Cleaning orphan database from SharePoint Farm

The issue:

You have patched your Sharepoint farm but if you run the configuration wizard and it is always failing on step 9 /10 on upgrade Operations and you have facing following error:

SharePoint Foundation Upgrade        SPWebApplicationSequence        ajy60        DEBUG        Web application [SPWebApplication Name=ContosoDB] has 1 IisSettings object        1a71389d-7618-d087-2401-036280754f67

10/17/2015 11:23:01.93        OWSTIMER (0x1920)        0x1614        SharePoint Foundation Upgrade        SPWebApplicationSequence        ajy61        DEBUG        Searching for sites with Server Comment = ContosoDB 1a71389d-7618-d087-2401-036280754f67

10/17/2015 11:23:02.36        OWSTIMER (0x1920)        0x1614        SharePoint Foundation Upgrade        SPWebApplicationSequence        ajy66        DEBUG        Adding a iis web site object with instance Id = [319138241]        1a71389d-7618-d087-2401-036280754f67

10/17/2015 11:23:02.36        OWSTIMER (0x1920)        0x1614        SharePoint Foundation Upgrade        SPHierarchyManager        ajyw5        ERROR        Attempt to register null pointer at:    at Microsoft.SharePoint.Upgrade.SPHierarchyManager.AddNextLevelObjects(Object current, IEnumerable nextObjects)     at Microsoft.SharePoint.Upgrade.SPWssWebApplicationSequence.AddNextLevelObjects()     at Microsoft.SharePoint.Upgrade.SPHierarchyManager.Grow(SPTree`1 root, Boolean bRecursing, SPDelegateManager delegateManager)     at Microsoft.SharePoint.Upgrade.SPHierarchyManager.Grow(SPTree`1 root, SPDelegateManager delegateManager)     at Microsoft.SharePoint.Upgrade.SPUpgradeSession.Upgrade(Object o, Boolean bRecurse)     at Microsoft.SharePoint.Administration.SPPersistedUpgradableObject.Upgrade(Boolean recursively)     at Microsoft.SharePoint.Upgrade.SPUpgradeSession.ReflexiveUpgrade(Object o, Boolean bRecurse)     at Microsoft.SharePoint.Upgrade.SPUpgradeSession.Upgrade(Object o, Boolean bRecurse)     at Microsoft.SharePoint.Administration.SPPersistedUpgradableObject.Upgrade(Boolean recursively)     at

Then you have checked that ContosoDB which is not present in SQL server but why are you getting this error with that database . This is an orphan database record issue . SharePoint has still have information about that database the record about that database present in SharePoint configuration database (inside the Object table) but in real there is no database present in SQL server with that name.

Ok how can you verify this;
First find the related Web Application Id by powershell
$wa = Get-SPWebApplication -Identity

Then we need to check in SQL server by running some sql queries to get xml configuration of this web Application object:

SELECT TOP [Id],[ClassId],[ParentId],[Name],[Status],[Version],cast([Properties] as XML)
FROM [SharePoint_Config].[dbo].[Objects] where Id = ‘<Guid of the Web Application>’

And if you look in details for the related XML


You have verifed that if there is <fld type=”null” /> record in that xml.
Also we know that the deleted database’s id is 44c186d2-6581-4314-90bd-a00f3efe18e3

If you search for this ID in configuration database’s Object table for this content database;you will not find any record about it ;So it is an oprhan item.

Ok so far so good , I can hear your question that how we get rid off this with a supported way  ?
– Well you shouldnt change SharePoint databases manually , it is not supported by Microsoft .

Resolution is easy but It is a little bit tricky.
To remove that oprhan database we will run a single command.
We need the Web Application object in powershell
$wa = Get-SPWebApplication -Identity
Then run this

The tricky part when you run this you will get an error ! Upss did i something wrong , NO!

