Ill start this post out by saying that this is why i so LOVE the SharePoint Community. It is a true example of "many hands make light work”, first Jim Bob Howard @jbhoward one of my @PlanetTech work colleagues faced a problem, since it was a topic of interest to me, I decided to put some time into it as well. I was able to prove out most of the issues, but there was this last one (see blog post to what this is referring to in a link below) that just didnt make sense. What do i do when that happens, well I’ve never been ashamed to reach out to my friends in the SharePoint Community so I blogged the issue, showed what we did so far, and without tagging anyone in the tweet we had folks from the UK joining in the conversation, folks from all Time Zones here in the United States chiming in as well. Late Friday night I emailed a copy of the Workflow to my good buddy @givenscj Chris Givens. I really wasn’t surprised when even on a Saturday, Chris called me up on the phone, and we spent like 2 hours on a Screen Share looking at ULS logs, then he went off on his own, and within an hour, he came back with a solution.
The original problem was posted on the forums here
My Plea for help on my blog which gives more details than the forum post allows is here. This post is basically closing the loop on the problem
Chris blogged his findings here, go look at it, but the main point ill just borrow from is blog…
“…The main issue of Fabian’s was that when he made the Web Service call he would pass a pre-created FedAuth token (yeah I told him he would have to figure out how to generate this in the future) which established a context for him. This context was as his SharePoint admin account, but the actual running account (the "actor") was the Workflow service. Of course the SP Admin account can do whatever it wants, but the workflow service cannot. This workflow service account is NOT the account that the actual workflow manager backend window service is running under.”
Screen Shots form what Chris and I worked on
First we wanted to see what was happening ON Prem with this both from a Fiddler standpoint as well as SharePoint Designer 2013, here is what we saw. The offending item was the account it is running under MS.SP.EXT which is the App Principal for the Workflow from Workflow Manager. Further down you will see this inside the Content Database and the permission it is set to run under.
with a little more detail below
Below is a peek into the App Principal Table. This table as Chris describes is where the App Principal Accounts live, you can see that i have a few that are Titled as my Workflow Apps and one called just “Workflow” and it is that one if you look under “Name” has MS.SP.EXT 🙂
Now, lets go look at the permissions, now mind you, if you look at permission it is set to “5” right now for the ID 1, that was set to “3” before i ran the PowerShell that Chris has on his web site and i will put below for complexness.
Here is the PowerShell below
PS C:\Users\spadmin> $web = Get-SPWeb http://farm1sp13svr1 PS C:\Users\spadmin> $appworkflow = Get-SPAppPrincipal -site http://farm1sp13svr1 -nameidentifier 31ed5e6e-979b-redacted PS C:\Users\spadmin> Set-SPAppPrincipalPermission -AppPrincipal $appworkflow -site $web -right fullcontrol -scope site PS C:\Users\spadmin>
Once I did that, all we did next was re-Run the workflow, NO other changes, here was our result
and in All Site Contents
So, all is well in the world of SharePoint again. I hope Chris goes and puts his solution as the answer to the question in the @Office365 Forums so we can have a record out there as well. I hope this helps someone else that falls prey to this, I agree with Chris, this is the first time I have ever seen anyone blog or talk about this in a public setting.
Fabian Williams with contributions from Chris Givens
So, because i wanted this to work in Office 365 as well, we needed to find out if these PowerShell options are available there too. For completeness I loaded up the ISE and I have here all the options that you can do with the App Model for GETS and SETS, both for On Prem and OnLine, you can see that the Online version is very limited
and sad to say I could get EVERYTHING from ONLINE in one screenshot. 😦 sad panda
END UPDATE SECTION
Error/Resolution: Could not load type ‘System.Data.Services.Providers.IDataServiceUpdateProvider’ from…
Cryptic message huh, but basically i got a tweet from @dfollette regarding using the Client Site Object Model (CSOM) in SharePoint to gain access to List Data and other LOB System and he also had a reference in a Web Cast to do the same thing using the REST API. Even as tired as i was at 1:16 am in the morning it would just eat at me in bed, so i decided to review it before I tuck in. However, when I tried to review the REST API by using a SharePoint Web Service I got an error…
The tweet was:
The Error was:
So after a little research I found this blog entry “REST and SharePoint 2010 Quick Start Guide: Table of Contents” on Scott Currier Blog; and it indicated that you need to install install the ADO.NET Data Services Update for .NET 3.5 SP1 Depending on what flavor OS you are running you may need one over the other, the one i need was here because I am running WIN 2 K8 R2 http://www.microsoft.com/downloads/details.aspx?familyid=79d7f6f8-d6e9-4b8c-8640-17f89452148e&displaylang=en
Once you install it you will be prompted to restart.
