Fabian Williams SharePoint Blog

Solving problems with SharePoint day and night

SharePoint 2010 RTM Answers – Connectivity Options: Did we get More

Synopsis:  In CTP we had a few connectivity options, some of which were removed in Beta and Release Candidate, now that RTM has shipped, what did we get.  The reason this question is important is due to the fact that you may not always be connecting to a Microsoft LOB system.  I constantly get the question “what about LDAP”, “What about Oracle”, “What about… “?  My answers were and based on the image below STILL IS, “you will have to either use two options” if you are not connecting to a SQL LOB System

  1. Use Web Service or WCF, and with that you can also have an abstraction between your data and the calling system to do whatever you want; i.e. more security, more logic…
  2. Use .NET Assembly to create your connectivity and do the same as above.

 

image

April 25, 2010 Posted by | Business Connectivity Services, SharePoint 2010 RTM, SharePoint Designer 2010 | 2 Comments

How To: So you have a GUID in your External List huh, Yes you can Update the List… if you set it up right

Synopsis:  I fielded a question on MSDN again and it peaked my interest because it had to do with of course BCS. The stated question was an issue when trying to update an External List when a GUID was present.  So I setup a new table, created a… well you will see it below.

image

 

Part 1: Set the Environment and Duplicate the Issue

clip_image001

Above: So I created the Table above and as you can see I used a GUID with (newid()) property set

clip_image002

Above: Added two people to the list and as you can see the GUID is present.

Part 2: Test it out

clip_image003

Above: Created an External List from the ECT, External List is called “GUID in People List” and what I did was also a “Create All Operation” however you will notice that you DO NOT SEE that the GUID Field is not present in the List View

clip_image004

Above:  I created a New Item and populated it with values. Notice here again that the GUID is not present and my Required or “NOT NULL” values from SQL is also denoted

clip_image005

Above: The New User is persisted

clip_image006

Above:  The External Content Type with CRUD capabilities

Part 3: Explaining why my example presumably worked “once” as  yours probably did too and not afterwards

clip_image007

Above: As you would expect the IDGUID field as a primary key / Identity field is protected.  So, it is set to Read Only in the Return Parameter Configuration Wizard.

clip_image008

Above: Just to show you, the second field i am putting in the Picker is NOT read only but it is a Required Field in the LOB

Part 4:  Why Subsequent try’s FAIL and how to make it work… yes Visual Studio

 

clip_image006[5]

Above:  So this is the entry that is made from the last example. BUT because the GUID is set to all Zeros as the question indicated in the Forum and it HAS TO BE a primary key, any subsequent addition in SharePoint will fail because of the duplicate entry.

clip_image001[5]

Above:  Here is our Test Case, let us add a new user called “User 95”

clip_image002[5]

Above:  And of course we error out because of the Primary Key Constraint in the LOB system

clip_image003[5]

Above:  So just to take this all the way to the end, lets do something that we SHOULD NOT DO. We will remove the Read-Only property of the Primary Key in SharePoint; in doing so you will find out exactly WHY it fails and how to fix it in the end. Notice it says that it needs the “PreUpdaterField” this field is in Visual Studio NOT SharePoint Designer.  So this is yet another answer that I give to people that constantly ask me “Hey Fabian, why do i need to use Visual Studio”

clip_image004[5]

Above: We try to put another record there..

clip_image005[5]

Above: Yes Same Error because the LOB system WILL NOT permit it to do so.

Part 5: How to Make it Work

See my BLOG on how to do CRUD ECT and External Lists using Visual Studio. See https://fabiangwilliams.wordpress.com/2009/12/03/creating-a-sharepoint-2010-external-content-type-with-crud-methods-using-linq-and-a-sql-lob-system/

I will try to do one specific for this example over the weekend time permitting.

April 17, 2010 Posted by | Business Connectivity Services, SharePoint 2010, SharePoint Designer 2010, SharePoint Development, SharePoint Error/Resolution, SharePoint How-To, SQL Server, Visual Studio 2010 | 3 Comments

How To: Setup SharePoint 2010 Activity Feed using Outlook 2010 Social Connector

Synopsis:  So a question was asked in a Microsoft Forum related Activity Feeds in MySites and Outlook. In a previous blog I outlined how to get Activity Feeds going in SharePoint 2010 however I didnt know at the time how to get Outlook Connector working to also bring that content into MS Outlook [a real cool feature by the way], enter SharePoint MVP Mike Oryszak who told us about that tool. Since I am a visual learner and I am sure I may forget how and where I mention this later on at a client site, I wanted to blog it for safe keeping

Part 1: Set Up Outlook & Make Sure you and the person you are connecting to have done a few Activity Updates – Yep That is IT.

clip_image001

Above:  So I sent an email from Hardeep to myself so i can have him represented in Outlook

clip_image002

Above:  Just to show you that in SharePoint under my MySite I can “follow” Hardeeps’ activity updates

clip_image003

Above:  So with the Social Connector in the bottom pane, click Add and the dialog box will come up…

clip_image004

Above:  Enter your credentials for the MySite on your network. Note here also that this can be used for ANY social networking

clip_image005

Above:  General Setting that you can modify

clip_image006

Above:  Further configuration

clip_image007

Above: Process Complete

clip_image009

Above:  In a few minutes you will see Hardeeps’ Activity Feeds in Outlook. Again a significant step because you dont have to leave outlook to use SharePoint

