Category: Uncategorized

Posted on

SharePoint 2010 Managed Accounts

Can you find at least two places in SharePoint 2010 where the accounts are not managed accounts? 

What is a managed account?  It is an account that SharePoint knows about and manages it when the password needs to change and when it's role needs to change.  As part of the role change, the proper permissions will be assigned (most of the time) to the account to do its job.  You would think that all accounts would be managed but there are some places where this is not the case.

1) Search Crawler
2) User Profile Synchronization Service
3) All SSS Accounts that are setup in Service Apps

 Chris

Posted on

Secure Store Service and Security Token Service Integration

Ok, in doing some research for the MOC Course, I found this juicy tidbit of information in MSDN

Secure store service and claims authentication

The Secure Store Service is a
claims-aware service. It can accept security tokens and decrypt them to
get the application ID, and then perform a lookup.. When a SharePoint
Server 2010 Security Token Service (STS) issues a security token in
response to an authentication request, the Secure Store Service decrypts
the token and reads the application ID value. The Secure Store Service
uses the application ID to retrieve credentials from the secure store
database. The credentials are then used to authorize access to
resources.

That's just freaking cool…blows the old Enterprise Single Sign On functionality out of the water…good job Microsoft!

Also check out this cool post by Mike on SSS API

Chris

 

Posted on

SharePoint 2007 Colleague Tracker Data

Just answered a very interesting question in the forums around Colleague Tracker Data.  The jist of the question was how do you clear colleague tracker data?  After some exploring, I found the data is stored in the UserProfileEventLog table and queried via the [profile_GetUserColleagueEvents] stored proc.  There is a profile_ResetAll stored procedure, but if you look at it, it doesn't reset the Event Log data!  Bummer for this guy's issue! 

Here's the MSDN post

Chris

Posted on

MSDN Forum Jam – Score Post

This blog post will be kept to keep track of the progress of the contestants on the MSDN Forums! Help participate by asking SharePoint questions, you'll probably get an answer from one of us on this list!

Final Stats!  Congratulations Clayton on a dominating Forum effort of 1751 points and 28% eff!  Marc Anderson comes in 2nd with 1443 and 31% eff!  Paul Galvin would have won on efficiency (44%) but Forum Moderators are excluded from winning, so the award goes to Corey Roth with 34% efficiency rating – WOW!

Name Points Posts Answers
Clayton Cobb 1751 334 93
sympmarc 1443 258 82
Chris Givens 1020 190 49
Alpesh Nakar 422 130 11
Kanwal Khipple 412 71 24
Paul Lucas 338 65 19
Paul Galvin 282 29 13
Shannon Bray – MCT 240 40 13
CoreyRoth 217 38 13
Dave Milner 22 0 1
Ashraf ul Islam 20 0 -1
Raymond Mitchell {iwkid} 16 3 1
Dan Usher 0 0 0
sptonyr 0 0 0
Ayman El-Hattab 0 1 0
Jerry Yasir 0 0 0
Corell Driskell -1 -1 -1

These are the starting stats, the star means SharePoint MVP (sorry Clayton):

sympmarc    15239    2556    949
CoreyRoth    2694    507    155
Dave Milner    75    17    5
sptonyr    9    7    1
*Paul Galvin    15929    3316    901
Clayton Cobb    18247    3832    934
Shannon Bray – MCT    5468    911    338
Dan Usher    214    45    13
*Kanwal Khipple    265    51    16
*Ayman El-Hattab    2308    268    113
*Jerry Yasir    284    52    16
Corell Driskell    0    0    0
Raymond Mitchell {iwkid}    187    41    11
Alpesh Nakar    1139    302    50
Paul Lucas    2941    511    172
Ashraf ul Islam    3337    491    228
Chris Givens    1628    337    85

Posted on

SharePoint 2010 Filter Web Parts

Where did they go?  Hmm, they are still in the same namespace, but they have been moved out of the Microsoft.SharePoint.portal.dll.  They are now located in the Microsoft.Office.Server.FilterControls that is only located in the GAC.

