About Doubts / Dúvidas SharePoint Blogs Central Administration regional settings in sharepoint 2010/2013

To change Regional Setting in SharePoint 2010/2013 for Central Administration web site to check and receive the correct date and time format for the performed jobs.

Regional Settings are hidden for the Central Admin site collection. However, you can get it corrected, by typing the URL (substitute mysharepointserver:2010 for your central admin web application and port).

http://mysharepointserver:2010/_layouts/regionalsetng.aspx or

http://mysharepointserver:2013/_layouts/regionalsetng.aspx

2010:

2013:

How to enable the SharePoint 2010 and 2013 Developer Dashboard

Developer Dashboard is a great tool that will help you to gathering a lot of information about some application in your farm. It was reviewed and it received a huge number of improvements. Now, the Developer Dashboard panel, it’s no longer a control on your page which only shows you information about the current request. It’s now a separate window which shows you all requests since you started the developer dashboard session.

The new 2013 Developer Dashboard depends on the Usage and Health Data Collection Service Application. So, be sure to configure it before!

Notice that there are the following options for the Developer Dashboard:

• On - SharePoint 2010: The Developer Dashboard will always be rendered at the bottom of each page SharePoint 2013: The Developer Dashboard icon will always be displayed at the top right corner. It will not be appended to each page.
• Off – SharePoint 2010 & 2013: The Developer Dashboard will not be available
• OnDemand – SharePoint 2010: The Developer Dashboard will only be appended to a page after clicking on the icon in the ribbon SharePoint. In SharePoint 2013, this mode was deprecated and replaced with On.

PowerShell

The dashboard can be enabled for your SharePoint 2010 or 2013 farm by executing the following commands in a SharePoint PowerShell window:

#Adding SharePoint Snapin
Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue
#cleaning the screen
cls
$cs = [Microsoft.SharePoint.Administration.SPWebService]::ContentService
$dds = $cs.DeveloperDashboardSettings
write-host “Developer dashboard Status is: “$dds.DisplayLevel

if ($dds.DisplayLevel -eq “On”) {
Write-Host “Developer dashboard is enabled.”
write-host “Do you want do disable it? (Y/N)”
$aw = Read-Host
if ($aw -eq “Y”) {
$dds.DisplayLevel = “Off”
$dds.Update()
Write-Host “Developer dashboard disabled.”
}
} else {
Write-Host “Developer dashboard is disabled.”
write-host “Do you want do enable it? (y/n)”
$aw = Read-Host
if ($aw -eq “Y”) {
$dds.DisplayLevel = “On”
$dds.Update()
Write-Host “Developer dashboard enabled.”
}
}

After that PowerShell, if you have turned “on” the Developer Dashboard and you would like to check out how it works, You need to click on the developer dashboard icon in the upper right ribbon button and the new developer dashboard window opens.

Ok, that’s it. Have a good troubleshooting.

For more information on how to use the dashboard can be found in the excellent article at http://www.zimmergren.net/archive/2010/12/18/sp-2010-developing-for-performance-part-1-developer-dashboard.aspx, where the author, describe in details how to read the report for SharePoint 2010!

Unexpected System.Configuration.ConfigurationErrorsException: The RSA key container could not be opened.

Scenario:

You have a SharePoint 2013 application that has a web part consulting a external database (not a SharePoint database) and you add inside the Tag <configuration>:

<connectionStrings>

<add name=”MyAnyWebPart” connectionString=”Data Source=DataBaseServer;Initial Catalog=DatabaseName;User ID=UserName;Password=XXXXXXX”
providerName=”System.Data.SqlClient” />

</connectionStrings>

After performing the inclusion of connectionString, it should be encrypted. This way, you will prevent the credentials are exposed when some error occur. The RSA encryption will be used, which is automatically generated by aspnet_regiis.exe module.

