tag:blogger.com,1999:blog-31018981894437194902024-02-18T19:30:21.031-08:00Khalids Technical DiaryKhalid Ameerodienhttp://www.blogger.com/profile/16235782191638963724noreply@blogger.comBlogger24125tag:blogger.com,1999:blog-3101898189443719490.post-48819476045450318962014-09-15T04:21:00.000-07:002014-09-15T04:21:26.198-07:00Sorry, you don't have access to this pageSo I had this weird problem. Any new site collection or subsite we created even as the system account would give us the above error. Although we could navigate the site but we could not activate the publishing features or navigate to the landing page. I went scratching in the web.config and noted the following from a working environment vs the broken one:<br />
<br />
Broken Web APP<br />
<span style="background-color: white; color: #2a2a2a; font-family: 'Segoe UI', 'Lucida Grande', Verdana, Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21.531999588012695px;"><add key="aspnet:AllowAnonymousImpersonation" value="true" /></span><br />
<span style="background-color: white; color: #2a2a2a; font-family: 'Segoe UI', 'Lucida Grande', Verdana, Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21.531999588012695px;"><br /></span>
<span style="background-color: white; color: #2a2a2a; font-family: 'Segoe UI', 'Lucida Grande', Verdana, Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21.531999588012695px;">Working Web APP</span><br />
<span style="background-color: white; color: #2a2a2a; font-family: 'Segoe UI', 'Lucida Grande', Verdana, Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21.531999588012695px;"><add key="aspnet:AllowAnonymousImpersonation" value="false" /></span><br />
<span style="background-color: white; color: #2a2a2a; font-family: 'Segoe UI', 'Lucida Grande', Verdana, Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21.531999588012695px;"><br /></span>
<span style="background-color: white; color: #2a2a2a; font-family: 'Segoe UI', 'Lucida Grande', Verdana, Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21.531999588012695px;">I made this change and all was sorted</span>Khalid Ameerodienhttp://www.blogger.com/profile/16235782191638963724noreply@blogger.com0tag:blogger.com,1999:blog-3101898189443719490.post-25103989517473055592014-02-05T21:43:00.002-08:002014-02-05T21:43:36.386-08:00Feature Definition with ID "bunch of numbers goes here" failed validation, file TemplateInstances\ElementsFields.xml', etc the 'Hidden' attribute is invalid - The Value '' is invalidSo a client recently experienced this issue when they were trying to use a site template they had created. Upon investigation it turns out that a content type in the content type hub had a few null values. I confirmed this by unpacking the wsp and checking the ElementsFields.xml and noted that there were a few values set to ''. I found this nifty little script online @ http://sharepointfeaturesandfailures.blogspot.com/2013/09/fixing-missing-hidden-and-sealed.html. I ran the script on the content type hub URL so that it could replicate across all sites where it was having the issue. We then recreated the site template and bam all was good!<br />
<br />
<div style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 13px;">
$site = Get-SPSite "site collection url goes hurr"</div>
<div style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 13px;">
$Web =$site.RootWeb</div>
<div style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 13px;">
<br /></div>
<div style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 13px;">
for($i = $Web.Fields.count -1; $i -ge 0; $i--)</div>
<div style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 13px;">
{</div>
<div style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 13px;">
$field = $Web.fields[$i]</div>
<div style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 13px;">
[XML]$schema = $field.schemaxml </div>
<div style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 13px;">
if ( $schema.InnerXML.Contains("<wbr></wbr>Hidden=""""")){</div>
<div style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 13px;">
$schema.field.Hidden = "FALSE"</div>
<div style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 13px;">
$field.schemaxml = $schema.Innerxml</div>
<div style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 13px;">
Write-Host $field "HIDDEN: " $schema.field.Hidden </div>
<div style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 13px;">
$field.update()</div>
<div style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 13px;">
} </div>
<div style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 13px;">
if ( $schema.InnerXML.Contains("<wbr></wbr>Sealed=""""")){</div>
<div style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 13px;">
Write-Host $field "Sealed: " $schema.field.Sealed </div>
<div style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 13px;">
$field.Sealed = "FALSE"</div>
<div style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 13px;">
$field.update()</div>
<div style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 13px;">
}</div>
<div style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 13px;">
if ( $schema.InnerXML.Contains("<wbr></wbr>Required=""""")){</div>
<div style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 13px;">
Write-Host $field "Required: " $schema.field.Sealed </div>
<div style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 13px;">
$field.Required = "FALSE"</div>
<div style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 13px;">
$field.update()</div>
