Bugra Postaci's Blog

All my posts are provided "AS IS" with no warranties, and confer no rights.

  • Home
  • About
  • Docs
  • Privacy
Posts Comments
  • Sharepoint
    • Sharepoint 2010
    • SharePoint 2013
    • Sharepoint Tips & Tricks
    • SharePoint 2016
    • Sharepoint Tools
  • ASP.NET
  • C#
    • Tips & Tricks
  • Uncategorized

After updating SharePoint 2013 to November 2017 CU or later you may not be able to open documents with Office

06/12/2017 Leave a comment

https://blogs.msdn.microsoft.com/rodneyviana/2017/12/05/after-updating-sharepoint-2013-to-november-2017-cu-or-later-you-may-not-be-able-to-open-documents-with-office/

This issue mostly happens if you update your sharepoint from command-line by using psconfig.exe and when you miss the correct parameters.

PSConfig.exe -cmd upgrade -inplace b2b -wait -cmd applicationcontent -install -cmd installfeatures -cmd secureresources -cmd services -install

Thanks to Rodney for excellent work to detecting the issue .we have an easy workaround of this.But we don’t like much to copy/paste dlls around.

Instead of manullay copy/paste the stssoap.dll around bin folders and if you already run psconfig.exe by missing applicationcontent -install parameters , you can use following powershell commandlet ;
Install-SPApplicationContent
https://docs.microsoft.com/en-us/powershell/module/sharepoint-server/Install-SPApplicationContent?view=sharepoint-ps

for more information about PSCONFIGUI.EXE and PSCONFIG.EXE please read outstanding article by my colleague Stefan Gossner
https://blogs.technet.microsoft.com/stefan_gossner/2015/08/20/why-i-prefer-psconfigui-exe-over-psconfig-exe/

Filed under SharePoint 2013 Tagged with November CU 2017, Office, Sharepoint, stssoap.dll

Mainstream support for SharePoint 2013 will end in 6 months

08/11/2017 Leave a comment

Mainstream support for SharePoint 2013 will end on April 10th, 2018:
https://support.microsoft.com/en-us/lifecycle/search?alpha=sharepoint%202013

After this date only security fixes will be provided for SharePoint 2013. Regular hotfixes can no longer be requested.

If not already done we recommend to start planning the migration to SharePoint Server 2016 as soon as possible.

Filed under SharePoint 2013, Uncategorized

mapping with destination attribute ‘name’ has a source attribute marked as export-only

17/07/2017 Leave a comment

Recently I have faced an issue with MIM 2016 and SharePoint 2016 while exporting string (Multi-Value) from SharePoint to AD.

Well , i will not go in detail for MIM and SharePoint 2016 configuration for export operations . There are articles around , if you interested :
please check:
https://thesharepointfarm.com/2016/03/using-mim-to-export-attributes-from-sharepoint-2016/

So the reproduce the issue;
I have create a User Profile Property as string (Multi-Value) from User Profile Service-> Manage User Properties. That was the easy part . (Please notice i didn’t select any TermSetId when i creating the property)

We need to “Refresh Schema” of the Management Agent for SharePoint (SPMA) to discover newly created property .Well it succeeded without issue. But there is a problem , when you export the schema.xml of the SPMA you will notice that property marked as “Export-Only” .

dsml:attribute ref="#Rooms" required="false" ms-dsml:isAnchor="false" ms-dsml:allowedOperation="ExportOnly"

Thats means you can not import from SharePoint to Metaverse that property . (It is working in contrawise , Export for SPMA means Metaverse to SharePoint , Import means SharePoint to Metaverse)

So it will not allow you to create “Attribute Flow” other direction (Import) in SPMA Properties. I have faced a very definitive error that is “EXPORT-ONLY”

So i have tried to mitigate this by modify SPMA schema xml . “Export Management Agent then modify the xml and get rid of dsml:allowedOperation="ExportOnly" , and again update management agent with new xml. But no luck.
Well it is worked at the beginning and i able to export my value to the AD until when i need to “Refresh Schema” for SPMA . I have faced following error in event viewer.

