Archive for December 2012


Some Notes Re: SharePoint 2010 User Profile Synch Service

So there’s a lot been said about the User Profile Synchronization Server in SharePoint 2010.

Let’s take a minute to point out a couple of interesting points.

First, returning as our new best friend in Harbar his Rational Guide to the UPSS. So we’re not going to try to improve upon or replace any of that except as follows.

Once we’ve deployed our two server farm in a friendly domain, we’re going to run the Configuration Wizard in Central Admin. Now that will do a lot of things but it won’t get the UPSS running.

So we visit Services on Server and we’ll see:

Fig. 1: Services on Server

So, we click Start and it changes to  Starting for a minute but then you refresh and it’s gone back to Stopped.

Also, we go to the Manage Service Applications, which is different from Service on Server, by selecting Application Management | Manage Service Applications and clicking on the User Profile Service link:

Fig. 2: User Profile Service Management Link

… where we find the <hidden> Manage Profile Service: User Profile Service page:

Fig. 3: Manage Profile Service

Here, we try to Configure Synchronization Connection and Create New Connection and SharePoint barfs saying it can’t load the page because the profile service is running or not running or something.

So here’s what’s happened. When we ran CA’s configuration wizard, it tried but failed to initiate the UPSS and left it hung and it hung for a couple of reasons and left some splat files in various places that we have to fix.

First, we have to stop the service that’s trying it’s best to run. This is a SharePoint Management Shell (i.e. PowerShell) task.

We run Get-SPService and see that the service is, in fact, online:

Fig. 4: Get-SPServiceInstance

We get the GUID and run Stop-SPService Instance <GUID>

Fig. 5: Stop-SPServiceInstance

… and it takes a moment to “Unprovision” itself.

Then, it’s Disabled.

Fig. 6: UPSS Disabled

Now we can do a couple of things.

First, we can go delete the certificates it created with that bad GUID by running MMC and loading the Certificates Snap-in. Now, we’ll have to do this for the local computer and for the logged-in user, but we drill down to all the certificate stores and everywhere we find a ForeFront certificate, we’ll delete it.

Then we’ll go into Active Directory and right-click on our domain and select Delegate Control. Here we run through the wizard, select our service account and then select the Create a Custom Task option:

Fig. 7: Create a Custom Task

… Then, on the Permissions page, I check the Replicate Directory Changes permission:

Fig. 8: Replicating Directory Changes

Then finish the wizard.

Lastly we run ADSIEdit.msc on the domain controller. Here, we’ll connect the root to a Well Know Naming Context called Configuration. Then, we’ll right-click on the configuration and select Properties.

On the Security tab, we’ll add our service account and give it the Replicating Directory Changes permission:

Fig. 10: Replicating Directory Changes Permission

Then we’re done with that, we can start our UPSS and create our connection.



More Help with InfoPath 2010

First, we’ll get some help here with turning on the services so the services are all working: Error: The form cannot be rendered…

And, this, from MSDN, shows us how to embed code in forms that can run in a server’s local sandbox: InfoPath 2010 and Visual Studio

But what we really need is to figure out how to get our form projects created in Visual Studio.

So, if we’re starting from scratch, this gem from MSDN is a prerequisite:

Building SharePoint Applications with InfoPath 2010 (Part 1 of 2)

Here we learn a thing or two. First we’re not going to get very far telling our customers to figure it out themselves using Word or Access; InfoPath is the only solution that support moderate complexity and custom, C# code.

Note also, that our options are to develop bullet-proof “administratively deployed forms in SharePoint’s InfoPath form server. This, of course requires access to Central Admin. And if your customer is a SharePoint consumer, that may involve interaction with an IT department that’s less accommodating that one might expect. Alas, InfoPath will allow us to install local forms with custom code. This video, from MSDN, explains that these local form solutions will  run in a server’s local sandbox: InfoPath 2010 and Visual Studio. We can also see that the sandbox draws the line at access to the client files and settings. So really, these “local-custom” form will probably suffice in many situations without having to poke the IT hornets’ nest.

So here’s a great “Hello World” starter from MSDN: Using the InfoPath 2010 Object Model and Visual Studio Tools for Applications

Here, we learn, if you want to embed your code in your form and install it into a site library, you’ll have to use MS Visual Studio Tools for Applications. This is an Office Setup operation. You’ll have to have your Office install bit and may need your product key. Include the .Net Programmability option and it takes the rest of the day!

When you run the install, you’ll get to a point where you get to select the components you need to install. The InfoPath component will have an expansion “+” icon and you can blow it up until you get to where you can select to have MS VS for Applications “Run from my computer.”

Also, be sure your target SharePoint site is in a site collection where the SharePoint Server Enterprise Site Collection features” have been activated. This is different from the top level site collection’s site features and you can find it at: /_layouts/ManageFeatures.aspx?Scope=Site

And here’s a great detailed listing for control that will and won’t work in browser forms: InfoPath 2010 features unavailable in Web browser forms

So we can get to VST for Application on the second part of MSDN’s Building SharePoint Applications with InfoPath 2010 (Part 2 of 2) which seems to be very well written and provides a great glimpse at the need for the SharePoint Sandboxed Solutions Service.