Friday, December 21, 2012

Adding a new DMZ WFE server to an existing internal SharePoint/Project Server 2010 farm (Tips and Tricks)


Environment: SharePoint / Project Server 2010 /SQL Server 2008 R2


Scenario:

My client requested to expose our existing internal SharePoint/Project Server (EPM) environment outside of the firewall to access the environment from internet. The proposed solution should be addressed not only for our internal corporate users but also for our external members or partners. Those external members should not have the same internal domain (Domain1) designated for internal employees.

Infrastructure:

Our infrastructure is composed of one WFE sever, one Application server and a SQL server cluster environment. Both WFE and App server are virtual servers. SQL Server is a physical server.

We are adding a new WFE server that resides on DMZ (outside of the firewall) on different domain (Domain2). We established one way trust from Domain 2 to Domain 1 so the additional DMZ WFE server will recognize Domain 1 user’s authentication. Our users will access the environment with https (SSL certificate)


Steps:

Following steps are very important (with the sequence) to get it setup based on my successful implementation experience.

1-    Install all the pre-requisite software components including SQL Management studio, Configuration Manager, Analysis Mgmt object (AMO) for OLAP cube etc.
2-    Work with your Firewall team to open the following ports before starting the actual installation

Source                       Destination                    Rule

DMZ WFE Server             SQL Server                      TCP/IP: 9914   (as per DBA)
IP address                         IP address

DMZ WFE Server             APP Server                      TCP: 32844 (https)
IP address                        IP address                        TCP: 32843 (http)

DMZ WFE Server             APP Server                      TCP: 445 (https) (for SMB)
IP address                        IP address                        UDP: 445 (http)

Internet                             DMZ WFE Server             TCP: 443 (SSL)
                                         IP address



3-    Make sure your server support department has created a DNS that is pointing to external IP address (DMZ WFE Server)
4-    Install both SharePoint and Project Server binaries (don’t SharePoint Wizard now)
5-    Install Service pack (SP1) and exactly the same Cumulative updates (CU) you have on the other existing internal WFE and APP server (don’t run SharePoint Wizard)
6-    In SQL Configuration manager, create DB client Alias. Make sure you use the same Alias name what you have used in the current existing environment. It is very important otherwise your setup SharePoint Wizard will be failed in step # 3.
7-    You can use SharePoint Auto-installer script to automate step 4 – 6. The script can be found in Codeplex (but not required).
8-    Once the new DMZ WFE server is joined to an existing farm, complete the following process

·         Go to SharePoint Central Admin site
·         Extend the Web Application you want to expose outside. This is very important step otherwise you can’t access any sites except the main root site.
·         Make sure you put correct host name (AppName.companydomain.com) and port 443 to access application site via https.
·         Go to DMZ WFE server, open IIS and apply SSL certificate. Make sure you apply SSL certificate on ALL the internal WFE server. It is important.

9-    After completing all the above steps, you should be able to access your application from outside with both domains (Domain1 and Domain2).



Issues/ Limitations /Solutions:


1-   Project Server 2010 Synchronization Failed:

To establish one way trust between two domains, can only resolve SharePoint authentication issue but Project server Sync will not work and not recognize Domain2 AD groups or users. SharePoint and Project server are totally different logic. SharePoint depends on NT account, but Project Server needs Display name of the user’s account so if the nearest global catalog does not have all info; it will not be able to fetch all the information. You must establish two way trust to make it work.


In my case, my company policy does not allow to establish two way trusts for security reasons. In that way, PWA sync process can’t work. We had very limited external users (with Domain2) who plan to use PWA access. The work around is as below

·         Go to Central Admin site
·         Go to Services on server
·         Select your new added DMZ WFE Server
·         Start the Project Application service
·         Now you can add Domain2 Users in PWA manually.

2-   Search is not working when accessing SharePoint sites from Internet:

To make it work, follow the below steps…

·         Go to Central Admin site
·         Click Manage Service application
·         Click Search Service application
·         Under ‘Search Application Topology’ section, click ‘Modify’ button
·         Click ‘New’ >> ‘Indexed partition and query component’ option
·         Select DMZ WFE Server, associated existing search database, update the query path and click OK.
·         The above steps will run ‘SharePoint Server Search” service on DMZ WFE server
·         You should be able to search your contents now.


I hope all the above steps will help to setup your infrastructure properly and error free. Please leave any comments if you want to share.
Posted by Ijaz Syed Rasheed, PMP at 11:16 AM 2 comments
Labels: , ,

Tuesday, August 7, 2012



Environment: SharePoint 2010 / Powershell

Issue:

I have been asked by a colleague about an issue in SharePoint 2010 Management Shell command prompt. The issue was how to use loop(for e.g. For each loop) in this command prompt to print names of a document list library within a SharePoint site. 


Solution:

 Here is an example. The trick is that once you complete your statement and close your parenthesis then press TWO enters to get your output (see below). Users only click one time to get result and think it is not working. 

