harbar.net component based software & platform hygiene
SharePoint 2016

SharePoint 2016

Azure AD & SharePoint (On-Premises) update following SPS Lisbon and ESPC

Here’s a quick update on the issue that occurred during my recent Azure AD and SharePoint sessions at SharePoint Saturday Lisbon and ESPC. For those interested, once I had configured the AAD Enterprise Application and created a Trusted Identity Provider in SharePoint to use it – and attempted a (seemingly successful) login via AAD the glorious Yellow Page of Death was returned by the SharePoint Web Application. It was, perhaps obviously, a basic error – albeit one that is not *that* obvious, especially when you are brutalised by a head cold and a very dodgy furry podium!...

Adding the SharePoint “stubs” to your VS Code PowerShell profile

[update] if you use OneDrive to store your Documents – the default on a new install of Windows 10 - you must ensure the WindowsPowerShell folder exists and is set to be “always on this device”. Ahh, SharePoint. Ahh, SnapIns. Yeah. 2009 faxed and before the ink faded, told us the old crap is hanging around like a bad hangover. I hate SnapIns more than most, but that’s a story for another day. For the time being we are stuck with them when working with our “built from the cloud up” versions of SharePoint Server. One of...

European Collaboration Summit follow up: Tutorial Scripts and Identity Manager Demos

Many thanks to everyone who attended the European Collaboration Summit in Mainz, Germany, last month. It’s safe to say that the event overall was a runaway success and yes, we have already started planning for the 2019 edition! At the event, I promised to publish some additional resources. These are a little later than I had hoped but with a new job and a variety of “more important” things on a rather large to-do list, the delay was inevitable. At any rate, this post serves as a landing page for these resources....

RPC Server Unavailable when creating a SharePoint Farm… the curse of dodgy legacy NetDOM!

Every so often a real blast from the past comes back to haunt me. Usually it’s some obscure “infrastructure” gubbins – you know, the sort of thing that 80% of so called IT Pros knew in 1999. These days thou. Not so much. With SharePoint in particular there is a whole boat load of legacy. Not that legacy is bad. Lot’s of it is awesome. That’s why the product remains so successful. On the other hand some of it is real, real, real nasty!  :) It always seems to come in waves. Over the last two weeks...

Welcome to our family!

The building block of every community is a family. Welcome to our family. See you in Mainz! Your browser does not support the video tag.

Resolving Catastrophic Distributed Cache Failures on VMWare vSphere or ESX guest virtual machines

Ahh, Distributed Cache, everybody’s favourite SharePoint service instance, the most reliable and trouble-free implementation since User Profile Synchronization. I jest of course, it’s the most temperamental element of the current shipping release, not to mention the most ridiculous false dependency ever introduced into the product and should be killed as soon as possible. However, it is extremely important to a SharePoint Farm in terms of both functionality and ensuring maximum performance. Even in simple deployments the impact of the Search and LogonToken related caches can provide ~20% performance and throughput improvements. But what to do when it’s busted? Once...

Using PowerShell to import Profile Photos when using Active Directory Import and SharePoint Server 2013/2016/2019

One of the most common requests I have received over the last couple years has been how to leverage PowerShell to get User Photos from Active Directory (or any other location really) into the SharePoint User Profile Store. With the removal of User Profile Synchronization (UPS) in SharePoint 2016 this need has increased significantly. For most mid market customers this is a key requirement, and implementing Microsoft Identity Manager (MIM) for this purpose is not practical. I did spend a whole bunch of time before the release of SharePoint 2016 attempting to convince the powers that be, that Active...

Configuring a Partitioned UPA in SharePoint 2016 with Active Directory Import

Introduction For about a year now I’ve been plagued by people asking me how to configure a partitioned User Profile Application (UPA) in SharePoint Server 2016, and perform successful profile import using Active Directory Import (ADI). Every few weeks someone asks for the configuration, and it basically got to the point where it made sense to post this article to which I can refer folks. Now, I am not going to provide all up coverage here. I expect you to be familiar with the fundamental concepts of SharePoint Multi-Tenancy. You can head over to my other articles here...

User Profile Photo Import from thumbnailPhoto using MIM and the SharePoint Connector

When leveraging Microsoft Identity Manager (MIM) and the SharePoint Connector for User Profile Synchronization, some customers have a requirement to import profile pictures from the thumbnailPhoto attribute in Active Directory. This post details the correct way of dealing with this scenario, whilst retaining the principle of least privilege. The configuration that follows is appropriate for all of the following deployments: SharePoint 2016, MIM 2016, and the MIM 2016 SharePoint Connector SharePoint 2013, MIM 2016, and the MIM 2016 SharePoint Connector SharePoint 2013, FIM 2010 R2 SP1 and...

