Archive for the Category SharePoint 2010


PowerShell at the Document Library Level

Well it’s tough being a robot and always waiting for someone to ask you to do something and then you’ve got to figure out how to do it like yesterday.

Case in point, after we migrated 10,000 documents to the customer’s new SharePoint site they said “Well, all those are published; we need them unpublished.”

And you know how I hate the whole SharePoint version control, check out, publish routine but here we are and our answer is, of course PowerShell.

If you look at first, you’ll not find any specific cmdlets pertaining to libraries or documents. So good thing we have our new best friends to help.

First, here, Salaudeen, gives us a great look at extending the SPWeb object to the folder\library and then manipulate the items in it. Essentially, the routine is:

  1. Get-SPWeb by URL
  2. Set library variable to SPWeb.GetFolderand use the library name.
  3. Set files variable to Library.Files
  4. Call a Files.Add and pass it the library name, the file path\name and an overwrite variable, true or false.

That’s all good but there’s more at CodePlex here and here.

These ought to get you in business pretty quickly.



Some Notes Re: SharePoint 2010 User Profile Synch Service

So there’s a lot been said about the User Profile Synchronization Server in SharePoint 2010.

Let’s take a minute to point out a couple of interesting points.

First, returning as our new best friend in Harbar his Rational Guide to the UPSS. So we’re not going to try to improve upon or replace any of that except as follows.

Once we’ve deployed our two server farm in a friendly domain, we’re going to run the Configuration Wizard in Central Admin. Now that will do a lot of things but it won’t get the UPSS running.

So we visit Services on Server and we’ll see:

Fig. 1: Services on Server

So, we click Start and it changes to  Starting for a minute but then you refresh and it’s gone back to Stopped.

Also, we go to the Manage Service Applications, which is different from Service on Server, by selecting Application Management | Manage Service Applications and clicking on the User Profile Service link:

Fig. 2: User Profile Service Management Link

… where we find the <hidden> Manage Profile Service: User Profile Service page:

Fig. 3: Manage Profile Service

Here, we try to Configure Synchronization Connection and Create New Connection and SharePoint barfs saying it can’t load the page because the profile service is running or not running or something.

So here’s what’s happened. When we ran CA’s configuration wizard, it tried but failed to initiate the UPSS and left it hung and it hung for a couple of reasons and left some splat files in various places that we have to fix.

First, we have to stop the service that’s trying it’s best to run. This is a SharePoint Management Shell (i.e. PowerShell) task.

We run Get-SPService and see that the service is, in fact, online:

Fig. 4: Get-SPServiceInstance

We get the GUID and run Stop-SPService Instance <GUID>

Fig. 5: Stop-SPServiceInstance

… and it takes a moment to “Unprovision” itself.

Then, it’s Disabled.

Fig. 6: UPSS Disabled

Now we can do a couple of things.

First, we can go delete the certificates it created with that bad GUID by running MMC and loading the Certificates Snap-in. Now, we’ll have to do this for the local computer and for the logged-in user, but we drill down to all the certificate stores and everywhere we find a ForeFront certificate, we’ll delete it.

Then we’ll go into Active Directory and right-click on our domain and select Delegate Control. Here we run through the wizard, select our service account and then select the Create a Custom Task option:

Fig. 7: Create a Custom Task

… Then, on the Permissions page, I check the Replicate Directory Changes permission:

Fig. 8: Replicating Directory Changes

Then finish the wizard.

Lastly we run ADSIEdit.msc on the domain controller. Here, we’ll connect the root to a Well Know Naming Context called Configuration. Then, we’ll right-click on the configuration and select Properties.

On the Security tab, we’ll add our service account and give it the Replicating Directory Changes permission:

Fig. 10: Replicating Directory Changes Permission

Then we’re done with that, we can start our UPSS and create our connection.



InfoPath Forms Deployment in SharePoint 2010

So let see what trouble we can get into with InfoPath.

First, one thing you always need is how to create a meaningful file name. So we get our new best friend, SYM, at, to help us here. I wonder if SYM knows PSY? If so I bet he’s got the same game.

So that let’s us name our files with something intelligent instead of Form1.xsn. 

Then he goes on to eliminate the peculiar error when the first form is submitted here.

 Then we have these: InfoPath: Restrict visibility to users in a SharePoint Group.

BizSupportOnline.Net: Auto-numbering InfoPath forms when they are submitted to a SharePoint form library.

BizSupportOnline.Net: InfoPath Q&A: How do I avoid getting NaN when using the max() function? Packaging InfoPath Forms into Site Features. InfoPath – Query Specific SharePoint List .

