SharePoint 2013: Error in “Products Configuration Wizard” after Update to SP1

Today I got an error on my development farm after I updated SP 2013 to SP1 level. I also removed Visual Studio 2012 from the box and installed Visual Studio 2013.

In fact I did the SP1 update as last step.

Than I tried to run the “SharePoint 2013 Products Configuration Wizard” and got this error in the first update step (“Initializing…”):

image

One ore more typed failed to load.

I was pretty sure this error was caused by the Visual Studio “update”

image

Could not load file or assembly ‘Microsoft.Data.Edm, Version=5.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35’ or one of its dependencies.

image

Could not load file or assembly ‘Microsoft.Data.OData, Version=5.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35’ or one of its dependencies.

After some research I found this two components belong to “WCF Data Services 5.0 for OData V3”.

I downloaded the package from http://www.microsoft.com/en-us/download/details.aspx?id=29306 and installed it on my SharePoint dev box.

After that the “Products Configuration Wizard” worked as expected.

Troubleshooting: Cannot access Managed Metadata Service Application in SharePoint 2013

In the last couple of months I got several times the following error:

The Managed Metadata Service Application was not accessible in the Central Administration.

 

image

I checked all know issues of missing security settings of the service application and in the database. – Everything as expected.

Some days before it worked like a charm.

In one case I saw the problem appear after deploying the (new) Service Pack 1.

In the ULS is this error:

image

Failed to get term store for proxy ‘Managed Metadata Service Application’. Exception: System.Collections.Generic.KeyNotFoundException: The given key was not present in the dictionary.
at Microsoft.SharePoint.Taxonomy.Internal.XmlDataReader.GetDateTime(String name)
at Microsoft.SharePoint.Taxonomy.Internal.SharedTermStore.Initialize(IDataReader dataReader, Guid termStoreIdValue, Boolean fromPersistedData)
at Microsoft.SharePoint.Taxonomy.Internal.SharedTermStore..ctor(IDataReader dataReader, Guid termStoreId, Boolean fromPersistedData)
at Microsoft.SharePoint.Taxonomy.Internal.DataAccessManager.GetTermStoreData(MetadataWebServiceApplicationProxy sharedServiceProxy, Boolean& partitionCreated)

Searching the internet I found no solution but exactly the same error, e.g:

http://sharepoint-community.net/forum/topics/failed-to-get-term-store-for-proxy-managed-metadata-service

I tried lots of suggested approaches, e.g. to re-create the service application using the old database. Nothing worked for me.

Finally I tried the following and it solved the issue without loosing data.

1. Check and note all settings of the service application, especially security and properties (Hub Url, etc.)

2. Backup the service application using PowerShell and cmdlet Backup-SPFarm:

Add-PSSnapin “Microsoft.SharePoint.PowerShell” -ea 0

backup-spfarm -BackupMethod full -Directory \\kcdevsqlexch1\backup\SvcApp -item “Farm\Shared Services\Shared Services Applications\Managed Metadata Service Application” -verbose

backup-spfarm -BackupMethod full -Directory \\kcdevsqlexch1\backup\SvcAppProxy -item “Farm\Shared Services\Shared Services Proxies\Managed Metadata Service Application” -verbose

You can  get the “item” path from command:

Backup-SPFarm -ShowTree

image

The names maybe different on your system.

You need to create a network share for the backup data.

3. After that I deleted the service application using the Central Administration. Including the database.

4. Now I run the restore commands in PowerShell:

Restore-SPFarm -Directory \\kcdevsqlexch1\backup\SvcApp -RestoreMethod New  -Verbose

Restore-SPFarm -Directory \\kcdevsqlexch1\backup\SvcAppProxy -RestoreMethod New  -Verbose

5. The next thing was to add the restored service application to the service application proxy groups, in my case only the “Default” proxy group.

image

6. The last step was to check security settings and service application properties. In my case I had to restore the settings and security manually.

That’s it. Managed Metadata Service Application working again. No data lost.

If you want to follow these steps make sure you have tested everything yourself. Make database backups. Note all settings. As always you do it on your own risk!

