ||
If a file extension is present, trailing periods and whitespace are allowed before the extension | ||
No non-printable ASCII characters | ||
Transferring Microsoft Lists is not supported. |
File and Folder Name Restrictions
The following are restricted file/folder names.
_vti_test
CON
PRN
AUX
NUL
COM0
COM1
COM2
COM3
COM4
COM5
COM6
COM7
COM8
COM9
LPT0
LPT1
LPT2
LPT3
LPT4
LPT5
LPT6
LPT7
LPT8
LPT9
For more information on Office 365 restrictions, see Microsoft’s official documentation.
Connection Pooling
Microsoft Office 365 connections using OAuth 2 authentication may experience bandwidth throttling from Microsoft when using connection pooling.
Delta Job Runs
After the initial transfer of an item using a Microsoft SharePoint connection, DryvIQ will leverage Microsoft’s change tracking API on delta job runs to identify changes. This results in fewer Graph API requests and shorter job execution times.
Disabled Users
The Microsoft Office 365 Connector supports author/owner preservation for disabled users in the following cases:
When content is being migrated using the SharePoint Migration API (which happens by default during the initial migration job execution), DryvIQ will preserve author/owner for disabled users.
When the migration job is creating the destination root folder (the root folder selected for the job doesn’t exist and needs to be created), the owner/author for the disabled user will only be preserved if DryvIQ is able to resolve the user through the
EnsureUserCSOM API method or the_api/web/siteusersREST API call. Depending on the state of the disabled user's information in SharePoint, these API calls may not return the required IDs DryvIQ requires to set the user as the owner/author.
HTML Files
SharePoint online does not support uploading HTML files larger than 256 MB. If your migration includes HTML files that exceed this limit, the file transfer will fail, and an entry will be logged in the audit with the following message: "Unable to interpret the contents of this page because it exceeds the maximum page size of 268435456 bytes.”
Invalid Characters and Spaces
DryvIQ verifies file and folder names to identify unsupported characters based on the platform. Invalid characters are handled according to the Allow unsupported file names to be changed setting for the job.
If the setting is disabled, DryvIQ will throw an exception when it encounters a file or folder that cannot be migrated due to an unsupported character in the name.
If enabled, DyvIQ will replace invalid characters with an underscore (_) or UTF8 encoding based on the option selected. This will allow the files and folders to be transferred. The logic includes leading and trailing spaces in file and folder names. DryvIQ replaces the space rather than trimming it because trimming the space could cause duplicate file names. Adding the underscore ensures the name remains unique.
DryvIQ will sanitize file names that contain combined Unicode characters by replacing the characters with an underscore (_).
Language Translation
DryvIQ does not support translation when migrating between SharePoint sites that have different default language configurations.
Link Remediation
When remediating links from Microsoft Office 365, only links in the following formats are supported:
http://sharepoint.com/123/abc.txt
https://skysyncdesktop.sharepoint.com/123/456
http://sharepoint.com/_layouts/15/doc.aspx?sourcedoc=%7bf79c7ceb-c458-4c5d-bc51-4e76a280fd4a%7d&action=edit
https://skysyncdesktop.sharepoint.com/:x:/r/_layouts/15/Doc.aspx?sourcedoc=%7BD1825663-F6D6-4277-BE01-F5E8B67CA932%7D&file=Book.xlsx&action=default&mobileredirect=true
Lock Events
Graph API does not support lock event detection without the use of a separate API call, which will slow down change detection. The workaround is to disable native event detection to transfer locks in each job run or to use a soft reset to transfer locks as needed.
Mapping
When creating CSV mapping files for import, the usernames must be lowercase to properly adhere to the search requirements for the connector.
Metadata Mapping
If a library requires specific metadata but the metadata is missing from a file being copied into the library, the file will be flagged and will not transfer on subsequent jobs runs. If you have files stuck in a flagged state due to missing metadata, you may need to manually transfer the files and add the required metadata.
OneNote Files
DryvIQ supports transferring OneNote files from any source connector.
Permissions Preservation
The following rules will be used when transferring permissions to Office 365.
If a user account is granted permissions to a file and the user is a member of a group that has greater or equal permissions to that file, no permissions changes will be made. The operation will show as succeeded, and no permissions will have changed. This behavior applies to both inherited and unique permissions scenarios.
If a user account is granted permissions to a file and the user is a member of a group that has lesser permissions to that file, inheritance will be broken, and the file will gain unique permissions for the user. The user account will be added with the requested permissions.
If a user account is granted permissions to a file and the user is not a member of a group that has permissions to that file, inheritance will be broken, and the file will gain unique permissions. The user account will be added with the requested permissions.
If a group is granted permissions to a file, inheritance will be broken, and the file will gain unique permissions. The group will be added with the requested permissions.
