我正在开发一个通过REST API访问OneDrive for Business的Web应用程序。 我的用户很难将用户的刷新令牌配置到系统,因为有很多用户。
因此,我想使用一个管理员令牌访问所有用户的文件。 但是,似乎OneDrive API没有这样的功能。 我该怎么办?
提前致谢
答案 0 :(得分:3)
Though there is no such feature to directly enable a button and access all users files. But yes there is a way. I too had the same issue and contacted Microsoft support.
They suggested me to add a user(let's have him the admin user) as secondary administrator to all the other users MySites. There are two ways
1) Before creating one drive accounts. -> If the users still not created their OneDrive accounts then the following setting helps to set admin as secondary admin to all users who will be creating their accounts in future. -> GoTo SharePoint admin center-> and then goto user profiles. ->There you see my site settings. Click on setup my sites and and in the settings page go down to find my site secondary admin. Add the admin user in the field provided and click check box enable secondary administrator.
2) if user accounts already exits, you need to set secondary administrator to individual account spefically. ->For this in user profiles click manage user profiles under people. And search for i. -> List of all the available users will be populated. Hover mouse to the user name to find the down arrow button click it to open the menu and click on manage site collection administrators. Now add the admin user in site collection administrator field and save.
These two methods help you to access all users drives from ui and api.
For the second procedure instead you can write a custom Microsoft SharePoint online script(which is indeed a power shell script) to set an user as secondary administrator.
Use the below powershell script to do this. save the below snippet to file.ps1 and run in sharepoint online management shell.
Import-module msonline
Write-Host "Please input credential of administrator"
$cred = Get-Credential
Connect-MsolService -Credential $cred
Write-Host "Please enter tenant"
$tenant = Read-Host
$adminsite = "https://"+ $tenant +"-admin.sharepoint.com"
Connect-SPOService -Credential $cred -url $adminsite
Write-Host "Please specify the administrator user principal name which will be the admin member for all personal sites"
$admin = Read-Host
$usersLogin = Get-MsolUser |ForEach-Object {$_.UserPrincipalName}
foreach($user in $usersLogin)
{
$account,$domain = $user.Split("@",2)
if ( $account.Contains("."))
{
$account= $account.Replace(".","_")
}
ElseIf ( $domain.Contains("."))
{
$domain= $domain.Replace(".","_")
}
$site = "https://" + $tenant + "-my.sharepoint.com/personal/"+ $account +"_" + $domain
Set-SPOUser -Site $site -LoginName $admin -IsSiteCollectionAdmin $true
Write-Host $admin " has been added as an administrator for personal site " $site`n
}