Get Rid of Orphaned Content Types in SharePoint 2013

One of my customers has a SharePoint 2013 farm with content migrated from SharePoint 2010.

In the past on SharePoint 2010 they have had the Microsoft SQL Server 2008 R2 Reporting Services-Add-In for SharePoint enabled on some sites. Because they did not need it any more they removed it from SharePoint but without deactivating the Report Server feature on each site collection.

Now on SharePoint 2013 this lead to problems with 3 orphaned content types:

  • Report Builder Model
  • Report Builder Report
  • Report Data Source

First I tried to remove the corresponding feature “ReportServer” with ID e8389ec7-70fd-4179-a1c4-6fcb4342d7a0 from the site:

clip_image001

Get-SPFeature : Cannot find an Enabled Feature object with Id: e8389ec7-70fd-4179-a1c4-6fcb4342d7a0 in scope Site Url: https://sp2013.kc-dev.com/sites/reportingservices.

 

Than I tried to remove the content types manually using the web GUI and PowerShell. I got this errors:

clip_image002

and

clip_image003

Same message: “The content type “Report Builder Model” is part of an application feature.”

 

After reading some articles I found two propesed ways:

At last I found another way to get rid of the orphaned site collections.

In the following demo I use the content types of the Microsoft SQL Server 2008 R2 Reporting Services SharePoint Addon. I installed it on a SharePoint 2010 platform and created a site collection “https://sp2010.kc-dev.com/sites/reportingservices” in a seperate content database.

Than I migrated this content database to SharePoint 2013 including site collection upgrade. – New URL: https://sp2013.kc-dev.com/sites/reportingservices

Than I checked the usage of the content types using the static method GetUsage of Microsoft.SharePoint.SPContentTypeUsage.

clip_image004

In my case all 3 content types are used in a single list. It is necessary to remove each usage of each content type!! – In my case I deleted the list. After deletation it need to be removed from the recycle bin too!

clip_image005

… and also from the site collection recycle bin!

clip_image006

Now my site collection is clean. No results when checking the usage again:

clip_image007

After that I created a new folder in the FEATURES sub folder in the SharePoint hive:

image

Than I created the following script to create a dummy feature inside this folder. The dummy feature uses EXACLTY the same feature Id as the missing feature containing the orphaned content types.

clip_image009

Note #1: The feature ID is the same as for the original Reporting Services feature!

Note #2: For this content types it is necessary to remove the XmlDocuments tag and ist content. Otherwise the next step will fail.

With that script I took the cotnent type XML out of SharePoint into a elements.xml file.

Than I was able to install the feature using PowerShell:

clip_image010

At this point the missing feature is back in SharePoint. The system now will not moan if I deactivate the feature.

BEFORE deactivating I made a screenshot of the site content types page:

clip_image011

After this command…

clip_image012

… the site content types page looks like this:

clip_image013

The orphaned content types are gone!

Note: Maybe you get an error during deactivation saying the feature is not active at the scope. In this case you need to activate the feature first and deactivate it afterwards!

The last step is to remove the dummy feature:

clip_image014

That’s it.

Here you download the script if you like: http://bit.ly/OCToWx

Cross Site Scripting with SharePoint 2013 REST calls

Today I had to figure out how to query a SharePoint 2013 REST service from another domain.

It took a while to find the correct settings. 😉

There was no list on the internet so I want to post it here as reference. – If you have additions to it please post them in the comments.

My test bed:

  1. I created two web applications
  2. At the root of both web apps I created a “Team Site” site collection.
  3. I uploaded a copy of jQuery to the masterpage catalog of http://fromhere.kc-dev.com .
  4. Also to the masterpage catalog of this site I uploaded a script file named “crosssitescripting.js” containing the REST call to http://tohere.kc-dev.com/_api .
  5. On the homepage of the root site collection of http://fromhere.kc-dev.com I added some script tags to load the script files jQuery.js and crosssitescripting.js. And a div tag for the sub web list.

clip_image001

I opened the homepage of http://fromhere.kc-dev.com in the browser and got an error in the F12 dev tools of the Internet Explorer. As expected.

