SharePoint Experts, Information Architects, Expert Witness

We provide consulting in a broad array of business and technology from architecture to design to deployment of global systems with a focus on surfacing data in the enterprise. Specialists in Microsoft, we are a premier provider of SharePoint Expertise (including 2016 and Office 365). We also provide Expert Witness/Legal Expert in eDiscovery, source discovery, patent infringement, piracy and more! We also have established SICG DLDS s.a. - our counterpart in Costa Rica that specializes in water systems (http://www.crwatersolutions.com) - Contact me direct: david_sterling@sterling-consulting.com or call 704-873-8846 x704.

Search This Blog

Saturday, November 30, 2013

Moving SharePoint IIS Sites Off of the System Drive

As you may be aware, SharePoint always installs sites on the C (system) drive by default. While this is fine for a development system, this is obviously not what is desired in a production environment.

There are multiple posts on how to do this but kudos to Jeremy Taylor - his post covers it all:

http://www.jeremytaylor.net/2012/04/10/moving-sharepoint-sites-off-the-system-drive-changing-iis-virtual-directories/

A few things to note about this:
  1. The Drives must match on ALL systems that will host IIS - this means the Web Front Ends (WFE's), the Application Servers and the Search Servers - the SAME drive letter must be used for all servers.
  2. Go ahead and follow the installation up to creating the Central Administration site.
  3. If this is a VM, take a SNAPSHOT BEFORE you do this!
  4. Run the command/batch script to move the IIS sites to a new drive - use the Command Prompt and select Run as administrator (NOTE: Moving IIS sites before or after the creation of Central Administration doesn't matter - the SharePoint install has the c: drive hardcoded and you can change it until after the fact).
  5. After IIS sites have been moved, use the PowerShell script to move Central Administration; open the SharePoint 2013 Command Shell and be sure to select Run as administrator.
  6. After running the PowerShell script, you MUST change the CA directory manually in IIS (see image below)
  7. Once this has been completed, be SURE to run an IISRESET (use the Command Prompt selecting Run as administrator)
  8. Verify that Central Administration is working,
  9. Run the Move IIS script on ALL other servers that will be hosting IIS.



Again note - if you are using Virtual Machines, perform a snaptshot before performing any of these steps!!

In case you have difficulty getting to the post, I've included the scripts here - remember that MOVE_IIS_ROOT.bat must be run on EVERY server hosting IIS and map to the SAME DRIVE!

To run both scripts, you MUST be sure that you use 'Run as administrator' - this is good habit for anything having to do with SharePoint 2013! 

Running the PowerShell script is only required on servers that will host Central Administration.

MOVE_IIS_ROOT.bat:

REM PLEASE BE AWARE: SERVICING (I.E. HOTFIXES AND SERVICE PACKS) WILL STILL
REM REPLACE FILES IN THE ORIGINAL DIRECTORIES. THE LIKELIHOOD THAT FILES
REM IN THE INETPUB DIRECTORIES HAVE TO BE REPLACED BY SERVICING IS LOW 
REM BUT FOR THIS REASON DELETING THE ORIGINAL DIRECTORIES (on C:)
REM IS NOT POSSIBLE. 

@echo off
IF "%1" == "" goto err
setlocal
set MOVETO=%1:\

REM simple error handling if drive does not exist or argument is wrong 
IF NOT EXIST %MOVETO% goto err

REM Backup IIS config before we start changing config to point to the new path
%windir%\system32\inetsrv\appcmd add backup beforeRootMove


REM Stop all IIS services
iisreset /stop

REM Copy all content 
REM /O - copy ACLs
REM /E - copy sub directories including empty ones
REM /I - assume destination is a directory
REM /Q - quiet

REM echo on, because user will be prompted if content already exists.
echo on
xcopy %systemdrive%\inetpub %MOVETO%inetpub /O /E /I /Q
@echo off
REM Move AppPool isolation directory 
reg add HKLM\System\CurrentControlSet\Services\WAS\Parameters /v ConfigIsolationPath /t REG_SZ /d %MOVETO%inetpub\temp\appPools /f

REM Move logfile directories
%windir%\system32\inetsrv\appcmd set config -section:system.applicationHost/sites -siteDefaults.traceFailedRequestsLogging.directory:"%MOVETO%inetpub\logs\FailedReqLogFiles"
%windir%\system32\inetsrv\appcmd set config -section:system.applicationHost/sites -siteDefaults.logfile.directory:"%MOVETO%inetpub\logs\logfiles"
%windir%\system32\inetsrv\appcmd set config -section:system.applicationHost/log -centralBinaryLogFile.directory:"%MOVETO%inetpub\logs\logfiles"
%windir%\system32\inetsrv\appcmd set config -section:system.applicationHost/log -centralW3CLogFile.directory:"%MOVETO%inetpub\logs\logfiles"

