|
|
|
|
|
| Thoughts, musings, outbursts and revelations of Cornelius J. van Dyk - 5 x Microsoft SharePoint MVP |
9/3/2010If you've ventured into the world of PowerShell extensions and modules, and more specifically, that world, targeted at SharePoint, then you have probably run into this error before. Import-Module : Could not load file or assembly 'file:///C:\cjvandyk.SharePoint.PowerShell.dll' or one of its dependencies. This assembly is built by a runtime newer than the currently loaded runtime and cannot be loaded. At line:1 char:14+ import-module <<<< .\cjvandyk.SharePoint.PowerShell.dll + CategoryInfo: NotSpecified: (:) [Import-Module], BadImageFormatException + FullyQualifiedErrorId : System.BadImageFormatException,Microsoft.PowerShell.Commands.ImportModuleCommand This error is thrown by PowerShell when you are using the Import-Module cmdlet to import a PowerShell module (redundant, isn't it?) that was built using the .NET Framework 4.0. The ugly error looks like this: 
If you're trying to use that module on a SharePoint system, the odds are that the server does NOT have the 4.0 version of the Framework installed. You can easily confirm this by simply checking the sub folders under the C:\Windows\Microsoft.NET\Framework location.  In the above example, you can see that 1.0, 1.1, 2.0, 3.0, 3.5 and 4.0 are all installed on the server. If you find that 4.0 is NOT installed, you can quickly install it following this guide. Once it's installed you only have one more thing left to do. By default, PowerShell will run under the 2.0 Framework. We need to force it to default to the 4.0 Framework and only revert back to 2.0 if it doesn't find what it's looking for in 4.0. That is easily done using a .config file for the PowerShell executable. Browse to the C:\Windows\System32\WindowsPowerShell\v1.0 location. 
You may not have the two .config file on your system. If you don't, you need to create them manually. Name the files exactly the same as the .exe files, but with a .config extension at the back. Create them as text files, but you will need to show extensions from your Folder Options in Windows Explorer in order to get rid of the .txt extension. The two config files should be named "PowerShell.exe.config" and "PowerShell_ise.exe.config". The content of the two files is a simple XML snippet that simply points PowerShell to default to 4.0 and fallback to 2.0. Copy and paste the following snippet into the .config files. <?xml version="1.0"?>
<configuration>
<startup useLegacyV2RuntimeActivationPolicy="true">
<supportedRuntime version="v4.0.30319"/>
<supportedRuntime version="v2.0.50727"/>
</startup>
</configuration>
Now when you restart PowerShell, attempting to load your module should yield no errors (if your module is compiled correctly and valid), and you should be able to implement the functionality from the module without any problem.
Enjoy
C
   
As we all know, SharePoint 2010 is still using the .NET Framework 3.5. That means that your servers may not have the latest .NET Framework 4.0 installed. This could cause some issues if you're trying to use APIs from 4.0, or if you are trying to build some new tools using 4.0, like PowerShell management extensions for example. The solution is to install 4.0 on your server. Here's the quick Step-by-Step for doing this on a Windows Server 2008 R2 x64 system with SharePoint 2010 installed. - Begin by downloading the full version of the Framework from here: http://www.microsoft.com/downloads/details.aspx?FamilyID=0a391abd-25c1-4fc0-919f-b21f31ab88b7&displaylang=en
- Once downloaded, double click the installer file named "dotnetFx40_Full_x86_x64.exe".
 - Windows may require you to confirm that you wish to launch the EXE. If it does, simply click "Run".
 - You'd have to accept the EULA. Check the "I have read and accept the license terms" check box.
- Click the "Install" button to commence the installation.
 - The installer will crunch away for a while as it installs the Framework.
 - Once installation complete, click the "Finish" button.
 - No server restart is needed. :-)
Later
C
8/27/2010When you enter STSADM -o deletessp from your SharePoint web server command line, you should get this: 
If you then proceed to try and delete your SSP with a command such as STSADM -o deletessp –title SharedServices1 but it still fails to delete, then you could use the undocumented -force flag thus: STSADM -o deletessp –title SharedServices1 -force Which should yield this: 
Gotta love those little –force flags. Later
C Technorati Tags: SharePoint, STSADM
8/19/2010This one was undocumented in SharePoint 2007 / WSS 3.0 and is still undocumented in SharePoint 2010 / SPF. I posted about this back in 2007 for the previous version, but was asked the same question in the SharePoint Support Forums. A little digging and firing off a test confirmed that the command has stayed intact for the latest version as well. Using STSADM from a command windows: STSADM -o setproperty -pn max-template-document-size -pv 524288000 Let it run and upon completion, you should see this: 
Later
C FOLLOW ME: 8/9/2010Another quick one… You can run this stored procedure: exec sp_databases
Which should yield the following output:
or you could try this stored procedure: exec sp_helpdb
Which would yield some more extended information thus:
or if you just want the names, you could execute this “undocumented” stored procedure: exec sp_msforeachdb 'print ''?'''
