Tuesday, 3 November 2015

Install Apache Server on Amazon AWS , Redhat , Centos

To install Apache Server, connect to your console ( bash )

yum install httpd

To start the Apache Server

Service httpd start

I will cover the configuration of Apache Server in my next article.

Wednesday, 9 September 2015

Delegate Rights Management Role in Office 365

In this article, we will cover how to delegate rights management role to a user

Only a Global Administrator can activate Rights Management Service in Office 365

To find how to Activate Rights Management, Click Here

Launch the Azure Active Directory Rights Management Powershell Module

Connect to Rights Management Service , enter your global admin credentials

connect-aadrmservice

To see who all have Rights Management Administrator Role,

get-aadrmrolebasedadministrator

To delegate Rights Management Admin, use this

add-aadrmrolebasedadministrator -emailaddress "johnsmith@contoso.com"

Activate Rights Management in Office 365

In this Article, we will cover the different options available to activate Rights Management.

Rights Management service can be integrated with 


  • Exchange Online
  • SharePoint Online 
  • Office 


There are two ways in which you activate rights management in Office 365.


  • Using Office 365 Admin Center 
  • Using Powershell

Note: Only a Global Administrator can activate Rights Management

Using Office 365 Admin Center:

Login to Office 365 Admin Center, Go to Services from the left hand panel

Click on Rights Management > Manage > Activate 



Using Powershell:

To Activate using Powershell, you will need to install the Azure Rights Management Administration Tool  i.e.  Windows Azure Rights Management Admin  Powershell module

Connect to Microsoft Online Service

Connect-Msolservice

Import the Rights Management Module

Import-module aadrm

Connect to Rights Management Service 

connect-aadrmservice

To Activate rights Management

Enable-aadrm

Now to Disconnect ,

disconnect-aadrmservice

Add , Remove , Get , Set Groups in Office 365

In this Article, we will cover the Powershell commands available from high level in Office 365 for Groups.

There are four types of msolgroup Commands available for Groups 

  • Adding a Group > New-MsolGroup
  • Removing a Group > Remove-MsolGroup
  • To update the Group Security > Set-MsolGroup
  • Get a Group details > Get-MsolGroup

For more information on the commands, refer to technet

Restore User in Office 365

In this Article, we will cover how to restore a user  using PowerShell in Office 365. 

In order to use the following command lets , the pre-requisite is to Install Windows Azure for Active Directory PowerShell, please refer to Microsoft TechNet Article.

Launch the Windows Azure for Active Directory Shortcut

Connect to Office 365 using the following command , and enter your credentials

Connect-msolservice 

When a user is removed, it goes into Recycle Bin where it's available for 30 days and is recoverable within 30 days from the time of deletion.

Once you are connected, you can use the following command to restore a user

To Get a list of removed users,

Get-MsolUser–returndeletedusers

To Restore a User,

Restore-MsolUser –UserPrincipalName JohnSmith@contoso.com

Remove User in Office 365

In this Article, we will cover how to remove users using PowerShell in Office 365. Users can be removed using Office 365 Admin Center as well.

In order to use the following command lets , the pre-requisite is to Install Windows Azure for Active Directory PowerShell, please refer to Microsoft TechNet Article.

Launch the Windows Azure for Active Directory Shortcut

Connect to Office 365 using the following command , and enter your credentials

Connect-msolservice 

Once you are connected, you can use the following command to remove a user

To Remove a User,

Remove-MsolUser –UserPrincipalName JohnSmith@contoso.com

This will prompt to remove any licenses that are assigned to the user. Once the account is removed, the user account is recoverable within 30 days from recycle bin

To Remove a User from Recycle Bin i.e. permanently delete

Remove-MsolUser –UserPrincipalName JohnSmith@contoso.com -RemoveFromRecycleBin

Adding Users in Office 365


There are various ways in which users can be added in Office 365. You can add the users using the following ways

  • Office 365 Admin Center
  • Bulk Import using CSV Files
  • Directory Sync
  • PowerShell

In this Article, we will cover how to add users using PowerShell

In order to use the following command lets , the pre-requisite is to Install Windows Azure for Active Directory PowerShell.

