Content Registration

Content Registration

Role Required
To configure Azure Active Directory for Content Registration you need to be an Azure AD Global Administrator or Application Administrator.
To run the Content Registration script, you need user accounts that can access the content you are looking to register in SharePoint Online or OneDrive for Business as well as for Records365. These may not be the same credentials. Users backed by Active Directoy Federated Services (ADFS) or that have Multi-factor Authentication (MFA) enabled are not currently supported.

Once the relevant Connector has been set up and enabled, any new documents created in SharePoint Online or OneDrive for Business, and any modifications to existing documents, will be managed by Records365. But what about any existing content that predated the Connector?

The Content Registration process provides a tailored method of locating documents and folders in SharePoint Online or OneDrive for Business and passing them to their respective Connector for submission to Records365.

The Content Registration process for SharePoint Online and OneDrive for Business requires a level of familiarity with Microsoft PowerShell and the ability to install client libraries and PowerShell modules. Most likely, an Administrator or IT professional will be required for some or all of this process.
Please feel free to contact our support team at support@recordpoint.com to ensure that you have the required level of technical support to successfully complete the process.

Download the Content Registration script here

Content Registration Architecture

Content Registration is a scripted process driven by Microsoft PowerShell. RecordPoint provides a template script that you can customize further according to your requirements and Records365 exposes an API endpoint that this script will call with the details of the documents to be registered by the relevant Connector.

To securely authenticate against SharePoint Online or OneDrive for Business and submit content to Records365, a number of prerequisites are required:

  • User Credentials that have access to the relevant location in SharePoint Online and OneDrive for Business.
  • User Credentials for Records365. These may not be the same credentials. See how to Add Users to Records365.
  • Azure AD Native Application Registration to delegate authentication to Records365 to the Content Registration script.

Registering an Azure AD Native App

  1. Sign in to the Azure portal.
  2. If your account gives you access to more than one, click your account in the top right corner, and set your portal session to the desired Azure AD tenant.
  3. In the left-hand navigation pane, click Azure Active Directory, click App Registrations, and then click New Registration.
  1. On the Register an application page, enter the Content Registration application registration information and click Register:
    • Name: Content Registration for Records365
    • Supported account types: Select “Accounts in any organizational directory”
    • Redirect URI: https://login.microsoft.com
  2. You will be taken to the application’s main registration page.
    • Make a note of the Application (client) ID value. This will be required to run the Content Registration script.

  3. Click on API permissions on the sidebar:
    • Click Add a permission
    • Click the APIs my organization uses tab.
    • Search for ‘Records365’ and click on it.
    • Select user_impersonation (Access Records365) under Permissions.
    • Click Add permissions

Running the Content Registration script

Prerequisites
SharePoint Client Side Libraries
The Content Registration script uses the SharePoint Online Client Side Object Model to connect to SharePoint Online or OneDrive for Business. The Microsoft.SharePoint.Client and Microsoft.SharePoint.Client.Runtime libraries must be present in the /bin folder in the directory where the script is run. Please use version 16.1.6420.1200 or later of CSOM. RecordPoint provides these libraries with the Content Registration script.
Azure AD PowerShell module
A specific version of the Azure AD PowerShell module must be installed to run the script. Install from the Powershell Gallery by running Install-Module AzureAD -RequiredVersion 2.0.1.3.

Parameters

The Content Registration script requires a number of parameters. These describe:

  • The Records365 tenant where the script should submit content.
  • The SharePoint Online or OneDrive for Business locations to connect to and find content.
  • Authentication for Records365 and SharePoint Online or OneDrive for Business.
  • Settings that determine how the script runs.

Mandatory Parameters

Parameter Type Description
ServiceUrl Records365 Authentication The URL of the Records365 Content Registration API endpoint. See below for your relevant URL.
ServiceUsername Records365 Authentication The account used to access the Records365 tenant.
ServicePassword Records365 Authentication The password of the Records365 tenant. This must be passed to the script as a SecureString.
ConnectorId Records365 Authentication The ID of your SharePoint Online or OneDrive for Business Connector in Records365. See Connector ID.
Tenant Client Authentication The name of your Azure Active Directory tenant, eg: contoso.com
ClientId Client Authentication The Client ID of the Native Application that represents the user when interacting with the Records365 APIs.
WebUrl Client Authentication The URL of the SharePoint Online or OneDrive for Business site. May be a root site and must end with a “/”.
UserName Client Authentication The username of the account that has access to the SharePoint Online or OneDrive for Business site.
Password Client Authentication The password of the account that has access to the SharePoint Online or OneDrive for Business site. This must be passed to the script as a SecureString.
Context Settings The starting point in your SharePoint Online or OneDrive for Business site for the script to recursively look for content to submit to Records365. May be either Site, Web, List, Folder or Item.
Audience Static This value is always: https://recordpoint.com/rpfabric

 

Records365 Geography ServiceURL
US West https://management-usw.records365.com
AU East https://management-aue.records365.com.au
UK South https://management-uks.records365.co.uk

Context Parameters

These parameters describe where the script will look for content to submit to Records365. The script is recursive - for example, if the Context supplied is List, then the script will submit all documents or list items contained within the List or Document Library provided by ListTitle, including any folders within that List or Library. Both Site and Web Contexts use the WebUrl parameter supplied above and do not require additional parameters for Context.

Parameter Type Description
ListTitle List The name of a List that the script will target when the Context is List or Item.
ItemTitle Item The title of a List Item in a custom List, or the filename (“FileLeafRef”) of a Document in a Document Library when the Context is Item. Also requires ListTitle.
FolderPath Folder The path (Web Relative URL) to the Folder when the Context is Folder. Must not be prefixed with “/” - eg: Contracts/Subcontract.

Optional Parameters

Parameter Type Description
ScriptMode Settings Either “Interactive” or “NonInteractive”. Interactive prompts for parameters, whereas NonInteractive expects parameters to be supplied. Defaults to Interactive.
LogToFile Settings When True, all events are saved to a log file. Defaults to True.
LogToScreen Settings When True, all events displayed on screen inline, otherwise events are displayed in a progress window above the script. Defaults to False.

Example

# Create SecureString password for service
[SecureString] $svcPasswordSecure = ConvertTo-SecureString -String "<ServicePassword>" -AsPlainText -Force

 .\SPOContentRegistration.ps1 -ServiceUrl "https://<ServiceUrl>/" -ServiceUsername "<ServiceUsername>" -ServicePassword $svcPasswordSecure -WebUrl "https://<SharePointUrl/Site/SubSite>/" -ListTitle "ListName" -Context List -UserName "<UserName>" -ConnectorId <ConnectorId> -Tenant "<Tenant>.onmicorosoft.com" -Audience "https://recordpoint.com/rpfabric" -ClientId <ClientId>

Note: if you wish to pass in the SharePoint password you will need to create a SecureString for it as for the Service password. If you do not pass in a password for SharePoint you will be prompted for it and the script will handle the secure encoding. 

Connector ID

To retrieve your Connector ID for SharePoint Online or OneDrive for Business, go to the Connector Gallery by clicking the cog icon in the top right of the screen. Then, click on your SharePoint Online or OneDrive for Business connector tile in the gallery. Your Connector ID will be visible in the Address Bar at the top of your browser window: