Thursday, August 27, 2009

4th release of the SharePoint administration kit

A new release of the SharePoint administration kit is now available – some very cool new stuff in there:

  • Update to the SharePoint diagnostics tool – check out SharePoint Diagnostics Tool (SPDiag) details on Technet.
  • A number of Security Reporting tools added to report on broken security inheritance, check effective permissions and permission set inheritance
  • Updates to stsadm to enhance quota management
  • Security configuration wizard manifests for SharePoint Server 2007 and Windows SharePoint Services 3.0


SharePoint as a development platform - 7 reasons why I like it ...

I already talked about why some people don't like SharePoint. Now let's talk about why I like it:

  1. 1. SharePoint is a great site templating engine - you can built a certain template once and next kick it off to your end users so that they can built thousands of sites/workspaces with it. Remember to take a look at SharePoint – it’s all about making the right design choices – when to use custom site definitions before you start clicking around creating templates though.
  2. 2. It's all about Features - Once you grasp the concept of SharePoint features you can go ahead and built whatever you want on SharePoint. SharePoint is both a product and an application platform. The modularity of these features and the possibility to activate them later on in a project make SharePoint an interesting platform for agile development. Check out Features in MOSS 2007 and WSS 3.0 for additional details.
  3. 3. SharePoint solutions to make your admin your friend – From time to time, you will see some friciton between developers and operations people. Developing something is not that hard but then you need to get it deployed. In custom development this is one of the tasks which is quite often hugely underestimated. For SharePoint developers it is kind of mandatory to think about how to deploy stuff since there are a lot of files going in a lot of different places on your server. Once you get the hang of building SharePoint solution file for your customizations, everything will get deployed quite nicely on your whole farm.  Take a look at the ten commandments for SharePoint development – SharePoint solution deployment is mentionned twice and not in vain.
  4. 4. InfoPath 2007 and Forms Services are great - it is amazing how easy it is to build electronic forms using InfoPath 2007 and then distribute them to your end users using browser-enabled forms. Quick warning though: deployment may be tricky and some manual steps will be required from your admin. Let’s hope that the story gets better in SharePoint 2010.
  5. 5. Strong integration with Office 2003/2007 - the things which you get for free in SharePoint are amazing. Integrated editing of Office documents, easy exports of SharePoint lists to Excel, taking documents offline in Outlook (2007 version only ...), two way sync of contacts and tasks in Outlook (again 2007 version only …). Remember Office is one of the most used applications worldwide so think about the integration story.
  6. 6. Easy branding and custom layouting  - yes, there are some obstacles with regards to SharePoint branding –the master pages built in are not a good starting point and the CSS files might seem a bit bloated. But still – changing the look&feel is still quite easy.  Learn to Know your master pages inside out.
  7. 7. I don’t have to write code for everything – when building something in SharePoint you don’t need write code for everything. This might seem shocking to some devs … take a look at Demo: a six-part series on getting the most out of SharePoint Designer. …  I expect quite a lot of improvement in this area with SharePoint Designer 2010.

Tuesday, August 25, 2009

Removing hiberfil.sys on Windows Server 2008

One of the things I found out when using Spacesniffer was that there existed a big hidden file on my Windows Server 2008 system drive called hiberfil.sys. Apparently when you hibernate your computer, Windows saves the contents of the system's memory to the hiberfil.sys file. As a result, the size of the file is as big as the amount of physical memory present. Since I allocated 6 GB RAM to my virtual Windows Server 2008 – the file was a whopping 6GB big ….

Now to remove it – open command prompt (remember to use the run as administrator option) and type powercfg.exe /h off.

For some background info check out KB920730 – How to disable and re-enable hibernation on a computer that is running Windows Vista.

