Category Archives: Sharepoint 2010

SharePoint Search Content Source Crawl Log Access Denied

I have the following issue when setting up SharePoint 2013 Search Service Application.

Whenever I started full crawling my content sources, after certain time (usually the next day). Content Sources page and Crawl Log will give Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
search service application content source access denied

Checking Search Instance Server’s Application Log and you can see the following error

The Execute method of job definition Microsoft.Office.Server.Search.Administration.IndexingScheduleJobDefinition (ID e611e95c-dc0a-40ee-a3a3-c58f2099c2d1) threw an exception. More information is included below.

Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))

Event ID 6398

Subsequently go to Central Administration page > Timer Jobs to look for the respective Timer

Found “Indexing Schedule Manager on xxxServerNamexxx” failed miserably, for every 5 minutes.

It was then found that some user has this issue previously which has got something to do with TASKS folder in your C:\WINDOWS

sharepoint search windows task access denied issue

In case if you do not have the history of your Domain GPO, this particular folder was previously a target for Conficker Worm virus. Refer here. MS recommended to actually change the permission of this folder which then conflict the requirement for SharePoint Search Service.

If you are interest in checking your own GPO setting, you can simply run “rsop.msc” in your server’s RUN command. And you should be able to see the settings made as per below

sharepoint search windows task access denied issue conflicker

 

Workaround

In order to solve the issue, you have to get your AD GPO team to remove this setting from your sharepoint servers. Explicitly for this requirement or else your search cannot crawl.

For temp solution, you have to change the Owner of this TASKS folder and grant

WSS_WPG with minimum “Read” and “Write” access.

Finger Crossed

Target Audience in Web Part Property is missing.

Or rather how to prevent Target Audience feature in Web Part from missing.

I bumped into this problem where I wanted to set a web part to show only to a certain group of users.

Checking the Web Part properties does not show the Target Audience column. The behavior of this Target Audience web part property is that it will be shown (which we thought it was supposed to be shown by default), only when there is User Profile Service Application associated to your web application. (which usually will be provisioned automatically if you configure the farm via wizard).

user profile service application association

One reason for not associating this is for to prevent user from accessing My Site when they hit “About Me” site action menu.

about me

For some reason, this will also turn off the Target Audience in the Web Part. So. In order to turn on back the target audience feature. Here are the steps.

Resolution:

  1. Go to SharePoint Central Admin
  2. Go to Application Management and hit “Configure service application associations”
  3. In your web application row, hit the application proxy group to show the associations.
  4. Tick “User Profile Service Application” and hit OK.
  5. Your web part should immediately show Target Audience property

web part property target audience sharepoint

 

SharePoint Custom Solution Branding and Tips – Part 1

Today, I want to talk about some of the good practices when it comes to SharePoint custom code development. More often than not, you would learn that SharePoint custom solution requires you to create Feature (and usually it’s automatically created when you pick any of the default SharePoint Project template e.g. Visual Web Part) to deploy your web part, style sheet, JavaScript files, or master pages.

I can understand that the Microsoft VS team is trying to help SharePoint Developers setting up a working solution as easy and as best as they could. What we need to really take note or at least be aware of is those default values assigned to the template. Below are some of the items in which I personally think that it should not be left unchanged or not thought thoroughly in order to develop a quality solution.

Namespace

Before even creating a new SharePoint 2010/2013 project, please think through the namespace that you want to use. Changing of namespace after you have tons of web parts, feature or pages will kill you. And I kid you not, using VS rename feature does not 100% guarantee you that the code will not break. I have experienced it, and it really takes you a lot of time to just renaming a namespace. (if you are new to SharePoint Development of course)

What I always like to use for namespace naming convention is as per below format

[Company Name].[Type/Name of the solution].[Sub type]

e.g. Microsoft.Branding, Microsoft.Branding.UserControls, Microsoft.Branding.DelegateControls

I would say it is not advisable to have more than 3 levels as it would introduce a very lengthy code referencing.

And I would also suggest using sub type like “UserControls”, “WebParts” or “WebPages” to organize your codes accordingly. It makes the next developer who is taking over your code easier to understand.

Feature Name

Sorry to say that this is one of the item that I dislike most when you found out that your developers did not use it correctly or not even care about changing the name of the feature!