Which will yield this:
Or you could do the manual step of executing the following select query: select name from sys.databases
Which will yield:
Enjoy
C
FOLLOW ME: 8/2/2010Every so often, you run across the need to redirect a page somewhere else, like after a server migration when DNS isn’t used. By simply adding a HTTP-EQUIV meta tag to the <HEAD> of your page, you can redirect elsewhere in a jiffy. Syntax isn’t complex, but must be correct to function properly. Here’s the syntax: <HTML>
<HEAD>
<META HTTP-EQUIV="refresh" CONTENT="SECONDS_HERE;URL=REDIRECT_URL_HERE">
</HEAD>
<BODY>
</BODY>
</HTML>
Later
C
Technorati Tags: HTML RedirectFOLLOW ME: 6/24/2010This one was a BEAR to work through. There’s not much out there for it and everywhere I turned it seems everyone else was either having the same problem OR suggestion we “start with a clean install”. Nice suggestion that last one. Almost like… try rebooting the computer… but I digress. With three simple hacks, the install can be “guided” to complete successfully. So hopefully this guide will help some other poor soul save some time when they run into the same issue. Read the article here: http://www.cjvandyk.com/blog/Articles/How%20do%20I%20-%20Install%20PowerPivot%20into%20an%20EXISTING%20SharePoint%202010%20farm.aspx I hope this saves somebody some time and frustration out there. Later
C FOLLOW ME: 5/4/2010As a SharePoint Developer, you may run across this error at some point. 
It is most common when you’re trying to recompile a SharePoint binary, from a Visual Studio session ON the actual SharePoint server. Of course, in most normal situations, it’s unthinkable to run the compiler on the server, but as SharePoint developers, we know there is no other way to code for the platform so it’s pretty much SOP for us. The problem lies in the locks that are taken by the compiler process on the debug info file. Often the locks are taken by your last debug session and unfortunately the locks aren’t always released, even though you’re the same user from the same application. Call it a multi threading anomaly or something. Whatever it is, this happens in Visual Studio 2008. Enter Process Explorer! This little gem by Mark Russinovich from SysInternals, has been around for a long time, now in it’s 12th version. Microsoft bought SysInternals a couple of years ago, and with it, Mark’s great mind. I must say, it was probably one of the smartest acquisitions that Redmond has ever made. But I digress. So, if you have Process Explorer installed (if you don’t, download it now and do so), it generally lives in the C:\Program Files\Process Explorer folder. To unlock your files and resume your compilation, follow these easy steps: -
Open Windows Explorer. -
Browse to the C:\Program Files\Process Explorer location, or any other alternative location where you may have installed Process Explorer to. -
-
Double click “Procexp.exe” to launch Process Explorer. -
Once Process Explorer opens, it will display a list of all active processes on your system. Odds are that your .pdb file is NOT shown here. -
In the top menu, click the “Find” menu item. -
In the drop down menu, click the “Find Handle or DLL” menu option. NOTE: If you’re a shortcut kinda guy or gal, you could have accessed this option with the “Ctrl+P” keyboard hotkey combo. -
-
In the Process Explorer Search dialog window, enter the name of your DLL, or in our case, the name of our .pdb file. -
Click “Search” or press “Enter”. -
-
Process Explorer displays the process that has the lock and wouldn’t you know it, it’s Visual Studio itself.  -
Double click on the “devenv.exe” line. -
Process Explorer now closes the dialog window and the “devenv.exe” item is added to the displayed list. -
Right click the “devenv.exe” line in the displayed list. -
-
On the popup menu, click the “Close Handle” menu option. -
Process Explorer will display a warning message noting stability and crashes that may be caused by closing the handles on this file. Of course we understand this and we click “Yes”. Or alternatively, we don’t understand but as a Windows user, we blindly click “Yes” to just make the popup go away.  -
-
After closing the handles, we return to Visual Studio and press F5 or click Rebuild and tada!  -
Happy coding! Later
C 4/27/2010Many people launch new businesses or expand small businesses to the point where IT starts to play a role. It is at that precipice where the question about which software to use and build on becomes evident. As happens in most companies, a software package that most closely does what is more urgently needed, is installed by someone and it starts to gain user traction. This repeats over and over again until at some point, someone has to figure out how to untangle the spaghetti mess that resulted. If only someone had planned the expansion and use of software beforehand, it would have saved tons of time for whoever ends up with that project. And that… is where this series comes into play… I’ve built my career over the last 10 years or so, on Microsoft technologies. There’s always someone out there who’s done what you need, IF you understand what you need. That’s what Enterprise Architects to best. Understanding the business need and marrying that up with technology decisions that will help drive the business forward. I intend this series to provide a road map for anyone who needs to build a business on technology that’ll allow less rework down the road. I will cover all the topics as one may encounter them from the perspective of small (or even one man/woman) IT departments where budgets are tight (especially in the current economy) and getting high priced consultants isn’t always an option. The most expensive thing that’s done in IT, is rework. Doing the same thing over and over again because it wasn’t done properly the first time. My vision for this series is to be a guide that most IT personnel could follow to deploy technologies within their company that’ll be properly positioned to support company growth in the future, requiring little to no rework at any point in time. So without any further delay… here is my Roadmap for this series… Please note that I’ll be updating the Roadmap as time goes on and I write the corresponding articles and link to them. It may be a good idea to Bookmark/Favorite this post for future reference.   
