SharePoint Experts, Information Architects, Expert Witness

We provide consulting in a broad array of business and technology from architecture to design to deployment of global systems with a focus on surfacing data in the enterprise. Specialists in Microsoft, we are a premier provider of SharePoint Expertise (including 2016 and Office 365). We also provide Expert Witness/Legal Expert in eDiscovery, source discovery, patent infringement, piracy and more! We also have established SICG DLDS s.a. - our counterpart in Costa Rica that specializes in water systems (http://www.crwatersolutions.com) - Contact me direct: david_sterling@sterling-consulting.com or call 704-873-8846 x704.

Search This Blog

Saturday, September 8, 2018

Get the Public Key Token for a strongly named assembly in Visual Studio

So this is a rehash of an older post by Jeremiah Clark - original URL at the bottom of this post.

I have often needed to get the Public Key Token of a strong named assembly and have always done it by hand using sn.exe or the folder method. So the issue is how to get the Public Key Token easily - particularly when you need to create a Safe Control or otherwise add it to the web.config file. Of course, you can always build it, deploy to the GAC and find it in the c:\Windows\Microsoft.net\assembly folder under the appropriate folder:

GAC_32 = 32 bit
GAC_64 = 64 bit
GAC_MSIL = Any CPU

You'll find it there and the Public Key Token is part of the folder name. However, this is a pain - so this method turned out to work outstandingly well.

Step 1 - Find where sn.exe resides - where it is depends on which version of Visual Studio you are running. Open the Developer Command Window and type in:

where sn.exe

In my case, it found it under c:\Program Files (x86)\Microsoft SDKs\Windows\v10.0a\bin\NETFX 4.6.1 Tools\sn.exe:


Step 2 - Open Visual Studio, click Tools in the tool bar then select External Tools. When the pop up opens, click Add. Set the Title, Command and Arguments:

Title = Get SN Token
Command = c:\Program Files (x86)\Microsoft SDKs\Windows\v10.0a\bin\NETFX 4.6.1 Tools\sn.exe (the path to sn.exe)
Arguments = -T $(TargetPath)

Next, click the Checkbox to Use Output Window

This looks like this:

Click OK to save it.

Step 3 - Get the Public Key Token. When the project is opened (and you've built it at least once), just click Tools in the tool bar and select Get SN Token - this opens the output window as shown:


Done deal!

Jeremiah's original post





Monday, May 28, 2018

Remote Desktop Access (On-Premise & Azure) Error "CredSSP Encryption Oracle Remediation"

So, recent update in Microsoft has broken RDP across the globe. It's not necessarily a server problem, but many (unfortunately) allow for Automatic Update on their laptop/desktop and Microsoft added this update without any notice. When you try to RDP (Remote Desktop Connection), the error is "CredSSP Encryption Oracle Remediation" - The error will look similar to this:



So, if you are using servers on-premise, the only fix is to a) run update on all systems you intend to use RDP with (laptops, desktops, etc.) then b) run update on ALL of the servers you intend to connect to. A REAL pain, but the only way to fix it properly. I know the pain - I had to spend an entire weekend running updates (some 'packaged' which always makes me nervous in what is actually in it) and test every server.

Now, if you are using Azure, you will come across the same error - this one is a bit tricky but fortunately, a post on this shows the fix:

https://blogs.technet.microsoft.com/mckittrick/unable-to-rdp-to-virtual-machine-credssp-encryption-oracle-remediation/

Mitigation 1 was my choice - if you use this, after completing the change, open a command window as Administrator and run:

gpupdate /force

You need permissions to do this OR you have to talk to your system administrator(s) and get a global change.

Use Mitigation 2 ONLY if you have to!

UPDATE: Microsoft's May 2018 Security Update will fix this permanently however a reboot is required so plan accordingly - look for KB4103725 to download if it doesn't work with Windows Update (we had to try on a few servers several times - only accessible through the Hyper-V and VMWare consoles so were down for quite awhile; update would fail after 20 minutes or so).

Sunday, May 27, 2018

Start-SPAdminJob doesn't work

Old one but worth remembering - the Start-SPAdminJob doesn't work as you'd expect - entering the command by itself (and with -Verbose or any other options), you get an error (click the image to expand):


The fix is not really documented - you have to stop the SPAdmin (SharePoint Administration Services through Services.msc or PowerShell), run the cmdlet then start the service again. For 2013, it's:

Net Stop SPAdminV4
Start-SPAdminJob
Net Start SPAdminV4

Remember too that for now, stsadm -o execadmsvcjobs still works (use the Management Shell so you don't have to change directories).

ALWAYS USE Run as administrator when opening the Management Shell for best results!


Friday, March 23, 2018

Generate a detailed report about every document in your site collection SP13/16

Like many of you, I've searched for many a way to find out what's in the SharePoint site. I had a specific need to get a list of documents in the site collection and was not able to access my own so I came across a post that turned out to be 'almost' what I needed but was crude in what it did.