Launch the Windows Azure for Active Directory Shortcut

Connect to Office 365 using the following command , pand enter your credentials

Connect-msolservice 

Once you are connected, you can use the following command to create a new user
New-MsolUser –UserPrincipalName “JohnSmith@Contoso.com”–Displayname “John Contoso” –Fristname “John” – Lastname “Smith”

Note:  the user account will be created , a random password is generated,  in Windows Azure Active Directory but no licenses are assigned to the user. 

Some other commands to get some help, which I find really helpful are:

For Help > Get-Help  New-MsolUser

For Examples > Get-Help New-MsolUser –examples 

Fore More Information > Get-Help New-MsolUser –detailed 

For Technical Information > Get-Help New-MsolUser –full  

For Online help > Get-Help New-Msoluser –online


Thursday, 27 August 2015

SharePoint 2016 Preview New Integartion Capability

SharePoint 2016 preview is out and SharePoint professional across the world out there aredoing a deep dive to get up to speed to understand the newer capabilities of what platform has to offer.

Biggest one which I See , based on what I have seen is

Integration capabilities

Hybrid Integration

Project Server is now fully integrated by default on 2016, how the licensing will be interesting to see.

Here is a screen capture of the Project Server Integration



Some of the capabilities may change when RTM is released not covered here.

Wednesday, 26 August 2015

App Model Troubleshooting Guide SharePoint 2013

Apps Troubleshooting Guide

 
This article will walk you through some of the known issues you will encounter when deploying provider hosted app’s or accessing provider hosted app’s for the first time
Error :
App token requested from appredirect.aspx for site: 7b407d5d-8096-4007-b829-d59c14021063 but there was an error in generating it.  This may be a case when we do not need a token or when the app principal was not properly set up.  LaunchUrl:https://xxxx..com/pages/Setup.aspx?SPHostUrl=xxx&SPLanguage=en-US&SPClientTag=0&SPProductNumber=15.0.4569.1000&SPAppWebUrl=https://apps-af87c5df31b1da.xxxxxxxo Exception Message:The endpoint address 'https://xxx.xxx.com/Pages/Setup.aspx?SPHostUrl=&SPLanguage=en-US&SPClientTag=0&SPProductNumber=15.0.4569.1000&SPAppWebUrl=https://apps-af87c5df31b1da.&HostTitle=does not match the app's endpoint xxxxx.com'.  Stacktrace:  
 at Microsoft.SharePoint.SPServerToAppServerAccessTokenManager.GetAccessTokenPrivate(SPServiceContext serviceContext, String appId, Uri appEndpointUrl, SPAppPrincipalInfo appPrincipal, SPApplicationContextAccessTokenType tokenType, Boolean useThreadIdentity, SPUserToken userToken)   
 at Microsoft.SharePoint.SPServerToAppServerAccessTokenManager.GetAccessTokenFromThreadIdentityOrUserToken(SPServiceContext serviceContext, String appId, Uri appEndpointUrl, SPApplicationContextAccessTokenType tokenType, SPAppPrincipalInfo appPrincipal, Boolean useThreadIdentity, SPUserToken userToken)   
 at Microsoft.SharePoint.ApplicationPages.AppRedirectPage.ValidateAndProcessRequest().  Since this is a nonfatal error, it will be sanitized and posted to the app as part of the app launch.
 
Or Getting Error Message for Exception Microsoft.SharePoint.SPException: The endpoint address 'httpszzz/Pages/Setup.aspx?SPHostUrl=https://xxxx&SPLanguage=en-US&SPClientTag=0&SPProductNumber=15.0.4569.1000&SPAppWebUrl=https://apps-af87c5df31b1da.xxxx&HostTitle=does not match the app's endpoint .com'.   
 at Microsoft.SharePoint.SPServerToAppServerAccessTokenManager.GetAccessTokenPrivate(SPServiceContext serviceContext, String appId, Uri appEndpointUrl, SPAppPrincipalInfo appPrincipal, SPApplicationContextAccessTokenType tokenType, Boolean useThreadIdentity, SPUserToken userToken)   
 at Microsoft.SharePoint.SPServerToAppServerAccessTokenManager.GetAccessTokenFromThreadIdentityOrUserToken(SPServiceContext serviceContext, String appId, Uri appEndpointUrl, SPApplicationContextAccessTokenType tokenType, SPAppPrincipalInfo appPrincipal, Boolean useThreadIdentity, SPUserToken userToken)   
 at Microsoft.SharePoint.ApplicationPages.AppRedirectPage.ValidateAndProcessRequest()
 
