Tuesday, December 17, 2013

Autoend task Windows 8.1

More annoyances. When I choose reboot or shutdown windows timeouts and waits for the user to actually push end tasks. This happens on most of my W8 machines.

To shutdown these apps more brutally heres another reghack.

-----autoend.reg-------------

Windows Registry Editor Version 5.00

[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"AutoEndTasks"="1"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control]
"WaitToKillServiceTimeout"="2500"

------------------eof----------------

 

References:

http://www.anushand.com/2013/02/auto-end-tasks-windows-8-at-shutdown.html

http://www.reddit.com/r/windows/comments/1936nl/waiting_for_background_programs_to_close_how_do_i/

Saturday, December 14, 2013

Windows 8.1 and the mythical WinSxS

To see the actual size of the WinSxS folder in Windows 8.1

/>dism /online /cleanup-image /analyzecomponentstore

Backups and Cache is the actual space used by WinSxS

To cleanup the folder in Windows 8.1

/> dism.exe /online /Cleanup-Image /StartComponentCleanup /ResetBase
To do it on previous versions (to w7 or vista)
/>dism /online /cleanup-image /spsuperseded
After running this command its no longer possible to uninstall updates or servicepacks. But most people don’t and if you change your mind, you can always get the msi-package and still do an uninstall.
 


References:


http://technet.microsoft.com/en-us/library/dn251566.aspx


http://technet.microsoft.com/en-us/library/dn251565.aspx

Thursday, December 12, 2013

Disable alerts

In some scenarios we don’t want our users to able to use alerts on lists or libraries on a en entire site.

Reason for this could be to simplify for the users, less clutter, or simply cause you don’t want it to be possible to put alert on sites that might carry sensitive information that shouldn’t be sent over the wire.

More and more people host their email off-premises these days and not everyone is up to speed on TLS just yet so this kind of scenarios is getting more common.

To disable Alert for an entire site:

  1. Central Administration > Application Management> Manage Web Applications >
  2. Current Site > General Settings> Alerts > Alerts on this server are = Off
  3. Verify on the site.

Changes appear immediately without any reset.

Before: image

 

After: image

References:

http://technet.microsoft.com/en-us/library/dn178511.aspx

Setting permissions on calendars

A customer want two specifik users to have edit permissions on certain users in the company. It’s many users, is a situation that might have to be done again and again.

So we use powershell for the solution.

First we created a script to check the current permissions to get a baseline of what we’re working with.

foreach ($user in get-content editcalendarusers.txt)

{

write-host "Permissions for user: $user" -foregroundcolor red -backgroundcolor yellow

get-mailboxfolderpermission ${user}:\calendar

}

Where editcalendarusers.txt is a text with one username per line. This is also a good way of validating your editcalenderusers.txt list, to catch any errors or localized boxes.

Since set-mailboxfolderpermissions only can edit existing userpermissions, not add new ones, we first need to run add-mailboxfolderpermission on our userlist. If an account already exist ps throws an error, but no changes are made. Other users already added to the permssions aren’t modified.

First script

----addperm.ps1----

foreach ($user in get-content editcalendarusers.txt)

{

add-mailboxfolderpermission ${user}:\calendar -user john.doe -Accessrights Editor

write-host "john.doe added as editor for $user."

add-mailboxfolderpermission ${user}:\calendar -user charles.doe -Accessrights Editor

write-host "charles.doe added as editor for $user."

}

-----eof-----

Second script

----setperm.ps1.

foreach ($user in get-content editcalendarusers.txt)
{
set-mailboxfolderpermission ${user}:\calendar -user john.doe -Accessrights Editor
write-host "john.doe added as editor for $user."
set-mailboxfolderpermission ${user}:\calendar -user charles.doe -Accessrights Editor
write-host "charles.doe added as editor for $user."
}

---eof-----

If the permissions already are set the second script reports this and goes on to the next line.

One error we ran into was that a few users had changed the language on their mailbox. On these we exchanged the :\calender for the correct folder. In our case :\kalender .

Now obviously we could have made this less static by adding a second loop to process the editors but in this case there were only two so it wasn’t really necessary in this case.

References:

http://technet.microsoft.com/en-us/library/dd298062%28v=exchg.150%29.aspx

Monday, December 02, 2013

Getting your own themes on Sharepoint 2013

In 2010 it was really easy to change the theme. All you needed to was open Powerpoint and make it look good there and then upload and apply the design to 2010.

In 2013 it’s been some changes, to make it less easy. Powerusers, it would seem, have no longer the trust of the Microsoft guys. It wasn’t obvious so here one way to it in 2013.

