Archive for Walkthrough

Installing SharePoint Server 2013 on Windows 2012 and SQL 2012

Ensure you have the following before getting started

Setup a basic Windows 2012 Server no frills required.

Setup a basic SQL 2012 instance or SQL 2008 R2 SP1

Create a domain service account with DBcreator and SecurityAdmin rights on SQL 2012 Instance

Download SharePoint Server 2013 from MSDN

*Change IMG to ISO to mount using Hyper-V

Run the pre-requisites tool

Click Next

Accept the terms and of the Licence Agreements and click Next

Server might need a restart, click Finish and the server will reboot.

After the server has rebooted you will be greeted with the above window which will continue the pre-requisite installation

Once this has completed successfully click Finish and Reboot

Go to your SharePoint Server 2013 server image location and run Setup as Administrator by right clicking on Setup.

Click Yes

If you have not yet rebooted after the Prerequisites installation you will need to reboot before the installation can complete

Add the SharePoint 2013 Server Key

6RNT8-XV26M-GWH36-VMGQH-94MMH

Accept the terms of the agreement

I have decided to install a complete solution onto a pre-existing SQL instance

The installation will begin and finish quickly -+3 minutes

After the installation a configuration is required.  Click close to continue with the SharePoint Products Configuration Wizard

Click Next

Click Yes

Create a new server farm and click next

Add the Database server alias/instance

Add the SharePoint Config Database name

Add the Username provisioned earlier with the DBcreator and SecurityAdmin rights

Supply the password and click next

The next setup is to add a Farm Password

I like to specify a manual port number in order to access the Central Administration from any machine and 2723 is my signature deployment port.  Click next to continue to the installation

This took -+ 10 minutes, I would recommend a drinks break at this point.

Once this has been click Finish

This should open up the following Central Administration view.

Complete!

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Post to Twitter

Setting up Forms based authentication for SharePoint 2010 Foundation

This looks straight forward if you follow this Technet article http://technet.microsoft.com/en-us/library/ee806882.aspx

Which uses the following assembly

Microsoft.Office.Foundation.Security.LdapMembershipProvider

However it is all a LIE!  There is no such assembly for SharePoint 2010 Foundation and therefor you need to use the following instead.

System.Web.Security.ActiveDirectoryMembershipProvider 

After creating your Claims-Based Authentication Web Application follow the steps below to create FBA for SharePoint 2010 Foundation

Step 1 – Configure Central Adminisrtation web.config

Start IIS Manager by typing INETMGR at a command prompt.

Go to the SharePoint Central Administration site in IIS.

Right-click SharePoint Central Administration and then click Explore.

Open the Web.Config file.

outside of the </sharepoint></system.web> paste the following

*remember to change the name and connectionstring to conform to your settings.


<connectionStrings>
<add name="LDAPConnection"
connectionString="LDAP://domain.co.za/DC=domain,DC=co,DC=za" />
</connectionStrings>

within <system.web><membership></system.web>


<membership defaultProvider="LDAPMembers">
<providers>
<add name="LDAPMembers"
type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="LDAPConnection"
enableSearchMethods="true"
attributeMapUsername="sAMAccountname" />
</providers>
</membership>

Step 2 – Configure Secure Token Service web.config 

Start IIS Manager by typing INETMGR at a command prompt.

Go to the SharePoint Web Services site.

Go to the SecurityTokenServiceAppliction sub-site.

Right-click SecurityTokenServiceAppliction and then click Explore.

Open the Web.Config file.

Update the web.config above the </configuration> </system.net> right at the end of the file.

*remember to change the name and connectionstring to conform to your settings.

</system.net>
<connectionStrings>
<add name="LDAPConnection"
connectionString="LDAP://domain.co.za/DC=domain,DC=co,DC=za" />
</connectionStrings>
<system.web>
<membership defaultProvider="LDAPMembers">
<providers>
<add name="LDAPMembers"
type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="LDAPConnection"
enableSearchMethods="true"
attributeMapUsername="samaccountname" />
</providers>
</membership>
</system.web>
</configuration>

Step 3 – Configure Web Application web.config

Start IIS Manager by typing INETMGR at a command prompt.