Check out my reply in the MSDN Forums.

Chris

META: <type
name="Microsoft.SharePoint.Portal.WebControls.QueryStringFilterWebPart,
Microsoft.Office.Server.FilterControls,…>

Posted on

SharePoint MVP MSDN Rankings

I have had quite a few people ask me how I am able to say when I'm passing someone in the forums.  It's simple really, I built a nice parser that pulls down all the SharePoint MVPs with their stats.  With the latest MVP announcements (New and re-news – congrats to everyone by the way), I'd figure it would be good to promote a sense of community and a challenge to those MVPs that may not be pulling their full weight in the forums community as well as encourage some of you non-MVPs to set some targets for how much you want to participate.  Let me be clear though, forum participation is not the only thing that drives an MVP award.  There are several people on this list that I know personally that are awesome and deserve their MVP even without forum participation.  Things that factor in include:

  • The company you work for
  • Your customers (Fortune 100)
  • Your project references
  • Your code and tool contributions (Codeplex)
  • Products you have invented and market
  • Your community participation (Books, courses, forums, blogs, etc)
  • Your involvement with the product team

So, where does your favorite SharePoint MVP stack up in the forums, you will probably be surprised!?! Check out this list (let me know if I missed anyone or if someone has a separate id that I may have missed).  I really do consider the top 10 the best of the best, anyone that participates that much deserves an MVP simply for their dedication and helpfulness.  FYI, I'm at (1624 | 336 | 083) so I have a way to go.  This is updated as of 3/28/2010.

