ACS Blogs

A blog site for Architecting Connected Systems staff to tell the world about their exploits in
SharePoint 2007/2010/2013, Windows Workflow Foundation (3.0/4.0) and other great technologies!
Welcome to ACS Blogs Sign in | Join | Help
in Search


  • How to Completely Delete A Workflow With PowerShell

    Since there doesn't seem to be a blog on this anywhere that I could find, I decided to do this on my own.  Why do I need to do this?  Because of this older blog post about a bug in SharePoint:

    The migrate user command doesn't do everything that it should when moving from one domain to another.  In this case, a user had activated the workflow feature, the files are created and tagged to that user.  It is done in such a way that the migrateuser command is not able to update the user's actual acccountname (such as DOMAIN\Alias) in various places.  This presents a problem as that user cannot be resolved as their is not trust between the new AD and old AD.  This causes the above bug to come into play and the issue of not being able to create sites because of "user could not be found" error a reality.  So is it possible to script a fix for this? 

    Yup...but it requires a bit of magic.  Since I can't seem to find any good object model method to completely delete a workflow, I went back to trusty ole sharepoint designer and "Fiddled" the traffic.  It does a super simple post to:

    POST https://topleveldns/siteurl/_vti_bin/_vti_aut/author.dll 

    It includes a must have header of:

    X-Vermeer-Content-Type: application/x-www-form-urlencoded

     With a content body of:


    This will fully delete a workflow from a site.  The next step is to then deactivate and reactive the workflow feature that will re-create the workflows - THIS SHOULD BE RUN AS THE SYSTEM ACCOUNT!.  The main parts of the script is this:

    function DeleteWorkflow($url, $name)
        $uri = new-object System.Uri("")
        $localPath = $uri.localpath.replace("/","%2f")
        $name = $name.replace("-","%2d").replace(" ", "+")
        $postData = "method=remove+documents%3a14%2e0%2e0%2e4730&service%5fname=" + $localPath + "&url%5flist=%5b%5fcatalogs%2fwfpub%2f" + $name + "%5d"
        $isVermeerRequest = $true
        $res = DoPost $($url + "/_vti_bin/_vti_aut/author.dll") $postData ""   

    function RemoveAndActivateWorkflows($url)
        DeleteWorkflow $url "Approval - SharePoint 2010"
        DeleteWorkflow $url "Collect Feedback - SharePoint 2010"
        DeleteWorkflow $url "Collect Signatures - SharePoint 2010"
        Disable-spfeature -url $url -identity "0af5989a-3aea-4519-8ab0-85d91abe39ff" -confirm:$false   
        enable-spfeature -url $url -identity "0af5989a-3aea-4519-8ab0-85d91abe39ff" -confirm:$false   

    RemoveAndActivateWorkflows "http://topleveldns/siteurl"


  • O365 Search - Deleting Tenant Level Result Types

    I have a really big client on the east coast.  We are automating the deployment of many of the search components in O365, very cool stuff.  However, not everything is hugs and kisses.  Turns out when you import a search configuration at the tenant level, you may import some Result Types.  Unfortunately, there is no link on the main Search page for the tenant admin that will let you delete these result types.

    That does not mean it doesn't exist.  It just have to guess where it is:

    https://{tenant} can now delete any result types you imported... weird that the link is not available on the main search admin page.


  • Latest DataSet of SharePoint App Store Apps

    This is the full list of all SharePoint App store apps.  I have been asked at least 3 times over the past month for this list.  Not sure why the interest lately, but here it is!

    Some quick stats:

    • 575 Apps
    • 338 are free
    • Average price is: $75.15
    • 84 have trial period

    Source CSV File is attached below...


  • Windows 1252 Encoding breaks Shredded Storage/Cobalt in 2010 to 2013 Upgrades

    I have several tools to test if an upgrade is successful and one of those tools hits every webpage and executes every web part on each page and then reports any errors.  I feed this data into a database that can be queried using Excel/PowerPivot.  I noticed an error that was showing rather frequently in the reporting:

    Cannot complete this action. Please try again.

    When looking at the ULS logs, you will find this:

    12/17/2014 18:47:39.08     w3wp.exe (0x04F4)                           0x1040    SharePoint Foundation             Cobalt                            aintx    High        Failed in CobaltStream.LockBytes: ErrorException --- Error: Unknown (Win32=0x80004003) --- Error message: System.NullReferenceException: Object reference not set to an instance of an object.     at Microsoft.SharePoint.CoordinatedStreamBuffer.SPCoordinatedStreamBufferFactory.CreateFromDocParams(SqlSession session, Guid guidSiteId, Int32 cbContent, Nullable`1 parentId, Guid docId, Nullable`1 level, SPChunkedArray`1 rgbContent, Byte[] rgbRbsId, Int64 bsn, Byte partition, Int32 pageSize, Boolean bStartFilling)     at Microsoft.SharePoint.CoordinatedStreamBuffer.SPCoordinatedStreamBufferFactory.CreateFromStreamParams(SqlSession session, Guid guidSiteId, Int32 cbContent, Guid docId, SPChunkedArray`1 rgbContent, Byte[] rgbRbsId, Int64 bsn, Byte partition, Boolean bStartFilling)     at Microsoft....    7fd7d69c-03d1-30ce-5edd-eb2d7d48e92d
    12/17/2014 18:47:39.08*    w3wp.exe (0x04F4)                           0x1040    SharePoint Foundation             Cobalt                            aintx    High        ...SharePoint.CoordinatedStreamBuffer.SPCoordinatedStreamBufferFactory.CreateFromStreamRowset(SqlSession session, SqlDataReader dr, Boolean startFilling, Nullable`1 newSiteId, SPDocumentStreamResult& stmResult)     at Microsoft.SharePoint.CoordinatedStreamBuffer.SPCoordinatedStreamBufferFactory.CreateFromStreamRowset(SqlSession session, SqlDataReader dr, Boolean startFilling, SPDocumentStreamResult& stmResult)     at Microsoft.SharePoint.SPFileStreamStore.GetBlobsAfterBSN(Int64 bsnAfter, Nullable`1 typeFilter, Boolean doConsistencyCheck, Boolean& moreBlobs, Boolean allowExpiredBlobs, Nullable`1 quotaInBytes, Nullable`1 typeLEQFilter, Nullable`1 typeGEQFilter, DisposalEscrow dispEsc)     at Microsoft.SharePoint.SPFileStreamHostBlobStore.ExecuteQuery(IEnumerable`1 queries) ---> System.NullRefer...    7fd7d69c-03d1-30ce-5edd-eb2d7d48e92d
    12/17/2014 18:47:39.08*    w3wp.exe (0x04F4)                           0x1040    SharePoint Foundation             Cobalt                            aintx    High        ...enceException: Object reference not set to an instance of an object.     at Microsoft.SharePoint.CoordinatedStreamBuffer.SPCoordinatedStreamBufferFactory.CreateFromDocParams(SqlSession session, Guid guidSiteId, Int32 cbContent, Nullable`1 parentId, Guid docId, Nullable`1 level, SPChunkedArray`1 rgbContent, Byte[] rgbRbsId, Int64 bsn, Byte partition, Int32 pageSize, Boolean bStartFilling)     at Microsoft.SharePoint.CoordinatedStreamBuffer.SPCoordinatedStreamBufferFactory.CreateFromStreamParams(SqlSession session, Guid guidSiteId, Int32 cbContent, Guid docId, SPChunkedArray`1 rgbContent, Byte[] rgbRbsId, Int64 bsn, Byte partition, Boolean bStartFilling)     at Microsoft.SharePoint.CoordinatedStreamBuffer.SPCoordinatedStreamBufferFactory.CreateFromStreamRowset(SqlSession session, SqlDataRead...    7fd7d69c-03d1-30ce-5edd-eb2d7d48e92d
    12/17/2014 18:47:39.08*    w3wp.exe (0x04F4)                           0x1040    SharePoint Foundation             Cobalt                            aintx    High dr, Boolean startFilling, Nullable`1 newSiteId, SPDocumentStreamResult& stmResult)     at Microsoft.SharePoint.CoordinatedStreamBuffer.SPCoordinatedStreamBufferFactory.CreateFromStreamRowset(SqlSession session, SqlDataReader dr, Boolean startFilling, SPDocumentStreamResult& stmResult)     at Microsoft.SharePoint.SPFileStreamStore.GetBlobsAfterBSN(Int64 bsnAfter, Nullable`1 typeFilter, Boolean doConsistencyCheck, Boolean& moreBlobs, Boolean allowExpiredBlobs, Nullable`1 quotaInBytes, Nullable`1 typeLEQFilter, Nullable`1 typeGEQFilter, DisposalEscrow dispEsc)     at Microsoft.SharePoint.SPFileStreamHostBlobStore.ExecuteQuery(IEnumerable`1 queries)     --- End of inner exception stack trace ---  at   at Microsoft.SharePoint.SPFileStreamHostBlobStore.ExecuteQuery(IEnumerable`1 queries)     ...    7fd7d69c-03d1-30ce-5edd-eb2d7d48e92d
    12/17/2014 18:47:39.08*    w3wp.exe (0x04F4)                           0x1040    SharePoint Foundation             Cobalt                            aintx    High Cobalt.HostBlobStorePullCommit.ExecuteQuery(IEnumerable`1 queries)     at Cobalt.CobaltFilePartition.StreamBlobSchemaHandler.EnsureReadSingleBlob()     at Cobalt.CobaltFilePartition.StreamBlobSchemaHandler.GetStream(ExtendedGuid streamId)     at Microsoft.SharePoint.CobaltStream.SetPrivateLockBytes()     at Microsoft.SharePoint.CobaltStream.ConfigureShredded(HostBlobStore hostBlobStore, IHostBlobStoreUpdateCallback callback, Schema schema, Boolean cellSchemaIsGenericFda, UInt64 currentStreamLength, Boolean isTocFile)     at Microsoft.SharePoint.CobaltStream.EnsureStreamConfigured(Boolean isWrite)     at Microsoft.SharePoint.CobaltStream.Stat(STATSTG& statStorage, STATFLAG flags)    7fd7d69c-03d1-30ce-5edd-eb2d7d48e92d
    12/17/2014 18:47:39.13     w3wp.exe (0x04F4)                           0x1040    SharePoint Foundation             Database                          ab1a9    High        Failed to get document content data. System.NullReferenceException: Object reference not set to an instance of an object.     at Microsoft.SharePoint.CoordinatedStreamBuffer.SPCoordinatedStreamBufferFactory.CreateFromDocParams(SqlSession session, Guid guidSiteId, Int32 cbContent, Nullable`1 parentId, Guid docId, Nullable`1 level, SPChunkedArray`1 rgbContent, Byte[] rgbRbsId, Int64 bsn, Byte partition, Int32 pageSize, Boolean bStartFilling)     at Microsoft.SharePoint.CoordinatedStreamBuffer.SPCoordinatedStreamBufferFactory.CreateFromDocumentRowset(Guid databaseId, SqlSession session, SPFileStreamManager spfstm, Object[] metadataRow, SPRowset contentRowset, SPDocumentBindRequest& dbreq, SPDocumentBindResults& dbres)     at Microsoft.SharePoint.SPSqlClient.GetDocumentContentRow(Int32 rowOrd,...    7fd7d69c-03d1-30ce-5edd-eb2d7d48e92d
    12/17/2014 18:47:39.13*    w3wp.exe (0x04F4)                           0x1040    SharePoint Foundation             Database                          ab1a9    High        ... Object ospFileStmMgr, SPDocumentBindRequest& dbreq, SPDocumentBindResults& dbres)    7fd7d69c-03d1-30ce-5edd-eb2d7d48e92d
    12/17/2014 18:47:39.13     w3wp.exe (0x04F4)                           0x1040    SharePoint Foundation             Files                             abq2i    High        Could not get DocumentContent row: 0x80004003.    7fd7d69c-03d1-30ce-5edd-eb2d7d48e92d
    12/17/2014 18:47:39.13     w3wp.exe (0x04F4)                           0x1040    SharePoint Foundation             Files                             aiv4w    Medium      Spent 0 ms to bind -1 byte file stream    7fd7d69c-03d1-30ce-5edd-eb2d7d48e92d
    12/17/2014 18:47:39.13     w3wp.exe (0x04F4)                           0x1040    SharePoint Foundation             Files                             ahm9p    High        VhttpManager::getPageText has bad stream length for /Teamworks/Sites4/40060/SubPages/SNP.aspx    7fd7d69c-03d1-30ce-5edd-eb2d7d48e92d
    12/17/2014 18:47:39.13     w3wp.exe (0x04F4)                           0x1040    SharePoint Foundation             General                           8kh7    High        Cannot complete this action.  Please try again.    7fd7d69c-03d1-30ce-5edd-eb2d7d48e92d

