Categories
Administration Troubleshooting

Automation of Password Updates…

Recently I stumbled upon a SharePoint 2010 environment setup a long time ago where the managed accounts and accounts in general were setup a little funny… in particular the issue was that the profile service stopped syncing. I asked the administrator what the issue was and they stated that they’d setup the system to use a managed account for the farm service account and other service application service accounts to automatically change the password in the background. That’s all fine and dandy for the most part, ‘cept that there are caveats with the Farm Account. And low and behold, I checked and sure enough the system’s Farm account was setup now as a Managed Account in our trusty, friendly SharePoint 2010 instance.

Issue – the profile synchronization service runs as this service account. Caveat, profile sync requires that you enter the account information and credentials since you may not necessarily be sync’ing with the Active Directory resource forest that your SharePoint system leverages as its Windows Networking Infrastructure platform.

So how did we attempt to remedy this… not knowing the Farm password, it was updated in Active Directory and then using Set-SPManagedAccount with the -UseExistingPassword argument, the password was properly updated. It was then synchronized across the farm with Repair-SPManagedAccountDeployment.

So SharePoint should now be up and operational with the managed account password updated, but we also have to go and update the synchronization connection with the new password. All should be working and fine, crisis averted, just have to go in Central Admin and make the update there… But, what I thought would be a five minute fix… well, yeah, not so much.

Hello 503 error.

Oddly, after all of the troubleshooting it ended up being the bitness setting for the Application Pool that operates SharePoint was modified to operate in x86 emulation mode. This comes in handy when you need to run two different compilations of a DLL through IIS, but with our native 64 bit SharePoint application, this doesn’t work so well. Why does this happen though? Not certain but it would seem that several folks seem to have this problem when they’ve been running their SharePoint system with managed accounts automatically updating and then reverting back to an “unmanaged mode” so to speak where the metabase becomes corrupt and suddenly the fitness for x86 emulation is set to true.

More on running in both x86 and x64 mode is available here: http://blogs.msdn.com/b/rakkimk/archive/2007/11/03/iis7-running-32-bit-and-64-bit-asp-net-versions-at-the-same-time-on-different-worker-processes.aspx

Please only modify this if you’re running into this problem – definitely make a backup copy before making any changes!!!

So if I want to avert this, I can force the Application Pool to start in 64bit mode by adding a “bitness64” flag… this is done in the ApplicationHost.config located in

%windir%system32inetsrvconfig

Within the Global Modules section of the ApplicationHost.config, you should search for the SharePoint14Module which should look something like this:

<add name=”SharePoint14Module” image=”C:Program FilesCommon FilesMicrosoft SharedWeb Server Extensions14isapiowssvr.dll” preCondition=”appPoolName=SharePoint Central Administration v4″ />

If you want to force your App Pool to always start without x86 emulation… then you’ll want to add the following argument of “bitness64” so that you end up with something like this:

<add name=”SharePoint14Module” image=”C:Program FilesCommon FilesMicrosoft SharedWeb Server Extensions14isapiowssvr.dll” preCondition=”appPoolName=SharePoint Central Administration v4,bitness64″ />

Note you’ll have to do this for each of the Web Applications that are registered – if you choose to make this modification.

And just like that… I start the application pool and all is well. Went and updated the synchronization connection and our UPS started syncing again. Qed.

More on ApplicationHost.config available here: http://learn.iis.net/page.aspx/124/introduction-to-applicationhostconfig/

Categories
Documentation How To... Troubleshooting

Recycle Bin Misperceptions

I have to say that it boggles my mind on a regular basis when I start talking to end users during a session or when interviewing users in client engagements to find out that they don’t quite understand how the end user and site collection administrator recycle bins work. Most of the time I find that users have the perception that it’s a serial process where once they delete a file, they have thirty days until the file is then moved to a secondary recycle bin where a new timer kicks off – unfortunately this is wrong.

“By default, items in the Recycle Bin are deleted automatically after 30 days. Regardless of whether or not an item is sent to the users’ Recycle Bin or to the Site Collection Recycle Bin, items are deleted automatically after the number of days that the server administrator specified in Central Administration.”

As you can see, it’s plain and simple, 30 days is 30 days, no less no more.