Inherited Library Permissions
If DryvIQ is not able to obtain the inheritance settings for a document library (due to an error during the request or other unknown application error), DryvIQ will produce an ”Unable to determine Document Library permissions inheritance. Retry the item to resolve the issue. Contact support if the problem persists” exception for all items in the batch request. All items will be set to a retry status. This allows DryvIQ to retry obtaining inherited permission settings rather than making assumptions about the library’s unique permissions and enabled inheritance.
Timestamps
There is a discrepancy in timestamps for the SharePoint Online Folder Created Date when using CSOM and Batch Mode. This behavior is a known issue within OneDrive for Business/Office 365.
DryvIQ will attempt to preserve timestamps on folders when using both CSOM and the batch API. However, SharePoint Online updates the folder's modified dates whenever a file is uploaded into it. As a result, when using CSOM, the timestamps will be preserved when the folder is initially created but then updated after every file that gets uploaded. When using batch API, it preserves the timestamps on the folders after all of the files within the batch are committed. This is the cause for the discrepancy between the two methods.
Version Deletes
Version deletes are supported.
Corrupt Files
If you see “Error=Value=CobaltAllZerosDetected” errors in the logs, the file that triggered the error will not be uploaded to SharePoint online. Microsoft produces this error for files it considers to be corrupt.
Platform Item Exception Errors
DryvIQ uses a batch job (uploading multiple files and committing them to the destination asynchronously) to migrates files that do not exist to Microsoft Office 365 or OneDrive for Business connections since this is the best practice for storage providers that offer batch support. If Microsoft responds with an “item already exists” during a batch migration job, DryvIQ compares the latest set of item properties (modified, versions and number of bytes) to the item properties in the batch job. If the properties on the existing destination file do not match the properties in the batch job, DryvIQ will generate an error identifying the conflicting properties as in the example below.
PlatformItemOutOfDateException: The item changed during processing. Retry the item to resolve the issue. Contact support if the problem persists. /TD_7bcd1ca33f274b0bb7a8698f99936f6b/Folder/File.txt with changed properties: timestamp - original:7/3/2024 4:09:49 PM +00:00, latest:7/3/2024 4:09:56 PM +00:00; number of bytes - original:3, latest:8;
In the error, original is the item property in the batch job, and latest is the item property on the destination. The item will be flagged as “Retry” and will be handled like a normal retry item. After selecting the retry action (Retry, Ignore, etc.), the item should be resolved.
If the batch job and destination have the same properties, no error will be generated, and the item will be transferred.
Transfer Content to SharePoint Online Shared Document Library | Connection URI and Path Example
PlatformType in Connection: office365
URI Pattern in Connection: https://company.sharepoint.com/[SiteNameWhereLibraryExists]/
Target/Path in Job:Connection Config: /[LibraryName]
This configuration will transfer data to the destination at the library specified. Connection will take it down to Site specific level.
Path in the 'Job:Connection:Target' should be the Document Library.
Use the Library name found in the URI (you do not have to escape/encode spaces, just enter a space if that exists in the library name).
If a path is not specified, files will transfer to the default library for the site specified.
Create Connection | REST API
You will need to add the relevant connection information into the GET request. The following GET will return a Microsoft login link. Use the link to complete logging into the account and to grant DryvIQ access to the account.
GET {{url}}v1/connections/platforms/office365-graph/new?domain={{YOUR URL}}&name={{YOUR CONNECTION NAME}}&client_id={{YOUR CLIENT ID}}&client_secret={{YOUR CLIENT SECRET}}
Create Job | Impersonation with Admin Connection
As a Office 365 administrator, you can impersonate a user using the path that relates to their content. Then, use their information in the impersonate_as block. (See Impersonation for more information on how to impersonate users.)
Impersonation with Office 365 Connection
{
"name":"Basic job with impersonation",
"kind": "transfer",
"transfer": {
"audit_level": "trace",
"transfer_type": "copy",
"source": {
"connection": { "id": "{{nfs_source_connectionID}}" },
"target": {
"path": "/sourcePath"
}
},
"destination": {
"connection": { "id": "{{O365_destination_connectionID}}" },
"impersonate_as": {
"id": "00",
"name": "Joe Smith",
"email": "jsmith@company.onmicrosoft.com"
},
"target": {
"path": "/destinationPath"
}
},
"simulation_mode": false
},
"schedule": {
"mode": "manual"
},
"stop_policy": {
"on_success": 5,
"on_failure": 5,
"on_execute": 25
},
"category": {
"name": "category name"
}
}Create Job | with Tenant Level Connection
When creating a job that is mapped to the default site collection of the tenant the value "Default" must be used even though the URL does not have a ../sites/{site_name} representation. When setting the root site collection the name should not be prefixed with "sites/".