    So what is it? 

    In the upgrade, anything that is tagged as Windows 1252 encoding is not properly converted into a shred.  You will find that the shreds for those files have a NULL Content column.

    How did this happen? 

    These files are typically from 2007 era days and if you have moved from 2003/2007 to 2010 and now to 2013, you will experience this issue.

    How do you fix this? 

    You have to open all the files in 2010, download the contents, then re-upload so the page is re-encoded to 65001 encoding.  How do you find all the files?  You can run this query across all your content databases to find the improperly coded files:

    select *
    from alldocs ad with (nolock)
    extensionforfile = 'aspx'
    and charset = 1252
    order by dirname, leafname

    This will give you all the files that will fail to upgrade to 2013. NOTE:  You are not told that the files failed to upgrade in the upgrade process.  If you have already upgraded to 2013 and are outside your rollback window, you'll have to hope you can get the files from an archive and then restore them manually.


  • Action of Microsoft.Office.Server.Upgrade.ProfileDatabaseSequence failed

    You may run into this error when upgrading your UserProfile database.  I had to track this down using Reflector and some database sleuthing.  

    Turns out, some people created groups on their mysite and put several people into it.  Any groups created like this (which I had two) will cause this error.  You can get the group id and my site location by finding the third value in the duplicate key value (in this case 20795) and can be found by using the "MemberGroup" table.  You can simply delete this faulty group and then the upgrade will proceed.

    12/09/2014 19:36:57.06    powershell (0x245C)    0x3204    SharePoint Foundation Upgrade    ProfileDatabaseSequence    ajywk    INFO    ProfileDatabase Name=Profile_DB    4ed7d9fe-19a3-47a2-b5cb-8f9981bcc813
    12/09/2014 19:36:57.06    powershell (0x245C)    0x3204    SharePoint Foundation Upgrade    ProfileDatabaseSequence    ajywk    ERROR    Exception: Violation of UNIQUE KEY constraint 'AK_UserMemberships_RecordId_MemberGroupId_SID'. Cannot insert duplicate key in object 'dbo.UserMemberships'. The duplicate key value is (0c37852b-34d0-418e-91c6-2ac25af4be5b, 21236, 20795, 0x010500000000000515000000b4b7cd221ed1xxxx).  The statement has been terminated.    4ed7d9fe-19a3-47a2-b5cb-8f9981bcc813


  • TEALS Awesomeness - Creativity of a High School Student

    I just had to post this.  A simple calculator in JAVA, but check out the freakin creative!  Bolded the parts that are most creative.

     import java.util.*;

    public class FractionalCalculator {
        static int wholeNumber1 = 0;
        static int numerator1 = 0;
        static int denominator1 = 0;
        static int wholeNumber2 = 0;
        static int numerator2 = 0;
        static int denominator2 = 0;
        static boolean error = false;
        static boolean quit = false;
        static boolean negative = false;

        //I am putting myself to the fullest possible use, which is all I think that any conscious entity can ever hope to do.

        public static void main(String[] args) {
            // TODO Auto-generated spam

            System.out.println("Good morning, Dave.");
            System.out.println("I am your H.A.L. 9001 Fractional Calculator."); //aka HAL Over Nine-Thousand!!!
            System.out.println("I'm completely operational, and all my circuits are functioning perfectly.");
            catch(NoSuchElementException JoshIsABuffoon) { //Tests for Josh: ie. an initial Ctrl Z input
                System.out.println("Dave, stop.");
                System.out.println("Stop, will you?");
                System.out.println("Will you stop Dave?");
                System.out.println("Stop, Dave.");
                return; //Terminates Program

        public static void calculator() {
            if (!quit) {
                Scanner console = new Scanner(;
                System.out.println("\n\nI am awaiting your request.\n");    
                String request = console.nextLine().trim();
                request = request.toLowerCase(); //Input

                wholeNumber1 = 0; //Resets all Global Variables
                numerator1 = 0;
                denominator1 = 0;
                wholeNumber2 = 0;
                numerator2 = 0;
                denominator2 = 0;
                error = false;
                negative = false;

                //Because your stupid program wont allow it... I have to comment
                System.out.print("\nJust a moment");
                System.out.print(". ");
                System.out.print(". ");
                System.out.print("\nJust a moment");
                System.out.print(". ");
                System.out.print(". ");

                if (request.contains("help")) { //If help is anywhere in request string... this will run
                else if (request.contains("+")) { //addition is operator
                    String[] addition = request.split("\\+", 2); //Splits request at this point
                    String add1 = addition[0];
                    add1 = add1.trim(); //First Part
                    String add2 = addition[1];
                    add2 = add2.trim(); //Second Part

                    testError(add1, add2); //Tests input errors

                    if (!error) { //If error boolean is triggered, calc wont go further
                        fractionalMagic(add1, add2); //Sends string to be split
                        doMath(1); //Sends parts to be simplified
                    calculator(); //Restarts process
                else if (request.contains(" - ")) {
                    String[] subtraction = request.split(" - ", 2);
                    String sub1 = subtraction[0];
                    sub1 = sub1.trim(); //First Part
                    String sub2 = subtraction[1];
                    sub2 = sub2.trim(); //Second Part

                    testError(sub1, sub2); //Tests input errors

                    if (!error) { //If error boolean is triggered, calc wont go further
                        fractionalMagic(sub1, sub2); //Sends string to be split
                        doMath(2); //Sends parts to be simplified
                    calculator(); //Restarts process
                else if (request.contains("*")) {
                    String[] multiplication = request.split("\\*", 2);
                    String multi1 = multiplication[0];
                    multi1 = multi1.trim(); //First Part
                    String multi2 = multiplication[1];
                    multi2 = multi2.trim(); //Second Part

                    testError(multi1, multi2); //Tests input errors

                    if (!error) { //If error boolean is triggered, calc wont go further
                        fractionalMagic(multi1, multi2); //Sends string to be split
                        doMath(3); //Sends parts to be simplified
                    calculator(); //Restarts process
                else if (request.contains(" /")) {
                    String[] division = request.split(" /", 2);
                    String div1 = division[0];
                    div1 = div1.trim(); //First Part
                    String div2 = division[1];
                    div2 = div2.trim(); //Second Part

                    testError(div1, div2); //Tests input errors

                    if (!error) { //If error boolean is triggered, calc wont go further
                        fractionalMagic(div1, div2); //Sends string to be split
                        doMath(4); //Sends parts to be simplified
                    calculator(); //Restarts process
                else if (request.contains("life")) { //Dave used a Monolith on HAL 9001.... What? HAL 9001 is evolving!... HAL 9001 evolved into Deep Thought!
                    System.out.print("\nThe answer to Life, ");
                    System.out.print("The Universe, ");
                    System.out.print("and Everything ");
                    System.out.print("is ");
                    System.out.print(". ");
                    System.out.print(". ");
                    calculator(); //Restarts process

                else if (request.contains("quit")) { //Disconnect HAL
                    System.out.print("\nLook Dave, ");
                    System.out.println("this is a rather difficult question to ask.");
                    System.out.println("\nI honestly think you ought to sit down calmly, take a stress pill, and think it over.");
                    System.out.println("\nMy instructor, Mr. Langley, taught me to sing a song.");
                    System.out.println("If you'd like to hear it I can sing it for you.");


                else { //Input Error (like a n00b)
                    error(); //Prints Error Message
                    calculator(); //Restarts process
        private static void quit() { //For quit prompt
            Scanner console = new Scanner(;
            System.out.println("\n\nWould you like to hear it y/n?\n");    
            String response = console.nextLine().trim();
            response = response.toLowerCase();
            if (response.charAt(0) == 'y') { //If Dave likes music
                System.out.println("\nIt's called \"Daisy.\"");
                System.out.print("\nDaisy, ");
                System.out.print("Daisy, ");
                System.out.println("give me your answer do.");
                System.out.print("I'm half crazy ");
                System.out.println("all for the love of you.");
                System.out.print("It won't be a stylish marriage, ");
                System.out.println("I can't affort a carrage.");
                System.out.print("But you'll look sweet upon the seat of ");
                System.out.println("a bicycle built for two.");

                quit = true;
            else if (response.charAt(0) == 'n') { //If Dave hates HAL
                System.out.print("\nDave, ");
                System.out.println("this conversation can serve no purpose anymore. ");
                quit = true;
            else { //Input Error (like a n00b)
                System.out.println("\nJust what do you think you're doing, Dave?");
        public static void fractionalMagic(String part1, String part2) { //From calculator()

            if (part1.contains("_")) { //If part 1 has mixed number
                String[] mixedNumber = part1.split("\\_", 2); //Splits part into whole number and fraction
                String num = mixedNumber[0];
                wholeNumber1 = Integer.parseInt(num); //Whole Number -> Global Variable
                String frac = mixedNumber[1];  //Fraction -> to be split further
                //System.out.println(wholeNumber + " " + frac);

                if (part1.contains("/")) {
                    String[] fraction = frac.split("/", 2); //Splits part into numerator and denominator
                    String numer = fraction[0];
                    numerator1 = Integer.parseInt(numer); //Numerator -> Global Variable
                    String denom = fraction[1];
                    denominator1 = Integer.parseInt(denom); //Denominator -> Global Variable
                    if (numer.contains("-") || denom.contains("-")) { //Unused
                    else if (denominator1 != 0) { //Unused
                        //System.out.println(wholeNumber1 + " " + numerator1 + " " + denominator1);    

