I will be speaking at SharePoint Saturday Baltimore (#SPSBMore)

SharePoint community is always a great place to be and I am fascinated to be selected as a speaker for SharePoint Saturday Baltimore, Maryland. SPS Events are happening all over the world for many years at no cost for attendees.

If you are around Maryland, go ahead and register here –  http://www.spsevents.org/city/baltimore/baltimoretecc 

Baltimore

Advertisements

SharePoint Multitenancy – BCS and Secure Store Service applications are not appeared in the tenant admin portal

When your developers asking for BCS to be configured and If you do not see any links for BCS and Secure Store Service applications under your tenant admin portals, it’s quite normal. That not necessarily mean the Multitenant concept is not supporting BCS or SSS in partitioned mode. When the initial scripts are executed to perform service application creation, these two applications are also provisioned. However the linking is not done.

As per Microsoft:

  • Business Data Connectivity service

Once configured in partition mode, all configuration of the Business Data Connectivity service moves to tenant administration. However the Tenant Administration site template does not include the link to this page, which can be added using the customization technique in the Extending the Tenant Administration site template section

  • Secure Store service

Once configured in partition mode, the generation of encryption keys remains a farm level configuration performed either via Central Administration or Windows PowerShell. The remainder of the Secure Store service configuration moves to tenant administration. However the Tenant Administration site template does not include the link to this page, which can be added using the customization technique in the Extending the Tenant Administration site template section.

Spencer did a wonderful job with his detailed explanation to Multitenancy http://www.harbar.net/articles/sp2013mt.aspx. Thanks to this great series of article, I was able to setup a comprehensive farm for one of the government agency in Asia which has over 30 tenants. Nevertheless, it doesn’t seems to cover this particular problem.

There is a solution in CodePlex for this, but I didn’t attempt to try as it involves a deployment in the servers- https://fixmultitenantissues.codeplex.com/

clip_image001

Let’s find a way out of this.

It’s possible to extend the tenant admin portal template to perform certain things such as adding a new link, removing a link etc.. But where are these links? If we have them, we can at least try to configure BCS and see if that functions well under partitioned mode, right?

Well, they are there!

You can find the SSS and BDC Application pages in the resource folders under the following path. These folders contain the pages used in these two applications. Finding these allows us to test the Business Data Connectivity Service functionality and embed the URLs to the tenant admin portals by extending the site template.

clip_image002

SSSvc folder contains the following items inside. Just copy the path and the page name at the end. The path would be “http://tenant.domain.net/admin/_layouts/15/sssvc/TA_ManageSSSvcApplication.aspx

clip_image003

Then BCS. Go to BDC folder and check if it has the following set of files. Path for that would be “http://tenant.domain.net/admin/_layouts/15/bdc/TA_ViewBDCApplication.aspx

Copy both these URLs to a notepad.

clip_image004

Now let’s add these links in to Tenant admin portal. For now we are adding these in to the left navigation so that if everything works well we can extend the template and add the links globally and permanently.

Open up the tenant admin portal and simply go to Site Settings –> Quick Launch, under the Look and feel section

clip_image005

Add new headings respectively

clip_image006

They should appear in the left panel right away.

clip_image007

Click on each, and you should be able to open up the applications now.

clip_image008

clip_image009

If everything goes well, you can go ahead and extend the layout templates. The following feature definition shows how to add a new group, several links, and remove the link to the Manage Site Collections page. Doing this allows us to globally enable the links across all tenant admin sites at once.

<Elements xmlns=”http://schemas.microsoft.com/sharepoint/”&gt;
<CustomActionGroup
Id=”TenantAdmin_HostingUserAccounts”
Location=”Microsoft.SharePoint.TenantAdministration”
Title=”User Accounts”
Sequence=”90″
ImageUrl=”_layouts/images/SiteSettings_UsersAndPermissions_48x48.png”>
<UrlAction
Url=”” />
</CustomActionGroup>
<CustomAction
Id=”TenantAdmin_HostingUserAccounts_AddUser”
GroupId=”TenantAdmin_HostingUserAccounts”
Location=”Microsoft.SharePoint.TenantAdministration”
Sequence=”10″
Title=”Create User”>
<UrlAction
Url=”_layouts/UserAccountsWebParts/UA_AddUsers.aspx” />
</CustomAction>
<CustomAction
Id=”TenantAdmin_HostingUserAccounts_ManageUsers”
GroupId=”TenantAdmin_HostingUserAccounts”
Location=”Microsoft.SharePoint.TenantAdministration”
Sequence=”30″
Title=”Manage Users”>
<UrlAction
Url=”_layouts/UserAccountsWebParts/UA_ManageUsers.aspx” />
</CustomAction>
<HideCustomAction
GroupId = “TenantAdmin_Sites”
HideActionId = “TenantAdmin_Sites_ManageSiteCollections”
Location=”Microsoft.SharePoint.TenantAdministration” />
</Elements>

