• Save
StLouis SharePoint Users Group Apr 2012 - Sly - Fix It
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

StLouis SharePoint Users Group Apr 2012 - Sly - Fix It

on

  • 478 views

 

Statistics

Views

Total Views
478
Views on SlideShare
478
Embed Views
0

Actions

Likes
0
Downloads
0
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • Global solutions delivery and support for large pharmaMain farm went live the day of RTM May 12, 2010
  • BUGUnable to upload profile imagesAlerts sent at incorrect times after DST changeX service won’t do Y actionAnnoyanceErrors in event viewer, ULS logs or elsewhereUnexpected resultsInconsistencies
  • Repeated Security PromptsSlow App Pool Spin upsGuid After database namesLines are blurredBlame as a differentiator
  • A better experience for adminsIncreased productivityQuality Assurance for farmsNew BuildsExisting / OngoingEases troubleshootingConsistent baseline“known good state”
  • SHOW ITIL IMAGESHOW MICROSOFT OPERATIONS FRAMEWORK IMAGESHOW PDCA IMAGENEXT SLIDE
  • Customer Experience Improvement programCollects information about microsoft products and submits them annonymously to MS
  • SHOW IMPORT TIMELINEHIGHLIGHT START TIMEHIGHLIGHT SYNC TIMEHIGHLIGHT MOSSFIX?Not sure you canChange central admin web app time zone
  • Central Admin > Managed Web Applications > SharePoint Central Admin then General SettingsAdjust the time zoneBefore UPA creation and After UPA creation, no luckOthertimezone settings fruitless
  • Show MS TechNet PopUpMicrosoft.SharePoint.Portal assembly is attempting to load the TaxonomyPicker class, however this is no actual taxonomy picker class.Powershell / PS RemotingPart of your build processspdisabletaxpicker.codeplex.comPS: http://gallery.technet.microsoft.com/scriptcenter/32d06697-ab7f-447e-9d0e-b6d93bee3fdahttp://www.sharepointdan.com/2010/05/19/taxonomypicker-ascx-bug-sp2010-rtm/
  • Show Fix
  • Central Admin > Managed Web Applications > Web Application Policy
  • DefinewebappDefine superreader and superuser accountsUpdate web app policy for each userSet superreader and superuser property
  • Finally this is being tracked as a bug and will hopefully be fixed in an upcoming cu
  • Only “critical” issues make yellow warning bar appear
  • Arrow to Rule SettingsShow Rule SettingsShow RuleArrow to Edit ItemsShow Delete Item
  • Important to look and VALIDATE these warningsEspecially after code migration
  • “central administration > manage service applications > user profile service application”CLICK SHOW SYNCConfigure your sync connections – adjust OU, etcCLICK SHOW CENTRAL ADMIN SYNC CONNECTIONS
  • Automation?WSP Solution exists clunky configurationNeed for customization
  • Add your SharePoint URLs to the local intranet zone in IENot trusted sites, lowered security level, etcUse group policy to push changes to all PCsConfigure Kerberos properlySet SPNs THEN switch your authentication providerLoopback CheckDisable or re-configureLoopBack XP SP2, Server 2003 and up include a loopback check security feature – authentication fails if the FQDB or custom host header does not match the local computer name Specify hostnames Disable loopback
  • I did an experiment last night…    I took a single server SharePoint 2010 environment (no domain, sql server on the same machine) … one web app running as the default system account.  I did each thing 5 times and then averaged them out. I measured two things: the time for the front page of a team site to refresh after doing an iisreset and the time for the same page to refresh after recycling the app pool.   WITH an internet connection the refresh after an iisreset were around 52 seconds – after the recycle it was around 23 seconds.   