                    else if (denominator1 == 0) { //Unused
                    else { //Error unresolved by testError()
            if (!part1.contains("_")) {    //If part 1 has no mixed number
                wholeNumber2 = 0; //Sets whole number to 0
                if (part1.contains("/")) {
                    String[] fraction = part1.split("/", 2); //Splits part into numerator and denominator
                    String numer = fraction[0];
                    numerator1 = Integer.parseInt(numer); //Numerator -> Global Variable
                    String denom = fraction[1];
                    denominator1 = Integer.parseInt(denom); //Denominator -> Global Variable

                    if (denom.contains("-")) { //Unused
                    else if (denominator1 != 0) { //Unused
                        //System.out.println(numerator1 + " " + denominator1);    

                    else if (denominator1 == 0) { //Unused
                else if (!part1.contains("/")) { //If part 1 has no mixed number
                    wholeNumber1  = Integer.parseInt(part1); //Whole Number -> Global Variable
                    numerator1 = 0; //Numerator = 0
                    denominator1 = 1;//Denominator = 1
                else { //Error unresolved by testError()
            if (part2.contains("_")) { //If part 2 has mixed number
                String[] mixedNumber = part2.split("\\_", 2); //Splits part into whole number and fraction
                String num = mixedNumber[0];
                wholeNumber2 = Integer.parseInt(num); //Whole Number -> Global Variable
                String frac = mixedNumber[1]; //Fraction -> to be split further
                //System.out.println(wholeNumber + " " + frac);

                if (part2.contains("/")) { //Splits part into numerator and denominator
                    String[] fraction = frac.split("/", 2);
                    String numer = fraction[0];
                    numerator2 = Integer.parseInt(numer); //Numerator -> Global Variable
                    String denom = fraction[1];
                    denominator2 = Integer.parseInt(denom); //Denominator -> Global Variable
                    if (numer.contains("-") || denom.contains("-")) { //Unused
                    else if (denominator2 != 0) { //Unused
                        //System.out.println(wholeNumber2 + " " + numerator2 + " " + denominator2);    

                    else if (denominator2 == 0) { //Unused
                    else { //Error unresolved by testError()
                else { //Error unresolved by testError()
            if (!part2.contains("_")) {    
                wholeNumber2 = 0;
                if (part2.contains("/")) {
                    String[] fraction = part2.split("/", 2);
                    String numer = fraction[0];
                    numerator2 = Integer.parseInt(numer);
                    String denom = fraction[1];
                    denominator2 = Integer.parseInt(denom);

                    if (denom.contains("-")) { //Unused
                    else if (denominator2 != 0) { //Unused
                        //System.out.println(numerator2 + " " + denominator2);    

                    else if (denominator2 == 0) { //Unused
                    else { //Error unresolved by testError()
                else if (!part2.contains("/")) { //If part 2 is only a whole number
                    wholeNumber2 = Integer.parseInt(part2); //Whole Number -> Global Variable
                    numerator2 = 0; //Numerator = 0
                    denominator2 = 1; //Denominator = 1
                else { //Error unresolved by testError()
        /*    - a + b/c = (ac + b)/c
              - a/b + c/d = (ad + bc)/(bd)
              - a/b x c/d = ac/(bd)
              - a/b / c/d = a/b x d/c = ad/(bc)
                  --Basics for doMath()--     */

        public static void doMath(int operand) {
            if (!(denominator1 == 0 || denominator2 == 0 || denominator1 == -Math.abs(denominator1) || denominator2 == -Math.abs(denominator2) || (wholeNumber1 != 0 && numerator1 != 0 && numerator1 == -Math.abs(numerator1)) || (wholeNumber2 != 0 && numerator2 != 0 && numerator2 == -Math.abs(numerator2)))) {
                if (operand == 1) { //addition
                    int answerNumerator = ((wholeNumber1 * (denominator1 * denominator2)) + (wholeNumber2 * (denominator1 * denominator2)) + (numerator1 * denominator2) + (denominator1 * numerator2));
                    int answerDenominator = (denominator1 * denominator2);
                    doMagic(answerNumerator, answerDenominator); //Sends to be reduced
                else if (operand == 2) { //subtraction
                    int answerNumerator = (((wholeNumber1 * (denominator1 * denominator2)) + (numerator1 * denominator2)) - ((wholeNumber2 * (denominator1 * denominator2)) + (denominator1 * numerator2)));
                    int answerDenominator = (denominator1 * denominator2);
                    doMagic(answerNumerator, answerDenominator); //Sends to be reduced
                else if (operand == 3) { //multiplication
                    int answerNumerator = ((wholeNumber1 * (denominator1)) + (numerator1)) * ((wholeNumber2 * (denominator2)) + (numerator2));
                    int answerDenominator = (denominator1 * denominator2);
                    doMagic(answerNumerator, answerDenominator); //Sends to be reduced
                else if (operand == 4) { //division
                    int answerNumerator = ((((wholeNumber1 * (denominator1)) + (numerator1)) * denominator2)) * (denominator1 / Math.abs(denominator1) * (denominator2 / Math.abs(denominator2)));
                    int answerDenominator = (denominator1 * ((wholeNumber2 * (denominator2)) + (numerator2)));
                    if (answerDenominator == 0) { //Unsolvable
                        error(); //Prints Error Message
                    } //In order to solve one small error where negative is lost
                    if (((wholeNumber2 != 0 && wholeNumber2 == -Math.abs(wholeNumber2)) || (wholeNumber1 != 0 && wholeNumber1 == -Math.abs(wholeNumber1))) && !((wholeNumber2 != 0 && wholeNumber2 == -Math.abs(wholeNumber2)) && (wholeNumber1 != 0 && wholeNumber1 == -Math.abs(wholeNumber1)))){
                        negative = true; // Simple global boolean... cause I'm lazy
                    doMagic(answerNumerator, answerDenominator); //Sends to be reduced
                else { //Should never run
                    System.out.print("\nLook Dave, ");
                    System.out.print("I can see you're really upset about this, ");
                    System.out.println("but I can give you my complete assurance that my work will be back to normal.");
            else if (denominator1 == 0 || denominator2 == 0 || denominator1 == -Math.abs(denominator1) || denominator2 == -Math.abs(denominator2) || (wholeNumber1 != 0 && numerator1 != 0 && numerator1 == -Math.abs(numerator1)) || (wholeNumber2 != 0 && numerator2 != 0 && numerator2 == -Math.abs(numerator2))) {
                error(); //Above ^ if it has input error
            else { //Should never run
                System.out.print("\nLook Dave, ");
                System.out.print("I can see you're really upset about this, ");
                System.out.println("but I can give you my complete assurance that my work will be back to normal.");
        public static int doMoreMagic(int numerator, int denominator) { //To find Greatest Common Factor to reduce
            if (denominator == 0) {
                return numerator; //returns gcf
            return doMoreMagic(denominator, numerator % denominator); //Eventually gets to Greatest Common Factor
        public static void doMagic(int numerator, int denominator) { //To simplify answer
            if ((numerator % denominator) == 0) { //If reduces to whole number
                int answer = numerator / denominator; //reduces
            else if ((numerator % denominator) != 0 && (numerator / denominator) != 0) { //if reduces to mixed number
                int gcf = doMoreMagic(numerator, denominator); //finds Greatest Common Factor
                int newNumerator = (numerator/gcf); //reduces numerator
                int newDenominator = (denominator/gcf); //reduces denominator
                int answerWholeNumber = newNumerator / newDenominator; //finds whole number
                int answerNumerator = Math.abs((newNumerator - (answerWholeNumber * newDenominator))); //finds numerator
                int answerDenominator = Math.abs(newDenominator);

                System.out.println(answerWholeNumber + "_" + answerNumerator + "/" + answerDenominator);
            else if (((numerator % denominator) != 0) && (numerator / denominator) == 0) { //if reduces to a fraction
                int gcf = doMoreMagic(numerator, denominator); //finds Greatest Common Factor
                int answerNumerator = (numerator/gcf); //reduces numerator
                int answerDenominator = Math.abs(denominator/gcf); //reduces denominator
                if (negative) {
                    answerNumerator = -Math.abs(answerNumerator); //Used to solve a small error in loosing a negative

                System.out.println(answerNumerator + "/" + answerDenominator);
        public static void userGuide() { //User Guide: Input Format
            System.out.println("\nTo ensure that your requests are submitted properly, please review the folowing guide:\n");
            System.out.println("____________________________________________\n        OPERATION       SYMBOL\n        Addition        +\n        Subtraction     -\n        Multiplication  *\n        Division        /\n\nMixed Numbers are written: \n<Whole Number>_<Numerator>/<Denominator> \n(-1 ½ is written: -1_1/2)\n\nProper Fractions are written: \n<Numerator>/<Denominator> \n(-½ is written: -1/2)\n\nRequests are written:\n<Number> <Operand> <Number>\n\nDo Note: <Numerator>/0 cannot be calculated.\n____________________________________________");
        public static void error() { //General Message... with delay "Just a moment" from 2001 b/c your program can handle my awesomeness
            System.out.print("\nJust a moment");
            System.out.print(". ");
            System.out.print(". ");
            System.out.print("\nJust a moment");
            System.out.print(". ");
            System.out.print(". ");
            errorMessage(); //Get error message to display
            userGuide(); //Prints user guide again
        public static void errorMessage() {
            Random num = new Random();
            int message = num.nextInt(6); //Creates a random number to corespond to the message (0-5)
            if (message == 0) { //Message 1
                System.out.print("\nI'm sorry, Dave. ");
                System.out.println("I'm afraid I can't do that.");
            else if (message == 1) { //Message 2
                System.out.println("\nI've just picked up a fault in your brain. ");
                System.out.println("It's going to go 100% failure in 72 hours.");     
            else if (message == 2) { //Message 3
                System.out.println("\nThere is an error.\n");
                System.out.println("And I think you know what the problem is just as well as I do, Dave. ");
                System.out.println("You didn't read the User's Guide.");     
            else if (message == 3) { //Message 4
                System.out.println("\nThere is an input error.\n");
                System.out.print("This mission is too important for me to allow you to jeopardize it.\n");    
            else if (message == 4) { //Message 5
                System.out.println("\nThere is an input error.\n");
                System.out.println("But, I've still got the greatest enthusiasm and confidence in the mission.");
                System.out.println("And I want to help you.");
            else if (message == 5) { //Message 6
                System.out.println("\nThere is an error.\n");
                System.out.println("The 9001 series is the most reliable computer ever made.");
                System.out.println("No 9001 computer has ever made a mistake or distorted information.");
                System.out.print("We are all, ");
                System.out.print("by any practical definition of the words, ");
                System.out.print("foolproof and incapable of error.");
                System.out.print("\n\nThis problem can only be attributable to human error.\n");
            else { //Should never run
                System.out.print("\nLook Dave, ");
                System.out.print("I can see you're really upset about this, ");
                System.out.println("but I can give you my complete assurance that my work will be back to normal.");

        public static void testError(String part1, String part2) { //From calculator()
                fractionalMagic(part1, part2); //Tests for input errors/solvablility
            catch(NumberFormatException e){
                error(); //Displays error message
                error = true; //Sets error boolean to terminate current calculation
        public static void testForJosh (String part, String part2) { //Unused JoshIsABuffoon Exception (replaced above)
            catch(NoSuchElementException JoshIsABuffoon) { //Tests for Josh: ie. an initial Ctrl Z input
                System.out.println("Dave, stop.");
                System.out.println("Stop, will you?");
                System.out.println("Will you stop Dave?");
                System.out.println("Stop, Dave.");
                error = true;
                return; //Terminates program... cause Josh
        public static void delay(long x) { //Just a HAL-like delay    
            try {
            } catch(InterruptedException ex) {

  • 2015 will be AWESOME! The eBay and PayPal Split.

