December 2010 Cumulative Updates for SharePoint

This one goes out to my friend and SharePoint colleague, Mark Rackley, also known to many of you as @MRackley. Gotta help my Dev friends that wonder at times why the underlying infrastructure doesn’t work properly – hopefully these bits will help.

Seem like you just got the good bits for the October 2010 Cumulative Update for SharePoint 2010? Just like that *snap* the December 2010 Cumulative Update is available.

The cumulative updates contain several fixes that go across the entirety of the platform from REST to Search to e-mail notifications that should be sent to task assignee’s.

Information Articles for December 2010 Cumulative Updates:

SharePoint Foundation Server 2010 – http://support.microsoft.com/kb/2459108
SharePoint Server 2010 – http://support.microsoft.com/kb/2459257
Project Server 2010 – http://support.microsoft.com/kb/2459258

Windows SharePoint Services v3 – http://support.microsoft.com/kb/2458606
Microsoft Office SharePoint Server 2007 – http://support.microsoft.com/kb/2458605

Full server downloads from the automated hotfix system available at:

SharePoint Foundation Server 2010 (x64 – 50.5 MB) – http://support.microsoft.com/hotfix/KBHotfix.aspx?kbnum=2459125
SharePoint Server 2010 (x64 – 325 MB) – http://support.microsoft.com/hotfix/KBHotfix.aspx?kbnum=2459257
Project Server 2010 (x64 – 330 MB) – http://support.microsoft.com/hotfix/KBHotfix.aspx?kbnum=2459258

Windows SharePoint Services v3 (x86 – 29.5 MB, x64 – 33.4 MB) – http://support.microsoft.com/hotfix/KBHotfix.aspx?kbnum=2458606
Microsoft Office SharePoint Server 2010 (x86 – 63.7 MB, x64 – 60.5 MB) http://support.microsoft.com/hotfix/KBHotfix.aspx?kbnum=2458605

Please be aware that there are some known issues with the SharePoint 2010 Cumulative Updates which may incur issues with some functionality, namely this:

Important notes about the cumulative update package

  • The Microsoft Office 2010 hotfixes are now multilingual. This cumulative update package contains updates for all languages.
  • This cumulative update package includes all the server component packages. Additionally, this cumulative update package updates only those components that are installed on the system.

Known issue 1
Consider the following scenario:

  • You install the Cumulative Update in this KB article on a SharePoint 2010 server.
  • You restart the server as it prompts you at the end of the installation.
  • You run the Psconfig.exe tool after the server restarts.

In this scenario, you see an error page when you access the Manage User Profile page in Central Administration.

Workaround

To work around this issue, follow these steps:

  1. Open the Central Administration page.
  2. Click Manage Services on the Server link.
  3. Find the User Profile Synchronization service, and then restart the service on the Server.aspx page.
  4. Perform iisreset after the service restarts successfully.

Known issue 2

2490381 (http://support.microsoft.com/kb/2490381/ ) You cannot create an AD DS synchronization connection that has multiple domains selected after you install the Cumulative Update in either KB 2459257 or KB 2459258

(Reference: http://support.microsoft.com/kb/2459257)

As always, be sure to install cumulative updates in a testing environment prior to implementation on a production system.

Lastly remember that for SharePoint 2010, you only need to download the patch for the product you’re working with whereas with Microsoft Office SharePoint Server 2007 you’ll need both the WSS v3 patch and the MOSS 2007 patch.

Surrounding Infrastructure–the bane of the IT Pro Detective Work…

We’ve all been there, we get a call from our client, customer, project manager or colleague at 630 in the morning stating that the portal is down. Typically this is done in such a manner that involves a terse conversation asking how long you’ve known the system was down and when you were going to alert other folks… Granted dependent on the systems monitoring software in your system you may or may not have received an alert.  In my case you’re dreaming of a white sandy beach and wondering why there’s a ringing noise coming from the handle of Patron in your hand.

Nevertheless, once you get down to details though, I know that for me, I tend to find myself investigating such outage issues by looking in a few different buckets or areas first – all of which tend to deal with other systems that SharePoint relies on…

1 – Network Systems – did a network administrator change the VLAN or network route that the SharePoint products and technologies platform rides on top of to something that passes directly into a firewall that drops every frame trying to pass through? did a cable get gnawed through by an animal? did someone unplug the RJ45 altogether leaving your system not responding at all?