This indicates there is a problem with certificate so handshake cannot happen. It can be due to Root Authortiy or SP Trusted Security Token Issuer or Realm ID or rogue Certificate, in most cases it will be certificate.
 
To resolve this, follow the below steps to remove the security token issuer, create a new pfx and cer , and setup the trust between SharePoint and IIS with the new certificates

Get the SP Trusted Security Token Issuer Name, Issuer ID
 
Get-SPTrustedSecurityTokenIssuer | select Name,RegisteredIssuerName | fl
 
Get the SP App Principal
 Get-SPAppPrincipal -NameIdentifier IssuerID@RealmID  -Site https://intranet.contoso.com/services/site1

Get the Farm ID to Validate Realm ID is same , if its different apps won't be able to issue the app token
 $SPFarm = Get-spfarm
$SPFarm.ID

Remove Root Authority and Security Token Issuer

Get-SPTrustedSecurityTokenIssuer | ?{$_.RegisteredIssuerName -eq " IssuerID@RealmID "} | Remove-SPTrustedSecurityTokenIssuer
 
 



Friday, 24 April 2015

SharePoint 2013 update conflict has occurred, and you must re-tr this action. The object SPWebApplication Name

While running the command to remove the dodgy extranet web app, got this error

Remove-SPWebApplication : An update conflict has occurred, and you must re-tr
this action. The object SPWebApplication Name=extranetppd.contoso.com was updated by Service Account, in the w3wp
(6180) process, on machine Contoso001.  View the tracing log for more
information about the conflict.
At line:1 char:1

Clear the SharePoint cache , refer to the technet article

Ran the command again, works absolutely fine

Remove-SPWebApplication https://extranetppd.contoso.com/  -Confirm -DeleteIISSite -RemoveContentDatabases

Thursday, 23 April 2015

Delete / Force / Remove Rogue or Orphaned Site Collection in SharePoint 2013

Whilst provisioning app catalog site, encountered an issue with the database permissions. Aftering sorting that out, whilst re-provisioning the app catalog site , found the previous attempt added a rogue / orphaned site colleciton.

Though the site colleciton was visible in central admin, however, the option to delete was graded out.

Use the following Powershell, this did the trick.

$site = Get-SPSite https://intranet.contoso.com/apps/appstore
$siteId = $site.Id
$siteDatabase = $site.ContentDatabase
$siteDatabase.ForceDeleteSite($siteId, $false, $false)

Monday, 26 January 2015

Error while crawling LOB contents. ( Error caused by exception: Microsoft.BusinessData.Infrastructure.BdcException The shim execution failed unexpectedly - Exception has been thrown by the target of an invocation..: System.Net.WebException The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.; SearchID

Error while crawling LOB contents. ( Error caused by exception: Microsoft.BusinessData.Infrastructure.BdcException The shim execution failed unexpectedly - Exception has been thrown by the target of an invocation..: System.Net.WebException The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.; SearchID 

The issue with the certificates not being recognized as trusted in the SharePoint Farm. To resolve this:


  • Go the the Certificate, Click on Certificate Path 
  • Select the Root Certifcate, Double Click on it
  • Click on Details 
  • Click on Copy to File
  • Save the file
  • Now Go to SharePoint > Security > Manage Trust
  • Create a New Trust >  Import the Root certificate
  • Click oK
  • Run and iisreset on the SharePoint servers
  • Run a full crawl now


Issue resolved for me.

Check the ULS to find more information , may have to switch on verbose extended logging, but generally speaking, the cause of the issue will be the certificates.