Go to the Claims Forms site.

Right-click Claims Forms and then click Explore.

Open the Web.Config file.

Update the web.config outside of the </sharepoint></system.web>

*remember to change the name and connectionstring to conform to your settings.


<connectionStrings>
<add name="LDAPConnection"
connectionString="LDAP://domain.co.za/DC=domain,DC=co,DC=za" />
</connectionStrings>

Add the below configuration under <add name=”i” type=”Microsoft.SharePoint.Administration.Claims.SPClaimsAuthMembershipProvider, Microsoft.SharePoint, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c” />


<add name="LDAPMembers"
type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="LDAPConnection"
enableSearchMethods="true"
attributeMapUsername="samaccountname" />

Step 4 – Configure Claims-based web application

Central Administration > Manage Web Application > Select the web application > Authentication Providers > Default

  • Check Enable Forms Based Authentication (FBA)
  • Add “LDAPMembers” to ASP.NET Membership Provider name

Post to Twitter

Lync for Android

Recently I installed Lync for Android on my Samsung Galaxy Note leveraging my company’s office 365 service.  It didn’t go exactly smoothly and I thought it would be best if I shared my experience.

First things first download Lync for Android here (https://market.android.com/details?id=com.microsoft.office.lync) or search for it via Market on your phone.

Once Lync has been downloaded and installed, start it up, you will be presented with the following screen.

Simply add in your credentials to sign in.

*I added my domain credentials using Office 365 Single Sign on.  I will blog about that later.

If you see the following error “Can’t connect to server. It might be unavailable. Also check your network connection, sign-in address and server address”

To resolve this issue turn off Auto-Detect server and manually add in the Lync Discovery Address or SIP address https://sipdir.online.lync.com:443 for both external and internal, unless you have an internal WiFi and on premise Lync Server, then you would need to use that URL instead. The reason for adding this in manually if because your DNS settings are either not correct or have not propagated yet. Check out this guide for help.

Lync should now connect and prompt you with the following screen

Click Next

Add in your telephone number including country code and click next

You should be All Set!

Once you are in the Lync console you will be able to see “My Info”, “Contacts” and “Chats”

Chats is a very easy and cool way to chat to other Lync users, on the move!

Post to Twitter

Rugby World Cup 2011 SharePoint Site Template

I had an idea today on the way to work that SharePoint 2010 could be used to follow the Rugby World cup 2011. This site can be used by many different organizations hence the reason I am giving it away for free 🙂

Basically the site has all the teams and their match fixtures for users to follow the games. Whats more is users can get to vote on the outcome of each game and have on going discussions about the results.

Hopefully this will just add to your current SharePoint 2010 ROI or boost End user adoption

Check it out here http://www.bradg.co.za/rwc.zip

Post to Twitter

Enable Kerberos Logging

If you ever require the need to enable Kerberos logging because you have configured your SharePoint farm to use Kerberos or have an application that uses Kerberos like K2 you will need to Enable Kerberos logging.

Start Registry Editor by running ‘regedit’
Add the following registry value

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsaKerberosParameters

Registry Value: LogLevel
Value Type: REG_DWORD
Value Data: 0x1

If the Parameters subkey does not exist, create it.

Post to Twitter

SharePoint 2010 security token expiration date

In SharePoint 2010 when one uses Forms based authentication or NTLM and the popup box for credentials has a “Sign me in automatically” or “Remember my credentials” and one checks the tick box available you would think this would now log you on for the rest of time. However by default SharePoint 2010 security token expires on the client side machine after 24 hours.