Source: http://office.microsoft.com/en-us/sharepoint-foundation-help/manage-the-recycle-bin-of-a-site-HA010380088.aspx

Categories
Administration Community

SharePoint Users Group of New York

This past week, Scott Hoag and I had the privilege of presenting a session to the New York SharePoint User’s Group, hosted by Microsoft at their offices there in New York City on the Avenue of the Americas. There were a few familiar faces in the crowd such as Paul Galvin, Mary Leigh Mackie, Randi Parrish, Greg Hurlman and Jeremy Thake which made the large crowd a little less intimidating (or maybe more so to have peers evaluating us right?).

Before we presented though we had a few things to explore… such as the Apple Cube on 5th Avenue
wpid-2012-05-0216.10.08-2012-05-6-16-38.jpg
I have to say that it was a pretty cool sight to see – the fact that the store is underground is in and of itself an interesting concept.

After a quick stop through we began wandering toward the Microsoft offices on foot… in the wrong direction… which got us caught up in remembering what it’s like to be a kid at FAO Schwarz… having never been inside the store I didn’t really know what to expect except for what I’d seen in the Smurfs movie that I saw last Fall… needless to say it was pretty crazy to see all of the candy and Gummi bears (oh and the nerds) as well as every popular toy that you could imagine from Star Wars apparel and masks to Thundercats action figures to even BatMan in Lego form.

All well worth the time spent in New York City, but for those that happen to be looking for a copy of our presentation, you can find it here through SlideShare.

If you need a copy to go offline with, you can grab a copy here – Avoiding Administrator Blunders in PPTX format.

Categories
Migration

SharePoint Saturday Boston #5

It’s been a fun time up here in Boston seeing some great folks like Talbott, Pradeepa and Geoff this weekend (and thanks to the entire SharePoint Saturday Boston team) after not being here since SPS Boston #1 back during St. Patrick’s Day Weekend of 2009. Thanks to Scott Hoag (@ciphertxt) for co-presenting as always – good to have a different perspective to balance things out 🙂

Nevertheless, to those that came to our session (and those that didn’t) we’d like to say thanks and hope that you enjoyed.  If you’d like to check out the slides presented, they can be viewed below through SlideShare.

If you’d like to grab the PPTX file, you can get it here – Pitfalls of Migrating to SharePoint 2010.SPSBOS

Categories
Community Migration User Groups

Capital Area .Net SharePoint Special Interest Group Presentation

This past Wednesday evening, Scott Hoag and I had the privilege of sharing the evening with the Capital Area .Net SharePoint Special Interest Group, hosted by Excella in the Navy League building in Arlington, VA. The crowd was lively and engaged and we even had Nick Inglis, Mack Sigman, Stacey Draper, David Berry and Cicely Behne in the mix to provide their insight and expertise, supplementing and complementing the gaps that Scott and I left open (it’s the partner ecosystem idea, right? ;)).

Nevertheless, if you were looking for a copy of the slides, they’re available here:

Categories
Administration How To...

Recycle an Application Pool – #ITProTip

So you’ve deployed an updated solution to your SharePoint 2007 or 2010 farm and you need to recycle the application pool associated with the web application that the solution is deployed to but you don’t want to take down the entire SharePoint farm? No problem, just recycle the single application pool that’s associated with that web application using a quick little command from command shell.

For those running SharePoint 2007 on Windows Server 2003 / 2003 R2:

cscript c:windowssystem32iisapp.vbs /a "%SharePointApplicationPool%" /r

where %SharePointApplicationPool% is the application pool that needs to be recycled. Note that iisapp.vbs resides within %systemroot%system32

For those running SharePoint 2007 or SharePoint 2010 on Windows Server 2008 / 2008 R2:

appcmd recycle apppool /apppool.name:%SharePointApplicationPool%

.csharpcode, .csharpcode pre
{
font-size: small;
color: black;
font-family: consolas, “Courier New”, courier, monospace;
background-color: #ffffff;
/*white-space: pre;*/
}
.csharpcode pre { margin: 0em; }
.csharpcode .rem { color: #008000; }
.csharpcode .kwrd { color: #0000ff; }
.csharpcode .str { color: #006080; }
.csharpcode .op { color: #0000c0; }
.csharpcode .preproc { color: #cc6633; }
.csharpcode .asp { background-color: #ffff00; }
.csharpcode .html { color: #800000; }
.csharpcode .attr { color: #ff0000; }
.csharpcode .alt
{
background-color: #f4f4f4;
width: 100%;
margin: 0em;
}
.csharpcode .lnum { color: #606060; }

where %SharePointApplicationPool% is the application pool that needs to be recycled.  Note that appcmd resides within %systemroot%system32inetsrv

The alternative for this of course is just to go in IIS Manager 6 or 7, select the application pool associated with the web application that requires recycling and recycle the pool manually through the UI.