  1. Download and install Sharepoint Color Palette Tool
  2. Run Color Palette Tool, change Group By to UI Groups to make more logical.
  3. Design to your hearts content, then save file to local drive (ex mydesign.spcolor)
  4. Open Sharepoint Designer to the root of your site collection
  5. Open All Files> _Catalogs\Theme\15\
  6. Drop your mydesign.spcolor in the folder.
  7. Create a new composed look to make it easy to switch to the new design
    1. Site Settings> Web Designer Galleries> Composed Looks>new Item
    2. Point to Theme URL to your mydesign.spcolor
    3. Copy other settings from another Composed theme. Make sure you pick same Master Page as you’ve based your Color Palette theme on.
  8. Now you can pick the new theme from the current site. Note that the composed theme seems to required to be created on every subsite, unless heritage can be activated in some fashion.

 

References:

http://www.microsoft.com/en-us/download/details.aspx?id=38182 – Microsoft Sharepoint Color Palette Tool

http://en.share-gate.com/blog/create-sharepoint2013-theme-using-color-palette-tool – more detailed description on the procedure. Founders of this procedure.

Friday, November 22, 2013

SPD 2013 error workflow

Error received for no apparent reason when creating workflow.

image

Errors were found when compiling the workflow. The workflow files were save but cannot be run.

Solution:

Clear out Website caches from %username%\appdata\local\microsoft\websitecache\

Note to clear out the contents of the site folders, not the folders.

After this shut down the SPD and restarted and everything worked again.

Also deleted contents of %username%\AppData\Roaming\Microsoft\SharePoint Designer\ProxyAssemblyCache , which might contributed.

References:

http://lyndzhang.wordpress.com/2013/04/04/unexpected-error-on-server-associating-the-workflow/

http://support.microsoft.com/kb/2557533

http://geekswithblogs.net/ferdous/archive/2013/01/29/resolving-sharepoint-workflow-publish-error.aspx

Thursday, November 21, 2013

Firefox text thin and weird.

Don’t know why it happened but I had 2 minutes to look at the issue now and found a ok solution.

Solution:

Activate Clear Type Text in Windows.

Search Charm>Clear Type (Settings) activate

Do some calibration and everything looks sharp again.

Cause:

Probable the hardware acceleration feature in Firefox that messed something up.

References:

http://windows.microsoft.com/en-US/windows7/make-text-easier-to-read-using-cleartype

https://support.mozilla.org/en-US/questions/943918

Monday, November 18, 2013

Exchange connection issues

A third party application had strange issues with a new Exchange 2013 server.

Environment: Super Office 6.1, Exchange 2013, Terminal Server, Server 2003

Symtoms:

The Infobridge Synchronizer agent had issues connecting to the exchangeserver för certain users. Only strange thing we discovered was that the users that didn’t work came in the same order as the Infobridge database had structured the users. Like the first 34 worked and the the remaining 7 had ID like 34,35,36… in the dbo.

Solution:

Many conversations with Super Office, infobridge yet another consultant and the developmentdepartment,  it finally clicked

  1. On the ExchangeServer add or change the following value
  2. \\HKEY_LocalMachine\System\CurrentControlSet\Services\MSExchangeIS\ParametersSystem\
  3. Create Dword(32) value named: Maximum Allowed Sessions Per User = 250
  4. Restart Server or Information Store.

Now it’s important to note that the Exchangeserver had proper throttlingpolicies configured and didn’t alert to any events that indicated session issues.

I had similar issue when a procurve switch between an Exchange 2003 server and an office was being bonkers. That time it had to with the switch cutting of the sessions, forcing the client to initate new sessions without closing the old ones. But I really thought 2013 would be a leap forward in this sort of situation.

Why are these the default limitation on a Serversystem that should be able to support tens of thousands of users? And the do this sort of error on only 50….

References:

http://elderec.org/2011/07/exchange-2010-mapiexceptionsessionlimit-unable-to-open-message-store-2/

Tuesday, November 12, 2013

Can’t logoff user

Environment: Server 2008 Remote Desktop Services

Issue: User reports that they can’t login their account on Remote Desktop Services. They’re greated by Loading Notification Message which spins on forever.

Symptom: Disconnect removes user from session. But when logoff is tried nothing happens. Manually killing the only two processes associated with account doesn’t help (taskmgr, rdclip).

Solution:

  1. Check the session ID from Terminal Services Manager for the troubleaccount.
  2. Run Sysinternals Process Explorer (from http://live.sysinternals.com/procexp.exe)
  3. Add the Session ID to columns
  4. Kill the winlogon.exe that have the same Session ID as the troubled account.

Solved.

image

image

References:

https://forums.citrix.com/thread.jspa?threadID=258251&tstart=105&start=15

Passwordprompts when opening documents

The passwordsprompts on a sharepointserver might be considered very secure. Since you often always have to give username and passwords. This might however prevent useradoptionrate. These passwordsprompt usually make users (and admins) annoyed. I’ve authenticated already, why do this every time?

So to get rid of passwordsprompts in sharepoint verify these common configuration issues.