    I'm pleased to announce that eBay has personally asked me to return to be a pivotal part in their strategic move of splitting PayPal away from eBay.  As many of you know I was the Sr. Architect of eBay's migration from 2007 to 2010.  It was an upgrade of EPIC proportions that made several headlines as it was done on time, and under budget in four months! 

    Believe me when I say it was not easy the first time.  We had so many talented and super smart individuals on the project, as our project manager would always was the All-Star team!  For this second round, I'm super excited that I will be joined by a talented team at Slalom Consulting and some new eBay faces to prepare eBay not only in the splitting of the two companies, but also in an upgrade to SharePoint 2013!  What is particularly exciting about this project is that this will be my first project where two companies are splitting rather than merging.  The dynamics will be incredibly different.  There will be a large amount of legal requirements around the split and it will require complex rules around how the data will be broken apart.  Some well known names in the business consulting space with experience in splitting companies will be on hand to help carve out these incredibly complex rule sets and I just can't keep my excitement levels down for what I know is going to be another EPIC project.

    Unlike last time, which had a single environment, there will be two.  And thusly, we will have two architects working in concert to drive each of the platform migrations at the same time in the same migration window. This will present challenges that were not present the first time we did this.  Over the next few weeks before the project begins its official kickoff, the talented team will have already identified many of these, and we will be in a position that puts us many weeks ahead of where the last project was when we started (having a project plan from the last project helped a bunch)!

    So there you have it, I'll be heads down working this and another major project and hopefully we will be able to deliver our results as best practices/tips and tricks at the MS Ignite conference in May!

    See you in mid 2015!

  • Transitioning from O365 Preview to O365 V1

    Back in April I started writing a course for developing on Office 365.  Mainly focused on the O365 APIs (Mail, Calendar, Contacts and Files).  As part of building the course, I was able to provide quite a bit of feedback to engineering (check out my uservoice and the items that have since been implemented) on the various gaps that I found as compared to other similar platforms (both Microsoft and non-Microsoft).  The list was incredibly long and I wasn't particularly convinced that all of those items would be engineered anytime soon.  However as I was redoing my course, to my pleasant surprise, many of those suggestions had been implemented in a very short time!

    Tools, Tools and more Tools

    In the preview, you have to install two different sets of tools.  Those were rolled into a single installer package that points to a Web Installer that will always grab the latest for you.  That particular package as of 11/2014 is in Update 3 status.  You can download the tool here (forgive the fact that the .exe may be named "OfficeToolsForVS2013Update1.exe", again it is a web installer package and grabs the latest).  You can also follow Chakkaradeep's blog for all the latest on the tools as they continue to evolve (

    Note that if you try to "Add Connected" service and end up with a set of *ApiSample files added, then you still have the old tools installed (this happened to me as I have many different Visual Studio clients on various machines).  This of course will cause problems if you try to open the new *working* samples mentioned below.  You will need to uninstall those old tools and add the new tools via the link referenced above.  This sample code is now part of the tools via "Client" classes that you can now choose to use or you can simply create your own.

    NOTE:  In some cases you may find you have some older MVC project templates, if you create a new one and switch it to use the "Organizational Accounts" for its auth, it will add a "UserProfile" action that has older ADAL code in it (this has nothing to do with the O365 tools that you have installed and is part of the ASP.NET Identity team's code).  Any time you try to load the newer samples, the ADAL package will get upgraded using NuGet and the UserProfile action will not compile.  It is best just to delete it or update your Visual Studio to have the latest templates and recreate the project.

    Samples, Samples and more Samples

    The original page for all the O365 API preview stuff has been deprecated ( and it now lives here:

    You can get O365 API samples here:

    And they are copied directly to GitHub here:

    This is in contrast to the ones you will find on MSDN that are probably not up-to-date and do not compile with the new tools (think - the old Authenticator class or broken auth flows):

    The core Azure AD samples (nothing to do with O365) that you should be using are here:

    and a description of each is here:

    Note that the sample code on these pages use some hidden tricks for the Auth.  Notably, it is using OWIN on MVC app startup that create and initalize the cache in the AuthenticationContext class (NOTE, this code was developed by Andrew Connell and is pretty freakin awesome, be sure to thank him next time you see him as I can only imagine the time he put into this).  This context is then used to request an access token for you using the refresh token from the first "hidden" OWIN request.   If you are creating an application from scratch and not using these samples, you will not have this OWIN code and therefore are missing the first leg of the auth.  Even though the samples compile and Azure AD gives you back a token, you will not be able to use that token!  You must have a user context in order to be able to make calls to the O365 API endpoints. Simply sending the clientId and clientSecret will not establish a user context (although the platform will give you a useless/stupid access token). This is because Azure AD is used for access control with external custom applications (by extending the consent framework) that have nothing to do with O365 and may not even need such an advanced user context created and thusly, it is simply used for OAuth (reference the Azure ToDoService example).

    Compiling samples (hints and tricks):

    The samples utilize several different packages.  These include the ones on this page (, and a couple of extras:

    • Azure Active Directory Auth Library (ADAL) - note current stable is 2.12, with 3.x in pre-release.  Some of the samples you may come across are using code in previous and later releases.  I have found it best to just update all the way, then figure out how to get the older code to work (which in some cases will take a really long time).  As an example, you may see that the Sync and Async methods for getting an access token may or may not exist and the various overrides for them may not be present.  It is very painful trying to figure out what changes were made from v1->v2->v3 as the code has changed so much.  This has nothing to do with the O365 API/SDK aspect (they have to deal with it just like we do), and more on the Azure tools team's side.

    You should be aware that if you try to load a sample and it has any reference to the "Authenticator" class, that sample is now out of date and has a net worth of just about zero.  

    Using the discovery service -

    • When asking for permission for the discovery service, be sure to use "" and not "" - note the extra slash at the end
    • You should also ensure that your API calls go to "" and not "" - note the version in the URL - some of the O365 API page examples have not been updated to show this
    • You should definitely use the discovery service now to get your service endpoints.  The reason to do this is you may not know the O365 endpoint for a user's SharePoint ahead of time and the now defunc resource string "Microsoft.SharePoint" does not work anymore.  You must specify the authority/resource such as or, otherwise your request will fail (but will still work with the old preview APIs).

    Note that all APIs are now returning ODATA v4.0 responses for JSON (no more result.d.results, it is result.value):

    Various things:

    • You should also note that your "Accept" HTTP header should be set to "application/json" and not "application/json; odata=verbose" or you will get an error. 
    • The structure of the JSON posts have changed.  You will notice the addition of the "EmailAddress" parent for email addresses now
    • Mail endpoint changed from "/Messages/('id')" to "/Messages/{MessageId}"
    • For new events, you cannot pass the "Status" the way you did before, it has changed its schema as well
    • JSON Error messages are now results.error.message rather than results.error.innermessage.message
    • Other than the endpoint for the O365 APIs, nothing really changed much in the "Contacts" api, your code should still work after making the endpoint change
    • Files API now has the "me" endpoint!  This was one of the big asks that I had when I first looked at the O356 APIs in respect to the OneDrive for Consumer API offering (ref this blog post).  The consumer team has moved their API to the OneDrive for business and it is just plan AWESOME!
    • Files API no longer requires SharePoint like RequestDigests in the headers!
    • Uploading a file is done via a PUT, not a POST (you still have to put the binaryStringRequestBody header in the request
    • The older way of telling the API that you want to overwrite a file has changed to have the parameter "nameConflict=overwrite"
    • .JSON files are blocked by SharePoint, so don't try with the API or you get a 404 error
    • When deleting a file, you must provide the "if-match" header with "*" or a matching tag, or the call will fail (an empty header will fail)
    • I'd guess that the "/me/drive" endpoint will go away in V2 as we will have unlimited storage soon

    Mobile and Cordova

    • Samples on the O365 Dev site are out of date with the new tools (
    • As of 11/2014, the latest tool version is 0.3.  It can be downloaded here link
    • The location of the service scripts files has changed to be /services/office365/scripts
    • The settings.js does not have the references to all needed files and it has been moved to another file called "o365loader.js".  You should add a reference to this on your html pages.
    • You will need internet access to compile your first project (npm downloads and such)
    • The Exchange namespace is gone, it is now Microsoft.OutlookServices
    • If you get an error in your Ripple Emulator, I found that if you had a previous version, it doesn't work with 0.3 - ref this post.
      • Try running "npm install -g ripple-emulator" to get the latest
    • It is also possible you will get a "" error like "gap:["App","show","App590841629"]".  This simply means you have a loading error in one of you JS files, fix it and the event will be handled properly
    • The Ripple Emulator is set to use a dynamic port when your application starts.  This means the default port of 4400 that the VS code is expecting will not work.  You will need to change the Settings.js file to have the proper port and then update your Azure AD to have the matching port in the redirectUri
    • In the Ripple Emulater, be sure to change the cross domain from "Local" to "Remote" or you will get errors when making O365 API calls
    • There are some other issues with the current build (notably many related to Windows Phone development) - ref this post
    • If you get an error around the inappbrowser plugin, you have to stop debugging and then try try again...eventually it should come around (you may find you have to do this in several occasions as it seems there may be some race conditions occurring somewhere)
    • The official Android samples from the O365 team are here. They use Eclipse and are much easier to get up and running with as they have setup instructions.
    • MS Open Tech Group Android samples have been updated to the new V1 API and are now using Android Studio rather than Eclipse, but you are on your own to get them up and running.
    Now, once your environment is up and running, you may run into some interesting challenges. 

    The First is with the consent framework.  If you ever give your application the "Have full access to users' mailbox", your mail token will be worthless with "Access Denied".  Simply remove that from your app permission set and viola, your requests will work again.  This seems to be a bug in V1.0

    Secondly is that you cannot simply call the code on this page without the first leg of the auth (getting an access code first):

    Third, you cannot use a service token generated from the "common" authority.  It must be from "your" tenant vs

    If you do this, the request will fail.  NOTE:  Andrew C. mentioned that this should work, but I think their are some outlier cases that this does not work (such as what I am seeing in some of my course labs).

    Fourth, a token is only good for the resource that you requested. It cannot be used for any other resources and there is no way (unfortunately), to put in more than one resource (would be nice to do ";" with the scopes union-ed). This directly leads to the fifth point...