References:

Categories
Development

Considerations for Sandboxed Solutions

With SharePoint 2010, there’s a new functionality that allows for developers to create solutions that are scoped at the site collection level with a limited portion of the SharePoint API. Better yet they can deploy these solutions without bothering their IT Pro brethren. This is awesome! Course it bypasses some of the governance that you might have in place regarding solutions deployment. Course it is possible to turn them off or block certain ones.

There have been several great discussions by Sahil Malik, Jeremy Thake, Srini Sistla, Mike Watson and many others about the power of Sandboxed Solutions. All great points regarding their power – and trust me, in many ways it’s a game changer in delegating the ability to devs to write extensible code that can do more than what SharePoint Designer was ever meant for.

There are some considerations to think about however… and if you’re wondering, “Well what are they?” then I recommend hopping on over to MSDN to read more at:

http://msdn.microsoft.com/en-us/library/ee231562.aspx

A closing thought though… if you’re looking for complete freedom with your solutions and have the need to arch across site collections… then you need something that’s freeing and non-restricting. So for those of you that are studying for your SATs or GREs, you could use the analogy that Sandboxed Solutions are to Briefs as Farm Solutions are to Boxers. 🙂

Happy Developing!

Categories
Adoption How To...

Productivity Hub for SharePoint 2010 – Update

Back in June 2010, Microsoft released what was known as the Productivity Hub for SharePoint 2010. It was a site collection that Microsoft provided that could be extended out for end users to visit to acquire knowledge on how to use SharePoint.  Great resource if you were short on training components and looking for assistance but weren’t able to find their IT Pro (who was probably hiding somewhere no doubt, fearing for their lives). Further for those that are looking to engage and foster adoption of the Information Worker’s in your business, the productivity hub is key to gaining their buy in and helping them to truly dive into the SharePoint platform to make it their tool set.

The best part of the hub in my opinion is the ability to customize it and add additional modules that meet your organization or business unit’s needs to ensure that your implementation is actually serving them from a business perspective rather than just humming away as another file share replacement.

Well, like most technology solutions, there are updates and enhancements.  On 17 January 2011, Microsoft released such an update for the Productivity Hub for SharePoint 2010. So, if you’re looking to just download and implement with the content packs – fear not, it’s simply and easy by just heading over to the Microsoft Download Center at:

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=4aaa9862-e420-4331-8bc3-469d7bae0ff1

However, if you’re feeling crafty and are looking to customize this product, it’s available on CodePlex from the team that created it (thanks RedTech!) at:

http://productivityhub.codeplex.com/

The key enhancement to the Productivity hub in this case is that of the customization documentation to provide guidance when crafting the Hub for your implementation’s UX.

Categories
Architecture Identity Management

Federation Extensions for SharePoint 3.0

If you’re running Windows SharePoint Services 3.0 or SharePoint Server 2007 and not quite ready to migrate to SharePoint 2010 to leverage the Claims Authentication Provider, take heart, there’s still hope.

Back in May 2010, Microsoft released several documents and extensions to assist with configuring the SharePoint v3 (or v12 depending on how you look at it) platform to federate with AD FS 2.0 – allowing for claims authentication federation.

Requirements

So how do I do this you ask?  Microsoft used to have a document out on Connect for this, but it’s now gone RTW.  The document is available here:

Couple things to make note of…

  • Don’t install AD FS 2.0 on the same server as SharePoint.  This should be a no brainer similar to “do not use a basic install” of SharePoint on any server.
  • To keep search and other capabilities operational, leave the default zone as Integrated/NTLM Auth. This allows your crawler to still operate in its regular fashion.
  • The federation capability really should only be leveraged for extranet / internet situations and not for use for all zones of users. Sure it’s great that claims auth with WSS v3 is there and supported, but let’s not get too zealous just yet 🙂
  • Get comfy with editing your web.config if you aren’t already so that you’re able to use the claims-based role and membership providers – if you’ve set this up for SharePoint 2010, then it should seem like old hat to you. Better yet, work with your developers to craft up a solution package that updates the web.config for you so that you’re not violating the laws of thermodynam… I mean good source control practices.
  • Note that if you’re building this into a multi-server farm, the extension bits have to be installed across all servers – yes, that’s right, it’s not a solutions package and won’t copy across all the servers for you. That’s not to say that the web.config couldn’t be updated via solution package though per the previous bullet.

