Robert Crane 0:00
Welcome along to the Need to Know podcast. My name is Robert Crane and this is episode 237. Now, these episodes are shorter episodes known as FA Q’s and they are aimed at a deeper dive into some of the technologies in the Microsoft Cloud. Now these episodes are brought to you by my CIAOPS Patron community and again, you’ll find information about that at http://www.ciaopspatron.com. Check it out if you’re interested in learning more and keeping up to date with everything in the Microsoft Cloud. Now what I want to cover today is a very common question I see out there around the differences between OneDrive for Business and SharePoint. Now the first point of order is to note that SharePoint is a technology, a service that OneDrive for Business takes advantage of. So the way to think about it is that SharePoint is the overarching technology that OneDrive for Business runs on and will also designate the common area as team sites. So again, think of SharePoint, the top of the tree, and that’s providing the storage capabilities for files and folders for OneDrive for Business and for team sites. And also for Microsoft Teams as well. So think of, again SharePoint as the manner in which items files are stored in Microsoft is five, four, which OneDrive
takes advantage of it, and so does team sites. Now one of the other differentiators here is to appreciate that OneDrive for Business is designed as personal storage per user. And team sites are designed for shared data. So think about a OneDrive for Business as what is on your desktop, my documents or a home drive or traditional home drive, you would have had potentially with a on prem server, and think of team sites as location for shared file. So this is going to be you know, the F drive in the old style file, so therefore shared location used by multiple people. Now, OneDrive for Business, as I said, is aimed at personal storage. And basically all you get is a single document library, right? So inside SharePoint technology, there are these apps or these locations where you can put information. The location that you put files into in SharePoint technology is called a document library.
And you only get one of those with OneDrive for Business. Whereas with team sites, you can have as many document libraries as you want. So the first differentiation point around these two technologies is that OneDrive is you get one document library with team sites, you can create as many document libraries as you want to help you separate out and manage your different files in their environment. So when we open our OneDrive for Business, we see one document library, and basically just see a list of files and folders. So think about the fact that we get no width. We don’t get the ability to add additional apps. We can’t add document libraries to OneDrive for Business. We can’t add calendars, contacts, lists all the other things that our intranet into OneDrive for Business or OneDrive for Business is a solely aimed at allowing users to store they follow information. Now this is really good to allow users to get information off there.
My Documents off their desktop off their home drive from a server and put it into an area in the cloud, which is backed up manage, maintain controlled and accessible remotely. Now, the most important thing I think about any SharePoint technology bit OneDrive for Business or team sites, is the fact that it’s all searchable. So once we put information up into SharePoint technologies, we’re able to take advantage of the fact that all the data will be indexed and can be recovered or can be viewed basically using search. Alright, so OneDrive for Business, one document library, you can’t add more document libraries. And you can, for example, add sub areas, you just get one single area with no width and no depth. It’s just a storage location. Now when you start out, in most cases, users will get at least one terabyte of space in their OneDrive for business to be able to store their own personal files. Okay, so one terabyte per user.
Generally is what is provision and is aimed at the users personal documents is not a place for parsers. It’s not a place largely for common documents, right? That is what we use team sites for. Now, the idea here with team sites is that it’s designed for this shared storage concepts. divined for designed for users to work on files in a group environment. Right. Now, as I mentioned, in SharePoint, you can add as many apps as you want to broaden what is available in that location. So you can add multiple document libraries. So you may have one location for your policies, your procedures, maybe a templates areas where you can keep building these out. And the advantage of having different document libraries, for example, is you can format them in a different way. And you can also have different permissions. But with team sites, we can also add things like calendars, contacts, lists,
We can build it out into a true intranet environment. So the idea with team sites is that it is for a group of people. And we can add more content in there besides just pure files and OneDrive for Business, largely designed for pure file storage. Now, when we basically configure our environment with our team sites, we get one terabyte of total storage across all of the teams I separate. So remember that when we create a Microsoft team, we get a team site, a SharePoint team site, into which we can put our documents for our Microsoft team, that and all the other SharePoint team sites when added together their total storage is or cannot exceed, generally one terabyte now, you get that one terabyte standing space which is shared across your Microsoft team, the team’s site environment and you also then get an additional 10
gigabytes per user added onto that space, you start with one terabyte. And then for every licenced user you have, using SharePoint team sites, you will get an additional 10 gig of storage capacity added on to that one terabyte, right? So if you have 10 users, you’re going to get 10 times the 10 gigs, you’re going to get hundred gigs of additional storage. And that means you’re going to get basically 1.1 gigs worth or sorry, 1.1 terabytes worth of data out there that you can use to put all your shared documents in. Now, not only can you get the one terabyte starting space with SharePoint team sites, you get the 10 gig per licence use as well, but you could also buy additional storage. So one of the advantages of SharePoint team sites is the fact that you get the one terabyte 10 gig per licence user