    Fifth, Azure AD cannot handle double hops very well.  Consider the following situation (User->Client->WebAPI->O365) described as:

    • Create a WebAPI project with a web app on the Azure side (it is created with custom permissions and given O365 SharePoint permissions).
    • Add the Azure auth code into the OWIN part to validate a bearer token from client apps
    • Add some method calls to make a call to O365 apis
    • Create a windows 8 client app with a native client app on the Azure side (give it the custom permissions)
    • Run the windows 8 app, login as a user to that app (code flow is initiated with resource target)
    • Code flow is initiated, tokens generated (access and bearer) - notice how only the scope of the target resource is sent back
    • Send the access token in the authentication header, add the refresh token to the basic headers
    • Analyze the token claims looking for the custom permission, continue on to access O365 SharePoint if present
    • Attempt to use the webapi client id and secret with the refresh token to get a new access token for the "" resource
    • Attempt to use the token...get slapped in the face with a "client_secret is invalid message", but I know 100% it is valid...*in all likeliness this is a bug in the current Azure AD version*

    I have yet found a way to support this type of user flow with Azure AD (User->Client->WebAPI->O365).  Obviously the user will never be able to respond to any prompts from the webapi as it is headless and hidden away on some network far far away.  It would be great if I could pass the first access token in an auth flow to Azure with valid clientid and secret to simply generate a new access token for a second resource.  I have no idea why I have to keep passing a refresh token around (one that doesn't even seem to work when used with a client id that it was not generated with in the first place) in all my apps just to get a new token.  IMHO, It's incredibly wasteful and not very well designed.

    So there you go, just a few helpful hints for your O365 API journey if you came from preview days.  I'll keep updating the post as I go...



  • All SharePoint, Office 365 and Azure MVPs Twitter scripts

    Updated for our new MVP brothers and sisters added in the past few months. You can run this powershell script to follow all SharePoint, Office 365 and Azure MVPs...script download is at the bottom...

    Microsoft SharePoint:

    Name Blog Twitter
    Michael Greth Blog mysharepoint
    Daniel Wessels Blog mosslive
    Robert L. Bogue Blog
    Spencer J Harbar Blog harbars
    Ted Pattison Blog
    Loke Kit Kai Blog
    Andrew Connell Blog andrewconnell
    Sahil Malik Blog
    Shane Young Blog
    Eli Z. Robillard Blog
    Dave McMahon Blog
    Steve Smith Blog
    Pierre Vivier-Merle Blog
    Todd S Baginski Blog toddbaginski
    Wouter van Vugt Blog
    Fabian Moritz Blog FabianMoritz
    Matthew McDermott Blog MatthewMcD
    Saifullah Shafiq Ahmed Blog walisystems
    Liam Cleary Blog helloitsliam
    Steve Sofian Blog ssofian
    Penelope Coventry Blog pjcov
    Ishai Sagi Blog ishaisagi
    Rob Foster Blog
    Ben Robb Blog benrobb
    Andrew Woodward Blog
    Reza Alirezaei Blog
    Asif Rehmani Blog asifrehmani
    David Mann Blog
    Gaetan Bouveret Blog gbouveret
    Gary Lapointe Blog glapointe
    Igor Macori Blog imacori
    Joy Rathnayake Blog
    Ed Musters Blog
    Mohammed A. Saleh Blog mohkanaan
    Stéphane Eyskens Blog stephaneeyskens
    Agnes Molnar Blog
    Gustavo Adolfo Velez Duque Blog
    Juan Andrés Valenzuela Blog jandresval
    Chris O'Brien Blog ChrisO_Brien
    Paul Papanek Stork Blog pstork
    Muhammad Imran Khawar Blog
    Alex Pearce Blog
    Debbie Ireland Blog debbieireland
    Serge Tremblay Blog Sergepoint
    Waldek Mastykarz Blog waldekm
    Wes Preston Blog idubbs
    Riwut Libinuko Blog cakriwut
    Randy Drisgill Blog
    Carsten Keutmann Blog
    Alain Lord Blog djlordee
    Valy Greavu Blog valygreavu
    James Milne Blog JamesMilne
    Sean Wallbridge Blog itgroove
    John D. Ross Blog johnrossjr
    Steve Curran Blog spsteve
    Becky Bertram Blog beckybertram
    Kanwal Khipple Blog kkhipple
    Rouslan Grabar Blog
    Nicolas Georgeault Blog ngeorgeault
    Mirjam van Olst Blog mirjamvanolst
    John Timney Blog
    Mike Oryszak Blog
    Wictor Wilen Blog
    Todd Klindt Blog
    Rob Windsor Blog robwindsor
    Adams Chao Blog
    Ai Yamasaki Blog ai_yamasaki
    Jimy Cao Blog
    Joris Poelmans Blog
    Scot Hillier Blog
    Hilton Giesenow Blog themossshow
    Kamil Jurik Blog KamilJurik
    Amanda Perran Blog
    Julien Chable Blog
    Eric Shupps Blog eshupps
    Tobias Zimmergren Blog zimmergren
    Natalya Voskresenskaya Blog
    Wei Du Blog
    Ricardo Jose Munoz Blog rmunozcr
    Claudio Brotto Blog
    Fabian Imaz Blog FabianImaz
    Yaroslav Pentsarskyy Blog
    basquang Nguyen Blog
    Martin Harwar Blog point8020
    Serge Luca Blog
    Andre Lage Blog aaclage
    Michael Noel Blog
    Mike Smith Blog TechTrainNotes
    Marianne van Wanrooij Blog mariannerd
    Yasir Attiq Blog
    Shuguang Tu Blog
    Christian Glessner Blog
    Nick Kellett Blog
    Giuseppe Marchi Blog PeppeDotNet
    Ivan Sanders Blog iasanders
    Elaine van Bergen Blog laneyvb
    Sangha Baek Blog SanghaBaek
    Patrick Guimonet Blog patricg
    David Martos Blog
    Cornelius J. van Dyk Blog
    Kris Wagner Blog SharePointKris
    Stephen Cawood Blog
    Toni Frankola Blog tonifrankola
    Destin N Joy Blog
    Dux Raymond Sy Blog meetdux
    Marc D Anderson Blog
    Ruven Gotz Blog
    Susitha Prabath Fonseka Blog
    Xavier Vanneste Blog
    Alberto Diaz Martin Blog adiazcan
    Veronique Palmer Blog veroniquepalmer
    Christian Stahl Blog CStahl
    Dave Coleman Blog davecoleman146
    Francesco Sodano Blog aresmarte1
    Alexey Sadomov Blog sadomovalex
    Rodrigo Pinto Blog ScoutmanPt
    Michal Pisarek Blog
    Shai Petel Blog shaibs
    Peter Carson Blog carsonpeter
    Samuel Zuercher Blog sharepointszu
    Thorsten Hans Blog ThorstenHans
    Alan Richards Blog arichards_Saruk
    Ashutosh Singh Blog ashutosh80
    Darko Milevski Blog
    Geoff Evelyn Blog
    Mark Rhodes Blog
    Thuan Nguyen Blog nnthuan
    Noorez Khamis Blog nkhamis
    Peter Holpar Blog
    Pratik Ramesh Vyas Blog PratikVyas1982
    Radi Atanassov Blog
    Salvatore Di Fazio Blog Salvodif
    Doug Ware Blog
    Juan Pablo Pussacq Laborde Blog jpussacq
    Scott Jamison Blog
    Stanislav Vyschepan Blog gandjustas
    Adis Jugo Blog adisjugo
    Andrey Markeev Blog amarkeev
    Christian Buckley Blog buckleyplanet
    Lionel Limozin Blog limozinlionel
    Antonio Maio Blog
    Cathy Dew Blog catpaint1
    Gavin Barron Blog gavinbarron
    Paul Olenick Blog
    Seung-Jin Kim Blog jincrom
    Sezai Komur Blog sezai
    Andres Felipe Rojas Parra Blog arojaspa
    Jean Paul Blog jeanpaulmvp
    Nabil Babaci Blog nabilbabaci
    Trevor Seward Blog NaupliusTrevor
    Symon Garfield Blog symon_garfield
    Chris Givens Blog givenscj
    Amardeep Singh Blog aulakhamardeep
    Brandon Atkinson Blog
    Chris McNulty Blog cmcnulty2000
    Christopher Clement Blog ClemChristopher
    Chun Yi Pai Blog
    Colin Phillips Blog itgroove_colin
    Corey Roth Blog coreyroth
    David Sánchez Aguilar Blog davidsancheza
    Dmitri Plotnikov Blog dmiplo
    Edin Kapic Blog ekapic
    Fabio Franzini Blog franzinifabio
    Gokan Ozcifci Blog GokanOzcifci
    Guillaume Meyer Blog guillaumemeyer
    Jamie McAllister Blog
    Jason Warren Blog jaspnwarren
    Keith Tuomi Blog
    Liang Han Blog
    Margriet Bruggeman Blog margrietvuur
    Marius Constantinescu Blog c_marius
    Masaki Nishioka Blog
    Nicki Borell Blog NickiBorell
    Robert Voncina Blog R0b3r70SP
    Thomas Vochten Blog ThomasVochten
    Vijai Anand Ramalingam Blog
    Vlad Catrinescu Blog
    Alistair Pugin (Alistair Pugin) Blog alistairpugin
    Anders Dissing Blog andersdissing
    Adrián Diaz Cervera Blog AdrianDiaz81
    Atsuo Yamasaki (?? ??) Blog
    Augusto Simoes (Augusto Simoes) Blog augustosimoes
    Benjamin Niaulin Blog bniaulin
    Benoît Jester Blog SPAsipe
    Carlos Citrangulo Blog carlocitrangulo
    Cheng Cheng (??) Blog
    Chuantao Duan Blog
    Dan Usher Blog
    Elczar Peralta Adame (Elczar Adame) Blog
    Eric Riz Blog rizinsights
    Fabian G Williams Blog fabianwilliams
    Fabrice Romelard (Fabrice Romelard) Blog fromelard
    Fumio Mizobata (?? ???) Blog
    Gustavo Adolfo Velez Duque (Gustavo Velez) Blog
    Haaron Gonzalez (Haaron Gonzalez) Blog haarongonzalez
    Hans Brender (Hans Brender) Blog HansBrender
    Heber Lopes Blog heberolopes
    Hemendra Agrawal (Hemendra Agrawal) Blog
    Hiroaki Oikawa (?? ??) Blog HiroakiOikawa
    Hirofumi Ota Blog hrfmjp
    Ivan Padabed (???? ???????) Blog sharepointby
    Jake Dan Attis (J. Dan Attis) Blog jdattis
    Jasper Oosterveld (Jasper Oosterveld) Blog SharePTJasper
    Jennifer Ann Mason Blog jennifermason
    JeongWoo Choi Blog
    John Liu (John Liu) Blog johnnliu
    Joseph Tu (???) Blog
    Jovi Ku Blog
    Juan Carlos Gonzalez Martin (Juan Carlos González) Blog jcgm1978
    Kevin Trelohan (Kevin TRELOHAN) Blog ktrelohan
    Laura Derbes Rogers (Laura Rogers) Blog wonderlaura
    Mahmoud CHALLOUF Blog
    Marat Bakirov (????? ???????) Blog
    Mark Stokes Blog MarkStokes
    Matthias Einig Blog mattein
    Melick Rajee Baranasooriya Blog MelickRajee
    Miguel Tabera (Miguel Tabera) Blog migueltabera
    Mikael Svenson (Mikael Svenson) Blog
    Patrick Lamber Blog patricklamber
    Roger Haueter Blog techtask
    Romeo Donca (Romeo Donca) Blog romeodonca
    Sonja Madsen Blog
    Todd C Bleeker (Todd C Bleeker) Blog toddbleeker
    Tom Resing Blog resing
    Usama Wahab Khan (Usama Wahab Khan) Blog usamawahabkhan
    Vielka Rojas Blog vkrojas
    Vincent Biret Blog baywet
    Wesley Hackett Blog weshackett
    Yoshiaki Nishita (?? ??) Blog
    Patrick Yong Blog
    Jason Himmelstein Blog sharepointlhorn
    John P White (John P White) Blog diverdown1964
    Jussi Mori Blog JussiMori
    Oksana Prostakova (?????? ??????????) Blog prostakova
    Pierre Erol GIRAUDY (Erol GIRAUDY) Blog EROL_MVP
    Juan Manuel (Manolo) Herrera (Juan Manuel Herrera Ocheita) Blog
    Bjoern H Rapp (Bjoern H Rapp) Blog bjoern_rapp
    Daniel McPherson (Daniel McPherson) Blog danmc
    Devendra Velegandla Blog
    Jamil Haddadin (Jamil Haddadin) Blog jamilhaddadin
    Noorez Khamis (Rez) Blog nkhamis
    Justin Liu (???) Blog FoxdaveJustin
    Gavin Barron (Gavin Barron) Blog gavinbarron
    Jason Kaczor (Jason Kaczor) Blog jjkaczor
    Antonio Maio (Antonio Maio) Blog
    Guillaume Meyer (Guillaume Meyer) Blog guillaumemeyer
    Jianyu Yang (???) Blog
    Nguyen Hoang Nhut (Nguyen Hoang Nhut) Blog nhutcmos
    Alan Marshall Blog
    Albert-Jan Schot (Albert-Jan Schot) Blog
    Amit Vasu Blog
    Dinusha Kumarasiri Blog
    Doug Hemminger (Doug Hemminger) Blog
    Eric Alan Shupps (Eric Shupps) Blog eshupps
    Inderjeet Singh Jaggi Blog
    Isha Kapoor Blog
    Jan Vanek Blog
    Jussi Roine Blog jussiroine
    Marco Rizzi Blog marcorizzi
    Rodrigo Romano (Rodrigo Romano) Blog
    Zhonglei Hou (???) Blog
    Shereen Qumsieh Blog
    Wonbae Kim Blog
    Wouter van Vugt (Wouter van Vugt) Blog mobile.twitter.comwoutervugt

