All posts by Jack

Moving the Managed Metadata service to a new SharePoint (2010) Farm

SharePoint

We’re rebuilding an environment at work so I moved the managed metadata service over.

Doing so should be fairly easy:

  • Find the name of the database from your old MMS.
  • Copy / move that DB so it’s available on the new farm’s DB server
  • Set permissions on the server to the farm can get to the DB
  • Create a new Managed Metadata App on the new Farm, when you get to the point where you specify a database name, specify the name fo your newly restored/moved DB

That should be it – the system should use your existing metadata and you get to go to lunch on time.

Or do you?

I did this today after following some advice online only to be greeted with:

The Managed Metadata Service or Connection is currently not available. The Application Pool or Managed Metadata Web Service may not have been started. Please Contact your Administrator.
 
Hmm What’s going on here – I did a quick google and was told to look at the ULS logs, confirm permissions etc…
However, for me the answer was much simpler – it was actually in the error message!
Creating a new manged metadata service hadn’t actually started it on any node in my farm.  I went to CA->System Settings->Services on Server and my Managed Metadata Web Service was in the “stopped” state- I started it and went back for another look at the MMS console.
Still no luck:
The Managed Metadata Service or Connection is currently not available. The Application Pool or Managed Metadata Web Service may not have been started. Please Contact your Administrator.
 
Now what? I remembered reading in the logs earlier, a line that talked about the application load balancer not being able to find an endpoint for this app.
I know from experience that the internal load balancer in SharePoint updates via a timer job that only runs every so often (15 min is the default).
 
I went to CA->Monitoring->Timer Jobs->Job Definitions and manually kicked off the “Application Addresses Refresh Job”
 
Then went back to look at the Managed Metadata Service and BINGO – It worked.
 

Sharing service apps between farms.

SharePoint

See http://technet.microsoft.com/en-us/magazine/hh528474.aspx Section 8

Run this PS on both farms and exchange certs:

$rootCert = (Get-SPCertificateAuthority).RootCertificate
$rootCert.Export(“Cert”) | Set-Content D:CertsConsumingFarmRoot.cer -Encoding byte
$stsCert = (Get-SPSecurityTokenServiceConfig).LocalLoginProvider.SigningCertificate
$stsCert.Export(“Cert”) | Set-Content D:CertsConsumingFarmSTS.cer -Encoding byte

Then you can use Central admin (Security->Manage Trusts) to enter these in.

From the Consuming Farm, run get-farm | Select ID to get the ID of the consuming farm.

$farmID = 
$security = Get-SPTopologyServiceApplication | Get-SPServiceApplicationSecurity
$claimProvider = (Get-SPClaimProvider System).ClaimProvider
$principal = New-SPClaimsPrincipal -ClaimType "http://schemas.microsoft.com/sharepoint/2009/08/claims/farmid" -ClaimProvider $claimProvider -ClaimValue $farmID
Grant-SPObjectSecurity -Identity $security -Principal $principal -Rights "Full Control"
Get-SPTopologyServiceApplication | Set-SPServiceApplicationSecurity -ObjectSecurity $security

SideNote: Pear Note

SharePoint

I’m using a nifty program called Pear Note.

Pear Note is a note taking program, with a twist.
You can import a video (for example, I am using it now with a recorded session from the SharePoint Conference)
While the video plays, you type in your notes.

The magic happens when you select any word in your notes and the video immediately jumps to the position in time that it was playing at when you took your notes.

I’ve used it before and it’s super handy for taking notes and then knowing exactly where you were in the video when you found it.

http://www.usefulfruit.com

Using MaintenanceWindows in SharePoint 2013

PowerShell, SharePoint, SP2013,
Sharepoint 2013 Maintenance Window Banner ScreenShot
Sharepoint 2013 Maintenance Window Banner

 

At the SharePoint Conference this week, Session SP210 on upgrading to SP2013 mentioned a brand new feature that didn’t exit in the preview edition: MaintenanceWindows.

As you can see from the screenshot above, this feature puts up a simple banner alerting users of the upcoming work.

The message is localized in the users language so long as language packs are installed.

The “More Information” link can point to any page you specify.

I was pretty excited about this, and couldn’t wait to try it out!

The PowerShell to do this wasn’t as easy as I expected.

I’ve pasted below what worked for me.
 

 #1st get a content database
 get-SPContentDatabase  #this will list them all
                        #copy and paste a database ID and use it to assign a specific DB to a variable
 $ContentDB = Get-SPContentDatbase -Identity #ID goes here

 #now we're going to add a maintenance window to the SPContentDatabase with $ContentDB.MaintenanceWindows.Add()
 #before we can do that we need to create a Maintenance window object and populate it.

