Microsoft Business 365 Question (Sharepoint / Onedrive / Teams)

B

brandonkick

Well-Known Member
Reaction score
849
So I'm working through onboarding a business onto M365 for Business.

They used to / still kinda currently are using a synology that is doing a few very absurd and business disruptive things. So they gave the all clear to go to M365.

It's been going pretty well.... until this first major snags.


Per the advice of some folks on here, I set teams up through the admin so it auto spun up the SharePoint site and doc libraries. Great. Each "department" now has it's own team. I then migrated most all the company data (600 ish GB) to sharepoint (for most departments, for some users their data went right into their onedrive accts)

I installed teams on a few workstations. Created all the user accounts in admin portal. Fleshed out a rough draft of who needed to be a member of each team. I started with the department that was having the worst, and the only business breaking issues, with teams first. Went pretty well....



Here are the issues.

1) How the heck can you make sharepoint enforce the "user must check out file to edit" when working from the local computers? It seems to "mostly" work if you do all your work via the browser. If however, I go into the teams desktop app... and choose to sync folders in a given channel directly to my desktop... if I have the setting enable to force a user to check out a file before editing it... and I open any file via a locally synced folder in an explorer window.... it will only open as read only no matter what. The only way to really be able to work with those files (or any files in a sharepoint library that have this "must check out file to work on it" enabled) are to go into the sharepoint website, manually check the file out, and then either work with it via the web or from the web tell sharepoint to open it a desktop app. This works for office files (word, excel... etc) but what about autocad files? Other types of files? Beyond that, most users are NOT going to want to have to do that. The system is far more "usable" to everyone if they can just go into the teams desktop app, choose which folders to sync, and just work out of those folders locally WHILE having the system allow only one active editor per file at a given time.

I guess it's no issue if multiple employees DO NOT need to access and work on the same set of data files. But in this case, they do need that. And they also need it so that no matter how it's done, when someone opens a file... the rest of the people who try to open that file can only open it in read only mode. Most importantly, also in their folders synced to their desktop... not through the online portal.

I contacted their support over this, and so far (after an hour on the phone) the furthest we got is that it's "working as intended". I sincerely hope that's not the case, that folders synced locally do not honor / integrate the "file checkout" rule. It pretty much scraps this entire thing.


2) How the heck do you easily give someone "read only" access to a teams data shares? So Jim needs access to the drafting departments files, but read only access. I can't add Jim as a read only member to the team. My options are owner or member when doing it via the app (signed into my account, which is a global admin account). I can add them as a "visitor" if I modify the sharepoint library permissions directly. But if I only do it that way, they don't see anything in terms of files when they sign into teams.

What I need is to have someone able to get read only access to a teams file store, so that they can go into the teams app, go to that team in sharepoint, and have read only access to anything that team has set up in a sharepoint document library.

The closest I've got so far is digging down some rabbit hole of research talking about needing to break permissions inheritance.


Thanks in advance.


PS, the cloud sync app for Synology is a life saver. I first tried to upload the data directly into a sharepoint doc library via the share point online interface. Yeah. That barfed rather fast. But, to be fair.... it was 80K files and 160GB of data. I then researched this method of setting up a sharepoint migration agent on a computer, and creating a migration task in the sharepoint admin portal. That worked... better... but was pretty slow and failed usually at least once a day. Took 5 days to do the sync. I then found the cloud sync app. Man. SO. MUCH. EASIER. SO. MUCH. FASTER.

In 2 days it synced well over double the data it took the migration agent 5 days to do. Not only that, but as people continue to work on their dataset on the synology it will actively push the changes to sharepoint / onedrive until I get those users cut over and take their synology shares offline.

I will note, one strange thing... cloud sync shows me as having 25,600 GB free in sharepoint and 1024GB free in onedrive. The sharepoint online portal seemed to suggest we only get 1.25TB of data for sharepoint?
 
1.) I do not use that feature... period full stop. You can ONLY check out files from the website. That's by design, and as you've discovered... crap.

Onedrive will deal with sync conflicts, and it keeps versions so if a user doesn't resolve the conflict correctly you aren't losing anything. However, there are times when you're stuck saving files with alternative names.