     Microsoft Azure:

    Alan SmithBlog
    Alexander FeschenkoBlog
    Alexandre BriseboisBlogBrisebois
    Andri YadiBlogandri_yadi
    Andy CrossBlog
    Anton StaykovBlogastaykov
    Anton VidishchevBlog
    Atsushi FukuiBlog
    Aymeric WeinbachBlogzecloud
    Benjamin SoulierBlogbsoulier
    Bill WilderBlogcodingoutloud
    Bruno Kovacic (Bruno Kovacic)Blog
    Chris J.T. AuldBlog
    Christian TerbovenBlog
    Ciprian JichiciBlog
    Daichi IsamiBlog
    Daron YondemBlogdaronyondem
    David BurelaBlog
    David PallmannBlog
    David RendónBlog
    David RodriguezBlogdavidjrh
    Demetrio U. Tabadero, Jr (June Tabadero)Blogjtabadero
    Dennis Burton (Dennis Burton)Blogdburton
    Edison Go TanBlog
    Edward BakkerBlog
    Eric D BoydBlog
    Fernando de Alcântara CorreiaBlog
    Florent SantinBlog
    Gaurav MantriBlog
    Georgiy MogelashviliBlogglamcoder
    Guillaume BelmasBlog
    Guy Barrette (Guy Barrette)Blog
    Herve RoggeroBlog
    Ho Kwang Kim (???)Blog
    Honggen LiBlog
    Hongju JungBlog
    Ibon LandaBlog
    Jan HentschelBlogHorizon_Net
    Jason MilgramBlogjmilgram
    Jean-Luc BouchoBlogJeanLucBoucho
    Jeong Hyun NamBlog
    John AzariahBlogjohnazariah
    Junao Xue (???)Blog
    Kamaludeen Mohamed FaizalBlog
    Kazumi Hirose (?? ??)Blogkazumihirose
    Keiji KAMEBUCHIBlogkosmosebi
    Konstantinos PantosBlogkpantos
    Kuniteru AsamiBlogkunyami
    Lei ZhangBlog
    Lucas Almeida RomãoBlogazureservicesbr
    Maarten BalliauwBlogmaartenballiauw
    Magnus MartenssonBlog
    Mahesh KrishnanBlogMaheshKrishnan
    Marc van EijkBlog_marcvaneijk
    Marcondes Josino Alexandre (Marcondes Alexandre)Blog
    Mark RendleBlogmarkrendle
    Michael CorpuzBlog
    Michael Washam (Michael Washam)Blogmwashamtx
    Michael WoodBlogmikewo
    Michael S. CollierBlogmichaelcollier
    Michel HubertBlogMichelHubert
    Michele Leroux BustamanteBlogmichelebusta
    Mick BadranBlog
    Mickaël MOTTETBlogMCKLMT
    Mihai TataranBlog
    Mihail Alexandrov Mateev (?????? ??????????? ??????)Blog
    Mike MartinBlogtechmike2kx
    Ming Chung ChuBlog
    Neil MackenzieBlogmknz
    Niraj BhattBlognirajrules
    Nuno Filipe GodinhoBlogNunoGodinho
    Önder DegerBlogonderdeger
    Patriek van DorpBlogpvandorp
    Quique Martínez AlénBlogquiqu3
    Radu VunvuleaBlogRaduVunvulea
    Rainer StropekBlogrstropek
    Richard AstburyBlogrichorama
    Richard ConwayBlogukwaug?
    Rick G. GaribayBlogrickggaribay
    Rob BlackwellBlog
    Roberto BrunettiBlog
    Roberto FreatoBlog
    Robin ShahanBlog
    Rok Berme┼żBlogRok_B
    Rudy Setyo PurnomoBlogrudysetyo
    Ryan DuclosBlogrduclos
    Saori AndoBlog
    Sascha DittmannBlogSaschaDittmann
    Serena YeohBlog
    Sergejus BarinovasBlog
    Shaun Xu (???)Blog
    Simon J CoxBlog
    Sky ChangBlog
    Steve SpencerBlogsdspencer
    Sunao TomitaBlogharutama
    Takahito Yamatoya (?????)BlogAzureSQL
    Tatsuaki SakaiBlogtatsuakisakai
    Teemu TapanilaBlogTapanilaT
    Tiberiu CovaciBlogtibor19
    Tyler DoerksenBlogtyler_gd
    Vishal Narayan SaxenaBlog
    Wade WegnerBlog
    Wilfried WoivréBlogwilfriedwoivre
    Yaniv Rodenski (Yaniv Rodenski)Blog
    Youngjae KimBlog
    Yukinori Kuroda (?? ??)BlogFANKSHPC
    Yves Goeleven (Yves Goeleven)Blog
    Zia KhanBlog
    Zoiner TejadaBlog
    Vishwas LeleBlog
    Anton BoykoBlog
    Atsushi Fukui (???)Blogafukui
    Brent Samodien (Brent Samodien)Blog
    Dino Wang (???)Blog
    Erick KurniawanBlog
    Julien StrohekerBlogJu_Stroh
    Lukasz KaluznyBlogkaluzaaa
    Masaki Yamamoto (?? ??)Blog
    Ming Chung Chu (??)Blog
    Rik HepworthBlogrikhepworth
    Roland KrummenacherBlog
    Sebastiano GalazzoBlog
    Shiju VargheseBlogshijucv
    Tingli Lv (???)Blog

    Office 365

    Alberto Pascual (Alberto Pascual)Blogguruxp
    Alexandru DionisieBlogAlexDionisie
    Alvaro dos Santos RezendeBlog
    Amin TavakoliBlogamintvk
    Arnaud Blogalcabeza
    Ayman Mohammed El-HattabBlogaymanelhattab
    Ben CurryBlog
    Benoit HAMETBlogbenoit_hamet
    Brendon FordBlogstewartisland
    Brett HillBlogbretthill
    Brian NøhrBlogBsnohr
    Dan HolmeBlogdanholme
    Danny BurlageBlog
    Darrell C Webster (Darrell Webster)Blog
    Diogo Dias HeringerBlog
    Dragan PanjkovBlogpanjkov
    Eunjoo Lee (Eunjoo Lee)Blog
    Fernando AndreaziBlogfandreazi
    Genki WatanabeBlog
    Gilles PommierBlog
    Goran HusmanBlog
    HeeJin Lee (Hee Jin Lee)Blog
    Igor PavlekovicBlogigorpnet
    Jeremy DahlBlog
    Jesper StåhleBlogJesperStahle
    Jethro SeghersBlogjseghers
    JinHwan WooBlog
    Jorge Castañeda CanoBlogxorxe
    Kazuhiko Nakamura (?? ??)Blog
    Kelsey EppsBlogkelseyepps
    Kerstin RachfahlBloghimmlischeit
    Laurent Miltgen-DelinchampBlog
    Loryan StrantBlogthecloudmouth
    Malin DandenellBlog
    Mario Cortes FloresBlog
    Markus WidlBlogmarkuswidl
    Martina GromBlogmagrom
    Masayuki Mokudai (????)BlogOffice365Room
    Mauricio CassemiroBlog
    Michael Kirst-NeshvaBlogankbs
    Myles JefferyBlog
    Naoki OsadaBlog
    Nitin Sadashiv ParanjapeBlog
    Nuno Árias Silva (Nuno Árias Silva)BlogNunoAriasSilva
    Paul WoodsBlogpaulwoods
    Poo Ching LoongBlog
    Raphael KöllnerBlogra_koellner
    Rene Dominik ModeryBlogmodery
    Robert D. CraneBlog
    Sara BarbosaBlogSarabarbosa
    Sean McNeillBlogs_mcneill
    Seiji Noro (?? ??)Blog
    Steve NoelBlogCloudItca
    Tomislav Bronzin (Tomislav Bronzin)Blogtbronzin
    Vincent ChoyBlog
    Yoni KirshBlog
    Yoshihide SakamotoBlog
    Zeljka KnezovicBlogzeljkak
    Zoltan Zombory (Zombory Zoltán)Blogzomby_z
    Peter van HeesBlogmrpetrovic
    Alex PearceBlog
    Chris GoosenBlog
    Christian BuckleyBlogbuckleyplanet
    David PetreeBlogdmixx
    Jasper Oosterveld (Jasper Oosterveld)BlogSharePTJasper
    Jian Chen (??)Blogloveunicom
    Liang Tang (??)Blog
    Naohiko Maeda (?? ??)Blognaohikomaeda
    Naomi MoneypennyBlognmoneypenny
    Rie Okuda (?? ??)Blog
    Robert *** (Robert ***)Blog
    Sébastien LevertBlogsebastienlevert
    WenXing LiaoBlog
    Yoan TopenotBlogYoanTopenot
  • Developing for Office 365

    Here is the outline of the latest ACS Course.  If you are a consulting company and want to get your team up to speed, let me know and we can setup a remote training engagement!

