Friday, 19 August 2016

Install .Net Framework 3.5 on Windows Server 2012 R2

Windows Server 2012 R2 includes the .NET Framework 4.5.1 as an OS component, and it is installed by default. It also includes the .NET Framework 3.5 SP1 as an OS component that is not installed by default.

If you run Setup(Microsoft SQL Server 2014 R2) and you do not have .NET 3.5 SP1, SQL Server Setup requires you to download and install .NET 3.5 SP1 before you continue with the SQL Server installation.

If you are trying to install .NET Frame 3.5 from the Server Manager GUI, you will see the below alert when installing the feature.

"Do you want to specify an alternate source path? One or more installation selections are missing source files on the destinatino server.…”

If your computer does not have access to windows update, then specify an alternate source path by clicking on "Specify an alternate source path" and enter the path like "C:\sources\sxs"
After you have specified the alternate source, close the warning (by clicking the x), then click Install.

Thursday, 18 August 2016

New and improved features in SharePoint Server 2016

The following information provides a summary of the new features in SharePoint Server 2016 release.


In 2013, server type(application server/search server/distributed cahce server) will be determined by what services you ran in your server.

In 2016, new feaure "MinRoles" get added. MinRoles will apply a set of services to a server based on the role you select it during installation.

Zero Downtime Patching:

The biggest improvement in patching for SharePoint 2016 is In-place, online, installation of patches. You can install the patches in the middle of the day without affecting users accessing the farm at all.

Microsoft removed the downtime which is required to update the SharePoint servers.

In the past with SharePoint, for general updates you got about 37 individual files to process for each patch, plus 10 for each language pack installed. In SharePoint 2016, you get 2 files to process, plus 1 file per language pack.

Compliance features:

New compliance features for SharePoint Server 2016 include the document deletion and in-place hold policies.
The document deletion policy allows you to delete documents in users' OneDrive for Business sites after specific periods of time.

Integrated Project Server:

Project Server 2016 is installed with SharePoint Server 2016 Enterprise, though is licensed separately.

Max File Size for Uploads:

The default maximum file size in SharePoint 2013 is 250 MB, which can be increased up to 2GB. SharePoint 2016 mas file upload size is 10GB.
Note: End users will likely get a time out while uploading large files.

File Name Support for Special Characters:

SharePoint has blocked file names that included the &, ~, {, and } characters, file names that contained a GUID, file names with leading dots, and file names longer than 128 characters were blocked in previous versions. SharePoint 2016 will allow these to be used and these restrictions are 
removed in SharePoint Server 2016.

Content Database Size:

In SharePoint 2013 maximum content database size is 200GB. Microsoft posted that maximum content database size is expected to be 1TB. And each content database will be able to hold approximately 100,000 site collections.

Site Collections Per Content Database:

The recommended amount of site collections for SharePoint 2013 is 2,000 with a maximum of 5,000 collections. In SharePoint 2016 you will be able to maintain 100,000 site collections per content database.

Fast Site Collection/Site Creation:

In SharePoint 2013 site creatino takes around 40seconds. Using a template, in SharePiont 2016 users are able to create the site collection very quickly(1second). This will require a configuration with powershell.
SPSiteMaster Windows PowerShell cmdlets help to create sites and site collections quickly.

Override 5,000 View Threshold:

SharePoint has a List View Threshold (LVT) of 5,000 items. Many end users don't know that they had to index their columns to manage the threshold.
In SharePoint 2010 or 2013 indexing the columns is available but end user had to manually index their columns to break the view throshold.
In SharePoint 2016 Microsoft has automated the creation of indexed columns.

Hybrid App Launcher:

Hybrid app launcher helps users to have a more seamless experience when navigating between SharePoint Server and Office 365.

The extensible hybrid app launcher is designed to help you get to your Office 365 apps and services from SharePoint Server. Once you enable this feature, you’ll see the Office 365 Delve and Video apps, along with your custom Office 365 tiles, appear in your SharePoint Server app launcher.
In SharePoint Server 2016, this feature is enabled as part of Hybrid Sites Features.

SharePoint Search Service Application:

With SharePoint 2013, 100 million indexed items per search service application and 10 million per index partition. SharePoint 2016 search supports indexing up to 500 million items per Search Service application.

Open Document Format (ODF):

SharePoint 2016 added new support for Open Document Format (ODF) files to use in documen library templates. It enables users to create new files in a document library and save as ODF files so that users can edit the new file with a program of their choise.

Durable Links:

Durable Link is not the same as Document ID. A Durable Link is a URL of Hyperlink to a Document stored in SharePoint 2016 Document Library.
Durable Links proivde a resource ID to each document. This resource ID will be stored in the content database.