Trust but Verify
So after my reboot, let us now go to my SharePoint Site Collection and query the REST API again.
What i wanted to test was a little nugget I learned from the web cast…
You know come to think of it, I should have done a snapshot before running that update, but oh well, with finger crossed…
and it worked, lets drill down now
Looking at the XML you see the actual data..
How To: So you have a GUID in your External List huh, Yes you can Update the List… if you set it up right
Synopsis: I fielded a question on MSDN again and it peaked my interest because it had to do with of course BCS. The stated question was an issue when trying to update an External List when a GUID was present. So I setup a new table, created a… well you will see it below.
Part 1: Set the Environment and Duplicate the Issue
Above: So I created the Table above and as you can see I used a GUID with (newid()) property set
Above: Added two people to the list and as you can see the GUID is present.
Part 2: Test it out
Above: Created an External List from the ECT, External List is called “GUID in People List” and what I did was also a “Create All Operation” however you will notice that you DO NOT SEE that the GUID Field is not present in the List View
Above: I created a New Item and populated it with values. Notice here again that the GUID is not present and my Required or “NOT NULL” values from SQL is also denoted
Above: The New User is persisted
Above: The External Content Type with CRUD capabilities
Part 3: Explaining why my example presumably worked “once” as yours probably did too and not afterwards
Above: As you would expect the IDGUID field as a primary key / Identity field is protected. So, it is set to Read Only in the Return Parameter Configuration Wizard.
Above: Just to show you, the second field i am putting in the Picker is NOT read only but it is a Required Field in the LOB
Part 4: Why Subsequent try’s FAIL and how to make it work… yes Visual Studio
Above: So this is the entry that is made from the last example. BUT because the GUID is set to all Zeros as the question indicated in the Forum and it HAS TO BE a primary key, any subsequent addition in SharePoint will fail because of the duplicate entry.
Above: Here is our Test Case, let us add a new user called “User 95”
Above: And of course we error out because of the Primary Key Constraint in the LOB system
Above: So just to take this all the way to the end, lets do something that we SHOULD NOT DO. We will remove the Read-Only property of the Primary Key in SharePoint; in doing so you will find out exactly WHY it fails and how to fix it in the end. Notice it says that it needs the “PreUpdaterField” this field is in Visual Studio NOT SharePoint Designer. So this is yet another answer that I give to people that constantly ask me “Hey Fabian, why do i need to use Visual Studio”
Above: We try to put another record there..
Above: Yes Same Error because the LOB system WILL NOT permit it to do so.
Part 5: How to Make it Work
See my BLOG on how to do CRUD ECT and External Lists using Visual Studio. See https://fabiangwilliams.wordpress.com/2009/12/03/creating-a-sharepoint-2010-external-content-type-with-crud-methods-using-linq-and-a-sql-lob-system/
I will try to do one specific for this example over the weekend time permitting.