Then you also can add additional storage on there as a paid option if you so choose. So that makes it a little bit more extensive, a little bit more flexible to achieve what you want. Now, remember that this total space is one terabyte you can manage that you can make that automatically allocated, you can control that by the different team site, if you wish. Now, what are some of the other differences between my SharePoint team sites versus OneDrive for Business? Well, in a SharePoint team site, you get something called check in check out. So what that means is that when users work on typically we’re typically Office documents inside these technology inside SharePoint technologies. Then what happens is, is they are co authored by default, which means that multiple users can edit them, update them, change them at the same time by default. Now, there are probably times when you want to make sure that only as
single author has access to a document. In that case, you can check the document out, the author can update the file, everybody else can view the last version of it. And then when they’re finished, when the author’s finished with that they check the document in and make it available later on. So, SharePoint team sites gives us the ability to do these document manage which we management, which we don’t see with OneDrive for Business, because OneDrive for Business, again, is designed for a single user to work with. Now, probably the biggest difference between OneDrive for Business and SharePoint team sites is the fact that you get metadata. So metadata is available in SharePoint team sites, what use metadata for us think of it like tagging files. So the idea is is you will put a file into a SharePoint team site document library, and then you would tag it so instead of creating folders or very deep structure, you would use the tagging to keep that structure as flat as possible. The advantage of
Doing and using metadata which you can now filter, you can now sort. And you can now launch automated processes based on the metadata, you have now, a file an item inside, a SharePoint team site can have as many metadata tags effectively as you wish. So you can tag a file lot by, for example, an author by location by whatever you wish by a customer. And then you can start using that to filter and sort and we don’t see that metadata capability in OneDrive for Business. Now, the other thing with SharePoint team site is we can create a hierarchical structure so we can create something called sub sites inside our SharePoint team sites to allow us to organise our data in a hierarchical structure. Now generally best practices not to do very deep data structures these days, but it is possible and again, it’s one of the differentiation points between
A SharePoint team site and OneDrive for Business so they get ticked off. At SharePoint team sites. It’s much more like a traditional file server with data located in a hierarchical structure, and OneDrive for Business as just a single location with no sub area that you can put your files and folders if you want. So just in summary, again, the idea here is that the technology the storage technology, then the Microsoft Cloud typically uses easy storage technology, known as SharePoint that’s been with us probably for over 20 years now. Now, that technology allows us to build OneDrive for Business, which is a limited subset of the full features of SharePoint, as well as team sites. So team sites are aimed at grouping together information files, Contacts, Calendars, for a group of people, a team of people, where I OneDrive for Business is purely designed as a
storage location for a user’s files, right. So every user generally, by default, will get their own OneDrive for Business, they can put their own files in there, they can then access them in any location, they can share the odd file in and out of that. But if they’re working on a group of files, like your traditional file server, the idea is to put it into SharePoint team sites. Now, there are some differences between the two and what’s available and what surfaced and you get more of the functionality in SharePoint team sites. So you get things like check in check out, you get the ability to add additional metadata. You can, for example, pin files to the top of a document library list. To highlight them. You can also add calendars, contacts lists a number of different apps into a SharePoint team site to make it more like an intranet, right? So you want to gather all your information in there. Now importantly, remember that other components of the Microsoft Cloud like Microsoft Teams, do you
Use SharePoint team sites. So every time you create a Microsoft team, it will create a SharePoint team site in which you can put your files and folders in there that is surfaced in the Microsoft team’s interface. But you can dig in behind that. And you can go and get access to that full SharePoint team site from that Microsoft team if you want. Alright, so remember that the storage for a group of users is going to be in a SharePoint team site. And the individual data location for users and their files is going to be OneDrive for Business. And both of these are built on SharePoint technology giving us a lot of these enterprise capabilities, document management that is available in that. So hopefully that has given you a bit better clarification as to the difference between OneDrive for Business and SharePoint Online. And it sort of boils down to the fact that they both stores locations, they’re both built on SharePoint, OneDrive for Business is
individual users with SharePoint team sites are four groups of users. And that’s where you’re going to get the best usage and functionality out of that. Now, of course, you can use those services for other things, but they really shine when they are used in the correct way for storing data. So with that, Have you enjoyed that episode? Thank you very much for listening. You have been listening to the Need to Know podcast from CIA ops training on using technologies like SharePoint online or Microsoft 365, visit www dot CIA ops academy.com. by purchasing from the selections available, you’ll be directly supporting this podcast. To provide feedback on this episode, visit www.ciaops.com slash contact
The aim of this project has been to show you how to manage multiple Microsoft 365 tenants quickly, easily and securely using the Microsoft Graph. this article builds on a previous article so go and take a look at:
However, why do it manually if you can automate it I say? With that in mind, I have created a self executing PowerShell script to add the appropriate permissions to multiple tenants and allow the reading of OneDrive for Business usage information for all users. You’ll find the program to do this in my GitHub repo here:
You’ll need to download the file into the location where all the XML configuration files are that were created in Step 1. These will be needed again as the program cycles through all those tenants adding the appropriate permissions.
