SharePoint Solution Generator is dead (for good) - Part 1

SharePoint Solution Generator, part of Visual Studio 2008 extensions for Windows SharePoint Services has been a fantastic tool in SharePoint 2007 development when I needed to create a list definition and list instance quickly.

All you had to do was to create your content types,site columns, and list using SharePoint UI and apply the content types and site columns to your list, then customise your list and create views then finally point solution generator to your list and create your solution package.

 

Combination of the new features of SharePoint 2010 and Visual studio 2010 means no more messing around with add-ons….

SharePoint 2010 allows you to save your site as a wsp package and Visual studio allows you to import the wsp package and select the required elements to include in your solution package! sounds easy? it is :)

 

…so first you need to create your list as before with all required components and customisations:

1) Create your Site Content Type

2) Create your Site Columns

3) Assign your site columns to your content type

4) Create your list/library and assign your content type to your list

To be able to do this you need to ensure you have selected “allow management of content types” from the list advanced settings

5) Save your site as WSP package

Site Action –> Site Settings –> “Save site as template”

provide a file name and a template name for your template

Download the WSP file and save locally

6) Import the WSP package into Visual Studio 2010

Create a Visual Studio SharePoint project and select “Import SharePoint Solution Package”

Import the WSP file

Specify the project elements required in this case the list template

The easiest way to do this is to highlight all items (Ctrl + A) and  deselect one item. this will uncheck all boxes

Then select the “List instance” and “Content type” and click finish (You do not need to include the columns)

Say No to include all dependent items

Now you have all required components for your solution

There are a number of considerations which I will try to cover in the next posts such as including Lookup and Managed Metadata filed types in your solution.

Automated SharePoint 2010 AD service accounts creation using PowerShell

As I don’t really enjoy repetitive tasks, I decided to put a quick PowerShell script together to create the AD service accounts required for SharePoint 2010.
The required accounts are:

• svc_spFarm (Server farm account or database access account)
• svc_spAdmin (Setup user account Install Account)
• svc_caAppPool (Application Pool Identity for Central Administration web application)
• svc_portalAppPool (Application Pool Identity for Portal web application)
• svc_myAppPool (Application pool Identity for my sites host web application)
• svc_spUPS (User Profile Synchronisation with AD)
• svc_spUPAPool (User Profile Services Application Pool account)
• svc_spSearch (This is the Windows Service account for the SharePoint Server Search Service. This setting affects all Search Service Applications in the farm)
• svc_spCrawl (Content Access account)
• svc_spSearchAP (Enterprise Search Application Pool Identity)
• svc_spSearchAdmAP (Enterprise Search Admin component Application Pool Identity)
• svc_fsSearch (Foundation server search account)
• svc_fsCrawl (Foundation server crawl account)
• svc_spSandbox (Sandbox service service account)
• svc_WebAnalytics (SharePoint Web Analytics service account)
• svc_SecureStore (Secure Store Application Pool service account)
• svc_spSTSAcct (Security Token Service Application)
• svc_spMetadata (Managed Metadata Service Account)

(Other accounts may be required depending on services running on the farm such as InfoPath services, Visio, etc…)
Please note The following additional domain , local and SQL permissions / roles are required:
svc_spAdmin:
Member of the Local Administrators group.
SQL Server login on the computer that runs SQL Server.
Member of the following SQL Server security roles:
    · securityadmin fixed server role
    · dbcreator fixed server role
    · sysAdmin fixed server role (during installation using PowerShell only)
svc_spFarm:
Member of the Local Administrators group during the user profile services configuration only.
svc_spUPS:
AD Delegate rights for Replication Directory Changes permissions
The PowerShell command takes a csv file containing the following headings:

• samAccountName   
• userPrincipalName
• cn
• givenName
• Password
• description

