Skip Ribbon Commands
Skip to main content

Quick Launch

Todd Klindt's home page > Todd Klindt's Office 365 Admin Blog > Posts > Finding All the SharePoint 2010 Workflows in SharePoint Online
July 09
Finding All the SharePoint 2010 Workflows in SharePoint Online

Workflow Retirement Series TOC

Part 1 - SharePoint 2010 and 2013 Workflows Kaput in Office 365
Part 2 - Finding All the SharePoint 2010 Workflows in SharePoint Online 
Part 3 - Find Only the Active SharePoint 2010 Workflows in SharePoint Online
Part 4 - Use PowerShell to Work with SharePoint 2010 Workflow Scan 

   
By now you’ve probably seen Microsoft’s announcement that they’re going to remove SharePoint 2010 Workflows on November 1st, 2020. SharePoint 2013 Workflows aren’t too far behind. Not only did they not give us much time to rewrite these workflows in Power Automate, there aren’t any great ways to find out where they are in the first place. Since the beauty of SharePoint is how it empowers users to create, it’s likely that users are making workflows all over and admins have no exposure to it. Today I’m going to show you how to use the SharePoint Modernization Scanner (SMS) to find those Workflows that will soon be shown the door. The SMS is a general tool that helps people already in Office 365 to Modernize individual pieces of the platform. Workflow is one of those pieces.  So while the tool wasn’t meant for exactly this scenario, it fits nicely.

To get started, download the SMS from the link on this page. It’s going to come down as an EXE, there’s no installation. I recommend copying it to its own location. When it creates its logs it creates them in the folder it was run from, and I’ve found it helpful to keep all of that in one place. In the screenshots in this blog post, I copied

SharePoint.Modernization.Scanner.exe to D:\SMAT. When you run the tool without any parameters it guides you through a UI Wizard. The first decision you have to make is how you’re going to authenticate against your tenant.

image 

The default option is “Azure AD App Only” and it’s my recommendation that you go that route. You’ll notice there’s a very comfy looking “Username and password” option farther down the list. It’s tempting to go that route, as it’s much easier, but if you’re running the tool seriously in production, go to the extra work and create an App Registration for it. If there’s interest, I might do a blog post on that, too. It’s less scary than it seems. Here’s what my screen looked like all filled out.

image 

The Application ID can be copied directly from the Overview page of the App Registration itself. The domain is the Azure AD domain, and it will most likely be a *.onmicrosoft.com address. This can be a bit confusing since we’re doing all of this in the context of SharePoint. It can feel like you should use tenant.sharepoint.com, but that won’t work. The App Registration is an Azure AD thing that happens to work with SharePoint. If you’re not sure what the correct Domain is, go to the Azure Active Directory Dashboard Overview page and find Primary Domain.

image 

You will also need the PFX file for the certificate that was used for the App Registration, and the password for that cert.

After you’ve entered that hit Next. The next screen lets you choose which Site Collections you’ll be scanning. The environments I’ve run this on are small enough that I’ve been able to stick with the “Complete Tenant” option, but you can also choose them individually or feed the tool a CSV file. These options are handy if your tenant is large. You also need to enter your SharePoint tenant name in this screen.

image 

The next screen is the whole reason we’re here, to scan those Workflows. The tool can find all manner of objects that can Modernized, and I encourage you to scan for all of them at some point, but I just chose Workflows to speed things along.

image 

The final screen has some options. I always go with the defaults.

image 

Hit “Start scan” and then anxiously await the report. It’ll look like this.

image 

Maybe pop some popcorn. It might take a minute. Finally you’ll get this:

image 

If you want to run it all from the command line like a hot shot, run this command with your own values in place of mine.

.\SharePoint.Modernization.Scanner.exe --azuretenant M365x541279.onmicrosoft.com --certificatepfx "d:\smat\SMAT App Reg.pfx" --certificatepfxpassword pass@word1 --tenant M365x541279 --mode WorkflowOnly --clientid a204b312-c2a9-4a47-861c-b0c874e8219a

If you're running version 2.14.0.0 or later you need to change the operation to WorkflowWithDetailsOnly. Starting in 2.14.0.0 WorkflowOnly gives fewer details about the individual Workflows. My 2.14.0.0 and later command line looks like this:

.\SharePoint.Modernization.Scanner.exe --azuretenant M365x541279.onmicrosoft.com --certificatepfx "d:\smat\SMAT App Reg.pfx" --certificatepfxpassword pass@word1 --tenant M365x541279 --mode WorkflowWithDetailsOnly --clientid a204b312-c2a9-4a47-861c-b0c874e8219a​ 


It looks like this:

image 

Once the scanner is finished it’ll drop a bunch of files into the folder listed above. Mine looked like this:

image 

Since we only care about Workflows we can jump right into the ModernizationWorkflowScanResults.csv file and see where workflows are hiding out in our tenant. You may also want to give Errors.csv a once over just to see if everything went fine. Here’s my workflow report:

image 

The report is pretty good. We can see I have two workflows, one 2010 and 2013. We can see which site and list they’re in. We can also see that the 2010 is published (Enabled) and the 2013 is only saved. If you go farther to the right there are also columns that indicate when it was changed last. Lots of good information there. At this point you’ll probably want to reach out to the site owner and have them verify if the Workflow is being used. You or they will have to connect with SharePoint Designer (still free) and start figuring out how to turn that workflow into a Flow.

I could end the blog post here. I’ve delivered the promised content, and did a fine job if I do say so myself. You’ve gotten your money’s worth. Smile I want to add one additional bit though. In that same report directory is Office 365 Classic workflow inventory.xlsx. That’s another Excel document with workflow information, but it uses a fancy Pivot Table to show it. You and I, we’re technical folks. The raw spreadsheet with sites and lists is what we wanted. But we likely have bosses (with or without pointy hair) and they like pictures. That’s where this last file comes in. Open up Office 365 Classic workflow inventory.xlsx and click “Enable” in the bar at the top. When you click Enable the spreadsheet will load the information from the ModernizationWorkflowScanResults.csv file and make it look all pretty.

image 

That version will look better on a PowerPoint. You’ve got some filters to play with, really put some polish on it. Smile 

Hopefully this will help you chase down the SharePoint 2010 and 2013 Workflows in your Office 365 tenant. Let me know how it worked. You can leave a comment here, or reach out on Twitter at @toddklindt.

tk

ShortURL: https://www.toddklindt.com/FindO365Workflows

Edit (7/9/20): Edited to replace wrong tool name with SharePoint Modernization Scanner.

Edit (7/10/20): Edited to add command line syntax.

Edit (7/27/20): Edited to add the 2.14.0.0 and later command line syntax.

Comments

Thanks for posting this Todd!

You are still the man, I don't care what Shane says!!
 on 7/10/2020 10:44 AM

Re: Thanks for posting this Todd!

You're very welcome. I'm happy to hear it's helpful.
tk
Todd O. KlindtNo presence information on 7/10/2020 10:48 AM

Start Scan Broke

Hi Todd,

Firstly, thank you for writing this. Using Sharegate, I ran a report which told me I have over 500 enabled workflows (fuuu...n). So I thought I'd run through this article to see what further info I could get on these workflows. However, I get an error when running the scan saying "Unhandled Exception: System.Security.Cryptography.CryptographicException: The specified network password is not correct." Any ideas where I might've gone wrong?
 on 7/17/2020 3:30 AM

Re: Start Scan Broke

Well, the obvious question is, are you sure the password is correct? :) Which authentication method did you use? I had various issues when I tried the username and password route. The App Registration method is much better.

tk
Todd O. KlindtNo presence information on 7/19/2020 9:17 PM

Scan Not Completing

I ran a scan and it seemed to be working. I let it run and walked away for several hours. I came back and it's still running, however it's only a list of hundreds of "Retrieving a batch of up to 500 search results" lines over and over and over.  Any idea what's going on there?
 on 7/21/2020 3:23 PM

Disregard

You can disregard my earlier posts (sorry for the double posting).  I let the scanner sit overnight and this morning it had completed and my reports were generated.  I am guessing the issue was the fact that I scanned well over 2500 sites and I had almost 150 results, so it must have taken a long time to process everything...Thanks for this info, it will be very helpful!
 on 7/22/2020 8:18 AM

Difference between Azure AD App only and just username/password?

What's the difference between running the scanner in Azure AD App only mode versus just giving it global admin credentials (username and password)?

I tried going down the path of configuring everything needed for Azure AD App only mode and I just felt like I was going down a rabbit hole.
 on 7/22/2020 5:13 PM

Re: Scan Not Completing

I've had some run long too, I understand. :)
tk
Todd O. KlindtNo presence information on 7/23/2020 11:52 AM

Re: Difference between Azure AD App only and just username/password?

I don't think a Global Admin user has access to all of the SharePoint sites, just the ability to give itself access to the sites. When you do an App Registration it does have access. That has been my experience.
tk
Todd O. KlindtNo presence information on 7/23/2020 11:54 AM

Permissions for App Registration?

This whole series of blog posts is great, thanks a TON!! 

What permissions did you have configured for the App Registration?  I currently have mine set to User.Read (Microsoft Graph) and Sites.Manage.All, Sites.Read.All, User.Read.All (SharePoint). 

The report completed without any errors and shows 0 workflows.  However, when I use Sharegate it returns almost 1000 - 2010/2013 workflows.  Although it would be nice, I seriously doubt that I don't have any workflows that need attention.  :)

Thanks,
John
 on 8/4/2020 3:35 PM

Add Comment

Items on this list require content approval. Your submission will not appear in public views until approved by someone with proper rights. More information on content approval.

Title


Body *


Today's date *

Select a date from the calendar.
Please enter today's date so I know you are a real person

Twitter


Want a message when I reply to your comment? Put your Twitter handle here.

Attachments

 

 SysKit