To perform this action, follow the steps below:

1 – Open the command prompt with administrative privileges
2 – Go to C:\Windows\Microsoft.NET\Framework64\v4.0.30319
3 – Run the following command to perform the encryption connectionString:

Encrypt:

aspnet_regiis.exe -pef ” connectionStrings ” “C:\inetpub\wwwroot\wss\VirtualDirectories\80″

Decrypt:

aspnet_regiis.exe -pdf “connectionStrings” “C:\inetpub\wwwroot\wss\VirtualDirectories\80″

Note: Use your SharePoint Application path.

At the end of encryption steps, the result will be similar to that shown below:

<connectionStrings configProtectionProvider=”RsaProtectedConfigurationProvider”>
<EncryptedData Type=”http://www.w3.org/2001/04/xmlenc#Element” xmlns=”http://www.w3.org/2001/04/xmlenc#”>
<EncryptionMethod Algorithm=”http://www.w3.org/2001/04/xmlenc#tripledes-cbc” />
<KeyInfo xmlns=”http://www.w3.org/2000/09/xmldsig#”>
<EncryptedKey xmlns=”http://www.w3.org/2001/04/xmlenc#”>
<EncryptionMethod Algorithm=”http://www.w3.org/2001/04/xmlenc#rsa-1_5″ />
<KeyInfo xmlns=”http://www.w3.org/2000/09/xmldsig#”>
<KeyName>Rsa Key</KeyName>
</KeyInfo>
<CipherData>
<CipherValue>WGkITVNdcbxdL8nfmPQ1xqRfUEWvFPp8mTi2KgRCUhcGG3emR0jcsy3iye8aVOLi2DWll0CaLpHJvsnghwAFrkSW8tWezZ8Fzo2kHdWNhkO2a7vbhv/F2hF2luZCfNRCdzv3azhhukUr3buvo1TORLjeFB7+sQ+NOU851b+yI +ejn9m/kzahzn87sfvTUzNoLeS7aq8ZIRFDMFa8lYh5b/mF3xDxwS1WSHUoG5oQ5EA6FNgnKo58+uOKEhpvPNv/16h8BVPHIXUAQYnoYk8EuwNBpOkVQZxlE30lTFXunfEZ/QGlIqZbkk+HaTSg0RWuIxoFnKxkb5YRfwQNRTsQDA==</CipherValue>

</CipherData>
</EncryptedKey>
</KeyInfo>
<CipherData>
<CipherValue>VatoPp7VnYHTeRodDAv8Kaj6sU9APKgSb8aov2cjaGIVLhsBzm2Nue5RFAAo1frX+ZJ2UVbFwNwa9BimsLzbBf5p1er1lMsQsuNEjc/LHQcJC0cuKqRiV6DJDUA21507qjnuWIThHiVk5cs4EtwR4ci+lbFV/j45TIoYvGonNJr2m1YtwUXRBT+nAqDRhlQnvcSCRnpbz8s6n9Nii3frz0LmuO0NHTLf3xmYB8WTLEXIawtCXJ3/hxBMS624o/LfSJorzw5HS/wya5RRArbQLJQM3TkFU5VwVZxkt5N5jw8=</CipherValue>
</CipherData>
</EncryptedData>
</connectionStrings>

When you try to access your application, the browser presented the 403 error message.

Looking the error message in the ULS logs:

Error Message:

Unexpected       System.Configuration.ConfigurationErrorsException: The RSA key container could not be opened.    at System.Configuration.RsaProtectedConfigurationProvider.ThrowBetterException(Boolean keyMustExist)     at System.Configuration.RsaProtectedConfigurationProvider.GetCryptoServiceProvider(Boolean exportable, Boolean keyMustExist)     at System.Configuration.RsaProtectedConfigurationProvider.Decrypt(XmlNode encryptedNode)     at System.Configuration.ProtectedConfigurationSection.DecryptSection(String encryptedXml, ProtectedConfigurationProvider provider)     at System.Configuration.RuntimeConfigurationRecord.CallHostDecryptSection(String encryptedXml, ProtectedConfigurationProvider protectionProvider, ProtectedConfigurationSection protectedConfig)     at System.Configuration.BaseConfigurationRec… 315e609c-3258-1009-4f87-732a407e2da0

The resolution:

To solve this problem, you must to adjust some permissions because the key container for the anonymous IIS machine accounts (“IUSR” group and “Server\IIS_IUSR” user) usually saved in C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA doesn’t have the correct permission by default, and the worker process identity for the anonymous user should have access to these files to be able to decrypt it or you would get this error message.