Question: Not able to get Email Alerts when using an Email Enabled Windows Security Group in SharePoint 2007
I have a situation where I have an email enabled security group with individual users in it, this security group is added to a SharePoint group. Here are some known
- I am using the Site Owner to Add Alerts on behalf of users
- if you enter the email address a user into the "Send Alert To" field and click ‘check name’, it resolves to the User
- if you enter the email address of the Security group into the "Send Alert To" field and click ‘check name’, it come back "No Matches Found", same if you go to the Browse Icon
- If you try to create the alert anyway using the security group, it creates the alert but tells you that there is no email address associated with the security group
- If you just add the preferred name of the Security Group to the "Send Alerts To" field then it resolves; but it creates the alert but tells you that there is no email address associated with the security group
- I created a new Email Enabled Security Group and two Test users today
- Test user 2 is a member of the Email Security Group
- I am able to send emails to test user 1, test user 2, and the security group in Outlook
- I did a full import into SharePoint and they all show up WITH their associated Email Address in the Profile
- I added the Security Group [Add User] directly into the Site as a contributor
- Tried to setup an alert. you get what is in top bullet 3 and 4
- I added the Security Group to a SharePoint Group, then added the SharePoint Group to the Alerts; failed…
I pulled down a feature from CodePlex http://www.codeplex.com/AdvancedAlert and tried list number 4 above; failed, but if i added an Individual User to the SharePoint Group and did number 4, the individual user gets alerts
I saw this out there also.. tired it… failed http://blog.gavin-adams.com/2007/10/26/sending-alerts-to-groups-in-sharepoint-2007/
I found out that the Web Application Pool along with a few other accounts are Local Accounts
So the test/fix
· I created a new Web Application and used a domain account they had out there as the Web App Pool account
· I NOW am able to resolve the Security Group Email address
· I NOW can receive the initial alert email
· Once I added the Security Group to a Permission Group in SharePoint for the site (View, Read, Contribute) directly
- I can receive security trimmed email alerts
Next we document and use the KB article 934838 to change the accounts in production
Tuck this one away people…
How To: Create a Farm Based and Sandbox Based Solution Web Part using LINQ to SharePoint via SPMetal Utility
In this Blog and in all the blogs i post, I try to re-use my work/efforts; for one, it ensures that the information is grounded, it certainly gives me practice, and more importantly, it demonstrates how SharePoint is modular, and how each part of the Wheel Compliments each other. So.. </soapbox> over, lets begin… The idea here is to demonstrate how we can affect changes to SharePoint Lists and Libraries; for instance, we will use LINQ to SharePoint to talk to Lists in a Site, and use Sandbox Solutions to "work in that list in a protected area” based on the Rules of the Sandbox. Now; the intrusive part is the how we gain access to the SharePoint List, in this example (Part 1) I am still doing a Sandbox Solution which means it is limited to the Site Collection, but I still have code that may be better protected in a “Full Trust Proxy” which will be (Part 2).
Get ready on how you can do:
- Create a Sand Box Solution with Visual Studio 2010 Beta 2 on SharePoint 2010 Beta
- Use LINQ to SharePoint via the SPMetal Utility to create and add a Class to our Solution to act as the Wrapper to our Content Database
- Create a Web Part to display information from SharePoint Lists
- Use some Code to do some actions on that List
Recognition of Effort to my friends in the SharePoint Community
So… I want to take time out to recognize some of my buddies in the SharePoint Community that helped with a really weird issue I was having trying to get even a “Hello World” textbox control working in my Sandbox Solution. As it turned out and I do have the troubleshooting steps outlined below, my issue was related to having SharePoint 2010 on a Domain Controller, and the problem was solved [albeit after 12 hours of work and 4 – 6 hours troubleshooting] via a PowerShell Script found on Jie Li’s and Jeremy Thake’s site. Using Twitter (yes I know, I tweet too much) I solicited the help of my co-worker Bart Tubalinal @bart_tubalinal and Jeremy Thake @jthake to see if they saw something glaring wrong in my code; they looked, they found nothing… then i hear the words I didn’t want to hear “… have you tried looking in the ULS log…, this may be your environment…” this would have not shocked me as much if I didn’t have to deliver at Virginia Beach SharePoint Saturday this coming Saturday (1/9/2009), and didnt want to risk doing an re-install my OS. In the end Paul Swider @pswider asked if i ran the script found on Jie Li’s site; as soon as i placed it in a file and ran it with PowerShell, BOOM! I was good to go! Mark Miller @EUSP of End User SharePoint pointed out that he may emphasize the community involvement in a Keynote he is prepared to give, I encourage him to do so.
Let us Begin…
Part 1: This is Part 1
Part 2: Doing everything but using a Full-Trust Proxy for the most Intrusive Part of the job!
So the first thing we need to do is crack open our spiffy Visual Studio 2010 and Create a new SharePoint Empty Project
- Fire up Visual Studio
- Select SharePoint 2010
- Select Empty SharePoint Project (as you can see I named mine TouchPeopleinSharePoint)
Next you will be prompted to choose if this is a Sandboxed Solution or a Farm Solution, I selected “the Default” which is SandBoxed Solution… so what is Microsoft trying to tell us here folks?
Once you have done that, click Finish to close out the dialog box. Next just to be sure, you can never be too careful; since I am building against a x64 bit system, I wanted to make sure that my Project Properties Build Targets were appropriately set.
Once I have completed that process, next I am going to add a new Web Part. NB, you are not permitted to do Visual Web Parts in SandBoxed Solution because that would mean that you would need to deploy it on the WFE; which under SandBoxed Solutions, we don’t want to, so… we wanna select a regular web part.
