Apr 082019
 

I was on a customer case where SharePoint requests were taking significant time to complete. The issue eventually turned out to be because of a low value for MaxConcurrentAPI which in turn caused incoming SID resolution calls to pile up at the DC. This post is not about MaxConcurrentAPI, if you want to know more about MaxConcurrentAPI please read following article:
https://blogs.msdn.microsoft.com/spatdsg/2006/01/05/maxconcurrentapi-or-how-fast-can-you-authenticate-users/.

But the reason I’m writing this post is because of a script that I wrote to reproduce the SID resolution issue with a DC. At the heart of this script is the following script block….

#Script block which will be used by Powershell Jobs
$ADSidResolve = {
    param($sid)
    Write-Host "SID: $sid"
    $objSID = New-Object System.Security.Principal.SecurityIdentifier($sid)
    $objUser = $objSID.Translate( [System.Security.Principal.NTAccount])
    $objUser.Value
}

I’m using the System.Security.Principal.SecurityIdentifier.Translate API to translate a SID to username. To translate a username to its SID, use System.Security.Principal.NTAccount.Translate API instead. Here’s a sample script which accomplishes that…

#Script to translate currentuser's username to SID
$currentUser = [System.Security.Principal.WindowsIdentity]::GetCurrent()
$currentUserName = $currentUser.User.Translate([System.Security.Principal.NTAccount])
$objSID = New-Object System.Security.Principal.NTAccount($currentUserName)
$objUser = $objSID.Translate( [System.Security.Principal.SecurityIdentifier])

Write-Host "Current user: $currentUserName, SID: $($objUser.Value)"

Here’s the full script to translate a file full of SIDs to username, I used this script to stress test DC. Note that this script executes SID resolution in parallel using PowerShell jobs so this script is a good tutorial for using PowerShell jobs as well.

When running this script please make sure you’ve got C:\Sids.txt created with all the SIDs in it. Also note that there is a better way (using System.Security.Principal.IdentityReferenceCollection.Translate) for translating these SIDs but since I am simulating a customer scenario so I had to follow this route.

#follow this script on github: https://github.com/nibubt/powershellsnips/blob/master/ADSIDResolve.ps1

$filePath = "C:\sids.txt" #make sure this file contains SIDs that needs to be resolved.

# Verify file status #
if((Test-Path $filePath) -eq $false)
{
    Write-Error -Message "File $filePath does not exist. Please correct file path before using this script. Exiting!"
    return
}

#Read in UserName and Password securely
$username = Read-Host -Prompt "Please enter username: "
$pwd = Read-Host -Prompt "Please enter your password: " -AsSecureString
$cred = New-Object System.Management.Automation.PSCredential($username,$pwdz
if($null -eq $cred)
{
    Write-Error -Message "Invalid credentials! Exiting!"
    return;
}

# Count of lines to show progress
$sidlines = Get-Content -Path $filePath | ForEach-Object{$_.Trim()}
$totalLines = ( $sidlines | Measure-Object -Line).Lines

if(0 -ge $totalLines)
{
    Write-Error -Message "File $filePath empty?! This file must contain the SIDs you're intending to resolve! Exiting!"
    return    
}


#Script block which will be used by Powershell Jobs
$ADSidResolve = {
    param($sid)
    Write-Host "SID: $sid"
    $objSID = New-Object System.Security.Principal.SecurityIdentifier($sid)
    $objUser = $objSID.Translate( [System.Security.Principal.NTAccount])
    $objUser.Value
}

$alljobs = @()
$curLine = 0
foreach($line in $sidlines)
{
    ++$curLine;
    $JobName = "PSJOB-SIDResolve-$line"    
    $alljobs += Start-Job -ScriptBlock $ADSIDResolve -Name $JobName -Credential $cred -ArgumentList $line
  
    $PercentComplete = [math]::round((($curLine/$totalLines)*100),0)
    Write-Progress -Activity "Progress resolving SID... (Current line: $curLine of $totalLines)" -Status "$PercentComplete% Complete:" -PercentComplete $PercentComplete
}

#Wait for jobs to finish, in the end print the output
Write-Host "Waiting on jobs to finish..."
Get-Job | Wait-Job | Receive-Job

Remove-Variable alljobs,sidlines

Since output of this script is confidential, I’m skipping output but note that this does work :-).

