Thursday, December 10, 2015

If ISE is not added then add by

Running powershell as local administrator

import-module servermanager
add-windowsfeature powershell-ise

Note that in this example it is already loaded.

Create ISE Profile

Now you need to create a profile (this has changed)

To create a profile for the current user use:

if (!(test-path $profile ))
{new-item -type file -path $profile -force}

To edit the new profile use:

psEdit $profile

Then type the following in the ISE Scripting Pane and click Save.

add-pssnapin microsoft.sharepoint.powershell

Test ISE with SharePoint commands

Close/Open ISE and give it a test, now you have ISE enabled with SharePoint

Technet Reference

To create a new profile you need to decide from one of 4 scenarios listed below.

To create a new “Current user, Windows PowerShell ISE” profile, run this command:

if (!(test-path $profile ))
{new-item -type file -path $profile -force}

To create a new “All users, Windows PowerShell ISE” profile, run this command:

if (!(test-path $profile.AllUsersCurrentHost))
{new-item -type file -path $profile.AllUsersCurrentHost -force}

To create a new “Current user, All Hosts” profile, run this command:

if (!(test-path $profile.CurrentUserAllHosts))
{new-item -type file -path $profile.CurrentUserAllHosts -force}

To create a new “All users, All Hosts” profile, type:

if (!(test-path $profile.AllUsersAllHosts))
{new-item -type file -path $profile.AllUsersAllHosts-force}

To edit a profile

To open the profile, run the command psedit with the variable that specifies the profile you want to edit. For example, to open the “Current user, Windows PowerShell ISE” profile, type: psEdit $profile
Add some items to your profile. The following are a few examples to get you started:
- To change the default background color of the Console Pane to blue, in the profile file type: $psISE.Options.OutputPaneBackground = 'blue' . For more information about the $psISE variable, see The ISE Scripting Object Model.
- To change font size to 20, in the profile file type: $psISE.Options.FontSize =20
To save your profile file, on the File menu, click Save. Next time you open the Windows PowerShell ISE, your customizations are applied.

2010

So you want to use the ISE with SharePoint. First add ISE feature then create a new profile by completing the following steps:

ADD ISE
Running powershell as local administrator

import-module servermanager
add-windowsfeature powershell-ise

(HINT) Get-WindowsFeature will display entire list

ADD Profile
Running powershell as sharepoint administrator
Powershell_ISE
Test-Path $profile (if true jump to Open ISO Profile step below)
New-Item $profile -ItemType file –Force

Close current untitled ps1 and open new file created
Open ISE Profile > Open > look in documents for microsoft.powershellies_profile.ps1

add-pssnapin microsoft.sharepoint.powershell

Save File and test by closing ISE and relaunch

(HINT) get-psnapin to display that have been added
(HINT) get-psnapin -registered to display all but ...

Give access to DB use the following powershell from a privileged user shell

$spcdb = get-spcontentdatabase wss_content_intranet
Add-spshelladmin -username contoso\sp_admin -database $spcdb

Reference - Scripting Wife - ISE Profiles
http://blogs.technet.com/b/heyscriptingguy/archive/2011/09/13/the-scripting-wife-creates-a-powershell-ise-profile.aspx

http://blogs.msdn.com/b/kaevans/archive/2011/11/14/add-microsoft-sharepoint-powershell-snap-in-to-all-powershell-windows.aspx

Thursday, November 12, 2015

Codeplex

Check out these cool resources from CodePlex

Tested

Installation
https://autospinstaller.com/ (new)
http://autospinstaller.codeplex.com/

Client Browser
http://autospsourcebuilder.codeplex.com/

SharePoint Client Browser for SharePoint Online and SharePoint on-premise
https://spcb.codeplex.com/

SharePoint 2013 Search Query Tool
http://sp2013searchtool.codeplex.com/

Great Tools from Scott Brickey (Fellow Cincy / Tri-State SPUG member)
http://sdssharepointlibrary.codeplex.com

Workflow Extensions
http://spdactivities.codeplex.com/

Enable Meeting Workspaces in SharePoint 2013
http://sharepointmws.codeplex.com/

Suggested

Scan documents from scanners attached directly to the server
http://embdocumentinhalator.codeplex.com/ SharePoint Manager - browse every site on the local farm and view every property.
http://spm.codeplex.com/

Warm-up Scripts
http://blogs.technet.com/b/praveenh/archive/2013/03/12/sfsgfasg.aspx SP Wakeup - A simple application that touches each site and site collection on a SharePoint or WSS server to rebuild the IIS cache.
http://spwakeup.codeplex.com/releases/view/52800

