Archive for the ‘SharePoint 2010’ Category

SharePoint Important Security Update April 2015

April 21, 2015 Leave a comment

Microsoft released few days ago the Security bulletin MS15-36 rated as « Important ». This bulletin mention several breaches on Sharepoint 2013 and SharePoint 2010 that could lead to an elevation of privilege. Even if, so far, this breach seems to be not exploited, I recommend to patch your systems with the following updates :


Using ContentTypeId in CAML Query

June 28, 2013 Leave a comment

You can specify a Content Type Id in a CAML Query using the <FieldRef Name=’ContentTypeId’ /> clause. But to make this query works, you have to specify the right Value Type. Using “Text” or “Computed” mays works on some environments but fails on others…

It seems that the best choice is to use the “ContentTypeId” value type. This value type works pretty well with the Equals, or BeginsWith Condition.


           using (SPSite site = new SPSite(SiteURL))
                using (SPWeb web = site.OpenWeb())
                    SPList list = web.Lists[ListName];
                    SPQuery qry = new SPQuery();
                                    <FieldRef Name='Title'/>
                                    <Value Type='Text'>{0}</Value>
                                    <FieldRef Name='ContentTypeId'/>
                                    <Value Type='ContentTypeId'>{1}</Value>
                    var myItem=list.GetItems(qry);

This article mention main value types, but the ContentTypeId is missing there.

Thanks Pierre

Exception Object reference while transferring Document Set to a Drop Off Library

SharePoint 2010 offers a feature that allows document transfers between 2 SharePoint Sites.

If using this feature is pretty straightforward for plain documents, transferring a document Set can raise an error. SharePoint ULS mention a NullReferenceException. :

OfficialFile: File http://spSite/DocLib/ was not saved at router location /sites/Destination/DestinationDropOffLibrary. Exception Object reference not set to an instance of an object. thrown at: at Microsoft.Office.RecordsManagement.RecordsRepository.OfficialFileCore.SaveFileToFinalLocation…

Site http://spSite/sites/ Destination/_vti_bin/OfficialFile.asmx is not properly configured for this request.

A quick resolution for this issue is to create at least one content organizer rule that match Document Set content type. This rule event don’t have to be active :

With this rules enabled, sending a document Set to a Drop Off Library finally works.

Categories: SharePoint 2010

Records stops in logging database, then came back the day after

January 21, 2013 3 comments

Sharepoint has a great feature, the “Usage Data Collection“. This feature allows to write in database (Wss_Usage or Wss_Logging or whatever the name you set). Every single actions that happen on your Sharepoint Farm, from user’s visits, to the duration of timer job execution including Windows performance monitor values can be stored into this database. But sometimes, record stops for a day, and came back the day after.

From documentation, a job timer (named Microsoft SharePoint Foundation Usage Data Import) is in charge to write into a specific table of this logging database. To do this, a data table is provided by Day of month (up to 32) AND by recorded event type:

All these event are summarize in a SQL view dedicated to the event type:

SharePoint writes all these data using a stored procedure dbo.prc_Insert<UsageDefinition>.

Digging further we can see that when writing data, the size of the current partition (data table that store data for the day) is checked. It must be lower than the maximal storage limit (in bytes) divided by the number of retention days set for the event selection (Check line 31-32 of the procedure). This 2 parameters are extracts from the dbo.Configuration data table by the dbo.fn_GetConfigValue
function (In Functions/Scalar-valued Functions) of this same Logging database (not the Farm configuration).

So, to raise the daily limit we can:

  • Lower the number of retention days.
  • Raise the maximale total bytes limit.

Of course, we won’t work directly on the database, PowerShell allows to specify the retention period. For instance, for Page Requests Usage definition:

Set-SPUsageDefinition -Identity "Page Requests" -DaysRetained 21

To update the total limit we have to be a bit smarter, the default size is 6000000000 bytes, about 5.6GB, let’s update is to 10GB =>10*1024*1024*10214=>10737418240

$definition= get-SPUsageDefinition -Identity "Page Requests" 

Configuration data table is not update immediatly. In fact, I could not find how the parameter is save in database, I could not find any relevant timer job (any info about that is welcome), but anyway, the day after, retention period is fairly saved 🙂 but not the max limit size:(

So, to update this parameter, we don’t have any other choice but updating the database :

update WSS_Logging.dbo.Configuration set ConfigValue=‘10737418240’
where ConfigName=‘Max Total Bytes – RequestUsage’

where RequestUsage is the event type you want to extend …

Now, our limit is raised:

Doing this database update can introduce questions about editor’s support. But from documentation, this logging database has a specific support status:

  • « Moreover, the logging database is the only SharePoint Server 2010 database for which you can customize reports by directly modifying the database.” from article Understanding the Logging Database
  • “The Usage and Health Data Collection database is the only SharePoint database that supports schema modifications” from article Database types and descriptions.