  • The site isn’t present in Internet Options Intranetzone. If you access server by internal name like http://myserver its their by default, but if you’re using a public address like http://myserver.mydomain.com then you need to add it manually.
  • Credentials isn’t saved. Check the Credentials manager to see if the saved passwords are stored there. If they aint there, add them.
  • Autodiscover Proxy is activated in LAN-settings in Internet Options. This might delay authenticationprocess if proxy is misconfigured internally.
  • Security level is higher than necessary in Intranet Zone. Lower it. These sites are usually pretty tightly secured anyway.
  • Wrong password in saved in credentials manager. Ok, if you save the wrong password the first time or you’ve changed the password since, you’re better of removing youre previous accounts from the credential manager and make a fresh start to sure.
  • Using Firefox you can add the sharepointserver to trusted sites in
    • about:config
    • network.automatic-ntlm-auth.trusted-uris = myserver (more than one is separated by “,”

References:

http://tech.kateva.org/2009/01/how-to-use-firefox-with-sharepoint.html

http://www.techrepublic.com/blog/smb-technologist/prevent-unwanted-credentials-prompts-with-sharepoint-document-libraries/

http://social.education.purdue.edu/edit/2011/03/sharepoint-pw-prompts/

http://www.alpineinteractive.co.uk/blog/2013/3/4/sharepoint-online-slow-opening-documents-in-windows-explorer

Monday, November 04, 2013

Error when creating document from sharepoint

Symtoms: Suddenly when trying to create new document from a sharepointlist the following message is presented instead of a new document:
image
“The Operating system is not presently configure to run this application”
Followed by another error with bull about rights and such.
Solution:
When searching the net for this error some indicators point to Office 2013 to be the culprit. Though I’m running Office 2010, I’ve installed Visio 2013. Can this be the the error?
When installing hotfix kb2726997 the error disappears. Solved. Link below.

Edit 131217: This can also happen if Sharepoint Designer 2013 is installed together with Office 2010.

References:
http://support.microsoft.com/kb/2726997/en-us

Tuesday, October 29, 2013

Making Sharepoint Search better

Method for adding more relevant refiners to search. This method is relevant when using site content types for managing documents. For example having a MyDoc-Site Content Type with Site Column Department or labeling associated. This is handy when the enduser want a more relevant query filter.

 

  1. Make sure the column you want is
    1. a. Site Column
    2. b. Indexed on the list.
  2. Site Settings>Site Collection Administration>Search Schema
  3. Choose a refinable Managed Property depending on type of content. For example refinableString01
  4. Edit Refinable
    1. a. Change Alias to something more obvious
    2. b. Mappings to crawled Property > Add a mapping
    3. i. Search for the sought after crawled property. If theres more than one, choose one without ows_q in the name.
  5. Ok.
  6. Run new crawl.

References:

http://blogs.technet.com/b/tothesharepoint/archive/2013/06/19/stage-14-configure-refiners-for-faceted-navigation.aspx

Thursday, October 24, 2013

Preserve (some) document properties

There are some properties that’s usually already bundled with your documents. Like maybe the title, author, comments and categories. Ok, usually only author and title but still.

To get pull these values along when adding a document to a document library you can add the following columns (line text)

_Commentimage

_Status

_Categories

_Author

 

Neat thing is that these properties works both ways. Edit the columns in SP and it shows up in the document properties.

 

 

 

 

References:

http://sharepoint.stackexchange.com/questions/64689/word-document-author-property-as-sharepoint-column-how

http://social.technet.microsoft.com/Forums/sharepoint/en-US/00b648dc-6b9b-420d-b9eb-6ac095f6f5b2/core-document-columns-author-and-date-created?forum=sharepointgeneralprevious

Wednesday, October 23, 2013

Check installation type

Its relevant to know what kind of installation a sharepoint server is.

For example User Profile Synchronization service is not supported in a Single Server installation, which is sort of relevant to know if troubleshooting a issue like that.

To check this on the local server:

  • SharePoint 2007: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\Web Server Extensions\12.0\WSS\ServerRole
  • SharePoint 2010: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\Web Server Extensions\14.0\WSS\ServerRole
  • SharePoint 2013: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\Web Server Extensions\15.0\WSS\ServerRole

Value can be:

  • SINGLESERVER – means this is a standalone / single server installation
  • APPLICATION – means this is an application server on a full farm installation (could also include the web front end role as well if multiple roles are used)
  • WFE – means this is a web front-end server on a full farm installation

image

References:

http://nickhobbs.wordpress.com/2013/05/18/sharepoint-how-to-check-the-sharepoint-installation-type-standalone-or-farm/

Reghacks for W8 annoyances

To get rid of the first-time-logon animation.

-----------DisableFirstLogonAnimation.reg----------

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"EnableFirstLogonAnimation"=dword:0

-----------eof----------------------------------------------------

To get rid of “Do you really want to run this file” warnings….

--------------------DisableOpenFileWarnings.reg--------------

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations]
“LowRiskFileTypes”=”.exe;.bat;.reg;.vbs;”

---------------------------------eof----------------------------------------

References:

http://social.technet.microsoft.com/Forums/windows/en-US/4c1d26e0-5d2e-487e-ab5a-7ded6d03b30c/how-to-completely-disable-the-first-logon-animation?forum=w8itprogeneral

http://www.howtogeek.com/167579/how-to-make-your-own-windows-registry-hacks/

http://www.windowsreference.com/windows-7/how-to-disable-open-file-security-warning-in-windows-7/

Tuesday, October 15, 2013

Exchange RCAMaxConcurreny

Good to know.