Master Page Picker
http://spfmasterpageselect.codeplex.com/
http://blog.thedesigndrifter.com/?p=1112 Information or Reference Scot Hillier Presentations
http://hillier.codeplex.com/

Wednesday, November 4, 2015

Displaying XML in SharePoint

So you need to display XML on your page. Using OOTB tools here is a simple method to display XML in SharePoint 2013

Using the demo xml from w3schools

http://www.w3schools.com/xml/xml_xsl.asp

Copy and paste into file … breakfast.xml

<?xml version="1.0" encoding="UTF-8"?>
<breakfast_menu>
<food>
<name>Belgian Waffles</name>
<price>$5.95</price>
<description>Two of our famous Belgian Waffles with plenty of real maple syrup</description>
<calories>650</calories>
</food>
<food>
<name>Strawberry Belgian Waffles</name>
<price>$7.95</price>
<description>Light Belgian waffles covered with strawberries and whipped cream</description>
<calories>900</calories>
</food>
<food>
<name>Berry-Berry Belgian Waffles</name>
<price>$8.95</price>
<description>Light Belgian waffles covered with an assortment of fresh berries and whipped cream</description>
<calories>900</calories>
</food>
<food>
<name>French Toast</name>
<price>$4.50</price>
<description>Thick slices made from our homemade sourdough bread</description>
<calories>600</calories>
</food>
<food>
<name>Homestyle Breakfast</name>
<price>$6.95</price>
<description>Two eggs, bacon or sausage, toast, and our ever-popular hash browns</description>
<calories>950</calories>
</food>
</breakfast_menu>

Copy and paste into file … breakfast.xslt

<?xml version="1.0" encoding="UTF-8"?>
<html xsl:version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
<body style="font-family:Arial;font-size:12pt;background-color:#EEEEEE">
<xsl:for-each select="breakfast_menu/food">
<div style="background-color:teal;color:white;padding:4px">
<span style="font-weight:bold"><xsl:value-of select="name"/> - </span>
<xsl:value-of select="price"/>
</div>
<div style="margin-left:20px;margin-bottom:1em;font-size:10pt">
<p>
<xsl:value-of select="description"/>
<span style="font-style:italic"> (<xsl:value-of select="calories"/> calories per serving)</span>
</p>
</div>
</xsl:for-each>
</body>
</html>

Now using SharePoint upload both files to a document library

Copy the shortcut for the xml file

Using the XML Viewer Web Part

Edit the web part

and paste the URL to the XML file then do the same for the XSLT file and click ok to save your settings

Vola …

Reference from Microsoft

https://support.office.com/en-US/article/Use-the-XML-Viewer-Web-Part-to-display-structured-data-and-XML-based-documents-and-forms-00D6ED40-BD73-4754-B869-0477A034BCFD

Thursday, October 29, 2015

SharePoint RMS – Rights Management

2013

RMS Setup Guide
http://sp-vinod.blogspot.com/2013/08/configuring-information-rights.html

http://sp-vinod.blogspot.com/2013_08_01_archive.html

Good Article

https://social.technet.microsoft.com/Forums/en-US/df9796b5-6a1a-43c7-ac32-c77d2ec68e1c/ad-rms-2012-irm-permissions-for-sharepoint-2013-library?forum=rms

Good Video
http://channel9.msdn.com/Events/SharePoint-Conference/2012/SPC073

More Good Links
http://technet.microsoft.com/en-us/library/jj219596%28v=office.15%29.aspx
http://technet.microsoft.com/en-us/library/jj219785%28v=office.15%29.aspx
http://www.titus.com/blog/2012/11/spc12-diary-day-5-%E2%80%93-information-rights-management-in-sharepoint-2013/

2010

RMS is a complex process, first the AD team has to setup AD RMS then you turn in on in SharePoint. This is similar to the email configuration.

https://technet.microsoft.com/en-us/library/cc179103.aspx

The first part is AD RMS that your AD team needs to setup but since this depends on the server OS. Here is the 2008 setup guide https://technet.microsoft.com/en-us/library/cc753531(v=ws.10).aspx

then SharePoint RMS https://technet.microsoft.com/en-us/library/hh545607(v=office.14).aspx

Technorati Tags: rights management rms

Thursday, October 22, 2015

O365 Troubleshooting

"You do not have an e-mail address" error when you create an alert in SharePoint Online
https://support.microsoft.com/en-us/kb/2650135

Quick Tip - change the target email address for Alerts in SharePoint Online
http://blogs.technet.com/b/lystavlen/archive/2012/08/28/spo-alerts.aspx

Change Alert Email Address
https://social.technet.microsoft.com/forums/sharepoint/en-US/77c9047e-e7e9-4ddf-a863-1c3d5782eae6/how-to-change-alert-email-address