-
Installation – Windows Server 2008 R2. Since Windows Server 2008 R2 is the latest and greatest server operating system from Microsoft, we’ll use it as the basis for all our servers. -
Configuration – Creating the Primary Domain Controller – Enabling the Active Directory Domain Services Role on Windows Server 2008 R2. Once we have our first server with an operating system installed, it’s time to create our company domain. We’ll be using Active Directory authentication for our environment. -
Business Continuity – Enabling and Testing the Windows Server Backup Feature on Windows Server 2008 R2. No progress can or should be made until we’re sure we can recover from absolute disaster. That means our server is completely dead and we have to restore onto new metal. Backup and Restore functionality must be tested before we do anything else. -
Configuration – Enabling the Hyper-V Role on Windows Server 2008 R2. Getting ready for virtualization is a key action here. In a small business, there is seldom money for multiple servers so we have to stretch our resources to the max by employing virtualization. Since running absolutely everything on one single server is not only NOT recommended as a Best Practice but also detrimental to scaling with business growth, virtualization is a perfect solution. We will be using Microsoft’s Hyper-V technology to host all our servers on the same physical box. -
Installation – SQL Server 2008 R2 on Hyper-V. Since absolutely everything we’ll do requires a SQL Server database, and since SQL Server 2008 R2 is Microsoft’s latest and greatest database server product, we’ll build on it. Initially we’re not going to cluster or scale the SQL Server, but that will be the first point of scaling once volume and traffic increase. -
Business Continuity – Configuring and Testing Disaster Recovery for Hyper-V Servers. Since our SQL Server was the first Hyper-V server we built, we have to test the Backup and Restore of our Hyper-V server before proceeding. -
Installation – Exchange Server 2010 on Hyper-V. Now that we have a domain and a database server, we need email. We’ll be building on Microsoft’s latest email server for that. -
Business Continuity – Testing Disaster Recovery for the Exchange Server 2010 server on Hyper-V. -
Installation – SharePoint Server 2010 on Hyper-V. After establishing email for the company, we need to work on the web site and collaboration between employees. We’ll use the latest version of SharePoint for that. -
Business Continuity – Testing Disaster Recovery for the SharePoint Server 2010 server on Hyper-V. -
Etc. And so the list will grow and continue over time. I am going to endeavor to post a new chapter in the series every week to two weeks so stay tuned. Later
C
4/19/2010I’ve been helping a good client of mine trouble shoot some performance issues with their SharePoint environment. They have a single MOSS 2007 server under 32 bit, so their 1,000+ active users (not concurrent though) is stretched about as thin as it will go. Recently, the server started having issues where the app pool would get locked up and take all the users down. Now IIS app pools are designed recycle when certain limits are reached so that it would be seamless to the end user. The app pool was set to recycle when memory consumption under the worker process (w3wp.exe) reaches 1 GB or the virtual memory consumption for the app pool reached 1.9 GB. We were not seeing the overlapped recycle taking place automatically because the app pool would get locked up when memory reached around 940 MB. It was not consistent though so it couldn’t be identified readily. We ended up trimming the values back to the eventual 800 MB physical and 1.5 GB virtual memory before triggering a recycle.  Once the app pool reached either of those limits in it’s memory consumption, IIS would spin up a new w3wp.exe worker process with a fresh app pool and all new SharePoint requests would be directed to that process instead. All existing pending requests on the current worker process/app pool would complete or be terminated once the timeout configured in IIS was reached. After all requests completed and released their execution threads, the worker process would terminate and release it’s memory back to the pool for IIS to use.
If you are seeing similar behavior in your SharePoint environment, there are a couple of things you need to pay attention to: - IIS Timeout setting.
- Runaway/locked up threads.
- Time between recycles.
- Physical server memory.
- Bit architecture of the server and SharePoint.
Once your server isn’t crashing for end users any more, it’s time to tune it’s health more closely. Identify what the IIS timeout setting is set for, for your server/app. If your server is still on IIS6, you will want to ensure that the LogEventOnRecycle property in the IIS metabase is set to true. Next you want to look in the Event Log under System for message 1077 which indicates that an overlapped recycle took place for the app pool. Make sure to note the time between these messages. It’s best to use the smallest time which should relate to your peak volume time of day for the given server. Lastly you want to make sure how much physical memory the server has and what the bit architecture of the server, the OS and SharePoint is, i.e. are you running 32 bit or 64 bit.  Now it’s time for some math. If you have a 32 bit server running 32 bit Windows Server and 32 bit SharePoint, this is a much more crucial issue than if you were running all 64 bit. The issue deals with memory. You have to figure that the server will not realistically have available to your worker processes more than half of it’s actual physical ADDRESSABLE memory. I highlight addressable here because remember than under 32 bit architecture, your server cannot address more than 3.2 GB of memory, even if it has 8 GB of physical memory!