CAD is particularly bad about this, and there are document management systems SPECIFICALLY for CAD for a reason. Solidworks PDM is one such solution.

If you need to move a folder of stuff into SharePoint, the SharePoint Migration Tool is what you want. It's not only faster, but generates reports on failures. I've recently changed my SOP to use it instead of Onedrive due to performance issues.

Sharepoint M365 give you 1TB base storage, + 10GB per Business Basic/Standard/Premium/and Teams Premium license. Additional storage can be added via another sub.

Now the read only thing... that IS annoying. By default Teams has 3 groups for all users. Owners, Members, and Guests. Owners have full control of all files, and can control membership. Members have full control of all files. Guests have read only access. But if you make a Teams Member a guest, they can't see jack via the Teams app itself.

So... what I wind up doing is making everyone that needs read/write owners, and going into sharepoint admin for the site in question, finding the root data storage folder (usually general), and changing the access of members to read only. This is one of those things about "the cloud" it's NOT a file server. It's a collaboration space. Microsoft's view is that everyone should have write access to things if they are involved with the department. If you have a group of files that need protecting, that's a different context and should be part of another team entirely.

So you don't have a special folder with read only stuff in it, you have a special team or channel for the read only stuff and there are people that have read/write and also the power to grant that access to others themselves. Teams is your USERS joining junk without the admin... so letting go of that assignment authority is another critical and design level change.
 
Just thinking about it... Subversion would probably work for version control for CAD in a pinch since it supports locking files and only commits deltas of binary files.
 
For AutoCAD, have your client get update to the new versions that support OD/SP. Older AutoCAD has it's own file locking system which doesn't combine well with cloud syncing apps. The new versions which have support for 365 cloud storage...is now "cloud site aware"...and works well with it. Even has a web version you can pin into Teams.

With Teams, and with libraries you have sync'd via OD, you can have concurrent users working on the same file at the same time. No need to "check out". And they're always doing constant save/versioning.

Use caution with lots of data...break up into separate teams and keep channels minimal with lots of data in each team, so you don't run into the file count limits and performance issues if syncing.
 

File locking and syncing issues with AutoCAD-based products and cloud based storage | AutoCAD | Autodesk Knowledge Network

When AutoCAD-based products interact with cloud based storage such as Sharepoint, OneDrive, Google Drive, Dropbox, etc., the following issues may occur: Lack of file locking which prevents multiple users from accessing a file at the same time. This is normally controlled by settings in the...
knowledge.autodesk.com knowledge.autodesk.com

File locking no longer controlled by AutoCAD | AutoCAD | Autodesk Knowledge Network

AutoCAD products no longer controls file locking by creating lock files. Files do not open "read-only" when they should. Note: "Read-only file" pop-up message will not be displayed upon opening a file when more than one person is working on that same file. File locking has not been configured on...
knowledge.autodesk.com knowledge.autodesk.com


@YeOldeStonecat

So now it seems Autodesk doesn't really support file locking at all, on purpose. They mention to set it up at the OS level, GPO... etc. Even autocad for the web, it supports OneDrive.... not SharePoint. And I imagine even if I would fandangle all that data into someone's onedrive account it still wouldn't support file locking in any way.


Basically, going with M365 for Business.... file locking is just not going to be a thing. Not outside of working strictly in the web browser, and requiring users to manually check out files when they start working on them, and checking them back in when they are done. There's just a laundry list of why that is going to work. Primary, it's not simple enough. But becomes a mess if there isn't a way for an admin to override and discard a checkout for a user who either had stuff checked out and quit, had stuff checked out and forgot and now they are sick for a week.... etc...

I think this is quickly heading towards not being a viable solution, and this is all going to get thrown away.

I think the only way to give them what they want, and really need, is to go with a full blown server (which I am not experienced enough to set up or admin and is way more money than they are willing to spend) or to spin the wheel yet again with another brand new synology. Though, these problems have persisted (files rolling back, files randomly keeping locks when they should release them requiring a synology reboot.... ect)



Solidworks PDM is a potential solution, but I have no idea what it costs and I don't know how well it'll work alongside M365 for biz.