Part 2: Connecting to Other Social Networks

image

Above: So i waned to test out where else I could connect to. When you click Add again, now you get an option to connect to another Social Network

clip_image002[6]

Above:  There are few options out there NOW! Linked In (but only 32-bit) and mySpace and I DONT USE MYSPACE ANYMORE. Got me in too much trouble 🙂

clip_image001[5]

Above:  So before i knew it was 32-bit only. I went through the process

clip_image003[5]

Above:  Execute the package

clip_image005[4]

Above: Once you click OK

clip_image006[4]

Above: wont work for me I am x64 bit.

April 17, 2010 Posted by | MySites, Office 2010, Outlook 2010, SharePoint How-To, Social SharePoint | | 3 Comments

How To: Create, Configure, Consume SharePoint 2010 Secure Store in Business Connectivity Services

Synopsis: I have seen quite a bit of confusion out there regarding how to use Secure Store Service for SharePoint 2010.  While MSDN does have interesting articles, there has been no Alpha to Omega process that shows the relationship to the LOB System, Security Groups representive of the BCS Consumers, BCS Access Account representive of the Credential Owner [Impersonated User], and how to wire it up in SharePoint Designer 2010. This blog hopefully will dispel all fears about Secure Store and answer a MSDN Forum question while at it.

UPDATE: – On 10/14/2012 I have added another blog post Series that will extend this post for SharePoint 2013 employing WCF, .Net Assembly and OData with SharePoint Apps see it HERE

 

The Blog is broken up into sections

  • Prep Work
    • Active Directory Users in Play
      • The Service Account I am selecting as the Impersonated User (Credential Owner)
      • The Security Group where all the people that will consume BCS Data will reside
    • SQL Server Security
      • Who has Access to What
  • Setup
    • Creating & Configuring the Secure Store Object
    • Creating & Configuring the External Content Type in SharePoint Designer 2010
      • Creating External Connection with Secure Store
      • Creating the External Content Type
    • Reviewing the External Content Type (ECT)
    • Reviewing the Security on the ECT
  • Test & Validation
    • Creating an External List derived from the ECT
    • Logging on as a User from the Security Group AND Secured in the permission setting of the ECT
    • Logging on as a User from the Security Group NOT Secured in the permission setting of the ECT

Part 1: Setup

clip_image001

Above:  This represents the AD Account [appBCSUser] which I will use as the Impersonated User i.e. the Broker if you will that will connect to the LOB system on behalf of the Group of people who should have access to the data but DOES NOT have access to the database. This is something your DBA will love because he doesn’t have a flurry of people having accounts on his/her DB.

clip_image002

Above: This represents the AD Security Group [SecureStoreBCSUsers] that have access or should have access to LOB Systems. You can of-course have multiple of these for any number of LOB Systems. Note here that Fabian and Hardeep are in this list, we will be the test users later on.

clip_image003

Above:  Lets look into CA now and set up our environment

clip_image004

Above:  Click Applications Management then Manage Service Applications

clip_image005

Above: We are interested in the Secure Store Service so we click it

clip_image006

Above:  We already have some there from previous Labs, but we will create a new one… click New

clip_image007

Above:  We create a Target Application ID [note this cant be changed once committed], Display Name which can be the Same App ID, and so on.

clip_image008

Above:  I populate the fields and choose “Group” as my Target Application Type. MSDN has a good explanation as to why you want to do that over other options. the Long and Short is that it allows me in this example to tie an AD Group FabianLab\SecureStoreBCSUsers to a single set of credentials i.e. the FabianLab\appBCSUser account. Ill show a few other options below

clip_image009

Above:  By default it wants to know how you will collect the credential of the Impersonated User in my case it is a Windows Account so this works.

clip_image010

Above: I change it around a bit for kicks by adding the word Testing infront of the default text

clip_image011

Above:  Here are a few other options that you can use. SSS is a Claims Aware SSO solution and can take in just about any Authentication Mechanism

clip_image012

Above:  So here because I only log on to CA with the Farm Admin Account, I set that as the target App Admin, however here is where we start to make the App Work for our design. In Members, you can see that i have my AD Group Account earlier. This means that I dont have to meddle with the SSS App anymore, just add and subtract from the AD Security Group.

clip_image013

Above:  It processes once i click OK

clip_image014

Above: Now i have a NEW SSS App, but wait you may ask… what about the Impersonated User.. we are coming to that…

clip_image015

Above:  We click on the custom actions available and select SET CREDENTIALS to set the Mapping for the Impersonated Users to the Group that we will Manage of “Allowed Users”…

clip_image016

Above:  Our trusty Silverlight App shows the progress of us opening a Dialog Pane

clip_image017

Above: The default look of the Credential Mapping

clip_image018

Above: I populated the values with my User Account previously mentioned in the AD Step

Part 2: Validation and Testing

 

clip_image001[4]