Thus in our all 32 bit example, even though the server has 4 GB of memory physically, the OS can only address 3.2 GB which means by my math, about 1.6 GB would be available to our worker processes in IIS. You may be tempted to use something just below that as your recycle point, but remember that we have OVERLAPPED RECYCLE going on which means that IIS is managing two worker processes at the same time, so each would require it’s own memory in order to function properly. That was the problem we ran into when the recycle threshold was set at 1 GB. The worker process would trip the limit and then IIS would attempt to spin up an overlapping worker process, but since there wasn’t enough memory available to do so, it took no time at all to completely lock up IIS and bring down end users. Only a forced recycle of the app pool, which forcibly releases all threads and memory pages, thus also dropping users, before spinning up a new worker process, could restore the server to a working state. Dropping the memory recycle trigger down to 800 MB instead, we consumed half of our available memory, or 25% of the addressable memory. When the worker process triggered the overlapped recycle, it would spin up a second worker process and direct traffic to it while finishing up requests in the first worker process. Provided none of these requests had runaway threads, the worker process would typically shut down and release memory within a minute or two.  This gets the server into a usable state as far as the end user is concerned because they no longer see crashes or get locked up. On the server side, you will see the app pools recycle much more frequently and you are running the risk that a runaway thread would lockup the first worker process until the IIS timeout is reached. That setting is 15 minutes under IIS by default, but most SharePoint shops have upped that to 30 minutes, especially where low bandwidth or VPN users are in play. As a result, a runaway thread would keep the first worker process alive for 30 minutes. You can see how the time between recycles now becomes super CRITICAL! If you overlapped recycles happen more frequently than your IIS timeout value, change something.
RECOMMENDATION: Ensure that your IIS timeout value is always LESS than your overlapped recycle time at it’s shortest interval. Of course the answer is to solve the memory leak problems so that the app pools don’t have to recycle, but if you’ve ever tried to track down memory leaks, you know it’s HELL!  If you’ve never had the misfortune of having to do so, consider yourself truly blessed. It’s also not always realistic to bring the IIS timeout value down. If your server is recycling worker processes every 15 minutes, it’s certainly not likely to be doable. That’s when it becomes mission critical to hunt down any runaway threads and determine their cause. Anything that may cause the worker process to remain alive need to be addressed in order to keep your server up and running. At my client’s site, we were still getting runaway processes that could potentially put us in a state where a third worker process needs to be spun up which would bring the whole thing to a screeching halt. As an Enterprise Architect I get to see all sides of the fence. I work with and talk to everyone involved. When talking to developers, the feeling is usually that Ops people must have done “something” to the servers which is causing the instability. When talking to operations personnel, the feeling is usually that Devs are writing bad code that’s causing the instability. I’ve been in many SharePoint shops and have seen both sides of this argument be true, but not this time. We had an awesome traffic profiling tool available for the job and that’s where we discovered two items that would cause runaway threads. -
 SQL Server Reporting Services Integrated Mode. If you’re a SharePoint Architect, you probably just had a cold shiver go over your entire body as you read that line. Yes, every SharePoint shop dabbles with SSRSIM at some point. Most come to the conclusion that performance is a problem and usually deploy a dedicated server to run SSRS. That was also the case here. Unfortunately, there was a couple of instances of IM reports that could not be moved over to the dedicated server so IM was left active. What we discovered was a series of reports developed and built (as SSRS empowers end users to do) by end users. Of course end users are not going to know how to write optimized queries for data so as a result, these reports performed poorly. There were reports that would take upward of 30 seconds to load, and that was being local to the servers and on a 1 GB ethernet connection. The reports have very large amounts of tabular data and we know how well IE renders tables. Imagine being a user, on a remote VPN connection. Your wait time on the report could easily go over 2 minutes. The problem with that is the thread requesting data is locked up while all this data is transferred and interpreted for render on the browser. Additionally, a user could easily lose patience and simply close their browser fearing that it may be “locked up”. When a user does that, the thread still remains alive in the background until the download is complete and the loss of the end point on the client side could very well cause the thread to become a runaway thread that never releases its resources. No matter how you slice or dice it, it’s bad. -
Image Rotating Banner. We have a nifty little web part that adds pizzazz to user created pages by rotating through images determined by the designer/user. Now as I said, any time we empower end users to do design of content delivery, a LOT of thought has to go into it. In this case, the web part was designed for ease of use in that all the designer/user had to do was drop it on the page, set the Title for it and point it to an Image Library on the site. Then when the page is loaded, the web part would start rotating images using JavaScript. Nice. But way, there’s more. Using our awesome traffic profiling tool, we discovered pages, like main departmental home pages, were loading literally dozens of images. Taking a closer look at the pages, they appeared to load rather slowly. If you’ve ever dissected the loading sequence of a SharePoint page, you’d know that, even if you set them to display partially while downloading content, the JavaScript is usually the last part to be downloaded. As a SharePoint developer would understand, a SharePoint page isn’t really functional until that JavaScript has loaded. None of the dropdowns work etc. But I digress. Needless to say, until the page is completely loaded, you can’t really do too much. What we saw was all these images loading with the page before the script would load, making the page load times very slow. To make matters worse, we looked at some of the pictures being loaded and most were not resized to the 100 pixel banner size they displayed in. On the contrary, the images were in their original 9 mega pixel JPG format!  Cracking open the code for the web part, we discovered that it did exactly what I just described. It showed ALL of the pictures in the picture library regardless of SIZE. Though that design is OK for uses where experienced developers or web designers would be using the web part, it unfortunately does not work well for end users or inexperienced designers because it’s not realistic to expect an end user to think about the number of pictures being displayed, all being preloaded on the page as well as the size of those images. Considering some images up to 5 MB in size and libraries easily containing in excess of 20 images, you can see how the 1 MB size page, now having to preload all these images, suddenly became a 100 MB+ page. That’s never good for performance. Now granted, the web part should probably use AJAX to load it’s images and not preload them on the page, but this was the design that was available. We implemented a hot fix to the code whereby we simply leveraged SharePoint’s built in thumbnails for image libraries since it’s just a banner anyway. In addition, we display only a random 10 images from the library each time. That meant no more than 100 KB in extra page size. Again, you can see how a user could easily give up and close the browser, leaving a thread locked as it processes. As we’ve seen in this case, as developers and architects, we always have to be conscious of our end users. Tools we provide them in order to empower them can often come back to haunt us at the most inopportune times.
