Uninstalling Office Web Apps – Be Careful!

I am building the final VMs for our 10174 course, we are trying to minimize the VM sizes and trying to do some interesting things.  As part of this process, I'm finding all these interesting things about all the products we threw into the images.  One is:

Uninstalling Office Web Apps 2010 will remove your SharePoint server from the Farm!  Not sure why it does this, I would have expected it to just remove the service applications and delete files and registry keys while leaving the WFE connected to the Farm, but alias, no.   Watch out when doing this, you will take your farm down for a little while until you re-attach the server to the Farm.

Oh, and make sure you have your farm passphrase handy…after rejoining, it *looks like* all service applications are setup correctly so you won't have to re-run the Farm Configuration Wizard.

Unfortuantely the farm is left in an instable state, DO NOT UNINSTALL OFFICE WEB APPS!  : Blog here

Chris

CJG’s Theory

I have always been a Star Trek fan, watched every episode of every version (my courses show you how much I like it, especially when you get to the labs with the picture of George Takei and I).  Sure there were good and bad ones, but always entertaining.  Star Trek is the whole reason I got into technology in the first place, love it!  Had the oppty to meet all the Star Trek actors one day, it was awesome. Similarly, I have always been a fan of space and technology. 

I have followed the theories and watched the discoveries and have been impressed with what we have figured out over the years, especially the things that Gene Roddenberry forecast (cell phones, lasers, etc). Some of the more interesting things have always started from theories.  When you watch the progression of things from theory to fact, you realize, everything always starts with some absurd theory, many of Stephen Hawking's have been pretty absurd, but always debated and improved upon in the community.  So with that, I want to share my theory on relativity:

I was driving from the DMV today and noticed a fly in the car.  The fly is dumb (we presume anyway), and had no idea it was in a car traveling at 50MPH.  It was flying forward with no real effort and with respect to the earth, was actually traveling faster than me or my car was.  It was ignorant of this fact of course.  But that puts things into perspective right, did you know you are on a planet travel several 10's of 1000's miles per hour around the sun, when in turn is traveling at who's knows how fast around the black hole at the middle of our galaxy?  Probably not eh?  Einstein said that everything is relative, physics even dictates that point of reference is important when calculating anything.  When you look at Hawking's theories, he says the blur at the end of the black hole is where you are traveling so fast that you seem to "disappear".  At first, it led him to believe that matter disappeared into the hole completely (as in destroyed, or simply, didn't exist anymore), but in reality, it is still there, but moving so fast, yet the light of it being pulled into or some slowly able to escape the gravity of the black hole that we can't see it.  Think of it in terms of if you move faster, than the speed of light (without gravity affecting you), everything will seem to have stopped, or possibly, you start to move in time (from your perspective).

With that laid as the foundation, consider that matter can be broken down to the protons, neutrons and electrons that make it up (we'll skip anti-matter for the time being).  The large particle collider is trying to prove that there are particles that make up these three things, the Higgs Boson particle (some call it the "God" particle, but that's just a silly name).  They say that the particle has been so hard to find because it moves so fast and between what they are calling 11 dimensions.  The basic human brain can really only fathom the first 4 dimensions (X, Y, Z, Time).  The rest, well, have been tough to think about…until now.   String theory seems interesting to me when correlated to something I have noticed over the past few years.  But before we get to that, let me state what I believe:

First and foremost, I believe that THERE IS some type of energy or component of the basic particles that is moving between these dimensions.  How many dimensions, frankly don't know, don't care.  The fact that is important is the dimensions exist.  If there is a sub-particle that is moving between the other particles, what is its frequency of being in our dimension?  In other wards, is there some type of formula that will describe that frequency like a sine or co-sine wave?  It could be way more complicated than a simple sine wave, but for simplicity, let's go with it. 

Let's say the wave is actually broken across the dimensions in a circular fashion (like token ring – the more advanced and better technology than ethernet ever was).  If the particle moves away from us, then all of its energy will be devoted to the dimension it is in at that moment.  I can't say if the closest dimensions get some benefit from being next to the dimension that currently holds the token, but my guess would be that they do (if simply that they were the last or first with it).  If this is the case, then string theory kinda goes away and it should be called "ring" theory.

Let's now say that the wave is still broken across the dimensions, but let's think of it as a line rather than a circle.  This puts "string" theory back in play as the formula that represents the energy of the token as it moves across the dimensions.   When the token is farthest from us, we are at the apex of the bottom of the curve.  When the token is with us, we are at the top of the apex.  In my theory, the "string" part is the map of the energy wave created across the dimensions.  This would imply that all dimensions are mapped out in a particular order.  I don't like that.  With everything in the universe, PI seems to rule.  The earth is round, the sun is round, particles that gather in space form round.  Why a straight dimensional map?  Would it make sense for it to be a circle of dimensions?