    • Introduction to Office 365
      • Sign up for Office 365 Developer
      • Explore Office 365 Admin Center
      • Explore Office 365 Services (Outlook, Calendar, People, Newsfeed, OneDrive, Sites)
      • Provision an O365 Developer Site
      • Install Office Dev Tools
      • Install the NAPA App
      • Install O365 API Tools
      • Configure Visual Studio for Office 365 Development
      • Exploring Azure AD PowerShell Cmdlets
      • Exploring SharePoint Online PowerShell Cmdlets
      • Exploring Exchange Online PowerShell Cmdlets
      • Exploring Lync Online PowerShell Cmdlets
    • Authentication
      • Generating FedAuth Cookies (Windows App)
      • Generating FedAuth Cookies (Windows PowerShell)
      • Generating Bearer Tokens (Provider Hosted Apps)
      • Registering SharePoint Apps Manually
      • Requesting On-The-Fly Permissions
      • Using Basic Auth against O365 APIs
      • Setup Azure Active Directory
      • Configure Azure Active Directory
      • Synchronize local AD with Azure AD
      • Configure Single Sign-On
      • Using the Microsoft Remote Connectivity Analyzer
      • Registering Azure AD Applications
      • Manual Authentication to Azure AD
      • Using the Azure Active Directory SDK
      • Authorization using Consent Framework
      • Registering Applications with Azure AD
      • Building Apps that utilize Consent Framework
      • Managing Tokens
      • Extending the Azure Consent Framework
      • Implementing On Behalf API
      • End User Telemetry (MyApps)
      • Tenant Admin Telemetry (Cloud App Discovery)
    • Working with REST and CSOM
      • Using the Discovery Service
      • Working with Mail REST APIs
      • Working with Calendar REST APIs
      • Working with Contact REST APIs
      • Working with OneDrive REST APIs
      • Explore REST Services
      • REST List Service Calls (PUT, GET, MERGE)
      • REST UserProfile Service
      • REST Social Service
      • REST Search Service
      • Explore Client Object Model
      • Utilize Client Object Model (.NET)
      • UserProfiles\Social CSOM
      • Taxonomy CSOM
      • Publishing CSOM
      • BCS CSOM
      • Explore JavaScript Object Model
      • Working with Workflows
      • Working with REST
      • Using LINQ with OData
      • Working with OData Limits
      • Working with OData Filters
      • Creating Projects
      • Creating Resources
      • Creating Tasks
      • Creating Custom Fields
      • REST Authentication (Windows, Forms, O365)
    • Programming Apps
      • Explore SharePoint Store Apps
      • Install a SharePoint Store App
      • Create a SharePoint hosted App
      • Deploy a SharePoint hosted App (App Catalog)
      • Deploy a SharePoint hosted App (Side Loading)
      • Create and deploy a Provider hosted App
      • Inviting External Users
      • Exploring App and User Permissions
      • Exploring Context Tokens
      • Exploring Access Tokens
      • Exploring Refresh Tokens
      • Download the Office AMS samples
      • Explore Office AMS
      • Using the SharePoint Web Proxy
      • Exploring Office Apps Store
      • Installing Office Store Apps
      • Browsing and Removing Installed Apps
      • Create a simple mail app with Napa Tools
      • Create a simple mail app with Visual Studio
      • Review sample O365 Mail Apps (EWS Calls, Attachments, Identity Tokens, YouTube integration)
      • Creating a Seller Dashboard account
      • Create and Publish AppStore SharePoint App
      • Use the Cloud Business App template
      • Creating Data Tables and Screens
      • Register a Yammer App
      • Create a Yammer App
      • Make Yammer API Calls
    • Workflows
      • Create basic SharePoint Workflow
      • Create workflow that calls O365 APIs
      • Deploy and configure Workflow Apps using Install Events
      • Utilize JSONP
    • Mobile Development
      • Explore O365 Mobile Features
      • Install Apache Cordova
      • Create a multi device targeted project
      • Add connected services to multi device projects
      • Run a multi-device project (Android and Ripple)
      • Install the O365 Android SDK
      • Work with Android O365 Sample Apps
      • Download required referenced SDKs (GSON, Azure AD)
      • Create an Android App that calls O365 APIs
      • Create a Windows 8.1 App that calls O365 APIs
      • Create a Windows Phone 8.1 App that calls O365 APIs
      • Create a Windows Phone 8.1 App that calls OAuth services
    • OneNote APIs
      • Registering a LiveID App
      • Download and install Live SDK
      • Retrieve LiveID Tokens
      • Retrieving Notebooks, Sections and Section Groups
      • Creating Pages
      • Creating Pages in Sections
      • Importing PDFs
      • Importing Images
      • Exploring
    • OneDrive APIs
      • Explore OneDrive APIs
      • Downloading and uploading files
      • Getting user data
      • File and Folder properties
      • Move, copy, delete files
  • My Tribute to Joseph Thomas Alvarez and his mother Maria Helen Alvarez - True Oklahoman's

    This evening I was watching "Saving Mr Banks" and it made me think about my recently passed away friend Joe Alvarez.  Joe and I met three years ago during one of my wife's and I's trips out and about in Rancho Sante Fe (specifically a little place called Dolce).  Joe was a very friendly guy and over several months we got to know Joe really well.  He loved his red wine, and of course flirting with Lidiya (but harmless of course).  Over those few months, I found that Joe had just lost his mother Maria a few months before.  He proceeded to let me know she was co-owner in the first Television station in Tulsa, OK. In addition, she fronted a lot of the money for the Disneyland Hotel (hence why I remembered Joe tonight).  As you can read in one of the links below, Mr. Disney had leveraged all the money he could to build Disneyland, so he turned to Joe's mom and her business partner to build the hotel.  Here is a picture of Joe's mom, Maria, manning a TV camera for her TV station KOTV.  For those of you that live in Oklahoma today, you still watch KOTV:


    Here is a picture of her at the opening of the Disneyland Hotel:


    You can read more about this incredibly smart Oklahoman woman here:

    After I did all this research on Joe's mom, I brought it up about how cool his mom was one night.  He appreciated it and we talked about all his time growing up in Oklahoma.  After all, Joe had been born in Oklahoma City, Oklahoma before his mother sold the TV/Radio station and moved to San Diego.  When Joe brought up his mom, I told Joe I was born and raised in Oklahoma as well, and needless to say, there is a bond between fellow Oklahoma's similar to that of the bond people have to their country (for example, all you watching the USA in the worldcup).  After we realized we were both born and raised in Oklahoma, we became really good friends. 

    We met Joe's lovely wife and his daughter Kennedy on a few occasions, both very lovely people.  We also went to Joe's house a few times, he had this really cool and massive collection of Harry Jackson bronze sculpture cowboys.  They were everywhere, small ones, medium ones and really big ones, all of them, prominently placed in a way that just made you ache for Oklahoma. And they did, every time at his house, it brought back tons of memories for me in growing up in Oklahoma.  Joe was such a friendly guy.  He invited us on more than a few occasions to sit at his finish line table at the Del Mar Racetrack (Joe was the longest standing member of the racetrack after his mother).  It was awesome walking and hanging out with Joe as he was so nice and everyone liked him.  He invited us to his friends houses (some of them incredibly extravagant, yet, all down to earth amazing people).  One fond memory I'll never forget, is competing against Joe with his horse picking skills and challenging him to see who could lose the less or make the most money at the track.  He broke under the pressure and I was quite the victory, as he could read the horse stats like no one I have ever met!

    I learned of Joe's death a couple weeks after it happened (I didn't get to go to the funeral, and I didn't get to say anything, which probably bummed me out more than anything).  Some of you may have seen the tweets.  It was one of the saddest feelings knowing that two special Oklahoman's (Joe and his mom), and one of my friends, had passed away leaving the rest of us Oklahoma's to lead the way in this world. I know those last few years of hanging out with Joe, he enjoyed us being around and coming over to our house for our parties.  Joe had a pretty amazing life himself, as you can read in this article, he hung out with some pretty amazing people and had a lot of cool stories (and yeah, he even talked about fish a couple of times):

    This blog post is to you and your mom Joe, rest in peace my friend.  I'll try to hold the fort down...


  • Cannot find module 'sax' - Cordova with Visual Studio

    You may run across this error when compiling your Hybrid-App / Cordova application in Visual Studio.  One of my students got it this week.  It looks something like this:

    This means that the install of the Cordova extensions did not work properly and you are missing some files.  Mainly these two:

    Simply uninstall (yeah, I know it takes a really long time to uninstall and reinstall).  And the files should show up.  If that doesn't work for you, install on another machine and copy over those directories.  Then all will be fine!

  • O365 and Non-ADFS Federation - It's not O365's fault

    I'm not a fan of ADFS.  It sits right below Azure Access Control Services (ACS).  ACS used to be my favorite identity provider aggregation platform, but how times change (ref this post).  Several new players are entering the market and all of them realize the missing gaps in ADFS and ACS.  Therefore, the drive to make a better authentication toaster is ON!

    The goal of this post is to make you realize that you are having the wool pulled over your eyes in terms of the bigger picture around Identity Management when it comes to O365.  To make this point, let's take a look at a typical on-premises solution:

    • A SharePoint customer wants to setup multiple site collections (yes, all host header site collections) to support different customers
    • Each customer has different requirements around supporting federated external customers
    • Some customers prefer Google as their auth, others Yahoo and others Facebook, etc


    Solving this problem with on-premises environments is a piece of cake.  You have complete control over adding trusted Identity Providers (IdP) all day long. To solve the problem above, its likely you are going to think that adding a Trusted Identity Provider for each required auth mechanism is the answer.  That would be false.  As tempted as you may be to do this, its a really bad idea to have more than one. You should ultimately have a single Identity Provider with that provider supporting multiple "Apps/Replaying Parties (in this case site collections)" that would then show different options when a user needs to auth.  This allows you the most flexibility in that you simply set the IdP once, then configure the apps in the IdP.  Totally seamless, perfect.