Later
C
4/12/2010SharePoint maintains some built in thumbnails that’s automatically generated when images are uploaded to the image library. This is in order to allow for the thumbnail view of the image library. Here’s an example from my blog. 
On the left side is the original  image that exist in the image library. Click on the link to see the image in it’s full size. The right side is the SharePoint thumbnail. You can click it to see the size of the image. The formula is pretty simple… simply change the URL as follows: Original: http://www.cjvandyk.com/blog/Lists/Photos/042308_1817_VMWareSnaps3.png Thumb: http://www.cjvandyk.com/blog/Lists/Photos/_t/042308_1817_VMWareSnaps3_png.jpg As you can see, simply: -
Insert “_t/” in front of the file name, -
Replace any periods (.) with underscores (_) and finally, -
Append a “.jpg” at the end of the file name. As you can see, my example was actually a .png file, but the thumbnail is still a .jpg file. Enjoy
C As I reflect on another week gone by, I have to say I like the “spring forward” for DST. It’s wonderful to be able to leave the office and walk back to my hotel room while the sun is still out. Of course it makes getting up in the mornings a little harder, but it’s a tradeoff I’m happy with.  This was an exciting week. I attended a preview event of the Visual Studio 2010 Launch, presented by Microsoft on site for our benefit. Jason Zander himself, the General Manager for Visual Studio (i.e. the guy who “owns” the Visual Studio product line), was there to present for us and get us excited! I’ve been playing with Studio a little bit, especially on my Netbook. Now that the great Launch event is almost upon us, I’ve had some time to reflect on the product. There’s good and not so good as you’d expect, but by far, the good outweigh anything else. Nevertheless, here are my thoughts, what I’m excited about and wish list items I’d like to see for the next version. This is of course very far from a complete list, but just my quick thoughts.
THE GOOD -
IntelliTrace – Think DVR for your code testing. This is the single most awesome new feature in the product in my mind. Giving testers the ability to record their testing sessions both visually and data wise and then making it possible for developers to come back and spin up a VM on demand, deploy all the proper code and run the same steps as the tester for the developer to see, debug and fix is… well AWESOME!!! -
Import/Export Debug Breakpoints – It’s a little thing, but if you’ve ever tried to collaborate with another developer on code and where to set a breakpoint, you’ll know what I’m talking about. This is a nifty little time saver. -
Linq2SP – Well, the Linq is everywhere and now it’s in SharePoint too!  -
-
Optional Parameters for C# 4.0. OK, so this one’s just my pet peeve, but ever since I first switched to C# from C/C++, I’ve been waiting for optional parameters. Finally! -
Seems to have decent performance. The operative word here is *seems*. The demos were given on IBM Thinkpads which, isn’t the most awesome hardware around for demos, but it appeared to perform pretty well. I would recommend to Microsoft that they get some decent demo laptops though. You want things to be snappy in a demo. -
Tracepoints – The ability to collect predefined data at given trace points within the application’s execution cycle, will be very useful. The functionality is mostly self created for developers at this point. Having the IDE take care of that for us, will be a big help. THE BAD -
The Dependency Graph Generator will not identify reflection based calls. That means once you leave the reservation, your calls aren’t going to make it into the DGML that’s generated. I have this listed as a “bad”, but in all honesty, this is probably in line with anyone’s reasonable expectations of such a tool. -
TFS is a must. If you thought you could live without TFS before, this release ties so closely to TFS 2010 that it would be almost impossible to not have it. Can you say licensing?  THE UGLY -
No run time, in-line variable/code correction while in IntelliTrace. This means you get to debug and work with a COPY IN TIME of the code that was running on the server when the bug was found. Once you fixed the bug in that COPY of the code, you’d have to find a way to merge it forward into the current code set. This is definitely one for my wish list for the next version. -
No Remote SharePoint server development or debugging. This one will probably bite us a couple of times. Another one for my wish list. It would be awesome if you could attach to code on a remote server and debug it. -
32 bit. So Visual Studio is 32 bit, not 64 bit. It provides complete support for developing and targeting 64 bit apps, but is itself not 64 bit. That’s not a big deal in my mind and I believe it’ll be the case in the next rev. It’s not really an “ugly”, at least not if you compare it to demos in VB.NET given to a developer centric audience in order to show off a developer tool! I’m still chuckling about that one. Overall I’m super excited about the upcoming release. I can’t wait to get the RTM bits on my machine. More than anything, I’m already thinking through how TFS would play into Best Practices for Application Lifecycle Management, Change Management and Quality Control processes for large scale enterprises in the future. Who knows. Maybe my book will have something about it… Later
C 3/3/2010
One of the first things I do on any new SharePoint server is update the Powershell profile so that I can easily filter STSADM commands. As we all know, there are tons of commands in STSADM and the built in filtering to search for any given command is… well, wanting.
