Tuesday, December 29, 2015

Configuration Failed - Failed to connect to the configuration database: Error during decryption. Ensure the passphrase is correct.

Issue Description

1. I was trying to connect a SharePoint server to an existing farm after entering the farm passphrase.
The configuration wizard fails and gives me the below error message
Configuration Failed
Failed to connect to the configuration database: 
An exception of type System.ArgumentException was thrown. Additional exception information: Error during decryption. Ensure the passphrase is correct.




2. I tried putting in a garbage passphrase and it gave an error message: The passphrase you entered is incorrect. Please try again

3. But when I tried putting in the correct farm passphrase, it went past this stage and the configuration wizard failed.

Fix

1. Clear SharePoint Configuration Cache on all SharePoint servers

2. Run the configuration wizard on the new server


SharePoint 2016 : WSS Usage Application proxy in Stopped State

Issue Description

I was working on installing and configuring a SharePoint 2016 farm and I noticed that the Usage and Health Data Collection Proxy was in Stopped State



Fix

Get-SPServiceApplicationProxy
Copy the ID for the WSS Usage Application and use it in your PowerShell command
$UsageApp = Get-SPServiceApplicationProxy | Where {$_.ID -eq "14804966-1b85-4538-b25b-2a15269147a4"}

$UsageApp.Provision()





SharePoint 2013: The server was unable to save the form at this time. Please try again.

Error Description

When I am trying to save data on any list in the farm I got the below error
The server was unable to save the form at this time. Please try again.



Fix


An IISRESET fixed the issue.

Thursday, December 17, 2015

Setsitelock: Stsadm operation

Sets a value that specifies whether the site collection is locked and unavailable for read or write access. This operation should be used in conjunction with the Getsitelock operation. For more information, see the Examples section.

Syntax
stsadm -o setsitelock
   -url <URL name>
   -lock {none | noadditions | readonly | noaccess}




None: Sets the site collection to unlock.
Noadditions: Permits changes that reduce the size of the data.
For example, if you had an announcement list item whose body consisted of 50 characters, you could successfully edit the list item so that the body was reduced to 25 characters. However, if you tried to edit the list item so that they body was increased to 100 characters, that would be blocked.
Readonly: Sets the site collection to read-only.
Noaccess: Sets the site collection unavailable to all users.

Examples
To determine the lock status of the site, you can use the following getsitelock syntax:
stsadm -o getsitelock -url http://server_name
Once the lock status of the site collection is determined, you can use the noaccess parameter of the setsitelock operation to lock out all users to the site:
stsadm -o setsitelock -url http://server_name -lock noaccess


Thursday, July 16, 2015

Publish SharePoint Calendar to Microsoft Outlook

1. Browse to SharePoint site

2. Click on the SharePoint Calendar link on the left navigation

3. This brings up the calendar.



4. On the top of the page, select Calendar Tools -> Calendar. This will open the ribbon option for the calendar.



5. Click on Connect to Outlook.



6. This opens a pop up. Click Allow.



7. Click Allow


8. Click Yes


9. This will add the SharePoint Calendar in your Microsoft Outlook Calendar section

Tuesday, July 14, 2015

How to delete a corrupted SharePoint list using PowerShell

$web = get-spweb -Identity http://sp2010
$list = $web.lists["corrupted list name"]
$list.AllowDeletion = $true
$list.Update()
$list.Delete()

Monday, July 13, 2015

SharePoint Developer Dashboard

Developer Dashboard is a great feature on SharePoint 2010. This feature is disabled by default. And it provides performance and tracing information that can be used to debug and troubleshoot page rendering time issues. (slow page loads, web part issues, query delays) .Enabling this great feature will get critical information about execution time, log correlation ID, critical events, database queries, service calls, SPRequests allocation and webpart events offsets.

The Developer Dashboard feature is turned off by default, but it can be enabled very easy via stsadm or PowerShell.

Check status of Developer Dashboard
stsadm -o getproperty -pn developer-dashboard

Enable Developer Dashboard via stsadm:

‘On’ Mode:
stsadm -o setproperty -pn developer-dashboard -pv On

‘OnDemand’ Mode:
stsadm -o setproperty -pn developer-dashboard -pv OnDemand

Disable Developer Dashboard via stsadm:
stsadm -o setproperty -pn developer-dashboard -pv Off

Wednesday, July 8, 2015

SharePoint Recycle Bin – First Stage and Second Stage

SharePoint Recycle Bin stores and keeps a track of the items deleted from the site. When an item is deleted in SharePoint, it is not completely deleted, it is actually stored in a Recycle Bin . The main idea of a Recycle Bin is to restore contents that are accidentally deleted or retrieve data that should not have been deleted. There are 2 stages to the Recycle Bin.