REM Move config history location, temporary files, the path for the Default Web Site and the custom error locations
%windir%\system32\inetsrv\appcmd set config -section:system.applicationhost/configHistory -path:%MOVETO%inetpub\history
%windir%\system32\inetsrv\appcmd set config -section:system.webServer/asp -cache.disktemplateCacheDirectory:"%MOVETO%inetpub\temp\ASP Compiled Templates"
%windir%\system32\inetsrv\appcmd set config -section:system.webServer/httpCompression -directory:"%MOVETO%inetpub\temp\IIS Temporary Compressed Files"
%windir%\system32\inetsrv\appcmd set vdir "Default Web Site/" -physicalPath:%MOVETO%inetpub\wwwroot
%windir%\system32\inetsrv\appcmd set config -section:httpErrors /[statusCode='401'].prefixLanguageFilePath:%MOVETO%inetpub\custerr
%windir%\system32\inetsrv\appcmd set config -section:httpErrors /[statusCode='403'].prefixLanguageFilePath:%MOVETO%inetpub\custerr
%windir%\system32\inetsrv\appcmd set config -section:httpErrors /[statusCode='404'].prefixLanguageFilePath:%MOVETO%inetpub\custerr
%windir%\system32\inetsrv\appcmd set config -section:httpErrors /[statusCode='405'].prefixLanguageFilePath:%MOVETO%inetpub\custerr
%windir%\system32\inetsrv\appcmd set config -section:httpErrors /[statusCode='406'].prefixLanguageFilePath:%MOVETO%inetpub\custerr
%windir%\system32\inetsrv\appcmd set config -section:httpErrors /[statusCode='412'].prefixLanguageFilePath:%MOVETO%inetpub\custerr
%windir%\system32\inetsrv\appcmd set config -section:httpErrors /[statusCode='500'].prefixLanguageFilePath:%MOVETO%inetpub\custerr
%windir%\system32\inetsrv\appcmd set config -section:httpErrors /[statusCode='501'].prefixLanguageFilePath:%MOVETO%inetpub\custerr
%windir%\system32\inetsrv\appcmd set config -section:httpErrors /[statusCode='502'].prefixLanguageFilePath:%MOVETO%inetpub\custerr

REM Make sure Service Pack and Hotfix Installers know where the IIS root directories are
reg add HKLM\Software\Microsoft\inetstp /v PathWWWRoot /t REG_SZ /d %mOVETO%inetpub\wwwroot /f 
reg add HKLM\Software\Microsoft\inetstp /v PathFTPRoot /t REG_SZ /d %MOVETO%inetpub\ftproot /f
REM Do the same for x64 directories
if not "%ProgramFiles(x86)%" == "" reg add HKLM\Software\Wow6432Node\Microsoft\inetstp /v PathWWWRoot /t REG_EXPAND_SZ /d %MOVETO%inetpub\wwwroot /f 
if not "%ProgramFiles(x86)%" == "" reg add HKLM\Software\Wow6432Node\Microsoft\inetstp /v PathFTPRoot /t REG_EXPAND_SZ /d %MOVETO%inetpub\ftproot /f

REM Restart all IIS services
iisreset /start
echo.
echo.
echo ===============================================================================
echo Moved IIS7 root directory from %systemdrive%\ to %MOVETO%.
echo.
echo Please verify if the move worked. If so you can delete the %systemdrive%\inetpub directory.
echo If something went wrong you can restore the old settings via 
echo     "APPCMD restore backup beforeRootMove" 
echo and 
echo     "REG delete HKLM\System\CurrentControlSet\Services\WAS\Parameters\ConfigIsolationPath"
echo You also have to reset the PathWWWRoot and PathFTPRoot registry values
echo in HKEY_LOCAL_MACHINE\Software\Microsoft\InetStp.
echo ===============================================================================
echo.
echo.
endlocal
goto success

REM error message if no argument or drive does not exist
:err
echo. 
echo New root drive letter required. 
echo Here an example how to move the IIS root to the F:\ drive:
echo. 
echo MOVEIISROOT.BAT F
echo.
echo. 

:success


MOVE_CA_SITE.ps1:

Add-PsSnapin Microsoft.SharePoint.PowerShell -erroraction SilentlyContinue
[VOID][reflection.assembly]::LoadWithPartialName("Microsoft.SharePoint")

$CentralAdminURL = Read-Host "Enter the Central Admin URL"

$CANewVirtualDirectory = Read-Host "Enter the new virtual directory you want to change it to"

$CASite = new-object Microsoft.SharePoint.SPSite($CentralAdminURL)
$CAWebApp = $CASite.WebApplication
 
$VirtualDirectory = $CAWebApp.IisSettings[[Microsoft.SharePoint.Administration.SPUrlZone]::Default]

Write-host Your current virtual directory for $CentralAdminURL is $VirtualDirectory.Path
Write-host This will be set to $CANewVirtualDirectory

Write-Host "Press any key to continue..."
$x = $host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")

xcopy $VirtualDirectory.Path $CANewVirtualDirectory /I /E /H /O /X /K
 
$VirtualDirectory.Path = $CANewVirtualDirectory
$CAWebApp.Update()


Write-Host -fore green Success!! 
Write-Host IMPORTANT: -back blue Your virtual directory for $CentralAdminURL has been copied and updated in the Config Database. Please update IIS and point the Central Admin web site to the new virtual directory ($CANewVirtualDirectory). You would need to do an IISRESET on your Central Admin server and youre done!

$CASite.Dispose()

Write-Host "Press any key to exit..."
$x = $host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")





Tuesday, November 26, 2013

Automatic Refresh Fails in Windows Server 2012, Server Manager Kerberos Authentication Failed

Automatic Refresh fails in Windows Server 2012 when servers are in Clusters or in Server Manager added server shows "Kerberos Authentication Failed"


Had this issue when trying to setup a cluster in VMWare. It was a pretty odd error - when the server booted, the Server Manager showed a Red Flag with the message 'Refresh Failed'. In viewing the servers (All Servers), the second server indicated "Kerberos Authentication Failed". Oddly enough, in checking the 2nd server, low and behold, no errors at all. 

Issue turns out to be VERY simple - you MUST be logged in as a domain account that is included in the Administrators (i.e. Local Users and Groups Administrators) group; you cannot use any local system account. 

If you need to use the local administrator account for some reason, you can disregard these errors.