Unable to Delete a SharePoint 2013 Web Application

An object of the type    Microsoft.SharePoint.Administration.SPIisWebsiteUnprovisioningJobDefinition named “Unprovisioning TEST-PROD“already exists under the parent Microsoft.SharePoint.Administration.SPWebService named “”.  Rename your object or delete the existing object.

A Long text error when you simply trying to delete a web application is something you won’t expect.

clip_image001

Ultimately the resolution for this is to delete the TimerJob exists as the error clearly mentions.

Open up the Central Administration and direct to Monitoring –> Review Job Definitions 

Find the “Unprovisioning PRODTEST-INT” Job. Last part of the Job name will be based on your Web App Name.

clip_image002

Go ahead and click on it and then delete the Job. You should now be able to perform the deletion of Web Application.

Unique Permissions are No longer works after Migrating SharePoint 2010 Web Application to 2013

It is well known that SharePoint 2013 by default uses Claims mode for Authentication and Whenever we create a Web Application it creates with Claims Auth. SharePoint 2010 also had Claims but was optional for us to choose whether we want to have Claims based or Classic. If you had a Classic Mode Web Application in SharePoint 2010 and then it migrated to SharePoint 2013, you also need to Migrate Users specifically from Classic to Claims because you can no longer user Classic mode in 2013.

I had a scenario where an Intranet Site was Hosted in SP2010 and Migrated to 2013 which had hundreds of Libraries and Folders inside them with Unique Permissions. After the Migration from 2010 to 2013 using DB attached method, everything worked well until users start complaining that they are unable to see any records with unique permissions.

Checked the permissions using “Check Permissions” Option and something seemed to be wrong as all the users are not having their relevant set of permissions in the new Destination. It just the Read permissions granted through “All Users” Group which is NT All Authenticated Users.

image

Migrating Users from Classic to Claims using below PowerShell Script Rectified the issue and everyone was able to access their relevant records as expected. checked the permissions again and it appeared all set of permissions which is looked like everything back to normal. We also need to ask every individual to check their content and functions to verify this.

image

You can run this in any Server in the Farm and once it’s done, cannot be reverted back so better test it out first in a POC Setup. this will completely switch your all users from Classic mode to Claims.

 
   1: Add-PSSnapin Microsoft.SharePoint.powershell -EA 0

   2: $webapp = Get-SPWebApplication -identity "http://intranet-poc.abc.local"

   3: $webapp.MigrateUsers($true)

Bottom Line: Claims Based Authentication is an Essential Component in order to enable SharePoint 2013 with Advanced functionalities. If you had a Classic mode Web Application in SharePoint 2010 and you are planning to Migrate it to SharePoint 2013, Migration of Users is a Critical part of the SharePoint Migration. It is important to test the same in a Test Environment prior to the Production.

Notes: There are lot more details and scenarios when it comes to Claims Authentication. will put it over here as an detailed article soon.

Implementing Multi-tenancy Infrastructure with SharePoint 2013 (SAAS) – Part 2: Planning for Deployment

– The Step by Step Guidance for Creating SharePoint 2013 Based Multi-Tenant Infrastructure,   Part 2 Planning for Deployment –   

Planning Your Deployment

Seems you are continuing to read from Part 1 of my Article Series.

For sure you will need few days to test the entire Multi-Tenant functionality properly. All the below perspectives are entirely depends on the Product Knowledge and the past experience. Performance is ofcource a major concern as this isn’t a generic setup where a single Web Application and few Site collections will serve requests. In this case we are talking about a Hosting Vendor who will be Providing a Stable, reliable and well performing SharePoint online service for its Clients.

It’s also goes more deeper when we think of Intranet Scenarios. Customer may host their Web Portal or may be Intranet Portal. Intranets needs robust environments as it will be heavy with lots of Services and content. Performance, Storage and Security is a big concern here.

However, there’s no environment stays static so you might need to scale up-out based on the utilization of resources. Specially the storage you won’t be able to stick to the initial when it becomes popular. So the improvements has to be done for sure.