First Stage Recycle Bin

Whenever an item is deleted from the site it goes to the Recycle Bin (users’ Recycle Bin) of the site and stays there till it is restored or it expires. By default the items are stored in the Recycle bin for 30 days. This setting is configured at the web application level from Central Administration. You can access a site's Recycle Bin by clicking on the Recycle Bin link on the left navigation (Quick Launch).

Normal user's Recycle Bin URL - /_layouts/recyclebin.aspx




If an item is deleted from the User’s Recycle Bin (First Stage Recycle Bin), it goes to the Site Collection Recycle Bin (Second Stage Recycle Bin).

Second Stage Recycle Bin

When an item is deleted from a site's Recycle Bin it goes to Site Collection Recycle Bin and stays there till it is restored or it expires. By default the items are stored in the Recycle bin for 30 days. If the item is deleted from here, it is deleted forever. To access the Site Collection Recycle Bin, browse to Site Settings -> Site Collection Administration -> Recycle Bin.


This Recycle Bin has two views: End User Recycle Bin Items view displays all the contents of all the recycle bins of all the sites under that particular site collection whereas Deleted From End User Recycle Bin view displays all the items which have been deleted from the sites recycle bins

Site Collection's Recycle Bin has two views :

End user Recycle Bin items URL - /_layouts/AdminRecycleBin.aspx



Deleted from end user Recycle Bin URL - /_layouts/AdminRecycleBin.aspx?View=2



Note:
- If an end user deletes and item, it will go to his Recycle Bin. Other users will not be able to see another users’ recycle bin.

- When you disable the Recycle Bin feature, all the items existing in it will be removed permanently.

Tuesday, July 7, 2015

How to Implement Hold and eDiscovery in a SharePoint Site

Adding a Hold to a Record

1) Browse to the Site Settings


2) Manage Site Features -> Hold and eDiscovery -> Activate



3) This will display the Hold and eDiscovery section in Site settings now.



4) Browse to Holds list and create a new item (Hold)



5) Now browse to a document library and select a document, right click and choose Compliance Details.



6) This will show the Hold status of the document. Choose Add/Remove from hold



7) Select Add to a hold and Save. Use the drop-down selection box to choose the relevant hold to apply to this record.  The ‘Comments’ field is not required.



8) Now check the Compliance Details. This shows that the document is On hold.If you noticed, now the Delete option is not available( and will not be available as long as the Hold is in place)





Note:

a. This means this record cannot be deleted and will not be destroyed through its Information Management Policy until the new hold is removed.

b. Please note that SharePoint allows you to apply multiple holds to the same record.  If a record has multiple holds applied to it, SharePoint will not allow the record to be destroyed until all the holds are removed.


Removing a Hold from a Record


1) Browse to a document library and select a document, right click and choose Compliance Details

2) This will show the Hold status of the document (On hold). Choose Add/Remove from hold

3) Select Remove from a hold and Save. Use the drop-down selection box to choose the relevant hold to apply to this record.  The ‘Comments’ field is not required.



4) Now you should be able to delete the record


SharePoint Hold and eDiscovery feature

The Hold and eDiscovery feature of SharePoint sites prevents items such as documents, images, pages, from expiration policies. This feature is typically used for items that are subject to events such as litigation, audits, or investigations.

Organizations use holds to prevent items that may be relevant to ongoing litigation or investigation from expiring or being destroyed before the event to which they are relevant has been resolved. Also , when an item is placed on hold , it cannot be edited or deleted.

How Hold works

To use the Hold feature, Hold and eDiscovery feature must be activated in that site.You can add a Holds list to any site by accessing the Site Settings page for the site and activating the Hold and eDiscovery feature.

Note: By default, every Records Center site has a Holds list (feature is already activated)

A new entry is added to the Holds list for creating a new hold. The Holds list provides tools for finding and holding relevant items, viewing items that are currently on hold, or releasing a hold when it is no longer required. When an item is added to a hold, its hold status is updated to indicate that it is on hold, and the application prevents this item from expiring or being deleted. An item can have multiple holds at the same time. If an item is put on multiple holds, it is suspended from its original information management policy until all of the holds to which it has been added are released.

