A SharePoint Online Health Check Report helps administrators monitor the overall status of their SharePoint sites, including:
Site storage usage
Active/Inactive sites
Orphaned users
Permissions & sharing settings
Security & compliance issues
Using PnP PowerShell, we can automate this report to track potential problems before they impact users.
Step 1: Connect to SharePoint Online
Before running health checks, authenticate with PnP PowerShell:
$adminUrl = "https://yourtenant-admin.sharepoint.com"
Connect-PnPOnline -Url $adminUrl -Interactive
Write-Host " Connected to SharePoint Online Admin Center"
✔ Ensures secure access to the SharePoint Admin Center.
Step 2: Retrieve All SharePoint Online Sites
Fetch all SharePoint Online site collections to analyze their health:
$allSites = Get-PnPTenantSite
Write-Host " Total SharePoint Sites: $($allSites.Count)"
✔ Provides an overview of all site collections.
Step 3: Check Storage Usage for Each Site
Monitor storage consumption to prevent exceeding allocated limits:
$siteStorageReport = @()
foreach ($site in $allSites) {
$storageUsedMB = [math]::Round($site.StorageUsageCurrent / 1024, 2)
$storageLimitMB = [math]::Round($site.StorageMaximumLevel / 1024, 2)
$siteStorageReport += [PSCustomObject]@{
SiteURL = $site.Url
StorageUsedMB = $storageUsedMB
StorageLimitMB = $storageLimitMB
Status = if ($storageUsedMB -gt ($storageLimitMB * 0.9)) { "⚠️ Near Limit" } else { " Healthy" }
}
}
$siteStorageReport | Format-Table -AutoSize
✔ Identifies sites nearing storage limits.
Step 4: Identify Inactive Sites
Detect unused sites (no activity in 6+ months):
$inactiveSites = $allSites | Where-Object { $_.LastContentModifiedDate -lt (Get-Date).AddMonths(-6) }
Write-Host " Inactive Sites (No activity in 6+ months): $($inactiveSites.Count)"
$inactiveSites | Select Url, LastContentModifiedDate | Format-Table -AutoSize
✔ Helps clean up unused sites.
Step 5: Detect Orphaned Users
Find users who no longer exist in Azure AD but still have SharePoint permissions:
$orphanedUsers = @()
foreach ($site in $allSites) {
$users = Get-PnPUser -Site $site.Url
foreach ($user in $users) {
if ($user.LoginName -like "*#EXT#*") { # External users
continue
}
$azureUser = Get-MsolUser -UserPrincipalName $user.LoginName -ErrorAction SilentlyContinue
if (-not $azureUser) {
$orphanedUsers += [PSCustomObject]@{
SiteURL = $site.Url
UserName = $user.LoginName
}
}
}
}
Write-Host " Orphaned Users Found: $($orphanedUsers.Count)"
$orphanedUsers | Format-Table -AutoSize
✔ Identifies users with outdated permissions.
Step 6: Check External Sharing Settings
List sites with external sharing enabled to assess security risks:
$externalSharingSites = $allSites | Where-Object { $_.SharingCapability -ne "Disabled" }
Write-Host " Sites with External Sharing Enabled: $($externalSharingSites.Count)"
$externalSharingSites | Select Url, SharingCapability | Format-Table -AutoSize
✔ Helps enforce data protection policies.
Step 7: Generate a CSV Report
Compile findings into a CSV report for documentation:
$reportData = @()
foreach ($site in $allSites) {
$reportData += [PSCustomObject]@{
SiteURL = $site.Url
StorageUsedMB = [math]::Round($site.StorageUsageCurrent / 1024, 2)
StorageLimitMB = [math]::Round($site.StorageMaximumLevel / 1024, 2)
LastModified = $site.LastContentModifiedDate
ExternalSharing = $site.SharingCapability
}
}
$reportPath = "C:\Reports\SharePointHealthCheck.csv"
$reportData | Export-Csv -Path $reportPath -NoTypeInformation
Write-Host " Health Check Report Generated: $reportPath"
✔ Provides detailed insights into SharePoint Online health.
Step 8: Automate the Report Generation
Schedule the script to run weekly using Windows Task Scheduler:
$taskAction = New-ScheduledTaskAction -Execute "PowerShell.exe" -Argument "-File C:\Scripts\HealthCheck.ps1"
$taskTrigger = New-ScheduledTaskTrigger -Weekly -DaysOfWeek Monday -At 2AM
Register-ScheduledTask -TaskName "SharePoint Health Check" -Action $taskAction -Trigger $taskTrigger -RunLevel Highest
✔ Automates proactive monitoring.