Active Directory Account Creation Mode in SharePoint 2010

Earlier this week, I had the misfortune of generating an error I’d never seen before when building a new SharePoint Server 2010 farm. The error first emerged when the SharePoint installation process landed me at the Farm Configuration Wizard page. I wouldn’t have been running it (not advisable ever, really), but it’s the first page that loads after the Product Configuration Wizard completes, so my first Central Administration page was this error:

The page cannot be displayed because your server’s current configuration does not support it. To perform this task, use the command line operations in Stsadm.exe.

How odd, given the emphasis on PowerShell in SharePoint 2010! After a bit of head scratching and examining application and ULS logs, I navigated to the Central Admin home page and everything appeared to be fine, but then when I got around to creating a new Site Collection a bit later, I got the same error, even though I was able to create web/service applications. I had the same error when logged on as farm admin, farm admin + local admin rights, farm admin + SQL SysAdmin and farm admin + domain admin rights, so I was pretty sure it wasn’t a permission issue (and I should note my temporary fiddlery here is only really suitable for non-production environments). This error also occurred on some other Site Collection-specific pages.

Continue reading “Active Directory Account Creation Mode in SharePoint 2010”

SharePoint Server 2010 Search Scopes and Pre-Windows 2000 Compatibility Access

Back in the pre-release days of SharePoint 2010, one of the most reliable sources of information on infrastructure issues was Russ Maxwell’s SharePoint Brew blog. It’s still a great resource, although he’s posting less frequently now than he was during the beta. In this post I want to share my findings regarding Pre-Windows 2000 Compatibility Access group rights in Active Directory. Everything I have to say is supplementary to Russ’s foundational explanation of Why the tokenGroupsGlobalAndUniversal (TGGAU) attribute matters in SharePoint 2010. I’m picking the discussion up from his closing comment, “At a minimum, certain service accounts like the search service account need to be a member of this group.”

Continue reading “SharePoint Server 2010 Search Scopes and Pre-Windows 2000 Compatibility Access”

Amazon VPC and VM Import Updates

In the last couple of weeks I’ve received notification of two important updates regarding Amazon Web Services. I thought I’d share them here, as they are both relevant to use of SharePoint 2010 on EC2 and I’ve seen no mention of them elsewhere. If you’re interested in this broader topic, I’ve covered it in detail here:

 

My commentary here assumes some familiarity with these earlier posts. This is new functionality that enables new design options. These options should make SharePoint 2010 on EC2 more appealing for a few specific uses.

Continue reading “Amazon VPC and VM Import Updates”

People Search Result Organisation Browser Link Doesn’t Respect Alternate Access Mappings

My colleague Anthony Clegg and I have recently been working on a project together, for which I’ve designed and delivered the infrastructure, while he’s been delivering the solution. As part of my design, I extended the SharePoint Web Applications from the default HTTPS zones to new HTTP zones, exclusively for crawling. This approach has been around for some time, but there’s a new wrinkle on the SharePoint 2010 Enterprise Search Centre People Search results page, which I’ll discuss here:

Continue reading “People Search Result Organisation Browser Link Doesn’t Respect Alternate Access Mappings”

Exams 70-667 and 70-668

I’ve just completed exams 70-667 and 70-668 yesterday and today, making me an MCITP: SharePoint Administrator 2010. Woohoo! But this is not an own-horn-tooting exercise; I have a tip to offer on sitting these exams.

As I started preparing for these exams last week, I was under the misapprehension that there was very little in the way of guidance on the Microsoft Learning site. I think I perceived things this way because there wasn’t much to go on when the exams were first launched. But when I checked again last week I was happy to find a link to a learning plan from the Preparation Materials tab of the 70-667 page. Unfortunately, the 70-668 page does not contain a link to a learning plan (it’s listed but unlinked), but it does exist! I just searched for it on the Training Catalogue.

Continue reading “Exams 70-667 and 70-668”

Conficker Protection Breaks Search

A couple of months ago I was happily building a client’s SharePoint Server 2010 farm when I stumbled at Search. The Service Application provisioned fine, but when I pushed out topology changes I started to have problems. Later, these problems returned in different forms, but the root cause appears to have been consistent. In this post I will review the symptoms, the single fix and the reason why this issue emerged in this environment. I’ll also look at some unexpected permission changes that occur when new servers receive Search Service Instances.

Continue reading “Conficker Protection Breaks Search”

Testing Manage Patch Status

In my last post I discussed how the Product Version Job timer job uses the Windows Installer Service to query the installed state of SharePoint 2010 servers and how the Manage Patch Status page in Central Administration displays this information. I also touched on my reservations about what we can infer from this data. In this post, I’m diving a bit deeper in to that question.
Continue reading “Testing Manage Patch Status”

Inside Manage Patch Status

Back in August, I stumbled across a new type of DCOM 10016 error in SharePoint 2010, caused by the Product Version Job timer job. When I found the error, I was primarily concerned with keeping my event logs clean. Since then, the inelegance of my original work-around and the incomplete picture I contented myself with at the time began to nag at me, but I only recently started digging deeper, prompted largely by the fact that this topic has generated more traffic to my blog in the last quarter than any other.

Continue reading “Inside Manage Patch Status”

Office Web Apps Infrastructure Considerations

I’ve recently been involved in a somewhat unusual client engagement, in that I was designing and delivering the infrastructure without knowing the shape of the IA or solution architecture. Obviously, this imposed some restrictions on what we could define, but it also meant that I had to handle some aspects of the engagement that would normally be taken care of by other colleagues. To that end, I suppose some of these considerations aren’t purely infrastructure-specific, but they could be in an engagement like this one and they’re things that infrastructure people should understand. Hopefully it’ll be useful for solutions people as well.

Continue reading “Office Web Apps Infrastructure Considerations”