It's either that, or the CAD department has to live with the fact that they have to handle who has what open on their own. But that really doesn't work.


Man. Damn. SOOO Close. But this is a deal breaker. I guess it's worth taking the time to get a quote from Solidworks, just on the hopes it's not prohibitively expensive.
 
I'm now thinking the best course of action is to get a cloud based server provided to the company, that someone else manages and the company just pays per seat.

That way they get the active directory, and can properly manage all this file sharing and file locking without it being so complicated.



The snag there (maybe, I don't know) would be having the ability for users to get at this data away from the main site (should be no issue) but also via cell phone / tablet. I've never done that type of thing, so I don't know how simply they can access company data shares from a cell phone or tablet. Would that still work through onedrive?
 
Ok. So maybe found a solution.

It appears version control for autocad is a big problem (potentially) and can be seemingly expensive.


PERHAPS, Autodesk VAULT is the answer for me. I need to call them to ensure this product supports file locking. At around $60 a month, it's a much more palatable costs for the company. And I think it will fit their needs very well.


Outside of drafting, the inability to support file locking easily isn't such a big deal. Cross department "sharing" in that way isn't a big thing. At this point, I think it's worth just instituting new behavior to get over that obstacle.
 
Don't need to move all files to OD, they just mean...it works better when autoCAD can plug files locally, however....remember...when you "sync" at Document Library to file explorer, it's using the OneDrive engine.

You can technically still work with DWG files from Sharepoint Web too....double click them, it will open the local program of autoCAD via Windows file association. Much like double clicking a Word doc.

I've never had file locking be an issue...they just don't use it.
Have them check out the latest versions of autoCAD..works well with 365 storage.
 
brandonkick said:
I'm now thinking the best course of action is to get a cloud based server provided to the company, that someone else manages and the company just pays per seat.

That way they get the active directory, and can properly manage all this file sharing and file locking without it being so complicated.



The snag there (maybe, I don't know) would be having the ability for users to get at this data away from the main site (should be no issue) but also via cell phone / tablet. I've never done that type of thing, so I don't know how simply they can access company data shares from a cell phone or tablet. Would that still work through onedrive?
Click to expand...
I think the direction you're going with this line of thinking is Azure Files. Kinda like a NTFS file share in the cloud that is hosted. I think work has been done so that Azure AD supposed kerberos for authenticating with it, but I haven't tested that part out before.
 
YeOldeStonecat said:
For AutoCAD, have your client get update to the new versions that support OD/SP. Older AutoCAD has it's own file locking system which doesn't combine well with cloud syncing apps. The new versions which have support for 365 cloud storage...is now "cloud site aware"...and works well with it. Even has a web version you can pin into Teams.

With Teams, and with libraries you have sync'd via OD, you can have concurrent users working on the same file at the same time. No need to "check out". And they're always doing constant save/versioning.

Use caution with lots of data...break up into separate teams and keep channels minimal with lots of data in each team, so you don't run into the file count limits and performance issues if syncing.
Click to expand...

Currently, I am testing with AutoCad 2023. Just downloaded it and installed it on my computer today (using their Autodesk monthly subscription). So it's the latest version.

I can get AutoCad 2023 connected to OneDrive, and I understand that OneDrive handles the syncing for both an individual employees OneDrive files and anything they sync through a SharePoint library (either via the SharePoint site, or via the teams app). But I must be doing something majorly wrong. It's just not working the way you describe. It doesn't show me the library of files in the drafting department sharepoint. None of these drafting department files are in any onedrive bucket, all a sharepoint document library.

If I go into the drafting departments sharepoint web site, and go into a document library and go to the "Open" portion of the menu that appears when you click the 3 little dots next to a file name, I only get "autocad web". Doing this just opens a new browser tab that is completely blank. Tab title is "about:blank". No option to open it via the installed version of the desktop app. If I choose "download", that file just goes into the download folder. Doesn't open in autocad.

If I have a DWG file that I check out manually, via the sharepoint site, and then sync that folder to my desktop via teams app I can edit the file on my local machine, let sharepoint sync it via onedrive client, and then go back into sharepoint site and check the file in. With a microsoft file, I can handle check in / check out directly via the desktop app (word, excel... etc). I can't do that via AutoCad 2023 (or I don't know how....)