You may not see the impact for now but once you have your code deployed to your customer’s SharePoint environment, it would really look bad and unprofessional to have this appearing in their Site Collection Feature or Manage Site Feature page.

sharepoint feature name bad practice

If you care enough, you will notice that only your custom feature’s name is ending with the numeric “1”. As if there is feature 2 and so on? LOL hell no!

Well, as a new beginner, you will likely to use the SharePoint – Visual Web Part template for a quick start.

sharepoint visual web part

What this template provides by default in the solution is the feature, package and a visual web part. Refer pic below

shareopint default feature name

Please please, remove the “1” and use a proper name.

Note that if you have already deployed your solution to production. After changing the name, you have to retract existing solution by running “Uninstall-SPSolution”, “Remove-SPSolution” and subsequently “Add-SPSolution” and “Install-SPSolution”. You should not use “Update-SPSolution” or else you will hit error deploying it.

Please also use a meaningful description. =)

Feature Image

The next thing I want to talk about is the icon of SharePoint feature. SharePoint by default assign an icon GenericFeature for your feature. As the image name suggested, it is a Generic Feature gif and in order to out stand or brand your feature, I would always like to use a custom image for my feature.

One simple reason is that it makes life easier when there is a lot of features within your SharePoint Site and you need to scroll through the entire list in order to activate or deactivate your feature.

sharepoint long list of feature

How to not miss the “EASY” icon if the color is outstanding enough. You know what I’m trying to say. Outstanding!

The following paragraph describes how you can actually add feature icon into your SharePoint Feature.

First of all, create a good icon for your feature, and put it into your SharePoint Solution.

sharepoint add images mapped folderSimply right click the project, hover to Add and click “SharePoint Images Mapped Folder” (if you already mapped, this option will be grey out)

Once you have it mapped, you can just dump your  images into the mapped image folder and it will automatically be included into your package. The relative URL of your images folder is always starting from “/_layouts/15/IMAGES/”

How to know if it is really going into that URL? You can check by looking into the Property of the Images mapped folder – Deployment Location where it stated “{SharePointRoot}\Template\Images”. This actually goes to your SharePoint 15 hives (SP2013) of your deployed server and if you look into IIS Manager for your SharePoint Web application. This folder is actually mapped as a Virtual Directory with path

sharepoint virtual directory image

Once you have your image prepared in the solution, next step is to tell your Feature to use the image. Easy. Go to your feature element files as shown below.

Simply place your cursor right before the end of the “>” tag and you should see the intellisence starting to show up. At this stage, the attribute that you would need to pick is quite self-explanatory.

sharepoint feature auto suggestion

Insert the ImageUrl. Just remember to make sure the url is correctly populated. Sample as shown below.

sharepoint feature image url example

Once you have it specified correctly, deploy it and you should see that your feature is now with your custom icon. Sample below shows not really a good example, but please use a size that you find fits.

sharepoint feature image output

 

Custom Action Group and Action

Another item that worth mentioning when doing SharePoint development is the Custom Action and Group. Since SharePoint 2010 (not sure about SharePoint 2007). It introduces a new feature where you can inject Stuff (could be links, could be Ribbon action or event Site Action) into certain area of your SharePoint pages.

Basically, the idea is that there is list of area (which it is called Location) in SharePoint where you can add/remove Stuff and within each area, there is another sub-area (which is called Group ID) if you need to further scoping down into a more specific area.

You can refer to MSDN https://msdn.microsoft.com/en-us/library/office/bb802730.aspx for Location and GroupID that you can make use of.

Things can be made easier if you need to display some custom site action or site settings link for your user to access certain page (be it your custom application page or SharePoint OOTB pages where it may not be displayed by default e.g. /_layouts/groups.aspx (Groups Page)).

I’m going to share how to go about doing it.

First of all, go to MSDN link above and identify the Location that you want to use. For the simplicity, let use Microsoft.SharePoint.SiteSettings as a example.

So let assume you want to insert a hyperlink into Site Setting page.

Go to your VS Project, Right click and add new item. Select Empty Element as shown

sharepoint empty element

Pick a nice name and hit Add. Note that once it is added, you can find a file called “Elements.xml” being added. Open it and,

Insert the following code.

sharepoint feature site setting example

 

Things that you need to note here is the GroupId and Location used. I added a Custom Action Group with a custom id, but using a valid Location. Subsequently, create another CustomAction and use the custom GroupId and the same valid Location (You still need to specify the same value as the CustomActionGroup or else it won’t work).