<div style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 13px;">
}</div>
<div style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 13px;">
}</div>
<br />
<br />Khalid Ameerodienhttp://www.blogger.com/profile/16235782191638963724noreply@blogger.com0tag:blogger.com,1999:blog-3101898189443719490.post-32764216307017708142013-05-10T01:41:00.001-07:002013-05-10T01:41:53.215-07:00Missing Server Side Dependencies THE DREADED SEARCH WEBPARTS!!So I was receiving tons of missing WebPart errors for the following GUIDS in Health Analyser:<br />
<br />
<br />
<div class="MsoNormal">
<span style="background: #F6F6F6; color: #676767; font-family: "Verdana","sans-serif"; font-size: 8.5pt;">[MissingWebPart] WebPart class
[baf5274e-a800-8dc3-96d0-0003d9405663]<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="background: #F6F6F6; color: #676767; font-family: "Verdana","sans-serif"; font-size: 8.5pt;">[MissingWebPart] WebPart class
[07f48b68-2e69-c86a-ebe4-16359e03ebc2]<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="background: #F6F6F6; color: #676767; font-family: "Verdana","sans-serif"; font-size: 8.5pt;">[MissingWebPart] WebPart class
[23091f6c-295d-4493-504c-1714a20d65a2]<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="background: #F6F6F6; color: #676767; font-family: "Verdana","sans-serif"; font-size: 8.5pt;">[MissingWebPart] WebPart class
[7d319bdd-d90e-7861-b7f0-2f9f4cec3004]<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="background: #F6F6F6; color: #676767; font-family: "Verdana","sans-serif"; font-size: 8.5pt;">[MissingWebPart] WebPart class
[888f7af5-05f1-4d07-1143-4b24c394b67b]<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="background: #F6F6F6; color: #676767; font-family: "Verdana","sans-serif"; font-size: 8.5pt;">[MissingWebPart] WebPart class
[c744e2b2-158c-c2f8-2f80-54bf046ff644]<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="background: #F6F6F6; color: #676767; font-family: "Verdana","sans-serif"; font-size: 8.5pt;">[MissingWebPart] WebPart class
[0a60f514-1dea-8537-b588-64ee5e224da3]<span class="apple-converted-space"> </span></span><span class="apple-converted-space"><o:p></o:p></span></div>
<div class="MsoNormal">
<span style="background: #F6F6F6; color: #676767; font-family: "Verdana","sans-serif"; font-size: 8.5pt;">MissingWebPart] WebPart class
[b2b35bdf-5e78-ab22-5351-6639ca63203f]</span><o:p></o:p></div>
<div class="MsoNormal">
<span style="background: #F6F6F6; color: #676767; font-family: "Verdana","sans-serif"; font-size: 8.5pt;">[MissingWebPart] WebPart class
[9f56656f-6aa3-0d55-a812-711bf65864ea]<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="background: #F6F6F6; color: #676767; font-family: "Verdana","sans-serif"; font-size: 8.5pt;">[MissingWebPart] WebPart class
[9637ed85-7d44-e135-35ba-73ce390ebf93]<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="background: #F6F6F6; color: #676767; font-family: "Verdana","sans-serif"; font-size: 8.5pt;">[MissingWebPart] WebPart class
[2fc2e287-55c9-b5d1-0d5c-7458bc3c9841]<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="background: #F6F6F6; color: #676767; font-family: "Verdana","sans-serif"; font-size: 8.5pt;">[MissingWebPart] WebPart class
[8acac35f-e9d3-95c3-76c7-76fe034cef50]<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="background: #F6F6F6; color: #676767; font-family: "Verdana","sans-serif"; font-size: 8.5pt;">[MissingWebPart] WebPart class
[f9c020f4-bcb2-3629-0460-9e5ec4c9de93]<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="background: #F6F6F6; color: #676767; font-family: "Verdana","sans-serif"; font-size: 8.5pt;">[MissingWebPart] WebPart class
[bc8768f7-7d8c-1d56-b5a5-bb19cca9c7b8]<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="background: #F6F6F6; color: #676767; font-family: "Verdana","sans-serif"; font-size: 8.5pt;">[MissingWebPart] WebPart class
[dc4f0aa3-bdd4-3394-6372-cd263a7a9cd0]<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="background: #F6F6F6; color: #676767; font-family: "Verdana","sans-serif"; font-size: 8.5pt;">[MissingWebPart] WebPart class
[83d7efb5-5a0a-0d4e-fc32-cf0eae4b6cb1]<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="background: #F6F6F6; color: #676767; font-family: "Verdana","sans-serif"; font-size: 8.5pt;">[MissingWebPart] WebPart class
[42b6d12b-947f-6ec4-9540-dc2f3e8f2425]<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="background: #F6F6F6; color: #676767; font-family: "Verdana","sans-serif"; font-size: 8.5pt;">[MissingWebPart] WebPart class
[3517e131-b02d-114b-1df2-dd9fa67b90c6]<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="background: #F6F6F6; color: #676767; font-family: "Verdana","sans-serif"; font-size: 8.5pt;">[MissingWebPart] WebPart class
[9afe11f2-9603-ac36-62a9-debeb61bcac0]<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="background: #F6F6F6; color: #676767; font-family: "Verdana","sans-serif"; font-size: 8.5pt;">[MissingWebPart] WebPart class
[d46a22f8-7373-12cb-4e07-e1b78e3dba96]<span class="apple-converted-space"> </span></span><span class="apple-converted-space"><o:p></o:p></span></div>
<div class="MsoNormal">
<span style="background: #F6F6F6; color: #676767; font-family: "Verdana","sans-serif"; font-size: 8.5pt;">[MissingWebPart] WebPart class
[874f5460-71f9-fecc-e894-e7e858d9713e]<span class="apple-converted-space"> <o:p></o:p></span></span></div>
<div class="MsoNormal">
<span style="background: #F6F6F6; color: #676767; font-family: "Verdana","sans-serif"; font-size: 8.5pt;">[MissingWebPart] WebPart class
[0ff9a0d5-1514-7a3b-fb97-fccbc902e380]</span><o:p></o:p></div>