I also can't seem to figure out how to pin autocad to teams. There doesn't seem to be an autocad app to add to teams channels. I couldn't find it in the app search.


So while this will all "work", the way I am able to get it to work now requires a lot of remembering to go back in and out of the sharepoint site to check files in and out manually.

For the "office" type files (word, excel...) it's not a big deal. The desktop clients integrate it and most folks don't work on each others office file types.

For drafting, this is possible... but less than idea in it's current form. Again, unless I'm not doing something right or if Autodesk changed something. Where it stands currently, I'm thinking of exploring Autodesk Vault.



I really do thank you though, and everyone, for the feedback. Help from you folks has been a lot more helpful than microsoft support so far, much quicker at least. But for those of you who live and breath this stuff, and have already been down this road a thousand times.... sure does help!
 
brandonkick said:
Solidworks PDM is a potential solution, but I have no idea what it costs and I don't know how well it'll work alongside M365 for biz.
Click to expand...

I can answer that... it doesn't.

Solidworks PDM is an ANCIENT application that lives on ancient standards. I have 1 client using it, and they spend $1000 a month for an Azure hosted VM that runs active directory that has three machines on that domain, the PDM server, two test VMs that do their builds, and an Untangle. So on top of whatever they paid for Solidworks licensing, they're out $12,000 a year in Azure hosting.

The Untangle in Azure is Site-to-Site connected to an Untangle at their manufacturing plant. AD in Azure exists just to give logins for PDM, no machines at the plant are on the domain... though they could be! I have DNS setup everywhere to support this. Both Untangle servers have client VPNs that connect to them to afford access to these resources too.

The Solidworks rep complimented me on the solution because it works so well, then I smacked him in the face during that meeting pointing out that if they redeveloped as a Sharepoint plugin none of this would have been required.

BUT, PDM does do versioning of all CAD files, offers a construct to organize those files into assemblies with their own versioning, and does all the check in and check out required to keep all that safe. SharePoint flat isn't that robust, and this manufacturing plant couldn't function without it.

However, BEFORE they landed in this place, they had a USB drive shared from a workstation with CAD files in it, and that share was migrated into Teams / Sharepoint and used for MONTHS successfully.

There are ZERO Solutions to manage CAD files that are cheap, and your client has stupidly unrealistic expectations.

As for your most recent problem, it seems to me that you forgot to sync the library to the desktop that's running AutoCAD. Once the corporate sync starts, you'll have a new icon in explorer to find those files. If the files do not appear in AutoCAD but they ARE in explorer, then you need to tell Onedrive to keep the entire folder sync'd locally. That sucks because the storage requirements can get crazy but larger drives are vastly less expensive than a PDM.
 
I have a couple of clients that use Solidworks and use the PDM, they love it.
In the old days of an on-prem server,the PDM ran on the server.
In the modern days of M365BP, the PDM just runs on a honking workstation at the office. Just have that backed up with Datto continuity agent.

Any traveling outside of the office with a laptop, can sync updates once they return, or via VPN.
 
It seems to be working "well enough" just using M365 for biz on it's own.

The option of enforcing check just doesn't work. Oh well. If you do that, everything synced locally opens as read only (unless.... maybe if you go into the sharepoint site itself and manually check out a file, then it might let you access that file with full privs via the file explorer sync location).

For most people, they just don't share or collaborate on files... at least not enough for that to be a problem. Ok. Good enough.

For the drafting department, I've trained the users that they must check the file out manually via the sharepoint site and then they can open it just fine in their local sync folder. If user B tries to open a file that user A has checked out, it will not let user B (either via the browser, or file explorer sync). Good enough. Extra steps. But they are fine with that when faced with what autodesk vault costs on top of all this.



Migration is going well. Its more the training / adoption portion for some users that can be hard.

I thought I'd be smart and for the two or three folks who do not need to usually share anything with anyone, I'd cram their stuff in their corporate one drive. Save a few hundred gigs on sharepoint right? Problem with that? When they set up the one drive client, they set it up to back up their my docs and desktop folders. I can see why they might. But that caused an issue. The folders that were already on there were called my docs and desktop. So. It tried essentially to duplicate everything, and sync ran for over 2 hours before they called me asking what was going on..... yeah.