clip_image002

Now I added some web.config modifications using PowerShell to enable cross site scripting. (Some years ago I wrote a note on that topic: https://blog.kenaro.com/2010/09/02/add-web-config-modification-with-powershell-spwebconfigmodification)

After reloading the site I could see the sub web list:

clip_image003

Here is the content of crosssitescripting.js

$(document).ready(function(){
    $.support.cors = true;
    $.ajax({
        url: "http://tohere.kc-dev.com/_api/Web/Webs",
        type: "GET",
        crossDomain: true,
        dataType: "json",
        headers: { "Accept": "application/json; odata=verbose" },
        xhrFields: { withCredentials: true },
        success: function (response) {
            var ul = $("#weblist").append("<ul/>");
            $(response.d.results).each(function(){
                $("<li>"+this.Url+"</li>").appendTo(ul);
            });
        },
        error: function (xhr, status) {
            debugger;
        }
    });
});

Here is the PowerShell script to add the web.config modifications:

Add-PSSnapin Microsoft.SharePoint.PowerShell -EA 0

$localFarm = Get-SPFarm

$webapp = Get-SPWebApplication "http://tohere.kc-dev.com"

# Remove old web.config modifications of MyAuthenticationProvider
$oldMods = @();
$webapp.WebConfigModifications | ? { $_.Owner -eq "CrossSiteScripting" } | % { 
    $oldMods = $oldMods + $_
}

$oldMods | % { 
    $webapp.WebConfigModifications.Remove($_) 
}

# update the Web Application and apply all existing web.config modifications - this executes the "remove" actions from above
$webapp.Update()
[Microsoft.SharePoint.Administration.SPWebService]::ContentService.ApplyWebConfigModifications()

#Wait until web.config modifications finished by timer job
while( (Get-SPTimerJob | ? { $_.Name -eq "job-webconfig-modification"}) -ne $null ) {
    Write-Host "." -NoNewline
    Start-Sleep 1
}

# New web.config modifications for MyAuthenticationProvider
$myModification1 = new-object Microsoft.SharePoint.Administration.SPWebConfigModification
$myModification1.Path = "configuration/system.webServer/httpProtocol/customHeaders"
$myModification1.Name = "add[@name='Access-Control-Allow-Origin'][@value='http://fromhere.kc-dev.com']"
$myModification1.Sequence = 0
$myModification1.Owner = "CrossSiteScripting"
#0 = for the enum value "SPWebConfigModification.SPWebConfigModificationType.EnsureChildNode"
$myModification1.Type = 0
$myModification1.Value = "<add name='Access-Control-Allow-Origin' value='http://fromhere.kc-dev.com' />"
$webapp.WebConfigModifications.Add($myModification1)

$myModification1 = new-object Microsoft.SharePoint.Administration.SPWebConfigModification
$myModification1.Path = "configuration/system.webServer/httpProtocol/customHeaders"
$myModification1.Name = "add[@name='Access-Control-Request-Method'][@value='GET,POST,HEAD,OPTIONS']"
$myModification1.Sequence = 0
$myModification1.Owner = "CrossSiteScripting"
$myModification1.Type = 0
$myModification1.Value = "<add name='Access-Control-Request-Method' value='GET,POST,HEAD,OPTIONS' />"
$webapp.WebConfigModifications.Add($myModification1)

$myModification1 = new-object Microsoft.SharePoint.Administration.SPWebConfigModification
$myModification1.Path = "configuration/system.webServer/httpProtocol/customHeaders"
$myModification1.Name = "add[@name='Access-Control-Request-Headers'][@value='Content-Type,Authorization']"
$myModification1.Sequence = 0
$myModification1.Owner = "CrossSiteScripting"
$myModification1.Type = 0
$myModification1.Value = "<add name='Access-Control-Request-Headers' value='Content-Type,Authorization' />"
$webapp.WebConfigModifications.Add($myModification1)