In Exchange 2013 the default value for RCAMaxConcurrency 40 in the default Global policy. For a user to open 29 shared calendar at least a value of 100 is recommended. Therefore for 40 shared calendars, a value of 200 should be considered.

To be applied for all users needing to many calendars at the same time.

References:

http://support.microsoft.com/kb/2299468/sv

Friday, September 27, 2013

Content refiner in Sharepoint 2010 Search

Good post about adding content refiner to the Sharepoint 2010 Search Coreresults webpart.

Now we only need to replicate this for 2013…

References:

https://www.nothingbutsharepoint.com/sites/devwiki/articles/pages/sharepoint-add-a-filter-in-the-refinement-panel-of-the-search-page.aspx

Thursday, September 26, 2013

Increase RCP connections to exchange 2013

Symtom:

Some users get error in Outlook:

Your server administrator has limited the number of items you can open simultaneously. Try closing messages you have opened or removing attachments and images from unsent messages you are composing.

usually happens when working with many calendars.

Cause:

Every calendar is one rpcconnections. The default limitation in Exchange 2013 is 40 connections per user. When having 30+ shared calenders and 2 mailboxes this limitation might occur more often than not.

Solution:

Create a new throttlingpolicy and increase allowed rpcconnections.

/> new-throttlingpolicy “mypolicy” –rcamaxconcurrency:200

/> set-mailbox john.doe –throttlingpolicy “mypolicy”

Verify policy set by:

/> get-mailbox john.doe |select throttlingpolicy

Script to apply this to many boxes:

---------------setthrottle-----------------------------

foreach ($user in get-content testusers.txt)

{

set-mailbox $user -throttlingpolicy "mypolicy"

write-host "$user is processed."

}

------------------eof---------------------

References:

http://www.msexchange.org/kbase/ExchangeServerTips/ExchangeServer2010/Monitoring/RPCClientAccessThrottlingLogging.html

http://www.kraftkennedy.com/blog/bid/102095/Exchange-2010-Notes-from-the-Field-Client-Throttling-and-Max-Concurrency

http://technet.microsoft.com/en-us/library/bb232205%28v=exchg.150%29.aspx

http://exchangemaster.wordpress.com/tag/perfmon-counters/

Set calender permissions for all users

To check permissions for calender on a user:

/> get-mailboxfolderpermission john.doe:\calender

To Set permissions for user default to reviewer on john.does calender

/>set-mailboxfolderpermission john.doe:\calendar –user Default –Accessrights Reviewer

To script this for all users

--------------SetCalendarReviewer.ps1-------------

foreach ($user in get-content users.txt)

{

set-mailboxfolderpermission ${user}:\calendar -user Default -Accessrights Reviewer

write-host "$user is processed."

}

----------------------------eof----------------------------------

It retrievs all users from test.txt which is simply one username per line.

Also below is a link to policy to always set this permission with newly created users, which I haven’t tried out yet.

References:

http://stackoverflow.com/questions/15612088/how-to-combine-variable-with-the-rest-of-the-command

http://exchangeinside.org/2013/01/set-default-calendar-permissions-for-all-new-users-to-reviewer/

http://technet.microsoft.com/en-us/library/dd351181%28v=exchg.150%29.aspx – remove-mailboxfolderpermission

http://technet.microsoft.com/en-us/library/ff522363%28v=exchg.150%29.aspx – set-mailboxfolderpermissions

Tuesday, September 24, 2013

Exchange 2013 throttling

When setting up a special user that is used to copy a lot of items we today learned about the default throttling restrictions in Exchange 2013.

Here’s so useful powershell commands for the occasion.

/>get-throttlingpolicyassociation john.doe |fl      - shows what policy is associated with account. If it’s empty it’s the global default.

To Check the current throttlingpolicies:

/>get-throttlingpolicy |fl

To create a new one and set it to unlimited

/>New-ThrottlingPolicy MyNewPolicy

/>Set-ThrottlingPolicy MyNewPolicy -RCAMaxConcurrency Unlimited -EWSMaxConcurrency Unlimited -EWSMaxSubscriptions Unlimited -CPAMaxConcurrency Unlimited -EwsCutoffBalance Unlimited -EwsMaxBurst Unlimited -EwsRechargeRate Unlimited

/>Set-Mailbox "john.doe" -ThrottlingPolicy MyNewPolicy

Goes without saying that this should be used with extreme caution.

References:

https://migrationwiz.zendesk.com/entries/22713616-How-do-I-disable-the-Exchange-2013-throttling-policy-

http://www.msexchange.org/articles-tutorials/exchange-server-2010/compliance-policies-archiving/exchange-2010-client-throttling-policies.html

Thursday, September 19, 2013

Autodiscover pains in my side.