To increase the security token expiration date on SharePoint 2010 one needs to run the following command from SharePoint PowerShell


$sts = Get-SPSecurityTokenServiceConfig
$sts.WindowsTokenLifetime = (New-TimeSpan -Day 365)
$sts.FormsTokenLifetime = (New-TimeSpan -Day 365)
$sts.Update()
Iisreset

Note that this will change the token to expire of 365 days for both Forms and NTLM.

Post to Twitter

SharePoint 2010 Application Pool GUIDs

SharePoint 2010 has some rather strange application pool guids.  The GUIDS are unique to each enviroment and therefore allmost impossible to tell what they are on face value.  This causing some issues when troubleshooting, so here is a quick guide to figure out what the Applications Pool GUID’s actually are.

In SharePoint Management Shell (Powershell) run the following command

Get-SPServiceApplicationPool

This will return the following

</p>
Name                                     ProcessAccountName
----                                     ------------------
BusinessDataConnect                      DOMAINsp2010.bcsserv
ManagedMetadataService                   DOMAINsp2010.mmdserv
PerformancePoint                         DOMAINsp2010.perfpnt
SearchAdmin                              DOMAINsp2010.searchapp
SearchQuery                              DOMAINsp2010.searchquery
SecureStoreService                       DOMAINsp2010.secstore
SecurityTokenServiceApplicationPool      DOMAINsp2010.apppool
SharePoint Web Services Default          DOMAINsp2010.farm
SharePoint Web Services System           DOMAINsp2010.farm
User Profile Service                     DOMAINsp2010.userprof
VisioGraphics                            DOMAINsp2010.visioserv
WebAnalyticsServiceApplication           DOMAINsp2010.webanserv
WordAutomationService                    DOMAINsp2010.wordauto
<p>

To find the GUID run the following

Get-SPServiceApplicationPool | select Id, Name
</p>
<p>Id                                      Name<br />
--                                      ----<br />
9b3d53c7-fa8d-4448-93a9-8d400831ad74    BusinessDataConnect<br />
cbef2e49-25d2-4ca8-91fb-8c71a40742de    ManagedMetadataService<br />
24fccf54-c7ec-41ae-b016-f277e1b42e81    PerformancePoint<br />
c108b149-9696-4b13-8ca0-90b8bb8d050c    SearchAdmin<br />
ee40e2b9-d21c-4831-b24e-be67896f47ba    SearchQuery<br />
c5793f1a-7498-45a9-8472-ddfe7f26a74a    SecureStoreService<br />
3e6d3d36-0d29-4570-8724-88bd440cdcac    SecurityTokenServiceApplicationPool<br />
e68de5b9-1af9-4aaa-9b36-bc3ddbb83a18    SharePoint Web Services Default<br />
1e6817d2-2f13-4e6a-9554-4887fb105836    SharePoint Web Services System<br />
1e99faf7-e990-4f6b-8a9b-4dc72498aef4    User Profile Service<br />
15565b3f-18a0-49cc-9924-478907b0e319    VisioGraphics<br />
616ea3be-65d9-499a-aec2-c0de8279de90    WebAnalyticsServiceApplication<br />
aa6062de-816f-4213-9cec-d41cd5c909f2    WordAutomationService</p>
<p>

More info can be found at Harbar’s blog

http://www.harbar.net/archive/2009/12/04/more-on-sharepoint-2010-application-pools.aspx

Post to Twitter

How to transfer the logins and the passwords between instances of SQL

When you need to create a development enviroment of a production SQL box and you have SQL logins to your databases you need to recreate them on your dev enviroment.  It takes way to long to recreate each user so just take the steps below and you should be done in 5 minutes.

Microsoft explains it simply enough from here http://support.microsoft.com/kb/918992/

Take the below code and run it against the instance of SQL you want to copy the logins from.