Now, with that second set of theory out of the way.  How might we calculate when the energy or token is with us?  Back to my observation of the past 32 years on this planet.  There seem to be days when everything (events, to-dos, etc) falls on that day.  It is also evident that in my observations on twitter, there are days when the entire world is super happy, and days when the entire world is super sad.  This is not just simplistic coincidence, but a literal convergent to a single day.   Now, a day is a relative thing to us.  In the view of space and time and the universe, a day (24 hours as humans have defined it) is such a small amount of time.  It is my theory, that these convergences are when we have the token (world happy days) and when we are farthest away from the token (world sad days).  I can say that I have only seen a few of these events in my lifetime, but they were VERY noticeable.  Or conversely, the token is bad energy and we don't want it!

It is my belief that it will be on those days, where we will be able to see the particle in the collider.  All the other days we won't have it and there will be no point in trying to find it. 

Let's take a step back, so what if I'm right?  How do we keep from accepting the token, is there anything we can do, to make it skip us if it is truly bad?  Is there anything that we could do to keep it if its good?  What if we determine the formula that maps the path of the token across the dimensions and how long we actually have it?  Do we post it on the internet and tell people that, in the words of Ice Cube, "today is going to be a good day!", or in the case of evil, that today is going to be a bad day and there is nothing you can do about it?

I have never seen a theory like the one I have been thinking about, so I figured, why not post it, see if someone in the physics community checks it out and say…damn…CJG might have something there!

ADDED:   What if the matter that enters the black hole speeds up to a point that it is expended as multi-dimensional heat energy (similar how the sun emits its solar energy)?  Would that mean that the actual sub-particle/energy we are looking for is part of a passing worm hole of dimensional "heat" expelled from the black hole?  This could in fact prove that what the collider is trying to do by sending two particles towards each other at light speed and in effect hit each other at twice light speed woul
d imitate the effect of the black hole (but not create a black hole) and therefore open a temporary view into the transformation of matter into dimensional energy?  If this is the goal and proves to be fact, would it be possible to open an area large enough to be able to inject conscious matter into it?  If you were able to do this, would you even be able to return to a dimension that would bring this consciousness back in the same form?  Would there not need to be another device sitting on the other side to catch your passing dimensional energy wave?

Ok, back to SharePoint 2010!
Chris

SharePoint 2010 has explicit deny!

What?  Are you serious?  The DenyPermsMask column is used now???  Oh yeah my friends, it can be used now!  Unfortunately, it can't be used at the site/web level.  It is in the web application policy level where you can now specify the explicit deny on permissions.  We have been waiting for this since SP1 of SharePoint 2007!

You can configure explicit deny on the SharePoint Central Administration by:

  1. Open Central administration
  2. Click Applicaiton Management
  3. Select a web application
  4. In the ribbon click  Permission Policy
  5. Click "add Permission Policy Level"
  6. Give it a name like "My Deny Policy"
  7. Notice that all the site level permission are displayed with a Grant and a Deny check box!  Cool!

 Chris

Migrating User Forms Based Permissions in 2010 Upgrade

So not everything gets upgraded in the RTM build of 2010.  Seems the usernames and permissions end up getting lost when you upgrade.  There are several things you have to do to get your upgraded forms based authentication to work:

First error you will get is "Forms Based Authentication on classic Web applications has been deprecated."  this is solvable by opening SharePoint 2010 Management Shell to upgrade the web application to use claims based authentication

$w = Get-SPWebApplication "http://webappurl/"
$w.UseClaimsAuthentication = $true;
$w.Update()
$w.ProvisionGlobally()

Second thing is to enable your forms based auth in the SecurityToken Service as in my other blog post

Next you need to ensure that your settings are valid in the Framework64 directory if you are using the machine.config to propagate your sql server settings for Aspnetsqlmembership.  This changed as SharePoint is now 64bit, and not 32bit.

Once this is done, you will NOT be able to login!  Why?  Because the internal naming of the user you have setup as the site collection administrator was tied to the old aspnetsqlmembershipprovider:username naming scheme in the databases.  The new naming convention is  i:0#.f|aspnetsqlmembershipprovider|username

How do you update this?  well, other than going into the database and updating it directly, you really have only one other choice, remove and add each user!  If you have 100's of users, if not 1000's, well your in for a long day!  Luckily, I wrote a nice little powershell script that goes in and adds/removes all the users.  Here it is (as with anything, use at your own discretion):

$spweb = get-spweb "webappurl"
foreach($spgroup in $spweb.groups)
{
write-host $spgroup.name

foreach($spuser in $spgroup.users)
{
write-host "Migrating: " $spuser.name
$newuser = $spweb.ensureuser($spuser.name)
write-host "SPUser=" $spuser
write-host "NewUser=" $newuser
write-host "Adding user:" $newuser.name " to group: " $spgroup.name
$spgroup.adduser($newuser)
if ( $newuser.userlogin -ne $spuser.userlogin)
{
write-host "Removing old user:" $spuser.name " from group: " $spgroup.name
$spgroup.removeuser($spuser)
}
}
}

SharePoint 2010 Managed Accounts

Can you find at least two places in SharePoint 2010 where the accounts are not managed accounts? 

