Sunday 23 November 2014
SharePoint 2013: User Profile Syncronization - Direct Active Directory Import
As all you know many changes has been made on SharePoint Server Application Services. The Search Service Application and also the User Profile Synchronization Service has been many many times improved on the new version of SharePoint.
But now, on the new version with SharePoint 2013 there is something called “Direct Active Directory Import”
The main novelty lies into the synchronization of properties of users in the corporate directory (Active Directory only) with the ability to import it directly.
So concrete? The direct import can synchronize the SharePoint user profiles with Active Directory without using Forefront Identity Manager (FIM), as was the case with SharePoint 2010.
To explain it as simple possible: “Direct Import from Active Directory which is designed to import the AD profile as quickly as possible.”
Are the benefits??? A big “YES”.. Not using FIM :-) ! Witch Administrator has never had a problem with this service application? Problems with the “Starting” User Profile Service Applications? .. It’s all over now
But there are also some limitations:
- Mapping to system SharePoint properties is not supported.
- Mapping two different AD attributes to the same SharePoint property is not supported
Configure the type of import, configure the connection to the directory and then run the Syncronization ... And that’s all.
According to that article, the following script snippet can be used to enable AD Import mode in SharePoint Server 2013: Only the OU setting is removed when you run the Remove-SPProfileSyncConnection cmdlet in SharePoint Server 2013
$UPSA=Get-SPServiceApplication -Name
"<User Profile Service Application Name>"$UPSA.NoILMUsed=$true$UPSA.Update()The User Profile Replication engine is a optional component of SharePoint Server 2010 and is part of the SharePoint Administration Toolkit. It replicates User Profiles and social data between User Profile service applications.
The User Profile Replication Engine ( UPRE ) who was a separate download tool comes as an out-of-the-box feature on SharePoint Server 2013
It comes very handy when you have a Development, Q&A and Production environment. In stead of building it all again from scratch, you can replicate all or some user profiles.
Reference:
http://social.technet.microsoft.com/wiki/contents/articles/15958.sharepoint-2013-user-profile-syncronization-direct-active-directory-import.aspx
How to schedule User Profile Incremental Synchronization in SharePoint 2010 using Power shell
In this article we will be seeing how to schedule User Profile Incremental Synchronization in SharePoint 2010 using Power shell.
In SharePoint 2010 User Profile Service Application once you have configured the synchronization connections, you can schedule the User Profile Incremental Synchronization by going to Application Management => Manage services applications => User Profile Service => Synchronization => Configure Synchronization Timer Job.
The same thing can be done using powershell commands.
Get-SPTimerJob is used to return timer jobs.
Get-SPTimerJob returns all the timer jobs with Name, Schedule and Last Run.
The following one is used to display the Name and the Display Name.
The following one is used to display the timer job status of a particular service application.
UserProfile_ProfileImportJob => is the timer job for User Profile Incremental Synchronization.
Scheduling the User Profile Incremental Synchronization:
Get-SPTimerJob UserProfile_ProfileImportJob | Set-SPTimerJob -Schedule "weekly at sat 7:00" | Start-SPTimerJob
Schedule:
Specifies the schedule for running the timer job.
The type must be a valid SharePoint Timer service (SPTimer) schedule in the form of any one of the following schedules:
- Every 5 minutes between 0 and 59
- Hourly between 0 and 59
- Daily at 15:00:00
- Weekly between Fri 22:00:00 and Sun 06:00:00
- Monthly at 15 15:00:00
- Yearly at Jan 1 15:00:00
Reference:
http://www.c-sharpcorner.com/uploadfile/anavijai/how-to-schedule-user-profile-incremental-synchronization-in-sharepoint-2010-using-power-shell/
How to Configure Send to Connections in SharePoint 2010
SharePoint 2010 introduced a new feature called Content Organizer. This article will introduce how documents flow through the Content Organizer and how users can create and manage rules.
1. Content Organizer is a site level feature. Navigate to Site Actions => Site Settings => Site Actions =>Manage site features.
2. Activate the feature Content Organizer.
3. Once this feature is activated, you will see two options, Content Organizer Settings and Content Organizer Rules, under the Site Administration section
4. A new document library called Drop Off Library will also be created in the location you will be adding documents to.
These documents will be moved to the target library based on Content Organizer rules.
5. A new content type will be created for Content Organizer rule as follows:
6. Let’s look at the Content Organizer rules.
First navigate to Site Actions => Site Settings => Site Administration =>Content Organizer Rules.
Enter a name for your rule. In my example I call my rule “Example rule”.
