Optimising the SharePoint 2010 IW Demo VM Part 2

Continuing on from Part 1, in this post I’ll discuss the Microsoft 2010 Information Worker Demo Exchange VM, the SahrePoint VM’s event logs and potential future improvements to the environment.

Exchange Server Reconfiguration

Tidying up the Exchange server is a much more straight-forward process. In fact, all of the changes that I made are network orientated per the network changes from the first post, so if you are not adding a second NIC or a second fixed IP address on the original internal NIC, these steps aren’t necessary.

  • Import the virtual machine. Plug the Hyper-V Internal Network in to the first NIC and add a second NIC with the Hyper-V ICS Network plugged in to it.
  • The initial IP address is 192.168.150.2.
  • Rename the Local Area Connection NIC to Hyper-V Internal Connection (or your preference).
  • Rename the Local Area Connection 2 (or maybe 3) NIC to Hyper-V ICS Connection (or your preference).
  • In IPv4 properties on the Hyper-V ICS Connection, change the Advanced TCP/IP Settings to not “Register this connection’s addresses in DNS”, as it is dynamic.
  • I disabled IPv6 on both NICs as it is already disable on our host’s network connections.
  • Add a second IPv4 address to the Hyper-V Internal Connection:  192.168.200.151/255.255.255.0.
    • Added the same address on the DNS tab for this NIC.
  • Check DNS to make sure the new address was added.
  • Added a HOSTS file entry for demo2010b pointing at 192.168.200.151.
  • Tested logging on via Remote Desktop from the Host machine.

Shutdown/snapshot and optionally export the VM if time/resources permit.

Reviewing SharePoint Server event logs

This section details my review of the event logs in the shipped state. I did not take any action except for the last two items regarding DCOM fixes and the SharePoint Health Logs. I believe that most of these errors are probably an effect of running so many things in one environment, but I’d welcome comments if you have any insight to share.

  • SetSPN for WSMAN warnings: The WinRM service failed to create the following SPNs: WSMAN/demo2010a.contoso.com; WSMAN/demo2010a.
    Additional Data
    The error received was 8344: %%8344.
    User Action
    The SPNs can be created by an administrator using setspn.exe utility.

    Presumably these SPNs can be created manually or the rights to create the SPNs can be assigned to the WinRM service account if needed, but I am not making any changes here until I see that it is necessary to do so. There are some Kerberos Audit Failures in the security logs but since the SharePoint environment is self-contained and there are no secondary hops, I don’t think this is worthwhile.
  • VSS Error 8320: Volume Shadow Copy Service error: Failed resolving account Administrator with status 1376. Check connection to domain controller and VssAccessControl registry key.
    Operation:
    Initializing Writer
    Context:
    Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
    Writer Name: WMI Writer
    Error-specific details:
    Error: NetLocalGroupGetMemebers(Administrator), 0x80070560, The specified local group does not exist.
    There are a number of articles that discuss fixes for this Warning but since this is an unusual configuration (SharePoint/SQL on a DC) and the warning is about the “Administrator” account, I am hesitant to make this change, for fear of introducing instability. Further reading at Experts Exchange, Technet and AnandTech.
  • There are two errors regarding the ULS config file, 7105 and 7056. I’m honestly unsure what to make of these errors since they refer to C:Program FilesCommon FilesMicrosoft SharedULS14uls.config.xml and I’m not certain how that is used in generating the ULS log files for SharePoint which are appearing normally at C:Program FilesCommon FilesMicrosoft SharedWeb Server Extensions14LOGS. Not taking any action for now.
  • Microsoft.ResourceManagement.ServiceHealthSource Error 22:
    The Forefront Identity Manager Service cannot connect to the SQL Database Server.
    The SQL Server could not be contacted. The connection failure may be due to a network failure, firewall configuration error, or other connection issue. Additionally, the SQL Server connection information could be configured incorrectly.
    Verify that the SQL Server is reachable from the Forefront Identity Manager Service computer. Ensure that SQL Server is running, that the network connection is active, and that the firewall is configured properly. Last, verify the connection information has been configured properly. This configuration is stored in the Windows Registry.
    This error seems to occurs before the FIM Sync service starts, which may or may not be a related issue. The User Profile Service Application is available though, so I believe this has something to do with this connection attempt occurring before the Service Application is able to connect with SQL.
  • CAPI2 Error:
    Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
    This issue seems to have emerged in July of this year on Windows 7 and Windows Server 2008 R2 machines. Unfortunately there’s no clear resolution at this time, but also no clear negative impact on this system, so I’m not taking any action for now.
  • DCOM 10016 error. A fix for this has been documented well by Matt Groves.
  • SharePoint Health Reports:
    • Almost all of the warnings and errors in the Health Report are either one-time issues that no longer exist or are symptoms of the single-server install on a DC.
    • An exception to this is the “Validate the My Site Host and individual My Sites are on a dedicated Web application and separate URL domain” message, which is accurate. The environment has not been configured with a dedicated MySite application.
    • The one other issue was “The Unattended Service Account Application ID is not specified or has an invalid value”. This has not been set up in the VM and will need to be configured in the Secure Store Service if it will be used.
    • I have chosen to disable all of these rules, as they are undesirable in a demo environment. I also deleted the existing alerts.

Pending

As I mentioned above, I hope to revisit this VM and create new snapshots that will reduce load by disabling bulky services. This snapshot branch might resemble something like this:

  • Current state, as above
    • Most SharePoint Services turned off in Services on Server
    • BI Indexing Connector Service , FAST, OCS and Project Server removed. All SharePoint Services turned on
    • As above, but with FAST
    • As above, but with OCS
    • As above, but with Project Server
    • BI Indexing Connector Service , FAST, OCS and Project Server removed. All SharePoint Services turned off
    • As above, but with Search/FAST
    • As above, but with OCS
    • As above, but with Project Server

I really haven’t planned this yet or discussed these options with users of this environment, so it could wind up looking completely different. Also, this many snapshots would probably chew up too much disk space and get confusing for the users. But watch this space for updates as I hope to revisit the topic again. And please feel free to suggest other optimisations or additions that work well for you.

2 thoughts on “Optimising the SharePoint 2010 IW Demo VM Part 2”

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.