Above:  So in SQL Sever you can clearly see that the only account that has Access to the Database “FabianPlayPen” is the AD User mentioned above right…

clip_image002[4]

Above:  We create a new External Content Type by defining the name and Selecting External system to define our Connectivity

clip_image003[4]

Above:  We choose SQL from the list of choices

clip_image004[4]

Above: We define our SSO connection. One note here though in full disclosure, I had tried a few times to make this work and did a typo, so I re-did my SSS App and called it FabianLABSSSMSDNForumQ from what i had it last but the steps are the same.

clip_image005[4]

Above:  Here you may or may not get challenged for credentials when you click OK. The credentials you put here are or should be your own; assuming that you are in that Security Group that will be mapped to the Impersonated User. If not, then you need an account in that Security Group List.

clip_image006[4]

Above:  Once completed you will be able to connect to your LOB System, expand it and perform any operation allowable to you

clip_image007[4]

Above: In our instance lets just create a FULL CRUD operation

clip_image008[4]

Above: Validation that it is complete

clip_image009[4]

Above: Click the “Save” button to push the ECT up to the BDC Metadata Store.

clip_image010[4]

Above:  Now we can check a place where alot of Gotchas happen. Now one may assume that because they have access to the LOB system via the impersonated user and Group Mapping you are done… You’d be wrong, now you NEED to have permission to use the ECT and I already have mine set up by default under “Set Store Permission” to add myself, the search account, and my service account by default. You may need to put your security group here to make it seamless, but because i am doing demos and want it to break depending on my use case, i leave it fluid.

clip_image011[4]

Above:  to do that, click the custom actions and select “Set Permissions”

clip_image012[4]

Above: Do your business here by adding the users you want to have access. Here note that Hardeep doesnt have access while he IS a member of the Security Group.

clip_image013[4]

Above:  Once done, now we can create our External List by choosing our ETC recently created.

clip_image014[4]

Above:  Commit to the System and cross your fingers…. Voilla!

 

Part 3: UAT

clip_image015[4]

Above: Logged on as Me…

clip_image016[4]

Above: Logged on as Hardeep

 

Conclusion

Hopefully this helps you understand the mechanism of SSS, alot more can be done in Code using Visual Studio, have full all. Your comments and reposts are welcomed.

April 16, 2010 Posted by | Business Connectivity Services, Secure Store, SharePoint 2010, SharePoint Administration, SharePoint Designer 2010, SharePoint Development, SharePoint How-To, SQL Server | | 68 Comments

How does Tagging Work in SharePoint 2010 for MySites – Microsoft Forum Question

This post is to give illustration to a Microsoft Forum Question regarding Tagging pages and how it is represented in activity feeds that I see as an individual tagging items in my SharePoint environment, and also what my colleagues will see if they are following my activities.  I do not believe that you can see activity feeds in Outlook without code so i did not pursue it in this post

 

image

Above:  The question posed on the MS Forum

image

Above: A basic Site in SharePoint 2010 with me logged in (see upper RHS)

image

Above:  I click on “Tag & Notes” to tag this entire page as requested in the question. Please not the tool tip when I hover over “My Tags”

image 

Above:  This is the Tag I created and saved off, note the Tag name and options available

 

image

Above:  My Tag is created and you can even see it under the suggested Tag Icon

 

Verification and Validation

 

image

Above:  I go to my MySite and go to my Profile

 

image

Above:  I am on the main page of my MySite Profile… I love the new look and feel very Facebooky.. is that a word..l

image

Above:  I click on Tags and Notes and I can see the Tag i just created as well as a few others i did for BCS External Lists…

 image

Above:  I go to my mysite page as myself to demonstrate what i will see; obviously i see my colleagues updates…

image

Above:  I log in as one of my colleagues and as you can see “He” sees my activity roll; but not my tags. However I did not “as this individual” opted to share the came common interest, I wonder what would happen then?…

April 16, 2010 Posted by | SharePoint 2010, SharePoint Administration, Tags and Ratings | 6 Comments

Yet another area where External List Differ from “other” SharePoint Lists

So, i was playing around with a question I saw on a Microsoft Forum and i took it a step further.  The question related to ratings, tags, and MySites.  But what got me thinking was if you can do Ratings on External Lists; as i am finding out more often than not, although Microsoft claims that External Lists are Lists like all others, they are infact not.  In a previous post I determined that you are not able to use SPMetal to create a LINQ to SharePoint Class with connectivity to the List.  I have also determined as you can discern from the image below that you are also not able to do Ratings. See below for prosperity.

 

 

image

April 15, 2010 Posted by | Business Connectivity Services, SharePoint 2010, SharePoint Administration, Tags and Ratings | Leave a comment

Fabian Williams to speak at Information Technology Alliance Conference in Atlanta, Ga on April 27th

All,

I will be speaking about SharePoint 2010 and Office 2010 at the Information Technology Alliance (ITA) on April 27th 2010. The event is at “The Buckhead Westin”

image 

Lets not pass up the opportunity for a #SharePint while i am in town. I arrive a day ahead of my conference as a travel day.

April 5, 2010 Posted by | Office 2010, SharePoint 2010, Where is Fabian | 2 Comments