Wednesday, December 21, 2011

Never Stop Windows SharePoint Services Web Application

If you stop the "Windows SharePoint Services Web Application" it will remove all SharePoint websites along with your customizations from IIS!!!


So, Until you are very sure what you are doing, Never stop the Windows SharePoint Services Web Application. In case, it happened already then you have to apply ALL your IIS manual customizations (including Web.config changes, Certificates, IIS Manual changes, etc). This is why Microsoft says "Don't touch IIS".

If you Must restart it, then Take the Backup of IIS Metabase and do it.

You might also like:
SharePoint Usage Reports
Usage reports, collaboration and audit for SharePoint.
Document SharePoint Farm
Automatically generate SharePoint documentation.
*Sponsored


Sunday, December 18, 2011

Configuring AD LDS-Claims Based Authentication in SharePoint 2010 - Step by Step

Introduction:
SharePoint 2010 provides you with the ability to setup multiple authentication providers, to provide clients or other external parties such as vendors, affiliates etc access to your SharePoint Sites without having to provide them with a Windows Active Directory Account.  

This article walks through with step by step instructions on how this can be easily achieved using Windows 2008 R2 Active Directory Lightweight Directory Services (AD LDS).
Active Directory Lightweight Directory Services (AD LDS) for SharePoint Extranet 

Summary:
      Executing this implementation guide will help in: Setting up CBA (Claims based authentication) with AD LDS in SharePoint 2010 extranet environment.

Overview:

      1.              Adding  AD LDS Server Role
   a.       Creating AD LDS Instance
   b.      Validate AD LDS instance is running
   c.       Un-Install the AD LDS Instance
2.              Connecting to AD LDS Server using ADSI Edit
   a.       Adding a User Object &  Setting Mandatory user properties & password
3.              Configure CBA for the web application
4.              Modifying web.config files of:
   a.       Central Administration
   b.      Web Application which uses CBA
   c.       Security Token Service (STS)
5.              Grant access to AD LDS users to SharePoint Sites.
6.              Unit Testing

1. Add “Active Directory Lightweight Directory Services” Server Role
Open the Windows Server 2008 R2 Server Manager, click Roles in the navigation pane, and then click Add Roles link.
Add Roles in Windows 2008 R2Click “Next” button
Check the box for Active Directory Lightweight Directory Services, and then click Next button
Add Active Directory Lightweight Directory Services Role

Click the Next button on introduction page.
Verify the Confirmation Installation Settings, and then click Install button.
Installing Active Directory Lightweight Directory Services Role
See the installation in progress.
Installing Active Directory Lightweight Directory Services Role
When the installation has completed, click Close.
completed Installing Active Directory Lightweight Directory Services Role


1(a).  Create a New Instance of AD LDS


Create and AD LDS instance by clicking Start > Administrative Tools > Active Directory Lightweight Directory Services Setup.  The setup wizard screen appears.  Click Next.

Create and AD LDS instance

We can create a new unique instance, or we can replicate an existing instance also. Here we are going with the first option. Select “A unique instance” and then click on Next.

Create a Unique AD LDS instance
Type the Instance Name. The instance name will help you to identify and differentiate it from other instances that you may have installed on the same server.

Name AD LDS instance
Specify the LDAP port numbers and then click Next.  Note that these numbers cannot be in use by any other application on the same server.

AD LDS Port
Click “Next” and select the option “Yes, create an application directory partition” and enter the partition name. I have used “CN=LDAP,DC=SharePoint,DC=COM”.   Note: It has no relation with your machine name or Active directory. This can be any new domain.
AD LDS Application directory partition
Select the File Locations.  Click Next.

Select Network service account.  This should be sufficient in most cases.  Select Next.
AD LDS Service Account
Select your administrator account.  Click Next.
AD LDS Administrator account
Important:
Make sure the Application Pool account has been added in the AD LDS Administrator Role. (Go to “Roles” node property, scroll to “Members” attribute and add the application pool account. Otherwise user accounts will not be resolved in SharePoint!!!