USE master

GO

IF OBJECT_ID ('sp_hexadecimal') IS NOT NULL

  DROP PROCEDURE sp_hexadecimal

GO

CREATE PROCEDURE sp_hexadecimal

    @binvalue varbinary(256),

    @hexvalue varchar (514) OUTPUT

AS

DECLARE @charvalue varchar (514)

DECLARE @i int

DECLARE @length int

DECLARE @hexstring char(16)

SELECT @charvalue = '0x'

SELECT @i = 1

SELECT @length = DATALENGTH (@binvalue)

SELECT @hexstring = '0123456789ABCDEF'

WHILE (@i <= @length)

BEGIN

  DECLARE @tempint int

  DECLARE @firstint int

  DECLARE @secondint int

  SELECT @tempint = CONVERT(int, SUBSTRING(@binvalue,@i,1))

  SELECT @firstint = FLOOR(@tempint/16)

  SELECT @secondint = @tempint - (@firstint*16)

  SELECT @charvalue = @charvalue +

    SUBSTRING(@hexstring, @firstint+1, 1) +

    SUBSTRING(@hexstring, @secondint+1, 1)

  SELECT @i = @i + 1

END

SELECT @hexvalue = @charvalue

GO

IF OBJECT_ID ('sp_help_revlogin') IS NOT NULL

  DROP PROCEDURE sp_help_revlogin

GO

CREATE PROCEDURE sp_help_revlogin @login_name sysname = NULL AS

DECLARE @name sysname

DECLARE @type varchar (1)

DECLARE @hasaccess int

DECLARE @denylogin int

DECLARE @is_disabled int

DECLARE @PWD_varbinary  varbinary (256)

DECLARE @PWD_string  varchar (514)

DECLARE @SID_varbinary varbinary (85)

DECLARE @SID_string varchar (514)

DECLARE @tmpstr  varchar (1024)

DECLARE @is_policy_checked varchar (3)

DECLARE @is_expiration_checked varchar (3)

DECLARE @defaultdb sysname

IF (@login_name IS NULL)

  DECLARE login_curs CURSOR FOR

      SELECT p.sid, p.name, p.type, p.is_disabled, p.default_database_name, l.hasaccess, l.denylogin FROM

sys.server_principals p LEFT JOIN sys.syslogins l

      ON ( l.name = p.name ) WHERE p.type IN ( 'S', 'G', 'U' ) AND p.name <> 'sa'

ELSE

  DECLARE login_curs CURSOR FOR

      SELECT p.sid, p.name, p.type, p.is_disabled, p.default_database_name, l.hasaccess, l.denylogin FROM

sys.server_principals p LEFT JOIN sys.syslogins l

      ON ( l.name = p.name ) WHERE p.type IN ( 'S', 'G', 'U' ) AND p.name = @login_name

OPEN login_curs

FETCH NEXT FROM login_curs INTO @SID_varbinary, @name, @type, @is_disabled, @defaultdb, @hasaccess, @denylogin

IF (@@fetch_status = -1)

BEGIN

  PRINT 'No login(s) found.'

  CLOSE login_curs

  DEALLOCATE login_curs

  RETURN -1

END

SET @tmpstr = '/* sp_help_revlogin script '

PRINT @tmpstr

SET @tmpstr = '** Generated ' + CONVERT (varchar, GETDATE()) + ' on ' + @@SERVERNAME + ' */'

PRINT @tmpstr

PRINT ''

WHILE (@@fetch_status <> -1)

BEGIN

  IF (@@fetch_status <> -2)

  BEGIN

    PRINT ''

    SET @tmpstr = '-- Login: ' + @name

    PRINT @tmpstr

    IF (@type IN ( 'G', 'U'))

    BEGIN -- NT authenticated account/group

      SET @tmpstr = 'CREATE LOGIN ' + QUOTENAME( @name ) + ' FROM WINDOWS WITH DEFAULT_DATABASE = [' + @defaultdb + ']'

    END

    ELSE BEGIN -- SQL Server authentication

        -- obtain password and sid

            SET @PWD_varbinary = CAST( LOGINPROPERTY( @name, 'PasswordHash' ) AS varbinary (256) )