WITHOUT an internet connection the same numbers were 22 seconds for the iisreset and 13 seconds for the app pool recycles. I pointed crl.microsoft.com to 127.0.0.1 via the local host and saw absolutely no difference.   I then ran this script ..    http://joelblogs.co.uk/2011/09/20/certificate-revocation-list-check-and-sharepoint-2010-without-an-internet-connection/ That uses powershell to do two things 1) scans the registry and sets entries to disable CRL 2) scans for your .netmachine.config files and adds an entry to disable CRL After that I did two iisresets (numbers were the same on the first iisreset – I’m guessing that it does the crl check before it picks up the new settings to disable the crl check.. makes sense from a security standpoint) and the numbers for the iisresets and app pool recycles were the same. In short:Disabling the CRL Check does make a difference – it was the opposite as far as with/without internet access that I was expecting – but if anyone has slow app pool spin up we should definitely try this! 
  • I did an experiment last night…    I took a single server SharePoint 2010 environment (no domain, sql server on the same machine) … one web app running as the default system account.  I did each thing 5 times and then averaged them out. I measured two things: the time for the front page of a team site to refresh after doing an iisreset and the time for the same page to refresh after recycling the app pool.   WITH an internet connection the refresh after an iisreset were around 52 seconds – after the recycle it was around 23 seconds.   WITHOUT an internet connection the same numbers were 22 seconds for the iisreset and 13 seconds for the app pool recycles. I pointed crl.microsoft.com to 127.0.0.1 via the local host and saw absolutely no difference.   I then ran this script ..    http://joelblogs.co.uk/2011/09/20/certificate-revocation-list-check-and-sharepoint-2010-without-an-internet-connection/ That uses powershell to do two things 1) scans the registry and sets entries to disable CRL 2) scans for your .netmachine.config files and adds an entry to disable CRL After that I did two iisresets (numbers were the same on the first iisreset – I’m guessing that it does the crl check before it picks up the new settings to disable the crl check.. makes sense from a security standpoint) and the numbers for the iisresets and app pool recycles were the same. In short:Disabling the CRL Check does make a difference – it was the opposite as far as with/without internet access that I was expecting – but if anyone has slow app pool spin up we should definitely try this! 
  • BenefitsOnly have to run psconfig onceConsistency with builds
  • Multiple Drives on server – similar to SQLUnderstand the read write characteristics of each fileULS Log > Write IntensiveCrawl Index > Write IntestiveQuery Index > Read IntensiveNetwork capacity to shuffle files via BITS (Background intelligent Transfer Service)
  • Make it easy on yourselfCreate shortcuts for Central AdminUtilize RDP Management softwaremRemote, RDCMan, VisualTS or just create .rdp filesThink about server names and IP addresses when architecting your farm logical naming structure along with logical IP addresss 10.10.10.100 for wfes 10.10.10.200 for apps 10.10.10.300 for sql (10.10.10.101 wfe1)Document, diagram and do it againConsider OneNote
  • Theres already a problem, why make it worseUtilize SharePoint Log Viewer to view ULS Logshttp://sharepointlogviewer.codeplex.comPoint all servers at themselves via host filesUnless your crawl layouts prevent thisPowerShell? Of course!
  • System Center 2007 R2System Center 2012Full integrationCan view System Center data within SharePointSearch ReportsWeb Analytics
  • Application and System

