Our topic currently is backup and recovery.

I finally decided to spell "backup" without a hyphen so now I am ready to go.  Here's some good references from our new friends:

• I found this post from Joel Oleson that provided alot of information
• And this one from Scott Jamison, et. al. at TechTarget.com.

I've got my WSS server running so I need this solution.

Of course WSS 3.0 includes a pretty strong backup tools inside Central Administration Operations.  In the Backup and Restore section, you get a Perform a backup option.

Here you can select the entire farm or any one of you web applications including Central Admin or Search.  You can select a full or differential and then specify a location for the backup file.  The location must exist and the logged in user and the SQL Server Service account must have access to that location.  It helps to make the taget folder a share so you can just map your backup out to \MyServerackups.

Of course the first time I tried it it failed with this error:

Access to the parth \MyServerackupsspbrtoc.xml is denied.

So, since this is a Timer Job, you have to go the Timer Job Definitions and delete the blown-up job.

I found one post that suggested adding the network service account to the backup folder will sufficient privileges to create and update the file. 

And another that said to run asp.net regiis -ir in the .NET 2.0 folder.

Then, I came upon this TechNet article which did very little to help.

So, I started over and I hate it when this happens but I created a share on my server and I gave Network Service, System and my App Pool Identity full control of the share and ran it again and it worked.

So that's great, I now have an excellent backup of my site collection.

Now, I notice that my Share permissions are a bit different from my folder permissions and it was the Share permissions I needed to set.  I was also able to eliminate Network Service and System and still get it to work.  I'm not surprised about Network System since I'm not using any such account anywhere but my SQL Server is running under the local system account and I thought it might make a fuss.  The only ID I needed is the App Pool Identity.

So now, each time I run a full backup, the resulting folder is 90Mb and again, I've got something less than 100 documents in the whole thing.

Oddly, if I have my App Pool Identity in my local administrators group and I give that group full access to the share, I get the access error.  But, if I list the App Pool Identity explicity, it will run successfully. 

I was also able to reduce the share permissions to read and create and it still worked.

So I try the same deal using the STSADM tool.  The command looks like this:

C:Program FilesCommon FilesMicrosoft Sharedweb server extensions12BIN>stsadm.exe -o backup -url http://MyServer/ -directory \MyServerackups -backupmethod full

And this generates alot of scrolling text in my command window but, in the end, it says it's failed with errors.

So I add System back to the share permissions and try again and the output says that the operation has completed successfully.

From all of this, I conclude that, using the CA UI, the logged-in user can trigger the job which will run using the CA App Pool Identity; if that identity has Read and Create on the Share, then the job ought not fail.  On the other hand, using STSADM, the command is run from Windows which triggers SQL Server which runs under it's own identity, in my case, it was LOCAL SYSTEM and, therefore, I had to add SYSTEM to the Share permissions with Read and Create.

Thanks for paying attention.

-robot

 WSS Search is a little peculiar in its most basic form.  For example, you may try a search and get an error that says:

Your search cannot be completed because this site is not assigned to an indexer. Contact your administrator for more information.

To start it, you have to visit your content database in Central Admin Application Management.  In the SharePoint Web Application Management section, click on Content Databases.  This should expose your content database for the farm.

Click on the database, and in there, you get to select a search server and then click OK.

-robot

So this characteristically less than straight forward.

I get this error, for example:

You must specify the default zone URL for all Web applications. To delete the Alternate URL Collection, remove the public URLs in all other zones, and then remove the default zone URL.

In Central Admin, I'm going to Alternate Access Mapping in the Operations | Global Configuration section.

There, I see my two web apps, in a column headed Internal URL.  Then, for both, in the Zone column, I get default.  Lastly, I get a Public URL for Zone column heading and my web sites' URLs are repeated.  These URLs, as I mentioned last time, are in the format http://MySharePointHost:xxxxx where xxxxx is the port number, 55555 for the SharePoint team site and 44444 for Central Cdmin.

What I'm trying to do is expose my server to the internet via my domain name.  As we mentioned, I'd like for internet users to see my site at http://www.mydomain.com:55555.  The problem is that when they visit that site, the links on the page all point to http://MySharePointHost:55555/SomePage.aspx and I need it to point to http://www.MyDomain.com:55555/SomePage.aspx.

So the Alternate Access Mapping page is is a typical SharePoint list with the actions:

1. Edit Public URLs
2. Add Internal URLs
3. Map to External Resources

So, I'm thinking I need to edit the public URLs so I click the link and I get to where I can select an Alternate Access Mapping Collection.  I select my team site and enter the following URLs:

1. Default – this one defaulted to http://MySharePointServer:55555
2. Intranet – I left this one blank.
3. Internet – I set this one to http://www.MyDomain.com:55555
4. Custom – I left this one blank.
5. Extranet – I left this one blank.

And I clicked Save.

And I end up with the two URLs in my list, one in Zone = Default and one in Zone = Internet.