Wednesday, October 21, 2015

User Profile Customization and Import Photos or Pictures

2013

SharePoint - Import a picture from AD for the user profile
http://blogs.technet.com/b/lukeb/archive/2013/01/04/sharepoint-import-a-picture-from-ad-for-the-user-profile.aspx

Using Exchange 2013 high-resolution photos from SharePoint Server 2013
http://blogs.technet.com/b/jenstr/archive/2012/08/17/using-exchange-2013-preview-high-resolution-photos-from-sharepoint-server-2013-preview.aspx

Options for SharePoint User Profile Properties and Photos
http://blogs.msdn.com/b/briangre/archive/2014/03/11/options-for-sharepoint-user-profile-pictures.aspx

Troubleshooting Photos in User Profile Service Application (2013 too!)
http://blogs.technet.com/b/lukeb/archive/2013/01/04/sharepoint-import-a-picture-from-ad-for-the-user-profile.aspx

2010

Import User Pictures from AD to SP2010
http://www.sharepointdiary.com/2013/01/import-user-pictures-from-active-directory-to-sharepoint-2010-mysite.html

Using BCS to Read BLOB Data
http://sharepointpromag.com/sharepoint/using-bcs-read-blob-data

Changing Pattern of User Display Names
http://pholpar.wordpress.com/2013/08/21/importing-sharepoint-user-profile-properties-using-bcs-net-connectivity-assembly/

Photo Management in SharePoint 2010
http://blogs.msdn.com/b/spsocial/archive/2011/01/07/photo-management-in-sharepoint-2010.aspx

Troubleshooting Photos in User Profile Service Application
http://blogs.technet.com/b/lukeb/archive/2013/01/04/sharepoint-import-a-picture-from-ad-for-the-user-profile.aspx

Monday, September 14, 2015

Streaming Video on SharePoint

2016

Add video or audio to a page (2013 – 2016)
https://support.office.com/en-us/article/Add-video-or-audio-to-a-page-b5220c61-e56a-40fd-8754-d06a2e38b492

\Student Recommended
https://vimeo.com/

2013

Corporate YouTube and Video Delivery via SharePoint 2013
(Microsoft Academy custom code)
https://blogs.msdn.microsoft.com/richard_dizeregas_blog/2013/03/29/corporate-youtube-and-video-delivery-via-sharepoint-2013/

Enhanced Video Experience in SharePoint 2013
https://blogs.office.com/2013/03/08/enhanced-video-experience-in-sharepoint-2013/

Estimate capacity and performance for video content management in SharePoint Server 2013
http://technet.microsoft.com/en-us/library/dn169054(v=office.15).aspx

2010

How Microsoft themselves use SharePoint to help 45,000 employees learn better
http://blog.sharepointlearn.com/2012/03/24/how-microsoft-themselves-use-sharepoint-to-help-45000-employees-learn-better/

Streaming Video
http://www.iis.net/learn/media/windows-media-services
Simple Video - OOTB
http://stevemannspath.blogspot.com/2012/12/sharepoint-2013-videos-in-sharepoint.html
Video Inside SharePoint
http://blogs.office.com/b/sharepoint/archive/2013/03/08/enhanced-video-experience-in-sharepoint-2013.aspx

Tuesday, September 1, 2015

Loopback Check

There are two methods to work around this issue that is designed to protect your system from bad internal code or malicious viruses. Introduced on Windows XP SP2 and Windows Server 2003 SP1 to protect from what Microsoft calls to reflection attacks on your computer. These are both well documented on TechNet. https://support.microsoft.com/en-us/kb/896861
Typical syspton in Sharepoint is the windows security box to reappear after you type in a correct username and password. To try again with no luck. If you are getting this check the registry.

Creating a whitelist of good websites is the preferred method seen below. However many SharePoint Admins just totally disabled the check in method 2 also noted below.

Method 1: Specify host names (Preferred method if NTLM authentication is desired)

To specify the host names that are mapped to the loopback address and can connect to Web sites on your computer, follow these steps:

Set the DisableStrictNameChecking
registry entry to 1. For more information about how to do this, click the following article number to view the article in the Microsoft Knowledge Base:
281308 Connecting to SMB share on a Windows 2000-based computer or a Windows Server 2003-based computer may not work with an alias name
Click Start, click Run, type regedit, and then click OK.
In Registry Editor, locate and then click the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
Right-click MSV1_0, point to New, and then click Multi-String Value.
Type BackConnectionHostNames, and then press ENTER.
Right-click BackConnectionHostNames, and then click Modify.
In the Value data box, type the host name or the host names for the sites that are on the local computer, and then click OK.
Quit Registry Editor, and then restart the IISAdmin service.