StLouis SharePoint Users Group Apr 2012 - Sly - Fix It Presentation Transcript

  • 1. Resources: Pg1TaxonomyPicker.ascx fix:Solution to fix: http://spdisabletaxpicker.codeplex.comPowerShell to fix: http://gallery.technet.microsoft.com/scriptcenter/32d06697-ab7f-447e-9d0e-b6d93bee3fdaCreate local profiles:runas /u:domainsp_portal_prd /profile cmdpsexec.exe -u domainsp_portal_prd -p passwordStart-Process -WorkingDirectory “$env:SYSTEMROOTSystem32” -FilePath “cmd.exe” -ArgumentList “/C” -LoadUserProfile -NoNewWindow -Credential $credentialManaged Metadata load balancing:Get-SPServiceInstance | Where {$_.TypeName -eq "Managed Metadata Web Service"} | Stop-SPServiceInstanceRun All Health Analyzer Rules:Get-SPTimerJob | Where {$_.Name -like "*Health*" -and $_.Name -like "*-all-*"} | Start-SPTimerJob
  • 2. Object output cache accounts: Pg2$webapp = Get-SPWebApplication http://url.to.portal$superreader = "domainsp_superreader_prd"$superuser = "domainsp_superuser_prd"$policy = $webapp.Policies.Add($superuser, $superuser)$userpolicy = $webapp.PolicyRoles.GetSpecialRole("FullControl")$policy.PolicyRoleBindings.Add($userpolicy)$webapp.Properties["portalsuperuseraccount"] = $superuser$webapp.Update()$policy = $webapp.Policies.Add($superreader, $superreader)$userpolicy = $webapp.PolicyRoles.GetSpecialRole("FullRead")$policy.PolicyRoleBindings.Add($userpolicy)$webapp.Properties["portalsuperreaderaccount"] = $superreader$webapp.Update()
  • 3. Central Admin Resources Links: Pg3http://sp2010resourcelinks.codeplex.com/PowerShell to create farm:New-SPConfigurationDatabase -DatabaseName SharePoint_Config -DatabaseServer "SP_SQL_DB" -AdministrationContentDatabaseName SharePoint_Admin_ContentInstall-SPHelpCollection -AllInitialize-SPResourceSecurityInstall-SPServiceInstall-SPFeature -AllExistingFeaturesNew-SPCentralAdministration -Port 8888 -WindowsAuthProvider "NTLM"Install-SPApplicationContentScript to disable CRL checks:http://joelblogs.co.uk/2011/09/20/certificate-revocation-list-check-and-sharepoint-2010-without-an-internet-connection/
  • 4. Project Management Microsoft CRM SQL ServerCloud Office 365Extranets Internets We help technology leaders successfully implement business solutions that achieve significant and sustainable results. Workflow Silverlight "Every project matters..." Intranets SharePoint Business Intelligence
  • 5. FixIt:Annoyances, bugs, and mistakes in SharePoint 2010 Neil R Sly Covenant Technology Partners
  • 6. CreditsMike HenthornReena SardesaiMelissa Meyer Todd KlindtThank You to my colleagues fromCovenant for their assistance in gathering Joel Jefferyproblems and testing fixes. Some of the Shane Younginformation and scripts were sourcedand altered from members of the Ed Wilsoncommunity especially: Brian Jackett Joel Oleson
  • 7. About Me• MCITP: Neil Sly – Enterprise Administrator Consultant – Covenant Technology Partners – SharePoint 2010 nsly@mailctp.com• MCTS: http://sly.us – MOSS 2007 @nrs – Forefront Endpoints & Apps• VMware – VCP 4• ITIL – Service Management v3• Experience – Largest SharePoint consumer – SharePoint 2010 TAP – Enterprise Search SME
  • 8. • Defining what and why• False errors• Annoyances• Mistakes• Don’t screw up
  • 9. What? Error, flaw, mistake, failure or fault made on behalf of the product vendor that… – Bug results in service impact or outage –Annoyance has no service impact or outage
  • 10. What? – Mistake made on behalf of the administrator or user that… Results in » Service impact or failure not caused by a bug » Unexpected or undesired result » Performance issues » Security concerns » Poor user experience
  • 11. Why?• A better experience for admins• Quality Assurance for farms• Eases troubleshooting
  • 12. Why? – Quality Improvement & Compliance• ITIL – Service Lifecycle • No true Service Strategy • CSI• MOF – Service Lifecycle (again) – NO • Stabilize, Service Control, Monitoring • Problem Management• Six Sigma, PDCA, etc – If “check” is broken, there is no do and act