In the Submission’s Content Type section select the Content type: Group and Type.
7. In the Conditions section, set the Property- based condition for the rule and select the Target location where you want to save the document based on the rules conditions.
8. Click the OK button and a new rule will be created successfully.
9. Now let’s see if it works. Add a document to the Drop Off Library and enter the title Example rule, or the title that you created.
10. If the rules condition is met, in my example “Title is equal to Example rule”, then a message will pop up as follows:
11. The document will be saved in Shared Documents.
12. If the condition is not met:
13. Then a similar message will pop up as follows:
14. But the document will be added to the Drop Off Library and NOT added to the Shared Documents library.
Reference:
http://www.boostsolutions.com/blog/how-to-create-content-organizer-rules-in-sharepoint-2010/
Adding and Deploying Solutions with PowerShell in SharePoint 2010
Visual Studio 2010 makes it really easy to add and deploy solutions when you are developing, but you may eventually want to deploy those solution packages elsewhere right? We can still use stsadm, but that is effectively considered deprecated now in favor of PowerShell. In the past to add a solution, we used an stsadm command like the one below. In today’s example, we’ll be working with a package called SharePointProject2.wsp on my server named sp2010.
stsadm –o addsolution –name SharePointProject2.wsp
To get started with PowerShell, run the SharePoint 2010 Management Console located in your Microsoft SharePoint 2010 Products folder on your start menu. This automatically loads the Microsoft.SharePoint.PowerShell snappin so that we can execute SharePoint commands. To install a solution we use the Add-SPSolution command. If you are using a Sandboxed solution you would use Add-SPUserSolution instead. It takes just one parameter, –literalpath, which is the path to the solution file. One thing that is different is that you must specify the full path to the file for some reason. I haven’t been able to get it to take a path to the solution in the current folder even if I make use of .\ before the filename. Here is an example.
Add-SPSolution c:\code\SharePointProject2\bin\debug\SharePointProject2.wsp
In this case you don’t actually have to type –literalpath before the parameter. This is what it looks like when executed. You can see that it displays the id of the solution along with its deployment status.
Now we need to deploy the solution. In the past, we used an stsadm command like the following.
stsadm –o deploysolution –name SharePointProject2.wsp –url http://moss-server –allowCasPolicies –immediate
We would also follow this up with a call to stsadm with the execadmsvcjobs operation. To do the same operation in PowerShell, we use the Install-SPSolution command (again use Install-SPUserSolution for Sandboxed solutions). You can use the Get-Help command (i.e.: Get-Help Install-SPSolution) to get more information on a command but it’s not always obvious what it is expecting as you can see below. That is why I am writing the post today.
The first parameter you need is the –Identity parameter. This is the name of the solution package (i.e.: MySolution.wsp). Depending on if you are using the GAC or Code Access Security, you will specify either –GACDeployment or –CASPolicies. You then need to specify a specific web application using the –WebApplication parameter or –AllWebApplications to deploy it to all web applications (assuming the manifest allows it). If you need to force the deployment, you can still use the –Force command. Here is what an install command might look like.
Install-SPSolution –Identity SharePointProject2.wsp –WebApplication http://sp2010 -GACDeployment
I’ll point out that executing this command actually does do the deployment operation. You don’t have to fire off something to execute a job later like you did with stsadm.
You might want to update your solution, so we’ll talk about how to do that as well. Here is what your stsadm command might have looked like in WSS3. Which would also be followed up with an execadmsvcjobs operation.
stsadm –o upgradesolution –name SharePointProject2.wsp –filename SharePointProject2.wsp –immediate –allowCasPolicies
The upgrade solution syntax is similar to the others. We just have to specify an identity and a literalpath with the Update-SPSolution command. The identity is the name of the package on the server to upgrade and the literalpath is the full path to the new solution package on the file system. Here is what that might look like.
Update-SPSolution –Identity SharePointProject2.wsp –LiteralPath c:\code\SharePointProject2\bin\debug\SharePointProject2.wsp –GACDeployment
We’ve talked about everything else, so we’ll finish it up by talking about retraction and removal. To retract a solution we use the Uninstall-SPSolution command. By now you are probably noticing a pattern in the way things are named. Install –> Deploys, Uninstall –> Retracts. It also just uses the -Identity parameter and the –WebApplication parameter. You can also use the –AllWebApplications parameter to retract it from all web applications. Many of these commands may prompt you with an “Are you sure?” type prompt. You can skip this prompt by adding a –confirm parameter. Here is what it looks like.