To correct, just add the “IUSR” group and “Server\IIS_IUSR” user with “write” permission in the “MachineKeys” folder like described on the screenshots below:

That’s it. Now try to access your application again, and the result will be correct!

Enabling Usage Report–SharePoint 2013

Problem:

The report “Usage” presents empty counters. To check it, go to “Site Settings“, “Popularity and Search Reports” in “Site Collection Administration” section:

Solution:

Access the SharePoint Central Administration to enable usage reports.

Obs.: Remember this report will be available in 24hrs after the first configuration.

First, confirm if the option “enabled usage data collection” is enabled and review your necessities on this section.

At this is point, we need to enable the responsible job for generate this datas. Access the “Review job definition” option in the “Monitoring” section:

Search for the job “Microsoft SharePoint Foundantion Usage Data Processing”. Note the job status is “disable” by default.

Click on the link, as presented on the image below to enable the job as your preferences.

This is moment we should enable job “Microsoft SharePoint Foundation Usage Data Processing” clicking on the “Enable” button.

The expected result will be:

With these configurations, will be possible extract usage reports from your farm / web site.

PowerShell to warm up SharePoint 2013 Web Sites

SharePoint app pools recycle every night. Because they recycle every night the first person to hit SharePoint each morning has to wait for the app pools to warm back up.

To workaround this “bad behavior”, the startup scripts have been written to address this, and they all work fine.

This the script:

Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue

$hname=hostname

function sendMail{

     Write-Host “Sending Email”

     #SMTP server name
      $smtpServer = “smtp.xxxxx.xxx”

     #Creating a Mail object
      $msg = new-object Net.Mail.MailMessage

     #Creating SMTP server object
      $smtp = new-object Net.Mail.SmtpClient($smtpServer)

     #Email structure
      $msg.From = from@xxxxx.xxx
      $msg.ReplyTo = replyto@xxxxxx.xxx
      $msg.To.Add(emailto@xxxxx.xxx)
      $msg.subject = “Warm Up Script – SharePoint 2013″
      $msg.body = “Warm Up Script has run on the server $hname.”

     #Sending email
      $smtp.Send($msg)
}
Get-SPWebApplication | ForEach-Object { Invoke-WebRequest $_.url -UseDefaultCredentials -UseBasicParsing }

#Calling function
sendMail

The –UseDefaultCredentials parameter tells Invoke-WebRequest to log in to the web site as the person that PowerShell is running as. –UseBasicParsing tells Invoke-WebRequest to use basic parsing of the web page. We really don’t care about the web page, we just want to wake SharePoint up to send it to us.

If you have multiple WFEs you’ll need to run this on each server.

A good tip here, is to try to find the event ids responsible to the recycle and set up an “eventtrigger” to start the warm up script automatically after this process.

In my scenario I have configured to run the warm up script automatically when the “5076”, “5078”, “5079” and “5080” events ids have occurred on my server.

You’ll probably need to modify this for your environment, but hopefully it will get you started.

Find Empty User Profile Properties with PowerShell

Last week,  a customer asked me how to find all user profiles in SharePoint that did not have an entry for a specific property, in particular, a custom one by him.