Powershell to the rescue. Using Powershell, we can filter the -help output from STSADM to make things more searchable. This is done as follows:
- Open Windows Explorer.
- Navigate to C:\Windows\System32\WindowsPowershell\v1.0\
- Open for edit (preferably in a plain text editor like Notepad, NOT Wordpad or Word), the file named “Microsoft.PowerShell_profile.ps1”.
- Add the code block below.
- Save and exit.
- Open Powershell.
- Start using STSADMQ.
function global:stsadmq($filter)
{
write-host -foreground "Green" "STSADM Commands matching $filter"
stsadm -help where {$_ -like $filter}
}
You can now use the wild card filter to find the needed STSADM command that you’re searching for like this:
I hope STSADMQ saves you as much time as it has for me.
Later
C
12/21/2009 - Start IIS Manager.
- Expand “Web Sites” until the web app of your site is visible.
- Right click the web app and select “Properties” on the dropdown menu.
- Select the “Directory Security” tab.
- Under the “Authentication and access control” section, click the “Edit” button.
- Check the “Enable anonymous access” check box is checked.
- Check the “Integrated Windows authentication” check box.
- Ensure all other check boxes are unchecked.
- Click “OK” twice.
That should be it. You may need to restart IIS if caching is delivering the same results as before the change. Later
C
Technorati Tags: SharePoint, IIS12/4/2009
OK, so the title of this post could also have been “Best Practices for Determining if a User is a SPWeb Administrator”, but then the search engines wouldn’t catch the post for all those unfortunate enough to be searching for FullMask or DoesUserHavePermissions() in the future.
The Problem
OK, OK, in all seriousness though. There are a lot of content out there that recommend that people simply use
SPContext.Current.Web.DoesUserHavePermissions(SPBasePermissions.FullMask)
when trying to determine if the current user has Administrator rights to the current web site (SPWeb). This is all good and well, but it assumed that you have NEVER customized your web application available permissions list i.e. your effective base permissions. So what’s the problem, you may be wondering…
The problem is in the way SharePoint behaves when you do indeed customize your permissions for the web app. If you dive into SharePoint Central Administration under
Central Administration > Application Management > Permissions for Web Application
you will find all the SharePoint base permissions and the ability to turn any one of these permissions off by simply unchecking it’s checkbox and then clicking the OK button… all except for one… FullMask. If you were to uncheck say UseClientIntegration (in order to disable desktop apps such as Office or SPD from editing content directly on the server) and then save that state, SharePoint will do two things.
- It will remove the UseClientIntegration bit flag from the permissions bit mask and
- because total full control is no longer possible for the web app, it will also remove the FullMask bit flag from the mask.
That’s all fine and dandy until you go and add the permissions back again. If you now recheck the UseClientIntegration checkbox and clicked OK, you’d expect SharePoint to add the bit flag back to the permissions mask again and it does do that, but for the UseClientIntegration flag only. If you’re expecting it to also reset the FullMask flag, you’ll be disappointed.  This appears, at least in my mind, to be a bug in the SharePoint core code. Yes, yes, I know it’s most probably “working as designed” or “behaving as intended”  , but in my mind the absence of any UI way to reset the FullMask flag, as well as the sparse documentation surrounding it, this just feels like a bug and not an intended feature. So to be clear…
SharePoint does not reset the FullMask security bit once permissions on the web app was customized!
Now as far as SharePoint UI and everything else an end user sees is concerned, everything is working perfectly as per usual with no ill effects. It’s only when you drop into the world of the SharePoint developer that things can become hairy. In case you were wondering, here’s the base permissions bit mask as returned when the FullMask bit is set:
7FFFFFFFFFFFFFFF
And once customized, even with all permissions enabled again, the bit mask returns rather as a union of all aggregated permissions and looks like this:
400001F07FFF1BFF
If a SharePoint developer used the DoesUserHavePermissions() method and passed the FullMask flag to it in hopes of identifying an admin user, the method will always return False because the FullMask bit is never reset again. So using SPContext.Current.Web.DoesUserHavePermissions(SPBasePermissions.FullMask)simply isn’t reliable for admin checking in code. Fortunately, the failure occurs on the safe side i.e. it is reporting an Admin to simply not be an Admin rather than reporting a User to be an Admin so most probably your app doesn’t break, but is simply not quite working as expected.
The Solution
So then, you ask, what exactly would be the best practice for determining if the current user is an admin?
