Are You Sure Your SharePoint Intranet Won't Break? (And How You Can Ensure It Won't)

Start fixing your intranet today with the Rencore SharePoint Sandboxed Solutions Inspector

Waldek Mastykarz

by Waldek Mastykarz on 8/28/2016

Share this:

Article Details

Date Revised:

Applies to:
no-code solution, Rencore SharePoint Sandboxed Solutions Inspector, Sandboxed Solutions, SPCAF

In last July, 2016, Microsoft announced that they are ending support for sandboxed solutions with code. In just a few days, sandboxed solutions with code will stop working and your intranet might break. What are you doing about it?

Sandboxed solutions

As SharePoint Online grew and customers wanted to keep their SharePoint customizations online, with the release of SharePoint 2010 Microsoft introduced sandboxed solutions. Sandboxed solutions were a subset of farm solutions that customers could upload to their Site Collections in SharePoint hosted on-premises but also to SharePoint Online. Using sandboxed solutions, organizations could customize SharePoint Online in a structured and repeatable manner, albeit using a subset of APIs available in SharePoint.

Many organizations also used sandboxed solutions for deploying SharePoint artifacts, such as Content Types or branding or client-side applications built using JavaScript. Such sandboxed solutions didn't contain assemblies and were often referred to as no-code sandboxed solutions.

Sandboxed solutions no more

While the original idea behind sandboxed solutions was very appealing – to be able to deploy your customizations to SharePoint Online, in reality, using sandboxed solutions was challenging. Throughout the years, the community learned that using sandboxed solutions had some serious consequences. Luckily, new patterns and practices for building SharePoint customizations emerged and over time, fewer sandboxed solutions were built.

In 2014, Microsoft announced that they will be deprecating sandboxed solutions with code. On July 29, 2016, they reminded us of it, giving customers about a month to clean up their sandboxed solutions with code.

Sandboxed solutions are being shut down: what's going to happen exactly?

Sandboxed solutions containing code will be deactivated and already it's not possible to activate new sandboxed solutions with code. No-code sandboxed solutions will remain untouched and will keep working.

While we knew about the deprecation of sandboxed solutions with code for quite some time now, and were mostly avoiding using them, there is one technical nuance that you should realize.

No-code sandboxed solution doesn't mean without an assembly

After Microsoft's deadline, sandboxed solutions without code will keep working. Sandboxed solutions with assemblies will be deactivated. While you might think your no-code sandboxed solution won't be affected, think again. By default, when building sandboxed solutions, Visual Studio included the assembly in the solution package. And even though it was empty, it was a part of the package, flagging the sandboxed solution as one with code, which means it is one that will be deactivated.

There is a kind-of fix for that

To help organizations investigate the impact of their decision, Microsoft provided a PowerShell script that administrators can run against their tenants to get a list of Site Collections using sandboxed solutions. For each solution package the script reports whether the particular solution contains an assembly or not and if it will be subject to deactivation.

While this script is definitely helpful, it takes you only half way there. Now that you know which sandboxed solutions will be disabled, you still have to investigate each one of them to find out if it contains an empty assembly or some actual code that is being used. You need to do this manually. For every single sandboxed solution.

Start fixing your intranet today with the Rencore SharePoint Sandboxed Solutions Inspector

Over the last few years here at Rencore, we built SPCAF - a powerful solution for helping organizations and developers govern their customizations and ensure they meet the quality standards. Using over 800 rules and powerful reports, we provide organizations with insights into potential issues with their SharePoint customizations. Additionally, using our experience and community best practices, we offer solutions to solve these issues.

While we understand Microsoft's decision to shut down support for sandboxed solutions with code, we realize how serious its impact might be on your organization. The end of support for sandbox solutions is soon. So to help you prevent your intranet from breaking, today we share a part of SPCAF – for you to use for free, to help you quickly understand the situation of your SharePoint Online tenant and sandboxed solutions and maybe even fix some of them.

Running the Rencore SharePoint Sandboxed Solutions Inspector

After downloading the Rencore SharePoint Sandboxed Solutions Inspector, you can directly run it, no installation needed. All you need to do is to enter the URL of your tenant (e.g., or a single Site Collection (

Optionally, you can choose to have the Rencore SharePoint Sandboxed Solutions Inspector remove empty assemblies from the sandboxed solutions for you.

Using the SPCAF engine, you get the list of sandboxed solutions in your tenant/Site Collection and analyze their contents. We not only let you know if a solution package contains an assembly or not, but we also analyze the assembly to check if its empty or if it contains code you would need to investigate further!

Also notice how we don't ask you for your credentials. Once you start the analysis, you will see a popup with the Azure Active Directory (AAD) login page. Rencore takes security seriously, and we believe you should never have to hand out your organization's credentials, ever, to anyone. By using the popup with AAD login, we respect your Multi-Factor Authentication or ADFS settings, should you use them, and your credentials are kept private between you and AAD. All the Rencore SharePoint Sandboxed Solutions Inspector gets is the cookie to access SharePoint once the authentication completes.

As the analysis progresses, you can see how many sandboxed solutions the Rencore SharePoint Sandboxed Solutions Inspector discovered.

Once the analysis completes, we provide you with a detailed report about the Site Collections we analyzed, sandboxed solutions we found and their contents. If we found sandboxed solutions with empty assemblies, and you chose to have the Rencore SharePoint Sandboxed Solutions Inspector remove the empty assemblies for you. You will find these updated solutions in the output folder you chose when starting the analysis from where you will be able to test them and upload them to your Site Collections.

We hope that the Rencore SharePoint Sandboxed Solutions Inspector will help you alleviate the pain of the end of support for sandboxed solutions with code for your organization/customers. We would love to hear what you think of the Rencore SharePoint Sandboxed Solutions Inspector and how it helped you, but we totally understand it if you let us know after Microsoft's deadline has passed.

Now go visit to download the Rencore SharePoint Sandboxed Solutions Inspector for free and start fixing your intranet today.

Topic: SharePoint and Office 365

Sign in with

Or register