So once the Web Part is added, we have the following cs file created, clearly you can see we have methods that are over-ridden which we will employ in our solution.
Before we get there however, I need to do some prep work..
- I need to Add my SPMetal Class
- I need to make a reference to Microsoft.SharePoint.Linq
This Class that I am adding is created by SPMetal Utility and it basically provides me Entity Classes and a Context Object to manipulate SharePoint Lists via LINQ to SharePoint. I use this because all that plumbing is already done for me and hey, work smarter not harder…
NB. The Red squigglies are there in this CharlieSiteLists.cs file because I dont at this time have a Reference Set for Microsoft.SharePoint.Linq which i will do below…
So now for the real work… finally!
- So first I create a List Box object, I will add my result set to that collection (line 16)
- I make a reference to the CharlieSiteList.cs (SPMetal Utility Created File) Data Context Object so I can use it as a Wrapper to the Content Database (line 25)
- I iterate though a list and return the First Name and Last Name via the Add Method of the ListBox Object (line 26 – 33)
That is it! Easy huh… now we just Deploy our Solution…
Next I go to my site under “Site Pages” and create a Web Part Page…but before I do that, lets just make sure that our Sandboxed Solution is there in the Gallery. We find this by clicking on Site Settings and under Galleries, you will see “Solution”.. go ahead and click that bad bwoy..
All being well you should see your solution as I see mine…
Now, we edit that page we would have created to hold our Web Part or you can just put it in a page of your choosing.
So, here is where the SharePoint community came alive for me last night.. and although SharePoint threw no Error in the Event Viewer, nor did the Actions yielded any “gotchas” that I did anything wrong, when I added the Web Part to a zone..
When I add the TouchPeopleNOLookupList Web Part to the Left Column Zone as indicated below it goes though the motion but ADDs Nothing but in the ShowMyProfile Web Part it works… that web part is a Farm Level Solution though… same code..
Below Same Code… in the Create ChildControls in a NON SandBoxed Solution
U can see in the Properties Window that this one is same code but not SandBox Solution… and it yields results as above…
So as part of my debugging I downloaded this ULS viewer from CodePlex at http://ulsviewer.codeplex.com/ and I saw that, Indeed, I have a few errors going..
Paul Swider pointed me to Jie Li’s site where i saw below,
I placed that script in a file and ran it with PowerShell and I got my Web Part to work as indicated below.
We are in business folks…
Stay tuned for Part 2 where I will do this all with a Full Trust Proxy i.e. move the intrusive Class that actually touches the Content Database to the GAC and use a Proxy to call it.
Error/Resolution: SharePoint 2010 Office 2010 when using Connect to Outlook from External List in BCS
After creating an external list of contacts in SharePoint from a LOB System and clicking the Link to “Connect to Outlook” you get a dialog box indicating:
“The Microsoft Office 2010 feature Business Connectivity Services are not installed on this computer…” this is in-fact incorrect as it is installed and functioning. I have my Outlook fully configured and it has my Mysite already in SharePoint lists
Screen shot Below
Proof Positive that the Feature is Installed…
I sent an email to Rolando Jimenez from the Microsoft Product Team for BCS and for the first problem we found out that i experienced that error because my browser was in the “Internet Zone” once i moved it into the “Intranet Zone” my ‘initial’ problem subsided
Now I am getting a “Microsoft Office 2010 component has stopped Working” Error tied to the Common Language Runtime on the bcssync.exe… more help needed here
So, thank you Microsoft Product Team for BCS for helping me with this. I wanted to close out our email thread by summarizing how we got here
· All x64 [obvious but just
· Installed WIN 2008 Server
· Installed and Configured Active Directory and DNS, IIS, Server Roles
· Installed SQL Server 2008 SP1 CU2
· Installed SP 2010 Beta 2
· Installed Office 2010, SPD 2010 and Visio 2010 Beta
· Installed Visual Studio 2010 Beta 2
· Installed AdventureWorks Database for testing LOB systems
So after using SPD 2010 Beta to create an External List I was able to consume it in the browser but when I did connect to outlook I got the error outlined here in my blog
So the steps taken with Rolando’s and Alex’s help ( I will show what worked with excepts of what didn’t inline)
1. After Repair Outlook Failed to fix the issue and After Uninstall yielded the same results
2. I followed Alex’s recommendations below