Full details of extending the template is described in this TechNet article https://technet.microsoft.com/en-us/library/dn659286.aspx?f=255&MSPPError=-2147217396

InfoPath Error in SharePoint 2016: There has been an error while processing the form

Warning There has been an error while processing the form. click OK to resume filling out the form. You may want to check your form data for errors.

clip_image001[6]

Let me guess, you have gone through all possible verifications on data sources and form fields and everything pretty well developed and verified ? same goes for me. one of my colleague was developing a form and she came up with this error on SharePoint 2016 recently.

She was using GetUserProfileByName SOAP Web Service to fetch current user’s group in to a field, and that’s where this error prompts. that was verified by removing the particular connection and rules filling up data.

After verifying form fields, Data connections and other basics, I decided to inspect the infrastructure step by step. SharePoint logs and Event Log did not had any relevant entry. Finally in the lonely boat, I took following steps one after one to sail towards an island.

1. Enabled all InfoPath services from CA (General Application Settings) – Everything is already set

clip_image001[8]

clip_image002

clip_image003

2. Registered the HTMLCHKR – no luck

regsvr32 “C:\Program Files\Common Files\Microsoft Shared\OFFICE14\htmlchkr.dll”

  1. 3. Added the target site to InfoPath application’s trusted Locations – no luck
  2.  
  3. clip_image001[10]clip_image002[6]
  4. 4. Restarted and recycled Security Token Service Application/pool for all WFEs – no luck
  5. image
  6. 5. Restarted Servers – no luck

Two last steps were able to shed some lights !

6. Disabled loopback check

What is Loopback check?. If you have been prompted continuously for credentials in a SharePoint server when you try to access your site within that server, that’s obviously because of loopback.

Microsoft: Windows Server 2003 SP1 introduced a loopback security check. This feature is obviously also present in Windows Server 2008/12. The feature prevents access to a web application using a fully qualified domain name (FQDN) if an attempt to access it takes place from a machine that hosts that application. The end result is a 401.1 Access Denied from the web server and a logon failure in the event log.
Unfortunately 401.1 is not really helpful as this error code means there is a problem with the user credentials. Of course, the HTTP spec doesn’t know about security features in a vendor’s implementation so there can’t be a HTTP error code for such a feature. This can lead to much banging of the head on the desk. It’s one of numerous causes of the 401.1 which are nothing to do with invalid credentials (e.g. attempting to use Kernel Mode Authentication with domain account in IIS7).

Option1 : Logged in to target SharePoint Server/s and launch PowerShell as administrator, then ran – New-ItemProperty HKLM:\System\CurrentControlSet\Control\Lsa -Name “DisableLoopbackCheck” -value “1” -PropertyType dword)

You don’t need to add it if its exists (means loopback is already disabled)

clip_image001[4]

  1. Option 2: You can also Add this registry entry manually
  2. Click Start, click Run, type regedit, and then click OK
  3. In Registry Editor, locate the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
  4. Right-click Lsa, point to New, and then click DWORD Value. (In Win 2008, its DWORD 32bit)

Type DisableLoopbackCheck, and then press ENTER.

Right-click DisableLoopbackCheck, and then click Modify.

In the Value data box, type 1 and then click OK.

Quit Registry Editor.

  1. Then I ran SharePoint Product Configuration wizard on SharePoint Server just to give it a refreshment.

After restarting Servers, added the form connection and rules back and InfoPath form loaded perfectly normally !

Sorry Something Went Wrong: SharePoint 2016 Farm Configuration Wizard Failed with timeout during services provisioning

clip_image001

The Error says it all, SharePoint could not provision the farm configurations within the given timeframe and it pops up the timeout. End result is, no services or applications provisioned. Below is a result from the very first application server was trying to provision my SP2016 farm on production.

clip_image002

You may have successfully installed prerequisites and product but this error could occur during your next step which is product configuration and service app (farm configuration) provisioning if you have a weak bandwidth for inter server communication. No matter how robust your servers are, the network could screw it all with a low bandwidth.

Try to ping across the servers and ensure you have a steady line from WFE to Intranet and Database Servers. Below sample is from one of my deployment which was failed with above error due to lack of bandwidth from APP server to Database just because the customer was having legacy network equipment and cabling (It was lower than 50 mbps given for SharePoint VLAN).

clip_image003

clip_image004

This is also can affect during Product configuration. That means the connection between your Database server to Application Server is worst, not only for SharePoint but anything rely on network connectivity will surely not perform well.

clip_image005

Or even hangs on 3rd stage unusually (normally this stage takes 10 min max, at my case it was more than 30 which is hilariously abnormal)

clip_image006

Its mandatory to have a good (at least 1gbps, 10gbps is ideal) network connectivity across all SharePoint, OWA and Workflow Manager Servers.

Hardware requirements for SharePoint 2016 – https://technet.microsoft.com/en-us/library/cc262485(v=office.16).aspx

SharePoint 2016 Product Configuration Wizard Error: Configuration Failed with Unauthorized Access Exception

If you are going to deploy SharePoint 2016, this is a common error that encountered.

clip_image001[4]

The error pretty much pointing to a Access permission which you might doubtlessly think its database permission but no it’s not !

clip_image002[4]

If you expand the event log, It will have 100, 104 errors logged due to this.

clip_image003[4]

Resolution is to permit setup account to access Tasks folder (C:\Windows\Task). This is a critical folder which needs to be able to access by the setup account during the Product Configuration.

To take the ownership of this folder, log in to relevant SharePoint server using a local admin account and right click on the Tasks folder.

clip_image004[4]

Under Security tab, go to Advance

clip_image005[4]

Change the Owner from SYSTEM to your Setup account (the account will be used to run Product Config Wizard)

clip_image006[4]

Once changed, the new owner can be seen as showed below.

Error-SPSetup

Repeat the same for all SharePoint Servers in your farm if you planned to have multiple. Now run the Product Configuration Wizard again and you will notice its smoothly passing to task 5. within few minutes, the Wizard will be successfully complete.

clip_image008[4]

And here comes the winning moment !

image

If you are still accounting with any additional errors in the Wizard, these points are some basic ones to verify.

Ensure:

  1. 1. Antivirus Disabled for all SharePoint and Database Servers (If any)
  2. 2. Firewall
  3. 3. Named Pipes in SQL Services enabled (Sometimes this isn’t enabled by default)

And then:

  1. 1. Disable UAC (Never Notify)
  2. 2. Restart Server
  3. 3. Run the Product Config Wizard again as Administrator

Enjoy the all new SharePoint !

SharePoint Designer Error – InfoPath Cannot Save the following form http://Site.Domain.Local/Library the document library was either renamed or deleted.

You might think how this could happen when you can simply access the library and open items inside it but just unable to publish the form via InfoPath designer. This isn’t related to library or SharePoint configurations at all.

If you are running SPD on a Server operating system, one single feature called “Desktop Experience” could be missing there and installing that will solve this for you.

clip_image001

Resolution: Install Desktop Experience if you are opening SPD on a Windows Server

Open up Server manager and proceed to “Add Roles and Features” wizard. Under the User Interfaces and Infrastructure category, select Desktop Experience component and proceed to install it.

clip_image002

<

p align=”justify”>Close SharePoint Designer and Open again. You should be able to publish the form without any issue now.

SharePoint Hybrid Deployment Live Demo

It was a fruitful day at Collab365 Global conference 2016 with lots of wonderful sessions from experts allover the world. It was great to address an online crown this morning and my session is now on-demand and you can watch it here

Hybrid

Here are some resources for those who love to explore and try Hybrid for SharePoint

Download IdFix Tool – https://www.microsoft.com/en-us/download/details.aspx?id=36832

Download Azure AD Connect – https://www.microsoft.com/en-us/download/details.aspx?id=47594

Planning SharePoint Hybrid Free E-Book – https://blogs.msdn.microsoft.com/microsoft_press/2016/04/26/free-ebook-planning-and-preparing-for-microsoft-sharepoint-hybrid/

Configuring SharePoint Hybrid Free E-Book – https://blogs.msdn.microsoft.com/microsoft_press/2016/07/06/free-ebook-configuring-microsoft-sharepoint-hybrid-capabilities/