Participate in the Forum Jam 2010 : http://bit.ly/9PQSRJ

Name | Points | Posts | Answers

MVPs

1) Mike Walsh      | 48357 | 15438 | 1657
2) Paul Galvin      | 15895 | 3304 | 890
3) Fabrice Romelard| 9585 | 1264| 683
4) Mike Oryszak    | 8139 | 1326| 500
5) Moonis Tahir    | 7054 | 1186| 468
6) John D. Ross    | 6919 | 1495| 348
7) Waldek Mastykarz| 6437 | 1110| 396
8) Gary Lapointe   | 4972 | 807 | 318
9) Ishai Sagi      | 3830 | 596 | 255
10) Randy Drisgill  | 3382 | 623 | 206
Michael Nemtsev | 3324 | 717 | 198
John Timney     | 3091 | 436 | 207
Wictor Wilen    | 2683 | 428 | 164
Ayman El-Hattab | 2308 | 268 | 113
Becky Bertram   | 2061 | 273 | 134
MatthewMcDermott| 2043 | 619 | 089
Andrew Woodward | 1570 | 386 | 085
Mirjam Van Olst | 1504 | 234 | 089
Scot Hillier    | 1299 | 212 | 082
Stephane Eyskens| 1252 | 227 | 074
Karine Bosch    | 1228 | 222 | 074
Jan Tielens     | 1198 | 197 | 080
Paul Stork      | 0977 | 147 | 062
James Milne     | 0774 | 169 | 042
Philippe Sentaen| 0994 | 184 | 058
Andrew Connell  | 0731 | 158 | 043
Eric Shupps     | 0721 | 113 | 048
Renaud Comte    | 0656 | 170 | 032
Liam Cleary     | 0604 | 073 | 040
Asif Rehmani    | 0538 | 084 | 031
Nick Swan       | 0484 | 131 | 022
Spencer Harbar  | 0450 | 062 | 028
Nicolas Georgeau| 0422 | 121 | 016
Juan Valenzuela | 0369 | 047 | 022
Marwan Tarek    | 0368 | 049 | 023
Steven Van Craen| 0330 | 090 | 015
Vivekthangaswamy| 0306 | 093 | 020
Paul Schaeflein | 0318 | 053 | 022
Jerry Yasir     | 0284 | 052 | 016
Darrin Bishop   | 0282 | 072 | 016
Wes Preston     | 0268 | 045 | 015
Ivan Wilson     | 0246 | 105 | 011
Mohanad Omar    | 0233 | 034 | 016
John Holliday   | 0226 | 073 | 012
Zac Smith       | 0226 | 036 | 014
Ben Robb        | 0219 | 032 | 012
Pierre Vivier-Me| 0216 | 055 | 011
Panagiotis Kanav| 0214 | 047 | 011
Todd Klindt     | 0210 | 042 | 012
GabrieleDelGiovi| 0185 | 037 | 010
Sahil Malik     | 0178 | 054 | 008
Michael Greth   | 0147 | 036 | 008
Agnes Molnar    | 0134 | 034 | 012
Romeo Pruno     | 0134 | 024 | 009
Bryan Phillips  | 0129 | 023 | 007
Robin Meure     | 0129 | 037 | 005
Steve Sofian    | 0126 | 028 | 006
Didier Danse    | 0124 | 062 | 003
Thiago Soares   | 0114 | 041 | 008
Walter Van Vugt | 0108 | 041 | 010
Ed Musters      | 0102 | 021 | 005
Ton Stegeman    | 0092 | 014 | 007
Pierre Erol Gira| 0086 | 027 | 004
Chandima Kulathi| 0086 | 023 | 003
Kevin Laahs     | 0076 | 028 | 002
Kathy Hughes    | 0073 | 015 | 004
Benjamin Curry  | 0071 | 013 | 002
BrendonSchwartz | 0070 | 010 | 005
Fumio Mizobata  | 0065 | 010 | 004
Sampathperera   | 0062 | 011 | 004
Ricardo Munoz   | 0061 | 013 | 002
Kanwal khipple  | 0050 | 015 | 002
Dan Holme       | 0039 | 009 | 002
Sebastian Wilcze| 0037 | 001 | 001
Bil Simser      | 0034 | 014 | 001
Daniel Webster  | 0032 | 024 | 000
Carsten Keutmann| 0032 | 006 | 001
Reza Alirezaei  | 0030 | 005 | 002
Shane Perran    | 0028 | 004 | 002
Igor Macori     | 0028 | 007 | 002
Brian Farnhill  | 0016 | 003 | 001
Aleksandr Chervy| 0013 | 013 | 000
Christoph Muller| 0012 | 026 | 003
Eli Robillard   | 0010 | 008 | 000
Rehman Gul      | 0006 | 003 | 000
Amanda Murphy   | 0006 | 003 | 000
Sarbjit Singh Gi| 0006 | 008 | 000
Matt Ranlett    | 0004 | 003 | 000
Penny Coventry  | 0002 | 001 | 000
Loke Kit Kai    | 0002 | 006 | 000
Danial Larson   | 0002 | 002 | 000
Todd Bleeker    | 0002 | 001 | 000
Rob Foster      | 0002 | 001 | 000
Stacy Draper    | 0002 | 001 | 000
Arno Nel        | 0000 | 008 | 000
Joy Rathnayake  | 0000 | 006 | 000
Shane Young     | 0000 | 002 | 000
Juan Herrera    | 0000 | 001 | 000
Bill English    | 0000 | 000 | 000
Box Fox            | 0000 | 001 | 000
Ted Pattison    | 0000 | 000 | 000
Orin Thomas     | 0000 | 000 | 000
Mohamed Zaki    | 0000 | 000 | 000
Adam Buenz      | 0000 | 000 | 000
Bob Mixon       | 0000 | 000 | 000
Robert Bogue    | 0000 | 000 | 000
Colin Spence    | 0000 | 000 | 000
Todd Baginski   | 0000 | 000 | 000
Daniel Wessels  | 0000 | 000 | 000
Daniel Seara    | 0000 | 000 | 000
Stephen Cummins | 0000 | 000 | 000
Christian Hougar| 0000 | 000 | 000
Carlos Sanz     | 0000 | 001 | 000
Mohamed Zaki    | 0000 | 000 | 000
Shady Khorshed  | 0000 | 000 | 000
Bill Brockbank  | 0000 | 000 | 000
Alex Pearce     | 0000 | 000 | 000
Serge Tremblay  | 0000 | 000 | 000
Valy Greavu     | 0000 | 000 | 000Alexander Romano| 0000 | 000 | 000