StuartRoberts.Net: Programatically register InfoPath form for Web Browsing in SharePoint.

StuartRoberts.Net: Deploying InfoPath Form to SharePoint 2010 Site.

TechNet: Manage administrator-approved form templates (SharePoint Server 2010).

YBBest SharePoint Pie: Deploy InfoPath Form as SharePoint Feature in SharePoint 2010.



You Don’t Have to Do It All By Yourself!

… and the number one reason why SharePoint is fun is:<DING>

The SharePoint Community!!!

And what you find when you pull your little flower off the wall is that if you reach out, you’ll find someone that’s getting rich giving you what you need for FREE!!!

I don’t know how that works but I like FREE.

For example, like Herman Cain said here (at 3:42), Errybuddy Need Toucan Stubbs, everybody that calls themselves a SharePoint Anything knows the number one problem with SharePoint in Production is: <DING>

Unchecked Site Sprawl.

Yes, sites reproduce themselves like rabbits in March and, before you know it, you’ve got more rabbit stuff in more places than anyone can manage. The growth is EXPONENTIAL. If you need a quick lesson in exponential growth, check out this explanation from our favorite mathematician, Vi Hart.

Is that the best description of SharePoint site sprawl ever?

Now, like a robot, I prevent this with one mindless assertion:

Nobody gets permissions to edit permissions but me.

Then, like a robot, I take care of  all permissions.

Of course, no human is capable of that kind of effort. In the human world, what you need is a governance plan and that is where our new best friend, Kate, at InfoTech really steps up. She’ll GIVE us a SharePoint governance plan FOR FREE right here.

They even let you take their logo off it and put your own on it. Boom, just like that, you’re in the SharePoint Governance Business.

Then, they’ll entice you with other free stuff.

Like this vendor selection support,  this cool vendor comparison tool, and these SharePoint DEV\OPS Management resources.

So, since this robot has already covered the install, now, here you have all you need to select, assess, manage, customize and govern your SharePoint empire.

Clearly, the only reason SharePoint talent in such demand is that SharePoint skills are scarce. And the number one reason that SharePoinit skills are scarce is <DING>

People can’t read!

Lucky for me, the same does not apply to robots.

So, learn to read, put on your metal Skullcrusher (2:20) and get in the game. This robot is tired of having to deal with pushy recruiters.



ps. Special thanks to Kate at InfoTech. Keep all that great stuff coming!


Unable to Authenticate to Local Site? Disable Loopback Check

This one never gets old. Everytime we want to install SharePoint, we tend to continue to work on the server getting as much done as possible. And, everytime, we’re confronted with the inability to authenticate using Windows username and password and a browser on the web front end server.

You try so carefully to enter your DomainName\UserName and password exactly correctly and hit enter, enter, enter and you get a 401 or, worse, just a blank screen. As we’ve learned, what we’ve encountered is the dreaded anti-loopback monster.

Now, the ALM is a fine security measure on a server that you deploy and then spend the rest of your life as a SharePoint admin working from another workstation. It simply prevents authentication from the local machine using host headers other than the machine name. It’s detailed here on Apparetly the threat is a “Reflection Attack” which reminds me of my mirror on the occasional Sunday morning before my shower.

Essentially, we’re creating a two registry keys:

  1. DisableLoopbackCheck dword registry key with a decimal value of 1 in the HKLM\SYSTEM\CurrrentControlSet\Control\Lsa hive. 
  2. DisableStrictNameChecking dword registry key with a decimal value of 1 in the HKLM\SYSTEM\CurrrentControlSet\Services\
    Server\Parameters hive.

Once we restart, we should be able to access our sites locally using the propery credentials. Of course, this is a “must have” kind of thing if you’re building a development box where you’ll be accessing the WFE from the local machine in Visual Studio.


Link to Create Instance of Content Type

Sometime, you want to give your user a link to create a document in a library somewhere using a document template tied to one of the library’s content types.

Our new best friends at gave us a head start on figuring it out. I just had to pull out my ASCII character map to decode all the escape characters and found they mostly didn’t matter.  So, using our handy dandy content editor web part, we can drop this code in place to cross this one off our list:

<A onfocus="OnLink(this)" HREF="XXX Item 1 XXX" onclick=
"createNewDocumentWithProgID('XXX ITEM 2 XXX', 'XXX ITEM 3 XXX',
'SharePoint.OpenDocuments', false)">Create Instance of Content
Type in Specified Library</A>

Just replace my place holders as follows:

“XXX ITEM 1 XXX” = Relative path to template in \Site\Subsite\library\forms\content type\ folder, i.e.