<div class="MsoNormal">
<span style="background: #F6F6F6; color: #676767; font-family: "Verdana","sans-serif"; font-size: 8.5pt;"><br /></span></div>
<div class="MsoNormal">
Upon inspection I noted that they were search web parts SHOCKING!!. So I set about the usual that would be viewing search pages etc then running the health analyser again but low and behold still no dice. I noted some were referenced in the Admin Content DB so I went and checked site settings and noted that the Search Server Webparts feature was disabled. I enabled it in Central admin and that took care of the admin content db errors however there were still a million of references in the other content DB's</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
I done some testing and some reading and noted that the health analyser job apparently is not smart enough to distinguish which servers are WFE servers and which are APP servers and would report the webparts as missing but they were infact on the farm. I then done some research further on the Health analyser and noted that it would look at the web.config on ever server for every SharePoint WebApp. This got me thinking why not just copy the inetpub folders from the WFE to each server in the same location and the same for the Central Admin folder as then the web.configs would be on all servers.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
So I tested this and low and behold no more search dependency errors. </div>
Khalid Ameerodienhttp://www.blogger.com/profile/16235782191638963724noreply@blogger.com1tag:blogger.com,1999:blog-3101898189443719490.post-13353330137547105532012-11-05T22:53:00.001-08:002012-11-06T21:53:29.635-08:00Certificate Validation errors in SharePoint 2013So everyone by now should have had a taste of 2013 if not what are you doing!!! With every new technology comes new pains as well as some good things one of my pains went something along the lines of:<br />
"A certificate validation operation took 30007.5449 milliseconds and has exceeded the execution time threshold. If this continues to occur, it may represent a configuration issue. Please see http://go.microsoft.com/fwlink/?LinkId=246987 for more details."<br />
<br />
*Shock horror* my logs were inundated with errors of the like also I was having tons of topology errors and endpoint failures. Now I popped open MMC and added the certificates snap in and selected local computer to check what certificate was causing me this grief.<br />
<br />
I navigated to the SharePoint folder and opened one of the certificates and noted the following:<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiBN6QY5czj2j5hbyvDbYhlM07xQLHFO25pxCyiMc-X5PSo1XW5GG1M6z98Ql1YtHPMgQm7zSRhEYnTcZf1Zq5YUpS2Q7Lnvm2mfnkaOv3DGdcIuo5HO_E2sIYvT4t0fu9xQbhvTSCJRNo/s1600/certs.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiBN6QY5czj2j5hbyvDbYhlM07xQLHFO25pxCyiMc-X5PSo1XW5GG1M6z98Ql1YtHPMgQm7zSRhEYnTcZf1Zq5YUpS2Q7Lnvm2mfnkaOv3DGdcIuo5HO_E2sIYvT4t0fu9xQbhvTSCJRNo/s320/certs.png" width="257" /></a></div>
<br />
Aha!! Found you. I actually never found it as fast as I made it out to be. Once I narrowed it down I then remembered that I had something similar before and had to generate a cert via powershell. So I done the following in the SharePoint Management Shell:<br />
<span style="font-family: inherit;"><br /></span>
<span style="background-color: white; color: #2a2a2a; font-size: 12px; line-height: 16px;"><span style="font-family: inherit;">$rootCert = (Get-SPCertificateAuthority).RootCertificate</span></span><br />
<span style="background-color: white; color: #2a2a2a; font-size: 12px; line-height: 16px;"><span style="font-family: inherit;">$rootCert.Export(“Cer”) | Set-Content C:\root.cer –Encoding Byte</span></span><br />
<span style="background-color: white; color: #2a2a2a; font-family: 'Segoe UI', 'Lucida Grande', Verdana, Arial, Helvetica, sans-serif; font-size: 12px; line-height: 16px;"><br /></span>
Once done I went back into the certificates snap in and imported the certificate into the trusted root certificate authorities. Once done the bulk of the errors disappeared and my logs looked much better and I had no more topology errors as well. Now for the last few remaining cert errors (1 or 2 per hour) I checked the local computer policy. Pop Open gpedit.msc and navigate to "Computer Configuration > Windows > Security Settings > Public Key Policies > Certificate Path Validation Settings". <span style="background-color: white;"><span style="font-family: inherit;">On the Network Retrieval tab, define the policy and uncheck “Automatically update certificates in the Microsoft Root Certificate Program. After you have defined this run a gpupdate /force and you should no longer have these errors in your event logs</span></span>Khalid Ameerodienhttp://www.blogger.com/profile/16235782191638963724noreply@blogger.com8tag:blogger.com,1999:blog-3101898189443719490.post-90347581742672126202012-06-11T07:12:00.001-07:002012-11-06T21:53:37.418-08:00The required feature is not enabled for this column type.I was creating metadata columns in a Content type hub when I noticed I could not access the termstore instead I received the error in the subject. I done some research and found that it was a hidden feature that was not enabled that could not be activated via the UI. Hello powershell :D I ran the following and all was good:<br />
<br />
<h4 align="center">