If Durable Links work in you Farm, you will see that links to Documents look like this:

When the user opens the document using Durable Links, SharePoint 2016 looks up the file by the Resource ID and opens it in Office Online Server Preview. If you move or rename this document, the link you see here will continue to work and redirect you to the same document.

Search for sensitive content:

Search for sensitive content across SharePoint Server 2016, SharePoint Online, and OneDrive for Business.

SharePonit 2016 controls 51 built-in sensitive information types (like credit cards, passport numbers, Social Security numbers, and more).

The sensitive data is exposed through an eDiscovery site(You have to choose eDiscovery template to create the site in Central Admin). And then use DLP Queries from the eDiscovery site collection to discover sensitive content.

SMTP Connection Encryption:

SharePoint 2016 brings a lot of improvement in the field of out-going & Incoming emails. We can send emails using encryption and we can configure the SMTP to non-default ports (default Port is 25).

Sites page pinning:

This is a new feature with SharePoint 2016 which helps users see and follow sites. Users can pin sites that are seen on the sites page. A pinned site shows at the top of the list of followed sites.

MinRole overview in SharePoint 2016

SharePoint 2016 is taking a very different approach on roles and services. In SharePoint 2013, whether your server was a "search server" or a "distributed cache server" was all determined by what services you ran on it.

In 2016, that get a new wrinkle added to it through the use of MinRoles. MinRoles apply a set of services to a server based on the role you assign it during installation.

SharePoint automatically configures the services on each server based on the server's role. Any services running on those servers that are not in that predefined role, or stopped services that should be running, will cause health monitors to report that the server is out of compliance.

Note: You cannot choose to have the servers be multiple roles. If you want a server to perform multiple role functions, you’ll want to select "Custom" during the installation, which will let you pick and choose the services on the server in the same way as you do in SharePoint 2013.

SharePoint Server 2016 has six Server roles to choose in server installations:

Front-end: Service Application, services,and components that serve user requests. These servers are optimized for fast performance.

Application: Service Application, services,and components that serve back-end requests. Like search crawl, timerjobs. These servers are optimized for high throughput.

Distributed Cache: Service Application, services,and components that are required for a distributed cache. Optionally, you configure these server to load balance farm traffic.

Search: Service Application, services,and components that are required for search.

Custom: Custom service applications, services, and components that are outside of MinRole topology. The farm administrator has full control over which service instances can run on servers.

Single server farm: 
Service applications, services, and components required for a single-machine farm. A Single-Server Farm is meant for development, testing, and very limited production use. A SharePoint farm with the Single-Server Farm role cannot have more than one SharePoint server in the farm.

The Standalone Install mode is no longer available in SharePoint Server 2016 IT Preview. The Single-Server Farm role replaces the Standalone Install mode available in previous SharePoint Server releases. With 2016 you don't get SQL  Express included in the installation. The SharePoint administrator must separately install and prepare Microsoft SQL Server for SharePoint.

MinRole Topologies:      

Server role
* Content Farm ?
*Shared Services Farm ?
*Search Farm ?
Front-end web
Distributed cache
Yes, if hosting Search
Yes, if hosting Search

Thursday, 11 August 2016

Deprecated or removed features from SharePoint Server 2016

The following information provides a summary of the deprecated or removed features from SharePoint Server 2016 release.


The Stsadm command-line tool has been deprecated and users are recommended to use Windows PowerShell for performing administrative command-line tasks. But it is still included to support compatibility with previous product versions.

Support for SQL Express:

SQL Express is not supported for SharePoint 2016. When you install SharePoint 2013 on a single server that has built-in database by using default settings, it will install MS Sql Server 2008 R2 SP1 Express edition and SharePoint product.

SharePoint Foundation:

SharePoint Foundation is free for on-premises deployments.It is no longer available in the SharePoint Server 2016 release.

Standalone Install Mode:

SharePoint Server 2016 doesn't support the standalone install option and it is no longer available in the setup. During installation you can use MinRole to choose the server role. The Single Server Farm option where everything is installed on the same computer and you must install SQL Server yourself before running the SharePoint Server 2016 farm configuration wizard.

Excel Services in SharePoint:

Excel Services and its associated business intelligence capabilities are no longer hosted on SharePoint Server 2016. Excel Services functionality is now part of Excel Online in Office Online Server (this is the next version of Office Web Apps Server), and SharePoint users can use the services from there(OOS). 

Trusted data providers, file locations, data connection libraries, Unattended service account are some of the removed features.

Tags and Notes:

The Tags and Notes feature is deprecated in SharePoint Server 2016 and users cannot create new tags and notes or access existing ones. The SharePoint Administrator can archive all existing tags and notes by using the Export-SPTagsAndNotesData cmdlet.