Problem: When setting up Outlook 2007 on a Server 2003 R2 a certificate error is shown every time Outlook starts. Exchange server is 2013 and Autodiscovery is pretty much mandatory.

image

Cannot connect to proxy server. Error code 10.

Symptom:s

Certificate error is shown at startup.

In the Outlook Anywhere settings, the proxyserver settings is set to the internal servername, like myserver.mydomain.local instead of the external mail.mydomain.com. The certificate is set to the external name so its no wonder Outlook complains.

When we alter the name in Outlook Anywhere settings the Proxyerror disappears. Though after restarting outlook once or twice, the settings returns.

Now the issue here is that these settings are only incorrect if the server (or computer) is a member of the domain. If a external Outlook puts up a user, everything looks fine in the Outlook Anywhere settings.

Cause:

Then looking for autodiscover settings, Outlook always looks to the domains SCP before the dns.

Now this can be amended by changing the parameters of cmdlet set-outlookprovider

Like : set-outlookprovider expr –server mail.mydomain.com –certprincipalname msstd:mail.mydomain.com and then restarting both mailserver and clientcomputer.

People usually solve the problem when doing that, but not in my case. I blame a very old server that probably upgraded Office one time to many.

clip_image002

Solution:

In my case I had to completely bypass the Active Directory to fool the Terminal Server to look towards the DNS, where everything worked dandy.

These are the magic settings.

Navigate to HKEY_CURRENT_USER\Software\Microsoft\Office\12.0 14.0 for Outlook 2010\Outlook\AutoDiscover and create these DWORD

"PreferLocalXML"=dword:0
"ExcludeHttpRedirect"=dword:0
"ExcludeHttpsAutodiscoverDomain"=dword:0
"ExcludeHttpsRootDomain"=dword:1
"ExcludeScpLookup"=dword:1 (forces Outlook to exclude SCP object check)
"ExcludeSrvLookup"=dword:1
"ExcludeSrvRecord"=dword:1

All cred for the fix goes to hosting.intermedia.net link below. Still pasting it here just in case they drop it.

On a side note, I also installed a brand new Server 2008 R2 with Outlook 2010 and didn’t see the issue there at all. So either something broke or Outlook 2007/Server 2003 bugged out.

References:

http://blogs.technet.com/b/umutg/archive/2011/01/31/all-about-set-outlookprovider.aspx

http://ilantz.com/2009/06/18/prevent-outlook-anywhere-aka-rpc-over-http-from-being-automaticly-configured-in-exchange-2007-with-autodiscover/

https://hosting.intermedia.net/support/kb/default.asp?id=2445

Wednesday, September 11, 2013

Autodiscover

To configure autodiscover for Exchange 2013 without one of those fancy Unified Communication Certificates, use an SRV record. This will handle Out Of Office functions (and autoconfigure from Outlook at least).
Put a DNS record for the relevant domain
Type: Other>SRV
Service: _autodiscover
Port number :443
Host offering service : mail.yourdomain.com
A nice little window will popup for all Outlook users after this, urging them to allow the change. Doing so will reconfigure their local email, taking with them any local archivefiles.
All very automatic.



image 
Edit after being tried in the real world:
Ok, so it didn't really work as expected when it got deployed. If Outlook tries to reconfigure an existing account it doesn't seem to manage if the current account is in Cached Mode. Therefore it lands in temporary land. But still, thanks to this srv-record its really easy to set up the email from scratch, just enter your emailaddress and account settings and it configures mailserversettings automaticly. could have been better ms... 

Check last logon time in E2013

Ok, so gui pretty much out in Exchange 2013.
So if I want to check when users last logged on the mailbox for some reason we use powershell.
Make a script, typing is going to get old real fast.
To check latest logintime for users
-----------CheckLastlogon.ps1-------------
add-pssnapin microsoft.exchange.management.powershell.snapin
foreach ($user in get-content users.txt)
{
get-mailboxstatistics $user |select displayname,itemcount,lastlogontime,totalitemsize
}
---------------eof----------------------------------





If you want the results in a pretty displaybox, you can pipe |out-gridview like .\checklastlogon.ps1 | out-gridview.
To make the script pause after printing, add these lines:

write-host "press any key to end"
$x = $host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")

Good for those diehard powerhaters out there, or in here…
References:
http://exchangeserverpro.com/last-logon-time-exchange-2010-mailbox-users/



Monday, September 09, 2013

Changing the smtp banner in Exchange 2013

  1. Check the identity
    1. get-receiveconnector |select identity,banner
    2. The identity your looking for is “SERVERNAME\DEFAULT Frontend servername”
  2. Set banner
    1. set-receiveconnector –identity “SERVERNAME\DEFAULT Frontend servername” –banner “220 mail.yourdomain.com Microsoft ESMTP MAIL Service ready”

image

References:

www.testexchangeconnectivity.com

http://rowen121.wordpress.com/2013/01/17/how-to-modify-the-default-smtp-banner/

Friday, September 06, 2013

Using retention events as reminders

In lists, we sometimes want email reminders when something is due. Maybe a contract is about to expire. Or a folder hasn’t been touched in a long time.