Also note that there is a SysInternals tool that does a similar job. Its called PsGetSid: https://docs.microsoft.com/en-us/sysinternals/downloads/psgetsid

Feb 212019
 

I needed to find a particular SPFeature across a SharePoint farm so wrote up this PowerShell script. Sharing with you all this PowerShell script, also this script has some neat formatting code which you could find useful.

#Follow this script on GitHub: https://github.com/nibubt/powershellsnips/blob/master/FindFeature.ps1

Add-PSSnapin *SharePoint*

function WriteFeature($features, $tabs)
{
    if($features -ne $null)
    {
        ForEach($feature in $Features)
        {
            Write-Host $("`t" * $tabs)"-> Found Feature: Title: $($feature.GetTitle(1033)), DisplayName: $($feature.DisplayName)" -ForegroundColor Cyan
        }
    }
}

$FeatureDisplayName = "SiteLevelPolicy"

Write-Host -ForegroundColor Green "Script output in DisplayName and Title format..."
Write-Host "Looking for feature: $FeatureDisplayName" -ForegroundColor Yellow

$tab = 0
Write-Host $("`t" * $tab)"-> Farm"
$feature = Get-SPFeature -Farm -ErrorAction SilentlyContinue | Where-Object{$_.DisplayName -imatch $FeatureDisplayName}
WriteFeature $feature ($tab + 1)

ForEach($WebApp in Get-SPWebApplication)
{
    $tab = 1
    Write-Host $("`t" * $tab)"-> WebApp: $($WebApp.Url)"
    $feature = Get-SPFeature -WebApplication $WebApp.Url -ErrorAction SilentlyContinue | Where-Object{$_.DisplayName -imatch $FeatureDisplayName}
    WriteFeature $feature ($tab + 1)

    ForEach($Site in $WebApp.Sites)
    {
        $tab = 2
        Write-Host $("`t" * $tab)"-> Site: $($Site.Url)"
        $feature = Get-SPFeature -Site $Site.Url -ErrorAction SilentlyContinue | Where-Object{$_.DisplayName -imatch $FeatureDisplayName}
        WriteFeature $feature ($tab + 1)

        ForEach($Web in $Site.AllWebs)
        {
            $tab = 3
            Write-Host $("`t" * $tab)"-> Web: $($Web.Url)"
            $feature = Get-SPFeature -Web $Web.Url -ErrorAction SilentlyContinue | Where-Object{$_.DisplayName -imatch $FeatureDisplayName}
            WriteFeature $feature ($tab + 1)
        }#End ForEach
    }#End ForEach
}#End ForEach
Script output from my local farm
Jan 082018
 

Why?

While debugging a crash on a customer SharePoint farm, we had to do constant checks on all SharePoint servers for latest entries in the ‘System’ eventlog. So wrote this PowerShell one-liner, using Get-EventLog, to help him out…

How?

Get-SPServer | Where-Object{$_.Role -ne "Invalid" } | %{ Write-Host "++++++++++++++++++ComputerName: $($_.Name.Split('.')[0])+++++++++++++++++++++++";
Get-EventLog -ComputerName $_.Name -LogName System -Newest 10} | ft -AutoSize

Command explained

  1. Get-SPServer: return all servers in the farm.
  2. Checking role of each server to make sure we’re accessing just the SharePoint servers.
  3. Drawing a header right before dumping out event log entries. If name is FQDN then we just take the first part, not necessary though.
  4. Call Get-EventLog by passing in computer name and log category as ‘System’, we’re retrieving newest 10 entries. Feel free to change this.

If you run into any issues or if you have any better way of doing this please let me know.

Sample output

PS C:\Windows\system32> Get-SPServer | Where-Object{$_.Role -ne "Invalid" } | %{ Write-Host "++++++++++++++++++ComputerName: $($_.Name.Split('.')[0])+++++++++++++++++++++++";
Get-EventLog -ComputerName $_.Name -LogName System -Newest 10} | ft -AutoSize
++++++++++++++++++ComputerName: SP+++++++++++++++++++++++