So, I started searching on the net by some related subjects and I found this post, almost exactly the same as I needed. Here, I would like to thank Steve Mann to have shared it with us! Here is the original link: http://stevemannspath.blogspot.com.br/2013/05/sharepoint-20102013-using-powershell-to.html

Originally, the script try to find all people that did not have a picture associated with their SharePoint User Profile. A user profile’s picture information is stored in the “PictureURL” property.

However, my client needs to find by a custom property called “Pais” (Pais = Country in Portuguese), so, the script below will find all profiles that do not have an entry in “Pais” and will print all of them on the screen (the original part of the script) and after that, it will export to a .CSV file – this is my touch :-)

Of course that we must perform some adjust to run it with success, so, these are the steps:

1) Copy the script below and save it as “GetUsersWithoutProperty.ps1”:

#*********************************************************************************#

Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue

# Dynamic Settings
$mySiteUrl = “http://mysites.mabotega.local/”    #Change for your mysites url
$outputFile = “C:\UserProfiles.csv”                          #Choose the name that you want for the .csv file
#$findProperty = “PictureUrl”                                   #This is the original variable
$findProperty = “Pais”                                                 #This is the variable that I will use

Write-Host “Beginning Processing–`n”

# Obtain Context based on site
$mySiteHostSite = Get-SPSite $mySiteUrl
$mySiteHostWeb = $mySiteHostSite.OpenWeb()
$context = Get-SPServiceContext $mySiteHostSite

# Obtain Profiles from the Profile Manager
$profileManager = New-Object Microsoft.Office.Server.UserProfiles.UserProfileManager($context)
$AllProfiles = $profileManager.GetEnumerator()
$outputCollection = @()

# Loop through profiles and retrieve the desired property
foreach ($profile in $AllProfiles)
{
$output = New-Object System.Object
$output | Add-Member -type NoteProperty -Name AccountName -Value $profile["AccountName"].ToString()
$output | Add-Member -type NoteProperty -Name $findProperty -Value $profile[$findProperty]
$outputCollection += $output
}
# List all Accounts that do not contain the property
$outputCollection | Where-Object {[bool]$_.($findProperty) -ne $true}
Write-Host “Exporting profiles”
$outputCollection | Export-Csv $outputFile –NoTypeInformation

#*********************************************************************************#

2) Open the “SharePoint Management Shell” as administrator:

Note: In my scenario, I am using my SharePoint Setup account: RBTSHPSR01;

3) Navigate until the folder that you saved the script above;

4) Run the script typing in the SharePoint Management Shell prompt: .\GetUsersWithoutProperty.ps1

5) For the first time, I received the error message:

6) To solve it, go to “Manage Service Applications” menu under the “Service Application” section:

7) Just select the “User Profile Service Application” configured in your farm and after that, click on the “Permission” button:

8) Be sure your user account has “Full Access” permission. In my scenario, I had to add the user account and I had to grant this permission:

9) After this adjust, I have tried to run the script again typing in the SharePoint Management Shell prompt: .\GetUsersWithoutProperty.ps1

The result was like this:

10) After that, I have just copied the “C:\UserProfiles.csv” generated by the script to my computer with Excel installed;

11) I have opened the Excel and I have navigated to the Tab “Data”. I have clicked on the “From Text” option:

12) I have selected the “UserProfiles.csv” file to import on Excel from the path I had saved it on my computer:

13) I have chosen the “Delimited” option and I have clicked on “Next” button:

14) I have chosen the “comma” option and I have clicked on “Next” button:

15) I have clicked on “Finish” button:

16) I have clicked on the “OK” button:

17) Now I can apply one filter on it to check following my needs. In that case, by “Pais” igual to “Empty“;

Ok, guys, that’s it. I hope it could be useful. If you have any doubt about it, please, feel comfortable to ask me.