Click on the below options.  This will be needed for extranet users’ accounts.  Click Next
AD LDS LDIF Files Selection

Click on Next
Install AD LDS LDIF Files
Click Finish

1(b). Validate AD LDS instance is running

If everything configured correct then you will see the service running under Administrative Tools > Services.

Varify AD LDS instance in Services Console

1(c)  Uninstall AD LDS Instance (In case if you want to uninstall existing instance):

Go to Control Panel > Programs and Features > you will see the AD-LDS instance installed.

Uninstall AD LDS Instance
Select the AD LDS Instance and click on “Uninstall” to uninstall the particular AD LDS Instance.

2.  Connecting to AD LDS Server using ADSI Edit

Now that our instance is complete, we are required to connect to this instance via ADSI Edit MMC snap in.  Click on Start > Administrative Tools > ADSI Edit.  Once the MMC is loaded, right click on the ADSI Edit Node and select Connect to…

Connect to AD LDS Server using ADSI Edit
Enter the connection Properties and click OK
Connect to AD LDS Server using ADSI Edit - Properties
On successful connection, this will lead to AD LDS Server view as shown in the below screen.
AD LDS Server in ADSI Edit

2(a).  Creating new users in AD LDS Instance:

We now need to create a container to store our users.  This is equivalent to an Organizational Unit in Active Directory.  Right Click on CN entry and select New > Object and select the class as container.  Click Next.
How to Create user Container in AD LDS
Type Users as the value, click Next and Finish
Now you will see “Users” container. We can now create our users in the “Users” container that we have just created.
users Container in AD LDS
Right Click on CN=Users and select New > Object, and select class as user.
How to Create new users in AD LDS
Type in a user name and then click Next and Finish.
New user creation in AD LDS
Once the user is created we have to set:
·         Reset Password
·         msDS-UserAccountDisabled to False (its True by default)
·         Important: Set attributes like “cn” and other properties as required by membership provider setting – otherwise users without CN attribute set will not pick by SharePoint.

Reset Password
Right click on user and select “Reset Password”.
Reset Password in AD LDS

msDS-UserAccountDisabled
Right Click on your newly created user object and select properties.
Scroll down and locate the msDS-UserAccountDisabled attribute and set it to False.
Enable msDS-UserAccountDisabled attribute
PowerShell Script to List the users in AD LDS instance:
$Dom = "LDAP://server.domain.com/CN=Users,CN=LDAP,DC=SharePoint,DC=COM"
$Root = New-Object DirectoryServices.DirectoryEntry $Dom

# Create a selector and start searching from the Root of AD
$selector = New-Object DirectoryServices.DirectorySearcher
$selector.SearchRoot = $root
# Filter the users with -like "CN=Person*". Note the ForEach loop
$adobj= $selector.findall() | where {
$_.properties.objectcategory -like "CN=Person*"
}
foreach ($person in $adobj)
{
$prop=$person.properties
Write-host "First name: $($prop.givenname) Surname: $($prop.sn) User: $($prop.cn)"
}
Write-host "There are $($adobj.count) users in the $($root.name) domain" 
read-host  # just to keep the screen stay open

3. Configure CBA for the web application

For new web application:
  • Go to Central Administration > Application Management
  • Click on Manage Web Applications
  • Click New
  • Select Claims Based Authentication
  • Check the Enable Windows Authentication box
  •  Check the Enable ASP.NET Membership and Role Provider checkbox
              * In the Membership provider name edit box, type LDAPMembershipProvider          * In the Role provider name edit box, type LDAPRoleManager LDAP Role Provider
For existing web applications:
  • Go to Central Administration > Application Management
  • Click on Manage Web Applications
  • Select the target web application and click on authentication providers in ribbon
  • Enter the above authentication settings
 Once Successful configuration, on hitting the SharePoint site, you should get:
Claims Sign-in Page

4. Modifying web.config files

Important: Take the backup of web.config files before making any change
We have to change 3 web.config files totally.
1.       To get the users from ADLDS to central administration site we have to change web.config of Central Administration site.
2.       To get the users from ADLDS to the web application which we created to work CBA, we have to change its web.config.
3.       To login to the site using claims based authentication, it uses security token service application. So, we have to change its configuration file.