2 – DNS – is there a Domain Name Service issue where the names are no longer resolving properly? did someone remove a CNAME or A Record? did the MX record somehow get munged due to policy causing incoming e-mail to cease operating? did someone forget to renew your DNS record altogether? are your SSL certs invalid now because the CA chain is broken somehow thanks to DNS resolution (what’s that, you can’t access the CRL?)…

3 – Storage Fabric Operations – is there a problem with the storage fabric that’s hosting your SQL content databases? did someone cut the fiber inadvertently or blow away your storage zone? Or did a disk controller pass away in the night, overworked by backups? All fun things that are a ton of fun to explain… “It’s not the SharePoint platform, it’s just the storage where all of the databases that power the content seem to be gone…”

4 – Active Directory – did the service accounts running the SharePoint platform suddenly get changed such that their passwords expire after being told they were set never to expire? the accounts themselves are expired somehow? they were enabled for smartcard interactive login (which effectively scrambles the password to 256 random bits)? the service principal name (SPN) associated with a URI for Kerberos to work was removed?

5 – Group Policy – did the Network administrator controlling all of the domain policy suddenly get a zero day exploit update tossed on their plate that’s rated “Critical” by an Information Awareness Manager or Information Systems Security Officer? Did they push the patch without alerting you the IT Pro that’s watching over the health and welfare of your system? Or did someone perhaps just remove different policies assigned to OUs and decide to make an über-policy that trumps everything without checking what the RSOP was?

Rather than drone on regarding several other buckets I check, I’d say that on average those are the five that I check first… More often than not I find that the 5th is typically what happens where the resultant set of policy sets a policy such that either client systems accessing the SharePoint portal are no longer capable of integrating as they were meant to (“Hey where’d my SharePoint Sites in Word go?”) or such that the Windows Server operating system hosting SharePoint now has a setting that causes certain components to cease to operate (always fun when a network admin changes a system to disable loopback checking in turn killing search crawling, right?).

Fear not though, Microsoft has a tool out there in the Azure cloud to assist with tracking down the Global Policy Object that is causing your system grief – Global Policy Search.  It’s available at: http://gps.cloudapp.net/

This is definitely one of my favorite cloud apps out there that assists in quick and easy searchable and filterable results to track down the GPO that’s the troublemaker to remediate issues.  Give it a spin around the block and you’ll find that it’s quite helpful to have in your back pocket.

EBS Hotfix for SharePoint 2010

So somehow I missed a tweet from Rob D’Oria, but apparently there’s an External BLOB Storage (EBS) hotfix that is necessary for SharePoint 2010 environments using EBS that was released back on September 7, 2010 with KB number 2398734.  The hotfix was primarily built to address the following EBS issues:

A customized external binary large object (BLOB) storage provider (EBS Provider) crashes the worker process (W3wp.exe) when you perform one of the following actions:

– You upload a file through the Windows Explorer view or through the Microsoft FrontPage remote procedure call (RPC).
– You upload files by using the Multi-File upload control.
– You create a publishing site.

The hotfix also addresses a scheduled password change process issue:

The scheduled password-change process fails when you try to use the automatic password change feature for a SharePoint farm service account. This issue occurs when the service account is not a member of the local Administrators group in Windows.

After installing the hotfix, be sure to run the SharePoint Configuration Wizard to ensure that it is absorbed into the rich ether of your SharePoint fiber. Smile

And on a side note, this hotfix does not seem to be a part of the October 2010 Cumulative Updates for either SharePoint Foundation Server or SharePoint Server.

Thanks again to Rob for the tip!

Installing SharePoint 2010 on an Island

Have you found yourself installing SharePoint on an island of sorts – completely disconnected from the Internet, without external DNS connectivity or the ability to download files that are required for SharePoint? Even though you know that the Internet is within reach you’re unable to access it, probably because of an OSI layer 1 network adapter not being plugged in just yet.

So how do you install SharePoint? Where do you pull the prerequisites from? What do you need to grab and transfer via sneakernet?

Island Tree on Lochan na h-Achlaise ~ Rannoch Moor, Scotland

Look no further… Microsoft kindly provides the SharePoint Server 2010 Hardware and Software Requirements which includes links to downloads of the prerequisites in the "Access to Applicable Software" section.

One thing to make note of is the release of the QFE for SharePoint issues addressing "Performance Counter fix and User Impersonation" (KB979917).

Also, something to make note of, while Microsoft has the "Applicable Software" section, it doesn’t exactly give you links that will work when you’re trapped on an island. For instance, the link for the .NET 3.5 Framework with SP1 is for the Bootstrapper which launches to download files from the Internet.  This isn’t exactly useful when you’re in a disconnected environment.  Instead, scroll down and make note of the information pertaining to the Full Redistributable.  Also note that there are updates that need to be downloaded for the .NET 3.5 Framework with SP1 (three of them actually) and an update to re-associate XPS files with the .NET framework.

Alas, there are some caveats… an item to make note of is that as of this writing the SQL Native Client download button from the link provided pushes you to an ill formed HTML page where you have to seek out the SQL Native Client package for downloading purposes.  See below for proper link.