Database is in compatibility range and upgrade is recommended for BDCServiceDatabase or Some Content Database – two pots in one

 

Scenario:

1) To correct the content database issue, just rum the command below from SharePoint PowerShell as Administrator:

Upgrade-SPContentDatabase DB_XXX_Content

After it has done, check the status again on Central Administration;

1) To correct the upgrade necessary on BDC database, below from SharePoint PowerShell as Administrator:

(Get-SPDatabase | ?{$_.type -eq “Microsoft.SharePoint.BusinessData.SharedService.BdcServiceDatabase”}).Provision()

After it has done, check the status again on Central Administration;

FBA – SharePoint 2013

This post is the First part about this subject.

How to create an application to use FBA and Anonymous access:

Step 1) Creating the Web Application

1) From SharePoint 2013 Central Administration access the “Manage web applications” menu, under “Application Management” section;

2)

3) Create a new web application:

4)

5) Fill the necessary fields:

6) Create a new site collection:

7)

8)

9)

10)

11) After created the site collection, access the application. You will receive the screen like below to choose between “Windows Authentication” and “Form Authentication”. For the very first time, choose “Windows Authentication” just to check if everything is working well:

12)

13) Check if the logged user is the correct one that you have used. In my case was RBTSHPSR01:

14)

15) Configure the Site Collection to work with Anonymous Access. So, access the “Well Menu” and click on “Site Settings”:

16)

17) Click on “Site permissions”:

18)

19) Click on “Anonymous Access”:

20)

21) Grant the “Entire web site” access type and confirm on the “OK” button:

22)

23) The result will be like this:

24)

25) Perform a “Sign Out”on the web site:

26)

27) Access the application again and validate that the “Sign In” option is available:

28)

Step 2) Creating the SQL Server Database for FBA users

1) Fire up the application “aspnet_regsql.exe”, through “Start” button, “Run” : C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_regsql.exe

2) On the “ASP.NET SQL Server Setup Wizard” application, click on “Next” button;

3)

4) On the “ASP.NET SQL Server Setup Wizard” application, choose the first option “Configure SQL Server for application services” and click “Next” button:

5)

6) Fill the field “Server” with the instance name of your SQL Server. In my scenario “LABSQL2K12”;

7) Fill the field “Database” with the desired name for the database used for authenticate the users of FBA. In my scenario the name chosen was “DBSPS_FBA_AUTH”;

8) Click on “Next” button:

9)

Note: The user that will run this command must to have “dbcreator” and “securityadmin” SQL Server Role on the SQL Server instance. In our scenario, the user was RBTSHPSR01

10) Confirm Your Settings, and click on “Next” button:

11)

12) Confirm if the database was created and click on “Finish” button:

13)

14) Open the IIS Manager and check the user accounts for:

a) “SharePoint – fba.mabota.local” (in our scenario: RBTSHPSR03)

b) “SecurityTokenServiceApplicationPool” (in our scenario: RBTSHPSR02)

15) Go to the SQL Server machine and give the appropriated permissions for these users and click on the “OK” button to confirm for each one;

16) Be sure to select the correct database to set up the permissions on the Server Mappings for the users. In our scenario the database name was “DBSPS_FBA_AUTH”:

17)

18)

Step 3) Preparing the web.config files

1) Access the web site http://blogs.technet.com/b/speschka/archive/2012/07/28/fba-configuration-manager-for-sharepoint-2013.aspx and download the “FBAConfigMgr.zip” file;

2) Unzip the file on drive “C:”;

3) Access the unzipped folder for C:\FBAConfigMgr;

4) Add and Install the WSP as described on the .TXT file inside of this folder. for this type the commands below in a SharePoint Powershell prompt as administrator:

add-spsolution -LiteralPath “C:\FBAConfigMgr\FBAConfigFeature.wsp”
install-spsolution -Identity fbaconfigfeature.wsp -GACDeployment

5) Fire up the application: “FBAConfigMgr.exe” as administrator;

6)

7) Fill the field “Web Application Url”. In our scenario: “http://fba.mabotega.local”

8) Choose the “SQL Connection String” in the “Sample Configuration” combobox;