The Sequence in the Custom Action Group tells how earlier you want your group to be rendered in the Location. In the example above, 1 is being the first to render.

sharepoint site setting link

 

Hence it will be at the top of all existing group.

Things get a little bit complicated here if, let say other feature have used the same Sequence number as you did. In this case, the later registered ones will be displayed first.

Like example below. Group A being registered later and hence it is displayed first before the Group B.

sharepoint feature sequence does matters

 

Note that you need not to order the Custom Action xml to below Custom Action Group. SharePoint can still recognize them.

 

I have much more to share but that’s it for today! I hope above info and tips can help giving you some ideas and to be able to build a good SharePoint solution!

 

Read part 2 here

How to bulk insert multiple users into SharePoint People Picker

Sometimes, you will need to add permission or assign multiple users using People Picker field. This post tells you how you can insert multiple user entities using COPY (CTRL + C) and PASTE (CTRL + V).

First of you, make sure your user logins are in claims format. The reason why you need it to be in this format is that the SharePoint People Picker cannot identify of which provider the login if it is not in the full format…

Refer to link here for all the format required.

Append “;” at the back of each login

e.g.

i:0e.t|identity provider|someone@somewhere.com;i:0#.w|domainA\domainuser1;

 

Additonal Note: SharePoint People Picker allows you to quick Check Name by hitting Ctrl + K

SharePoint Permission Back Up and Restore in PowerShell

Hi SharePoint Admins! I’ve recently worked on a module to enhance SharePoint Backup experience. If you haven’t known SharePoint Native Backup enough, please read this.  SharePoint Native backup supports Backup-SPFarm, Backup-SPSite, Backup-SPFarm, Export-SPWeb.

All these approaches backup the actual content of the file and at times requires the entire Site or List to be restored entirely. If you are using Version History feature, recovering file can be made easier by restoring only the mis-updated files. In additional, the introduction of Recycle Bin since SharePoint 2010 has helped many SharePoint Admins (at least for myself) to recover accidentally deleted files without burning much of your time.

However, there is no Version History for Permission. Whatever permission changes that you have made onto a document, library or site do not keep a backup copy for you to restore in the later time. You can tap on third party product to help you on this, downside is, you have to pay for the service. Some 3rd party products that you can find in the markets are like Lightning Tools and AvePoint . (Personally never tried that but I’m more of a Self Fulfilling kind, where everything can be done by my left hand and my right hand. But please don’t get me wrong, paying more for premier service sometimes can be good as it comes with support and service level assurance)

So much for the introduction, now let’s go into the script!

I uploaded my script to CodePlex – PowerShell to backup/restore SharePoint Webs, Libraries, Folders and Files and inside the source code, you can find two powershell script, namely BackupPermission.ps1 and RestorePermission.ps1.

You would first run the BackupPermission.ps1. This backuppermission.ps1 generates a Permission.xml file that you gonna need it for the RestorePermission.ps1 later.

What this Backuppermission.ps1 does is to loop through your entire SharePoint Farm for Site Collections. Subsequently, for each of the site collection, it back up its Root Web permissions and Sub Web permissions. After backing up the web level permission, it goes to back up all document libraries permission, folder permission within each library and optionally (turn on by default) files permission.

Why do I need to care about backing up the permission? Well, there may have many reasons for that but below are just some for myself…

  1. You screw up the permission and can’t afford to restore the SharePoint Site Collection (cause only Backup-SPFarm was running DAILY)
  2. You do not want to inform the user for backup recovery cause the user will scream at you if the data that you going to restore has been modified by the user.
  3. You do have full confidence to run SharePoint Native Restore-SPSite as you all know, some times it doesn’t Work. Some how.. (MS, no offense on this, well, it does work most of the time but reason 1 superseded this)
  4. You accidentally RESET or Hit the “Delete Unique Permission” button when trying to change a WEB permission. Refer to my previous post on why this will kill your document permission.

 

Here I’m gonna talk about the Permissions.xml that is generated by my BackupPermission.ps1. You can always change the XML to suit your backup needs. Things like Restoring only partial of your Site Collection, restoring only a document library and even up to only a folder or file. By default, if a entity does not contains <RoleAssignments> node, the RestorePermission.ps1 script will bypass updating the permission and it will remains as its current stage (could be Inherting its parent permission or already broken permission. no changes will be done).