Copy and paste the following into a csv file called acc.csv (ideally this needs to be an XML):
samAccountName,userPrincipalName,cn,Password,description
svc_spAdmin,svc_spAdmin@domainName.FQDN,svc_spAdmin,accountPassword,The Setup user account is used to Setup SharePoint Products Configuration
svc_spFarm, svc_spFarm@domainName.FQDN,svc_spFarm,accountPassword,The server farm account is used to Run the Microsoft SharePoint Foundation and workflow Timer ServiceWizard
svc_caAppPool,svc_caAppPool@domainName.FQDN,svc_caAppPool,accountPassword,Application Pool Identity for Central Administration web application
svc_portalAppPool,svc_portalAppPool@domainName.FQDN,svc_portalAppPool,accountPassword,Application Pool Identity for Portal web application
svc_myAppPool, svc_spAppPool@domainName.FQDN,svc_myAppPool,accountPassword,Application pool Identity for my sites host web application
svc_spUPS,svc_myAppPool@domainName.FQDN,svc_spUPS,accountPassword,User Profile Synchronisation with AD
svc_spUPAPool,svc_spUPAPool@domainName.FQDN,svc_spUPAPool,accountPassword,User Profile Services Application Pool account
svc_spSearch, svc_spSearch@domainName.FQDN,svc_spSearch,accountPassword,This is the Windows Service account for the SharePoint Server Search Service. This setting affects all Search Service Applications in the farm
svc_spCrawl, svc_spCrawl@domainName.FQDN,svc_spCrawl,accountPassword,Content Access account
svc_spSearchAP,svc_spSearchAP@domainName.FQDN,svc_spSearchAP,accountPassword,Enterprise Search Application Pool Identity
svc_spSearchAdmAP,svc_spSearchAdmAP@domainName.FQDN,svc_spSearchAdmAP,accountPassword,Enterprise Search Admin component  Application Pool Identity
svc_fsSearch,svc_fsSearch@domainName.FQDN,svc_fsSearch,accountPassword,Foundation server search account
svc_fsCrawl,svc_fsCrawl@domainName.FQDN,svc_fsCrawl,accountPassword,Foundation server crawl account
svc_spSandbox,svc_spSandbox@domainName.FQDN,svc_spSandbox,accountPassword,Sandbox service application service account
svc_WebAnalytics,svc_WebAnalytics@domainName.FQDN,svc_WebAnalytics,accountPassword,SharePoint Web Analytics service account
svc_SecureStore,svc_SecureStore@domainName.FQDN,svc_SecureStore,accountPassword,Secure Store Application Pool service account
svc_spSTSAcct,svc_spSTSAcct@domainName.FQDN,svc_spSTSAcct,accountPassword,Security Token Service Application
svc_spMetadata,svc_spMetadata@domainName.FQDN,svc_spMetadata,accountPassword,Managed Metadata Service Account
…and now the magical one-line PowerShell command, this needs to run using the Active Directory module for Windows PowerShell.

The Active Directory module for Windows PowerShell in Windows Server® 2008 R2 is a Windows PowerShell module (named ActiveDirectory) that consolidates a group of cmdlets. You can use these cmdlets to manage your Active Directory® domains, Active Directory Lightweight Directory Services (AD LDS) configuration sets, and Active Directory Database Mounting Tool instances in a single, self-contained package.
You can install the Active Directory module by using any of the following methods:

• By default, on a Windows Server 2008 R2 server when you install the AD DS or AD LDS server roles
• By default, when you make a Windows Server 2008 R2 server a domain controller by running Dcpromo.exe
• As part of the Remote Server Administration Tools (RSAT) feature on a Windows Server 2008 R2 server
• As part of the RSAT feature on a Windows 7 computer

Start Active Directory module for Windows PowerShell and type the following:
Import-Csv acc.csv | ForEach-Object { New-ADuser -Path 'OU=Service Accounts,DC=dev,DC=local' -Name $_.samAccountName -samAccountName $_.samAccountName -userPrincipalName $_.userPrincipalName -GivenName $_.cn -description $_.description -PasswordNeverExpires $True -CannotChangePassword $True -Enabled $true -AccountPassword (ConvertTo-SecureString $_.Password -AsPlainText -force)}
in the above script I have an OU called “Service Accounts” and my domain name is “dev.local”

Security Advisory 2416728 (Vulnerability in ASP.NET) and SharePoint

** Updated 24/09/2010 4:30PM ** – Updated with additional defensive workaround published by the ASP.NET team valid for ALL affected versions of SharePoint listed below.

Microsoft has recently blogged that the vulnerability in ASP.Net affects SharePoint and the workaround should be applied ASAP on every single SharePoint WFE server http://blogs.msdn.com/b/sharepoint/archive/2010/09/21/security-advisory-2416728-vulnerability-in-asp-net-and-sharepoint.aspx

Microsoft has recently released a Microsoft Security Advisory for a vulnerability affecting ASP.NET.  This post documents recommended workarounds for the following SharePoint products:

• SharePoint 2010
• SharePoint Foundation 2010
• Microsoft Office SharePoint Server 2007
• Windows SharePoint Services 3.0
• Windows SharePoint Services 2.0

ISA 2006, Forms, SharePoint 2007 Extranet and Client Integration

Anyone who has worked on SharePoint 2007 extranet project with ISA 2006 used as reverse proxy and to publish SharePoint Farm, knows about Client integration challenges…

When users try to edit a document, they are challenged and required to authenticate and even after a successful authentication, it is not possible to check the document back in to SharePoint.

