Exclude Users From Delve and SharePoint Online People Search
In support, we receive requests from time to time for information on how-to configure SharePoint People search and Delve results so that specific users do not appear in search results. Many admins want to be able to do this without having to delete or move users to a non-synced OU.
Effect on SharePoint sites that use ADFS/SAML and Forms Based Authentication in Chrome version 80+
Issue : You are using Google Chrome 80, and when you have ADFS/SAML or FBA configured site, you notice that intermittently, users logging in fails and goes into a login loop. The following error is received on ADFS : "An error occured. Contact your administrator for more information" FBA does not sign you out either. Cause : This behavior is because of Chrome’s new security feature : A cookie associated with a cross-site resource at <URL> was set with the `SameSite` attribute. It has been blocked, as Chrome now only delivers cookies with cross-site requests if they are set with `SameSite=None` and `Secure`. You can review cookies in developer tools under Application>Storage>Cookies. Ref: https://blog.chromium.org/2020/02/samesite-cookie-changes-in-february.html Testing/Troubleshooting to understand the behavior : First test by passing any load balancer and check if you have the issue We need to collect a fiddler trace, and look for the frame in fiddler which is a GET request to the site, and in request header you will see that the ‘Fedauth’ cookie still exists. This is the response from the server, a "Set-Cookie" Header, that sets the FedAuth to blank, this is because the user is browsing the site with an expired FedAuth cookie : Even after setting it to blank by SharePoint Server, Chrome does not deliver the blank Fedauth cookie(due to the same changes in it's cookie handling behavior), and in the next POST to the site it sends the same old expired cookie, you can see it in the request header in next request : When we use "Set-Cookie" to set the Fedauth to blank, we also see the ‘SameSite=None’ attribute, but Chrome will deliver the cookie ONLY if it HAS ‘SameSite=None’ alongwith ‘Secure’ attribute Resolution : Step 1 -- Recommendations by Microsoft Reference : https://docs.microsoft.com/en-us/office365/troubleshoot/miscellaneous/chrome-behavior-affects-applications Step 2 -- If you still see issue continues after March 2020 CU update for SharePoint If you still see issues with Load Balancer in place, you will have to contact your load balancer vendor for having an iRule created to add the SameSite=None and Secure parameter in the "Set-Cookie" header. Step 3 -- If you do not have a load balancer that distributes load between servers in SharePoint Note : Make sure to take a backup of the web.config file from all SharePoint servers before making the below changes This is only if you are using a SSL web application If you do not have a load balancer, you will have to use the URL Rewrite module on all SharePoint servers. Install the URL Rewrite Module : https://www.iis.net/downloads/microsoft/url-rewrite The Rewrite we will be using is an Outbound Rule, follow below steps -Start by selecting the IIS site pertaining to the ADFS/SAML web app -Enter into the URL Rewrite module -Select Add Rule and then Select the "Blank Rule" under "Outbound Rules", and configure below options Matching Scope : Server Variable Variable Name : RESPONSE_Set_Cookie Pattern : (FedAuth=;)(.*)(SameSite=None) Action type : Rewrite Value : {R:1}{R:2}{R:3};Secure Test your web application for the same issues now in newer version of ChromeIntroduction to SharePoint Online Search
Microsoft SharePoint Online Search is an integral part of SharePoint Online and it is the backbone of many features across Office 365. Below is a list of a few features that are driven by search and used daily: Enterprise Search center Site Search List and library search Search Web Parts “Shared with me” view in OneDrive for business Usage and popularity trends DLP, eDiscovery Searches, and RetentionCookie Persistence in SharePoint Online
Note: This is an earlier blog article that was previously hosted on the SharePoint Online Support blog on MSDN. It, and other articles, are being moved over to this site as part of an ongoing Global Blog effort by the SharePoint Online Support Organization. Certain legacy features in SharePoint Online — Explorer view, for example — leverage legacy technologies like Windows WebDAV. WebDAV makes use of the browser's authentication cookie. Because of security concerns, WebDAV cannot access session cookies; only cookies that are written to disk are accessible by WebDAV. This means that in order for WebDAV to access the authentication cookie, the cookie needs to be persistent (persistent cookies are written to disk)*.
Microsoft Teams Bluetooth Headset No Sound When Using External Mic
I am currently on Windows 11 Build 22504.rs_prelease.211112-1650 and whenever I use Microsoft Teams Desktop (Version 1.4.00.29469 (64-bit), last updated on 2021-11-06) with my Taotronics TT-BH22 headset, I cannot hear anything from the headset's speakers in the call unless I use the headset's microphone. The two problems with using the headset's own microphone are that The audio quality becomes very poor for no reason I want to use my external Blue Yeti microphone instead of my headset microphone. The above picture is what I would like my Teams audio setup to be, with my Taotronics headphones as the speakers and my Yeti as the microphone. With this setup in a Teams call, although I can notice sound being played to my Taotronics via the sound control panel (see image below), I do not hear it. So I effectively cannot use my external microphone in Teams because I have a bluetooth headset mic, and when I use the bluetooth headset's microphone in Teams, the sound on the headset works, but it is of very poor quality. I have tried disabling the headset mic, but that doesn't fix the issue, as I still can't hear anything from my headphones. I've been able to use Teams on the browser without an issue, but I need the features on Teams Desktop since the browser version is limited.