You need to read more on SharePoint Hosting Guides given by Microsoft as I stated in the Part 1.

Test (POC)

Prior to the Production Deployment, It would be a great idea to run this and try out in a POC (Proof of Concept) Setup. A Single Server would be sufficient but multi-Server environment is ideal so you get the real world experience. Unlike generic SharePoint Farm deployment, Multi-tenant Farms are more tricky. You need to Plan a lot which is extremely goes in to the deep dive as down as Hardware, Software, SharePoint Services Allocation, Service Segregation across Servers, Performance Considerations such as Storage (IOPS), Security Requirements (Publishing Through Proxies) etc..

Hosting Tenants – Where the customer Tenants (site Collections) will sit on.

A Single Web Application for all the Site Collections (Tenants) ? Or a dedicated Web Application for Each ?. Well, This thing is entirely depends on how far you will go. Microsoft Does not recommends to Host more than 20 Web Applications per farm. This is a threshold not a Limitation. Yet it is considerable since you are not supposed to exceed the recommended level in these kind of critical real world scenarios.

Planning Backend for Tenants

Basic Idea of this is, whether we are isolating our customer’s site collections Databases or not.

Single Content Database for all ? Not a good idea. Data isolation is a prime concern when we talk about Multi-tenancy and a Dedicated Content DB per tenant would be ideal. When it comes to the scaling perspective, Isolated DB is ideal.

Site Collections and Database Limitations and Recommendations

Isolation is all about Site Collections and Databases. You have to go through Software Boundaries and Limits for SharePoint 2013 during your planning.

Active Directory Perspective

The Isolation also comes from Active Directory side when we talk about Security. Tenant A (Customer A) should not be able to see the users of Tenant B (Customer B). When a user of Tenant A trying to Search another user through the People picker, he should be only able to see the result within his tenant. This is a Security practice which will be implemented via Active Directory Organizational Units (OU).

clip_image001

Users

Where we store our Users is not a matter here. Yes you got it right ! We can use the Active Directory as I have shown in the diagram above. You could use somewhere else to store the users but you got the best place to store them, why somewhere else is depends on your requirements. I would straight go with AD through dedicated OU Concept which is too easy and centralized. I will only need to look after the AD Objects so the windows authentication is way smarter.

URL Considerations

The other Key point to make decision is, URL. How you are going to let your customers to access the site. There are two choices as 1. Ordinary Addressing and 2. HostHeader Site Collections.

Also there can be below possibilities. In this scenario we have to consider that we will provide all these for our customers.

  1. Allowing Customers to Create Site Collections under their root
  2. We Will provide Content Type Hub, My Sites, Tenant Administration Site

E.g. scenario – Above features may depends on the level of Subscription (feature packs you are setting for the tenant). Yet you need to make sure how these sub site collections are addressed. Take below sample scenario to get an understanding.

Web Application – Root (http://HostingProvider.com/)

Tenant URL – /TenantA

Other Sub Site Collections

/TenantA/CTHUB

/TenantA/MYSites

/TenantA/MySites/Personal

/TenantA/Admin

/TenantA/Sites

Per Tenant There going to be Lots of site collections where each stands there for a specific purpose. This is a hassle to manage with path based concept isn’t it ?. And the critical point is, Performance. Having lots of Managed Paths in a single Web Application will give you performance overhead. The recommended number of Managed paths per Web Application is 20. we can ofcource exceed the number and go for more in here but more you have will more overhead on performance.

Host-header Site Collection is the ideal way to achieve this point. Except few minor drawbacks, it gives excellent capability over the each site collection you can have multiple managed Paths. Even though the Site Collections sits on a single Web Application, doesn’t matter the number of Managed paths (in terms of Web Application wise) per web Application because you are dealing with a separate host-header Site Collection. I would recommend to go with Host Header Site Collections at this point.

