![]() The first page of the modernization scanner wizard asks you for authentication information. : Scanner authentication configuration Authenticate via Azure AD app-only This chapter will walk you through the UI option taking a typical full scan. Alternatively you can start a (PowerShell) command prompt and navigate to that folder so that you can use the scanner via command line. The easiest approach is to simply launch as the scanner does have a UI. Step 3: Launch a scan using the user interface option Store the returned AzureAppId, created PFX file and password somewhere safe, you'll need to use it as described in below chapter Authenticate via Azure AD app-only.Next the consent dialog is shown with the requested permissions (see screenshot below).First you'll be asked to login again, use a tenant administrator account.You'll be asked to consent the permissions granted to the created Azure AD application:.The cmdlet will setup an Azure AD app and wait for 60 seconds to give Azure AD time to handle the App creation.You'll be asked to authenticate, ensure you authenticate with a user that is a tenant administrator.Initialize-PnPPowerShellAuthentication -ApplicationName ModernizationScannerApp -Tenant -Scopes "","" -OutPath c:\temp -CertificatePassword (ConvertTo-SecureString -String "password" -AsPlainText -Force) Use the Initialize-PnPPowerShellAuthentication cmdet to setup an Azure AD app:.Install PnP PowerShell or update it to the April 2020 or a more recent version.To configure Azure AD App-Only using PnP PowerShell follow these steps: Using Initialize-PnPPowerShellAuthentication to setup Azure AD App-Only Once the preparation work is done, let's continue with doing a scan. If you want to report on site collections that have a Teams team linked then you also need to add the permission (as of version 2.7). If you're not interested in workflow scanning you can also use as a permission (as of version 2.6). If you're choosing for Azure AD app-only, then above mentioned instructions grant the Azure AD app the permission, which is needed if you want to run all scan components. Granting access via SharePoint App-Only.Granting access via Azure AD App-Only (recommended).See the Using Initialize-PnPPowerShellAuthentication to setup Azure AD App-Only chapter for more details. As the recommended approach is Azure AD App-Only, you can easy the setup of your Azure AD application by using the PnP PowerShell Initialize-PnPPowerShellAuthentication cmdlet. You can either use an Azure AD application or a SharePoint app principal for app-only access and below links describe the manual approach to setting up things. This approach will ensure the scanner always has access, if you use an account (for example, your SharePoint tenant admin account) then the scanner can only access the sites where this user also has access. ![]() Since a typical scan needs to be able to scan all site collections, it's recommended to use an app-only principal with tenant scoped permissions for the scan. This page and the other pages linked to it contain all information to get you started, and also all the report details and an FAQ. Download the SharePoint Modernization Scanner executable and get started. Since SharePoint Online continuously evolves and more and more modern capabilities are added, it's important to always download the latest version of the scanner. Step 1: Get the latest version of the SharePoint modernization scanner There is no SLA for open-source tool support from official Microsoft support channels. Modernization tooling and all other PnP components are open-source tools backed by an active community providing support for them.
0 Comments
Leave a Reply. |