Using Information Management Policies we can use a datefield to initate a move or start a workflow. All built-in, although in the enterprise version of Sharepoint 2013.

  1. Create a datecolumn in your list.
  2. Create a workflow associated with the list. For example a simple email-wf. image
  3. List>List Settings>
  4. Permissions and Management>Information Management Policy Settings>Item>Enable Retention>Add a retention state
  5. Use the created date-column or another available date column, choose action. In this case the newly created workflow.
  6. Enter a listitem which is about to expire.
  7. Testrun by running timerjobs for the specific webapplication on the sharepoint server. The relevant jobs are in Sharepoint 2013 :
    1. PolicyUpdateProcessing
    2. ExpirationProcessing
  8. After all is verified to be working, it’s a good idea to change the timerjob intervals of above jobs. Default value is only once a week. Change this to daily at the appropriate time.

The timerjobs must be run in that particular order for this to work. After they have first run, for trial and error purposes, we can remove the policy and reapply to renew the policy.

Also some handy powershell for the occasion:

/> get-sptimerjob policyupdateprocessing

/> start-sptimerjob expirationprocessing

/> set-sptimerjob expirationprocessing –schedule ”daily at 07:00”

/> set-sptimerjob policyupdateprocessing –schedule “daily at 06:00”

Note that above assumes theres only one webbapplication. When there’s more the powershell needs to be targeting that specific application. Since all applications have these timerjobs.

image

References:

http://office.microsoft.com/en-001/sharepoint-server-help/create-and-apply-information-management-policies-HA101631505.aspx - general information

http://weblogs.asp.net/spano/archive/2012/03/17/sharepoint-expiration-policy-not-working.aspx

http://technet.microsoft.com/en-us/library/ff607833.aspx - start-spadminjob - seems to start all timerjobs.

http://www.danielroot.info/2012/08/information-management-policy.html - details

http://stackoverflow.com/questions/8545161/sharepoint-2010-retention-policy-not-working

http://weekbeforenext-blog.blogspot.se/2011/06/extracting-month-and-year-from-date-and.html

http://office.microsoft.com/en-001/windows-sharepoint-services-help/examples-of-common-formulas-HA001160947.aspx

http://yalla.itgroove.net/2012/09/sharepoint-calculated-column-formulas/

http://blogs.askcts.com/2013/05/14/creating-a-timed-workflow-in-sharepoint-2010/ -

http://sarahlhaase.wordpress.com/2013/03/27/setting-up-automated-reminder-emails/

https://specmgt.wordpress.com/2011/10/26/documentexpiry/ -

Friday, August 30, 2013

Remote Desktop Services in 2012

Problem:
In a customer environment they wanted to install RDS and DC on the same server. A nice cheap solution, which have worked perfectly fine in the past. Not so anymore. In Server 2012, RDS requires by default that
  1. A domain controller is present, aka server is member of a domain
  2. the RDS role cannot be installed on the DC
Which means, you need at least two servers for a working installation?
Well no, there is apparently a official workaround from microsoft. It was not easy to find so im posting it here for future reference or until I’ve had time to try it out.
Edit:  A colleague actually tried this out on several machines and it seemed to work as expected.
Solution:
http://support.microsoft.com/kb/2833839/en-us?sd=rss - Guidelines for installing the Remote Desktop Session Host role service on a computer running Windows Server 2012 without the Remote Desktop Connection Broker role service
References:
http://www.wackytechtips.com/installing-and-configuring-remote-desktop-services-rds-on-windows-server-2012/
http://blogs.msdn.com/b/rds/archive/2013/07/09/what-s-new-in-remote-desktop-services-for-windows-server-2012-r2.aspx
http://technet.microsoft.com/en-us/library/hh831447.aspx - specs about rds 2012.
http://technet.microsoft.com/library/hh831568.aspx - deprecated
http://blogs.msdn.com/b/rds/archive/2013/03/14/what-s-new-in-windows-server-2012-remote-desktop-gateway.aspx - changes
http://blogs.technet.com/b/askperf/archive/2012/10/30/windows-8-windows-server-2012-remote-desktop-management-server.aspx - new ways of managing rds
http://www.urtech.ca/2013/02/solved-1-hour-to-install-and-configure-a-single-server-remote-desktop-services-on-server-2012/
http://social.technet.microsoft.com/Forums/windowsserver/en-US/cbffb2d4-ff9d-49ee-a9ce-a60db2262422/managing-server-2012-rds-in-a-workgroup- -
http://support.microsoft.com/kb/2833839/en-us?sd=rss&spid=16526&wa=wsignin1.0 – ms article regarding standalone rds
http://microsoftplatform.blogspot.nl/








Thursday, August 29, 2013

Previous Version stopped working on network share

Environment: Server 2003 R2

Symptoms:

No previous versions of files are found when looking from client computer on network share. Seems to be set up ok, but when looking at Task Scheduler the job shows error “Could not Start”

image

Event Viewer shows no related errors at the latest runtime.