When you run the program, it will read the XML configuration files it finds in the directory and then ask you to login to each tenant again. You need to do this as you are granting/consenting to permissions and that requires administrator access.
You’ll need to complete the process of opening a browser session to each tenant and Accept the permissions as shown above. You’ll note that, in this case, they are read only permissions.
For more details on this process if you haven’t seen it, take a look at the article I wrote about doing the same thing for a single tenant:
Remember, that you don’t necessarily have to open the default browser all the time as the consent URL is always copied to the clipboard, so you could just past it into existing active sessions for that tenant if you wished.
The program will work through all the domains available.
If you want to see what’s happened visit the Azure portal for each tenant. Navigate to Azure Active Directory, then App Registrations, All Applications. Select the name of the Azure AD application you are using, then API permissions as shown above. You should see that the only permission it has is Read All usage reports. You should not that consent has also been granted.
That now completes Step 2 of the process.
We now have an Azure AD application in all the desired tenants and that Azure AD application has the appropriate permissions to do things. We can now start extracting information by continuing to Step 3.
In this example, we’ll run a program that will retrieve usage information about OneDrive for Business for each user in each tenant, without prompting for a login!
You’ll need to download the program I’ve written to do this (graph-odfb-get.exe), which you’ll find here:
Again, you need to place it the same directory where all the tenant configuration files are, as shown above, so it can access all the tenants configured in previous steps.
When you run the program, you’ll see the program loop through all the domains and all the users in those domains, without asking for a login.
At the end of each domain you’ll see a summary of OneDrive for Business for that domain as shown above.
At the end of the process you’ll see an aggregate summary for all your domains, as shown above.
This may seem like a lot of work but remember, you only need to do Steps 1 and 2 ONCE! Once the Azure AD application is configured for each tenant and the Graph has the appropriate permissions you can run Step 3 as MANY TIMES as you wish, securely, WITHOUT be prompted for a login to each tenant! How easy is that to automate?
This example has used just one aspect of the Graph being OneDrive for Business. You can use the Graph to do just about anything in Microsoft 365 you need to, including actually changing and update parameters!. In fact that is what I’m off to do right now.
In the above example you’ll see that the file Employee Engagement Plan.docx has been been shared by the owner with an external user (Lewis Collins).
Somewhere else, you can see that this user (Lewis Collins) has the document open to work on.
One of the benefits of sharing using OneDrive for Business is that the sharing rights can easily be revoked by the original user if desired.
The easiest way to achieve this would be simply to hit the cross next to the external users name in the web interface as shown above.
The original user would then be prompted the Remove the external user, which they would do to remove access.
That all works fine when you have a small number of shared files and a small number of users working with a file. It becomes a lot more problematic when you start scaling to many users as you can see here:
What happens when you need to find just one user to remove sharing from amongst a list of hundreds of users?
PowerShell to the rescue!
1. Connect to SharePoint Online via PowerShell. You can use my script at:
that will display a list of all externally shared across your tenant as shown above.
If you do have a situation where you have large numbers of shared files or shared users in OneDrive for Business and you wish to make bulk removal easier, I’d encourage you to look at PowerShell as an option. However, remember, this option will remove ALL sharing for that user(s) across the WHOLE OneDrive for Business.
This month I’m going to closer look at OneDrive for Business and hopefully share with you some features that you may not know about. There is more to OneDrive for Business than meets the eye. I’ll have the the latest Microsoft Cloud updates plus open Q and A as well.
You can register for the regular monthly webinar here: