text/microsoft-resx 2.0 System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 SharePoint Toolbox Connect Manage Profiles... Clear Session Permissions Storage File Search Duplicates Versions Version cleanup Libraries Retention policy Select libraries... Reset (all libraries) Delete old versions Keep last: Also keep the very first version Ask for confirmation before running Only historical versions are removed. The current published version is always kept. The action cannot be undone. All libraries (no filter) {0} library/libraries selected Delete historical file versions, keeping the last {0} {1}? This cannot be undone. (plus the first version) "Keep last" must be 0 or greater. Files trimmed: Versions deleted: Bytes freed: Library File Before Deleted Remaining Freed Path Error Select libraries Loading libraries... {0} libraries loaded. Select all Select none Templates Bulk Operations Folder Structure Settings Coming soon Cancel Language English French Theme Use system setting Light Dark Data output folder Browse... Profile name Tenant URL Client ID Optional — leave blank to register the app automatically Add Save Delete Create a new profile from the values entered above. Save changes to the selected profile. Delete the selected profile. Registering an app may prompt you to sign in up to {0} times. Continue? Ready Complete Operation cancelled Authentication failed. Check tenant URL and Client ID. An error occurred. See log for details. Scan Options Scan Folders Recursive (subsites) Folder depth: Maximum (all levels) Include Inherited Permissions Simplified mode Display Options Export Format CSV Detailed (all rows) Simple (summary only) HTML Generate Report Open Report View Sites Site URL: or select multiple sites: {0} site(s) selected Per-Library Breakdown Include Subsites Note: deeper folder scans on large sites may take several minutes. Generate Metrics Open Report Library Site Files Total Size Version Size Last Modified Share of Total CSV HTML Kind Library Hidden Library Preservation Hold List Attachments Recycle Bin Subsite Scan Sources Show in Report Hidden Libraries Preservation Hold List Attachments Recycle Bin Libraries Hidden Libraries Preservation Hold List Attachments Recycle Bin Subsites Combine Recycle Bin Stages (show total) SPO reported total: Recycle Bin: Search Filters Detail level: Extension(s): docx pdf xlsx Name / Regex: Ex: report.* or \.bak$ Created after: Created before: Modified after: Modified before: Created by: First Last or email Modified by: First Last or email Library: Optional relative path e.g. Shared Documents Max results: Site URL: user(s) https://tenant.sharepoint.com/sites/MySite Run Search Open Results File Name Extension Created Modified Created By Modified By Size Path CSV HTML Duplicate Type Duplicate files Duplicate folders Comparison Criteria Name is always the primary criterion. Check additional criteria: Same size Same creation date Same modification date Same subfolder count Same file count Include subsites All (leave empty) Run Scan Open Results Transfer Bulk Members Bulk Sites Folder Structure Source Site Destination Site Source Library Destination Library Source Folder Destination Folder Transfer Mode Copy Move Conflict Policy Skip Overwrite Rename (append suffix) Browse... Start Transfer No files found to transfer. Import CSV Load Example Add Members Preview ({0} rows, {1} valid, {2} invalid) Group Name Group URL Email Role Import CSV Load Example Create Sites Preview ({0} rows, {1} valid, {2} invalid) Name Alias Type Owners Members Import CSV Load Example Create Folders Preview ({0} folders to create) Target Library Site URL Saved Templates Capture Template Apply Template Rename Delete Source Site URL Template Name New Site Title New Site Alias Capture Options Libraries Folders Permission Groups Site Logo Site Settings No templates saved yet. Confirm Operation Proceed Cancel {0} — Proceed? Completed: {0} succeeded, {1} failed All {0} items failed. All {0} items completed successfully. Export Failed Items Retry Failed {0} rows have validation errors. Fix and re-import. Select CSV File CSV Files (*.csv)|*.csv Select Folder Loading folder tree... Select Cancel Select Sites Select target sites for all tabs Connect to a tenant first {0} site(s) selected No sites selected User Access Audit Select Users Target Sites Scan Options Search users by name or email... {0} user(s) selected Run Audit Export CSV Export HTML Split Single file By site By user HTML layout Separate files Single tabbed file Total Accesses Sites High Privilege By User By Site Filter results... Select at least one user to audit. Select at least one site to scan. Storage by File Type Donut Chart Bar Chart Chart View: Run a storage scan to see file type breakdown. MSP Logo Import Clear No logo configured Client Logo Import Clear Pull from Entra No logo configured Search Browse Directory User Directory Load Directory Cancel Filter users... Include guests users Double-click a user to add to audit Name Email Department Job Title Type Export Options Merge duplicate permissions Hide raw system group names (SharingLinks, Limited Access) Exclude sharing links Exclude system groups (Limited Access) Register App Remove App Checking permissions... Registering application... Application registered successfully Registration failed Insufficient permissions for automatic registration Removing application... Application removed successfully Manual Registration Required 1. Go to Azure Portal > App registrations > New registration 2. Name: 'SharePoint Toolbox - {0}', Supported account types: Single tenant 3. Redirect URI: Public client, https://login.microsoftonline.com/common/oauth2/nativeclient 4. Under API permissions, add: Microsoft Graph (User.Read, User.Read.All, Group.Read.All, Directory.Read.All) and SharePoint (AllSites.FullControl) 5. Grant admin consent for all permissions 6. Copy the Application (client) ID and paste it in the Client ID field above Site Ownership Automatically take site collection admin ownership on access denied When enabled, the app will automatically elevate to site collection admin when a scan encounters an access denied error. Requires Tenant Admin permissions. This site was automatically elevated — ownership was taken to complete the scan User Access Audit Report User Access Audit Report (Consolidated) SharePoint Permissions Report SharePoint Permissions Report (Simplified) SharePoint Storage Metrics SharePoint Duplicate Detection Report Duplicate Detection Report SharePoint File Search Results File Search Results SharePoint Version Cleanup Report Version Cleanup Report Total Accesses Users Audited Sites Scanned High Privilege External Users Total Entries Unique Permission Sets Distinct Users/Groups Libraries Files Total Size Version Size Guest Direct Group Inherited Unique By User By Site Filter results... Filter permissions... Filter rows… Filter: Site Sites Object Type Object Permission Level Access Type Granted Through User Title URL Users/Groups Simplified Risk Library / Folder Last Modified Name Library Path Size Created Modified Created By Modified By File Name Extension File Type File Count Error Timestamp # Group Total Size (MB) Version Size (MB) Size (MB) Size (bytes) accesses access(es) site(s) permission(s) copies duplicate group(s) found. result(s) of shown Generated Generated: members unavailable Empty group Link (no ext) (no extension) high-priv Storage by File Type Library Details Select Sites Filter: Type: All Team sites (MS Teams) Communication Classic Other Size (MB): min max Title URL Type Size Load Sites Select All Deselect All OK Cancel Loading sites... {0} sites loaded. {0} / {1} sites shown. Error: {0} Team site Communication Classic Other Valid Errors Close + New Folder Guest Input Manage Profiles Profiles Group Copies Level 1 Level 2 Level 3 Level 4 Unique Perms Permission Levels Principal Type Total Size: Version Size: Files: Source Captured file(s) selected Include source folder at destination When on, recreate the source folder under the destination. When off, drop contents directly into the destination folder. Copy folder contents When on (default), transfer files inside the folder. When off, only the folder is created at the destination. No tenant connected. No tenant selected. Please connect to a tenant first. No tenant profile selected. Please connect first. Select at least one site from the toolbar. Add at least one user to audit. No valid rows to process. Import a CSV first. Template name is required. New site title is required. New site alias is required. Source site and library must be selected. Destination site and library must be selected. Library title is required. Capturing template... Template captured successfully. Capture failed: {0} Applying template... Template applied. Site created at: {0} Apply failed: {0} Searching... user(s) files sites entries Simplified Permissions Mode Groups raw SharePoint permissions into readable labels (Owner, Editor, Contributor, Reader, View-Only) and color-codes rows by risk level. Useful for a quick security overview without permission-level jargon. Merge Permissions When enabled, multiple permission entries for the same user or group are consolidated into a single row in the export, reducing report size. Disable to see every individual permission assignment separately. Hide System Groups Removes automatically-created SharePoint system groups from results (e.g. "Excel Services Viewers", "SharingLinks.