Custom Stuff

Why Not !. having a Centralized service portal which allows users to visit and create a tenant themselves will be a handy thing just like Microsoft’s O365. having an armed super-duper backend to run the provisioning of tenants through automated scripts etc.. There’s lot more to talk on this thing so for now let me finish what I started under this topic.

 

Stay Tuned for Part 3 – 6 soon to be Published !

—————— Part 3 – Functionality Tech Preview (What It Really Gives You) ———————————-

—————— Part 4 – Deploying Core Infrastructure (Platform) ————————————————–

—————— Part 5 – Creating Partitioned Service Applications ————————————————-

—————— Part 6 – Creating Tenants and Do some real stuff ————————————————-

SharePoint Granular Backup Failed and Site Went Inaccessible (Locked)

So you was thinking that site backup has no Interruption to the running (live) system ? Yes it is. I ran in to an issue where an Granular backup was executed through SharePoint Management shell while users were accessing the portal in SharePoint 2010 production farm.

Backup was terminated due to lack of space in destination drive and users are prompted with "Error: Access Denied Massage" which was in an extremely critical peak hour.

There were multiple set of backup jobs running parallel in SharePoint Shell and few of them were unable to complete due to lack of space. The person who was handling this closed all the SharePoint Shells and sites suddenly prompted this error to all users. Sites which are successfully backed up had no issues.

clip_image001[8]

Checked the Content DBs of particular Web Applications and they looks green as Database Read-only mode is "No".

clip_image002[6]

When Looking out for a possible reason, the "Lock" word came up to my mind and checked the "Quotas and Locks" in Central Administration (Application Management –> Site Collections –> Configure Quotas and Locks)

And Here we Go !. It was in the Read only Mode. Changing the status to the "Not Locked" Mode bought everything back to normal.

Site

It has put the site in to maintenance mode during the backup and since it was not properly completed, the status yet remains in Read-Only mode. So a good point to think before you execute any backups in SharePoint. Plan for a drive with enough space and off-peak hour.

This is the command line resolution for the same

stsadm -o setsitelock -url http://sitename -lock readonly

stsadm -o setsitelock -url http://sitename -lock none

Here are some good facts in terms of Backup and Restore Planning in SharePoint From Microsoft – https://technet.microsoft.com/en-us/library/gg266384.aspx

SPSite Restore Fails with “InvalidData” Error (Restore-SPSite PowerShell Fails)

One of my friend came up with the Error on PowerShell during a Restoration of SharePoint Granular Backup to another Farm.

Restoreerror

————————————————————————————————————————————————————-

Restore-SPSite : <nativehr>0x80070003</nativehr><nativestack></nativestack>

At line:1 char:1

+ Restore-SPSite http://Source-Site -Path C:\bkp\SourceSite.bak

-HostHeade …

+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~

+ CategoryInfo : InvalidData: (Microsoft.Share…dletRestoreSite: SPCmdletRestoreSite) [Restore-SPSite], DirectoryNotFoundException + FullyQualifiedErrorId : Microsoft.SharePoint.PowerShell.SPCmdletRestoreSite

————————————————————————————————————————————————————-

After Checking all the Event Logs and Destination Databases etc.… realized that this cannot be an issue of the Destination Farm. Tried to backup the same Site Collection from source Farm via Central Admin Thrown an Failure at the end of the Backup job.

image

I Always Prefer PowerShell for SharePoint Administration because that’s the ultimate tool to get almost anything done when we stuck on UI. before finding the root cause for this failure through UI, made it to PowerShell since the Destination restoration was a urgent thing to do. If You face the same, Use Below Shell Line to Execute a Granular Site Collection Backup.

Backup-SPSite http://SourceSiteURL -Path "C:\site.bak"

This Ran very well and realized the size of the .bak file is pretty large than the one came out with errors through UI.

Used the New backup file to Restore and it went like a Charm. Making sure on the success result at the end of a backup job will save your day…

Extract Farm Solutions from SharePoint

Seems you are directed to here from a Search Engine!