I have detailed the implementation of Hold and eDiscovery feature here.


Wednesday, July 1, 2015

SharePoint 2010 User Active Directory Permissions not updating

When you are using Active Directory groups and add those groups into SharePoint groups, you will run into issues while modifying the members of the Active Directory group. It takes 24 hours (by default) to reflect this change to SharePoint.This behavior is controlled by a property called Token-timeout.By default, this value is set to 1440 minutes (24 hours) .
SharePoint fetches user token information from the SharePoint database. If the user has never visited the site or if the user’s token was generated more than 24 hours previously, SharePoint generates a new user token by trying to refresh the list of groups that the user belongs to.(MSDN Reference)

To check which values you currently have, try running the below:
 stsadm –o getproperty –propertyname token-timeout

If you want to minimize this token time out value (time it takes to refresh the token), follow the below instructions.

To set a valid time to 2000 minutes, use the following syntax:
stsadm -o setproperty -pn token-timeout -pv 2000
Note: You can substitute -pn for -propertyname and -pv for -propertyvalue. 
Name
Value
propertyname
Gets or sets the name of the property.
propertyvalue
A valid time interval, in minutes. The default setting is 1440 minutes.

The syntax for the setproperty operation is:
stsadm -o setproperty -propertyname token-timeout –propertyvalue <A valid time interval, in minutes>

Note:
- This property applies to the entire farm.

- The use of stsadm will only affect the ContentService Web service property and not the AdministrationService Web service property.

Warning: If you set Token-timeout to zero (0) it can bring the farm down and you get this error message
"The context has expired and can no longer be used. Exception from HRESULT: 0x80090317"


Active Directory Group Sync Issue with SharePoint 2013 Permissions

Issue
AD security group permissions are being used to control access in SharePoint 2013, however, changes to group membership in AD are not taking effect immediately in SharePoint 2013. In simple words, even after you remove a user from the AD security group - user is still able to access the site. If you add a new user to the AD security group, user still receives access denied error message in SharePoint.

Workaround - If you need to have the change take effect immediately, you can do an Application Pool recycle for that web application. 

Cause
In Windows Claims enabled web application (the default for SharePoint 2013), the logon token life time is by default 10 hours and cache life time is by default 10 minutes. Hence, the AD group modifications will not reflect immediately in SharePoint user sign-in. internally what happens is when a user accesses a SharePoint site, SharePoint checks the security token store cache for the user's claims. If the claim is found in the cache, SharePoint uses it to authorize the user. If not, SharePoint queries for claims again from the AD.

To check which values you currently have, try running the below:

$sts = Get-SPSecurityTokenServiceConfig
$sts.WindowsTokenLifetime
$sts.LogonTokenCacheExpirationWindow

Resolution
The value of token life time and cache expiration time can be set to the desired value per your needs.Lowering the token life time introduces more round trips to AD to authenticate the user, which means performance characteristics should be monitored to determine the appropriate lifetime.I have seen 10 minutes being recommended to use, but this is something that needs to be tested as it should be considered on a case by case scenario.If you would like to change the token life time, you can use the following PowerShell cmdlet to set the Windows token life time and cache expiration window to the desirable value.

The below example sets your WindowsTokenLifetime to 10minutes (10 hours is the default) and the Cache Expiration to 2 minutes (10 minutes is the default).

$sts = Get-SPSecurityTokenServiceConfig
$sts.WindowsTokenLifetime = "00:10:00"
$sts.LogonTokenCacheExpirationWindow = (New-TimeSpan –minutes 2)
$sts.Update()
iisreset 

Warning
If you set Token lifetime lesser than the token expiration window, you get this error message
"The context has expired and can no longer be used. Exception from HRESULT: 0x80090317"

Friday, June 26, 2015

SharePoint Feature Installation, Activation, Deactivation, and Uninstallation using PowerShell

To install a SharePoint feature with PowerShell
Install-SPFeature FeatureFolderName

To activate a feature
Enable-SPFeature FeatureFolderName -Url http://server/site/subsite

To deactivate a feature
Disable-SPFeature FeatureFolderName -Url http://server/site/subsite