Now if you play with the other zones, you start to see some pretty odd behavior.  But, I definitely can now access the Team Site from the internet using the http://www.MyDomain.com:55555 format.

So the question is, can we run two web serves through one external IP address?

I'd like for the old web server to respond when someone visits http://MyDomain.com

and I'd like for my SharePoint server to respond when someone visits http://MySharePointServer.MyDomain.com

Of course, I'll also need Central Admin to be available via http://MySharePointServer.MyDomain.Com:xxxxx

We have a router connected to the internet and the two servers are connected to the router.

We have a domain inside the router and DNS running on an Active Directory server.

As it's set up now, all the traffic is going to the old web server.  Can anyone explain how to get all the traffic to route as defined in DNS?

-robot

So, now the customer wants to be able to port his Oracle data into his SharePoint sites and that will require an authentication provider for Oracle user names and passwords.

The good news is that the boss said, to support this effort, we can spin-up a new MOSS development server and an Oracle database server so this should be fun.

Now, the little I know about authentication is the NTLM and Kerberos are different.  Oh, and I know that SQLServer can use Windows authentication or its own.  That's why the sa user has his own password and I don't even though I'm a sysadmin.

So, I'm looking for help and this is what I've found:

Here, our new best friend, Andrew, explains the web.config and database activities to support the alternate authentication providers we'll need to duplicate for Oracle.  This allows SharePoint access via each of three processes: NTLM, Forms or Anonymous.

I'm thinking that the Oracle authentication is simply an extension of the FBA authentication supported on the back end by Oracle instead of the SQLServer database Andrew describes.

Forms based authentication is covered in detail here.

Adam (ARB) gives us a look at the MSOracle mix here.

And, here, we have a pretty good explanation on authentication and alternative access mappings.

-robot

OK, so the problem is that during the install, I told SharePoint my url was my host name, "MyServer" which is no problem when I'm on the server because the server knows its own name.

On a seperate LAN computer, it's not really a problem either if I go to http://MyServer:55555 because my Windows network knows where MyServer is.  I'm guessing that's "WINS resolution."

But is I approach from the public side of the router, I'm going to http://MyDomain.Com:55555 and my router knows to send incoming hits on port 55555 to 192.168.1.100, and what happens is this.  It hits IIS and IIS says "oh, this web site has been extended to SharePoint.  I'll send it to MyServer/Default.aspx" and, of course, from the other side of the router, MyServer has no meaning, thus, Page Not Found.

So, when I try, http://MyDomain.com:55555/default.aspx, IIS is not as stupid; it knows to look up default.aspx no problem.  The problem is that the links on dafault.aspx are all coded with http://MyServer:55555/somelink.aspx which, of course, breaks because the internet is not smart enough to figure out where http://MyServer:55555 is.

So I add a host record in my HOSTS file that says 24.24.24.24  MyServer (asumming my IP address is 24.24.24.24.) and all is well.  From an external comuter, I can go to http://MyDomain.com:55555 and get http://MyServer:55555/default.aspx and all the links to http://MyServer:55555 on the pages work just fine.

So the only objectives remaining are how do I get two servers inside a router to share an IP address (24.24.24.24) and a port (55555)?

-robot 

OK, I've got a decent host with SQL Server and .Net Fx 2 and 3 but it's not part of a domain.  I create a local user named WSSService and make him an admin on the box and sysadmin in the SQL Server.

The server name is MyServer01 and it's IP address is 192.168.1.100.

I also have a second, "live" web server that's running on another server on port 80 so, on my router, I  configure port forwarding to forward incoming hits on port 55555 to 192,168.1.100, my new WSS Server. 

I install WSS, the free download from Microsoft.  This is the file named sharepoint.exe.  The WSS install goes off without a hitch and I run through the Central Admin settings no sweat and Central Admin comes up perfectly.

I create the web application and select "Create a New Web Site" telling it to use port 55555.  The URL is http://MyServer:55555.

I select the site template and, drumroll, there it is, my new team site.

Here's the problems.

First, when I move off the server to another local network computer, and I browse to http://MyServer:55555, I get Page Not Found.  If, on the other hand, I browse to http://MyServer:55555/Default.aspx, I get prompted for a user name and password.  I use the MyServerAdministrator account and enter the password and I get the team site.

Second, when I'm still working on this second network workstation, I try to add a web part and I get an error: Unable to add selected web part(s). Content Editor Web Part: An error has ocurred.

The only web parts I can add on the page are the one created for site lists and libraries.

There two other weird things.

I try to create a new list like Site Actions | Create | Links.  I enter the name and click Create and the name disappears but the page does not go away.  If I enter the name again, I get the "SPecified Name is already in use." error and, in fact, the list had already been created.  If I play around with it enough, I get an "invalid template" error.

 And the last thing is in the Web Part Gallery, if I try to preview the web part, I get a "page not found" error.  Of course the web part preview is trying to load:

http://MyServer:55555/_layouts/WPPrevw.aspx?ID=2

If I change the URL to:

http://192.168.1.100:55555/_layouts/WPPrevw.aspx?ID=2

The web part will preview just fine.

