Are you sure your SharePoint intranet won't break? (and how you can ensure it won't)


Last week Microsoft announced that they are ending support for Sandboxed Solutions with code. In less than 30 days Sandboxed Solutions with code will stop working and your intranet might break. What are you doing about it?

Sandboxed Solutions

As SharePoint Online grew and customers wanted to keep their SharePoint customizations online, with the release of SharePoint 2010 Microsoft introduced Sandboxed Solutions. Sandboxed Solutions were a subset of Farm Solutions that customers could upload to their Site Collections in SharePoint hosted on-premises but also, what’s more important, in SharePoint Online. Using Sandboxed Solutions organizations could customize SharePoint Online in a structured and repeatable manner, albeit using a subset of APIs available in SharePoint.

Many organizations also used Sandboxed Solutions for deploying SharePoint artifacts, such as Content Types or branding or client-side applications built using JavaScript. Such Sandboxed Solutions didn’t contain assemblies and were often referred to as No-Code Sandboxed Solutions.

Sandboxed Solutions no more

While the original idea behind Sandboxed Solutions was very appealing - to be able to deploy your customizations to SharePoint Online, in reality using Sandboxed Solutions was challenging. Throughout the years the community learned that using Sandboxed Solutions had some serious consequences. Luckily new patterns and practices for building SharePoint customizations emerged and over time fewer Sandboxed Solutions were built.

In 2014 already Microsoft announced that they will be deprecating Sandboxed Solutions with code. Last week they reminded us of it, giving us 30 more days to clean up our Sandboxed Solutions with code.

Sandboxed Solutions are being shut down: what’s going to happen exactly?

In less than 30 days Microsoft is going to shut down support for Sandboxed Solutions with code. Sandboxed Solutions containing code will be deactivated and Already it’s not possible to activate new Sandboxed Solutions with code. No-Code Sandboxed Solutions will remain untouched and will keep working.

While we knew about the deprecation of Sandboxed Solutions with code for quite some time now, and were mostly avoiding using them, there is one technical nuance that you should realize.

No-Code Sandboxed Solution doesn’t mean without an assembly

Past the 30 days notice Sandboxed Solutions without code will keep working. Sandboxed Solutions with assemblies will be deactivated. While you might think your No-Code Sandboxed Solution won’t be affected think again. By default, when building Sandboxed Solutions, Visual Studio included the assembly in the solution package. And even though it was empty, it was a part of the package, flagging the Sandboxed Solution as one with code, one that will be deactivated in less than 30 days time.

There is a kind-of fix for that

To help organizations investigate the impact of their decision, Microsoft provided a PowerShell script that administrators can run against their tenants to get a list of Site Collections using Sandboxed Solutions. For each solution package the script reports whether the particular solution contains an assembly or not and if it will be subject to deactivation.

While this script is definitely helpful, it takes you only half way there. Now that you know which Sandboxed Solutions will be disabled affected, you still have to investigate each one of them to find out if it contains an empty assembly or some actual code that is being used. You need to do this manually. For every. Single. Sandboxed. Solution.

Start fixing your intranet today with the Rencore SharePoint Sandboxed Solutions Inspector

Over the last few years here at Rencore we built SPCAF - a powerful solution for helping organizations and developers govern their customizations and ensure they meet the quality standards. Using over 800 rules and powerful reports we provide organizations with insights into potential issues with their SharePoint customizations. Additionally, using our experience and community best practices, we offer solutions to solve these issues.

While we understand Microsoft’s decision to shut down support for Sandboxed Solutions with code, we realize how serious its impact might be on your organization. 30 days is closer than you think. So to help you prevent your intranet from breaking, today we share a part of SPCAF - for you to use for free, to help you quickly understand the situation of your SharePoint Online tenant and Sandboxed Solutions and maybe even fix some of them.

Running the Rencore SharePoint Sandboxed Solutions Inspector

After downloading the Rencore SharePoint Sandboxed Solutions Inspector you can directly run it, no installation needed. All you need to do is to enter the URL of your tenant (eg. https://contoso-admin.sharepoint.com) or a single Site Collection (https://contoso.sharepoint.com).

Specifying the URL of SharePoint Online tenant in the Rencore SharePoint Sandboxed Solutions Inspector

Optionally, you can choose to have the Rencore SharePoint Sandboxed Solutions Inspector remove empty assemblies from the Sandboxed Solutions for you.

Having the Rencore SharePoint Sandboxed Solutions Inspector automatically remove empty assemblies for you

Using the SPCAF engine we get the list of Sandboxed Solutions in your Tenant/Site Collection and analyze their contents. We not only let you know if a solution package contains an assembly or not, but we also analyze the assembly to check if its empty or if it contains code you would need to investigate further!

Also notice how we don’t ask you for your credentials. Once you start the analysis, you will see a popup with the Azure Active Directory (AAD) login page. At Rencore we take security seriously and we believe you should never have to hand out your organization credentials, ever, to no one. By using the popup with AAD login we respect your Multi-Factor Authentication or ADFS settings, should you use them, and your credentials are kept private between you and AAD. All the Rencore SharePoint Sandboxed Solutions Inspector gets, is the cookie to access SharePoint once the authentication completes.

Azure Active Directory login popup in the Rencore SharePoint Sandboxed Solutions Inspector

As the analysis progresses you can see how many Sandboxed Solutions the Rencore SharePoint Sandboxed Solutions Inspector discovered.

Quick overview of Sandboxed Solutions found in SharePoint Online in the Rencore SharePoint Sandboxed Solutions Inspector

Once the analysis completes, we provide you with a detailed report about the Site Collections we analyzed, Sandboxed Solutions we found and their contents. If we found Sandboxed Solutions with empty assemblies, and you chose to have the Rencore SharePoint Sandboxed Solutions Inspector remove it for you, you will find these updated solutions in the output folder you chose when starting the analysis from where you will be able to test them and upload them to your Site Collections.

Rencore SharePoint Sandboxed Solutions Inspector analysis report

We hope that the Rencore SharePoint Sandboxed Solutions Inspector will help you alleviate the pain of the end of support for Sandboxed Solutions with code for your organization/customers. We would love to hear what you think of the Rencore SharePoint Sandboxed Solutions Inspector and how it helped you, but we totally understand it if you let us know in about 30 days.

Now go visit http://url.spcaf.com/sbslp to download the Rencore SharePoint Sandboxed Solutions Inspector for free and start fixing your intranet today.

Update August 11: Microsoft has just confirmed that no solutions will be automatically deactivated:

The code from assemblies in Sandboxed Solutions will stop working but the solutions will remain activated. Still, it’s wise to remove all assemblies from Sandboxed Solutions today, because past the closure of the User Code Host Service you won’t be able to update them.

Others found also helpful: