KB: My Links missing in SharePoint 2010
Leave a CommentSee http://www.sharepoint911.com/blogs/laura/Lists/Posts/Post.aspx?ID=74
KB: SharePoint Search Service cannot crawl user profile
Error in Application event log:
The start address sps3://nsppweb-sspt91 cannot be crawled.
Context: Application ‘Search_Service_Application’, Catalog ‘Portal_Content’
Details:
Access is denied. Verify that either the Default Content Access Account has access to this repository, or add a crawl rule to crawl this repository. If the repository being crawled is a SharePoint repository, verify that the account you are using has “Full Read” permissions on the SharePoint Web Application being crawled. (0×80041205)
Cause:
The search service account does not have “Retrieve People Data for Search Crawlers” permission in the User Profile Service Application.
Resolution:
See http://www.thesanitypoint.com/archive/2010/05/27/successful-sharepoint-2010-people-search.aspx
KB: Import SharePoint User Profile Pictures from Active Directory “thumbnailPhoto” attribute
Step 1) Add new import mapping for Active Directory thumbnailPhoto attribute to Picture profile property
Step 2) Start full user profile sync
Step 3) Run SharePoint PowerShell command as the User Profile Service Application account (IMPORTANT! otherwise it will end up with “Update-SPProfilePhotoStore : Object reference not set to an instance of an object” error.)
Update-SPProfilePhotoStore -CreateThumbnailsForImportedPhotos 1 -MySiteHostLocation
http://hostname/my
Will I get a better Silverlight Organization Browser?
SharePoint 2010 has new structure called Organization Profile which answers the need for a real org chart in enterprises – group people by department, division and team hierarchies rather than just the reporting manager. (see http://alberto.casu.it/technology/sharepoint-2010-organization-profiles/)
Everything looks impressive except no out of the box UI in RTM is utilizing this…
The OOTB Silverlight Organization Browser webpart calls https://server/MY/_vti_bin/SilverlightProfileService.json/GetUserSLProfileData to get the user profile data which utilize the Microsoft.Office.Server.UserProfiles.SilverlightProfileService in Microsoft.Sharepoint.Portal.dll
<%@ WebService Language=”c#” Class=”Microsoft.Office.Server.UserProfiles.SilverlightProfileService, Microsoft.Sharepoint.Portal, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c” %>
The Microsoft.Office.Server.UserProfiles.SilverlightProfileService.GetUserPLProfileData is fairly simple which takes AccountNames and returns SLProfileData object. The Silverlight webpart will then do subsequent calls to GetUserSLProfileData to get the parent and siblings profile details in the same way.
A high chance that we can write our own SilverlightProfileService to return organization profile also.
And interesting enough, the GetOrganizationSLProfileData is actually there! Looks like the developers are too busy to finish it before shipping the RTM.
KB: ForeFront UAG returns “An unknown error occurred while processing the certificate” error when the backend application server SSL certificate fails CRL check
UAG willl validate backend application server’s SSL certificate and the error may happens with self signing certificate for testing purpose.
Solution:
1) Use certificate which can pass CRL validation
2) Disable CRL check by changing the following registry key in UAG HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\e-Gap\Von\URLFilter\Comm\SSL
Change “ValidateRwsCertCRL” from 1 to 0
What you can do with the TMG that installed with UAG?
ForeFront TMG is installed together with UAG to support certain UAG functionalities but it’s not intended to be used as a full product TMG. Good to know what are the supported usages of the TMG running on UAG.
From: http://technet.microsoft.com/en-us/library/ee522953.aspx
Forefront TMG running on Forefront UAG
By default, Forefront Threat Management Gateway (TMG) is installing during Forefront Unified Access Gateway (UAG) Setup. Forefront TMG is installed as a complete product, and is not modified to run on a Forefront UAG server.
Forefront UAG uses Forefront TMG, as follows:
- Forefront TMG acts as a firewall, protecting the Forefront UAG server.
- Forefront UAG uses Forefront TMG infrastructure and functionality in some deployment and monitoring scenarios.
Although you can configure Forefront TMG running on Forefront UAG using the Forefront TMG Management console, Forefront TMG is intended for use of the Forefront UAG infrastructure only. Specifically, the following is not supported:
- Forefront TMG is installed automatically during Forefront UAG Setup, and removed automatically if Forefront UAG is uninstalled. Installing and uninstalling only Forefront TMG is not supported.
- Forefront TMG as a forward proxy for outbound Internet access.
- Forefront TMG application publishing, except for the publishing scenarios listed in the Supported Forefront TMG configurations section that follows.
- Forefront TMG as a site-to-site VPN.
- Forefront TMG as an intrusion protection system.
- Forefront TMG as a network perimeter firewall. Forefront TMG running on Forefront UAG is only intended to protect the Forefront UAG local host server.
- Publishing Forefront TMG via Forefront UAG.
- Any other scenarios not specifically listed in the Supported Forefront TMG configurations section below.
Supported Forefront TMG configurations
You can use Forefront TMG running on the Forefront UAG server, as follows:
- Creating access rules using the Forefront TMG Management console, for the purpose of limiting users, groups, and networks for granular access when deploying Forefront UAG for VPN remote network access.
- Monitoring with the Forefront TMG Management console.
- Limiting users, groups, sources and destinations on Forefront TMG system policy rules, with the purpose of enabling access to corporate servers and remote management to and from the Forefront UAG local host server.
- You can publish the following applications via Forefront TMG:
- Exchange SMTP/SMTPS
- Exchange POP3/POP3S
- Exchange IMAP/IMAPS
- Office Communications Server (OCS)—Only Communicator Web Access should be published using Forefront UAG. Other OCS features should be published using the Forefront TMG console running on the Forefront UAG server.
2010 in review
The stats helper monkeys at WordPress.com mulled over how this blog did in 2010, and here’s a high level summary of its overall blog health:
The Blog-Health-o-Meter™ reads Minty-Fresh™.
Crunchy numbers
A helper monkey made this abstract painting, inspired by your stats.
A Boeing 747-400 passenger jet can hold 416 passengers. This blog was viewed about 3,400 times in 2010. That’s about 8 full 747s.
In 2010, there were 7 new posts, growing the total archive of this blog to 29 posts.
The busiest day of the year was September 29th with 38 views. The most popular post that day was KB: Microsoft iSCSI Software Target 3.2 MSI package hack to remove SKU limitation.
Where did they come from?
The top referring sites in 2010 were forum.synology.com, google.com, facebook.com, zh-hk.wordpress.com, and baidu.com.
Some visitors came searching, mostly for iscsitarget.msi, microsoft iscsi software target 3.2, hack iscsi target, iscsi target 3.2, and microsoft iscsi software target.
Attractions in 2010
These are the posts and pages that got the most views in 2010.
KB: Microsoft iSCSI Software Target 3.2 MSI package hack to remove SKU limitation July 2009
2 comments
KB: Microsoft SQL Server mirroring database automatic failover for non-ADO.NET 2.0 clients June 2009
1 comment
My Certificate Authority Lab Setup (Part 1) – Offline Root CA July 2009
NetScreen 5GT ScreenOS 6.2 June 2009
KB: How to uninstall applications not showing in Add/Remove Programs, or fails to uninstall by normal MSI actions
- Retrieve the Product Code (GUID) by using MSIInv. Command: msiinv.exe -p
- Run msiexec /x {product code} to uninstall.
- If it fails to uninstall, try Msizap.exe available in Windows SDK Components for Windows Installer Developers. Command: Msizap TP {product code}
References:
http://blogs.msdn.com/b/astebner/archive/2005/10/30/487096.aspx
http://blogs.msdn.com/b/astebner/archive/2005/07/01/434814.aspx
Resources: OLAP PivotTable Extensions
View Excel Pivot Table’s MDX and more.
KB: HTTP401 error when using FQDN / custom host header to access IIS Virtual Server instead of local server name
Problem: Windows Server 2003 SP1 or later includes the Loopback Check security feature which blocks authentication if the FQDN or custom host header does not match the local server name.
Symptoms in SharePoint:
- Get password prompt for 3 times and eventually authentication failure when accessing sites with FQDN / custom host header. But no problem when using local server name.
- InfoPath Form Services data connection error 5566 when connecting SharePoint web services with FQDN / custom host header. But no problem when using local server name.
Resolution: http://support.microsoft.com/kb/896861
Method 1: Specify host names (Preferred method if NTLM authentication is desired)
To specify the host names that are mapped to the loopback address and can connect to Web sites on your computer, follow these steps:
- Set the DisableStrictNameChecking registry entry to 1. For more information about how to do this, click the following article number to view the article in the Microsoft Knowledge Base:
281308 (http://support.microsoft.com/kb/281308/ ) Connecting to SMB share on a Windows 2000-based computer or a Windows Server 2003-based computer may not work with an alias name
- Click Start, click Run, type regedit, and then click OK.
- In Registry Editor, locate and then click the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
- Right-click MSV1_0, point to New, and then click Multi-String Value.
- Type BackConnectionHostNames, and then press ENTER.
- Right-click BackConnectionHostNames, and then click Modify.
- In the Value data box, type the host name or the host names for the sites that are on the local computer, and then click OK.
- Quit Registry Editor, and then restart the IISAdmin service.