*" groups). These groups are managed internally by SharePoint and are typically not relevant for user access audits. Exclude Sharing Links Removes sharing link entries from results and exports (e.g. "Anyone with the link", organisation-wide links). Useful when you only care about direct user and group permissions. Exclude System Groups (Limited Access) Removes "Limited Access System Group For Web/List" entries from results and exports. SharePoint creates these automatically when a user has item-level access; they are rarely relevant for user access audits. Include Inherited Permissions By default only objects with unique (broken) permissions are reported. Enable this to also include objects that inherit permissions from a parent, giving a complete picture of who can access every item. Export Split Mode Single File: all results are saved in one CSV or HTML file. Split by Site: creates a separate file for each site collection. Useful when auditing large multi-site tenants to keep individual files manageable. KQL File Search Searches files across your SharePoint sites using KQL (Keyword Query Language). The keyword field is optional — leave it empty to return all files matching only the active filters. Combine date range, author, and library filters to narrow results. Filename Regex Filter Post-filters results client-side using a .NET regular expression matched against file names. Example: \.pdf$ matches only PDF files. Leave blank to skip this filter. The expression is case-insensitive. Version Cleanup Policy Permanently deletes old document versions from SharePoint libraries. Only the N most recent versions are kept — older ones are removed permanently and cannot be recovered. Run a preview scan first to see what will be deleted. Keep First Version Always preserves version 1.0 (the original) of each document, regardless of the "Keep Last N" setting. Useful to maintain an audit trail of a document's initial state. Confirm Before Delete When enabled, a confirmation dialog appears for each file before its versions are deleted. Uncheck for unattended batch processing. Duplicate Matching Criteria Two items are flagged as duplicates when their names match AND all checked additional criteria also match. More criteria checked = fewer groups, but more precise matches. Using name only finds files with the same filename anywhere in the site, regardless of content. Include Source Folder When enabled, the source folder itself is recreated at the destination (e.g. transferring "Reports" creates a "Reports/" folder at the target). When disabled, only the contents inside the folder are transferred — useful when merging into an existing destination folder. Copy Folder Contents Only When enabled, only the files and subfolders inside the selected folder are transferred — the selected folder itself is not recreated at the destination. File Conflict Policy Defines what happens when a file with the same name already exists at the destination: • Skip — leave the existing destination file unchanged. • Overwrite — replace the destination file with the source file. • Rename — keep both by appending a number suffix to the transferred file's name. Bulk Add Members — CSV Format The CSV file must contain these columns (headers required, order is flexible): • GroupName — the exact SharePoint group name • Email — the user's email address • Role — Member, Owner, or Visitor Click "Load Example" to open a pre-filled sample file. Bulk Create Sites — CSV Format The CSV file must contain these columns: • Name — the display name for the new site • Alias — URL alias (no spaces; becomes part of the site URL) • Type — TeamSite or CommunicationSite • Owners — comma-separated list of owner email addresses Click "Load Example" to open a pre-filled sample file. Create Folder Structure — CSV Format Creates a folder hierarchy inside a SharePoint library from a CSV file. Each row defines one folder path using up to 4 levels (Level1–Level4). Leave deeper level columns empty for shallower paths. Example row: Contracts | 2024 | Q1 | (empty) Creates: Library / Contracts / 2024 / Q1 Capture Site Template Saves the currently selected site's structure (libraries, folder hierarchy, permissions, settings, and logo) as a reusable template stored locally on your machine. The source site is not modified in any way. Select which elements to include using the checkboxes above. Apply Template to New Site Creates a brand-new SharePoint site and reproduces the structure captured in the selected template — including libraries, folders, permissions, settings, and logo. The source template and original site are not affected. Provide a display name and URL alias for the new site before clicking Apply. Search vs Browse Mode Search Mode: type a name or email to find a specific user via Azure AD. Matching users appear in a list — click to select them for the audit. Browse Mode: loads all users in your tenant directory. Use the filter box to narrow the list, then double-click a row to add the user to the audit. User Access Audit vs Permissions Audit The Permissions tab scans objects (libraries, folders, items) and shows who has access to each one. This tab does the reverse: you select one or more users and it finds every object they can access — including access granted via SharePoint groups or Active Directory groups. Hidden Libraries Scans SharePoint libraries hidden from the site's normal navigation (e.g. Site Assets, Style Library, Form Templates). These can consume significant storage and are often overlooked in routine audits. Preservation Hold Library A hidden SharePoint library that stores versions of documents modified or deleted while a Microsoft Purview / Microsoft 365 Compliance retention policy is active. It can grow very large over time without being visible to normal site users.