SharePoint Prerequisites  
Server Roles  
Web Server (IIS) role  
Application Server role  
Software Components Link
Microsoft .NET Framework version 3.5 SP1 http://go.spdan.com/dotnet35sp1
Microsoft .NET Framework version 3.5 SP1 Update http://go.spdan.com/dotnet35sp1u
Update for .NET Framework 3.5 SP1 (KB967190) http://go.spdan.com/wutng
Microsoft Sync Framework Runtime v1.0 (x64) (English) http://go.spdan.com/yaxrr
Microsoft Sync Framework v1.0 (if other than English) http://go.spdan.com/phusl
Microsoft Filter Pack 2.0 http://go.spdan.com/dmegl
Microsoft Chart Controls for the Microsoft .NET Framework 3.5 http://go.spdan.com/mvknw
Windows PowerShell 2.0 http://go.spdan.com/fjsbq
SQL Server 2008 Native Client http://go.spdan.com/jvdsx
Microsoft SQL Server 2008 Analysis Services ADOMD.NET http://go.spdan.com/ryziu
ADO.NET Data Services Update for .NET Framework 3.5 SP1 (Server 2008 SP2) http://go.spdan.com/mjrni
ADO.NET Data Services Update for .NET Framework 3.5 SP1 (Server 2008 R2 / 7) http://go.spdan.com/nllmd
A hotfix for the .NET Framework 3.5 SP1 that provides a method to support token authentication without transport security or message encryption in WCF. (Server 2008 SP2) http://go.spdan.com/ndubn
A hotfix for the .NET Framework 3.5 SP1 that provides a method to support token authentication without transport security or message encryption in WCF. (Server 2008 R2) http://go.spdan.com/fgpvy
Windows Identity Foundation (WIF) (Server 2008 SP2) http://go.spdan.com/tiqfd
Windows Identity Foundation (WIF) (Server 2008 R2) http://go.spdan.com/zweak

SharePoint Server 2007 – December 2009 CU

Microsoft has released the SharePoint 2007 December 2009 Cumulative Update as of 29 January 2010. The cumulative update like all other updates includes all hotfixes since the most recent Service Pack, in this case SP2.

Information pertaining to this cumulative update is available at from the Update Resource Center at:

http://technet.microsoft.com/en-us/office/sharepointserver/bb735839.aspx

The WSS v3 December 2009 CU infopage is available at:

http://support.microsoft.com/kb/977027

The MOSS 2007 December 2009 CU infopage is available at:

http://support.microsoft.com/kb/977026

When requesting the appropriate CUs, if you’re downloading from an x86 client machine and your environment is x64 or vice versa, please note the “Show hotfixes for all platforms and languages” text next to “Number 1”.

Some insight from Joerg Sinemus regarding the December 2009 CU:

http://blogs.msdn.com/joerg_sinemus/archive/2009/12/16/wss-and-moss-december-2009-cu.aspx

Last but not least… please remember to test all service packs, cumulative updates and hotfixes in a staging or development environment prior to implementing in your system’s production environment.

AAM – The Bain of search problems…

Alternate Access Mappings

Recently, I rain into an issue where WSS v3 search results weren’t working properly. It ended up being a pretty simple fix in that the web application authentication setup (basic versus integrated windows authentication) with the alternate access mappings weren’t configured properly.  After a little bit of modification to the settings, wallah, things worked magnificently.

For those of you that aren’t familiar with AAM, definitely a topic that you should be familiar with to ensure that you architect your solutions properly in the first place so that search problems, among others don’t come back to bite you or your developers in the long run.

Configuring AAM (TechNet) – http://go.spdan.com/configureaam
Planning AAM (TechNet) – http://go.spdan.com/planaam
AAM in SP (21Apps) – http://go.spdan.com/ytsrf
Using AAM (To the SharePoint) – http://go.spdan.com/jkany
What every Admin needs to know about AAM (SP Blog) – http://go.spdan.com/wdykn
Advanced Admin Architecture, Deployment, Operations (TechEd 08) – http://go.spdan.com/snmfp

SharePoint Saturday – DC

This past weekend, SharePoint Saturday visited the local Northern Virginia region with SharePoint Saturday DC, hosted at the Microsoft Technology Center in Reston, VA. It was a great time with 28 sessions led by SharePoint professionals and MVPs from all around the country. Props to Dux Sy for his coordination of the volunteers and sponsors! Over 200 people attended the event which meant that it was standing room only for some of the sessions.

Joel Ward and I presented on the topic of SmartCard Authentication: Considerations, Options and Pitfalls with SharePoint during the final session of the day.  It was a lively discussion surrounding security, SmartCards, IA, infrastructure, membership providers and how it all fits in with the SharePoint architecture.

View the slides on SlideShare below, or download the PowerPoint files (PPT or PPTX) which includes the slides plus notes and resource links.