To uninstall a feature
Uninstall-SPFeature FeatureFolderName

Examples:

Activate site collection feature
$site = Get-SPSite http://sp2010
Enable-SPFeature -Identity “FeatureName” -Url $site.Url
$site.Dispose()

Activate site feature
$web = Get-SPWeb http://sp2010
Enable-SPFeature -Identity “FeatureName” -Url $web.Url
$web.Dispose()

Activate site collection features for all site collections in a Web Application
$webApp = Get-SPWebApplication -Identity http://sp2010
$webApp | Get-SPSite -limit all | ForEach-Object {Enable-SPFeature -Identity “FeatureName” -Url $_.Url}

How to Deactivate a SharePoint feature using PowerShell or STSADM

To Disable a SharePoint Feature, you must first determine the scope of the feature. If the scope is Web-based or is a site collection scope, the URL parameter is required. However, if the scope is farm-based, the URL parameter is not required.

Syntax - PowerShell

Disable-SPFeature [-Identity] <SPFeatureDefinitionPipeBind> [-AssignmentCollection <SPAssignmentCollection>] [-Confirm [<SwitchParameter>]] [-Force <SwitchParameter>] [-Url <String>] [-WhatIf [<SwitchParameter>]]

This example disables the "MyCustom" Web site scoped feature at http://somesite.
Disable-SPFeature -identity "MyCustom" -URL http://somesite

This example disables all features in the subsite at http://somesite/myweb.
$w = Get-SPWeb http://somesite/myweb | ForEach{ $_.URL }
Get-SPFeature -Web $w |%{ Disable-SPFeature -Identity $_ -URL $w}

Syntax - STSADM

stsadm -o deactivatefeature
   -filename
   -name <feature folder>
   -id <feature ID>
   [-url] <URL name>
   [-force]

Parameter
Value
Description
filename
A valid file path, such as "MyFeature\Feature.xml"
Path to feature must be a relative path to the 14\Template\Features directory. Can be any standard character that the Windows system supports for a file name.
name
Name of the feature directory, such as “MyFeature”
Name of the feature folder located in the 14\Template\Features directory
id
A valid GUID, e.g.  “11d186e-7306-4902-a825-0eb7609e9280”
GUID that identifies the feature to activate
url
A valid URL, such as http://server_name
URL of the Web application, site collection, or Web site to which the feature is being activated


How to Activate a SharePoint feature using PowerShell or STSADM

To Enable a SharePoint Feature, you must first determine the scope of the feature. If the scope is Web-based or is a site collection scope, the URL parameter is required. However, if the scope is farm-based, the URL parameter is not required.

Syntax - PowerShell

Enable-SPFeature [-Identity] <SPFeatureDefinitionPipeBind> [-AssignmentCollection <SPAssignmentCollection>] [-CompatibilityLevel <Int32>] [-Confirm [<SwitchParameter>]] [-Force <SwitchParameter>] [-PassThru <SwitchParameter>] [-WhatIf [<SwitchParameter>]]

This example enables the "MyCustom" site scoped SharePoint Feature at http://somesite.
Enable-SPFeature -identity "MyCustom" -URL http:// sitename

This example enables all SharePoint Features in the subsite at http://somesite/myweb.
$w = Get-SPWeb http://somesite/myweb | ForEach{ $_.URL }
Get-SPFeature -Web $w |%{ Enable-SPFeature -Identity $_ -URL $w}

Syntax - STSADM

stsadm -o activatefeature
   {-filename <relative path to Feature.xml> | -name <feature folder> | -id <feature ID>}
   [-url] <URL name>
   [-force]

Parameter
Value
Description
filename
A valid file path, such as "MyFeature\Feature.xml"
Path to feature must be a relative path to the 14\Template\Features directory. Can be any standard character that the Windows system supports for a file name.
name
Name of the feature directory, such as “MyFeature”
Name of the feature folder located in the 14\Template\Features directory
id
A valid GUID, e.g.  “11d186e-7306-4902-a825-0eb7609e9280”
GUID that identifies the feature to activate
url
A valid URL, such as http://server_name
URL of the Web application, site collection, or Web site to which the feature is being activated

Note : If you try to use the Url parameter on a farm-scoped feature, you receive the following error message:
The feature ‘<feature name>’ applies to the entire farm; the Url parameter cannot be used with farm-scoped features.