Posted on

MSDN Forum Jam 2010

Wow, didn't expect the crazy responses on the MSDN Ranking post.  Seems I have definitely spurred the competitive community sprit!  In an effort to keep things going with that post, I'm announcing MSDN Forum Jam 2010.  Starting next friday I will hold a contest in the MSDN forums.  For those of you that are not the answering type, please post questions for us to answer!  Here's the details:

  1. Tweet me at @givenscj to say you would like to participate by April 9th, 2010 (MVPs and Non-MVPS welcome)
  2. At 8am on April 10th, I will take a snapshot of all participants points, posts and answers
  3. Contest will end April 29th, the person with (measured in difference between snapshot and 4/29 totals):
    1. Highest Point total wins a $100 gift card
    2. Highest post to answer ratio wins a $100 gift card
    3. Second highest Point total will win a set of ACS SharePoint 2010 training manuals
  4. All posts should be related to SharePoint 2007 or 2010.  We will do various auditing of your posts to ensure they are in the proper forums, if you don't have more than 50%, then you will be disqualified
  5. Moderators are free to participate, but will be unofficially tracked
  6. I'll post updates along the way to let people know where they stand
  7. As with anything, rules are always subject to change but probably won't, this is not endorsed by Microsoft and won't guarantee an MVP [:D]
  8. Be sure to follow Forum etiquette, be nice and civil, recognize others, its all about helpfulness!

If anyone else would like to contribute to the bounty let me know!

Let the community building begin!
Chris Givens

Please re-tweet this as #forumjam2010

Posted on

SharePoint Tool Ideas For YOU to Build!

Looking for the next thing to build for SharePoint?  Here's a quick list from notes over the years:

  • Claims filter web part (2010)
    • This would present a set of registered claims to be used in BI solutions (Excel Services, Report Services, Performance Point, etc)
  • Velocity Sandbox Solution disable (2010) – as suggested by @sahilmalik
    • When in an Sandbox environment, if one Sandbox Solution goes crazy based on X rate, you deactivate it
  • Generic Sandbox Solution Validator – I BUILT THIS ONE ALREADY!
  • Timer Job Disabler – I BUILT THIS ONE ALREADY!
  • A feature that inserts a status message when the Site has not been used or is about to be deleted (2010)
  • Column Updater for field names
    • This tool would update all column names for a specific field type
      across an entire farm in the event the name of the field changes.
  • Custom event handler to call IFilters and then parse files for bad words (similar to ForeFront feature)
  • Create email alias in active directory/exchange from the email settings page (if site collection admin)
  • Copy file permissions to a document library from NTFS
  • HttpModule to intercept and encrypt documents on "View"
  • Wiki linking based on different word other than page name
  • Extend web application policy permissions (override site collection level permissons)
  • Find and replace web part instances and migrate audience settings tool
  • Solution query tool (show what features are part of the solution wsp on central admin)
  • Page to add Multiple columns at once for content types (especially page layouts)

Ok, you guys and gals get to work!
Chris

Posted on

Scripting Sharepoint 2010, Zero to C (as in E=MC^2)

So you wanna script your entire SharePoint 2010 Farm install eh?  Want me to show you how to do it?  I'm sure you do!  Here's the steps:

set share=”//servername/PreReqs”

prerequisiteinstaller
/unattended /SQLNCli:%share%/sqlncli.msi /ChartControl:%share%/MSChart.exe
/IDFXR2:%share%/MicrosoftGenevaFramework.amd64.msi
/Sync:%share%/Synchronization.msi /filterpack:%share%/filterpack.msi
/ADOMD:%share%/SQLSERVER2008_ASADOMD10.msi