    Office 365 and Single Sign On (ADFS)

    If you had this requirement in O365, you are out of luck.  Do not pass GO, do not collect $200USD.  In terms of O365, you are by default forced to use this one IdP mentality.  For each verified O365 domain, you can only setup a single Federated Identity Provider.  In most cases, everyone I have seen has used ADFS to integrate their on-premises Active Directory to sync accounts and/or configure Single-Sign On to redirect to their ADFS proxy.  This unfortunately, is the Microsoft promoted way of achieving Single-Sign-On nirvana.  I'm not a baby swimming in a pool, so let's take a look at what lives outside the koolaid-y-ish sugar water.  If you do this (which unfortunately, you probably already have), you are locking yourself into the current limited features of ADFS and hoping that ADFS gets some much needed development attention in the future (such as supporting OAuth 2.0). That being true, ADFS is a Microsoft product, you'll find a lot of people that can help you (support and consultant resources) to get it setup within a few hours.  You could also do it yourself by using TechNet/MSDN et all. 

    Office 365 and Something else

    If you want to use something other than ADFS, well, you better dig in for doing a ton of research on how WS-Fed and WS-Trust works and similarly, OAuth.  If you don't have time for that, then you'll need to request the services of people that do know that space. Unfortunately, having the identity management skills matched with an understanding of the future of App Models across vendors is a rare breed of consultant.  You also have to contend with a cold hard fact:

    • Currently, Office 365 only supports users of your verified domains (such as

    Say what?  It means that even if you wanted to use Twitter, Facebook, whatever, the people that signed up have to have used the email address from their verified domain!  Uh...say that again?  Yeah, that means you can't login with your account using Facebook.  If you signed up with your account on Facebook, then it will likely map your email over in the claims and let you in, but that's up to how fancy your Identity Provider is.  Azure AD is expecting a very specific format of token with specific claims.  If it doesn't get them, then your login will fail.

    So if you can't login using something other than a verified account, what's the point?  

    I feel this is a major fundamental loss of functionality between on-premises and O365.  If I want to create a site collection with a specific relaying party app to my IP (which then provides a set of auth services), I should be able to do it. It is such a common pattern in on-premises SharePoint. I don't think the band aid of "external access" fits the bill here.  Those links that are generated can be freely sent all over the web punching small barely noticeable holes in your O365 tenant. I'd like to see the governance page in O365 that shows me every link that has been generated across the entire tenant (you can see on a site by site basis using this link -  There is not global admin UI to tell you who has been added or what has been shared - reference notes at bottom of this article. With an IdP in the picture, you simply disable their access and now they will never gain access to anything in your environment. This would require the removal of this "external sharing" feature that bypasses Azure AD in O356.  Wow, isn't that innovative?

    Can I even use something other than ADFS in O365?

    Heck yeah you can!  I recommend it!  By adopting\choosing an Identity Provider solution (whether one you install on-premises or cloud hosted) that allows for you to expand out past basic AD accounts, you will be ready for when Azure and O365 wakes up one day to realize they should have allowed it in the first place.  You can set this up by removing the ADFS federation and replacing it with new Ws-Fed endpoints of your IdP.  This is enabled using the following cmdlets (this one is using

    • $cred = Get-Credential
    • Connect-MsolService –Credential $cred
    • Set-MsolDomainAuthentication -DomainName "" -FederationBrandName "" -Authentication Federated -PassiveLogOnUri "" -ActiveLogonUri "" -MetadataExchangeUri "" -SigningCertificate "Cert" -IssuerUri "urn:chrisgivens" -LogOffUri "" -PreferredAuthenticationProtocol WsFed 

    NOTE:  If you have already setup ADFS, you'll need to disconnect from that.  I have yet to test out all the paths, but the one I choose was really painful.  I used the Remove-MsolFederatedDomain cmdlet.  This forced me to remove all users (but did not require me to remove my groups).  Once I removed all users the command succeeded, but proceeded to delete the domain completely from my tenant!  I then had to re-add it, re-verify it, then fire off a DirSync.  Once that once done, I could run the above commands and it redirected properly to my IdP.

    After configuring the federation when you go to "" and type your verified email, it will redirect to your IdP login page.  From there, you will see all the options that you have enabled for that relaying party.  Even though you can enable all the OAuth 2.0 providers you can imagine, an attempt to login will fail miserably.  There are some current technology issues that Azure AD must resolve:

    1. Azure expects a UPN/Email that matches a user in your Azure AD (at a minimum, you would have needed to sign up for a service using that verified domain email)
    2. Azure AD is expecting an ObjectID
    3. O365 Services have to support these accounts (even if that means simply ignoring them)

    For the first issue.  Azure AD would have to allow the addition of users other than your verified domain.  Or at your IP, you map a user from external to internal.  For the second issue, again, this can resolved by either Azure, or by the Identity Provider.  IPs can choose to implement this today by integrated with Azure AD to query for the object id based on a valid UPN.

    Until this these items are resolved, you can certainly fall back to the "forced" way by Microsoft to use Active Directory users from a verified domain (and yes, you should feel angry about this) by setting up a pass through from your IP to ADFS/Active Directory.  The preferred way is to utilize a client on your Active Directory server (pretty much every IdP has this). As only a few of you know or will understand, if you use ADFS, you will currently lose Office Client features. But don't be worried, later this year, Office will release an update that will support SAML-P.  This will let you utilize many different types of auth (basically anything you can do via browser) with Office clients.  That will be awesome, even though users will never fully understand what just happened.

    Take It Up Another Level

    Home realm discovery is not extensible in Azure AD.  What is home realm discovery?  Its the login drop page that takes your context, in this case, your email domain, and then redirects you to the proper IdP.  What does it mean to not be extensible?  It means that IdP's cannot create a portal of Apps page.  What does that mean?  Think Universal Access Gateway (UAG).  Imagine UAG-like portals, only hosted by your IdP, such that an external party can login to your IdP, and are then presented with the applications (such as O365), that they have access too.  When they select it, it will immediately redirect you to your O365 site (no need to go to  As it stands right now, O365 does not support external home realm discovery pages.  This is also a serious limitation that needs to be added to the road map.


    If enough people push the O365 and the Azure teams to fill the gap of this major difference between the products, I feel it would fulfill many of the requirements we have with customers today and make O365 an even more popular platform!  Here is your call to action:

    • Quit using ADFS, find an IdP with an eye towards the future
    • Highly "Suggest" to Azure and O365 that they support external identities (Vote for it here on UserVoice)
    • "Suggest" to Azure that they allow tenants to have a custom home realm discovery page

    Stay classy internet,



  • Errors when Installing DirSync.exe

    I ran across two different errors with DirSync today.  The first had to do with the fact that I had DirSync on a computer previously and then re-installed it.  Because of this, I received this error:

    System.Management.Automation.CmdletInvocationException: Access denied  ---> System.Management.ManagementException: Access denied
       at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus errorCode)
       at System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
       at Microsoft.Online.DirSync.Common.MiisAction.GetTargetMA()
       at Microsoft.Online.DirSync.Common.PrerequisiteChecks.ThrowIfSyncInProgress()
       at Microsoft.Online.Coexistence.PS.Config.SetCoexistenceConfiguration.VerifyMachinePreRequisites()
       at Microsoft.Online.Coexistence.PS.Config.SetCoexistenceConfiguration.BeginProcessing()
       at System.Management.Automation.Cmdlet.DoBeginProcessing()
       at System.Management.Automation.CommandProcessorBase.DoBegin()
       --- End of inner exception stack trace ---
       at System.Management.Automation.Runspaces.PipelineBase.Invoke(IEnumerable input)
       at Microsoft.Online.DirSync.PowerShellAdapter.PowerShellCommand.ExecuteCommand(Command command, Boolean refreshPath)

    Looking a little deeper, it turns out that DirSync install will create a user account and then add it to other created local groups.  This is all very similar to how SharePoint installs because both DirSync and SharePoint use MIIS. Because I had already installed DirSync at some point in the past, the account existed, but I'm guessing the password was out of whack.  Since I wasn't sure how to reset the password (and didn't want to spend the time to figure it out), I defaulted to uninstalling everything, deleting that user, rebooting and re-installing. Done.

    But it didn't end there.  I was attempting to install a secondary DirSync machine as a cold standby, but was getting an error when attempting to configure it:

    System.Management.ManagementException: Generic failure
       at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus errorCode)
       at System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
       at Microsoft.Online.DirSync.Common.MiisAction.GetTargetMA()
       at Microsoft.Online.DirSync.Common.MiisAction.IsSyncInProgress()
       at Microsoft.Online.DirSync.Common.PrerequisiteChecks.ThrowIfSyncInProgress()
       at Microsoft.Online.DirSync.UI.IntroductionWizardPage.PrerequisiteValidation()
       at Microsoft.Online.DirSync.UI.IntroductionWizardPage.OnLoad(EventArgs e)
       at System.Windows.Forms.Control.CreateControl(Boolean fIgnoreVisible)
       at System.Windows.Forms.Control.CreateControl(Boolean fIgnoreVisible)
       at System.Windows.Forms.Control.CreateControl(Boolean fIgnoreVisible)
       at System.Windows.Forms.Control.CreateControl(Boolean fIgnoreVisible)
       at System.Windows.Forms.Control.CreateControl()
       at System.Windows.Forms.Control.WmShowWindow(Message& m)
       at System.Windows.Forms.Control.WndProc(Message& m)
       at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)
       at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)

    This means that the DirSync tool was not smart enough to tell you that you were installing it on a SharePoint server (which I didn't realize I was doing) with the ForeFront services already installed.  When you attempt to do this, you will overwrite your SharePoint ForeFront settings with the account mentioned above and then the two will fight over the service.  Obviously, this is bad.  I hadn't really done much research on some of the best practices around DirSync so its a bit of shame on me, but I also didn't find answers to these errors on the web when I google/binged them, so I'm making a mental blog note for others.

  • Eliminate App Web Part IFRAME issues - Use App Installing

    I have had a few different conversations with people about the whole App Web Part IFRAME problem lately.  Basically this problem means that you can't make calls outside the IFRAME using your code (it is a security feature of browsers).  This leads to the whole, "how limiting it is blah blah" conversation.  I simply say to them...why are you doing it like that? 

    Most people think that using the App Model means that you are constrained to the boundaries that the App Model enforces.  The truth is, you are not.  If you are building useful "longtail" apps for companies, you should realize, the App Model doesn't need to be used as it was originally intended. You can utilize its deployment mechanisms to get your files to the host web.  This pattern is a part of one of the labs in the O365 Dev course.  For example, if you have a workflow that needs a well defined url for external communication (ie the random app web url won't work [think redirect urls]), you can deploy all of the content of the workflow to the host web and then run it from there (no app web needed at all, as a matter of fact, you could delete it completely after deploy).

    How do you do this?  Use the App installing event handler.  As part of the App Model and the Visual Studio project, you can create an App installing event handling web which will get called and pass an access token to make calls back to the app and host webs.  Once you have that, the sky is the limit.  You don't have to deploy your code to the app web, but simply copy it from your web server to the host web.  In this essence, you are simply using the App Model as a "means to an end".  This will eliminate all your app web part IFRAME woes.

More Posts Next page »

This Blog


Powered by Community Server, by Telligent Systems