SharePoint 2007 and 2010 both support .stp templates. So the east way to migrate a list should be to create a template in 2007, upload to 2010, and create the list from it. Except that wont work, SharePoint 2010 complains that the it doesn't support version 3 templates. Fortunately there is a fairly easy way to fix this.
Thursday, 11 September 2014
Wednesday, 10 September 2014
Which services run on each server in a three tier SharePoint 2010 setup
It's not obvious which services should run on each server in a three tier farm. So this quick reference should help.
Web Front End
Application
Web Front End
Microsoft SharePoint Foundation Web Application
Search Query and Site Settings Service
SharePoint Server Search Service
Application
Access Database Service
Application Registry Service
Business Data Connectivity Service
Central Administration
Claims to Windows Token Service
Document Conversions Launcher Service
Document Conversions Load Balancer Service
Excel Calculation Services
Lotus Notes Connector (If required)
Managed Metadata Web Service
Microsoft SharePoint Foundation Incoming E-mail
Microsoft SharePoint Foundation Workflow Timer Service
PerformancePoint Service
PowerPoint Service
Search Query and Site Settings Service
Secure Store Service
SharePoint Foundation Search
SharePoint Server Search
User Profile Service
User Profile Synchronization Service
Visio Graphics Service
Web Analytics Data Processing Service
Web Analytics Web Service
Word Automation Services
Word Viewing Service
Friday, 8 August 2014
Rename Central Administration Database (Sharepoint_Config)
The Central Admin DB is automatically created with a horrible GUID. To remove this we need to create a new DB, move the DB and remove the old DB.
Converting Central Admin to SSL
During the installation of SharePoint there isnt an option to use SSL for Central Admin. I would recommend that even if you dont use SSL for any of your sites, Central Admin should.
Steps overview
- Get the SSL Certificate
- Obtain from Trusted Certificate authority or
- Create a Self-signed SSL certificate
- Edit the Binding of the web application in IIS
- Execute STSADM Command to Update Registry Settings on the SharePoint Farm
- Change the alternate access mapping(AAM)
1. Get an SSL certificate
you can either get your certificate from a trusted cert provider such as Verisign, DigiCert etc. or you can create your own 'Self Signed'.
To start, connect to the server that hosts Central Admin, and launch IIS Manager.
Click on the server in the connection column on the left, then double click 'server certificates'.
Click 'Create Self-Signed Certificate'
Choose a friendly name and click next e.g 'Intranet Certificate'
You should now see that the new certificate has been added to a list of server certificates.
1. Edit central admin binding in IIS
Select your Central Admin site from the sites folder on the left. Then click 'Bindings'.
Click 'add' then select 'https'. The Port and IP address should already be the same as the image below.
Under SSL certificate choose the name of the certificate you created in the last step.
Finally, click 'OK' accepting any warning you might see.
You should now see to bindings for the site. select the original http binding and click remove.
Close the site bindings window.
double click 'SSL Settings' from the
We need to force the site to use only use SSL by choosing 'Require SSL'
3. Execute STSADM Command to Update Registry Settings on the SharePoint Farm
Launch the command prompt and execute the following command to update the port for central admin across the Farm.
4. Change the alternate access mapping in Central Admin
if you lauch Central Admin now, it should be working over SSL, but will give you a warning about the sites security certificate. To stop this from happening we need to modify the AAM to include the FQDN.
From central admin select 'Configure alternate access mappings' from System Settings.
Click 'Edit Public URLs'
Select the Central Admin collection.
Change the default url to include your fully qualified domain name (FQDN)
Tuesday, 15 July 2014
Object Cache: The super user account utilized by the cache is not configured. This can increase the number of cache misses, which causes the page requests to consume unneccesary system resources.
A colleague had tried to fix this problem yesterday, and I came in this morning to find one web application was down. It gave me a correlation ID, which led me to the following...
After checking the ULS logs I didn't immediately suspect the change of superuser/superreader accounts to be to blame but the event viewer was showing loads of event 7362 errors.
As the warning in the event log suggests there is a way to fix this by running an STSADM command. Unfortunately this is only part of the story.
The way to correct this problem is to first create two normal user accounts in AD. These are not service accounts. You could call them domain\superuser and domain\superreader, but of course that’s up to you.
The domain\superuser account needs to have a User Policy set for that gives it Full Control to the entire web application. In order to do this you perform the following steps:
The way to correct this problem is to first create two normal user accounts in AD. These are not service accounts. You could call them domain\superuser and domain\superreader, but of course that’s up to you.
The domain\superuser account needs to have a User Policy set for that gives it Full Control to the entire web application. In order to do this you perform the following steps:
- Go to Central Administration
- Go to Application Management
- Go to Manage Web Application
- Select the web application
- Click User Policy
- Add Users
- Click Next
- Fill in domain\superuser
- Select Full Control
- Click OK
The domain\superreader account needs to have a User Policy set for that gives it Full Read to the entire web application. In order to do this you perform the following steps:
- Go to Central Administration
- Go to Application Management
- Go to Manage Web Application
- Select the web application
- Click User Policy
- Add Users
- Click Next
- Fill in domain\superreader
- Select Full Read
- Click OK
If you are using claims authentication the accounts can only be updated using powershell, not stsadm. The user name also needs to be preceded by i:0#.w|
Finally perform an IISRESET
Thursday, 10 July 2014
Export All Unique Permissions from Site Collection using PowerShell
This handy script loops though all sites, lists, libraries and documents in a Site collection and exports all the permissions into a csv.
Just remember to replace '' with your site collection URL.
Just remember to replace '' with your site collection URL.
Recycling IIS the easy way
Sometimes (not very often) I need to recycle IIS on all the servers in the farm. Rather than go round one by one I use this handy Powershell script.
Save the following code as a *.ps1 then right click and 'Run with Powershell'
Save the following code as a *.ps1 then right click and 'Run with Powershell'
Subscribe to:
Posts (Atom)