<b>Enable-SPFeature -id "73ef14b1-13a9-416b-a9b5-ececa2b0604c" -Url <Site-Url></b></h4>Khalid Ameerodienhttp://www.blogger.com/profile/16235782191638963724noreply@blogger.com0tag:blogger.com,1999:blog-3101898189443719490.post-77682883078118929912012-06-11T07:09:00.002-07:002012-11-06T21:53:44.234-08:00Changing the content type hub location on your Metadata Service ApplicationRun the following via powershell substituting the placeholders with the relevant information of your environment:<br />
<span style="font-family: Courier New;">Set-SPMetadataServiceApplication -Identity "<<code class="xml keyword">ServiceApplication</code></span><code class="xml plain">>" -HubURI "<</code><code class="xml keyword">HubURI</code><code class="xml plain">>"</code>Khalid Ameerodienhttp://www.blogger.com/profile/16235782191638963724noreply@blogger.com0tag:blogger.com,1999:blog-3101898189443719490.post-42190195143752505322012-05-30T01:05:00.003-07:002012-11-06T21:53:52.232-08:00Removing old users from the User Information ListThis list is usually not editable but you can edit it by going to <a href="http://sitecollectionname//_layouts/people.aspx?MembershipGroupId=0">http://SITECOLLECTIONNAME//_layouts/people.aspx?MembershipGroupId=0</a><br />
<br />
You will then be able to remove the old users and they should then not appear in people picker.Khalid Ameerodienhttp://www.blogger.com/profile/16235782191638963724noreply@blogger.com0tag:blogger.com,1999:blog-3101898189443719490.post-4867350922033025022012-05-22T07:56:00.000-07:002012-11-06T21:53:57.488-08:00Provisioning multiple user profile service applications in SharePoint 2010So you have multiple user profile service applications but do not know how to provision 2 of them at the same time? Never fear for as long as you have more than 1 SharePoint Servers in your Farm you will be able to provision multiple User profile Service applications. <br />
<br />
There is 1 snag though in that the user profile synchronization service which provisions the User profile service application has a 1 to 1 relationship with the server ie you can start only one instance of the service per server. So basically navigate to Manager services on server in Central Admin then start user profile synchronization service and associate it with UPSA A. Once completed select another server under manange services and start the user profile synchronization service on UPSA B. Now you have 2 User profile service applications provisioned at the same time in your farm.Khalid Ameerodienhttp://www.blogger.com/profile/16235782191638963724noreply@blogger.com0tag:blogger.com,1999:blog-3101898189443719490.post-34101242432725081132012-05-18T03:34:00.002-07:002012-11-06T21:54:44.347-08:00OfficialFile.asmx site could not be found or accessed.A vendor that I work with had an issue on a QA environment recently whereby the content organiser rules as well as the send to connection would not work. Inspecting the logs I noticed <a href="http://blablabaetc/OfficialFile.asmx">http://blablabaetc/OfficialFile.asmx</a> site could not be found or accessed. Hmmm weird. I checked their web frontend and noticed that I could not log onto the webapps from the actual server and I thought to myself I know this one *insert evil grin here* DisableLoopBackCheck fixed it all. <a href="http://support.microsoft.com/kb/896861">Instructions here</a>Khalid Ameerodienhttp://www.blogger.com/profile/16235782191638963724noreply@blogger.com0tag:blogger.com,1999:blog-3101898189443719490.post-68727082673956629682011-12-06T22:24:00.000-08:002012-05-09T01:22:24.022-07:00Deleting SQL backups that are a specific ageI was having a bit of an issue on one of our dev environments where SQL would complete a backup but even though I specified that backups should be removed if older than 3 days in my maintenance plan it would not remove them. No errors nothing.<br/><br/> <br/><br/>I then reverted to old faithful powershell and created the following script which I ran via a scheduled task.<br/><br/> <br/><br/>Dir "C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Backup\*" -recurse | where {$_.LastWriteTime –lt (get-date).AddDays(-3) } | % {del $_.FullName}<br/><br/> Khalid Ameerodienhttp://www.blogger.com/profile/16235782191638963724noreply@blogger.com0tag:blogger.com,1999:blog-3101898189443719490.post-54746563068735651902011-12-05T23:48:00.000-08:002012-05-09T01:22:24.020-07:00Changing Domains and Sharepoint what to do to migrate users to the new
domain nameI got this nifty little script at the last information worker session and found that it could be rather useful when migrating to a new domain.<br/><br/>//**************************BEGIN CODE*************************************<br/>param([string]$url = (Read-Host "Enter the Url of the Web Application: "), `<br/><br/>[string]$oldprovider = `(Read-Host "Enter the Old Provider Name (Example -> Domain\ or MembershipProvider:) "), `<br/>[string]$newprovider = `(Read-Host "Enter the New Provider Name (Example -> Domain\ or i:0#.f<br/>MembershipProvider<br/>) "))<br/>add-pssnapin microsoft.sharepoint.powershell -EA 0<br/># Get all of the users in a site<br/>$users = get-spuser -web $url<br/># Set a conversion flag which will later be used to verify if you want to continue processing<br/>$convert = $false<br/># Loop through each of the users in the site<br/>foreach($user in $users)<br/>{<br/># Create an array that will be used to split the user name from the domain/membership provider<br/>$a=@()<br/>$displayname = $user.DisplayName<br/>$userlogin = $user.UserLogin<br/># Separate the user name from the domain/membership provider<br/>if($userlogin.Contains(':'))<br/>{<br/>$a = $userlogin.split(":")<br/>$username = $a[1]<br/>}<br/>elseif($userlogin.Contains('\'))<br/>{<br/>$a = $userlogin.split("\")<br/>$username = $a[1]<br/>}<br/># Create the new username based on the given input<br/>$newalias = $newprovider + $username<br/>if (-not $convert)<br/>{<br/>$answer = Read-Host "Your first user will be changed from $userlogin to $newalias. Would you like to continue processing all users? [Y]es, [N]o"<br/>switch ($answer)<br/>{<br/>"Y" {$convert = $true}<br/>"y" {$convert = $true}<br/>default {exit}<br/>}<br/>}<br/>if(($userlogin -like "$oldprovider*") -and $convert)<br/>{<br/>move-spuser -identity $user -newalias "$newalias" -ignoresid -Confirm:$false<br/>}<br/>}<br/>//**************************END CODE*************************************<br/><br/> <br/><br/>Thanks to Bradley Chetty for the script it makes life alot easier. Visit his blog @ http://bradleychetty.blogspot.com/<br/><br/> Khalid Ameerodienhttp://www.blogger.com/profile/16235782191638963724noreply@blogger.com1tag:blogger.com,1999:blog-3101898189443719490.post-28598969880228775922011-12-05T23:29:00.000-08:002012-05-09T01:22:24.003-07:00Farm ReportI stumbled upon quite a nifty little app to give a full farm report. It can be found at http://spsfarmreport.codeplex.com/Khalid Ameerodienhttp://www.blogger.com/profile/16235782191638963724noreply@blogger.com0tag:blogger.com,1999:blog-3101898189443719490.post-64244499601686669972011-11-08T01:33:00.000-08:002012-05-09T01:22:24.021-07:00Shrink Sharepoint SQL log filesI had noticed on our production and dev boxes that the log files were growing exessively. The database log files were backed up every day so I thought I would go ahead and shrink the log files. I used the following script to do this<br/><br/>use Databasename<br/>GO<br/>Alter database Databasename set recovery simple<br/>GO<br/>Alter Database Databasename set recovery Full<br/>GO<br/>dbcc shrinkfile (Databasename_log, 1000)<br/>GO<br/><br/> <br/><br/> <br/><br/>The 1000 in the second last line indicates the size you wish to shrink the log file to.Khalid Ameerodienhttp://www.blogger.com/profile/16235782191638963724noreply@blogger.com0tag:blogger.com,1999:blog-3101898189443719490.post-32091383567997278102011-10-17T02:01:00.000-07:002012-05-09T01:22:24.010-07:00Setting up Forms AuthenticationI was asked to convert a WEB application that was running classic mode authentication to Forms. Now in order to do this I had to change the web application to Claims based authentication however that was greyed out. No problem for powershell though. I done the following in powershell:<br/><br/>$App = get-spwebapplication “http://yoururl”<br/><br/>$app.useclaimsauthentication = “True”<br/><br/>$app.Update()<br/><br/>This enabled Claims authentication in the Web Application. I then edited the authentication providers and ticked the Forms based authentication box. Now the tricky bits are to follow. You will need to edit the web.config of your site as well as Central Admin and the Security Token.<br/><br/> <br/><br/>In the Web Application web.config add the following after <providers>.<br/><br/><add name="ADAuth"<br/>type="Microsoft.Office.Server.Security.LdapMembershipProvider, Microsoft.Office.Server, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"<br/>server="Your Auth Server"<br/>port="389"<br/>useSSL="false"<br/>userDNAttribute="distinguishedName"<br/>userNameAttribute="Samaccountname"<br/>groupNameAttribute="mail"<br/>userContainer="DC=hi,DC=local"<br/>userObjectClass="person"<br/>userFilter="(&amp;(ObjectClass=*))"<br/>scope="Subtree"<br/>otherRequiredUserAttributes="sn,givenname,cn,mail" /><br/><br/> <br/><br/>Add the following under the rolemanager provider section<br/><br/><add name="roleManager"<br/>type="Microsoft.Office.Server.Security.LdapRoleProvider, Microsoft.Office.Server, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"<br/>server="Your auth Server"<br/>port="389"<br/>useSSL="false"<br/>groupContainer="DC=HI,DC=local"<br/>groupNameAttribute="Displayname"<br/>groupMemberAttribute="member"<br/>groupNameAlternateSearchAttribute="mail"<br/>userNameAttribute="mail"<br/>dnAttribute="distinguishedName"<br/>groupFilter="(&amp;(ObjectClass=group))"<br/>scope="Subtree" /><br/><br/> <br/><br/>Now we need to add the functionality to select Forms Authentication. Search the Web.config for PeoplePickerWildcards<br/><br/>Add the following below the tag<br/><br/><add key="ADAuth" value="*" /><br/><br/><add key="roleManager" value="*" /><br/><br/> <br/><br/>Now save and close the web.config.<br/><br/> <br/><br/>Open the web.config of your central admin application and add the following entries:<br/><br/>As above but add the following in under <providers><br/><br/>type="Microsoft.Office.Server.Security.LdapMembershipProvider, Microsoft.Office.Server, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"<br/>server="Your Auth Server"<br/>port="389"<br/>useSSL="false"<br/>userDNAttribute="distinguishedName"<br/>userNameAttribute="Samaccountname"<br/>groupNameAttribute="mail"<br/>userContainer="DC=hi,DC=local"<br/>userObjectClass="person"<br/>userFilter="(&amp;(ObjectClass=*))"<br/>scope="Subtree"<br/>otherRequiredUserAttributes="sn,givenname,cn,mail" /><br/>/><br/><br/>The search for the rolemanager provider and add this below<br/><br/> <br/><br/><add name="roleManager"<br/>type="Microsoft.Office.Server.Security.LdapRoleProvider, Microsoft.Office.Server, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"<br/>server="Your auth