Index Time         EntryType   Source                  InstanceID Message                                                                 
----- ----         ---------   ------                  ---------- -------                                                                 
19665 Jan 08 12:00 Information Service Control Manager 1073748860 The Software Protection service entered the stopped state.              
19664 Jan 08 12:00 Information Service Control Manager 1073748860 The Software Protection service entered the running state.              
19663 Jan 08 12:00 Information EventLog                2147489661 The system uptime is 1026236 seconds.                                   
19662 Jan 08 10:21 Information Service Control Manager 1073748860 The Windows Modules Installer service entered the stopped state.        
19661 Jan 08 10:19 Information Service Control Manager 1073748860 The Windows Update service entered the stopped state.                   
19660 Jan 08 10:19 Information Service Control Manager 1073748860 The Windows Modules Installer service entered the running state.        
19659 Jan 08 10:14 Information Service Control Manager 1073748860 The Windows Store Service (WSService) service entered the stopped state.
19658 Jan 08 10:09 Information Service Control Manager 1073748860 The Windows Store Service (WSService) service entered the running state.
19657 Jan 08 10:07 Information Service Control Manager 1073748860 The Windows Update service entered the running state.                   
19656 Jan 08 07:18 Information Service Control Manager 1073748860 The Windows Modules Installer service entered the stopped state.
Jun 132017
 

What’s a SearchCenter?

A Search Center site, or Search Center, provides an interface for users to submit search queries and view search results. A Search Center site is the top-level site of a site collection that a farm administrator creates by using the Enterprise Search Center template or Basic Search Center template. Sample search center screenshot…

Sample SearchCenter Shot

Sample SearchCenter Shot


How to Create a Search Center Site Collection… (from MSDN)

  • Verify that the user account that is performing this procedure is a member of the Farm Administrators group.
  • On the home page of the Central Administration website, in the Application Management section, click Create site collections.
  • On the Create Site Collection page, do the following:
    • In the Web Application section, select a web application to contain the new site collection. To use a web application other than the one that is displayed, click the web application that is displayed, and then click Change Web Application.
    • In the Title and Description section, in the Title box, type the name for the new Search Center site. Optionally, type a description in the Description box.
    • In the Web Site Address section, for the part of the URL immediately after the web application address, select /sites/, or select a managed path that was previously defined, and then type the final part of the URL.

      Note the address of the new Search Center for future reference.

    • In the Template Selection section, do the following:
      • In the Select the experience version drop-down list, select 2013 to create a Search Center site that provides the SharePoint Server 2013 user experience, or select 2010 to create a Search Center site that provides the SharePoint 2010 Products user experience.

        For more information, see Search user interface improvements in What’s new in search in SharePoint Server 2013.

      • In the Select a template subsection, click the Enterprise tab, and then do one of the following:
        • If you are using SharePoint Foundation 2013, select the Basic Search Center template.
        • Otherwise, if you are using SharePoint Server 2013, select the Enterprise Search Center template.
    • In the Primary Site Collection Administrator section, in the User name box, type the user name of the primary site collection administrator for this site collection in the form domain\user name.
    • (Optional) In the Secondary Site Collection Administrator section, type the user name of a secondary site collection administrator in the form domain\user name.
    • In the Quota Template section, select No Quota.

      A Search Center site is not intended to be a data repository. Therefore, you do not have to select a quota template.

    • Click OK.
  • On the Top-Level Site Successfully Created page, click the link to the Search Center site that you created.

How to configure the Global SharePoint SearchCenter URL?

Once this site is created we need to tell SharePoint SSA to use this site to submit search queries and view search results. Please note that even UPA uses this SearchCenter for user profile look up so it is important that we set this up the right way to be consumed by UPA as well. From what I know there are couple of ways to do this.

Via PowerShell

$ssa = Get-SPEnterpriseSearchServiceApplication
$ssa.SearchCenterUrl = “SearchCenterURL/pages”
$ssa.Update()
iisreset

Note that you might have to IISReset after this. If you’re doing this via PowerShell I’ve noticed that change will take effect faster than via UI.

Via UI

Open search service application (SSA). Click on value of “Global Search Center URL” to enter new URL….

You should see a popup similar to following dialog popup. Enter new search center URL here.

How to configure the SharePoint SearchCenter URL for a site/site collection?

Please note that above is for global search center URL but you can have site collection or site level search center URL which will override the global search center settings from what I know so far. For setting site collection level SearchCenter URL, access Site Settings->Site Collection Administration->Search Settings, you should see following popup…

For setting site level SearchCenter URL access Site Settings->Search->Search Settings, a dialog similar to the one above should pop up. Once you’ve filled out necessary values you’re good to go.

SearchCenter setting for UPA

So if SearchCenter is not setup, my site settings for your UPA service application will be empty, but if you set it via above powershell or via UI you should following empty field get populated, manually populating this field doesn’t stick.