<?xml version="1.0" encoding="UTF-8"?>
<SharePoint>
 <Sites>
  <Site>
   <Url>https://mysharepoint.com</Url>
   <RootWeb>
    <Title>SharePoint Portal</Title>
    <Url>https://mysharepoint.com</Url>
    <RoleAssignments>
     <RoleAssignment User="i:0#.w|contoso\appadmin">
      <RoleDefinitionBindings>
       <RoleDefinition Name="Full Control"/>
      </RoleDefinitionBindings>
     </RoleAssignment>
     <RoleAssignment Group="SharePoint Portal Owners">
      <RoleDefinitionBindings>
       <RoleDefinition Name="Full Control"/>
      </RoleDefinitionBindings>
     </RoleAssignment>
     <RoleAssignment Group="SharePoint Portal Visitors">
      <RoleDefinitionBindings>
       <RoleDefinition Name="Read"/>
      </RoleDefinitionBindings>
     </RoleAssignment>
    </RoleAssignments>
    <Lists>
     <List>
      <Title>Documents</Title>
      <RootFolder>
       <Name>Documents</Name>
       <Url>Documents</Url>
       <SubFolders>
        <Folder>
         <Name>Folder A</Name>
         <Url>Documents/Folder A</Url>
         <RoleAssignments>
          <RoleAssignment Group="SharePoint Portal Owners">
           <RoleDefinitionBindings>
            <RoleDefinition Name="Full Control"/>
           </RoleDefinitionBindings>
          </RoleAssignment>
          <RoleAssignment Group="SharePoint Portal Visitors">
           <RoleDefinitionBindings>
            <RoleDefinition Name="Read"/>
           </RoleDefinitionBindings>
          </RoleAssignment>
          <RoleAssignment Group="SharePoint Portal Members">
           <RoleDefinitionBindings>
            <RoleDefinition Name="Contribute"/>
           </RoleDefinitionBindings>
          </RoleAssignment>
         </RoleAssignments>
        </Folder>
        <Folder>
         <Name>Folder B</Name>
         <Url>Documents/Folder A - Copy (8)</Url>
        </Folder>
       </SubFolders>
       <Files>
       </Files>
      </RootFolder>
     </List>
    </Lists>
    <Webs>
    </Webs>
   </RootWeb>
  </Site>
 </Sites>
</SharePoint>

What you are seeing above basically showing a backup xml that if you restore using this, only 1 site “https://mysharepoint.com” will be processed.  The permission of this site will have the following permission

  • appadmin (SPUser) – Full Control
  • SharePoint Portal Owners (SPGroup) – Full Control
  • SharePoint Portal Visitors (SPGroup) – Read

Subsequently, the script will continue to loop and restore List (in my backup script, this node stores only document libraries.) with Title “Documents” which is inheriting parent permission.

Folder “Folder A” within this document library will have unique permission while “Folder B” will inherit library permission which follows the Web permissions.

 

Well if you don’t really care at all, simply running BackupPermission.ps1 and RestorePermission.ps1 should be able to help you recovering you web permission.

To complete the entire process, set a Task Scheduler job to backup your farm permission regularly!

SharePoint Limited Access Permission – Careful when using BreakInheritance

This post is for SharePoint Developer or Admin who deals with SharePoint APIs (PowerShell or C#)

I have recently discovered a killing command from SharePoint that could kill your SharePoint Day. At times, you will need to configure a Unique permission to document/file for Content Sharing purposes. Typical feature which your end user will ask is to Share a certain document or folder to only certain group of people. Although it is recommend to Share using SharePoint Group which more manageable when it comes to a big Content management system, sometime you prefer to make a easier way out by just assigning to the Individual Users. (Less group to manage and you CAN Afford to loss the permission when things go wrong… and yes, this post will tell you why and how it goes wrong)

With much user friendly SharePoint “Share With” feature, you could break inheritance, grant new user permission so on and so forth. You can’t stop user from doing it, cause it is so apparent nowadays in SharePoint 2013

break and grant permission

Or you can run PowerShell script to Get the ListItem (or to be precise, SPSecurableObject Base Type object), subsequently execute  $object.BreakInheritance($false) and start adding SPRoleAssignment object.