4(a). Update Central Administration site’s web.config:

  • Open the Central Administration site's web.config file
  • Find the <system.web> entry
  • Paste the following XML directly below it ( or just before:  </system.web>  <system.webServer>)


   

      

   






 

       

          

       

    


Double check whether the <membership> and <rolemanager> entries only exist ones. Delete any double entries.

Update the  <PeoplePickerWildcards> entry with below  code:
    <PeoplePickerWildcards>
      <clear />
      <add key="AspNetSqlMembershipProvider" value="%" />
     <add key="LdapMembershipProvider" value="*"/>
     <add key="LdapRoleManager" value="*"/>
    </PeoplePickerWildcards>

4(b). Update Web application’s web.config:

Update the web.config with the below code

      
    


        
      
    
    
      
    
        
      
    

Update the <PeoplePickerWildcards> as below:
PeoplePickerWildcards>
      <clear />
      <add key="AspNetSqlMembershipProvider" value="%" />
<add key="LdapMembershipProvider" value="*"/>
<add key="LdapRoleManager" value="*"/>
    </PeoplePickerWildcards>

4(c). Update security token service’s web.config:

·         Open the Internet Information Services Manager
·         Expand the Sites, and then SharePoint web Services, explore SecurityTokenServiceApplication to edit its web.config file


Pate the below code between <system.web>  and </system.web> </configuration>


       
          
       
    


     
       
          
       
    


5.  Add users to SharePoint site

After completing all the above steps, we have to grant access to the users to SharePoint site.
Set the Web application level user policy:
·         Navigate to Central Administration > Application Management  > Manage web applications
·         Select the target extranet web application and click on “User Policy” from ribbon

Click on Add users
·         Click Next
·         In the add users window, click on address book
·         Enter the user name, make sure the LDAP names are retrieved
AD LDS Users in People Picker

6. Unit Test: Verify LDAP Authentication works

Create a user in LDAP, Grant access to a SharePoint site, Open the SharePoint Site; enter the LDAP user name and password.

Make sure you are successfully logged-in into SharePoint site.


You might also like:
SharePoint Usage Reports
Usage reports, collaboration and audit for SharePoint.
Document SharePoint Farm
Automatically generate SharePoint documentation.
*Sponsored


Wednesday, December 14, 2011

Update all items in a list using Nintex Workflow

Recently, I had a requirement to update all items in a List based on other list item's change event. So decided to implement using Nintex workflow.

Designed the Nintex workflow as this to update all items in list.
run nintex workflow all items list
Here are the details actions in workflow designer:

Query the List to get all items:
nintex run workflow all items list

Apply For-Each to loop thru the list items:
nintex workflow all items

 Update the list items:
nintex update all items in list

 So simple! isn't it?


You might also like:
SharePoint Usage Reports
Usage reports, collaboration and audit for SharePoint.
Document SharePoint Farm
Automatically generate SharePoint documentation.
*Sponsored


Tuesday, December 6, 2011

PowerShell Script to List All the Users from LDAP

Wanted to retrieve all the users from a AD LDS based LDAP instance. Code
$Dom = "LDAP://<Server-Name>/CN=Users,CN=LDAP,DC=SharePoint,DC=COM"
$Root = New-Object DirectoryServices.DirectoryEntry $Dom

# Create a selector and start searching from the Root of AD
$selector = New-Object DirectoryServices.DirectorySearcher
$selector.SearchRoot = $root
# Filter the users with -like "CN=Person*". Note the ForEach loop
$adobj= $selector.findall() | where {
$_.properties.objectcategory -like "CN=Person*"
}
foreach ($person in $adobj)
{
$prop=$person.properties
Write-host "First name: $($prop.givenname) Surname: $($prop.sn) User: $($prop.cn)"
}
Write-host "There are $($adobj.count) users in the $($root.name) domain" 

read-host


You might also like:
SharePoint Usage Reports
Usage reports, collaboration and audit for SharePoint.
Document SharePoint Farm
Automatically generate SharePoint documentation.
*Sponsored