Yes you can simply use PowerShell to extract your Farm solutions a bulk. there were some .exe s also does the same but for me it was more easy to use this smart little Shell Script. Every SharePoint Guy one day will face an Migration, this little guy is a very useful and reliable one.

Run PowerShell ISE as Admin and run below Lines. use first three Lines to Extract from the source Farm and last few lines are for Destination Farm use.

   1: #Extract Solutions from Source farm 

   2: Add-PSSnapin Microsoft.SharePoint.PowerShell

   3: $farm = Get-SPFarm

   4: $farm.Solutions | ForEach-Object{$_.SolutionFile.SaveAs("c:\export\" + $_.SolutionFile.name)}</p>

   5:  

   6: #Add Solution to Another Farm 

   7: <p style="padding-left: 30px;">Add-PSSnapin Microsoft.SharePoint.PowerShell

   8: $files = Get-ChildItem "c:\install\"

   9: ForEach ($file in $files) {Add-SPSolution $file.FullName}

Sample (Change the ‘Save as’ Folder as you wish)

ps1

Configuring Outgoing Email for Various SharePoint Environments

Configuring Outgoing email for a SharePoint Farm is one of the core thing to be done after the initial SharePoint Deployment and Configurations. You can use an Internal Mail Server or simply relay to an external Services such as Hotmail or Gmail. We will go through both ways in this Article. No purpose of referring to an External Service if you got a Mail Server in premise (e.g. – Exchange Server). Developers always prefer to use free Services like Gmail or Hotmail since having a Mail Server set up as a virtual is something consumes resources.

Scenarios

  • Using External Services (Mostly Used for Testing Purposes by Developers)
  • Using In Premise Mail Server
  • Standalone and Multi Server Farms

Initial Common Steps (Ignore if you have SMTP and IIS 6.0 Roles and features Installed and go directly to Scenarios below)

To Install SMTP Services in SharePoint Server, Open Server Manager and go to Add Roles and Features. My server in this scenario is 2012, if yours is 2008 or earlier you may do the same from Control Panel –> Programs and Features.

Go to Add Roles and Features.

clip_image001

Click Next until you get the ‘Select Features’ tab. Select the SMTP Server There. Choose Telnet Client too, you will need it to test the connectivity to SMTP Services Later.

clip_image002

Below Tab will be prompted. Simply click ‘Add’ to it. SMTP Server is usually managed from IIS 6 Interface so let it install all the required components there. Click next after the selection and it will be completed in a minutes.

clip_image003

Once Installation is done, Go to Start menu and type IIS, find the old IIS Icon which comes as second item in results. Click and it will launch the IIS 6.0 Manager.

clip_image004

Meanwhile Let’s go to Services of SharePoint Server (Open Run and type ‘services.msc’ and Enter) and find SMTP Service then make the Startup mode to ‘Automatic’ from ‘Manual’.

clip_image005

Above Steps are the common ones for any scenario.

Scenario A – Configuring Outgoing Email for SharePoint with External Service

Once you launched the IIS 6.0 it will load below Snap in.

clip_image006

Right click on the Virtual Server Name [SMTP Virtual Server #1] and get the Properties of it.

clip_image007

General Tab – Nothing to do here

Access Tab. Under Authentication, Enable Anonymous and Click OK.

clip_image008

Connection: Choose All except list below under connection. You can also specify the Server here by choosing the first option so that would be more secure.

clip_image009

Relay: here also the second option for me. You can specify the server too.

clip_image010

Massage Tab – Nothing to do here for now. You can simply customize by defining limits based on the requirements.

clip_image011

Delivery Tab – Set the Outbound Security here. Choose ‘Basic Authentication’ and define the Account details which will be used to connect to particular SMTP Server (External). Enable TLS encryption and click OK to save.

clip_image012

Outbound Connection: I have No changes here. The default Port is 25 and you have to adjust based on the Port Number used by your External SMTP Service (‘I’m Using Gmail for testing)

clip_image013

Advanced: Define the FQDN of your SharePoint Server (Local Server which runs SMTP Service) and check DNS to validate the name. Set the name of your external SMTP Service under the ‘Smart Host’ field. (Gmail – smtp.gmail.com | Hotmail – smtp.live.com etc…)

clip_image014

You can leave rest of the things such as ‘LDAP Routing’, ‘Security’ with Defaults and enable as and when requires.