Analyzing disk space with Spacesniffer

Virtual disks seem to have a tendency to fill up faster then expected sometimes. So today I found myself without disk space on my system disk of one of my virtual machines. Since I was not really sure what was occupying so much space I searched the web for some analysis tool and I downloaded Spacesniffer – this is definitely the coolest little utility I have seen for quite a while…and it works like a charm even on Windows Server 2008. Completely free…

Monday, August 24, 2009

Changes in Workflow Foundation 4.0

If you plan to start writing workflows using Workflow Foundation 3.5 (or 3.0 for that matter) definitely take a look at the following links. There are quite a few architectural changes in Workflow Foundation 4.0 so beware:

3 interesting facts about SharePoint user profiles

1. If you need to import user profiles from Active Directory – read this Support KB -How to import user profile information of enabled user accounts from Active Directory to SharePoint Portal Server 2003 or Office SharePoint Server 2007To import user profile information of only user accounts that are enabled, use the (&(objectCategory=person)(objectClass=user)( !(userAccountControl:1.2.840.113556.1.4.803:=2))) LDAP search filter.

2. Users which are disabled will be added to the “Profiles missing from import” view after the import has run again. Here you can manually delete them, you can also wait for three full imports – see for more details.

3. There is an interesting tool which allows you to populate your SharePoint Server user profile database using basic XML files as source on Codeplex  MOSS 2007 utility for import/export of user profiles. Also check out the codesample about how you can automatically create my sites as well as the information about using powershell to set up SharePoint user profiles

Tuesday, August 18, 2009

Troubleshooting WCF on Windows Server 2008

Recently I had to check some webparts which are using WCF services and which were deployed on Windows Server 2008. The only thing to check was this nice cryptic error message:

TCP error code 10061: No connection could be made because the target machine actively refused it

I finally got this working … but still the troubleshooting steps might be interesting:

  • First thing to notice – the WCF service installed under port 32845 and when I looked at the bindings in IIS it was using net.tcp.
  • Check if the necessary Windows Server 2008 features are installed using the Server Manager:
    • WCF activation
      • HTTP activation
      • Non-http activation
  • Next check – the IIS 7.0 website hosting the WCF services – if you look at the UI – you will notice this strange “?” icon on top of the site. Unfortunately this does not mean that there is something wrong with the site hosting– in this case it just points to the fact that you have multiple bindings for different protocols.

    If you look at the status screen (Click on sites) you will probably see “Unknown” for the net.tcp protocol. This is not a problem – just check that the web site is started.

  • Right click the website which is hosting the WCF services and select Manage website> Advanced settings and check if tcp is an enabled protocol.

    For some info about how to do this in Vista check out see How to: Install and Configure WCF Activation Components - On Windows Server 2008 you can everything through the UI – so you don’t need the command line scripts – as outlined before
  • Take a look at  Checklist: Use TCP Port Sharing to Allow Multiple WCF Applications to Use the Same TCP Port
  • Check the firewall settings on Windows Server 2008 – Go to Server Manager > Configuration, here you will see Windows Firewall with advanced properties. Make sure that you have the correct and inbound rules… (or disable them just to troubleshoot)
  • Make sure that the Net.TCP listener adapter and Net.TCP Port Sharing Services are running (Server Manager > Server Roles > Application Manager)

    As a matter of fact, it was this last setting in combination with the firewall settings which caused my WCF services to fail

Related reading:

Monday, August 17, 2009

Playing around with Powershell and SharePoint user profiles

First thing to note when playing around with SharePoint and Powershell is that you will probably need to load a number of extra assemblies (For some background check out Load an assembly in Powershell).


Next if you want to manipulate SharePoint user profiles using Powershell you might want to take a look at Creating and updating  user profile properties in SharePoint using Powershell

Now an interesting concept would be to use a XML file as a source for creating SharePoint user profiles – take a look at Processing XML with Powershell to get going. So basically if you want to build a reusable powershell script for creating user profiles you will need two parameters – the XML file and the name of the SSP. By adding in some extra functions and using the power of piping (See Piping and Pipeline in Powershell) you will have a very powerfull powershell script with only limited code.