a. Actually I think I know what’s going on. I suspect the issue is because you have dev10 installed on your machine which comes with a newer version of SQLCE. Unfortunatelly the version in dev10 comes with is x86 only. You need to install SQLCE SP2 x64 from downloads. Here is the link:
b. When I did I still had the same issue but I went one step further
3. I Uninstalled the following Programs and Rebooted
a. SQL Compact x86
b. SQL Compact x64
c. SQL Compact SP1 View and Tools (something like that)
4. I installed the x64 from Alex’s link HOWEVER it told me to installed the x86 first, so I did, and I am up and running with BCS “Connect to Outlook”
Thanks again Rolando, thanks Alex
Hotfix required for Installation of SharePoint 2010 on Windows Server 2008 R2 or Windows 7 has been released
Get hit here
Installation notice for the SharePoint Server Public Beta on Microsoft Windows Server 2008 R2 and Microsoft Windows 7
If you will be installing the SharePoint Server 2010 Public Beta on Microsoft Windows Server 2008 R2 or Microsoft Windows 7, then you will need to download and install an update from http://connect.microsoft.com/VisualStudio/Downloads/DownloadDetails.aspx?DownloadID=23806 to resolve an issue that occurs in Microsoft SharePoint Server 2010 when provisioning Service Applications or when accessing pages that make service calls. Without the hotfix, these operations will result in an error "System.Configuration.ConfigurationErrorsException: Unrecognized attribute ‘allowInsecureTransport’. Note that attribute names are case-sensitive. (C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\WebClients\<Service Area>\client.config line <Line Number>)".
If you have already installed Microsoft SharePoint Server 2010 on a server running Microsoft Windows Server 2008 R2 or Microsoft Windows 7, Microsoft SharePoint Server 2010 does not need to be reinstalled when the update becomes available; however, Service Applications that have been successfully provisioned without the update installed may need to be removed and re-provisioned once the update has been successfully applied.
Published Thursday, November 19, 2009 8:58 PM by sptblog
this excerpt was taken from http://blogs.msdn.com/sharepoint/archive/2009/11/19/installation-notice-for-the-sharepoint-server-public-beta-on-microsoft-windows-server-2008-r2-and-microsoft-windows-7.aspx
You may see the following error in your Windows Application Log after making modifications to your SharePoint Farm especially surrounding Incoming Mail Server Settings.
This could be due in part to the following:
- Access level of these Local Groups where SMTP services is installed. The two accounts are WSS_ADMIN_WPG and WSS_WPG
- Whether or not the “Drop” folder is in the place SharePoint expects it to be in based on where your INETPUB folder is installed
The fix i have found is to
- Give WSS_ADMIN_WPG and WSS_WPG full access to the DROP folder under Mail Root under InetPub
- Select Advanced in CA under Enable Incoming Email and specify the E-Mail Drop folder explicitly
Hope this helps!
Error: When you attempt to join a member server to a Web Farm you receive the error below
Resolution: More than likely you have either WSS installed on the server trying to connect or a previous installation of WSS/MOSS with Databases still mounted
- Verify under “Add Remove Program” for WSS is not installed, In my experience there was WSS installed which was plugged into MSDE thus the Management Studio did not attach to. Go ahead and uninstall WSS and run the Products and Technology Wizard again.
Service Pack 2 Update.
The public update for the Service Pack 2 expiration date issue is now available for download.
The update can be applied before or after Service Pack 2 installation. If the update is applied prior to installing Service Pack 2 it will prevent the expiration date from being improperly activated during installation of Service Pack 2, if it is applied after Service Pack 2 it will remove the expiration date incorrectly set during installation of Service Pack 2.
The update is applicable to all of the products that this issue affected (see the list in the KB linked below).
Installation instructions and download links for x86 and x64 are available in this KB: http://support.microsoft.com/kb/971620
The direct download link for x86 is: http://download.microsoft.com/download/2/F/5/2F51AB71-1325-49D2-9CB9-18DEC4780E99/office2007-kb971620-fullfile-x86-glb.exe
Q: How can I tell if the update has worked?
A: The License Type text on the Convert License Type page in Central Administration no longer contains the word “trial”.
Q: I applied the update and now I can’t enter anything in the Convert License Type page in Central Administration, is this right?
A: This is expected behavior if your license type is “Office SharePoint Server with Enterprise Client Access License”.