So I think that this operation preserve Microsoft support, but don’t tell them I told you!!

Categories: SharePoint 2010

KB2756920 Crashes SharePoint

January 14, 2013 4 comments


We notice on several SharePoint Farms powered by Windows 2008 R2-pre SP1, that service securitytoken.svc failed on compilation since deploying KB2756920 .

Look for this error in SharePoint Logs :

Exception: System.ServiceModel.ServiceActivationException: The service ‘http://<server>/SecurityTokenServiceApplication/securitytoken.svc&#8217; cannot be activated due to an exception during compilation

Removing this KB or deploying Windows 2008R2SP1 seems to correct this issue.

Some articles mention a dependency to claims authentication, but we met this exception on basic-authentication web app…

More info: Here

Categories: SharePoint 2010

Add new file type in SharePoint

April 23, 2012 14 comments

Out of the box, SharePoint can manage lot of file type. This management include the capability to show an Icon, to index, to open from browser and finally to Index. But what if you need to manage another file type?

There are 2 steps to complete:

  • Specify Icon File and activeX control to use for extraction/archiving
  • Allow Content Type to open from Internet Explorer

In this example I’ll use keepass, a pretty useful password manager, file format to enable to SharePoint

Before :

I added a KDBX file into a SharePoint Library (my Preciious.kdbx), there is no icon, Internet Explorer only allow saving, no opening… Poorly integrated.

Image Icon and Opening

First step is to add a File icon in 14/Template/Images folder. My recommendation is to use a .PNG 16×16 pixel PNG picture with transparency.

Now next step consist in register this picture. To do this edit file 14\TEMPLATE\XML\DOCICON.XML, and add this line somewhere in the <ByExtension> section:
<Mapping Key=kdbx Value=KeePass_icon.png EditText=Keepass Password Manager  />

This associate the file extension .kdbx to the KeePass_Icon.png image. Optionally you can specify the text to add to contextual menu (what we did here) and even specify an ActiveX Control to fire when opening document. But in our case, we don’t have any ActiveX to call. (More info Here ).

Well this what we have so far (mind the EditText value):

Allow Content type opening

So, our file type now have an Icon. That’s great, but you still can’t open file directly from SharePoint: Internet Explorer do not allow open file :

That’s because SharePoint by default, send specific HTTP Header when transmitting file that have not recognized Mime type. The get rid of this, there is two option:

The best you can declare document mime type as “downloadable“. That’s easy when you are working with specific content type but .kbdx file do not have specific mime type. No problem, let’s create a custom Mime type on IIS server ! Here is how to do:

Open IIS console, select server node and open “MIME Types” menu

Then click “add…” button to declare de specific Mime type. Custom mime type should begin with application/vnd. OK, it’s time to be creative:

Now, last step is to declare this Mime type as “Downloadable” this can be done via a PowerShell cmdlet:

$web=Get-SPWebApplication -Identity <WebApplication>
$web.AllowedInlineDownloadedMimeTypes.Add(“<Custom Mime Type>”)

Declaring custom MIME type and set it as downloadable is not mandatory, another solution is to set the “Browser file Handling” option to “permissive” in Web Application general settings (Central Admin/Manage Web Applications/<Web application>/ General Settings application)

This is quick, but not really secure, I really suggest that you choose first option.

And voila! You are now able to open file directly from SharePoint. Of course it support Extraction/Archiving


Categories: SharePoint 2010

Move-SPUser common errors

April 19, 2012 Leave a comment

There is something great with ladies: they change their name when get married .There is something SharePoint do not like: when people change their Name…

When user change their AccountName, SharePoint do not “see” it very well. You have to use the Move-SPUser cmdlet (or stsadm –o migrateuser for Moss 2007)

Technet documentation (Here) give this example:

Move-SPUser –Identity “DOMAIN\JaneDoe” –NewAlias “Domain\JaneSmith”

But if you try it, this command fails. Because the identity parameter shall not be a String, but an SPUser object. Instead try this:

$user= Get-SPUser -Identity <LoginName> -Web <A WebSite in your Farm>
Move-SPUser –Identity $user –NewAlias “Domain\newLogin” -IgnoreSID

And if this command fails in a “User unknown” error, you should try to launch it under Identity Account.

To sum-up:

  1. Log as Identiy Account
  2. Do a get-SPUser first

Thanks to

Categories: SharePoint 2010