The other part is breaking habbits and getting them to understand you cannot save anywhere that isn't pointing to sharepoint / onedrive share syncs. If you do, that file is just "hanging out" locally and won't be backed up, no version control, nadda. That and getting people to wrap their minds around teams and onedrive. It's not a lot, it's not hard... but for some folks I think they just get hyped up that this is a "whole new system".


I see light at the end of the tunnel. At least for this part of it. I need to log into godaddy and transfer the domain onto their tennant. And then start the fun of migrating and cutting over mailboxes. I have no idea how to do that seamlessly, but I need to figure it out as close as possible. Over a weekend is my best guess so far.
 
brandonkick said:
.... I need to log into godaddy and transfer the domain onto their tennant. And then start the fun of migrating and cutting over mailboxes. I have no idea how to do that seamlessly, but I need to figure it out as close as possible. Over a weekend is my best guess so far.
Click to expand...

Are they currently using GoDaddys 365? If so, you simple take over that tenant, give your Microsoft account partner rights to the tenant, give yourself a new global admin, assign your CSP licensing to replace GoDaddys licensing, and then "defederate it from GoDaddy". No migration to another tenant is necessary.
 
YeOldeStonecat said:
Are they currently using GoDaddys 365? If so, you simple take over that tenant, give your Microsoft account partner rights to the tenant, give yourself a new global admin, assign your CSP licensing to replace GoDaddys licensing, and then "defederate it from GoDaddy". No migration to another tenant is necessary.
Click to expand...

No, they just have their company domain registered through go daddy. They are not using GoDaddy365.

This effort would simply be to have their 365 tenant domain name, set up directly with microsoft, be company.com instead of company.onmicrosoft.com
 
That's a normal thing with 365, when you first register/create a 365 tenant, it gets a <whatever name you put in during the process>.onmicrosoft.com.
And then you go through steps to add the formal domain, (company.com), and make it default.
 
YeOldeStonecat said:
That's a normal thing with 365, when you first register/create a 365 tenant, it gets a <whatever name you put in during the process>.onmicrosoft.com.
And then you go through steps to add the formal domain, (company.com), and make it default.
Click to expand...
As I reread the post you replied too (needing to log in to godaddy and transfer my domain), I suppose that wasn't a very clear statement on my part.

Yeah your exactly right. They don't even seem to care that much, but I'd like the 365 tenant I set up with M$ to have their company domain. Easier to type when logging in. Maybe it doesn't even matter.... but I also want the new mailboxes to be @company.com and not @company.onmicrosoft.com (meaning, maybe I can still have them @company.com even without adding the company domain to the 365 tenant?) Thats my primary motivation. Less to type in when logging in and a clean mailbox address. I could be wrong in my assumptions though. I just know they wouldn't like handing out email address that look like "johndoe@company.onmicrosoft.com".


This is still pretty new to me, at least in terms of administration. Wrapping my mind around custom sharing permissions and how that propagates through the synced desktop folders has been the largest hurdle. That and the whole "force checkout" thing. That too though makes sense. If you force checkout, everything SHOULD be locked... until it gets checked out. I panicked a bit prematurely about that one.... they raised the "oh crap, no one can open anything" alarm and it didn't click to tell them... "well... did they check the file out".

It's all going smoother now, so far. They seem to be overall adapting pretty well.
 
You must log in or register to reply here.

Similar threads

thecomputerguy
Cut/Copy/Paste folders by date while retaining the folder structure?
Replies
5
Views
280
SAFCasper
SAFCasper
thecomputerguy
Tenant to Tenant Migration (O365)
Replies
6
Views
393
timeshifter
timeshifter
thecomputerguy
Two tenants, two domains, two companies, one shared calendar ... how?
Replies
3
Views
380
trevm999
trevm999
thecomputerguy
Sharing sharepoint data with another organization...
Replies
5
Views
495
Markverhyden
Markverhyden
HCHTech
Apple Business Essentials
Replies
1
Views
157
Markverhyden
Markverhyden
Back
Top