ForeFront Identity Manager client (FIM):

Earlier versions of SharePoint used ForeFront Identity Manager client (FIM) to synchronize between Active Directory and SharePoint. SharePoint Server 2016 no longer uses FIM as the synchronization client. The default process is Active Directory Import. You can also use any synchronization tool such as Microsoft Identity Manager 2016,

SharePoint BI capabilities:

SharePoint 2016 requires updated versions. The SQL Server 2014 Power Pivot and Power View add-ins for SharePoint 2016 cannot be deployed or used in SharePoint Server 2016. Business Intelligence features like Power Pivot Gallery, Scheduled Data Refresh, Power View reports, Power Pivot Management Dashboard are avaialbe with SharePoint server 2016 if you use SQL Server 2016 CTP 3.1.

New version will not be released for SharePoint Designer,InfoPath. Older version(2013) will be there and supported.

Thursday, 4 August 2016

SharePoint Server 2016 Hardware and Software Requirements

SharePoint 2016 has been released on 14 March 2016 with new features and updates to existing features.

I have completed a Single-Server installation of SharePoint Server 2016 with Database server on a separate machine. Below are the hardware & software requirements and Installation prerequisites.

Hardware Requirements:

Deployment type
Hard disk
Database server running a single SQL instance
64-bit, 4 cores
12-16 GB
80GB for system drive
100GB for second drive
Database server running a single SQL instance
64-bit, 4 cores
16-24 GB
80GB for system drive
100GB for second drive
Web server or application server in a three-tier farm
64-bit, 4 cores
8-12 GB
80GB for system drive
100GB for second drive
Web server or application server in a three-tier farm
64-bit, 4 cores
16-24 GB
80GB for system drive
100GB for second drive

Software Requirements:

Installation media
Operating System
Windows Server 2012 R2 – with latest updates
Database Server
Windows Server 2012 R2 – with latest updates
SQL Server 2014 SP1 – x64
Note: SQL Server Express is not supported.
SharePoint Server
Windows Server 2012 R2 – with latest updates
SharePoint Server 2016 Preview

Prerequisites for SharePoint 2016:

  • Web Server (IIS) role
  • Application Server role
  • Microsoft SQL Server 2012 Native Client
  • Microsoft ODBC Driver 11 for SQL Server
  • Microsoft Sync Framework Runtime v1.0 SP1 (x64)
  • Windows Server AppFabric
  • Microsoft Identity Extension
  • Active Directory Rights Management Services Client 2.1
  • Microsoft WCF Data Services 5.6
  • Microsoft .NET Framework version 4.6
  • Cumulative Update Package 7 for Microsoft AppFabric 1.1 for Windows Server (KB 3092423)
  • Visual C++ Redistributable Package for Visual Studio 2012
  • Visual C++ Redistributable Package for Visual Studio 2015

Thursday, 24 March 2016

Intermittent email failure in SharePoint 2010 Workflow

Recently I had a production Workflow issue. Everything works in Dev, QA & UAT but not in production.

In our case, for the site content type we have enabled the retention from information management policy settings. And declared record to start the custom workflow to manage the retention on records.

The problem we are having is that we use Information Management Policy timerjob to start the workflow asynchronously and its working for some time and suddenly emails are missing for new file uploads, also not creating the workflow history.

Root Cause:
I was reviewing and comparing the configuration of all the individual SharePoint servers (We have 4 web servers and 4 application servers in this landscape) and I found one inconsistency. One of the component, SharePoint Foundation Workflow Timer Service (SFTS) is enabled on 6 servers and it is disabled on the other two servers. 

Based on my research(see below) this component should be disabled on application servers. When we had 2 web servers and 2 app servers, this service is disabled on application servers correctly. After some time as part of new application Go live, we added 2 additional web servers and 2 application servers to this farm and this service was not disabled on these two additional application servers. To my knowledge the first notification failure happened after we added additional capacity. After stopping this service in newly added 2 APP servers ,the workflow works perfectly.

We have observed workflow behavior for couple of weeks and we haven't seen any issue so far due to stopping the Microsoft SharePoint Foundation Workflow Timer service on app Servers.

There is no error message in the log files that indicates that this is the root cause, but based on various technical forums this is the root cause for intermittent workflow issues.

Summary of the solution:

During processing of delay activity by workflow, Information management policy timer job is scheduled on the servers where the SharePoint Foundation Workflow Timer Service(SFTS) is running. To execute the SFTS job, server(WFE/APP) will try to process the workflow execution and this requires workflow assembly to be available on the server.

So workflow assembly is missing from the server, HOW ?

This service(SFTS) is automatically configured to run on all Web servers in the farm and it is recommended to run on the Web server according to the Topologies for SharePoint Server 2010.