#================================================================================
# The following cmdlets use Foreach loop on Powershell cmd prompt with a condtion to show only PDF file #
#===============================================================================#

PS C:\Users\epmadminproc_d> $SPWeb = Get-SPWeb -identity  http://site/pws/projectsite1
PS C:\Users\epmadminproc_d> $SDlist = $SPWeb.Lists["Site Documents"]
PS C:\Users\epmadminproc_d> $view = $SDlist.Views["All Documents"]
PS C:\Users\epmadminproc_d> $Items = $SDlist.GetItems($view)
PS C:\Users\epmadminproc_d> foreach ($Item in $Items){
>> if ($Item.name.Contains("pdf")) { write-host $Item.name}}
>>
Bobcat CW5 Milestone Schedule_V1.1.pdf
Bobcat Project Summary Schedule.pdf
PS C:\Users\epmadminproc_d>
Posted by Ijaz Syed Rasheed, PMP at 10:54 AM 0 comments
Labels: ,

Environment: SharePoint 2010 



Powershell cmdlets have been become so popular for Administrators and Developers in the SharePoint 2010 world to automate your process and update the existing current SharePoint environments. You can use the same SharePoint object model and can do a lot of work using Powershell scripts without using Visual Studio. In this post, i am trying to give some most common examples/scenarios for those who are new in PowerShell to give an idea how cool and helpful this tool is in the SharePoint 2010.



Examples:

 For Help:

 Use Get-Help verb with the available cmdlets i.e.



For Site collections/Sites:








  For Lists or Document library:







If you have any comments or questions, please drop a line.

Happy Powershell scripting!
Posted by Ijaz Syed Rasheed, PMP at 10:32 AM 0 comments
Labels: ,

Monday, July 30, 2012

Incoming email feature stopped working after migrating to SharePoint 2010


Environment: SharePoint 2010 

Issue:

After migrating to SharePoint 2010 from SharePoint 2007, the incoming email stopped working and not anymore able to accept any invitation and showing on the Calendar web part. No specific event in Application log or SharePoint log file. After a couple of hour’s investigation, we figured it out the following steps to get it work.


Solution:

Please use the following steps as mentioned below…

1- Go to Calendar list
2- On the Ribbon, select List from the tab and click List Settings
3- Under Communication, click Incoming e-mail settings (see attached screenshot below)



4- In "Incoming E-mail" section, select "Allow this list to receive e-mail?" to “No” and save it.
5- Go back to same Incoming e-mail setting screen, select "Yes" this time and save it.

Then I sent an invitation from Outlook and wola - it worked fine and showed my invitation on Calendar this time. It looks like this setting was not saved properly during the migration even though apparently, everything looks ok and configured correctly.

Note: I will recommend creating a Powershell script batch file to open all sites calendar list and fix it as mentioned above i.e. turning off and on the specific property and avoid manually updating each site's calendar. It would be a big hassle if you have hundreds of sites created.

Posted by Ijaz Syed Rasheed, PMP at 10:53 AM 1 comments
Labels:

Thursday, July 5, 2012

Critical Error (Error ID: 6398) in Application log (SharePoint 2010)

Environment: Project Server /SharePoint 2010 

Issue:
The other day i was monitoring our Production servers and found multiple critical errors with the same Error ID in Application log file as shown below


Solution:
If you get this error on around 4:30 AM on daily basis then this is related to Microsoft's Customer Experience Improvement Program aka CEIP. To get it resolve, you have two options as mentioned below.

1- Under Customer Experience Improvement Program select "No, I don't wish to participate" checkbox. You can fix it in the following locations

a) In the Central Admin, go to each Web application within the farm, select the mentioned checkbox available in General Settings option (present on the ribbon section)

b) If the above step does not work then you may need to stop the relavant Timer job service.

For details, you can see the following good blogpost to get this issue fix.

http://ianankers.wordpress.com/2011/08/19/sharepoint-2010-the-execute-method-of-job-definition-microsoft-sharepoint-administration-spsqmtimerjobdefinition-threw-an-exception-event-id-6398/
Hope it helps!
  
Posted by Ijaz Syed Rasheed, PMP at 1:16 PM 0 comments
Labels:

Friday, May 11, 2012

How to add break line and a link in comments field in SSRS “Manage Subscription” page ?

Environment: Project Server 2007/ SSRS component integrated with SharePoint 2007/ iPad

Issue:


There is good news for SSRS developers/Admin using SSRS email subscription in Project Server/SharePoint environment. Sending emails (out of the box feature) using “Comments” field for email body (see Fig “A” below) is always excited but  a few restrictions like not using break line and link made developers very uncomfortable to sell this part. Keep in mind this comments field is a Text field. MS Outlook client was smart and considering any text as URL (if starts with Http://...”) but if you open the same email on Outlook Web App/Mobile/iPad, it shows URL simply like a text with no link (see Fig “B” below)


                                                                                                   Fig “A”


                                                                                               Fig “B”

These restrictions continue till SQL Server 2005 but luckily SQL server 2008 addressed this issue and allowed developers to use HTML tags in the Comment text field.


Solution:

As I mentioned that SQL Server 2008 allows us using HTML tags to put break line and links.  As an example, I will show the changes to achieve this result.