        EXEC sp_hexadecimal @PWD_varbinary, @PWD_string OUT

        EXEC sp_hexadecimal @SID_varbinary,@SID_string OUT

        -- obtain password policy state

        SELECT @is_policy_checked = CASE is_policy_checked WHEN 1 THEN 'ON' WHEN 0 THEN 'OFF' ELSE NULL END FROM sys.sql_logins WHERE name = @name

        SELECT @is_expiration_checked = CASE is_expiration_checked WHEN 1 THEN 'ON' WHEN 0 THEN 'OFF' ELSE NULL END FROM sys.sql_logins WHERE name = @name

            SET @tmpstr = 'CREATE LOGIN ' + QUOTENAME( @name ) + ' WITH PASSWORD = ' + @PWD_string + ' HASHED, SID = ' + @SID_string + ', DEFAULT_DATABASE = [' + @defaultdb + ']'

        IF ( @is_policy_checked IS NOT NULL )

        BEGIN

          SET @tmpstr = @tmpstr + ', CHECK_POLICY = ' + @is_policy_checked

        END

        IF ( @is_expiration_checked IS NOT NULL )

        BEGIN

          SET @tmpstr = @tmpstr + ', CHECK_EXPIRATION = ' + @is_expiration_checked

        END

    END

    IF (@denylogin = 1)

    BEGIN -- login is denied access

      SET @tmpstr = @tmpstr + '; DENY CONNECT SQL TO ' + QUOTENAME( @name )

    END

    ELSE IF (@hasaccess = 0)

    BEGIN -- login exists but does not have access

      SET @tmpstr = @tmpstr + '; REVOKE CONNECT SQL TO ' + QUOTENAME( @name )

    END

    IF (@is_disabled = 1)

    BEGIN -- login is disabled

      SET @tmpstr = @tmpstr + '; ALTER LOGIN ' + QUOTENAME( @name ) + ' DISABLE'

    END

Then once that has completed run the following command in the same query window


EXEC sp_help_revlogin

SQL will create a script that you need to copy and then paste into a query on the other SQL instance and run.

Post to Twitter

How to reboot a remote Windows Server the right way

This is the scenario, you have updated a few items on a remote server and the machine requires a reboot. You say “Yes” to the reboot and windows close and you are left with a blank screen thinking the server is doing its thing. Minutes later you ping the machine it looks like it is back up and you cannot connect. You try to connect to the server via RDP without success; you try to connect via management console without success. You end up calling onsite support to power off the machine after an hour of waiting.

Here is a good way to avoid this in future.

Never click “Yes” to a reboot now option given after an installation, rather finish up everything and close all windows manually.

With Windows Server 2003 Right click on Computer in the Start menu and click Manage

Right Click Computer Management and click Properties

Click advanced tab and Settings under Startup and Recovery

Click Shut Down

Select Restart under Action and Always under Force Apps Closed. (Bear in mind you might lose data this way so ensure everything you want closed is closed and saved.)

With Windows Server 2008 you don’t have the option of doing this so open up Powershell and run the below oneliner script, you can do this on a remote machine as long as you have administrator rights on the server you are trying to reboot. You could also do this for Windows 2003!

(gwmi win32_operatingsystem -ComputerName MyServer).Win32Shutdown(6)

Change “MyServer” to the servername you want to reboot.

Post to Twitter

SharePoint 2010 Hide left quick launch navigation bar

So you chose a SharePoint 2010 template and everything is working out besides the fact that you cannot get rid of the left quick launch navigation bar. Dont stress, this site has a load of great tips and tricks to get you on your way http://erikswenson.blogspot.com/2010/01/sharepoint-2010-base-css-classes.html

Hiding the left quick launch navigation bar is easy. Add a Content Editor WebPart (CEWP) to your site and add the following code by editing the HTML source of the WebPart

<Style> 
body #s4-leftpanel 
{ 
display: none; 
} 
.s4-ca 
{ 
margin-left: 0px; 
} 
</style> 

Set the WebPart to hidden and once you save the page the left quick launch navigation bar will disappear

Post to Twitter