Let’s Open up IIS Manager which hosts our SharePoint Web Applications (IIS 7/8). Point to Relevant Web application which we will be using Outgoing Email in SharePoint. Click on the ‘SMTP E-Mail’ Feature.

clip_image015

Define it to use ‘Local Host’ and Save.

clip_image016

That’s it from IIS 6.0 Panel. Let’s Open up SharePoint Central Administration to do the last thing. Point to ‘System Settings’ –> Configure Outgoing Email Settings’ under Email and Test Category.

clip_image017

Define the

  • Outbound SMTP Server (Local SharePoint Server which we enabled SMTP Services)
  • From and Reply to Addresses
  • Character Set with Defaults

clip_image018

That’s all on Configurations. Do a IIS Reset before we test the functionality.

Testing of Functionality.

You can either Set an Alert to a Library and if it’s sent we are good.

Login using an Account which has an Valid Email address. Create a test Library and go to Library Settings and ‘Set Alert on This library’.

clip_image019

It will prompt below snap in. it shows the Email address of the particular user. Click OK to save with default settings. Default settings will send an alert immediately based on any change you are doing to this library.

clip_image020

It will create the initial Alert right after the enabling. This Proves that Outgoing Email is now Functioning Well !

clip_image021

wp_ss_20140924_0001

Or else the other way is to Create a Simple Workflow to fire a Mail based on a Record (or something). This is a nice way to test it out. Would be robust than the alert.

Open SharePoint Designer and create a Two Step Simple Workflow like below to test.

clip_image022

Upload a sample Item and Start the Workflow.

clip_image023

This will trigger the mail immediately.

clip_image024

Scenario B – Configuring Outgoing Email for SharePoint with In Premise Mail Server.

In This scenario, SharePoint Server will relay all the outbound mail traffic to Organization’s Mail Server which may be Exchange Server.

Nothing much but only below few changes you should do after the common Configurations done.

In SMTP Server ‘Delivery’ Tab. Enable ‘Anonymous Access’ under ‘Outbound Security’

clip_image025

Also the Internal Mail Server Name in the ‘Advanced’ Settings

clip_image026

Scenario C: Deal With Standalone and Server Farms

Standalone: In The Central Administration, You can point to Local SharePoint Server in the Single Server Scenarios. Do not point to the Smart Host from Central Admin.

clip_image027

Server Farm: having SMTP Service installed and configured in one of the Frontend Server would do. Make it available in all WFE Servers if you have multiple with Load balanced so that SMTP Service will still work even if any WFE goes down in case.

Point in to the Smart Host in Server Farm Scenarios. Do not point to the Local Server

clip_image028

Important Troubleshooting Steps

1. If you are not getting any mails yet, Check the Junk Folder too, sometimes it goes there under the untrusted category

2. Keep Monitoring the Queue Folder (C:\inetpub\Mailroot\Queue) if the mails are queuing here, you got a point to check.

clip_image029

3. Sometimes External Service vendors may have changed the port for SMTP for security purposes. Check the connectivity using Telnet. This is why we install Telnet service too when we installed SMTP. Open PowerShell as Admin and run below lines (customize with Name and Port)

clip_image030

If it connects Like below, we are Cool here. Otherwise you got a point to check, may be the port number of Firewalls you have.

clip_image031

Notes:

  1. All Above Configurations are Identical for both SharePoint 2010 and 2013.
  2. Also There’s No single Edition wise Difference (Foundation, Standard, Enterprise). all the steps are common for all Editions of SharePoint.