Friday, November 11, 2011

Update Theme for All Site collections, Sub-Sites in SharePoint

Requirement: Update new theme in for All Site collections, Sub-Sites in SharePoint

C# code to do that:

using System;
using System.Collections.Generic;
using System.Text;
using Microsoft.SharePoint;
using Microsoft.SharePoint.Administration;
using System.IO;

namespace Theme_Update
{
    class Theme_Update
    {
        static void Main(string[] args)
        {
            string site;
            try
            {
                if (args.Length == 0)
                {
                    Console.WriteLine("Enter the Web Application URL:");
                    site = Console.ReadLine();
                }
                else
                {
                    site = args[0];
                }

                SPSite tmpRoot = new SPSite(site);
                SPSiteCollection tmpRootColl = tmpRoot.WebApplication.Sites;

                //Enumerate through each site
                foreach (SPSite tmpSite in tmpRootColl)
                {
                    //Enumerate through each web for the site

                    foreach (SPWeb tmpWeb in tmpSite.AllWebs)
                    {
                            //Apply the default theme for the current Web
                            tmpWeb.AllowUnsafeUpdates = true;
                            tmpWeb.ApplyTheme("none");
                            tmpWeb.Update();
                            tmpWeb.ApplyTheme("Custom-Theme");
                            tmpWeb.Update();
                            tmpWeb.AllowUnsafeUpdates = false;

                        //Log to a file, where the theme is applied!
                            StreamWriter SW;
                            SW = File.AppendText("E:\\ThemeLog.txt");
                            SW.WriteLine(tmpWeb.Url);
                            SW.Close();

                            //Dispose of the Web Object
                            tmpWeb.Dispose();
                        }
                    //Dispose of the Site Object
                    tmpSite.Dispose();
                }
                //Dispose of the Root Site Object
                tmpRoot.Dispose();
            }

            catch (Exception ex)
            {
                System.Diagnostics.EventLog.WriteEntry("Theme Updater", ex.Message);
            }
        }
    }

}


You might also like:
SharePoint Usage Reports
Usage reports, collaboration and audit for SharePoint.
Document SharePoint Farm
Automatically generate SharePoint documentation.
*Sponsored


Tuesday, November 8, 2011

Archive (Backup and Delete) IIS Logs in SharePoint

IIS logs are the requests from clients, and written into text-based log files. It captures every web page/image/script requests. By default, IIS logs stored in C:\ of WFE servers. If SharePoint is being accessed a lot, It may cause disk space problem for your OS drive so quickly. So we can change this log path. Here is how:
  1. Go into IIS Manager for each WFE. (Start > run > Inetmgr)
  2. select the server name in the Connections panel on the left.
  3. In the Features view shown in the middle panel, select Logging.
  4. For the log file, change the directory to a more suitable drive and folder. For example, I’ve changed the path for the log files to D:\Logs\IIS.
sharepoint 2010 iis logs location

How about backing up them Monthly and deleting old logs?
Its a good idea to backup and clean IIS Logs every Month. These Logs are highly compressible up to 500%!!! (Meaning 500 MB file to 5MB file).

Steps:
1. Download and import the PowerShell community Extension (for write-zip cmd-let)
2. Write the script to Zip and Delete IIS Logs
3. Schedule the script to run on every month ( or based on your schedule)

Step 1: Download and import the PowerShell community Extension
Download the PowerShell community Extension from http://pscx.codeplex.com/, and then unblock it(Right click the downloaded .zip file > go to Properties > click on "Unblock" button)

Fire up PowerShell, Get in to your modules folder, typically it would be:C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules
cd $PSHome\Modules

Extract the PowerShell community Extension Zip file to a folder, Say: pscx . Now, Import the downloaded modules:
import-module Pscx

Done!