This is because despite the existing session, office client initiate another session and ISA treats this as a new session.

The short answer to this problem is to configure a Persistent cookie on ISA web listener (Under Forms –> Advance)

BUT there are several security issues that are highlighted by MS and need to be considered:

• A malicious attacker who obtains a persistent cookie may be able to perform a brute force attack to obtain user credentials from the cookie.
• On a public computer, if the user does not log off, the session cookie can be used by the next user to access published sites. This threat can be mitigated by not enabling persistent cookies for public computers.
• Spyware may be able to access the cookie.

The important point to consider here is that the client needs to be making the decision between Security and User experience / functionality

In a recent project I spent some times to identify few factors that the client needed to take into consideration when making this decision:

	This is a public or shared computer	This is a private computer
Persistent cookie file on logout	Deleted	Not Deleted but user is required to authenticate (Domain name and user name are saved)
Persistent cookie file when user closes the browser	Not Deleted - Session is available before cookie timeout	Not Deleted - Session is available before cookie timeout
Temporary Internet Files	Enabling persistent cookie has no effect	Enabling persistent cookie has no effect
Temporary Draft Files	Enabling persistent cookie has no effect	Enabling persistent cookie has no effect
Ability to open documents on SharePoint within session time (browser closed)	Yes	Yes

FAQ:
Q) Is the cookie hashed e.g. using Hashed MACs (HMACs)?
A) Yes

Q) Are server tokens erased after session end?
A) Yes

Q) Is the cookie transmitted via SSL?
A) It is highly recommended

Q) Are Temporary Internet files deleted when session ends?
A) No, But this is not caused by the persistent cookie

Q) Are copy of the draft documents deleted if the user fail to check in / overwrite checkout?
A) No, But this is not caused by the persistent cookie

Q) are there any extra consideration when accessing the site though Kiosk Stations when using persistent cookies?
A) Yes the followings should be considered:

• Do not select “This is a private computer”.
  
• Perform logoff on published applications.

Additional consideration when accessing the site though Kiosk Stations (regardless of the usage of the persistent cookies):

• Delete cookies after you finish using published applications.
  
• Delete temporary Internet files.
• Delete temporary files that Office created when working with Microsoft Office SharePoint® Portal Server.
  
• Delete any files that were manually downloaded to the kiosk.
  
• Close all browser windows.
  
• Log off from Windows, if possible.

Windows 7: Boot from VHD

Recently I have been forced to look into available options to best utilise the amount of memory available on my laptop to be able to run SharePoint 2010 VMs. There are number of options available to do this, but I have tried to simplify this as much as possible to speed up the VHD file creation and imaging process.
1) Create a partition to store the VHD; optional (I had to do this since my primary partition is BitLocker encrypted)
2) Download the VHD tool box from http://cid-1dc3b1edb30aea44.skydrive.live.com/self.aspx/.Public/VHDToolBox.zip
This tool box includes:

• WIM2VHD.wsf – WIM to VHD Converter
• ImageX.exe 64-bit (32-bit available from http://depositfiles.com/files/4563922)
• Bcdedit.exe- Command-line tool for managing BCD stores
• intlcfg.exe - The International Settings and Configuration tool (Intlcfg.exe) is used to configure the language and locale settings in a Windows image

3) Copy the Install.Wim from the OS media to the VHDToolBox folder
4) Now you are ready to create your VHD. Start command prompt and navigate to the VHDToolBox folder and run the script:
There are a number of switches you will need to know:
/wim: specifies the path to the WIM file
/sku: OS version (ServerStandard, Ultimate etc…)
/vhd: specifies the path and the name of the VHD to be created
/size: specifies the size of the VHD in MB
/disktype: specifies the type of disk, Dynamic or Fixed
For example to create a Windows Server 2008 R2 Enterprise VHD on a 40GB Fixed disk we would use the following command:
cscript wim2vhd.wsf /wim: C:\VHDToolBox\install.wim /sku:SERVERENTERPRISE /vhd:F:\2K8_R2_SP2010_01.vhd /size:40960 /disktype:Dynamic/Fixed
Note: to find the sku you could run the following imagex command on your install.wim file:
Imagex /info “<install.wim location>”
5) Next you need to use bcdedit.exe to add an entry to the boot menu:

• bcdedit /copy {current} /d "My New VHD Description" (This will Return the GUID of the Loader Object that you will use to replace <guid> below)
• bcdedit /set <guid> device vhd=[driveletter:]\<directory>\<vhd filename>
• bcdedit /set <guid> osdevice vhd=[driverletter:]\<directory>\<vhd filename>
• bcdedit /set <guid> detecthal on

That’s it, enjoy

Get Ready for Microsoft SharePoint 2010

Certification Path for IT professionals

• 70-667 TS: Microsoft SharePoint 2010, Configuring
  Microsoft Official Curriculum: Will cover configuration of SharePoint 2010 including deployment, upgrade, management and operation on a server farm.