You may be tempted to use code like this
((ISecurableObject)SPContext.Current.Web).DoesUserHavePermissions((SPBasePermissions)Microsoft.SharePoint.SPPermissionGroup.WebDesigner))
and then use SPPermissionGroup.Administrator as the target, but since the value of Administrator in this case is –1 and the DoesUserHavePermissions() method is looking for a ulong value, it will epically fail on you, even if you were to “duck punch” it with up/down casts like (SPBasePermissions)(Object)…
Rather, the proper way to check if a user has admin rights to the current SPWeb, regardless of source (web, site collection or CA policy), is as follows:
((ISecurableObject)SPContext.Current.Web).DoesUserHavePermissions(SPBasePermissions.ManageWeb)
By checking if the user has the ManageWeb security bit set, you will always get the proper result back. Using FullMask is akin to trying to remove a wart with a canon. ManageWeb is more like a scalpel.
OK, I broke it. Now what?
If you’re in the boat where you’ve already “broken” the FullMask bit, don’t despair. There is indeed hope. Luckily some smart people like MOSS MVP Gary LaPointe, have struggled with this problem before and have created clever workarounds for this.
To reset the FullMask security bit, you can use the following code courtesy of Gary: SPWebApplication wa = SPWebApplication.Lookup(new Uri(url));
wa.RightsMask = wa.RightsMask | SPBasePermissions.FullMask;
wa.Update()
If you’re adventurous, you can go ahead and write an app or even your own STSADM extension for that, but if you’re like me, you’ll be happy to know that Gary already did that! Simply go and get his MOSS or WSS extension methods for STSADM package from his Download Page. It comes all nicely packaged in a .wsp ready for deployment into your SharePoint environment. The STSADM operation you need is:
gl-enableuserpermissionforwebapp
and the proper syntax for it is as follows:
stsadm -o gl-enableuserpermissionforwebapp -fullmask -url http://YourWebAppURL
So there you go. The best practice for determining if a user is an administrator for a site and a way to fix it if your code is using FullMask and broke because someone played with permissions.
Enjoy…
Later
C
11/3/2009In the 2007 cycle of SharePoint, I released a comprehensive guide to upgrading from 2003 to 2007 because all the upgrade guides I could find were simply using default installs for upgrades. That never reflects the real world scenario and complexities, so I created my upgrade guide. It was very popular and I received many appreciative comments on the post.
Well, fear not, for I will be doing the same thing again for the 2010 cycle. I'm currently working on the post and will publish it soon. Initially it will be for migration to Beta 2, but I'll update it as needed for RC and RTM, so stay tuned!
Later
C
10/19/2009Well, rather than posting each one separately, I'll just post this rollup post. Come and get it!
SP2010 Developer Platform White Paper
SP2010 Developer Platform Wall Poster
SP2010 Getting Started with Development - Hands On Labs
SP2010 Developer & ITPro Learning Guide
SP2010 Developer Walkthroughs
Later
C
Get your topologies poster in Visio, PDF and XPS format here:
Later
C
10/16/2009
I received a question about this in the Support Forums today, so I decided to jot down the steps quickly for future seekers of knowledge...
To turn on Content Approval, follow these steps:
- Navigate to the list for which Content Approval is to be turned on.
- Click "Settings" next to the "Actions" menu. If you do NOT see "Settings", it means you are not an Administrator of that list. You must have Administrative rights over the list to be able to do this.
- On the dropdown menu for "Settings", click "List Settings".
- On the List Settings page, under General Settings, click the "Version Settings" link.
- On the Version Settings page, set the "Require content approval for submitted items" option to "Yes" and click the "OK" button.
That's it! Enjoy...
Later
C
10/11/2009Well, we're in the final week countdown to SPC09 and I can't wait! It's going to be THE biggest SharePoint event in history and we'll be able to openly talk about SharePoint 2010 after that. Thank goodness!
Some cool stuff coming so stay tuned...
Later
C
10/1/2009Yes indeed my friends, the SharePoint Conference 2009 is coming quickly! Hosted in Las Vegas, NV from 19-22 Oct 2009, it's going to awesome!
I will be there...l how about you?
Check out the session sneak peak...
Later
C
9/24/2009
<<<WSS 2.0 / SPS 2003 ONLY>>>
Later
C
9/21/2009If, like me, you write custom event receivers against SharePoint lists on a regular basis, then you no doubt have had a run in with trying to locate the proper ListTemplateId value to use in your Elements.xml in order to properly register your new event receiver.
Anyway, if you dig deep enough through the WSS 3.0 SDK, you'll find it in the "General Reference/Features and Templates/Working with Features/Feature Schemas/Event Registrations/Receivers Element" section... or you could just click here: :-P
Anyway, I'm always digging for this one, so I thought's I'd just put it out on my blog for quick future reference for anyone (including myself) looking for it!
Later
C 7/22/2009If you're using Windows Workflow Foundation in SharePoint today, you may wish to stay up to date with what's coming in the .NET Framework 4.0 and WF4.