If you have noticed this API

void ISecurableObject.BreakRoleInheritance(bool copyRoleAssignments)

 

This command allows you to quickly remove all existing RoleAssignment (from inheriting parent object permission) and so you can start adding Custom permission that you desired.

Important! This is Extremely Dangerous. Why? Because if you carefully loop into the $object.RoleAssignments (SPRoleAssignmentCollection) property, you will discover that some role definition bindings are named “Limited Access”. In SharePoint 2010, you can easily notice this definition through the permission setting page whereas in SharePoint 2013, it is hidden by default (which is more scarier cause you didn’t even know its existence).

Why is this Limited Access permission? There are many articles out there telling you why and why. I’m not gonna cover that here.

But if you really intend to so-called Cleanse the messy permission list that you have already added, the advice is Don’t.

Let me give you an example of how this BreakInheritance way of breaking parent permission can cause you problem.

By executing BreakInheritance(False), you are technically removing ALL Role Assignments from this object, which include the Limited Access permission granted automatically by SharePoint. You will usually see a lot of limited access for Document library and Web, cause the children within it are likely to be requested (by user) to have unique custom permission.

reset and break with false

 

For Example

  • Web 1 
    • Document Library A
      • Folder a (Break inheritance)
        • File
      • Folder b 

Assuming you have a “Folder a” with broken inheritance permission for UniqueUserA. Upon granting this unique permission, SharePoint automatically creates a Role Assignment for UniqueUserA with “Limited Access” permission to Web1 because Document Library A is inheriting permission from Web1 and hence it is added into Web1 instead.

Somehow or other, you need to change/script to change the permission for Web 1 object up there (the one with Limited Access), by purging the limited access granted to UniqueUserA. the permission that you granted previously to “Folder a” will be DELETED automatically! Yes, Automatically, seamlessly, without-your-knowingly.

And what is going to happen after that? Your lovely user UniqueUserA will send email you, telling you that he has no permission to access files or folder a. Not to mention if you have many Unique permission granted for sub folders within that document library.

Now, the Task you need to ask yourself is – How to still be able to remove existing permission while preserving the Unique configured child permission.

I came out with a simple PowerShell script that allows me to clear the permission. I think it can be easily translated into C# for code behind implementation.


#############################################################################
# Clearing Permission while keeping Limited Access user - Important #
#############################################################################
function ClearPermission
{
 Param([Microsoft.SharePoint.SPSecurableObject]$obj)

 $roleAssignments = $obj.RoleAssignments;
 $count = $roleAssignments.Count;
 for($i = 0; $i -lt $count ; $i++)
 {
  $roleAssignment = $roleAssignments[$i];
  $bindingCount = $roleAssignment.RoleDefinitionBindings.Count
  $clearCounter = 0;
  for($j = 0; $j -lt $bindingCount ; $j++)
  {
   $roleBinding = $roleAssignment.RoleDefinitionBindings[$clearCounter];
   if($roleBinding.Name -ne "Limited Access")
   {
    $roleAssignment.RoleDefinitionBindings.Remove($clearCounter);
   }
   else
   {
    $clearCounter++;
   }
  }
 }
 $obj.Update();
}

What it simply does is to loop through the Role Assignment Collection and delete only Binding with definition of Limited Access. Note that I do not loop via ForEach loop as when you looping the collection, you cannot delete the object within the collection. You can try and you will end up seeing error.

How to use:


Add-PSSnapin Microsoft.SharePoint.PowerShell

$w = Get-SPWeb https://yoursite

ClearPermission $w;

#add your unique permission here.

#additional code to add role assignement (permission)

$user = $w.EnsureUser("domainX\LoginNameY");

$roleAssignment = New-Object Microsoft.SharePoint.SPRoleAssignment($user);

$roleDefinition = $w.RoleDefinitions["Full Control"]

$roleAssignment.RoleDefinitionBindings.Add($roleDefinition)

$w.Update();

Hope it helps

Scripting your SharePoint Farm Backup with PowerShell in Task Scheduler

Hi guys,

Today, I would like to share one of the SharePoint admin must-do deployment steps which is to configure a task scheduler and to backup your SharePoint Farm. Note that this is working for both 2010 and 2013 environment.