Uninstall-SPSolution –Identity SharePointProject2.wsp –WebApplication http://sp2010
Lastly, to remove the package from the solution store, we use the Remove-SPSolution command. It just takes the name of the package.
Remove-SPSolution –Identity SharePointProject2.wsp
I hope this helps. If you’re like me, it’s one thing to see the docs on something, but I like to see real examples. There aren’t any examples in the Get-Help command yet. This should cover all of the common commands that you probably used to used with stsadm in regards to solution deployment. The nice thing is that you can script these things together very easily and create highly flexible PowerShell scripts. Expect a few more posts soon on the basics of working with PowerShell and SharePoint 2010.
To learn more about using PowerShell with features, see Activating and Deactivating Features with PowerShell
Reference:
http://www.dotnetmafia.com/blogs/dotnettipoftheday/archive/2009/12/02/adding-and-deploying-solutions-with-powershell-in-sharepoint-2010.aspx
Customize SharePoint URL using AAM and DNS
1. Configure DNS
- Open DNS Manager
- Navigate to respective forward lookup zone.
- Create a CNAME record by right clicking in the zone and selecting “New Alias (CNAME)”
Once you add the CNAME you can see an entry as below.
- Update Group Policy
- Check connectivity from CNAME record
2. Configure IIS
If the web application is hosted in port 80 you don’t have to edit the IIS host header as you will be redirected to port 80 when enter the CNAME.
If you are using a different port other that 80 you might have to IIS website.
- To add an entry right click the web site in IIS manager, then select edit bindings.
- Add Host name and Port. Note that you should CNAME record and the Host Name should be identical.
3. Add Alternate Access Mapping in SharePoint Central Administration
Central Administration -> Application Management -> Configure Alternate Access Mapping -> Edit Public URLs
Select the web Application, then add the URL to Preferred zone.
Now you can access SharePoint site by entering the Customized URL (CNAME).
Reference:
http://min2dmax.wordpress.com/2012/06/15/customize-sharepoint-url-using-aam-and-dns/
How to Setup DNS For SharePoint Site
Follow the steps below if you need to know how to set up DNS for a SharePoint site.
- Go to Central Administration
- Go to Operations tab. Under Global Configuration section, select Alternate access mappings
- On Alternate Access Mappings page, click on Edit Public URLs
- Select Alternate Access Mapping Collection, i.e. your newly created website
- Under Intranet type in the internal web address that you would like for your site
- Under Internet type in the external (public) web address that you would like for your site
- Click “OK” when finish”
- Remote desktop to the MOSS server farm where your SharePoint site was deployed
- Go to IIS Manager
- Expand the Web Sites folder, right click on your website
- On the Web Site tab, click on the Advanced button. Click “Add” button
- On the Add/Edit Web Site Identification screen modify to suit your site according to the following: IP address: (All Unassigned)
- Click OK to save all changes
- On the Web Site tab, click on the Advanced button. Click Add.
- On the Add/Edit Web Site Identification screen modify to suit your site according to the following: IP address: (All Unassigned)
- Click OK to save all changes. (OK for couple of screens so that you are looking at main IIS Web Sites folder)
TCP port: 80 (has to be 80)
Host Header value: (This is the external/public address of your website that was entered in step 6)
TCP port: 80 (has to be 80)
Host Header value: (This is the internal address of your intranet website that was entered in step 5)
Testing that the DNS works
- On your local machine, open Windows Explorer
- Go to C:\WINDOWS\system32\drivers\etc folder and open up the hosts file.
- Add the IP address entry corresponding to your website i.e. xxx.xxx.xxx.xxx <extranet/intranet URL>
- Save the file
- Open IE browser and type in the extranet/intranet URL to check that you can access the site. If you can view the site, then you have setup DNS.
Reference:
http://sharepointdotnetwiki.iblogger.org/2009/12/dns-setup-in-sharepoint/
Fully configure host header for Web application (Step-by-Step)
Host header (aka domain names or host
names) lets you assign more than one site to a single IP address on a
web application hosted in the IIS Web server. In SharePoint, you may
need specific name for your website e.g. http://thuansoldier.net/
instead of an ugly URL like http://thuansoldier:32431. Having a friendly
URL probably makes your end-users much easier to access SharePoint.
They don’t have to remember the port number
In this article, I’m going to show you how
to configure Host Header in SharePoint through DNS configuration and
IIS. You can also use PowerShell script I’ve written here.
Create new Web application
Open Central Administration > Application Management > Manage web applications (under Web Applications). Click New in Ribbon.