Solution:

  1. Disable shadow copy and delete all scheduled jobs.
  2. Delete or move files starting with “d42” from folder “C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\S-1-5-18”
  3. Enable shadow copy on disks and verify that task now can be started manually.

Cause:

Might be the account originally used to create the job doesn’t exist anymore.

References:

http://support.microsoft.com/kb/822904 - 0x800700d data is invalid.

http://blogs.technet.com/b/jhoward/archive/2006/06/22/shadow-copy-failures-scheduled-task-fails-with-general-page-initialization-failed-error-0x8007000d.aspx -

http://blog.mpecsinc.ca/2007/03/windows-server-2003-attempt-to-retrieve.html

     

     

     

Tuesday, August 20, 2013

Bulk creating and removing mailboxes

To create users in Exchange 2013, when they already exist in AD this script is useful.

foreach ($user in get-content users.txt)
{
Enable-mailbox –identity mydomain\$user –database mailboxdatabase1
write-host "$user is processed."
}

Users are stored in users.txt

To only remove mailbox, but not the AD-user from exchange. This is useful when needing to redo import if something didn’t land where it should.

foreach ($user in get-content DeleteUsers.txt)
{
disable-mailbox –identity mydomain\$user -confirm:$false
write-host "$user is processed."
}

Users are stored in DeleteUsers.txt

Each line contains one username.

References:

http://technet.microsoft.com/en-us/library/jj863434%28v=exchg.150%29.aspx

Tuesday, July 09, 2013

Searching for readers

Since 1 july no more google reader. This is very sad but then hunt for a worthy replacement goes on. Unfortunately no real contender as of now, but they are starting to pop up lots of new ones. Hopefully one of these will carry the torch onwards.

I have tried and commented the following:

My goto reader is now Digg Reader. it’s a very googlesq experience sans mobile interface.

Thursday, June 20, 2013

Exchange 2013 powershell issues

newly installed exchange 2013 environment. Clean install. When running exchange-powershell gets error “connecting to remote server : access denied … fully qualified errorid : accessdenied, pssessionopenfailed.

image

Solution:

One of these…

  • Time on DC was off by 7 minutes. Corrected this
  • Applied the Cumalative Update 1 for Exchange 2013

Tried quite a few other fixes before this that didn’t work for me.

Among the most popular

  • Run "aspnet_regiis -ir" from C:\Windows\Microsoft.NET\Framework(64)\v4.0.30319 to register ASP.NET 4.0. – didn’t work for Server 2012
  • Added powershell 2.0 and dotnet 3.5 frameowork features
  • Activated wsman module from powershell virtuel catalogue in iis
  • ran proxy reset > netsh winhttp reset proxy
  • ran set-user administrator –remotepowershellenabled

See links below.

References:

http://www.microsoft.com/en-us/download/details.aspx?id=38176 – cumulative update 1 for exchange 2013

http://social.technet.microsoft.com/Forums/exchange/en-US/09def496-1998-4b56-bae4-8d3675d18a30/exchange-2013-powershell-error

http://social.technet.microsoft.com/Forums/exchange/en-US/aa3c936f-bec1-4e24-b38f-81685df718c7/exchange-management-shell-fails-to-connect-to-exchange-server-2013 - .

http://dbanda.blogspot.se/2013/05/problem-with-exchange-2013-management.html

http://blogs.technet.com/b/exchange/archive/2010/02/04/3409289.aspx

http://technet.microsoft.com/en-us/library/dd351136.aspx - Troubleshooting the Exchange Management Shell

http://social.technet.microsoft.com/Forums/exchange/en-US/d50f27d0-9395-40af-94bb-a7320f7e8ef0/unable-to-connect-to-local-exchange-2013-server-when-opening-exchange-management-shell - .

http://blogs.technet.com/b/exchange/archive/2013/04/02/released-exchange-server-2013-rtm-cumulative-update-1.aspx - cu1 update.

http://stackoverflow.com/questions/12411046/error-connecting-to-exchange-server-remotely-via-powershell

http://technet.microsoft.com/en-us/library/dd335083%28v=exchg.150%29.aspx – what needs to run powershell remote.

http://blog.subvertallmedia.com/2013/01/30/cant-open-exchange-shell-or-console-because-of-kerberos-authentication-error/ - very promising solution.

Thursday, June 13, 2013

Removing a vm from hyper, forcefully

When moving around vhdx-files for Hyper-V machines the machine might get in a disconnected mode. Words like catastrophic failure and disconnected state where thrown around.

Well, Ive removed the files. I know nothing important is missing and I just want the vm gone from my HyperV Manager Console.