Microsoft Identity Manager 2016 Service Pack 1 is now available!

Today, Microsoft released Service Pack 1 for Microsoft Identity Manager 2016 (MIM). This is an extremely important release for SharePoint practitioners who are looking to leverage MIM for User Profile Synchronization with SharePoint Server 2016. This Service Pack provides a significantly streamlined deployment process – no more hotfix rollups (well, for the time being :)). This is important for those leveraging simply the Synchronization Service, but also for those working with declarative provisioning using the MIM Portal and Service – SharePoint Server 2016 support is also included, as is support for SQL Server 2016. Service Pack 1 can...

Enabling multiple OUs and avoiding credential touch up with the MIMSync “toolset” for SharePoint Server 2016

As many of you are aware there is a “toolset” published on GitHub which provides one way to get up and running using Microsoft Identity Manager 2016 (MIM) for profile synchronization with Active Directory. This Windows PowerShell Module and exported MA configurations basically provisions a base capability more or less akin to what shipped with SharePoint 2013’s User Profile Synchronization capability. I’m not much of a fan of this Module or it’s approach. Seriously, if a customer is going down the road of implementing MIM they better be sure they have the right skills in place – and right...

Important Update for SharePoint folks: Hotfix Rollup for Microsoft Identity Manager 2016

Back in the middle of March, Microsoft released a Hotfix Rollup for Microsoft Identity Manager 2016 (MIM). This hotfix rollup is version 4.3.2195.0. This is an extremely important build for those leveraging MIM for profile synchronization with SharePoint Server 2016. You can get the bits over at KB313475. There are numerous articles out there suggesting that you should install build 4.3.2064.0. Don’t! 4.3.2195 is the fix package you need. Make this part of your base build of the MIM Sync server. However, if you already have MIM Sync setup and you want to apply this patch, make sure...

Zero Down Time Patching in SharePoint Server 2016

Zero Downtime Patching (ZDP) in SharePoint Server 2016 has a marketing heavy silly name, but it's actually sweetness on a stick. Whilst I hate the name, it is accurate in respect to the basics of the new patching process and the changes made in 2016 to support it. Now as to whether a customer would actually perform real world patching operations with such an expectation is another matter entirely. Here's a hint: they wouldn't. There's a lot more to patching an environment than updating the bits of the software. Or there should be, otherwise you shouldn't be running the environment....

SharePoint 2016 Nugget #2: Distributed Cache Size in MinRole Farms

In SharePoint 2013, the Distributed Cache size is set to half of ten percent of the total RAM on the server. This means that on a server with 8Gb RAM, the Cache Size (the allocation for data storage) is 410Mb. Another 410Mb is used for the overhead of running the Cache. This is a reasonable default as the system has no way of knowing which other services will be provisioned onto the server. And of course by default in SharePoint 2013 every machine in the farm will host Distributed Cache, unless you build your farm properly using the –SkipRegisterAsDistributedCacheHost...

SharePoint 2016 Nugget #1: Topology Service in MinRole Farms

Whilst I have some much more in depth coverage of SharePoint 2016 coming soon, this is the first in a mini series of “nuggets” – tidbits of information on the new release. Unlike with previous releases I decided against publishing a lot of material whilst the product was in public preview and to wait until the RTM. This decision was driven by a number of factors I won’t bore you with. Many will be of the opinion that not a great deal has changed in SharePoint 2016. That is somewhat true, especially in respect to visible end user...

Distributed Cache Service Identity: Turning the Playbook into real Tools

A couple of weeks ago I posted about the Playbook Imperative and Changing the Distributed Cache Service Identity, which generated a lot of interest and feedback regarding the “tooling approach” presented. The original intention of the post was to articulate the importance of understanding the playbook when performing operational service management of SharePoint farms. I had never intended to show “how to do it” in terms of creating tooling in Windows PowerShell. The PowerShell examples were created purely to demonstrate the playbook and were deliberately done in a way that meant the focus was on the tasks being performed rather...

The Playbook Imperative and Changing the Distributed Cache Service Identity

Introduction One of the most common challenges facing those operating production SharePoint environments is the “missing playbook”. Even for deployments where operational service management (OSM) skills are strong it is impossible to deliver quality operational service without the playbook. It’s generally pretty uncommon for practitioners to factor OSM considerations into the design, or at least to do it well. Indeed, in many cases it is also impossible to do so completely as so much about the environment will not be known or understood prior to broad platform adoption. Whilst the playbook is imperative for any system, there is...