When we deploy the WSP solution, workflow assemblies will be copied to those servers which has WFE role(SharePoint foundation web applicant service=True) see below link.

In my case SFTS service is running on 2 Application servers where WFE role is not running. So to fix the issue I have stopped the SFTS service on App servers.

Tuesday, 15 March 2016

Retrieve Credentials from Secure Store Service

What is Secure Store Service ?

The Secure Store Service Application (SSS) was added in SharePoint 2010 as a replacement for 2007’s Single Sign On feature.

Secure Store Service is a shared service that provides storage and mapping of credentials such as account names and passwords. It enables you to securely store data that provides credentials required for connecting to external systems and associating those credentials to a specific identity or group of identities.

It is commonly used for access to data for Business Connectivity Services, Excel Service Applications and Visio Service Applications.

For example, if a user named JOHN has one account on the SharePoint server and another in a CRM application, the Secure Store mechanism enables his CRM credentials to be stored with his user profile in SharePoint Server. As a result, if he uses a Microsoft Business Connectivity Services (BCS) solution in SharePoint Server to obtain data from the CRM application, SharePoint Server looks up the Secure Store Service database on the server and provides his credentials to CRM. In in this manner, JOHN will automatically logs on to the CRM application without having to log onto the CRM application separately.

Don't remember Credentials ?
There is no way to retrieve the credentials from Central Admin that you set up in one of your Secure Store Application entries.

Just run the script below on your SharePoint server and this will list all Secure Store User Names and Passwords.

$serviceCntx = Get-SPServiceContext -Site http://SiteURL

$sssProvider = New-Object Microsoft.Office.SecureStoreService.Server.SecureStoreProvider
$sssProvider.Context = $serviceCntx

$marshal = [System.Runtime.InteropServices.Marshal]

    $applications = $sssProvider.GetTargetApplications()
    foreach ($application in $applications)
       Write-Output "`n$($application.Name)"
        Write-Output "$('-'*80)"
            $sssCreds = $sssProvider.GetCredentials($application.Name)
            foreach ($sssCred in $sssCreds)
                $ptr = $marshal::SecureStringToBSTR($sssCred.Credential)
                $str = $marshal::PtrToStringBSTR($ptr)

                Write-Output "$($sssCred.CredentialType): $($str)"
            Write-Output "Error getting credentials!"
        Write-Output "$('-'*80)"
    Write-Output "Error getting Target Applications."


Refer the below link to Create, Configure, Consume SharePoint 2010 Secure Store in Business Connectivity Services

Monday, 14 March 2016

PowerShell Script for Password encrypt, decrypt using secure key

Create/generate a key beforehand in separate script:

Advanced Encryption Standard(AES) encryption only supports 128-bit (16 bytes), 192-bit (24 bytes) or 256-bit key (32 bytes) lengths, so we’ll need to create or generate an appropriate key. Let’s create a byte array of ascending numbers. We will use a 192-bit key, so we’ll need a 24-byte array. 

Generate Secure Key :

 [parameter(Mandatory=$true, Position=0)]
 [string] $File = $null,
 [parameter(Mandatory=$false, Position=1)]
 [string] $length = 24
$Key = New-Object Byte[] $length
$Key | out-file $File
Once you generate the secure key, you will be able to use the key file to encrypt or decrypt the password from any machine.

Encrypt Password using key:

 [parameter(Mandatory=$true, Position=0)]
 [string] $PW = $null,
 [parameter(Mandatory=$true, Position=1)]
 [string] $SecureKeyFile = $null
$Key = Get-Content $SecureKeyFile
$Encrypted_PW = $PW | ConvertTo-SecureString -AsPlainText -Force
Write-Host "Encrypted password with $SecureKeyFile" -ForegroundColor "Cyan"
Write-Host "******************************************" -Foregroundcolor "Yellow"
$Encrypted_PW | ConvertFrom-SecureString -key $Key | Write-Output
Write-Host "******************************************" -Foregroundcolor "Yellow"
Decrypt Password using key:

 [parameter(Mandatory=$true, Position=0)]
 [string] $EncryptedPW = $null,
 [parameter(Mandatory=$true, Position=1)]
 [string] $SecureKeyFile = $null
$Key = Get-Content $SecureKeyFile
$account = $env:userdomain + "\" + $env:username
$clearpw = (New-Object -TypeName System.Management.Automation.PSCredential -Argumentlist $account, (ConvertTo-SecureString -String $encryptedPW -key $key)).GetNetworkCredential().Password;
Write-Host "Password decrypted with $SecureKeyFile" -ForegroundColor "Cyan"
Write-Host "******************************************" -Foregroundcolor "Yellow"
$clearpw | write-Output
Write-Host "******************************************" -Foregroundcolor "Yellow"