Server"<br/>port="389"<br/>useSSL="false"<br/>groupContainer="DC=HI,DC=local"<br/>groupNameAttribute="Displayname"<br/>groupMemberAttribute="member"<br/>groupNameAlternateSearchAttribute="mail"<br/>userNameAttribute="mail"<br/>dnAttribute="distinguishedName"<br/>groupFilter="(&amp;(ObjectClass=group))"<br/>scope="Subtree" /><br/><br/> <br/><br/>And then add the following below the <PeoplePickerWildCards> tag<br/><br/><add key="ADAuth" value="*" /><br/><br/><add key="roleManager" value="*" /><br/><br/>Save and close the web.config<br/><br/> <br/><br/>Now open the web.config of the security token and do the following:<br/><br/>Under the <providers> tag add the following<br/><br/><add name="ADAuth"<br/>type="Microsoft.Office.Server.Security.LdapMembershipProvider, Microsoft.Office.Server, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"<br/>server="Your Auth Server"<br/>port="389"<br/>useSSL="false"<br/>userDNAttribute="distinguishedName"<br/>userNameAttribute="Samaccountname"<br/>groupNameAttribute="mail"<br/>userContainer="DC=hi,DC=local"<br/>userObjectClass="person"<br/>userFilter="(&amp;(ObjectClass=*))"<br/>scope="Subtree"<br/>otherRequiredUserAttributes="sn,givenname,cn,mail" /><br/>/><br/><br/> <br/><br/>Search for the rolemanager provider and add this below<br/><br/><add name="roleManager"<br/>type="Microsoft.Office.Server.Security.LdapRoleProvider, Microsoft.Office.Server, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"<br/>server="Your auth Server"<br/>port="389"<br/>useSSL="false"<br/>groupContainer="DC=HI,DC=local"<br/>groupNameAttribute="Displayname"<br/>groupMemberAttribute="member"<br/>groupNameAlternateSearchAttribute="mail"<br/>userNameAttribute="mail"<br/>dnAttribute="distinguishedName"<br/>groupFilter="(&amp;(ObjectClass=group))"<br/>scope="Subtree" /><br/><br/> <br/><br/>Now Save and close the file.<br/><br/> <br/><br/>To test go into Central Admin and try to assign a user permissions but only use the first 3 letters of their name the click the check names button. You should receive a warning that "No exact match was found. Click the item(s) that did not resolve for more options" when click the letters you should be given an option to select forms or ADAUTh<br/><br/> <br/><br/> Khalid Ameerodienhttp://www.blogger.com/profile/16235782191638963724noreply@blogger.com1tag:blogger.com,1999:blog-3101898189443719490.post-22666075011533912742011-10-05T01:10:00.000-07:002012-05-09T01:22:23.995-07:00Code Blocks not allowed Sharepoint 2010I came across this on our test environment recently after authenticating. I then done some googling and found a nifty solution to the problem. I added the following to the web.config file and this resolved the error I was receiving.<br/><br/> <br/><div><br/><div><code></code><code><SharePoint></code></div><br/><div><code></code><code><SafeMode MaxControls=</code><code>"200"</code> <code>CallStack=</code><code>"false"</code> <code>DirectFileDependencies=</code><code>"10"</code> <code>TotalFileDependencies=</code><code>"50"</code> <code>AllowPageLevelTrace=</code><code>"false"</code><code>></code></div><br/><div><code></code><code><PageParserPaths></code></div><br/><div><code></code><code><PageParserPath VirtualPath=</code><code>"~/pages/demo.aspx"</code> <code>CompilationMode=</code><code>"Always"</code> <code>AllowServerSideScript=</code><code>"true"</code> <code>/></code></div><br/><div><code></code><code><PageParserPath VirtualPath=</code><code>"~/pages/*"</code> <code>CompilationMode=</code><code>"Always"</code> <code>AllowServerSideScript=</code><code>"true"</code> <code>/></code></div><br/><div><code></code><code></PageParserPaths></code></div><br/><div><code></code><code></SafeMode></code></div><br/></div>Khalid Ameerodienhttp://www.blogger.com/profile/16235782191638963724noreply@blogger.com0tag:blogger.com,1999:blog-3101898189443719490.post-78162079584559949142011-09-21T04:12:00.000-07:002012-05-09T01:22:24.025-07:00Application synchronization failed for
Microsoft.Office.Excel.Server.ExcelServerSharedWebServiceI was receiving this error on a Sharepoint 2007 server in the application logs. Upon investigation it turned out that the Farm account had 'operates as system account' on one of the web application policies. After removing this the error never reoccurred.Khalid Ameerodienhttp://www.blogger.com/profile/16235782191638963724noreply@blogger.com0tag:blogger.com,1999:blog-3101898189443719490.post-7020051196672439912011-09-19T04:46:00.000-07:002012-05-09T01:22:24.024-07:00Remember me missing from custom login screenI came across a situation recently when one of our custom login pages had lost the remember me check box!! Needless to say it had me baffled and I could not find an apt solution for the problem. Further investigation revealed that the code on the page was being removed when navigating to the page via the browser.<br/><br/>I have to give credit to my mentor for this one as he figured it out in a fraction of the time I had spent on it *shock horror* much thanks Brad visit his blog at <a title="Bradley Geldenhuys" href="http://www.bradg.co.za" target="_blank">Bradley Geldenhuys</a><br/><br/>It was discovered that UsesessionCookies was set to true when checking the SPsecuritytokenserviceconfig. This can be rectified by running the following in powershell:<br/><br/>$sts = Get-SPSecurityTokenServiceConfig<br/>$sts.UseSessionCookies = $false<br/>$sts.Update()<br/>iisreset<br/><br/>And presto the remember me was back.Khalid Ameerodienhttp://www.blogger.com/profile/16235782191638963724noreply@blogger.com0tag:blogger.com,1999:blog-3101898189443719490.post-5472350110085752022011-09-06T08:44:00.000-07:002012-05-09T01:22:24.019-07:00Error 720 on Persistent VPNI was receiving an error 720 when trying to setup a persistent VPN through routing and remote access. Upon further investigation I discovered that I had not setup the protocols in RRAS correctly. I had left IPv6 Routing enabled. To disable do the following. Open Routing and remote access on the server. Right click on the server name select properties navigate to IPv6 and untick all boxes. Click apply then ok.