$myModification1 = new-objectMicrosoft.SharePoint.Administration.SPWebConfigModification
$myModification1.Path = "configuration/system.webServer/httpProtocol/customHeaders"
$myModification1.Name = "add[@name='Access-Control-Allow-Credentials'][@value='true']"
$myModification1.Sequence = 0
$myModification1.Owner = "CrossSiteScripting"
$myModification1.Type = 0
$myModification1.Value = "<add name='Access-Control-Allow-Credentials' value='true' />"
$webapp.WebConfigModifications.Add($myModification1)

$webapp.Update()
[Microsoft.SharePoint.Administration.SPWebService]::ContentService.ApplyWebConfigModifications()

#Wait until web.config modifications finished by timer job
while( (Get-SPTimerJob | ? { $_.Name -eq "job-webconfig-modification"}) -ne $null ) {
    Write-Host "." -NoNewline
    Start-Sleep 1
}

PowerShell Snippet: Store Login Information Secure in PowerShell using Windows Security API

Today I want to show you a small PowerShell snippet that I created for a webinar for AvePoint. It’s a webinar in German language about the DocAve module “Content Manager”.

The snippet will show you how to store a encrypted password in a plain text file.

Therefore I use some Windows OS APIs that are accessible in .NET:

http://msdn.microsoft.com/en-us/library/system.security.cryptography.protecteddata.protect(v=vs.110).aspx

This encapsulates the “Data Protection API” of Windows: http://msdn.microsoft.com/en-us/library/ms995355.aspx

With the methods of this class you are able to encrypt and decrypt data very easily, either in the context of the current user or in the context of the local machine.

The encrypted data can only be decrypted on the same machine in the same context as where they were encrypted.

Very easy and handy. It is  NOT EASY BUT POSSIBLE to decrypt it on another machine. Just read the article mentioned above, especially the section “DPAPI Security” (http://msdn.microsoft.com/en-us/library/ms995355.aspx#windataprotection-dpapi_topic04).

It is DocAve specific but of course you can modify it for your own purpose.

Here is the Script:

<##
  Created by Ingo Karstein 
    https://blog.kenaro.com
##>

#Load Modules and Assemblies
Import-Module-Name "C:\program files\AvePoint\DocAve6\Shell\DocAveModules\DocAveModule" -DisableNameChecking
[System.Reflection.Assembly]::LoadWithPartialName("System.Security") | Out-Null

#Current folder of script
$path = Split-Path $MyInvocation.MyCommand.Path

#Config values
$docavemanageruser = "admin"
$docavemanagerserver = "kcdevsqlexch1"
$docavemanagerport = 14000

#Read password from file or get it from user and store it into a file
if( [string]::IsNullOrEmpty($docavepwd) ) {
  if( Test-Path "$($path)\pwd.txt" ) {
     $data= [System.Convert]::FromBase64String((Get-Content "$($path)\pwd.txt" -Encoding UTF8))
     $global:docavepwd = [System.Text.Encoding]::UTF8.GetString([System.Security.Cryptography.ProtectedData]::Unprotect($data, (123,54,67,89,12,32,146), "CurrentUser"))
  } else {
     $global:docavepwd = Read-Host "Enter AvePoint ""$($docavemanageruser)"" password"
     $data= [System.Security.Cryptography.ProtectedData]::Protect( ([System.Text.Encoding]::UTF8.GetBytes($docavepwd)) ,(123,54,67,89,12,32,146), "CurrentUser")

     [System.Convert]::ToBase64String($data) | Set-Content "$($path)\pwd.txt" -Encoding UTF8 -Force
  }
}

#exit if no password
if( [string]::IsNullOrEmpty($docavepwd) ) {
  exit
}

$success=$false
#check if already logged in into DocAve
try {
  $success= (Get-DALocalUser -ErrorAction 0) -ne $null 
  if( !$? ) {
    $success=$false
  }
} catch {
  $success=$false
}

#If not already logged in: Login using credentials
if( !$success ) {
  $cred = New-Object System.Management.Automation.PSCredential( $docavemanageruser, (ConvertTo-SecureString -Force -AsPlainText $docavepwd))
  Login-DAManager -ControlHost $docavemanagerserver -ControlPort $docavemanagerport -Credential $cred
  if( $? -eq $false ) {
    exit
  }
}

SharePoint 2013 People Picker error: “Sorry, we’re having trouble reaching the server.”