Also, I’m leveraging this SP Farm Backup script created by good people (thanks for making this powerful and useful script). Please ensure that you have downloaded them and configure the params.xml file base on your corporate needs.

For the interest of those who want to just reference my configuration, below are the xml I used for my SharePoint Farm


<?xml version="1.0" encoding="utf-8"?>
<backup version="2.3">
 <params>
 <backupserver>SERVER_HOST_NAME</backupserver> <!-- Name of server if backup share is on remote server -->
 <sendemail>TRUE</sendemail> <!-- Option: TRUE/FALSE -->
 <smtpserver>SMTP_IP</smtpserver>
 <environment>My SharePoint (Staging)</environment>
 <emailfrom>yihaa_5@hotmail.com</emailfrom>
 <emailto>yihaa_5@hotmail.com</emailto> <!-- Multiple recipients must be comma separated -->
 <emailcc></emailcc> <!-- Multiple recipients must be comma separated -->
 <backupwebconfigonly>FALSE</backupwebconfigonly> <!-- IMPORTANT: If set to TRUE then web.config is backed up and NOT Virtual Directories -->
 <exportsolutions>TRUE</exportsolutions> <!-- Option: TRUE/FALSE -->
 <backupiis>TRUE</backupiis> <!-- Option: TRUE/FALSE -->
 <backupgac>TRUE</backupgac> <!-- Option: TRUE/FALSE -->
 <backupulslogs>TRUE</backupulslogs> <!-- Option: TRUE/FALSE -->
 <backup14hive>FALSE</backup14hive> <!-- Option: TRUE/FALSE -->
 <backupfulldays>Sunday</backupfulldays> <!-- Used in conjunction with option 1 of backupoption - Days must be comma separated -->
 <backupthreads>1</backupthreads> <!-- Option: 1 to 10 -->
 <backupsites>TRUE</backupsites> <!-- Option: TRUE/FALSE -->
 <includemysites>FALSE</includemysites> <!-- Option: TRUE/FALSE -->
 <backupconfigonly>FALSE</backupconfigonly> <!-- Option: TRUE/FALSE -->
 <backupshare>FarmBackup</backupshare>
 <backupoption>0</backupoption> <!-- Option: 0/1/2 -->
 <daystoretain>30</daystoretain> <!-- No. of days backups to retain (Must be greater than 1 day. Default: 7 days)-->
 </params>
</backup>

The key consideration of the above configuration is on the number of days to retain (daystoretain). You would need to really consult your technical manager in order to craft out the backup data retention period.

Once you have the SP Farm Backup script ready,  create a text file name “CreateTaskSchedulerForSPBackup” and subsequently change the extension to “.ps1” file (PowerShell extension).

Copy the below PowerShell script into the newly created CreateTaskSchedulerForSPBackup PowerShell


$A = New-ScheduledTaskAction -Execute "F:\TaskScheduler\Farm-Backup.bat" -WorkingDirectory "F:\TaskScheduler\"
$T = New-ScheduledTaskTrigger -Daily -DaysInterval 1 -At (Get-Date).Date
$S = New-ScheduledTaskSettingsSet

Register-ScheduledTask -Action $A -User "$($env:USERDOMAIN)\spfarmadmin" -Trigger $T -Settings $S -Force -TaskName "SharePoint Farm Backup" -RunLevel 1 -Password "xxxxxxxx"

For above PowerShell, there are certain things that you need to change based on your environment.

Farm-Backup.bat Path

It is assuming that you have copied all the SP Farm Backup downloaded script (together with your params.xml) into F:\TaskScheduler\ Folder of the server running the task scheduler. You only need to configure Task Scheduler in 1 of your SharePoint server only.

Task User Account

For most of the environment, your SP Farm Admin account is not always the local admin account where you access the server and create the task schedule. You will have to explicitly specify the Farm Admin account in the PowerShell as well as the Password of this account so that when the task is running, it takes in the Farm Admin account to perform Backup.

You need to use Farm Admin account to execute the backup script. Else you will hit access denied during the backup job.

Note that your password is entered in plain text. If you wish not to dispose the Password in Script. You can refer to last section on how to do it.

Backup Directory

It is also assume that you have created a Shared Folder in the server where you want to store the backup files. It must be a Network Shared Folder. In my example, it will be in “\\SERVER_HOST_NAME\FarmBackup” . 