Just think of the applications though, you can keep your WSS v3 / MOSS 2007 farm operational and federate with the partner organizations that you’ve been looking to let into your system while building a transition path to move to SharePoint 2010 using Claims whole heartily. 

Last thoughts… how cool is it that you can actually have a better client integration environment with the extensions that weren’t available with the ADFS v1 authentication provider with Windows Server 2003 R2.

Categories
Infrastructure System Administration

December 2010 Cumulative Updates for SharePoint

This one goes out to my friend and SharePoint colleague, Mark Rackley, also known to many of you as @MRackley. Gotta help my Dev friends that wonder at times why the underlying infrastructure doesn’t work properly – hopefully these bits will help.

Seem like you just got the good bits for the October 2010 Cumulative Update for SharePoint 2010? Just like that *snap* the December 2010 Cumulative Update is available.

The cumulative updates contain several fixes that go across the entirety of the platform from REST to Search to e-mail notifications that should be sent to task assignee’s.

Information Articles for December 2010 Cumulative Updates:

SharePoint Foundation Server 2010 – http://support.microsoft.com/kb/2459108
SharePoint Server 2010 – http://support.microsoft.com/kb/2459257
Project Server 2010 – http://support.microsoft.com/kb/2459258

Windows SharePoint Services v3 – http://support.microsoft.com/kb/2458606
Microsoft Office SharePoint Server 2007 – http://support.microsoft.com/kb/2458605

Full server downloads from the automated hotfix system available at:

SharePoint Foundation Server 2010 (x64 – 50.5 MB) – http://support.microsoft.com/hotfix/KBHotfix.aspx?kbnum=2459125
SharePoint Server 2010 (x64 – 325 MB) – http://support.microsoft.com/hotfix/KBHotfix.aspx?kbnum=2459257
Project Server 2010 (x64 – 330 MB) – http://support.microsoft.com/hotfix/KBHotfix.aspx?kbnum=2459258

Windows SharePoint Services v3 (x86 – 29.5 MB, x64 – 33.4 MB) – http://support.microsoft.com/hotfix/KBHotfix.aspx?kbnum=2458606
Microsoft Office SharePoint Server 2010 (x86 – 63.7 MB, x64 – 60.5 MB) http://support.microsoft.com/hotfix/KBHotfix.aspx?kbnum=2458605

Please be aware that there are some known issues with the SharePoint 2010 Cumulative Updates which may incur issues with some functionality, namely this:

Important notes about the cumulative update package

  • The Microsoft Office 2010 hotfixes are now multilingual. This cumulative update package contains updates for all languages.
  • This cumulative update package includes all the server component packages. Additionally, this cumulative update package updates only those components that are installed on the system.

Known issue 1
Consider the following scenario:

  • You install the Cumulative Update in this KB article on a SharePoint 2010 server.
  • You restart the server as it prompts you at the end of the installation.
  • You run the Psconfig.exe tool after the server restarts.

In this scenario, you see an error page when you access the Manage User Profile page in Central Administration.

Workaround

To work around this issue, follow these steps:

  1. Open the Central Administration page.
  2. Click Manage Services on the Server link.
  3. Find the User Profile Synchronization service, and then restart the service on the Server.aspx page.
  4. Perform iisreset after the service restarts successfully.

Known issue 2

2490381 (http://support.microsoft.com/kb/2490381/ ) You cannot create an AD DS synchronization connection that has multiple domains selected after you install the Cumulative Update in either KB 2459257 or KB 2459258

(Reference: http://support.microsoft.com/kb/2459257)

As always, be sure to install cumulative updates in a testing environment prior to implementation on a production system.

Lastly remember that for SharePoint 2010, you only need to download the patch for the product you’re working with whereas with Microsoft Office SharePoint Server 2007 you’ll need both the WSS v3 patch and the MOSS 2007 patch.