Select Classic Mode Authentication by default but you can go with claims-based authentication to leverage tons of capabilities from it. Under Name,
type the name of the new Web application. Use default port 80 as it
will be used through HTTP. You can select another port but make sure it
doesn’t conflict with any common port (e.g. 21..). Under Host Header, type the full domain of the web application you are going to use.
At Security Configuration settings, keep all by default all.
Use existing application pool (optional) Under Database Name at the Database Name and Authentication, remove GUID and keep the name of content database as simple as possible.
Select service application connection if you have and then click OK to create new Web application.
Register the host header in DNS Server
In DNS server, create new host A by click New Host (A or AAA)
Type host name under Name, and the SharePoint server’s IP address. Click Add Host.
Configure host header for a Web application
In IIS Manager, right click the Web application you need to assign host header to and then click Edit Binding. In Site Bindings dialog box, click Edit. At IP address option, select IP address of the SharePoint server. Under Host name, type your host name. Click OK.
Open Central Administration > Application Management, under Web Applications , click Configure alternate access mappings. Verify that the URL for the default zone is set correctly.
However, when you open portal.ict24h.net whether in Internet Explore 8 or Mozilla Firefox 3.5, you will encounter 404 Page Not Found error. What’s up? Yes, you haven’t created Site collection in your Web application yet.
At Central Administration, click Application Management > Create site collections (under Site Collections). Please notice your Web application that you have just created namely portal.ict24h.net.
I want to share basics in this post because I saw some questions about it in SharePoint 2010 – Setup, Upgrade, Administration and Operation.
I hope this post helps everyone.
Reference:
http://thuansoldier.net/?p=1323
Best Practices to Change App Pool Account for SharePoint Web Application
Updating SharePoint Web Application Pool is one of the most common actions for SharePoint administration. I have repeatedly seen many SharePoint administrators and my fellow colleagues updating their SharePoint web application pool in the IIS and later realizing that their SharePoint content application is inaccessible and throws “Cannot connect to the configuration database” error.
The real reason behind this is when you create web application either through PowerShell or central admin, SharePoint configures application pool information at many different locations including machine level permissions, IIS, and database permissions. If you ever want to manually change the application pool, you must be aware of what really happens under the hood and visit all the different locations to change application pool manually. As you may think, manually changing all these machine level settings is tedious, error-prone, and requires better option. Luckily Microsoft has provided better option as manage service accounts page on the central administration site. It is best practice to change content web application pool or even service web application pool from the central administration to ensure SharePoint Content Web application runs smoothly.
You can use following step by step guide to change application pool for the given SharePoint web application. Additionally, it would walk you through what really happens under the hood and where SharePoint makes necessary changes to ensure Application Pool is configured properly.
Pre-requisites
- New AppPool account must be Domain User Account (e.g. Niks\SPAppPool)
- New AppPool account must register as SharePoint Managed Account
Changing Application Pool from the Central Administration
Visit Manage Service Accounts page on the central administration to change the application pool.
Run the IISReset after updating application pool to ensure all the configuration settings has been updated to access SharePoint Web Application correctly.
What really happens under the hood?
After you change the application pool through central administration, SharePoint automates various configuration settings changes at the machine level, IIS, and SQL Server.
- SharePoint Web Application App Pool in IIS
- Machine-level Permissions
- New AppPool account added as Member in the WSS_WPG, AD Group
- New AppPool account added as Member in the built-in IIS_IUSRS, AD Group
- SQL Server and database permissions
- SharePoint will create new SQL Server Login for AppPool Account in the Database if it doesn’t exists
- New AppPool account is assigned to the db_owner role for the Web application content databases.
- New AppPool account is assigned to the WSS_CONTENT_APPLICATION_POOLS role associated with the farm configuration database.
- New AppPool account is assigned to the WSS_CONTENT_APPLICATION_POOLS role associated with the SharePoint_Admin content database.
- New AppPool account is assigned to the WSS_CONTENT_APPLICATION_POOLS role associated with the StateService database.
- New AppPool account will be assigned to the db_owner role for the associated user profile service application databases (e.g. Profile DB, Social DB, and Sync DB)
There you go. Regardless of what you do
and where you manually change application pool account info, you still
have to change application pool through manage security accounts screen.
So, why not just change only at 1 place on manage security accounts
screen and let SharePoint does it’s magic to update all the required
places. Hopefully this will help. !!!!!
Reference:
http://nikpatel.net/2012/01/25/best-practices-to-change-app-pool-account-for-sharepoint-web-applcation/
Subscribe to:
Posts (Atom)