I have had a strange error today in my dev lab environment. First I recognized that I could not select users from the People Picker:

image

Sorry, we’re having trouble reaching the server.

Second I realized that I was not able to use any function that belongs to WCF web services such as the SharePoint REST API, e.g. at http(s)://<server>/_api/web.

Using Fiddler I found this behavior:

image

HTTP 404 NOT FOUND on /_vti_bin/client.svc/ProcessQuery

Same for /_vti_bin/client.svc/web which is the same as /_api/web.

image

Search the web I found some hints regarding this error in SharePoint. But nothing worked.

Than I created a own web service “service1.svc” with a simple method in it and placed it in folder <SP-Hive>\isapi where the virtual folder “_vti_bin” is located on the file system.

Result:  I could not call my own web service too. Same result: NOT FOUND.

Than I search the web for “WCF 404” and found some hints to “HTTP Activation” feature of Windows Server OS. Of course this was activated for .NET 3.5 and .NET 4.5.

So I deactivated the “HTTP Activation” feature of .NET 3.5 and .NET 4.5 and re-enabled one by one (1st .NET 3.5, 2nd .NET 4.5 ) them after deactivation.

image

image

image

 

After that I did a IISRESET. – Than everything works again as expected. :-)

image

and

image

Create User Profile Sync Connection for SharePoint 2013 by Script (A Supported Approach)

In my last post I wrote about a supported approach to create a user profile sync connection in SharePoint 2010 using PowerShell and Internet Explorer automation.

In the meanwhile I have adopted the script for SharePoint 2013.

Same conditions as last time: This is a kind of “Proof of Concept”. You have to modify it in order to use it in you scenarios.

 

Here it is:

http://gallery.technet.microsoft.com/Create-User-Profile-Sync-e9ec0cf7

 

Original article with some more details:

https://blog.kenaro.com/2013/09/11/create-user-profile-sync-connection-for-sharepoint-2010-by-script-a-supported-approach/

Create User Profile Sync Connection for SharePoint 2010 by Script (A Supported Approach)

Before we start…

1. It’s not supported to create a User Profile Sync connection by script or code using the server object model. We will NOT do this here!

2. The script in this article is part of my “dev lab” setup scripts. – The script cannot be used “as-is” in real world scenarios. If you want to use this approach in your deployment you MUST customize the script to fit your needs! – Especially for selecting sync entries from the Active Directory treeview selector.

3. The script is a Proof of Concept.

4. It’s tested only on SharePoint Server 2010. I’ll do it for SP 2013 later.

5. The script has almost no error handling !!! Sometimes I get the error message “MOSS MA not found”. In this case I restart the “FIMService” and try again.

 

The approach…

… is to use Internet Explorer as COM object to navigate to pages of the Central Administration and “act like a user”. This means:

1. Open IE window

2. Navigate to Central Administration -> Manage Service Applications

3. Search of the (first) “User Profile Service Application” in the Service Apps list and navigate to it’s settings page.

4. Open page “Configure Synchronization Connections”.

5. “Click” on link “Create New Connection”

6. Fill in connection parameters such as name, forrest, user profile sync account. Click button “Populate Containers”. Click “Select All”. Click “OK”. Wait until connection is created.

7. On the User Profile Service Application property page: Click on “Start Profile Synchronization”. There select “Start Full Synchronization”. Wait until sync starts. Wait until sync is complete.

 

The script…

 

Here it is:

http://gallery.technet.microsoft.com/Create-User-Profile-Sync-98ab7201

(Update) Here is the script for for SharePoint 2013: http://gallery.technet.microsoft.com/Create-User-Profile-Sync-e9ec0cf7 (Article here).