PS C:\Users\SPFarmAdmin> $wa.ContentDatabases.Delete(“44c186d2-6581-4314-90bd-a00f3efe18e3”)
Exception calling “Delete” with “1” argument(s): “Object reference not set to an instance of an object.”
At line:1 char:1
+ $wa.ContentDatabases.Delete(“44c186d2-6581-4314-90bd-a00f3efe18e3”)
+ CategoryInfo      : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : NullReferenceException

 Well after run this command , just ignore the error .Normally it fixes the configuration database and cleans the orphan record .
Not sure ??
Check yourself again the XML configuration of the Web Application from SQL server by following SQL again.
SELECT TOP [Id],[ClassId],[ParentId],[Name],[Status],[Version],cast([Properties] as XML)
FROM [SharePoint_Config].[dbo].[Objects] where Id = ‘<Guid of the Web Application>’

if you do not see the orphan   <fld type=”null” /> , then you good to go 🙂 You can run the configuration wizard again .


The SPListItem being updated was not retrieved with all taxonomy fields

The problem definition is simple , you have some taxonomy fields on a list or in a content type which is using manage metadata columns . When you edit an item and try to save you will facing an error like validation error

The SPListItem being updated was not retrieved with all taxonomy fields”

Ok lets start and give some information , I have recently faced this issue and make a couple research internet to find a solution .
And i found some suggestions but it is dangerous !.

For example :

To fix this go to Central Administration, Manage Web Applications, select the web application, and then choose the dropdown under General Settings select Resource Throttling.

The setting for List View Lookup Threshold and raise it from the default 8. it can go up to 1000 although you are unlikely to need this many lookups.”

!!! Please do not change or exceed SharePoint Boundaries and Limitations (unless Microsoft told do so) . There is a reason that SharePoint Product group relaese these boundaries and limitations .
As you may see many articles suggests increase the “List View Lookup Threshold” , No ! if you do that in a highly utilizated production environment , your sharepoint can be unreachable and face absolute dead-lock stiuations in SQL server .

I could not expose the source code but you can find the details if you know how to use reflector.
This error only happen we have static function TouchAllTaxonomyColumns called when saving a list item which contains Taxonomy Fields.
And  when this function called , we looping all taxonomy fields in that library (added by content type or manually) , not only the one you want to update .Thats mean any of the taxonomy field in that libary have any problem then you will see this error .

For example you have added two taxonomy field to a Pages Library , One of them comming from a content type and it is healty . and the second one was added manually and have a problem .
Then you are creating a Page and editing the page by using this Content Type, you will see only the first taxonomy field because this content type does not contains the second (problematic) taxonomy field . Even so when you try to save you’ll see this error . Because when you save an item we are touching all taxonomy fields present in library at behind .

So what can be the problem of the second taxonomy field ?

1 )This problem mostly happens when you move content types between site collections by powershell or using 3rd party tools or SharePoint Manager.
Every SharePoint Site Collection has a TaxonomyHiddenList . And if you check for the Field definition you will see there is a reference to TaxonomyHiddenList in LookupList property.
So if you move a site column or a content type have a taxonomy field from an another site collection the lookuplist id must be updated ! otherwise it will be pointing a different TaxonomyHiddenlist which is not present in target site collection .
SchemaXML looks like below:
<FieldType=“TaxonomyFieldType” List=“{<TaxonomyHiddenListGUID>}” WebId=“<GUID>“ …..

you can find the correct TaxonomyHiddenList id by running following powershell;
$site = get-spsite
$web = $site.OpenWeb()
$web.Lists | sort Title | ft id,title

The verify the problem check for all taxonomy fields in the Library ( I used Pages library for a sample)
$list = $web.Lists[“Pages”]
$list.fields | ? { $_.typeasstring -like “Taxo*” } | ft InternalName

then check for every taxonomy field to see what is the LookupList
$field = $list.Fields.GetFieldbyInternalname(“<internalname of the field>”)

It will show you the GUID of bounded TaxonomyHiddenList , compare with the TaxonomyHiddenList Guid in that Site Collection . If it is different then you have the problem !.