Few things you need to consider when creating this shared folder:

  • Central Admin app pool account must have read/write access to the location of the backups.
  • SQL Service account must have read/write access to the location of the backups.
  • When running a farm backup from STSADM or Windows PowerShell, the account you’re running it as must have read/write access the location of the backups.
  • The location must be accessible from the SharePoint machine the backup is running on.
  • The location must be accessible from the SQL instance that SharePoint is trying to back up.

automated task scheduler for SharePoint Backup

Now that you have the script, kindly open PowerShell with Administrator rights in the server where you want to create the Task Scheduler.

Run the CreateTaskSchedulerForSPBackup.ps1

To double check if the task is created successfully, you go to Task Scheduler (taskschd) and check. The task “SharePoint Farm Backup” will be created.

automated task scheduler for SharePoint Backup output

How to avoid storing password into PowerShell Script.

As mentioned just now, you may want to avoid storing your password into the PowerShell Script.

In order to do that, you can use the PowerShell Script below to archive that.


$password = Read-Host -AsSecureString "Enter your password and hit Enter"
$bstr = [Runtime.InteropServices.Marshal]::SecureStringToBSTR($password)
$plainPassword = [RunTime.InteropServices.Marshal]::PtrToStringAuto($bstr)

Register-ScheduledTask -Action $A -User "$($env:USERDOMAIN)\spfarmadmin" -Trigger $T -Settings $S -Force -TaskName "SharePoint Farm Backup" -RunLevel 1 -Password $plainPassword

Save the CreateTaskSchedulerForSPBackup.ps1 and reruns it via PowerShell.

I hope the script to create task schedule can save you some time. It happens to me that manually creating Task Scheduler can be very error prone as there are many clicking in the Task Scheduler UI, repeating the same creation steps in difference farm environment can be very tedious too.

PowerShell script to test SharePoint Send Mail

Thought it would be good to share some of my script to the public

Copy the below script and save as .ps1 file. Run it in SharePoint Management Shell with Admin Rights.


$webUrl = Read-Host "Enter SharePoint Web Url, e.g. https://sharepoint.com"

$web = Get-SPWeb $webUrl;

if($web)
 {
 $header = New-Object System.Collections.Specialized.StringDictionary
 $to = Read-Host "Enter Email TO address (e.g. abc@def.com) "
 $header.Add("To",$to);
 $header.Add("From","ahcheng@ahcheng.com")
 $subject = Read-Host "Enter Email Subject "
 $header.Add("Subject",$subject);
 $header.Add("content-type","text/html");

$body = Read-Host "Enter Email Body Content "
 $sent = [Microsoft.SharePoint.Utilities.SPUtility]::SendEmail($web,$header,$body);
 if($sent)
 {
 Write-Host -f Green "Email ($to) Sent successfully"
 }
 else
 {
 Write-Host -f Red "Email failed to send"
 }
 }

Facebook Access Token Request does not work in IE 8

Integrating Facebook Feeds to your Web Application could be a very common thing nowadays. Supporting this integration across different browser could be a headache for most developers out there. Including me myself.

At the end of this session, you will know how to perform an AJAX request to query Facebook feeds access token at client side which support IE 8 Browsers and all other Modern browsers. Using jQuery 1.9

Note: You can only do client side query if your web servers are not having internet connectivity to Facebook. Especially “graph.facebook.com” where you perform access token retrieval and Graph API.

First of all, you need a jQuery and Facebook JS like this

<head>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js"></script>
</head></pre>
<body>
 <div id="fb-root">
 <script type="text/javascript" src="https://connect.facebook.net/en_US/all.js"></script>
 </div>
...
</body>

And then you need this to initialise FB SDK

<script type="text/javascript">
var access_tokenParam = ""; //to store the access token
var appId = "" // YOUR APP ID HERE
var appSecret = "" //APP SECRET;

window.fbAsyncInit = function () {
 FB.init({
 appId: appId, //App Id
 status: true,
 xfbml: true
 });

};
</script>

Lastly, you need create a Facebook App (if you have not) for an App ID and App Secret key. You can get it here App DashBoard

Note that you need to set your App to use the testing domain URL. In my cases, i use “facebooktest.com”

facebook app dashboard setting

Not to forget to map this URL to your 127.0.0.1 in hosts file (C:\Windows\System32\drivers\etc\hosts)

127.0.0.1 facebooktest.com

To share what happened before i come to a workaround, below are the JavaScript to obtain Facebook access token to perform Graph API. THIS WORKS in all other browser EXCEPT Internet Explore 8.