Thus this, the enhanced script to generate a detailed report about every document in your site collection. This is an excellent tool for integration with CRM or LOB systems!

NOTE: You have to modify the Reflection to update to 16. This one is for 13:

Download the Script here



Tuesday, February 27, 2018

Screen Timeout in Windows Server

If you are like me, doing development on servers can be a pain when the screen keeps locking. Having to login again and again gets to be a real pain. I did find the solution for this and while I'd like to send a kudos, I cannot find the original link so I am documenting it here.

The default setting for Windows is to timeout after 1 minute - this can be very agitating when working on something. The purpose of this change is to a) Remove the password requirement and b) Disable the timeout (or  you can set the timeout to something longer like 10 minutes).

To start off with, you MUST login using the Administrator account. While an Admin account can change the Registry, power settings can only be changed by the Administrator.

Step 1: Modify the Registry

By default, the option to change the timeout is not available (and in fact not shown). To get this to show, we have to modify the registry setting to enable it.

Open a command window (running As Administrator) and enter Regedit (or use the Run command). When the Registry opens, navigate to:

HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control/Power/PowerSettings

Locate the GUID 7516b95f-f776-4464-8c53-06167f40cc99 and expand it. Next locate the GUID 8EC4B3A5-6868-48c2-BE75-4F3044BE88A7 and click to open it. On the right hand side, you'll see "Attributes":


Double click on Attributes and change the value from 1 to 2:


Click OK to save the change and close Regedit.

Step 2: Open the Control Panel

When you open the control panel, use the Search box to search for the word "power" - this will bring up the Power Options. Click on Change power-saving settings:


If you are not the Administrator, you'll know because the options will be grayed out:
As Administrator, this option is enabled - click Change plan settings:
Next, click the Change advanced power settings link:

The first option you can change is the Password on Wakeup - set this to Yes or No:


Scroll down to the 'Display' section - this is where you can set the timeout - by default, this is One Minute:


To disable completely, set this value to 0 otherwise you can set the value to however many minutes you want:

Click the Apply button and close everything out.

That's it! No more timeout!





Saturday, February 17, 2018

Status of DBCC Shrink or Shrink through the GUI SQL Server

A note so I don't forget - if while doing a Database Shrink, you may want to know the status - the TSQL command is this:

SELECT percent_complete, start_time, status, command, estimated_completion_time, cpu_time, total_elapsed_time
FROM sys.dm_exec_requests
WHERE command = 'DbccFilesCompact'

Here's the detail on the table:

https://docs.microsoft.com/en-us/sql/relational-databases/system-dynamic-management-views/sys-dm-exec-requests-transact-sql

The key field you may be interested in is estimated_completion_time - to get the hours/minutes, use this:

Select dateadd(s, convert(bigint, <value>) / 1000, convert(datetime, ''))

For example:

Select dateadd(s, convert(bigint, 162114) / 1000, convert(datetime, ''))

will return '1900-01-01 00:02:42.000', i.e. 2 minutes, 42 seconds.

Be aware that the estimated_completion_time is just that, estimated but it will give you a rough idea on if you should grab another cup of coffee or go out to lunch.


Sunday, February 11, 2018

The attempted operation is prohibited because it exceeds the list view threshold enforced by the administrator

You may catch this error when working with lists:

The attempted operation is prohibited because it exceeds the list view threshold enforced by the administrator

There are several fixes to this, most notably by updating the thresholds in the web application settings in Central Administration (on premise) but you can't do it on Online.

However, even working with both on-premise and online developing a 'recent file/folder/doc set' view tool, it became apparent that changing the view limits didn't make a difference anyway. 

For little queries (a single list with a few thousand items) you don't usually see this. However, if you are doing web wide, SiteColllection or Recursive queries, this becomes a real problem in a live site setup.

It turns out that it's all in the CAML query - yes, yet another anomaly we find that's never documented. So the issue that in the CAML query, we have to be careful what we use in terms of nesting - a query can be really long (for example, filtering out using <Neq> to eliminate specific file types - for example, xml, xsl, css using the DocIcon field) or short HOWEVER, if your CAML query includes both <And> and <Or> viola, you get the error.

My assumption here is that the OR query portion means there's too much hashing going on to properly calculate the number of rows it will return (FYI Row Limit doesn't fix this). 

The fix can be a pain but it works - make sure that you ONLY use <And>. This can complicate your queries but if you think them through, you can always work it out.

UPDATE: This MAY not fix it either. It turns out that if the database is exceedingly large (like over the limit), the error still occurs.

One other tidbit: 

If you are looking for recently created or modified files (and folders, etc.), be sure to only use the Modified date in the query (if you use Created then Or Modified, the query blows up as above). Remember that the Created/Modified dates are always filled when created so you do have add some logic to split them (i.e. If Created = Modified the status is "created" - if Modified greater than Created, status = modified).