Didn’t work with powershell, remove-vm –name “bloodymachine” , gets error about state. This worked though:

  1. Stop Hyper-V services from HyperV Manager
  2. Go to : C:\Programdata\microsoft\windows\hyper-v\virtual machines and delete the GUID that is associated with the machine. If you don’t know find the GUID, just check created date. Really only recommended in a lab-environment.
  3. Start Hyper-V services and the menacing machine is vanquished

For really finding out GUID check out references

References:

http://blogs.technet.com/b/m2/archive/2008/07/04/how-to-get-the-bios-guid-from-a-hyper-v-vm.aspx?ppud=4&wa=wsignin1.0 – finding out GUID HyperV

http://www.petri.co.il/get-hyper-v-virtual-machine-process-id-and-guid.htm – more GUID exploration guides.

http://ashwaniashwin.wordpress.com/2013/04/17/hyper-v-error-while-deleting-virtual-machine-the-operation-cannot-be-performed-while-the-object-is-in-its-current-state/

Wednesday, June 12, 2013

Cancel juniper reboot

To remove scheduled reboot from a screenOS Juniper/Netcreen device

/>Get timer (take not of ID of task that is to be cancelled)

/> Unset timer 0 (where 0 is the id from above)

References:

http://kb.juniper.net/InfoCenter/index?page=content&id=KB5750

Refs or no refs

Should we start to use refs on ours filesystems?

Maybe, but not if any of the following true.

  • It’s a domain controller – Refs doesn’t support hard links among other things.
  • SQL Server – missing features like dbcc checkdb and snapshots.
  • HyperV – missing features like integrity streams on vhdx
  • It’s a bootpartition

Also there a few posts out there that have experienced problems with not being able to access refs-volumes after sudden power losses.

Why do we event want to use refs then?

  • Refs handles corrupted files better
  • Doesn’t need to use checkdisk anymore.

I think I’ll stick to ntfs for a little while longer…

References:

http://www.unitrends.com/hyper-v-backup/refs-generation-file-system-part-1/

http://www.petri.co.il/4-reasons-refs-is-better-than-ntfs.htm

http://windowsitpro.com/hyper-v/dont-use-refs-hyper-v

http://social.technet.microsoft.com/Forums/en-US/winserver8gen/thread/b14ddfe9-c31b-4dd8-a459-b177e355bdb1

http://www.aidanfinn.com/?p=13245

Tuesday, June 04, 2013

Performance Point Services from scratch

Symptoms:
When trying to access sharepoint from Dashboard Designer error is thrown.
image or
image
Solution:
Make sure these are installed:
From SQL Server 2012 Feature pack:
 -  Microsoft® SQL Server® 2012 ADOMD.NET and
 -  Microsoft® Analysis Services OLE DB Provider for Microsoft® SQL Server® 2012
From SQL Server 2008 R2:
 -  Microsoft® SQL Server® 2008 R2 ADOMD.NET and
 -  Microsoft® Analysis Services OLE DB Provider for Microsoft® SQL Server® 2008 R2

Make sure all these things are configured.
1. Start Secure Store Service
a. Central Administration> Application Management> Manage Services on Server> Secure Store Service > Start
2. Run iisreset
a. Cmd > iisreset
3. Create new Secure Store Service
a. Central Administration>Application Management> Manage Service Applications > New Secure Store Service (default settings)
4. Generate Key for Secure Store Service.
a. Central Administration>Application Management>Manage Service Applications> Secure Store Service (created above) Generate New Key
i. Use passphrase: P@ssw0rd! (optional)
5. Refresh Key for Secure Store Service.
a. Central Administration>Application Management>Manage Service Applications> Secure Store Service (created above)>Refresh Key
6. Create domain user :adventureworks\sp_unattend
a. Using Active Directory Users and Computers>New User sp_unattend with password: P@ssw0rd!
7. Create SQL Login, add db_datareader perm for sp_unattend
a. Using SQL Management Studio >Security>Logins>New Login> Loginname: Sp_unattend (or search for it)
b. User Mapping> db_datareader for all databases needed
8. Create new Performance Point Service
a. Central Administration>Application Management>Manage Service Application>New Performance Point Service Application
i. Add this service applications proxy to farm default
ii. Other Default or new application pool if needed.
9. Configure Performance Point Service, add Unattended Account.
a. Central Administration>Application Management>Manage Service Application>Performance Point Services(created above)>PerformancePoint Service Application Settings> Add adventureworks\sp_unattend as unattended service account
10. Optional Restart Server or IISReset again if any problems.
Note that if server has less than 4GB available this might not work and result in eventid3 >WebhostFailedToProcessARequest
References:
http://technet.microsoft.com/en-us/library/ee748643.aspx
http://blogs.msdn.com/b/performancepoint/archive/2009/11/24/deploying-performancepoint-2010-soup-to-nuts.aspx - good site for config .secure services

http://www.microsoft.com/en-us/download/details.aspx?id=1697 - SQL Server 2008 R2 Feature pack

http://www.microsoft.com/en-us/download/confirmation.aspx?id=29065  - SQL Server 2012 Feature pack

http://bhavikmerchant.wordpress.com/2012/12/08/setting-up-a-sharepoint-2013-bi-demo-vm/ - more detailed guide