  • Create a config.xml file

<Configuration>
<Package Id="sts">
<Setting
Id="LAUNCHEDFROMSETUPSTS" Value="Yes"/>
</Package>
<Package
Id="spswfe">
<Setting
Id="SETUPCALLED" Value="1"/>
<Setting
Id="OFFICESERVERPREMIUM" Value="1" />
</Package>
<Logging
Type="verbose" Path="%temp%" Template="SharePoint
Server Setup(*).log"/>
<PIDKEY
Value="{YOURKEY}" />
<Display Level="none" CompletionNotice="yes"
/>
<Setting
Id="SERVERROLE" Value="APPLICATION"/>
<Setting
Id="USINGUIINSTALLMODE" Value="0"/>
<Setting
Id="SETUPTYPE" Value="CLEAN_INSTALL"/>
<Setting
Id="SETUP_REBOOT" Value="Never"/>
</Configuration>

  • Run the following command pointing to your config.xml file to install sharepoint

setup /config <pathto>config.xml

  • Configure SharePoint 2010

set s="C:Program FilesCommon
FilesMicrosoft Sharedweb server extensions14BINstsadm.exe"
set ps="c:program
filescommon filesmicrosoft sharedweb server
extensions14inpsconfig.exe"
set farmadmin=CONTOSOSP_Farm
set sql=DBNAME
set p=Pa$$w0rd

%ps% -cmd configdb -create -server
%sql% -database SharePoint_Config -user %farmadmin% -password %p% -passphrase
%p% -admincontentdatabase SharePoint_AdminContent
%ps% -cmd adminvs -provision -port
9999 -windowsauthprovider onlyusentlm
%ps% -cmd services install
%ps% -cmd secureresources
%ps% -cmd installfeatures

  • Start all Services

Get-SPServiceInstance | foreach-object {Start-SPServiceInstance
-identity $_.Id }

  • Create ALL the service applications

$DbServerAddress = "DBNAME"

$farmPassPhrase = ’Pa$$w0rd’

$svcPwd = ’Pa$$w0rd’

$username =
"CONTOSOSP_Service"

$password = ConvertTo-SecureString
$svcPwd -asplaintext -force

$credential = New-Object
System.Management.Automation.PSCredential $Username, $Password

$managedAccount =
new-SPManagedAccount -credential $credential

$app = New-SPIisWebServiceApplicationPool "All Services" -account $managedAccount

#New-SPUsageApplication -name
"Usage and Health Service Application"

New-SPAccessServiceapplication
-applicationpool $app -name "Access Services"

New-SPBusinessDataCatalogserviceapplication
-applicationpool $app -name "Business Connectivity Service Services"

New-SPExcelServiceApplication
-applicationpool $app -name "Excel Services Application"

$md = New-SPMetadataServiceApplication
-applicationpool $app -name "Managed Metadata Service"

New-SPMetadataServiceApplicationProxy
-name "Managed Metadata Service" -serviceapplication $md

$pps =
New-SPPerformancePointServiceApplication -applicationpool $app -name
"PerformancePoint Service"

New-SPPerformancePointServiceApplicationProxy
-name "PerformancePoint Service" -serviceapplication $pps

New-SPStateServiceApplication -name
"State Service"

$ps =
New-SPProfileServiceApplication -applicationpool $app -name "User Profile
Service"

New-SPProfileServiceApplicationProxy
-name "User Profile Service" -serviceapplication $ps

$vgs =
New-SPVisioServiceApplication -applicationpool $app -name "Visio Graphics
Service"

New-SPVisioServiceApplicationProxy
-serviceapplication $vgs -name "Visio Graphics Service"

$was =
New-SPWebAnalyticsServiceApplication -applicationpool $app -name "Web
Analytics Service Application"