Method 2: Disable the loopback check (less-recommended method)

The second method is to disable the loopback check by setting the DisableLoopbackCheck registry key.
To set the DisableLoopbackCheck registry key, follow these steps:

Set the DisableStrictNameChecking
registry entry to 1. For more information about how to do this, click the following article number to view the article in the Microsoft Knowledge Base:
281308 Connecting to SMB share on a Windows 2000-based computer or a Windows Server 2003-based computer may not work with an alias name
Click Start, click Run, type regedit, and then click OK.
In Registry Editor, locate and then click the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
Right-click Lsa, point to New, and then click DWORD Value.
Type DisableLoopbackCheck, and then press ENTER.
Right-click DisableLoopbackCheck, and then click Modify.
In the Value data box, type 1, and then click OK.
Quit Registry Editor, and then restart your computer.

Friday, August 21, 2015

Stop using IE

Edge

Test your edge

http://dev.modern.ie/

How funny, check this out!

http://ie6countdown.com/index.html

Thursday, August 13, 2015

Using PowerShell to Find Crawled Properties

2010

Mapping Crawled Properties to Managed Properties can get real tough!

So using PowerShell …

Note after running the above script notice that the xml contains the crawled properties!

For example ows_created_x0020_By =’CONTOSO\brianc’

So when mapping your crawled properties to the managed properties we can now get a true example.

Wednesday, July 22, 2015

2013 Upgrades

Transition Steps – Making the Old New Again!

Old Create Content Screen _layouts/15/create.aspx

Good Series from FBWeb on SharePoint 2013 Upgrades
http://blog.fpweb.net/series/sharepoint-2013-upgrades-in-a-nutshell/

What's New
http://technet.microsoft.com/en-us/library/cc303422.aspx

What's Gone
http://technet.microsoft.com/en-us/library/ff607742%28v=office.15%29.aspx#section1

Office Issues – Office 2010 and 2013 products on same PC
http://sharepoint-community.net/profiles/blogs/sp2013-problem-office-2010-and-an-office-2013-product-on-same

What Might Not Work
http://en.share-gate.com/blog/not-working-after-sharepoint-migration-to-2013

Friday, June 26, 2015

Document Routing in SharePoint – Content Organizer

2010

SharePoint 2010 Content Organizer
Part 1 – A Cool New Feature for Managing Your Content
https://samlman.wordpress.com/2015/02/28/sharepoint-2010-content-organizer-part-1-a-cool-new-feature-for-managing-your-content/
Part 2 - SharePoint 2010 Content Organizer – The Rules Engine
https://samlman.wordpress.com/2015/02/28/sharepoint-2010-content-organizer-part-2-the-rules-engine/
Part 3 - SharePoint 2010 Content Organizer – The Drop Off Library
https://samlman.wordpress.com/2015/02/28/sharepoint-2010-content-organizer-part-3-the-drop-off-library/

UPDATES

Documents can be redirected to document sets but there is a trick.
Copy and paste the Document Set URL since document sets do not appear when you browse during rule creation. Thank you Michal

http://www.sharepointanalysthq.com/2010/09/using-the-content-organizer-to-route-to-a-document-set/

NOTE that the information below is a REPOST

The Content Organizer has the following limitations that you should beware of:

Content Organizer feature is only available in SharePoint 2010 Server and is not part of the SharePoint Foundation 2010.
Content Organizer will only work on content types that are of, or derive from the Document content type, so make sure that you inherit from this content type when creating a custom document library.
You cannot route documents to a Document Set. This one should be on the wish list for the next release!
The routing action is performed using the App Pool account of your Web applications.
You cannot route the document outside of a Web app, farm, or SharePoint at all. All of this could be done with workflow rules instead. In fact, there are a lot of things that should be done with workflow instead of Content Organizer, which is designed to handle document uploads.
There are a whole bunch of events that effect a document library; you should beware the order of executions that could affect the handling of these documents:
- Any workflow that is attached to a document library will be run first
- Next to be executed is Event Receiver, although the actual priority can be set programmatically by the developers
- Last is the Content Organizer.