  • 13. Event 6398 – SPSqmTimerJobDefinitionLikely caused by the CEIP timer job failingCentral Admin > Monitoring > Check Job Status Disable
  • 14. Profile import time stamps
  • 15. Profile import time stamps Fix: Manually adjust per UTC offset and servers time zone
  • 16. TaxonomyPicker.ascx KB: 2481844Fix:• Rename TaxonomyPicker.ascx to TaxonomyPicker.asx_broken on ALL servers• Modify File on ALL servers• Automate
  • 17. Event ID 1511 – Cannot find local profileManaged accounts don’t have local profilesSystem Properties > Advanced Tab > User Profiles
  • 18. Event ID 1511 – Cannot find local profileFix:First grant permission to logon locally then create them• Manually logon to each server in farm as each account• Use runas runas /u:domainsp_portal_prd /profile cmd• Use psexec psexec.exe -u domainsp_portal_prd -p password• Use PowerShell Start-Process -WorkingDirectory “$env:SYSTEMROOTSystem32” -FilePath “cmd.exe” -ArgumentList “/C” -LoadUserProfile -NoNewWindow -Credential $credential
  • 19. Event 7362 – Object Cache AccountsFix:Utilize your superuser and superreader accounts
  • 20. Event 7362 – Object Cache AccountsThe hard way1) First grant permissions2) Then set the accounts
  • 21. Event 7362 – Object Cache AccountsThe Easy way, with PowerShell
  • 22. Event 8313 – Managed Metadata LoadbalancingManaged Metadata Service cannot (currently) run on multiple servers1) Stop on each server or2) Start on only ONE server
  • 23. Health Analyzer Rules
  • 24. Health Analyzer Rules 1Edit the rule before you edit the item
  • 25. 24 3
  • 26. Health Analyzer Rules
  • 27. Health Analyzer RulesMissing server side dependencies
  • 28. Health Analyzer RulesMissing server side dependenciesFix:1)2) Visit: http://SPApp1:8000/SearchAdministration.aspx http://SPApp1:8000/SearchFarmDashboard.aspx
  • 29. Health Analyzer RulesRun all health analyzer rules on demandReview all health analyzer rules on your farm1)2)
  • 30. Central Admin NavigationIssue: Broken breadcrumb
  • 31. Central Admin NavigationIssue: Broken breadcrumb
  • 32. Horrible horrible GUIDs Much better Terrible
  • 33. Horrible horrible GUIDsFix:PowerShell of courseRename your Databases if you must
  • 34. Authentication• Add your SharePoint URLs to the local intranet zone in IE• Configure Kerberos properly• Loopback Check
  • 35. Disable CRL Check (or not)Symptom: Very slow app pool spin up & recyclesCRL: Certificate Revocation List• No outside internet connection• Internet connection via proxy / filter
  • 36. Disable CRL Check (or not)Trial and Error• Entry for crl.microsoft.com in hosts file• Allow crl.microsoft.com via network policy• Registry entries in – HKEY_CURRENTUSER – HKEY_USERS • SoftwareMicrosoftCurrentVersionWinTrustTrust ProvidersSoftware Publishing• Edit machine.config – Multiple files• Of course we can use PowerShell
  • 37. Slipstream your installation media• Good for SharePoint 2010, Office Web Apps and Project Server• Combine base installation, service packs and CUs to save time and effort
  • 38. Slipstream your installation media1. Start with SP1 Media2. Extract your files3. Combine your Updates Place CU into the “Updates” folder Overwrite if needed
  • 39. Move your files• Change ULS Log location• Change Search index location – Modify Topology • Crawl (temporary) index • Query index
  • 40. Set up your workspace• Make it easy on yourself – Create shortcuts for Central Admin – Utilize RDP Management software – Think about server names and IP addresses when architecting your farm – Document, diagram and do it again
  • 41. Ease troubleshooting• Utilize SharePoint Log Viewer to view ULS Logs http://sharepointlogviewer.codeplex.com• Point all servers at themselves via host files
  • 42. Monitoring• System Center 2007 R2• System Center 2012• Search Reports• Web Analytics
  • 43. Monitoring• Event Viewer • Use Task Scheduler to fire script on an event
  • 44. Summary• Defining what and why• False errors• Annoyances• Mistakes• Don’t screw up