 #                         Parameter List             "MaintanceWarning or MaintanencePlanned",  Mt Start   ,  Mt End   , Notify Start, Notify End, duration , urlforinfo
 $MaintWindow = New-Object Microsoft.SharePoint.Administration.SPMaintenanceWindow "MaintenancePlanned", "1/1/2013", "1/2/2013", "11/16/2012" , "1/3/2013", "1:00:00", "http://www.mydomain.com/outageinfo.html"
    #Parameter List for above:
      #1: MaintanceWarning or MaintanencePlanned,
      #2: Maintenance Start Date
      #3: Maintenance End Date
      #4: Notification Start Date
      #5: Notification End Date
      #6: Duration in the format of DD:HH:mm:ss - "1:00:00" = 1 hour, "1:00:00:00" = 1 day
      #7: URL for info
      # Parameters 2-5 all take a date time in this format: "1/20/2012" or "1/20/2012 5:00:00 PM"  

  #Now we can see the properties of a single MaintenanceWindow by just typing in $MW and hitting enter:
  $MaintWindow

  #for me this looked like this:
  # MaintenanceStartDate        : 1/1/2013 6:00:00 AM
  # MaintenanceEndDate          : 1/2/2013 6:00:00 AM
  # Duration                    : 01:00:00
  # NotificationStartDate       : 11/16/2012 6:00:00 AM
  # NotificationEndDate         : 1/3/2013 6:00:00 AM
  # MaintenanceType             : MaintenancePlanned
  # MaintenanceLink             : http://www.mydomain.com/outageinfo.html
  # UpgradedPersistedProperties :

  #ok with that out of the way, we just need to add it to he content database
  $ContentDB.MaintenanceWindows.add($MaintWindow)
  $ContentDB.Update()

Ok so that’s it – refresh your website and you should see the pink banner on the screenshot above!

Note, I originally tried to do this by just setting up a blank object without paramters, and then setting the properties one by one, but I found that MaintenanceStartDate and NotificationStartDate could not be changed after the object was created.

– Jack

Using Powershell to get a list of user IDs from AD

PowerShell,

One of my network admin friends needed an easy way to provide some users with a list of names vs AD account names.

In many organizations, this is easy to guess, for example if my name is  Jack Basement, my id might be jbasement, but in this case, it wasn’t that easy so we needed to go to AD.

There are AD cmdlets, but they are not in powershell by default.

If you have the Remote Server Administration Tools for Windows 7 installed, then you’ll find a link to “Active Directory Module for Windows PowerShell” in your administrator tools menu.

 

Using that we can easily get a list of the users needed and select just the columns we want

for example

Get-ADUser -identity domainuser #gets info on that user

Get-ADUser -filter {name - like "jack*"} #returns all the people named Jack

We can combine that with the select statement such as this:

Get-ADUser -filter {name - like "jack*"} | Select name, SamAccountname

Which gives us a nice list

and

Get-ADUser -filter {name - like "jack*"} | Select name, SamAccountname | convertto-csv

which will out put it as a comma separated CSV (Perfect for importing into Excel)

and

Get-ADUser -filter {name - like "jack*"} | Select name, SamAccountname | convertto-csv | out-file userlist.txt

which outputs the same thing, but to a file.

 

Now one neat trick, is that often you want to output all the users of a group in AD (technically this is called an Organizational Unit, or OU)

There is an LDAP filter type we can use for this

Whats cool here is that LDAP filters are sometimes a pain to get “just right” so we can cheat:

We can use the distinguished name of a known user in that group and grab the group from that

so for example

Get-ADUser -identity domainbJack

results in a bunch of output, the first field is the distingished name and we can copy and paste that for our next command

Get-ADUser -filter * -SearchBase = "OU=mygroup,DC=basementjack,DC=com"

this outputs all the users in that OU

again we can chain for flexibility

Get-ADUser -filter * -SearchBase = "OU=mygroup,DC=basementjack,DC=com" select name, SamAccountName | sort-object name

 

Lastly don’t forget get-help

Get-Help Get-ADUser -examples

shows a few good examples.
 

Cleaning up Newsgator controls from SharePoint

PowerShell, SharePoint

On our farm, we have multiple URLS, multiple site collections etc.

One of them has a social add in called newsgator social sites.

I kept seeing errors in the ULS logs of other sites saying things like:

Failed to create a custom control from assembly ‘NewsGator.NewsManager.Web’ .. The type is not registered as safe.

I know from experience that this means the control isn’t listed in the web.config for the given site, nor should it be – I don’t have, nor want newsgator to have anything to do with the site in question.

I also know that the errors aren’t really hurting anything, but if nothing else they are making the ULS logs a little bigger and honestly, I don’t want a farm that has known errors in it.

So I set out to understand where they were coming from and how to safely get rid of them.