 I’m using %20 for blank spaces. You can browse to the folder in Explorer view to be sure you have it right. Just swap the \s in favor of /s

‘XXX ITEM 2 XXX’ = Full path to template in \content type folder. In my example above, that would be:


Use single quotes.

‘XXX ITEM 3 XXX’ = Full path to host library. In my example above, that would be:


Again use single quotes.

I’m not sure what the OnFocus= does for us and I can’t testify to the efficacy of the relative vs. full paths but this format does the trick for me.


SharePoint 2010: Blank Web Part Pages

You guys that know me, know I like my screens as blank as possible sometimes and, earlier,  here, we built a content editor web part that made everything disappear except a Toggle Edit link that let you get to the web part controls.

Well, in SPF 2010, this is all blown up. No sweat, though, because it’s easy enough to open the site in SharePoint Deisgner and create a new .aspx page and drop a web part zone on it.

But you’ll still want to be able to edit the page in the browser so the new JavaScript link for edit is:

<a href=javascript:ChangeLayoutMode(false);

I have not figured out how to toggle out of edit. I also have not figured out how to get the typical sharepoint styling on the page.

Sounds like an update might be in the offing.


Got PowerShell Figured Out Yet?

Here’s the answer from our new best friend Gary.

His post covers:

  • -loops
  • -variables
  • -arrays
  • -math
  • -string concatenation
  • -output

In this post, he shows us how adding:

> .\filename.txt

to a command writes the output to a file in the current directory and also how adding:

 | format-list 

to a command converts our output from a nice table with headers and everything to a list with space to be more verbose. For example, try these two:

get-process winlogon

and this:

get-process winlogon | format-list

This is the most I’ve learned in the shortest amount of time in a long time. Especially if you count the fact that I now know there’s only four perfect numbers less than 200,000.


Continuing with SharePoint Management Shell

First of all, to echo a point we made a few days ago, our new best friends at Acme Solutions talk about SMS here. They agree that it will be the tool of choice for the SharePoint 2010 administrator.

Then, since we’re still trying to get our feet under us in this environment, we found this from our new best friend, Gary. He confirms we we had said earlier that SMS is just MS PowerShell with SharePoint 2010 library added in and he proves it by looking at the shortcut properties when you right click on Start | Programs |SharePoint 2010 | SharePoint Management Shell.

Here we see the target is just:

-NoExit  " & ' C:\Program Files\Common Files\Microsoft Shared\
Web Server Extensions\14\CONFIG\POWERSHELL\Registration\
\sharepoint.ps1 ' "

Here we see that the shortcut is just a PowerShell Script of it’s own:

$ver = $host | select version
if ($ver.Version.Major -gt 1)  {$Host.Runspace.ThreadOptions = "ReuseThread"}
Add-PsSnapin Microsoft.SharePoint.PowerShell
Set-location $home

We looked at the Add-PSSnapIn command previously and turns our PowerShell environment into a SharePoint Management Shell environment by adding the microsoft.sharepoint.powershell library. But this also shows us that we can set variables using the $VariableName = Value format.

Prove that to yourself by opening PowerShell and enter:

$robot = "I Love Robots"

and then do:


So we’re checked out on setting PowerShell variables.

Finally, the SharePoint.ps1 script includes a largish #sig block of apparently random characters. I presume this has something to do with signing scripts. Recall in our create and delete script that we did last week, we included a   line that said:

Set-ExecutionPolicy RemoteSigned

Now, obviously, I plagerized this from somewhere becasue you all know as much about this or more than I do. And I apologize to my source, whoever you are, because I also try to credit you guys when we benefit from your genius. But, since it’s escaped me, I can only say that I recall reading that this command will allow local scripts to run unsigned but still require remote scripts to have a signature. I’m guessing this big block of characters has something to do with that kind of signature.



Windows PowerShell 2.0

So, we’re looking at this SharePoint Management Shell and learning a bit about it. One thing for sure, if you’re a SharePoint admin you’re going to want to run Windows PowerShell locally.

Here’s the download page from TechNet

This is what Microsoft calls its “Core Management Framework” which includes the Remote Manager and the Background Intelligent Transfer Service (BITS.) The download I chose for my XP laptop did not include the BITS component. When it’s installed, you get the command line interface and the “Integrated Scripting Environment.” They appear under Start | Programs | Accessories | Windows PowerShell.  

Also, there’s a decent intro to PowerShell scripting from our new best friend Todd on TechNet here.