<br/><br/><a href="http://khalidstech.files.wordpress.com/2011/09/ipv62.png"><img class="alignnone size-full wp-image-34" title="ipv6" src="http://khalidstech.files.wordpress.com/2011/09/ipv62.png" alt="" width="396" height="560" /></a>Khalid Ameerodienhttp://www.blogger.com/profile/16235782191638963724noreply@blogger.com0tag:blogger.com,1999:blog-3101898189443719490.post-50908352753641242882011-09-06T08:42:00.000-07:002012-05-09T01:22:24.015-07:00Error 720 on Persistent VPNI was receiving an error 720 when trying to setup a persistent VPN through routing and remote access. Upon further investigation I discovered that I had not setup the protocols in RRAS correctly. I had left IPv6 Routing enabled. To disable do the following. Open Routing and remote access on the server. Right click on the server name select properties navigate to IPv6 and untick all boxes. Click apply then ok.<br/><br/> Khalid Ameerodienhttp://www.blogger.com/profile/16235782191638963724noreply@blogger.com0tag:blogger.com,1999:blog-3101898189443719490.post-48561869643149866092011-09-06T08:38:00.000-07:002012-05-09T01:22:24.014-07:00Exporting Reusable Workflows in sharepoint designer not so reuseableSo I had to create some custom workflows for a client. All good and well and I completed my task however upon saving the items as a template my reusable workflows seem to have broken (joy!!!).<br/><br/>After struggling quite a bit I decided to recreate them and instead of downloading them from sharepoint designer I downloaded them from the site assets library. Low and behold the items worked fine then. Lesson learnt sharepoint designer is a devil in disguise.Khalid Ameerodienhttp://www.blogger.com/profile/16235782191638963724noreply@blogger.com0tag:blogger.com,1999:blog-3101898189443719490.post-30662375254491687262011-09-02T03:16:00.000-07:002012-05-09T01:22:24.007-07:00Enable Exchange Calendar Overlays in Sharepoint 2010To set this up we first need to add a Trust for the OWA site of the organisation in question. We can do this by adding the OWA certificate to the Trust relationships in Central administration.<br/><br/> <br/><br/>The first step in this procedure is to get the Certificate from the OWA site. Run internet explorer as an administrator<br/><br/><a href="http://khalidstech.files.wordpress.com/2011/09/1.png"><img class="alignnone size-full wp-image-15" title="1" src="http://khalidstech.files.wordpress.com/2011/09/1.png" alt="" width="369" height="433" /></a><br/><br/>Once you have done this navigate to the OWA URL. Once you are on the page you will notice a padlock icon next to the Address in the address bar click the padlock icon and select view certificates.<br/><br/><a href="http://khalidstech.files.wordpress.com/2011/09/2.png"><img class="alignnone size-full wp-image-16" title="2" src="http://khalidstech.files.wordpress.com/2011/09/2.png" alt="" width="281" height="213" /></a><br/><br/>Once completed you will have a box appear with the relevant certificate information. Select details and click copy to file.<br/><br/><a href="http://khalidstech.files.wordpress.com/2011/09/3.png"><img class="alignnone size-full wp-image-17" title="3" src="http://khalidstech.files.wordpress.com/2011/09/3.png" alt="" width="412" height="505" /></a><br/><br/>You will receive the following screen click next<br/><br/><a href="http://khalidstech.files.wordpress.com/2011/09/4.png"><img class="alignnone size-full wp-image-18" title="4" src="http://khalidstech.files.wordpress.com/2011/09/4.png" alt="" width="422" height="382" /></a><br/><br/>Select DER encoded binary X.509 (.CER) then click next<a href="http://khalidstech.files.wordpress.com/2011/09/5.png"><img class="alignnone size-full wp-image-19" title="5" src="http://khalidstech.files.wordpress.com/2011/09/5.png" alt="" width="422" height="379" /></a><br/><br/> <br/><br/>Select a filename for your certificate and click next this will save the certificate in the location you provided with the filename. Click next<br/><br/><a href="http://khalidstech.files.wordpress.com/2011/09/6.png"><img class="alignnone size-full wp-image-20" title="6" src="http://khalidstech.files.wordpress.com/2011/09/6.png" alt="" width="442" height="399" /></a><br/><br/>Click finish.<br/><br/> <br/><br/>Open Central Administration then click on Security.<br/><br/>Locate Manage Trust and click on it<a href="http://khalidstech.files.wordpress.com/2011/09/7.png"><img class="alignnone size-full wp-image-21" title="7" src="http://khalidstech.files.wordpress.com/2011/09/7.png" alt="" width="603" height="78" /></a><br/><br/>Click on new<br/><br/><a href="http://khalidstech.files.wordpress.com/2011/09/8.png"><img class="alignnone size-full wp-image-22" title="8" src="http://khalidstech.files.wordpress.com/2011/09/8.png" alt="" width="604" height="57" /></a><br/><br/>Name the new trust relationship and add the root authority certificate you saved then click on ok.<br/><br/><a href="http://khalidstech.files.wordpress.com/2011/09/9.png"><img class="alignnone size-full wp-image-23" title="9" src="http://khalidstech.files.wordpress.com/2011/09/9.png" alt="" width="433" height="385" /></a><br/><br/> <br/><br/>This will create the trust relationship needed between exchange and Sharepoint.