“BAIL: MMS(10132): ..\cdext.cpp(416): 0x80070057 (The parameter is incorrect.)
BAIL: MMS(10132): ..\xstack.cpp(405): 0x80070057 (The parameter is incorrect.)
BAIL: MMS(10132): ..\xparse.cpp(436): 0x80070057 (The parameter is incorrect.)
BAIL: MMS(10132): ..\iafparse.cpp(2423): 0x8023050e (The import attribute flow rules XML defines an invalid/incomplete rule.): IAF: mapping with destination attribute ‘Rooms’ has a source attribute marked as export-only
BAIL: MMS(10132): ..\xstack.cpp(540): 0x8023050e (The import attribute flow rules XML defines an invalid/incomplete rule.)
BAIL: MMS(10132): ..\xparse.cpp(544): 0x8023050e (The import attribute flow rules XML defines an invalid/incomplete rule.)
BAIL: MMS(10132): ..\iafexec.cpp(141): 0x8023050e (The import attribute flow rules XML defines an invalid/incomplete rule.)
ERR_: MMS(10132): ..\mastate.cpp(12497): Error creating import attribute flow rules object: 0x8023050e
BAIL: MMS(10132): ..\mastate.cpp(12585): 0x8023050e (The import attribute flow rules XML defines an invalid/incomplete rule.)
BAIL: MMS(10132): ..\mastate.cpp(6263): 0x8023050e (The import attribute flow rules XML defines an invalid/incomplete rule.)
BAIL: MMS(10132): ..\ma.cpp(670): 0x8023050e (The import attribute flow rules XML defines an invalid/incomplete rule.)
BAIL: MMS(10132): ..\ma.cpp(928): 0x8023050e (The import attribute flow rules XML defines an invalid/incomplete rule.)
Forefront Identity Manager 4.4.1302.0”

After hours of investigation noticed that it is related with  TermSetId in Profile DB.
I have checked and compare the properties in the database and noticed if  i create a multi-value string even without termset id it is storing an emty guid inside ,well the other properties was null. So I have done a manuel set NULL (which is not supported) to test. Voila , now i can able to refresh schema again and everithing works fine. But this is not a valid resolution . It is not supported . And what if i want to use Term Set Id with that Profile Property   ?

Luckly it was resolved by SharePoint team long time ago . But not documented any where or i didn’t find it.

Resolution:
SharePoint connector (build 4.3.2036.0 or higher) have a new setting .Enabling the new setting “Import auto-updated attributes” on the Connectivity tab of the SharePoint Connector allows us to import an attribute that has a TermSetID other than NULL.

https://support.microsoft.com/en-us/help/3156030/hotfix-rollup-build-4.3.2201.0-is-available-for-forefront-identity-man

It was also resolve my issue with Multi-Value string without TermSetId (even so it has a empty guid it is not NULL) .
SPConnector

Filed under SharePoint 2016 Tagged with Export-Only, IAF, MIM, Multi-Value String, Multy Value, SPMA

Outgoing emails are not working in SPS2016 after Security Update May 2017

22/06/2017 Leave a comment

This article has inform you previously there may be some concequences after May 2017 Security Update for SharePoint in some special configurations.

There is a security update May 9,2017 for SharePoint Server 2016
You can find details in following KB
https://support.microsoft.com/en-us/help/3191880/description-of-the-security-update-for-sharepoint-server-2016-may-9-20

  • SharePoint outbound email messages incorrectly try to authenticate to SMTP servers that support Generic Security Service Application Program Interface (GSSAPI), Kerberos, or NTLM authentication. This may prevent email messages from being sent. After you install this update, SharePoint sends email messages anonymously without authentication.

 

Well it is confusing, as you may know, out of the box mail configuration for SharePoint always anonymous. Thats correct.
But in some special configuration applied by customers to force SharePoint processes (w3wp or owstimer) to authenticate with their identities to Exchange server;  If aspnet:AllowAnonymousImpersonation settings was disabled for Authenticated users (well it doesn’t work for anonymous users at all) it may work.

<appSettings>
<add key=”aspnet:AllowAnonymousImpersonation” value=”false” />
</appSettings>

More details explained for this.
https://support.microsoft.com/en-us/help/2686411/sharepoint-impersonates-the-iusr-account-and-is-denied-access-to-resources
Security Warning : Well the suggested action for this settings , this should be enabled. Otherwise anonymous request will have higher rights with Application Pool Identities does.

The problem of this kind of authentication is incorrect ,not expected  for SharePoint and Microsoft considered this is a Security Issue. As Microsoft said by design it has to be anonymous. With that Security fix will prevent this. SharePoint will be always use anonymous authentication through SMTP servers.

For customers who interested force authentication , well there’s no way to disable the anonymous-only behavior but we have valid workaround for that:

  1. If you are using Exchange, you can set up a separate receive connector configured as externally secured, and restricted to the IP addresses of the SharePoint server(s) in their environment.  This will allow SharePoint to send e-mails anonymously through this receive connector, but the connector will treat the e-mails as if you were authenticated.  All other SMTP clients will continue using the regular receive connectors and any authentication policies associated with those receive connectors.
  2. Set up a smarthost SMTP relay that will accept e-mails anonymously from the SharePoint server(s), and then relay them to the company’s SMTP infrastructure using authentication.