$userprofileproperties = get-xml $xmlFile

$context = [Microsoft.Office.Server.ServerContext]::GetContext($sspName)
$profileManager = new-object Microsoft.Office.Server.UserProfiles.UserProfileManager($context)

$userprofileproperties.userprofileproperties.userprofileproperty | foreach { checkIfExists $_.Name $profileManager }
$userprofileproperties.userprofileproperties.userprofileproperty | foreach { createProperty $_ $profileManager $context }

PS I’m not going to give you all the code but the code snippets above should get you going. Credits go to Jeroen for writing these nifty lines of powershell.

Sunday, August 16, 2009

SharePoint and the 2000 security principal limit

Update 17/8: apparently my explanation was not that clear so I added some extra details

An  important thing to remember is the fact that SharePoint scales through the use of site collections. So if you have a fairly large implementation of SharePoint you will be typically using multiple site collections.

One of the things which has caused some serious problems in the past – but is not that clearly documented is the 2000 security prinicipals limit per site collection.

If you read through Plan for software boundaries – you see this

Security principal

Approximately 2,000 per ACL (Access Control List) on any securable object (scope)

The total size of the ACL on scopes can be no larger than 64kb. Because each security principal is approximately 32 bytes in size, there can be no more than approximately 2,000 security principals or less for each scope.  If this limit is reached, indexing of items in that scope, and all items below that scope, to fail.

Also, because SharePoint Groups are expanded during the indexing process, having more than 2,000 users or Directory Groups in a SharePoint group and using that group for securing scopes may cause indexing of items secured with these groups, and all items below them, to fail.

The scope they are talking about is according to me - site collection level. Every time you secure something in a site collection – meaning you assign a security principal (for developers –a SPPrincipal object) with it’s permissions set to a site, or a specific library/list or even to an individual document/item, an entry is added to a list of security principlas at site collection level.  It is this list of security principals which has a limit of 2000 entries.

So no troubles if you are using 40 distinct Active Directory groups all over the places to assign security in thousands of individual documents – but when you are using more then 2000 individual users which are assigned a permission directly in one or more places within a site collection – you will get into trouble. There is no problem with Active Directory groups who contain thousands of individual AD users since they are not expanded.

The article only states problems when crawling but I also noticed some performance issues on SQL Server level where we needed to put in some extra processing power.

InfoPath 2010 – new features

PS Don’t forget the Office 2010 Technical Beta recruiting update and contest rules – unfortunately US and Canadians only … too bad.

Tags van Technorati: ,,

Thursday, August 06, 2009

Keep your SharePoint site definitions minimal, really I mean it.

Something which caused me a lot of troubles last week – an overbloated site definition. Don’t do this. As stated in the ten commandments for SharePoint development:

4. Keep your custom site definitions as minimal as possible. A long debate started after Joel's post on the topic - Do you really need a site definition . They are nothing more than a "skeleton" for attaching programmatic elements in the form of features and should be deployed as solution packages.

Trust me – follow this advice, it will cause less problems in the future.

Related posts:

Monday, August 03, 2009

MBR and GPT partioning style for disks in Windows Server 2008

I noticed something new last week – when adding a new virtual  disk to a Windows Server 2008 setup it gave me a new option when I needed to initialize the disk. You can now choose between MBR and GPT. So what’s the difference? Techotopia to the rescue:

MBR is the standard partitioning scheme that's been used on hard disks since the PC first came out. It supports 4 primary partitions per hard drive, and a maximum partition size of 2TB.

GPT disks are new, and are readable only by Windows Server 2003 SP1, Windows Vista (all versions), and Windows XP x64 Edition. The GPT disk itself can support a volume up to 2^64 blocks in length. (For 512-byte blocks, this is 9.44 ZB - zettabytes. 1 ZB is 1 billion terabytes). It can also support theoretically unlimited partitions.

Windows restricts these limits further to 256 TB for a single partition (NTFS limit), and 128 partitions.

Only Itanium systems running Windows Server 2003 and Windows Vista systems with an EFI BIOS can boot from a GPT disk. The other operating systems mentioned earlier can use GPT disks as data disks but not boot disks.


Tags van Technorati: ,,,