 

First the script contains some config settings for the new connection.

clip_image001

 

Appendix

Here are the input boxes related to the config values (line numbers):

clip_image003

The script is written in for a English localized CA. However I have created resource variables for other languages.

clip_image004

Usage of resource variables (line numbers)

clip_image006

clip_image008

clip_image010

clip_image012

clip_image014

[DE] MCM/MCSM/MCA abgekündigt – Ende einer Ära

Mein erster Blog Post auf deutsch…

Wie Ihr sicher bereits gehört habt wurde der Microsoft Certified (Solutions) Master und Microsoft Certified Architect von Microsoft am Freitag überraschend abgekündigt. – Nicht nur SharePoint: alle 4 Zertifizierungsprogramme wurden abrupt beendet.

Das ist die schlechteste Nachricht, die ich in meiner beruflichen Laufbahn je bekommen habe.

 

Voller Text hier:

http://blogs.technet.com/b/neiljohn/archive/2013/08/31/retiring-the-microsoft-master-certifications-and-training.aspx

 

Erste Artikel hier:

[von MCM Wictor Wilén] http://www.wictorwilen.se/microsoft-advanced-certification-mca-mcsm-mcm—the-end-of-an-era

[von MCM Paul Stork] http://www.dontpapanic.com/blog/?p=328

[von MVP Jeremy Thake] http://www.jeremythake.com/2013/08/mcm-certs-gone-microsofts-cloud-reality-distortion-field-in-full-force

http://www.theregister.co.uk/2013/08/31/microsoft_cans_three_pinnacle_certifications_sparking_user_fury/

http://www.zdnet.com/microsoft-abruptly-pulls-masters-certification-hints-a-replacement-may-come-7000020093/

 

Hier könnt Ihr Microsoft Eure Meinung sagen:

https://connect.microsoft.com/sqlserver/feedback/details/799431/please-dont-get-rid-of-the-mcm-and-mca-programs

 

Ich war noch im Juni diesen Jahres in Redmond zur Rezertifizierung für MCSM: SharePoint.  Das werde ich bis zum 1. Oktober nicht mehr abschließen können. – Und: Warum sollte ich es noch abschließen, auch wenn das möglich wäre? Sinn macht es so oder so nicht mehr. – Aber ernsthaft: 30 Tage Zeit für eine solche Aktion?! Meine (wenigen) grauen Haare verdanke ich den letzten 17 Monaten, in denen ich erst den MCM abgelegt und mich dann für den MCSM vorbereitet habe. – Besonders verstörend empfinde ich dabei, dass meine Kollegen und ich aus “R15” (“Rotation 15” = Zertifierungsdurchgang ab Juni 2013), letzte Woche (26.08. bis 29.08.)  noch in die Prüfung geschickt wurden obwohl den Verantwortlichen (offensichtlich) längst klar gewesen sein muss, dass die Zertifizierung Geschichte ist.

 

Eine Analyse, welche Hintergründe die Entscheidung haben mag, möchte ich an dieser Stelle nicht führen, denn das Ergebnis ist offensichtlich. Ich frage mich dieser Tage, wie weit Microsoft die “Cloud”-Strategie noch treiben wird. Ist es tatsächlich deren Ziel, beste Software-Produkte in den Wind zu schlagen und die Kunden quasi zu zwingen, sich Alternativen zu suchen? “Cloud” an sich ist nichts schlechtes, aber “nur Cloud” ist einfach Quatsch.

 

 

Set profile synchronization account rights in AD using PowerShell

This is just a short note on this topic. I could not find a script in the net. I’m not sure this is part of some SharePoint “config frameworks” like “AutoSPInstaller”. I do not use this frameworks. I create my own script sets. – Currently I create config scripts for my dev environment… The missing pieces here are related to User Profile Sync. Creating a sync connection *not* using Central Administration is not supported. There is no PowerShell, etc. – Another thing is to grant the sync account rights in the Active Directory… Here is my small script in Technet Gallery:

http://gallery.technet.microsoft.com/Set-SharePoint-profile-1a3d1283

The script will not modify an existing entry for the profile sync user in the AD. If the user is in the ACL of the Domain object or the Configuration object it will skip this part!

As always: Use it at your own risk!!! 

image

Use it like this:

image

 

Tested with SharePoint 2013 and a Active Directory based on Windows Server 2012.