Step 2: Write the script to Zip and Delete IIS Logs
Now the next step: Writing PowerShell script to Zip and delete the Old log files, Here is the script:

setExecutionPolicy RemoteSigned #important
$date=get-date -UFormat %m-%d-%y
write-zip -Path C:\Logs\IIS -Outputpath C:\Logs\$date.zip
move-item c:\Logs\$date.zip D:\IISLogBackup\
get-childitem C:\Logs\IIS -include *.log -recurse | remove-item
Place the above script in to a file, Say: d:\Scripts\IISCleanup.ps1

Step 3: Schedule the script to run on every month
Finally, We need to schedule the script in Windows Task scheduler. Go to Start > All Programs > Administrative tools > Task Scheduler, and create the task to run the script at d:\Scripts\IISCleanup.ps1.
powershell.exe D:\scripts\IISLogsClear.ps1 If you get exceptions like "File not found.." then add the paths D:\Scripts, PowerShell's path in System Environment variable.

Update: Related to this, there is a codeplex utility to  compress and move SharePoint Logs (Not IIS Logs): http://dlc.codeplex.com/


You might also like:
SharePoint Usage Reports
Usage reports, collaboration and audit for SharePoint.
Document SharePoint Farm
Automatically generate SharePoint documentation.
*Sponsored


Wednesday, October 26, 2011

Enable Multilingual User Interface (MUI) in SharePoint 2010

Creating multilingual SharePoint 2010 site is extremely useful when working for global SharePoint deployments. It allows a logged on user to change the language to one of the supported alternate languages configured. All the standard SharePoint user interface elements are translated with this feature. Like:
  •     Ribbons
  •     Site Settings Page
  •     Site Actions Menus
  •     Lists and Site Column headers
  •     Quick Launch Menu
  •     Certain Messages displayed in out of the box webparts
Please note: when you switch the language via MUI selector it only translates UI elements, content in the site is not translated. You can use Variations to change the content. More info: http://technet.microsoft.com/en-us/library/cc262055.aspx#Section4

Follow these steps to enable multilingual sharepoint 2010 sites
Step 1: Download and Install the appropriate Language pack
Multilingual support for SharePoint 2010 is provided via language packs. Download and install the desired SharePoint Foudation & SharePoint Server Language Packs.

Important: For SharePoint Foundation 2010, You can just install SharePoint Foundation 2010 language pack alone. But for SharePoint Server 2010, both SharePoint Foundation language packs & SharePoint Server language packs must be installed.

For Multilingual User Interface, a corresponding language pack has to be installed for every language. For instance, To enable the "Hindi" language interface in ShaerPoint, you have to download & Install the Hindi language pack.

SharePoint 2010 Language Packs

1. Download the Language pack for appropriate language:
SharePoint 2010 Language Packs download

2. Install the downloaded Language packs:
 multilingual in sharepoint 2010
3. Run the Products and Technologies configuration wizard after the installation:
4. You can verify the installed language packs by navigating to:  Central Administration >> Upgrade and Migration >> Check product and patch installation status. Here you can get the list of installed language packs.
enable multilingual sharepoint 2010

Step 2: Enable the Language packs
These steps has to be execute the on every site collection where you need to activate SharePoint 2010 multilingual user interface.

1. Open the SharePoint site collection, Go to the ‘Site Settings’ via the ‘Site Action’ menu

2. Under the Site Administration select "Language Settings". “Language Settings” won't appear under Site Administration section in Site Settings page until language packs are installed.
 sharepoint 2010 multilanguage howto
3. Choose the languages that should be available for end-users and Click Ok to Save the setting.
 multilingual support for sharepoint 2010
4. Now the languages are available via the ‘Welcome Menu’ in Top Right, an option added "Select Display Language".
enable multilingual sharepoint 20105. Select the language to view the site in that language. SharePoint 2010 multilingual interface for Site settings page should look like:
multilingual support for sharepoint 2010
Technet reference: http://technet.microsoft.com/en-us/library/ff805062.aspx

Update: In SharePoint 2013, you won't see the options to switch languages from site settings Menu. SharePoint 2013 works based on browser settings. So Go to Internet explorer's options to change the Language!

You might also like:
SharePoint Usage Reports
Usage reports, collaboration and audit for SharePoint.
Document SharePoint Farm
Automatically generate SharePoint documentation.
*Sponsored


You might also like:

Related Posts Plugin for WordPress, Blogger...