The resolution is delete the problematic taxonomy fields and re-create it . Well it is not an easy process , you may need to clean from content type or dependent parents that using it .

2) Another issue managed metadata field type required additional Notes field type as well.If you have a missing “Note” field type some how , you will face this problem .
$field = $list.Fields.GetFieldbyInternalname(“<internalname of the field>”)
Shows you the dependant Note field , if it is not present , then you have a problem of your custom creation or migration code/script.

About UserNotFoundException when SharePoint AD LDS (LDIF) sync operation

You are trying to Configure profile synchronization using a Lightweight Directory Interchange Format (LDIF) file in SharePoint 2013 Using the following article : You have successfully used this method in your SharePoint 2010 farm, however when you try to configure it in SharePoint 2013 and attempt a synchronization, you an ma-extension-error.

System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. —> System.AggregateException: One or more errors occurred. —> Microsoft.Office.Server.UserProfiles.UserNotFoundException: A user with the specified SID could not be found in the domain.  Check the spelling of the account name ‘’ and try again. —> System.ComponentModel.Win32Exception: No mapping between account names and security IDs was done
at Microsoft.Office.Server.Utilities.Win32.AdvApi.LookupAccountName(String lpSystemName, String lpAccountName, IntPtr Sid, Int32& cbSid, StringBuilder ReferencedDomainName, Int32& cchReferencedDomainName, SID_NAME_USE& peUse)

Reason for this error

The objectSid attribute was not included in the LDIF file.  The objectSid is required in SharePoint 2013 to process the accounts listed in the LDIF file.

For resolution :

1. Go to the LDIF MA, right click and select properties
2. Select Configure Attributes
3. Select New
a. Name: objectSid
b. Type: Binary
c. Select Ok
4. Go to the LDIF MA, right click and select properties
5. Now Select “Define Object Type”
6. From the Object types: select user and click Edit
7. Select objectSid and put it into the May have attributes:
8. Select OK
9. Select Configure Attribute Flow
10. Expand the user object
11. From the Data source attribute, select objectSid
12. From the Metaverse attribute, select objectSid
13. Mapping Type is Direct
14. Flow Direction is Import
15. Select New
16. objectSid displays in the Configure Attribute Flow
17. Select OK
18. Right click the MOSS MA and select properties
19. Select Configure Attribute Flow
20. Verify that the SID to objectSid attribute flow exists
21. Select OK
22. Open your LDIF file for edit
23. Add the objectSid to your accounts
24. Save the file
25. Run a Full Sync

An example from my test LDIF file

dn: CN=John Doe,CN=Roles,CN=Partition,DC=Contoso,DC=COM
changetype: add
displayName: John Doe
sn: Doe
givenName: John
objectClass: user
objectSid:: AQUAABTfkXMrX0BU0ChCzd4FhEeWw8XrYl1T+Q==

-How you find the correct sid ? You need to extract correct sid from AD LDS.
ldifde -f “c:\import.ldif” -s “localhost:389″ -d “CN=partition,dc=contoso,dc=com” -r “(objectClass=user)” -l “dn,changetype,displayName,userPrincipalName,mail,givenName,sn,objectSid

Sharing AppDomains between web applications in SharePoint 2013

Well , sharing an AppDomain between web application is a gray-out area so i decided to create an article for this.

Scope Note :

  • This article does not contains “how to create and configure apps for SharePoint 2013”. You may find more information at the end of the article (Resources Section)
  • This article does not cover SSL configurations.

In SharePoint 2013 , Sharing an “AppDomain” (exp: between different web applications is possible but there are some limitations

1) Apps domains can be shared across web applications if the zone, application pool identity, and authentication schemes match. For example suppose that webappA is configured to use the Default zoneH and webappB is also configured to use the Default zone. In addition, both web applications use the same Application pool identity, and both web applications use NTLM. In this scenario, the web applications can share a single app domain.