Once the following PowerShell executes, we see following screenshot now…

$ssa=Get-SPEnterpriseSearchServiceApplication
$ssa.SearchCenterUrl=”searchcenterurl/pages”
$ssa.Update()
iisreset

This time the field is filled out, so when you’re viewing user profile and when clicking on user name and other things pertaining to a user you’ll land on the above SearchCenter page.

‘/Pages’ is important

Remember to append /Pages to the end of the SearchCenter URL. Reason being if you browse to the SearchCenter site and look at SiteContents. You’ll see a pages library which contains all the pages you’ll see as part of the SearchCenter. So if ‘/pages/’ is not appended to the end of the URL you’re bound to get a 404.

Ideally a SearchCenter URL should look as follows: http://sp:port/sites/searchcenter/pages

References…

https://msdn.microsoft.com/hu-hu/jj851144

Jun 242016
 

What’s ServerRender?

ServerRender is a property of a webpart which disables client-side rendering for a webpart. You’ll lose some cool features of a webpart once you enable this feature for e.g.

  1. Inline editing of a list item, or in other words “Quick Edit”.
  2. Look and feel of the list changes to the traditional view, from a excel like view.

But this feature is quite handy when it comes to workaround some bugs related to client-side JavaScript.

 

How do we enable this feature via SharePoint UI?

  1. GoTo Site settings->Edit page
    clip_image001
  2. Select list web part and then select WEB PART on the ribbon bar, then select the list web parts “Web Part Properties” on this ribbon.
    clip_image003
  3. On the properties window that pops out on the right side, enable “Server Render”, at the bottom of this screenshot…
    clip_image005

 

How do we enable this feature via PowerShell?

I had to dig around a bit to figure this out. Here’s how we do this via PowerShell…

#Web URL, change to your web's URL
$WebUrl = "http://sp/sites/TaskList"
#ListName, change to your list's name
$ListName = "MyTasks"
$web = Get-SPWeb $webUrl

#Get all web parts in this collection, please note this is for default view, if you've got other views please use URL for that view
$WebParts = $web.GetWebPartCollection($web.Lists[$ListName].DefaultViewUrl, [Microsoft.SharePoint.WebPartPages.Storage]::Shared)
#Dump names of all web parts on this page
$WebParts.DisplayName

#Assuming you just have one web part on this page.
$WebParts[0].ServerRender=$true
$WebParts.SaveChanges($WebParts[0].ViewGuid)

$web.Dispose()
Sep 232015
 
Introduction

I’ve been working on a case where customer accidently deleted a bunch of timer jobs. He came to us with a question on how to restore the timer jobs back. We found a way to restore the timer jobs but just a few of them. So if the timer jobs are out of the box (OOB) jobs we can restore them in this manner. If there are other timer jobs you’ll have to just re-deploy the timer job solution again.

Farm Level Timer Jobs

From code I see that SPTimerService.EnsureDefaultJobs should restore the following farm level timer jobs…

job-config-refresh
job-ceip-datacollection
job-delete-job-history
job-password-management
job-app-installation
SPAppStatisticsProviderJobDefinition
job-autohosted-appinstance-counter
job-admin-product-version
job-timer-recycle
job-timer-locks
job-spapp-statequery
job-internalspapp-statequery
Web Application Level Timer Jobs

There’s another one SPWebApplication.EnsureDefaultJobs which restores following web application level timer jobs.

job-immediate-alerts
job-dead-site-delete
job-diskquota-warning
job-change-log-expiration
job-recycle-bin-cleanup
job-workflow-autoclean
job-workflow-failover
job-workflow
job-site-deletion
job-audit-log-trimming
job-solution-resource-usage-log
job-solution-resource-usage-update
job-solution-daily-resource-usage
job-upgrade-workitems
job-filefragments-cleanup
job-storage-metrics-processing
job-create-upgrade-eval-sites
job-delete-upgrade-eval-sites
job-upgrade-sites
Sample Script

So the question is how to execute these functions via PowerShell…

# Ensures the default farm level timer job definitions exist
Add-PSSnapin Microsoft.Sharepoint.Powershell
$farm = Get-SPFarm
$farm.TimerService.EnsureDefaultJobs();

#Ensures the default timer job definitions exist for the specified web application
$webapp = Get-SPWebApplication http://webapp/
$webapp.EnsureDefaultJobs();

Thanks to my colleague Stephen Woodard and Trevor Barkhouse for pointing me to this public function.