Finding these in the ULS logs

They are all over our ULS logs, but it’s nice to have  a quick way to validate if they are still there so I did a search with the windows Findstr command:

findstr /C:"is not allowed for web" *.log

 

The first thing I wanted to do was see if there was an obvious, easy fix – ie from site settings, site features, or site collection features, is there a newsgator feature that’s enabled that I can just turn off?

I tried this and no, there wasn’t

The solution turned out to be painfully simple.

In the ULS logs, there were entries like this:

Failed to create a custom control 'CustomMenu_NewsStreamAdmin', feature 'NewsGator.NewsManager_Actions' (id:16c89384-881d-44aa-a6f5-f66301596851) using attributes (ControlSrc='', ControlAssembly='NewsGator.NewsManager.Web, Version=1.0.0.0, Culture=neutral, PublicKeyToken=a1b9791f4e4509c7', ControlClass='NewsGator.NewsManager.Web.NewsStreamAdminActions': System.ArgumentException: The control with assembly name 'NewsGator.NewsManager.Web, Version=1.0.0.0, Culture=neutral, PublicKeyToken=a1b9791f4e4509c7' class name 'NewsGator.NewsManager.Web.NewsStreamAdminActions' is not allowed for web
at URL 'https://nonnewsgatorsite.mydomain.com'. The type is not registered as safe.

The error above is always paired with another less descriptive error – but the error above turns out to have all the information we need – the id. (In this case id 16c89384-881d-44aa-a6f5-f66301596851)

In powershell, Get-SPFeature will list all the features on the farm – in my case it showed the above ID.

Now, given that newsgator is legitimately installed on our farm and on ONE web application (URL) I didn’t want to remove it from the farm!

What was helpful was the command:

get-spfeature  -webapplication https://myurl.mydomain.com

This showed that the feature was associated with that web application and it also showed that it was webapplication scoped.

So next I used the command

Disable-SPFeature -Identity 16c89384-881d-44aa-a6f5-f66301596851 -URL https://myurl.mydomain.com

I had to do this for a few different features – pulling the ID from the ULS logs and running the disable command- While I’m sure it potentially could be automated, I preferred handling it “Hands On” doing them one at a time and confirming my SharePoint sites still worked as expected.

After that, the errors in the ULS log stopped for that site, and get-spfeature -webapplication https://myurl.mydomain.com no longer showed that feature.

It was a great feeling to get these nagging recurring ULS entries to stop!

Update: This post from Phil Childs’ excellent Get-SPScripts site has a more robust script for finding a feature in a farm and removing it everywhere if that is needed. (note that is a different use case than the one above so be sure to understand what the script does before running it!)

 

Remove Stuck Item from FAST search

SharePoint

I manage a fast installation with a few million documents.

Something went wrong and FAST is returning results for files that no longer exist.

The “Normal” way to fix this is to do another crawl of the content source – In this case, it did not work.

The “best” way to fix this is to reset the index and re-crawl all the content.

Unfortunately, because of the size of our fast install, this is not practical – it takes over a week to index everything.

In other words, fixing this problem the “right” way will also bring down fast for at least a week for some content – not good.

On a support call with Microsoft – they told me of a quick way to remove individual results – it’s not quite as effective as a full index reset, but it has it’s place – for example – say that a confidential document got crawled, and the summary is showing up in search results. You’d want to get that out of the way right away – this approach can be good for that.

First download the free tool FS4SP Query Logger by Mikael Svenson – I found version 3 on codeplex with a quick internet search.
Run this on the fast server and click the start logging button, then go do your search using whatever search page is returning the bad results.
Once you see your search term show up on the upper left, look at the result XML and find the result.
you’ll want to grab the value of the “contentid” field – it will look something like this:

 
 ssic://SomeNumberHere

Be sure the Area of XML you are looking at matches the search result you are trying to eliminate!

now, also on the fast server, open a FAST powershell command.
enter the command:
DOCPUSH -c sp -U -d ssic://YourNumberHere

Just like that, your search result should stop appearing in search results.

—————————————————————————–

As a side note, while we were looking at some things, we used a clever powershell command to search multiple directories for some text

 select-string  [0-9]*[0-9]index_dataurlmap_sorted.txt

Select-string is like Grep in Unix or Findstr in windows – it looks for strings.
what was neat here was the Regular expression for the path it limited the search to just a few key directories. – ie
2232131231231index_dataurlmap_sorted.txt
and
34223453index_dataurlmap_sorted.txt

A few quick commands to tell if FAST search is working

SharePoint

This post applies to users of Microsoft FAST search for SharePoint 2010.

Here are a few commands you can run on the FAST server to see if it’s healthy and also to get a feel if the back end is working in co-operation with the front end crawlers.

nctrl status will show if all the fast services are started and running.

indexerinfo status dumps some xml -the key piece here is the partitions – if you run indexerinfo status a few times, you should see some movement on these (percents will change)