2) You can share only one AppDomain allowed between different web applications. (Yes , with March PU you can use multiple AppDomains but it does not mean that you can share it directly )
Which is defined in CA-> Apps -> Configure Apps Url


Or via Powershell

Set-SPAppDomain <appDomain>
Set-SPAppSiteSubscriptionName -Name "app" -Confirm:$false

* As you can see , SharePoint only allows one global AppDomain by Set-SPAppDomain cmdlet .

Lets have a look an example ; I assume that you have already created Forward DNS Lookup Zone and set CNAME for “” alias.


For Detailed configuration please read the following TechNet article (As i said it is out of scope)
->Configure an environment for apps for SharePoint (SharePoint 2013)

We want to share “” AppDomain via 3 different web applications

Web Application 1: Jüpiter

URL : http://jupiter
Bindings: HTTP:jupiter:80
Application Pool : JupiterAppPool
Identity : Contoso\spfarm

Web Application 2: Neptün
URL : http://neptun
Bindings HTTP:neptun:80
Application Pool : NeptunAppPool
Identity : Contoso\spfarm

Web Application 3: Uranüs
URL : http://uranus
Bindings HTTP:uranus:80
Application Pool : UranusAppPool
Identity : Contoso\spfarm

(*If you want also you can use same Application pool for all)

Well all these 3 web Application has a host header , thats why we need another IIS Site (not required a SharePoint Web Application but you may also create as a SharePoint Web Application)
This is a dummy web application with no site collection inside. We are just using this for binding.  Bindings  http::80:*  (wildcard) and should except all 80 Why becuase any request like must able to land a IIS Site so “http::80:* ” binding handles this kind of request.  And have to be same application pool identity (Contoso\spfarm).

AppHost Web Application : Name -> AppHost
Url : (N/A)
Bindings :HTTP::80:*
Application Pool : AppHostPool
Identity : Contoso\spfarm

Check for more info if you want to get more details the “Routing Web Application” section

So far so good , as you notices we dont enabled “SupportMultipleAppDomains” feature which is added to SharePoint 2013 via March PU.

There is a SSL version configuration by Steve,

Now it is time to test. I used the Yammer App from SharePoint App Store .

After Installing Yammer App ;

Result in Browser :


Note: Do not use “System Account” when you are adding Apps !

Each instance of an app for SharePoint that is installed has its own URL. Therefore, if you only have one app for SharePoint in your environment, but the app is installed on six different sites, then you will have six different app URLs. As you can see above pictures the AppID has changing.

What about enabling Multiple AppDomains feature ?

“One of the feature updates of the March 2013 Public Update for SharePoint 2013 enables you to use multiple app domains in SharePoint 2013 environments with alternate access mapping or host-header web application configurations. Before the Public Update, you could only host one app domain and it had to be in the Default zone. You could not use the app domain on alternate access mappings or host-header web application configurations. The Public Update enables you to configure an app domain for each web application zone and use alternate access mapping and host-header web application configuration

In SharePoint 2013 , you can use more than one AppDomain for one WebApplication but you can not share that specified appdomain between zones or different applications with that feature .This feature has been added after March PU . The new feature extends sharepoint powershell cmdlets with
These cmdlets basically provide Isolation not for Sharing !

Adding another web application (4th one)  to farm and this scenario we don’t want to use Shared AppDomain ( we want to assign a diffrent AppDomain ( for this Web Application.

Web Application 4: Titan
Url :
Bindings :
HTTP::81:* (Why a second binding for a different port ? Because appdomain requires wildcard bindings)
Application Pool : TitanAppPool
Identity : Contoso\SPWeb

We need to enable Multiple App Domain Feature ; After we enabled the feature ( $contentService.SupportMultipleAppDomains = $true )  we can assign this web application a different AppDomain . (For more info Please read )

Created another Fwd Lookup Zone in DNS for another AppDomain . Exp :

And then we can assign this AppDomain to 4th web application.