9) Adjust the “Connection String (only for SQL or a custom provider)”. In our scenario: “FBAConnectionString”, “LABSQL2K12” and “DBSPS_FBA_AUTH” like the sample bellow:

10)

11) Choose the “People Picker Wildcard” in the “Sample Configuration” combobox;

12) Now, adjust the name for “FBAMemberShip” on the “People Picker Wildcard” field;

Note: Use the same name used to create the Web Application on the step 5, field “ASP.NET MemberShip provider name”;

13)

14) Choose the “SQL Member” in the “Sample Configuration” combobox;

15) Now, adjust the name for “Membership Provider” on the “Membership Provider” field;

Note: Use the same name used to create the Web Application on the step 5, field “ASP.NET MemberShip provider name” of the section 1;

16) Choose the “SQL Role” in the “Sample Configuration” combobox;

17) Now, adjust the name for the connectionStringName to “FBAConnectionString” as djusted on the step 8 of this section and adjust the name of Role Provider as “FBARoleManager”

Note: Use the same name for the provider used to create the Web Application on the step 5, field “ ASP.NET Role manager name” of the section 1;

18)

19) Click on the “Apply Config” button. Then SharePoint will create a TimerJob to set up this configuration on the web.config file for this web application;

20)

21) Wait some minutes to the “Update Complete” screen, and click “OK” button:

22)

23) Open IIS Manager and Explore to the path of the Web Application fba.mabotega.local, Central Administration and SecurityTokenServices;

24) Open the web.config file and search for the “FBAConnectionString”, “People Picker”, “FBAMemberShip” and “FBARoleManager”. If you got all of them, everything was configured right;

Part 2 – Managing Users

Download link: http://sharepoint2013fba.codeplex.com/releases/view/100792

Download file: SharePoint2013FBAPack.1.3.3.zip

Reference Link: http://sharepoint2013fba.codeplex.com/documentation

Install (or upgrade) the SharePoint 2013 FBA Pack

• Download and unzip Sharepoint2013FBAPack.X.X.X.zip to the SharePoint server on the link above.

• Open the SharePoint PowerShell as administrator and navigate to the folder the files were unzipped to.
• Run the following command:

• .\deploy [Site Collection URL]

  e.g. .\deploy http://fba.mabotega.local/

  • The FBA Pack will be deployed to SharePoint and activated on the specified site collection. If the site collection url is omitted, you will need to manually activate the ‘Forms Based Authentication Management’ feature in each site collection you wish to use it.

  Notes:
  Ensure that the SharePoint 2013 Administration service is running prior to running the deployment scripts, or the deployment will fail.
  Depending on your PowerShell security settings, it may prevent you from running the deployment scripts because they are not signed. To change the setting to allow unsigned scripts to run, run the following command:

  Set-ExecutionPolicy Unrestricted

  Visual Steps:

  1)

  

  2)

  

  3)

  

  4)

  

  

  

  

  

  

  

  

  5)

  

  6)

  

  7)

  

  8)

  

  Configure the FBA Pack

  The configuration and management pages can be opened from the Site Settings page:

  

  Select ‘FBA Site Configuration’ to open the configuration page:

  Enable Roles: Allows users to be assigned Membership Roles instead of SharePoint Groups on the User Management page.
  Review Membership Requests: Specifies whether new users requests should be automatically granted, or reviewed by an administrator.
  Membership Review Site URLs: URLs for pages that can be used in the email templates.
  Membership Email: The XSLT email templates to use.

  Note that these items can only been seen and used by the site collection administrators.

  

  Managing Users

  Users can be created, deleted and edited and their passwords reset from the FBA User Management page:

  

  

  

  

  Adding the FBA Users inside one SharePoint Group

  Users can be added to one SharePoint group from the People and group page:

  

  

  

  

  

  

  

  Next steps, coming soon….

  To uninstall run:

  .\undeploy [Site Collection URL]

e.g. .\undeploy http://fba.mabotega.local/