In Comments field on "Manage Subscription” window, enter the following

This week's Flash Reports are available. Please click the following URL to access the documents <a href="http://epmxxx.com/exec/default.aspx"> http://epmxxx.xom/exec/default.aspx</a> <br/> If you have any issue, please contact to Support group.

And you will see the following output on Outlook Web App/Mobile/iPad

 
 I am sure this is very good news to all Admin/Dev who want to use Out of the box features as much as possible and make their clients happy.

I hope it helps!
Posted by Ijaz Syed Rasheed, PMP at 11:17 AM 5 comments
Labels: , , ,

Unable to connect to Project Server from client (MS Project Professional 2007) - Accounts corruption issue!

Environment: Project Professional 2007 SP2/ Project Server 2007
Issue:

Last week one of PM brought up an issue in accessing his schedule using MS Project Professional 2007 in Project server 2007 environment. When he tries to login to connect with Project Server, he gets the following error




PM was not able to close this window as it freeze the MS Project Pro 2007 application. He first tried to kill MS Project application in Windows Task Manager but could not do that. Eventually, he was able to kill Project 2007 application from “Processes” tab by selecting WinProj.exe (as shown screenshot below)



When I tried to see the exact error, it showed me the following


Note: PM had no issue in opening any schedule as a standalone basis i.e. without connecting to Project server. This was happening only when he picks an account created to cnnect with Project server

Solution:

 After an investigation, we figured out that the account created to connecting to Project Server got corrupted for some reason. Deleting the old account and recreating a new account solved this issue like Bingo…

Posted by Ijaz Syed Rasheed, PMP at 11:04 AM 0 comments
Labels: ,

Tuesday, April 10, 2012

SharePoint Configuration Wizard failed after applying DEC 2011 Cumulative Updates for SharePoint/Project Server 2010

Environment: SharePoint/Project Server 2010
Farm: Two Servers (1 WFE & 1 ADMIN)

Issue:

The following error I got when applied DEC 2011 CU over an existing Oct 2011 CU

                                                  
                                                          



The following error I got when applied DEC 2011 CU directly in a new fresh environment.


Solutions:

Summary:

To resolve those mentioned errors, use the latest CU updates i.e. Feb 2011 CU for SharePoint/Project Server 2010. Applying the latest patch in the new fresh environment fixed the error and SharePoint Configuration was successfully completed, however, applying on the old existing environments that were previously patched with Oct 2011 CU updates, required to follow a few extra steps to get SharePoint Wizard completely successful.

Please keep in mind that we have no issues with Oct 2011 CU but looks like Dec 2011 CU got some issues.

I will show below all the steps in detail that worked for me in multiple environments with successful SharePoint wizard completion message.


Scenario # 1: Installed SharePoint/Project Server 2010 with DEC 2011 CU with the Configuration wizard was failed with an error message in the log file mentioned in FIG C.


Steps:

This scenario was pretty straight forward with no error message after applying the latest Feb 2012 patch as mentioned below…

1-    Installed Feb 2011 CU bits of SharePoint 2010 on Admin Server
2-    Installed Feb 2011 CU bits of Project Server 2010 on Admin Server
3-    Reboot the Admin server.
4-    Installed Feb 2011 CU bits of SharePoint 2010 on Admin Server
5-    Installed Feb 2011 CU bits of Project Server 2010 on Admin Server
6-    Reboot the Admin server.
7-    Run SharePoint Wizard on Admin server first with successfully completed result.
8-    Run SharePoint Wizard on WFE server first with successfully completed result.



Scenario # 2: Installation of DEC 2011 CU patch on existing SharePoint/Project Server 2010 environments patched with OCT 2011 CU with the Configuration failure error message mentioned in FIG A & B.

Steps:

1-    Installed Feb 2011 CU bits of SharePoint 2010 on Admin Server
2-    Installed Feb 2011 CU bits of Project Server 2010 on Admin Server
3-    Reboot the Admin server.
4-    Installed Feb 2011 CU bits of SharePoint 2010 on Admin Server
5-    Installed Feb 2011 CU bits of Project Server 2010 on Admin Server
6-    Reboot the Admin server.
7-    Run SharePoint Wizard on Admin server first. It was completed around 46% and it gets failed.
8-    Run PSConfig exe in command prompt (see the command below) but it is also failed with the exceptional error as shown below

Command:
psconfig -cmd upgrade -force -inplace b2b

Error:


9-    Run SharePoint Wizard on WFE server. It was completed around 90% and it gets failed.
10- Run PSConfig exe in command prompt (see the command in step #8) but it is also failed with the same error mentioned in step # 8

11- Run SharePoint Wizard on WFE server again. This time it was completed successfully with 100%. It will give the following windows messages. Use the same settings and click Next to continue till getting the final successful message window






12- Run SharePoint Wizard on ADMIN server again. This time it was completed successfully with 100%. It will give the following windows messages. Use the same settings and click Next to continue till getting the final successful message window









 
           






Posted by Ijaz Syed Rasheed, PMP at 9:20 AM 0 comments
Labels: ,
Subscribe to: Posts (Atom)