What is a managed account?  It is an account that SharePoint knows about and manages it when the password needs to change and when it's role needs to change.  As part of the role change, the proper permissions will be assigned (most of the time) to the account to do its job.  You would think that all accounts would be managed but there are some places where this is not the case.

1) Search Crawler
2) User Profile Synchronization Service
3) All SSS Accounts that are setup in Service Apps

 Chris

Secure Store Service and Security Token Service Integration

Ok, in doing some research for the MOC Course, I found this juicy tidbit of information in MSDN

Secure store service and claims authentication

The Secure Store Service is a
claims-aware service. It can accept security tokens and decrypt them to
get the application ID, and then perform a lookup.. When a SharePoint
Server 2010 Security Token Service (STS) issues a security token in
response to an authentication request, the Secure Store Service decrypts
the token and reads the application ID value. The Secure Store Service
uses the application ID to retrieve credentials from the secure store
database. The credentials are then used to authorize access to
resources.

That's just freaking cool…blows the old Enterprise Single Sign On functionality out of the water…good job Microsoft!

Also check out this cool post by Mike on SSS API

Chris

 

SharePoint 2007 Colleague Tracker Data

Just answered a very interesting question in the forums around Colleague Tracker Data.  The jist of the question was how do you clear colleague tracker data?  After some exploring, I found the data is stored in the UserProfileEventLog table and queried via the [profile_GetUserColleagueEvents] stored proc.  There is a profile_ResetAll stored procedure, but if you look at it, it doesn't reset the Event Log data!  Bummer for this guy's issue! 

Here's the MSDN post

Chris

MSDN Forum Jam – Score Post

This blog post will be kept to keep track of the progress of the contestants on the MSDN Forums! Help participate by asking SharePoint questions, you'll probably get an answer from one of us on this list!

Final Stats!  Congratulations Clayton on a dominating Forum effort of 1751 points and 28% eff!  Marc Anderson comes in 2nd with 1443 and 31% eff!  Paul Galvin would have won on efficiency (44%) but Forum Moderators are excluded from winning, so the award goes to Corey Roth with 34% efficiency rating – WOW!

Name Points Posts Answers
Clayton Cobb 1751 334 93
sympmarc 1443 258 82
Chris Givens 1020 190 49
Alpesh Nakar 422 130 11
Kanwal Khipple 412 71 24
Paul Lucas 338 65 19
Paul Galvin 282 29 13
Shannon Bray – MCT 240 40 13
CoreyRoth 217 38 13
Dave Milner 22 0 1
Ashraf ul Islam 20 0 -1
Raymond Mitchell {iwkid} 16 3 1
Dan Usher 0 0 0
sptonyr 0 0 0
Ayman El-Hattab 0 1 0
Jerry Yasir 0 0 0
Corell Driskell -1 -1 -1

These are the starting stats, the star means SharePoint MVP (sorry Clayton):

sympmarc    15239    2556    949
CoreyRoth    2694    507    155
Dave Milner    75    17    5
sptonyr    9    7    1
*Paul Galvin    15929    3316    901
Clayton Cobb    18247    3832    934
Shannon Bray – MCT    5468    911    338
Dan Usher    214    45    13
*Kanwal Khipple    265    51    16
*Ayman El-Hattab    2308    268    113
*Jerry Yasir    284    52    16
Corell Driskell    0    0    0
Raymond Mitchell {iwkid}    187    41    11
Alpesh Nakar    1139    302    50
Paul Lucas    2941    511    172
Ashraf ul Islam    3337    491    228
Chris Givens    1628    337    85

SharePoint 2010 Filter Web Parts

Where did they go?  Hmm, they are still in the same namespace, but they have been moved out of the Microsoft.SharePoint.portal.dll.  They are now located in the Microsoft.Office.Server.FilterControls that is only located in the GAC.

Check out my reply in the MSDN Forums.

Chris

META: <type
name="Microsoft.SharePoint.Portal.WebControls.QueryStringFilterWebPart,
Microsoft.Office.Server.FilterControls,…>