REPOST

Here is the list of shortcomings:

Supported Content Types must be or inherit from Document, Page, Document Set, Rich Media Asset or Common Indicator Columns. Lists are not supported.
When a document is routed to the final location, if the target library has SharePoint Designer workflows to be started on item creation, they won't be triggered. The Application Pool account is used by the Content Organizer to do the routing and this account does not trigger workflows, by design.
The OOTB Rules only allow 6 conditions.
It doesn't check for the user permissions on the target library. The documents are routed using the System Account (privileged account) which means there isn't a security boundary around what goes where. On the other hand, the Create/Modified fields are not changed, making the actions easily traceable. This is particularly important to have in mind when choosing the overwriting model (see 2. below).
Adding Rule Managers is bugged: it doesn't allow groups.
Different behaviors when checking in a document either using the browser or a client application (i.e. Microsoft Word): when using the browser, the document gets routed immediately, while when using Microsoft Word it is not routed immediately - it will only be routed by the nightly Timer Job. There are other situations where the routing may not be immediate. You could change the nightly Timer Job schedule, but this can have side-effects. For instance, notification mails are sent by this Job, so a large volume of e-mails (rather than 1 a day) may be sent by the Content Organizer, which is not pleasant.
If you are using Lookup fields and OOTB rules, the fields can't have more that 20 values, otherwise the value in the condition doesn't get saved in the rule. The reason for this is that the edit field control for lookup fields changes depending if we have more or less than 20 options and the Content Organizer Rule List doesn't handle it correctly.
[Defect] If you use the Send To functionality to send documents back to the Drop Off Library to be re-routed, they can be deleted permanently. This will happen in the case where the document will be routed to the same location. The root issue is that the move operation in Send To is not atomic: it is a copy to the destination followed by a delete in the origin. This means it is not thread safe. If versioning is used for duplicate submissions, we have a problem. If while these 2 operations are being performed, the Content Organizer job actually does the routing in the meantime, the final result is: copy to Drop Off Library [Send To], routed to original library as a new version [Content Organizer], deleted from the original library - both versions! [Send To]. This defect may not always happen, but it is something to have in mind, it did happen to me! I've had similar behaviours in the past, on another setup, where Publishing a page directly (which corresponds to calling 2 actions in sequence: Submit for Approval + Approve) had conflicts with a workflow running in the background for auto-approving submissions if certain conditions were valid. Basically, the workflow would be processed after the submit action of the Publish and before the Approve, causing the page to get locked. In the case of the Content Organizer, the consequences are far more dangerous.
[Defect] If you have try to develop customizations on top of the Drop Off Library, such as an Event Receiver or Workflow, that creates a new version of the document (an example would be automatic tagging), and check it in as System Account (to identify it as a system change), the Content Organizer Event Receivers can create a new version with modified permissions (System Account + Rule Managers) and the Modified By field will actually be set to the first Content Organizer Rule Manager in the list (!!). I have not experienced this in every Content Organizer setup, so I am guessing this may be dependent on a specific set of configurations or SharePoint version to happen.
There is a feature called "E-mail Integration with Content Organizer", but according to some people's investigation (and Microsoft feedback) this is only a legacy for Exchange 2007 and should not be used for this purpose in SPS2010 (see here).

Some other important points to notice:

One of the options provided is to force the usage of the Drop Off Library. This enforcing will only happen on libraries that are the target of a rule. Also, if users use the Windows Explorer to upload the files, this enforcing will not happen.
Be very aware of the overwriting documents option. If you do not have versioning enabled in the destination library, if you upload a document with the same name, it can permanently overwrite the existing document. In a large system, with versioning enabled, it is also unsettling for the users to have the Content Organizer routing document from the Drop Off Library to a Destination Library as a new version. If it was just an accidental duplicate naming, users will certainly be confused and can even lost track of the previous document.
Unique permissions when a document does not match any rule: only the Creator and the Rule Managers will have permissions to see the document. I believe this is a good thing, but consider this behaviour if you have the idea of implementing any workflow (or similar) on the Drop Off Library.
Content Types must be defined on the Site Collection / Site level, otherwise they can't be used on the configuration. This actually makes some sense, you shouldn't be defining your Content Types on library / list level anyway.

SharePoint 2010 Content Organizer Part 1 - A Cool New Feature for Managing Your Content [TechNet]

Metadata-based routing and storage overview (SharePoint Server 2010) [TechNet]

http://sharepointlessons.blogspot.com/2010/03/content-organizer-document-routing.html

http://www.get-sp.com/2014/05/problems-with-content-organizer-10.html

Creating Host Name Site Collection via PowerShell

Updates

Note that you can use a wildcard entry as per this blog thx Todd

Microsoft now recommends using no host header
https://technet.microsoft.com/en-us/library/cc424952.aspx#section2a

CREATING HOST-NAMED SITE COLLECTIONS IN SHAREPOINT 2013

https://sergeluca.wordpress.com/2014/01/13/creating-host-named-site-collections-in-sharepoint-2013/

http://www.benjaminathawes.com/2013/12/11/using-host-named-site-collections-in-sharepoint-2013-with-mysites/

Quickly Migrate SharePoint Path-based to Host-named Site Collections Using Feb 2015 PU

http://thesharepointfarm.com/2015/02/quickly-migrate-sharepoint-path-based-host-named-site-collections/

NHSC Lab without Host Header

Note you will need to add the following for the above example powershell to work properly.