New-SPWebAnalyticsServiceApplicationProxy
-serviceapplication $was -name "Web Analytics Service Application"

New-SPWordConversionServiceApplication
-applicationpool $app -name "Word Service"

$serviceapp =
New-SPSecureStoreServiceApplication -Name "Secure Store Service"
-partitionmode:$false -sharing:$false -databaseserver $DbServerAddress
-databasename "SSO" -applicationpool $app -auditingEnabled:$true
-auditlogmaxsize 30

$proxy = $serviceapp |
New-SPSecureStoreServiceApplicationProxy -defaultproxygroup:$true -name
"Secure Store Service Proxy"

Update-SPSecureStoreMasterKey
-ServiceApplicationProxy $proxy -Passphrase $farmPassPhrase

Start-Sleep -s 5

Update-SPSecureStoreApplicationServerKey
-ServiceApplicationProxy $proxy -Passphrase $farmPassPhrase

$searchapp =
New-SPEnterpriseSearchServiceApplication -name "Search Service
Application" -applicationpool $app

$proxy = New-SPEnterpriseSearchServiceApplicationProxy
-name "Search Service Application Proxy" -searchapplication
$searchapp

$si =
Get-SPEnterpriseSearchServiceInstance -local

Set-SPEnterpriseSearchAdministrationComponent
-searchapplication $searchapp 
-searchserviceinstance $si

$ct = $searchapp |
New-SPEnterpriseSearchCrawlTopology

$crawlStore =
$searchApp.CrawlStores | where {$_.Name -eq
"Search_Service_Application_CrawlStore"}

New-SPEnterpriseSearchCrawlComponent
-searchapplication $searchapp -crawltopology $ct -searchserviceinstance $si
-crawldatabase $crawlstore

$ct |
Set-SPEnterpriseSearchCrawlTopology -active

Write-Host -ForegroundColor Yellow
"Waiting on Crawl Components to provision…"

while ($true) {

$ct =
Get-SPEnterpriseSearchCrawlTopology -Identity $ct -SearchApplication $searchApp

$state = $ct.CrawlComponents |
where {$_.State -ne "Ready"}

if ($ct.State -eq
"Active" -and $state -eq $null) {

break

}

Write-Host -ForegroundColor Yellow
"Waiting on Crawl Components to provision…"

Start-Sleep 2

}

$qt = $searchapp | New-SPEnterpriseSearchQueryTopology
-partitions 1

$p1 = ($qt |
Get-SPEnterpriseSearchIndexPartition)

New-SPEnterpriseSearchQueryComponent
-indexpartition $p1 -querytopology $qt -searchserviceinstance $si

$p1 |
Set-SPEnterpriseSearchIndexPartition

$propertyStore =
$searchApp.PropertyStores | where {$_.Name -eq
"Search_Service_Application_PropertyStore"}

$p1 |
Set-SPEnterpriseSearchIndexPartition -PropertyDatabase
$propertyStore.Id.ToString()

$qt
| Set-SPEnterpriseSearchQueryTopology –active

Your done, enjoy!
Chris Givens aka CJG

Posted on

SharePoint 2010 Password Change Policy

SharePoint 2010 has a great new feature for setting your service account passwords for when your AD team has locked down the password policies.  In Central Administration you can click Security->Manage service accounts links, and after selecting the account, you can then set the passwords for these accounts from central administration.  You may get an Access Denied error via the Microsoft.SharePoint.Win32.SPNetApi32.NetUserChangePassword method.   This is very simply calling the C++ Netapi32.dll to change the password.  Reference this for more information:

http://msdn.microsoft.com/en-us/library/aa370650%28VS.85%29.aspx

In doing more research, any accounts that have "Do not allow user to change password" will fail to update the password.  The actual changing of the password is done as if it is the user changing it.  You should also watch out for the "Accounts can only change once per day setting", this would keep you from changing your password more than once in a single day.

Chris