Latest docs available for download here:
https://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=bd94c260-b5e0-4d12-93ec-53567505e685
Later
C
7/10/2008
This week, we encountered an interesting situation dealing with lists and list views. At first glance, looking at the list, we saw the following:
This is supposed to be the list view of the PMA Contacts list, but as you can see, nothing really shows up. The next step was to place the page into Edit mode through "Site Actions/Edit Page".
Once the page was in edit mode, we could see the web part zones as shown below. Can you see what is wrong here?
If you said that the web part was missing, give yourself 5 points! ;-) In order to restore the view properly, we need to add the list view web part back to the page. We start by clicking the "Add a Web Part" area.
Once the web part list page opens, we want to take a look at the closed web parts so we click the "Advanced Web Part gallery and options" link at the bottom right of the window.
In the web part gallery browser window, you can see the "Closed Web Parts" gallery noting one web part. That means that on this page, there is a web part that was closed. Select the "Closed Web Parts" gallery.
As you can see in the above screen shot, the PMA Contact list view web part shows up in the closed list. Select the "PMA Contacts" web part and drag it over the page.
As you can see, the PMA Contact list view is now restored again. Simply click "Exit Edit Mode" in the top right under "Site Actions" to return to the regular list view as seen below.
Now that we fixed the problem, the question arises… just how did the list get to that state in the first place? It's actually much simpler than you would imagine and it probably happened with just a single missed click.
To re-break the list view, click "Site Actions/Edit Page".
With the page in edit mode, simply click the closing "X" button on the top right of PMA Contacts.
You should now have the same broken view that we started with, so as you can see, just one simple click on an "X" can cause some faster heart beats. ;-)
Later
C
Kick it Fave it Digg it Reddit Del.icio.us 6/8/2008
I was asked the following question in the support forums and thought it would be useful to blog about for others to use in the future.
Question: I created a new root site (site collection) and selected the wrong site template during the site creation process or I changed my mind and want to use a different site template than the one used during site creation. The problem is that sub sites have been created since then. How do I change the site template used for the root site of a site collection with sub sites?
Fellow MVP Shane Young blogged an article that comes closest to addressing this scenario here:
http://msmvps.com/blogs/shane/archive/2006/02/15/83787.aspx
Unfortunately, the scenario is based on WSS 2.0 and if you're working with WSS 3.0, this might not work.
So you are left having to either adapt Shane's article to 3.0 or go with the simplest way possible which is the recreation of the site. Microsoft's conservative recommendation would be, as you already noted, to delete the site and then recreate it using the correct template.
Since you have sub sites in this site collection, you will need to backup the sub sites BEFORE you can do this. Of course, in the process of templatizing/backing up sub site, you could run into problems if you're trying to save a site as a template and it exceeds the 10 MB limit. Given that, I would recommend that you increase your site template site limit before templatizing sub sites. Here are the steps I would recommend to resolve your issue:
- Schedule an outage of the sites and conduct this process off hours in order to ensure that nobody is making changes to the sites while you're doing this. COMMUNICATE this with your users clearly. Users can get very testy about these things. ;-)
- BACKUP YOUR DATABASE BEFORE YOU START!!!
- Increase your site template size limit. Follow the instructions from this article: http://www.cjvandyk.com/blog/Lists/Posts/ViewPost.aspx?ID=111
- Templatize each sub site by using the "Save as Template" option on the Site Administration page.
- Clearly record the permissions for each sub site.
- Go to the site collection Site Template Gallery and download a local copy of all the site templates (.stp) to your computer.
- Delete each sub site.
- Delete the root site of the site collection.
- Create a new site collection, this time selecting the RIGHT template! ;-)
- Go to the Site Template Gallery of the new site collection.
- Upload all the .stp files you downloaded in step 4.
- Each of the uploaded templates should now show up as options in the Create menu. Recreate each site using its template in turn.
- Recreate the permissions for each site using the information captured in step 5.
- Navigate back to the site collection's Site Template Gallery and delete all the .stp templates you uploaded in step 11. This is to remove the sites as create options and is done for security reasons.
And that should do it!
The hardest part of this process is capturing and re-establishing permissions on the sites, especially if your site administrators use fine grained permissions i.e. grant library, folder or item level permissions. In such cases, it might not be possible to fully capture the complete permissions set without expending massive amounts of time. In cases where granular permissions are in play, I recommend leveraging an automated tool to backup the sites. AvePoint has a good tool that does a nice job of this called DocAve. You can download a 30 day trial of DocAve and use it if this is a onetime occurrence. Of course DocAve has many more features that might well make it worth owning for your environment.
Luckily this kind of scenario doesn't happen too often… right? ;-)
Later
C
Kick it Fave it Digg it Reddit Del.icio.us 5/19/2008
OK, so a LOT of new things are happening in my world, but more on that in a day or so… In the mean time, I my blog has been rated by Joel Oleson's Top 100 SharePoint Blogs as #41. See the complete list here.
As of late, I've not had much time to publish a lot of fresh new content, but that's all about to change. Stay tuned as I build my blog to the Top 5 on Joel's list. Of course I'd like to aim for #1, but the SharePoint Team Blog pretty much has that spot locked up… still, one can aim high… especially an ex Air Force pilot… ;-)
Later
C
Kick it Fave it Digg it Reddit Del.icio.us |
|
|
|
|
|
|
|