Create managed account called … 'Contoso\JDoe'
DNS CNAME Record for portal.contoso.com using ‘nyc-sp1’

Three lines of powershell from Technet

New-SPWebApplication -Name 'Contoso Sites' `
-port 80 -ApplicationPool ContosoAppPool `
-ApplicationPoolAccount `
(Get-SPManagedAccount 'Contoso\JDoe') `
-AuthenticationProvider ~
(New-SPAuthenticationProvider `
-UseWindowsIntegratedAuthentication)

New-SPSite 'http://nyc-sp1' -Name 'Portal' `
-Description 'Portal on root' `
-OwnerAlias 'contoso\administrator' `
-language 1033 -Template 'STS#0'

New-SPSite 'http://portal.contoso.com' `
-HostHeaderWebApplication 'http://nyc-sp1' `
-Name 'Portal' -Description 'Customer root' `
-OwnerAlias 'contoso\administrator' `
-language 1033 -Template 'STS#0'

I don’t like the database name from Technet code so think about creating database with a better name!

add -databasename ContosoSites

NHSC Lab using Host Header

So the future for Microsoft is to use Host Named Site Collections and since we have no GUI, my challenge has been to script this via PowerShell. But many examples on the web have come up short and since I have been real busy this project has been put on the back burner. Finally!

For my students, I am using 20331 Lab 8 but you can use any SharePoint farm, but you will need to modify the IP address and domain names as needed.

Using 20331 Lab 7/8 verified

Prerequisite #1 - Create DNS Records

A Record
webapp.contoso.com – 172.16.1.22
CNAME Records
root.contoso.com - webapp.contoso.com
companyA.contoso.com - webapp.contoso.com
companyB.contoso.com - webapp.contoso.com

Prerequisite #2 – Add 172.16.1.22 to NIC

Prerequisite #3 – Edit BackConnectionHostNames

Using regedit navigation to

add values for the all four sites added to DNS earlier.

Prerequisite #4 – Here is the script

   1:  # Using 20331 lab 8 vm

   2:  # DNS and TCPIP prerequisites

   3:  # create A record for webapp.contoso.com `
to 172.16.1.22 and add 172.16.1.22 to NIC

   4:  # create cname records to webapp.contoso.com`
for webapp, root, companya, companyb

   5:  # add sites to backconnectionhostnames if`
 needed

6:

   7:  # Load SharePoint PowerShell Snapin

   8:  Add-PSSnapin microsoft.sharepoint.powershell

9:

  10:  # Web Application Variables

  11:  $webapphostheadersimple = 'webapp.contoso.com'

  12:  $webapphostheader = 'http://webapp.contoso.com'

  13:  $webappname = 'Portal WebApp'

  14:  $language = '1033'

  15:  $ipaddress = '172.16.1.22'

16:

  17:  # Site Collection Variables

  18:  $RootSC = 'http://root.contoso.com'

  19:  $rootSCname = 'Root Site'

  20:  $HNSC1 = 'http://companyA.contoso.com'

  21:  $HNSC1name = 'Company A'

  22:  $HNSC2 = 'http://companyB.contoso.com'

  23:  $HNSC2name = 'Company B'

24:

  25:  $rootsitetemplate = 'STS#0'

  26:  $sitetemplate = 'BLANKINTERNET#0'

  27:  $webdb = 'wss_content_portal'

28:

  29:  # Account Variables

  30:  $owneralias = 'contoso\administrator'

  31:  $serviceaccount = 'contoso\spcontosocomapppool'

32:

  33:  # Create Authentication Provider

  34:  $ap = new-spauthenticationprovider -usewindowsintegratedauthentication

35:

  36:  # Create New Web Application

  37:  new-spwebapplication -name $webappname `
-hostheader $webapphostheadersimple -port 80 `
-applicationpool $webappname -applicationpoolaccount`
 $serviceaccount -databasename $webdb `
-allowanonymousaccess -authenticationprovider $ap

38:

  39:  # Create IIS Binding

  40:  new-webbinding -name $webappname `
-hostheader "*" -ipaddress $ipaddress `
-port 80 -protocol http

41:

  42:  # Create root site collection

  43:  new-spsite $RootSC -hostheaderwebapplication`
 $webapphostheader -name $rootSCname –description `
 $rootSCname -owneralias $owneralias -language`
 $language -template $rootsitetemplate