New-SPWebApplicationAppDomain –AppDomain “” –port 81 –WebApplication

And test with a app (Again I use Yammer App)

I will continue the scenario adding another web application like

Web Application 5
HTTP::82 :*
Application Pool:  EuropaPool
Identity : Contoso\SPWeb

If we try to assing same AppDomain (  for the 5th site , by design we face following error !.
Because only one AppDomain globally (well we can say the old way) can be shared in a Farm which is “”

PS C:\Users\spfarm> New-SPWebApplicationAppDomain -AppDomain “” -Port 82 -WebApplication http://europa

“New-SPWebApplicationAppDomain : We can’t set this app domain because it’s
already being used by a different web application or for a different zone.”

* Using Multiple AppDomains feature we can extend one of the web Application for a different zone(like Internet) for example “Jüpiter” -> ( and assign a different AppDomain but we could not use or share another AppDomain if assigned to another web Application or same web Application in different zone !

What you can do;

Well what you can do ; you can share it by adding subdomain before the second appdomain like

Configuration looks like this;
(if you set an appdomain for europa or titan webapplication before you have to remove the appdomain first)

New-SPWebApplicationAppDomain –AppDomain –Zone Default –WebApplication http://titan –port 81 (according to configuration you may need to add  free port binding  (like HTTP::81:*) to same IIS site which is not used by SharePoint or any application)

New-SPWebApplicationAppDomain –AppDomain –Zone Default –WebApplication http://europa –port 82 (according to configuration you may need to add  free port binding  (like HTTP::82:*) to same IIS site which is not used by SharePoint or any Application)

(Don’t forget to make an IISRESET after use the cmdlets)

After that when you add YammerApp to both sites you will see the app url as below: for http://titan for http://europa


Configure an environment for apps for SharePoint (SharePoint 2013)
Enable apps in AAM or host-header environments for SharePoint 2013


SharePoint 2013 Workflows – High Availability (MSMQ)

Workflow Manager only supports a farm with 1 computer or a farm with 3 computers.

There is a very good article by  that you can read details .
“However this isn’t high availability, its horizontal scalability. It’s pretty sweet. The trouble is the perception that “Service Bus takes care of everything”. Which is not the Case…

When we create a connection to a Workflow Manager farm from a SharePoint farm with the Register-SPWorkflowService cmdlet we pass in a WorkflowHostUri parameter. This typically is the host name of a Workflow Manager host. If we have three Workflow Manager hosts, which host name should we use? Well we can use anyone we like, as long as it’s valid. This will work. But it’s not highly available. If that particular host is down for whatever reason, our Workflow Connection – which is a Service Application Proxy – will be broken and we cannot configure or execute any SharePoint 2013 workflows.”

The servers should be configured with a software or hardware load balancer for proper load balancing, or can be accessed directly”
Load Balancing is a solution for this issue but it is not enough .
As again

“A load balancer generally does load balancing. Whether it’s NLB or ARR or an “intelligent”, “hardware” device from the usual suspects, it doesn’t make any difference. They all require configuration and scripting to truly function for HA. If all you need is a solution for when you reboot a host due to Windows Updates or similar scenarios you are good. But for everything else you need to tell the load balancer how to be “intelligent”, it will not happen out of the box.”

there is also one more resolution for high availability : MSMQ.
MSMQ is a Windows Server feature that you can enable on your SharePoint Server computer to allow asynchronous event messaging in SharePoint workflows. To support asynchronous event messaging, you must enable MSMQ on your SharePoint Server computer.

After MSMQ installed it can be easily activate by powershell:

$proxy = Get-SPWorkflowServiceApplicationProxy
$proxy.AllowQueue = $true;

MSMQ provides Queue functionality  for SharePoint side , like Service Bus does  for Workflow Manager side. If we summarize
For High Availability:

1) Scale up your Workflow Manager Farm by 3 server.
2) Configure Workflow Manager host uri for your LB and DNS as correctly
3) And Use MSMQ !!! which is not OOB enabled for SharePoint 2013 servers.