Enterprise Recon 2.3
SharePoint Online
This section covers the following topics:
- Licensing
- Requirements
- Set Up SharePoint Online as a Target
- Edit SharePoint Online Target Path
- Deleted SharePoint Online Sites
Licensing
For Sitewide Licenses, all scanned SharePoint Online Targets consume data from the Sitewide License data allowance limit.
For Non-Sitewide Licenses, SharePoint Online Targets require Server & DB Licenses, and consume data from the Server & DB License data allowance limit.
See Target Licenses for more information.
Requirements
| Component | Description | 
|---|---|
| Proxy Agent | ER 2.0.28 Agent and newer. Recommended Proxy Agents: 
 | 
| TCP Allowed Connections | Port 443 for cloud services. | 
Set Up SharePoint Online as a Target
To add a SharePoint Online Target:
- From the New Scan page, Add Targets.
- In the Select Target Type dialog box, select Microsoft 365 > SharePoint Online.
- 
    Fill in the following fields: 
  Field Description SharePoint Online Domain Enter your SharePoint Online organization name. 
 For example, if you access SharePoint Online at https://mycompany.sharepoint.com, enter mycompany.New Credential Label Enter a descriptive label for the credential set. New Username Enter a SharePoint Online user's email address. 
 User must have Read permissions to the top-level root site collection, and minimum Read permissions to all site collections, sites and lists to be scanned.New Password Enter the password for the SharePoint Online user. Agent to act as proxy host Select a Proxy Agent. Recommended Least Privilege User ApproachTo reduce the risk of data loss or privileged account abuse, the Target credentials provided for the intended Target should only be granted read-only access to the exact resources and data that require scanning. Never grant full user access privileges or unrestricted data access to any application if it is not required. 
- Click Test. If ER2 can connect to the Target, the button changes to a Commit button.
- Click Commit to add the Target.
Edit SharePoint Online Target Path
- Set Up SharePoint Online as a Target.
- In the Select Locations section, select your SharePoint Online Target and click Edit.
- In the Edit SharePoint Online dialog box, enter the site collection to scan in the Path. Use the following syntax:
    Description, Syntax and Example Scan all resources for the SharePoint Online web application. This includes all site collections, sites, lists, list items, folders and files. Syntax: Leave Path blank. Scan a site collection. This includes all sites, lists, list items, folders and files for the site collection. Syntax: <organization>.sharepoint.com/<site_collection> Example: https://example.sharepoint.com/operations Scan a site in a site collection. Syntax: <organization>.sharepoint.com/<site_collection>/<site> Example: https://example.sharepoint.com/operations/my-site Scan all lists in a site collection. Syntax: <organization>.sharepoint.com/<site_collection>/:site/:list Example: https://example.sharepoint.com/operations/:site/:list Scan a specific list in a site collection. Syntax: <organization>.sharepoint.com/<site_collection>/:site/:list/<list> Example: https://example.sharepoint.com/operations/:site/:list/my-list Scan all folders and files in a site collection. Syntax: <organization>.sharepoint.com/<site_collection>/:site/:file Example: https://example.sharepoint.com/operations/:site/:file Scan a specific folder in a site collection. Syntax: <organization>.sharepoint.com/<site_collection>/:site/:file/<folder> Example: https://example.sharepoint.com/operations/:site/:file/documents Scan a specific file in a site collection. Syntax: <organization>.sharepoint.com/<site_collection>/:site/:file/<file> Example: https://example.sharepoint.com/operations/:site/:file/my-file.txt Scan a specific file within a folder in a site collection. Syntax: <organization>.sharepoint.com/<site_collection>/:site/:file/<folder>/<file> Example: https://example.sharepoint.com/operations/:site/:file/documents/my-file.txt 
- Click Test and then Commit to save the path to the Target location.
Deleted SharePoint Online Sites
In SharePoint Online, deleted sites or site collections are retained for 93 days in the site Recycle Bin, unless deleted permanently. These deleted sites or site collections in SharePoint Online Targets are still discoverable by ER2, but will result in "HTTP 404" errors when attempting to probe or scan them.