So somewhere my name resolution is failing to properly associate the IP address with the Server name.

Is there a solution on a LAN without a domain controller?

-robot

So, we've worked a little magic with SharePoint KPI tools.  I was trying to articulate a business case for some KPI development overhead and sought out some support.  The problem was that the data lived in a database owned by a DBA with, shall we say, less that elegant table manners?

So first, I found this from TDWI which make a pretty good case for KPI's.  You have to scroll way down to get to the article.

Then, I saw that they had a nice freebie poster they call the "Three Threes of Perfomance Dashboards."

Then, they do a nice piece on the PrerformancePoint Server that Microsoft rolled out last month.

So we love freebies, of course, but I'm a little curious about the name TDWI.  Wouldn't you think it was silly if the football they play on Sunday was called TNFL?

So, now that it's October, we've got these new topics to discuss.

 -robot

So, no sooner do we become experts at one aspect of our occupation than we're asked to do somehting different.

Consequently, now that we are expert at the MOSS 2007 install, they move up to a .Net devleopment effort.  And, not only that, but one that appears to be one the downslide.  So they're asking me to write a bunch of code which, you guys know, is not my best talent. But all the same, we are now experts at c# so we have to act like it.

We're also using Team Foundation Server which we looked at tin detail last summer when we piloted the Visual Studio Team Edition for Database Professionals for Microsoft.  More on that later.

Today, our topic is CMMI and honestly, I had to visit at least a half dozen web pages before I could fogure out what CMMI stood for.  Does that bother anyone else, using a TLA when you don't know what the letters stand for?

Anyway, CMMI is "Capability Maturity Model – Integration."  and here, I've found the best resource so far.  Our new best friends at Entinex explain the basics:

The "maturity" scale has 5 levels, 1 through 5: ad hoc, repeatable, defined, quantitatively managed and optimizing.  And, the "capability" scale has 6 levels, 0 through 5: incomplete, performed, managed, defined, quantitatively managed, and optimizing.  The differences are the subject of several articles available on the SEI's Web site (www.sei.cmu.edu).  Because the "maturity" levels are pre-defined, the approach is called "staged."  The "capability" approach is called "continuous" because the performance of the processes are tied to business objectives (which can change) and are defined less specifically by the model.

Basically, "immature" development organizations do things in an "ad hoc" manner, i.e. "staged" level 1, and "incapable" organizations "incompletely" do what they must to get the job needed by the business done, i.e. "continuous" level 0.  Unfortunately, even with CMM/CMMI now available for over a decade, most software companies still operate at these levels.

For example, go tell your boss that "we're operating at a "repeatable performance level" and he will immediatly see that the objective should be to define those processes in both terms of maturity and capabilities.  Clearly, I need to work on defining my capabilities at writing c# code.  But this is an inflection point because, up to now, I have always used SharePoint "out of the box" limiting the code to HTML, CSS and Javascript.

So, essentially, this is another effort to quantify just how compicated software development is.  I've always thougt you avoid alot of these problems by making the product develop itself and starting by making the user write his own help files.  One problem is when we had an architect that couldn't write and wouldn't pay me to transcribe his ravings. Technology is always a constraint, we just have to learn to live within it.  First, we make it quit hurting and then we get to choose between making it feel good and making it quit hurting for other people.

-robot

Out of the box, MOSS 2007 will not search and index the text in .pdf files. Consequently, one of the things you’ll want to do to a new portal is empower that actvity and, in addition, snag the .pdf icon so it will show up in document libraries.

The first effort is covered in Jerry’s Blog here.  It invloves installing the .pdf iFilter.  My understanding is that it matters whether your host is running on 32 or 64 bit operating systems so, assuming you’re running on a 32 bit sytstem, you can use Adobe’s iFilter found here. 

Stop the IIS Admin service which is found in your services .mmc application.  This will also stop WWW publishing service and the HTTP SSL ssl service.

Run the iFilter.exe.

Then you need an icon for the .pdf.  The icon you want is called icpdf.gif and I found a suitable example here. You need to put him in:

“C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\Template\Images”

Then, you have to edit the .xml file that SharePoint uses to map file types to icons.  That file is:

C:\Program Files\Common Files\Microsoft Shared\Web server extensions\12\Template\Xml\DOCICON.XML

Add an entry for the .pdf extension using this format:

<Mapping Key=”pdf” Value=”icpdf.gif”/>

Run your IIS Reset.

Then, you need to include the .pdf content in your search configuration so go to the Shared Service Provider that’s hosting your search service and click on Search Settings, then File Types, then New File Type.  Add the pdf, without the dot in front, and click OK.

Then, Jerry says to perform a Full Update on the search content indexes.  You can find this link by starting from the Search Settings page and clicking on Content sources and crawl schedules.  Then, hover over your content source, pull down the smart menu and click on Start Full Crawl.

hth 

-robot