44:

  45:  # Create host named site collection for CompanyA

  46:  new-spsite $HNSC1 -hostheaderwebapplication`
 $webapphostheader -name $HNSC1name -description`
 $HNSC1name -owneralias $owneralias -language`
 $language -template $sitetemplate

47:

  48:  # Create host named site collection for`
 CompanyB

  49:  new-spsite $HNSC2 -hostheaderwebapplication`
 $webapphostheader -name $HNSC2name -description`
 $HNSC2name -owneralias $owneralias -language`
 $language -template $sitetemplate

Results – Here are site collections and web application

Option Step - If needed edit IIS bindings

Appears to work fine with unassigned binding for webapp.contoso.com

Multiple zones for host named site collections in SP2013

https://blogs.msdn.microsoft.com/brian_farnhill/2014/07/07/multiple-zones-for-host-named-site-collections-in-sp2013/

SharePoint 2010 HNSC

https://blogs.msdn.microsoft.com/kaevans/2012/03/27/what-every-sharepoint-admin-needs-to-know-about-host-named-site-collections/

Create Site Collections via PowerShell

2013

Renaming Site Collections

$site = Get-SPSite http://portal.contoso.com/sites/demo
$uri = New-Object System.Uri("http://demo.contoso.com")
$site.Rename($uri)

Thx Todd - How to Rename SharePoint 2013 Site Collections Without Prayer or Sobbing

Host Named Site Collections

For my students, I am using 20331 Lab 8 but you can use any SharePoint farm, but you will need to modify the IP address and domain names as needed

http://thecloudengineer.blogspot.com/2014/09/creating-host-name-site-collection-via.html

2010 Archive

How do you create multiple site collections via PowerShell?

The following script allows you to create a site collection with a dedicated content db and url.

First you set an array with the site collection names, then add managed path, content db and site collections for each url in the array.

$a = ("Engineering", "Sales")
ForEach($url in $a)
{
New-SPManagedPath -relativeurl /$url -webapplication http://intranet.contoso.com -explicit

New-SPContentDatabase -Name WSS_Content_Intranet_$url -WebApplication http://intranet.contoso.com

New-SPSite -Url http://intranet.contoso.com/$url -ContentDatabase WSS_Content_Intranet_$url -OwnerAlias CONTOSO\SP_Admin -Template "STS#0"
}

Special Site Collections

Hosted Named Site Collections (great article)
http://blogs.msdn.com/b/kaevans/archive/2012/03/27/what-every-sharepoint-admin-needs-to-know-about-host-named-site-collections.aspx

http://blogs.msdn.com/b/markarend/archive/2012/05/30/host-named-site-collections-hnsc-for-sharepoint-2010-architects.aspx (scripts confirmed)

How to Create Host Named Site Collections (I found some good code samples and reposted below in case of site deletion) Note you need to add the DNS entries for both.

http://mshorrosh.blogspot.com/2014/02/quick-guide-to-implementing-host-name.html

   1:  #"Add SharePoint Cmdlets"

   2:  add-pssnapin microsoft.sharepoint.powershell

3:

   4:  # Web App Variables

   5:  $WebAppDefault = "SharePoint - HSNC Example"

   6:  $Port = "80"

   7:  $AppPool = "HSNCAppPool"

   8:  $Account = "domain\svc-apppoolaccount"

9:

  10:  # Root Site Variables'

  11:  $RootHHDefault = "myrootsite.com"

  12:  $RootURLDefault = "http://myrootsite.com"

  13:  $Owner = "domain\svc-farmaccount"

  14:  $RootDB = "RootDB"

  15:  $Lang = "1033"

  16:  $Template = "blankinternetcontainer#0"

17:

  18:  # HSNC Site Variables

  19:  $HNSCSITE1 = "http://hnsc1.com"

  20:  $HNSCSITE2 = "http://hnsc2.com"

21:

  22:  # Create Web App

  23:  New-SPWebApplication -Name $WebAppDefault -hostHeader $RootHHDefault -Port $port -ApplicationPool $AppPool -ApplicationPoolAccount (Get-SPManagedAccount $Account) -AuthenticationProvider (New-SPAuthenticationProvider –UseWindowsIntegratedAuthentication) -DatabaseName $RootDB -AllowAnonymousAccess

  24:  echo "Web App created"

25:

  26:  # Create Root Site Collection

  27:  New-SPSite $RootURLDefault -Name 'Root Site' -Description 'External Root Site Collection' -OwnerAlias $Owner -language $Lang -Template $Template

  28:  echo "Root Site Collection created"