• 70-668 PRO: SharePoint 2010, Administrator
  Microsoft Official Curriculum: Will cover advanced SharePoint 2010 topics including capacity planning, topology designing and performance tuning.

Certification Path for Developers

• 70-573 TS: Microsoft SharePoint 2010, Application Development
  Microsoft Official Curriculum: Five-day instructor-led course designed for developers with six months or more of.NET development experience. Course covers what you need to know to be an effective member of a SharePoint development team using Visual Studio 2010.

• 70-576 PRO: Designing and Developing Microsoft SharePoint 2010 Applications
  Microsoft Official Curriculum: Five-day instructor-led training course designed for development team leads who have already passed the Developing on SharePoint 2010 technical specialist exam. The course covers choosing technologies for and scoping a SharePoint project, best practices for SharePoint development, configuring a SharePoint development environment, advanced use of SharePoint developer features and debugging of code in a SharePoint project.

https://partner.microsoft.com/40121316?msp_id=sharepoint2010ready

SharePoint 2010: Getting Started with Development on SharePoint 2010 Hands-on Labs in C# and Visual Basic

http://www.microsoft.com/downloads/details.aspx?FamilyID=C010FC68-B47F-4DB6-B8A8-AD4BA33A35C5&displaylang=en#filelist

SharePoint 2010 for Project Management Success

SharePoint 2010 for Project Management Success from Dux Raymond Sy on Vimeo.

Determine hardware and software requirements (SharePoint Server 2010)

http://technet.microsoft.com/en-us/library/cc262485(office.14).aspx

Install SharePoint Server 2007 on Windows Server 2008 R2

From: Microsoft SharePoint Products and Technologies Team Blog

Starting from Service Pack 2, Windows SharePoint Services 3.0 and SharePoint Server 2007 support Windows Server 2008 R2 and Windows Server 2008 SP2. When you try to install SharePoint bits on Windows Server 2008 R2 directly, you may see the following dialogue:

This is because Windows SharePoint Services 3.0 and SharePoint Server 2007 bits without SP2 slipstreamed are not supported on Windows Server 2008 R2. The KB article 962935 is not live on the web site yet.

To install on Windows Server 2008 R2, for Windows SharePoint Services 3.0 you can download the slipstream builds here:

Windows SharePoint Services 3.0 with SP2 (x86)
http://www.microsoft.com/downloads/details.aspx?FamilyId=EF93E453-75F1-45DF-8C6F-4565E8549C2A&displaylang=en

Windows SharePoint Services 3.0 with SP2 (x64)
http://www.microsoft.com/downloads/details.aspx?familyid=9FB41E51-CB03-4B47-B89A-396786492CBA&displaylang=en

For SharePoint Server 2007, you can follow Create an installation source that includes software updates (Office SharePoint Server 2007) to create one. Or you can also read on, we will go through the complete steps to create a new slipstream build for SharePoint Server 2007.

Installation Steps

1. Copy the content of SharePoint Server 2007 setup files from the installation media to a folder on your hard drive.

2. Delete everything inside Updates folder.

3. Download Windows SharePoint Services 3.0 SP2 and Office SharePoint Server 2007 SP2 to a folder.

Make sure your Office SharePoint Server 2007 SP2 is downloaded after July 29^th.

4. Open a command prompt,  change directory to the folder you put the downloaded patches, and run the following two commands:

wssv3sp2-kb953338-x64-fullfile-en-us.exe /extract:[Path to installation bits]\Updates /quiet

officeserver2007sp2-kb953334-x64-fullfile-en-us.exe /extract: [Path to installation bits]\Updates /quiet

Change [Path to installation bits] to where you put the bits. These will extract all the content from the two packages to Updates folder. SharePoint installation program will automatically read this folder to apply the patches.

5. Delete wsssetup.dll. This is a very important step so please don’t miss it.

6. If you also need the Cumulative Updates to be applied when install SharePoint, download the latest Windows SharePoint Services 3.0 and SharePoint Server 2007 Cumulative Update packages and extract them into Updates folder like step 4.

7. Your slipstream build of SharePoint Server 2007 is done!

8. Go and install it on your Windows Server 2008 R2 box, after the installation, the site version will show 12.0.0.6421 or possibly a higher version if you added additional cumulative update files.