$.support.cors = true; //

$.ajax({
 type: "POST",
 url: "https://graph.facebook.com/oauth/access_token",
 cache: false,
 data: {
 "client_id": appId,
 "client_secret": appSecret,
 "grant_type": "client_credentials"
 },
 error: function (xhr, status, error) {

//ERROR THROWN TypeError: Access is Denied for IE8
 },
 success: function (response) {

 },
 complete: function (request, textStatus) {
 if (request.responseText != null) {
 access_tokenParam = request.responseText.split('=')[0] + "=" + escape(request.responseText.split('=')[1]);
//access_tokenParam will be the token that you will then be used for subsequently Graph call
 }

}
 });

If this script runs on IE 8, you will hit TypeError: Access is Denied This is due to IE 8 does not use the XMLHttpRequest, but an alternative object named XDomainRequest. Some googling suggested using JSONP. Alright, lets try.

$.ajax({
 type: "POST",
 url: "https://graph.facebook.com/oauth/access_token",
 cache: false,
 dataType: "jsonp",
 data: {
 "client_id": appId,
 "client_secret": appSecret,
 "grant_type": "client_credentials"
 },

error: function (xhr, status, error) {

//ERROR Thrown "Parseerror" in IE8 AGAIN...
 });

The above both attempts to get the access token failed in IE8. After digging deeper to Facebook Documentation, i found this

There is another method to make calls to the Graph API that doesn't require using a generated app token. You can just pass your app id and app secret as the access_token parameter when you make a call:
http://graph.facebook.com/endpoint?key=value&access_token=app_id|app_secret
The choice to use a generated access token vs. this method depends on where you hide your app secret.

Holy cow…

What you need to do is just setting your access token as per below

access_tokenParam = “access_token=XXX|YYY”

where XXX is your App ID and YYY is your App Secret. e.g. “access_token=778487422177917|gu_TZwkQe5jtBj7VvZpMJX8odlx”

don’t try to use it, it is not valid =)

Knowning that the Access Token needs not to be provided by Graph, you may then perform API call like this (taking my posts as example)


access_tokenParam = 'access_token=' + appId + '|' + appSecret;
renderFBNewsFeed('yihaa5', access_tokenParam);

function renderFBNewsFeed(id, access_tokenParam) {
 var url = '/' + id + '/posts?' + access_tokenParam;
 FB.api(url, { return_ssl_resources: 1 }, function (response) {
 if (response.data) {
 var html = "";
 for (var i = 0; i < response.data.length; i++) {
 var obj = response.data[i];
 var fakeTitle = obj.name ? obj.name : (obj.story ? obj.story : obj.message );
 var fakeDes = obj.description? obj.description : obj.caption;
 html += "<h2>" + fakeTitle + "</h2>";
 html += "<h3>" + fakeDes + "</h3>";
 }
 $("#fbNewsWrapper").html(html);
 }
 });

}

You can find the entire html file here Hope it helps!

SharePoing Global Navigation for SubSite not showing Parent Sites Nodes

Despite setting the properties “UseShared” for SPWeb object to “True”, it does not show the correct Parent’s Global Navigation nodes.

I have this requirement where the subsites (3rd level, where 1st level being the root web) in second level web (which is also inheriting from root web) needs to display the global navigation nodes.

After trying


mySubSite.Navigation.UseShared = true;

it does not show the actual parent’s global navigation, instead, it shows “[Portal Name]” which redirect to root web’s home page. If you go to “Site Settings” > “Navigation” and click “Save” button, it will subsequently show the correct nodes. Meaning, doing it in UI is fine but doing it programmatically is NOT OKAY!.

After digging into the Microsoft.SharePoint.Publishing.dll. I found this is the workaround.

 Microsoft.SharePoint.Publishing.Navigation.WebNavigationSettings settings = new Microsoft.SharePoint.Publishing.Navigation.WebNavigationSettings(web);
 settings.GlobalNavigation.Source = Microsoft.SharePoint.Publishing.Navigation.StandardNavigationSource.InheritFromParentWeb;
 settings.Update();
<pre>

This will then make the subsite showing the correct one.