29:

  30:  # Create HNSC 1

  31:  New-SPSite $HNSCSITE1 -HostHeaderWebApplication (get-spwebapplication $RootURLDefault) -Name 'Site 1' -Description 'HNSC Site1' -OwnerAlias $Owner -language $Lang -Template $template

  32:  echo "HNSC 1 Site Collection created"

33:

  34:  # Create HNSC 2

  35:  New-SPSite $HNSCSITE2 -HostHeaderWebApplication (get-spwebapplication $RootURLDefault) -Name 'Site 2' -Description 'HNSC Site2' -OwnerAlias $Owner -language $Lang -Template $template

  36:  echo "HNSC 2 Site Collection created"

http://www.sharepointdiary.com/2014/06/create-host-named-site-collections-in-sharepoint-2013.html

   1:  Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue

   2:  #Set variables for New web application creation

   3:  $WebAppName = "HNSC Host Web Application"

   4:  #Variables for new Application Pool

   5:  $AppPoolName = "HNSC App Pool"

   6:  #Get the existing Managed Account

   7:  $AppPoolAccount = Get-SPManagedAccount "Crescent\SvcAppPool"

   8:  #To utilize existing AppPool, Use: Get-SPServiceApplicationPool <AppPoolName>

   9:  $ContentDatabase = "SP13_HNSC_Content"

  10:  $AuthProvider = New-SPAuthenticationProvider –UseWindowsIntegratedAuthentication

  11:  #Create the web application

  12:  $WebApp = New-SPWebApplication -ApplicationPool $AppPoolName -ApplicationPoolAccount $AppPoolAccount

   1:  $ServerName = "http://G1WFE01"

   2:  New-SPSite -URL $ServerName -Name "HNSC Root" -OwnerAlias "Global\SvcOwner"

   1:  $HostURL = "http://WFE01"

   2:  $OwnerID = "Crescent\Support"

   3:  $OwnerMail= "Support@Crescent.com"

   4:  $SiteURL = "http://sales.crescent.com"

   5:  $TemplateVal ="sts#0" #Team Site

   6:  #Create the HNSC

   7:  New-SPSite -url $SiteURL -HostHeaderWebApplication $HostURL -owneralias $OwnerID -owneremail $OwnerMail -Template $TemplateVal

Unlike SharePoint 2010, SharePoint 2013 allows managed paths in host named site collections. Here is how: Create a new managed path "teams"

   1:  New-SPManagedPath "Teams" –Hostheader

   1:  $HostURL = "http://WFE01"

   2:  $OwnerID = "Crescent\Salaudeen"

   3:  $OwnerMail= "Support@Crescent.com"

   4:  $SiteURL = "http://Sales.crescent.com/teams/cloud"

   5:  $SiteName = "Clould Sales Team"

   6:  $TemplateVal ="sts#0"

   7:  #Get the Host named site collection by its name

   8:  $webApp = Get-SPWebApplication $HostURL

   9:  #Create new Host-named site under the managed path

  10:  New-SPSite $SiteURL -OwnerAlias $OwnerID -HostHeaderWebApplication $webApp -Name $SiteName -Template $TemplateVal

Wednesday, April 29, 2015

SharePoint Security

Security 101

Concerns

Edward Snowden, SharePoint, and Security
https://www.credera.com/blog/technology-insights/microsoft-solutions/edward-snowden-sharepoint-security/

Pentest – Phases

Recon
Scan
Gain Access
Maintain Access
Cleanup
Pivot

https://en.wikipedia.org/wiki/Penetration_test
https://windsorwebdeveloper.com/comptia-pentest-study-guide/

Tools

https://www.kali.org/
https://nmap.org/

Tutorials – NMAP Zenmap MegaPing
https://www.youtube.com/channel/UCtudLj18oXlrzrPHqKC5bLA

News

WikiLeaks CIA Files: The 6 Biggest Spying Secrets Revealed By the Release of 'Vault (2017)

https://yro.slashdot.org/story/17/03/07/2124251/wikileaks-cia-files-the-6-biggest-spying-secrets-revealed-by-the-release-of-vault-7

“”1,2,3, and 5 were revealed with the documents that Edward Snowden released to The Guardian and was subsequently detailed in at least a couple of the books written about that leak including Data and Goliath by Bruce Schneier and The Snowden Files by Luke Harding.

The NSA and CIA also maintain a cache of vulnerabilities they have discovered but kept to themselves and not shared with Microsoft, Android/Google or Apple as well as the other operating system vendors so they can perform surveillance on any company running those OS.

This activity has been approved by the FISA court all in the name of Homeland security but not necessarily restricted to that activity.” George