<br/><br/>On the sharepoint site now Navigate to the calendar area where you wish to allow this functionality.<br/><br/>In the calendar ribbon select calendar overlay.<br/><br/><a href="http://khalidstech.files.wordpress.com/2011/09/10.png"><img class="alignnone size-full wp-image-24" title="10" src="http://khalidstech.files.wordpress.com/2011/09/10.png" alt="" width="304" height="141" /></a><br/><br/>Click on new calendar. Under Calendar name type the name of the calendar (usually the users email address) the select the exchange radio box. Also give the calendar a description and also a colour as to make the events easier to identify when viewing them. Type in the OWA address and the exchange web service URL then click find. This will resolve the names needed for this. Click ok<br/><br/><a href="http://khalidstech.files.wordpress.com/2011/09/11.png"><img class="alignnone size-full wp-image-25" title="11" src="http://khalidstech.files.wordpress.com/2011/09/11.png" alt="" width="602" height="244" /></a><br/><br/>You should now be able to overlay the users calendar over the Sharepoint site calendars.Khalid Ameerodienhttp://www.blogger.com/profile/16235782191638963724noreply@blogger.com0tag:blogger.com,1999:blog-3101898189443719490.post-26139429070799119442011-09-02T02:15:00.000-07:002012-05-09T01:22:23.998-07:00Unexpected error refreshing server managerWe received the following error on the Server when opening roles in Server Manager:<br/><br/><strong>Unexpected error refreshing Server Manager: Exception from HRESULT: 0x800F0818</strong><br/><br/>I have investigated this and found the resolution to be the following:<br/><ol><br/> <li>Download and run the Microsoft update readiness tool at the following location: <a href="http://support.microsoft.com/kb/947821">http://support.microsoft.com/kb/947821</a></li><br/> <li>Once it has completed you will find the log it generated in C:\Windows\Logs\CBS\Checksur.log</li><br/> <li>In our case it generated the following errors:</li><br/></ol><br/>Unavailable repair files:<br/><br/>servicing\packages\Package_for_KB2393802_RTM~31bf3856ad364e35~amd64~~6.1.1.1 (2).mum<br/><br/>servicing\packages\Package_for_KB2524375_SP1~31bf3856ad364e35~amd64~~6.1.1.1.mum<br/><br/>servicing\packages\Package_for_KB2393802_RTM~31bf3856ad364e35~amd64~~6.1.1.1 (2).cat<br/><br/>servicing\packages\Package_for_KB2524375_SP1~31bf3856ad364e35~amd64~~6.1.1.1.cat<br/><br/>From the above we can deduce that we need to download the update packages of KB2393802 and KB2524375. Once we have the files we can proceed with the next step.<br/><ol><br/> <li>Extract the contents of the .msu files with the following command “Expand –F:* updatename.msu c:\whereyouwantthefiles” You will then need to open the cab files that are extracted. This can be done by using winrar.</li><br/> <li>Contained in the each cab file should be a update.cat and a update.mum you will need to rename this to the packages which are generating the errors example: Package_for_KB2393802_RTM~31bf3856ad364e35~amd64~~6.1.1.1 (2).cat</li><br/> <li>Once completed you should then copy the files to the following directory C:\Windows\Servicing\Packages</li><br/> <li>Once completed you can run the readiness tool once again and check the log file. In our case we were still receiving the following errors:</li><br/></ol><br/>Unavailable repair files:<br/><br/>servicing\packages\Package_for_KB2524375_SP1~31bf3856ad364e35~amd64~~6.1.1.1.mum servicing\packages\Package_for_KB2524375_SP1~31bf3856ad364e35~amd64~~6.1.1.1.cat<br/><br/> <br/><br/>If you do encounter this you may have to check the contents of the cab file and get the files with the exact filenames in question from the cab and copy them into the C:\windows\servicing\packages directory.<br/><br/> <br/><br/>You will then be able to open Roles in Server Manager once again.Khalid Ameerodienhttp://www.blogger.com/profile/16235782191638963724noreply@blogger.com0tag:blogger.com,1999:blog-3101898189443719490.post-44263135390392104202011-09-02T01:46:00.000-07:002012-05-09T01:22:24.012-07:00Sending an email notification when a user account gets locked outI encountered the need to monitor account lockouts so that I could more efficiently deal with the response time to users that encounter this. Also we could identify if the user was infact trying to log on or if it was another party trying to utlise the account. I made the following script which I linked to a task to run when an event was triggered in the security log.<br/><br/> <br/><br/>$2MinutesAgo = [DateTime]::Now.AddMinutes(-2)<br/>$messageParameters = @{<br/>Subject = "User Account Locked"<br/>Body = Get-EventLog "Security" |<br/>Where {$2MinutesAgo -le $_.TimeWritten -and $_.eventid -eq 4740} |<br/>Format-List |<br/>Out-String<br/>From = "user_lockout@mydomain.com"<br/>To = "myemail@mydomain.com"<br/>SmtpServer = "mymailserver"<br/>}<br/>Send-MailMessage @messageParameters<br/><br/> <br/><br/> Khalid Ameerodienhttp://www.blogger.com/profile/16235782191638963724noreply@blogger.com0tag:blogger.com,1999:blog-3101898189443719490.post-15436325402450480252011-09-02T00:19:00.000-07:002012-05-09T01:22:23.992-07:00Technical Diary of a Sharepoint AdministratorIn this blog I will take you through my day to day experiences and findings as I delve deeper and deeper into the realm of SharepointKhalid Ameerodienhttp://www.blogger.com/profile/16235782191638963724noreply@blogger.com0