Filed under Sharepoint, Uncategorized Tagged with AllowAnonymousImpersonation, SMTP

Single Label Domain names (SLD) and SharePoint

21/06/2017 Leave a comment

Not a good idea. Not supported at all , for SharePoint.

https://technet.microsoft.com/en-us/library/cc262485.aspx

Filed under Sharepoint, Uncategorized

← Older posts

Newer posts →

RSS Register

  • RSS - Posts
  • RSS - Comments

Search

Inside my brain

2010 2013 AAM Access Denied AD ASP.NET Authentication Backup C# configuration Content Content-type CU Cumulative Database Delete deployment enum Error Excel Feature GAC GC Http HttpHandler IE8 IIS LDAP list Lock() Log meeting Moss 2007 Moss2007 mysite Ninject NTLM Performance PowerShell problem Profile RBS Redirection request Search security server Service Service Pack session Sharepoint Sharepoint 2007 Sharepoint 2010 Sharepoint2010 SharePoint 2013 Site SP1 SP2 SPS2010 SPS2013 SQL stsadm Support Supportability Sync Syncronization TimerJob tools ULS UPA Update user Web Webpart Workflow

Categories

  • .Net Tools (6)
  • ASP.NET (34)
  • C# (32)
  • Coolite (1)
  • Debugging (1)
  • Design Patterns (1)
  • IIS (4)
  • Microsoft Support (1)
  • Powershell (2)
  • Sharepoint (105)
  • Sharepoint 2010 (89)
  • SharePoint 2013 (54)
  • SharePoint 2016 (9)
  • SharePoint 2019 (3)
  • SharePoint Online (5)
  • Sharepoint Tips & Tricks (20)
  • Sharepoint Tools (7)
  • System (2)
  • T-SQL (5)
  • Tips & Tricks (10)
  • Uncategorized (30)
  • Visual Studio IDE (4)
  • Windows 10 (3)

Top Posts

  • About Supportability of SCOM APM Agent by SharePoint Products
  • Loading this assembly would produce a different grant set from other instances. (Exception from HRESULT: 0x80131401)
  • Redirecting http to https in SharePoint with AAM
  • SharePoint Workflow Configuration Common Issues
  • Cleaning orphan database from SharePoint Farm

My Recents

  • The code execution cannot proceed because edgegdi.dll was not found
  • Who is listening on port 80 (http.sys ?)
  • Win10 Search from Start shows a black box
  • Anjular.js fragment identifier “#” hash issue with SharePoint 2019 Modern UI
  • About future of the Content Deployment feature for SharePoint 2019

Archives

  • August 2021 (1)
  • February 2020 (2)
  • November 2019 (2)
  • August 2019 (2)
  • July 2019 (2)
  • June 2019 (1)
  • May 2019 (1)
  • April 2019 (2)
  • March 2019 (2)
  • January 2019 (1)
  • July 2018 (1)
  • June 2018 (1)
  • May 2018 (1)
  • January 2018 (1)
  • December 2017 (1)
  • November 2017 (1)
  • July 2017 (1)
  • June 2017 (3)
  • May 2017 (1)
  • February 2017 (2)
  • May 2016 (1)
  • March 2016 (1)
  • February 2016 (1)
  • December 2015 (1)
  • November 2015 (1)
  • October 2015 (2)
  • August 2015 (3)
  • July 2015 (1)
  • June 2015 (4)
  • May 2015 (2)
  • April 2015 (1)
  • March 2015 (1)
  • February 2015 (3)
  • January 2015 (1)
  • December 2014 (3)
  • October 2014 (3)
  • August 2014 (6)
  • July 2014 (2)
  • May 2014 (5)
  • April 2014 (5)
  • March 2014 (2)
  • February 2014 (17)
  • December 2013 (2)
  • November 2013 (3)
  • October 2013 (5)
  • August 2013 (1)
  • July 2013 (3)
  • June 2013 (4)
  • May 2013 (2)
  • April 2013 (1)
  • March 2013 (3)
  • February 2013 (3)
  • January 2013 (4)
  • December 2012 (1)
  • November 2012 (4)
  • October 2012 (3)
  • September 2012 (2)
  • August 2012 (3)
  • July 2012 (5)
  • June 2012 (2)
  • May 2012 (3)
  • April 2012 (9)
  • March 2012 (7)
  • February 2012 (10)
  • January 2012 (8)
  • December 2011 (8)
  • November 2011 (2)
  • October 2011 (11)
  • September 2011 (10)
  • August 2011 (5)
  • July 2011 (7)
  • June 2011 (13)
  • May 2011 (2)
  • April 2011 (11)
  • March 2011 (1)
  • February 2011 (1)
  • January 2011 (6)
  • December 2010 (4)
  • November 2010 (4)
  • October 2010 (14)
  • September 2010 (5)
  • August 2010 (3)
  • April 2010 (9)
  • March 2010 (7)
  • February 2010 (10)
  • January 2010 (42)
  • December 2009 (3)
  • November 2009 (9)

Create a free website or blog at WordPress.com.

Bugra Postaci's Blog
Create a free website or blog at WordPress.com.
Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy
  • Subscribe Subscribed
    • Bugra Postaci's Blog
      • Join 60 other subscribers
    • Already have a WordPress.com account? Log in now.
    • Bugra Postaci's Blog
    • Subscribe Subscribed
    • Sign up
    • Log in
    • Report this content
    • View site in Reader
    • Manage subscriptions
    • Collapse this bar
 

Loading Comments...