Disclaimer

As always please make sure you test this out well before implementing this in production.

Sep 222015
 

Issue

Just be careful with the SharePoint 2013 August 2015 CU. One of the security fixes in this cumulative update package has a bug: https://support.microsoft.com/en-us/kb/3085501. Because this is a security fix most companies will push this fix to their servers.

The bug pops up when you try to attach a file to a list item or a calendar item. Here’s how the error message will look like…

Message from webpage
===================================================
File names can’t contain the following characters: &”?<>#{}%~/\
===================================================
<<Ok>>

Attaching a file to a list item is a feature that is rarely used so I guess customer’s affected will be just a minority. Microsoft is planning to fix this issue in October CU.

Workaround

There are some workarounds listed in below blog link. Please make sure you back up the JavaScript files before modifying it.
http://thesharepointfarm.com/2015/08/august-2015-cu-error-file-names-cant-contain-the-following-characters/

Another workaround is to do the following…

  1. Create the list item without adding any attachments
  2. Go back to the list and select the list item you created in item 1.
  3. Ribbon->Items->Attach File and provide the attachment.

This will work for list items, but I’m not sure if this will work for calendar items.

Jul 232015
 
Very important:

Please make sure necessary backups are in place before you perform this operation. First test in your dev/test environment and only then use in your production environment.

Ideally a feature will be scoped to a Farm, WebApplication, Site, or Web, but orphaned features won’t be having a scope. The command to list all orphaned features in a SharePoint farm is as follows…

PowerShell command to list all orphaned features…
Get-SPFeature | ? { $_.Scope -eq $null }
Sample output…
PS C:\windows\system32> Get-SPFeature | ? { $_.Scope -eq $null }

DisplayName                    Id                                       CompatibilityLevel   Scope                         
-----------                    --                                       ------------------   -----                         
ReportServerCentralAdmin       5f2e3537-91b5-4341-86ff-90c6a2f99aae     14                                                 
ReportServerStapling           6bcbccc3-ff47-47d3-9468-572bf2ab9657     14                                                 
PowerView                      bf8b58f5-ebae-4a70-9848-622beaaf2043     14                                                 
ReportServerCentralAdmin       5f2e3537-91b5-4341-86ff-90c6a2f99aae     15                                                 
ReportServerStapling           6bcbccc3-ff47-47d3-9468-572bf2ab9657     15                                                 
PowerView                      bf8b58f5-ebae-4a70-9848-622beaaf2043     15
PowerShell command to delete an orphaned feature…
foreach($f in @(Get-SPFeature | ? { $_.DisplayName -eq "ReportServerCentralAdmin" }))
{
    $f.Delete()
}

Why did we need a foreach? Because a feature could be listed twice with different “CompatibilityLevel” values. So in this case “ReportServerCentralAdmin” is listed twice with “CompatibilityLevel” set to 14 and 15. So we delete both via $f.Delete().

Jul 222015
 

Introduction

Get-SPFeature is a command used to list out all the features in a SharePoint farm (scope can be set). You can scope this command to different levels, the levels are…

  • Farm – Only SharePoint farm level features are displayed
  • Web Application – Only web application level features are displayed
  • Site – Only site level features are displayed
  • Web – For sub sites

Examples…

#Display all SharePoint farm features
Get-SPFeature –Limit All
Scoping features…
#Display all SharePoint features scoped to farm
Get-SPFeature -Limit ALL | Where-Object {$_.Scope -eq "FARM"}

#Display all SharePoint features scoped to web application
Get-SPFeature -Limit ALL | Where-Object {$_.Scope -eq "webapplication"}

#Display all SharePoint features scoped to site
Get-SPFeature -Limit ALL | Where-Object {$_.Scope -eq "site"}

#Display all SharePoint features scoped to web
Get-SPFeature -Limit ALL | Where-Object {$_.Scope -eq "web"}
List all features in a Site Collection…

#Displays all SharePoint features for a site collection using Grid view

Get-SPSite http://mysiteurl | Get-SPWeb -Limit ALL |%{ Get-SPFeature -Web $_ } | Out-GridView –Title “All features for this site”

Sample Grid Output…
All Features in a Sharepoint Site Collection

Help…

#For detailed help type in… Get-Help Get-SPFeature –Full