Tag: SharePoint 2010

ASP.NET Padding Oracle Fix and Risks

As most SharePoint, security and .NET professionals will know by now, a hotfix for the Padding Oracle vulnerability in ASP.NET was released out-of-band on Tuesday. A live TechNet Webcast with a Q&A was held with Dave Forstrom, Director, Response Communications and Dustin Childs, Senior Security Manager. I’ve put together these rough notes from that webcast, as I think this information needs to reach a wider audience.

This is intended to be a (very) rough guide to the webcast content, and I make no claims about the accuracy – I’ve purely attempted to repeat a small portion of what was discussed on the webcast – some of which was covered very quickly. If any of this is of particular interest, I suggest watching the webcast. I’m primarily interested in motivating people to apply the patch while repeating some of the considerations that should be… considered before doing so.

Continue reading “ASP.NET Padding Oracle Fix and Risks”

Save Behaviour in SkyDrive and Office Web Apps

Being the good SharePoint advocate that I am, I recently tried out the Office Web Apps in SkyDrive (Windows Live) for collaboration with my wife (primarily expenses spread sheets, etc). I’ve always found Google Docs to be lacking in many ways and I wanted to get more experience with the Office Web Apps since I typically use the full Office 2010 client at work. Despite a few annoyances, we were getting on reasonably well, especially since it’s free. I needed to crack a document open in the full version of Excel 2010 to format in anger once, but this is an acceptable compromise for a free, web-based document store.

Fast-forward to the other day and my wife decided to use the Office Web Apps to draft a document rather than using Microsoft Works or Open Office (the other options on her home laptop). Despite some slow responses periodically, all seemed to work well, or so she thought until she got in to work the next day and opened up a blank document.

Continue reading “Save Behaviour in SkyDrive and Office Web Apps”

BLOB Cache, HTTP 304 Results and F5/Refresh

A few months ago we launched a new website on SharePoint 2010. One of my main foci on the project was performance and caching is one of the most effective ways to achieve that for a WCM solution. We enabled Output, Object and BLOB caching,  configured exclusions as necessary and were quite pleased with the results, especially since issues with BLOB Caching in 2007 have been resolved in 2010.

A few weeks later I was demonstrating these approaches when it was pointed out that we were getting lots of 304 responses. They occurred with each request for a previously-downloaded BLOB Cached asset (more detail added below). Basically, I overlooked the max-age attribute in the BLOB Cache web.config settings. By default, this attribute isn’t present in the web.config file and I simply missed it. Adding this attribute eliminated the 304 results and the caching configuration was complete. Or so we thought.

Edit to provide more detail on the 304 status and Max-Age
A 304 response is a File Not Modified status (not an error), in this case indicating that the browser is making (potentially) surplus checks for each previously-downloaded BLOB Cached file. The max-age attribute gives the file a lifetime in the client’s browser cache in order to reduce these update checks. To be clear, the BLOB Cache stores large objects on web servers to reduce database traffic, but those objects can be served with a max-age attribute that will determine the object’s lifetime in the client’s browser cache. A max-age value of “14400” means that browsers will cache the file for four hours before checking for an update. This means that updates to BLOB Cached content may become stale if this value is set too high. A common value would be “86400” (24 hours) but we were satisfied with the balance at four hours. In our case, making this update has not yielded a perceptible increase in performance with the current levels of traffic, but it’s the sort of thing you want to set appropriately in order to optimise things and to allow the environment to scale.

Continue reading “BLOB Cache, HTTP 304 Results and F5/Refresh”

Product Version Job: DCOM 10016 strikes again

For some time now, IT professionals have been modifying DCOM activation rights in order to keep their System event logs clean. In SharePoint 2010, that fix became slightly trickier, as permissions to modify the DCOM permissions had to be granted through the registry for the IIS WAM REG admin service and oSearch14 DCOM applications. Having made these fixes, I’ve noticed a new breed of DCOM 10016 error.

The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{000C101C-0000-0000-C000-000000000046}
and APPID
{000C101C-0000-0000-C000-000000000046}
to the user <FARM ACCOUNT> SID (S-1-5-21-xxxxxxx….) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

The CLSID for this COM Server Application is MSIServer, used to activate the Windows Installer Service. You can find this by navigating to HKCRAppId and examining the details there:

Continue reading “Product Version Job: DCOM 10016 strikes again”

Optimising the SharePoint 2010 IW Demo VM Part 2

Continuing on from Part 1, in this post I’ll discuss the Microsoft 2010 Information Worker Demo Exchange VM, the SahrePoint VM’s event logs and potential future improvements to the environment.

Exchange Server Reconfiguration

Tidying up the Exchange server is a much more straight-forward process. In fact, all of the changes that I made are network orientated per the network changes from the first post, so if you are not adding a second NIC or a second fixed IP address on the original internal NIC, these steps aren’t necessary.
Continue reading “Optimising the SharePoint 2010 IW Demo VM Part 2”

Optimising the SharePoint 2010 IW Demo VM Part 1

Around the time that Microsoft released the public beta of SharePoint 2010 they also released a demonstration virtual machine, known as the 2010 Information Worker Virtual Machine, which was updated to RTM in mid-June. This is a fantastic resource for demonstrating SharePoint 2010. The content and demonstration scenarios (including walk-throughs) represent a huge investment from Microsoft and it would be foolish not to at least evaluate these assets. Personally, I think it’s silly to reinvent this wheel.

Now the public beta trial is expiring and people are moving to the RTM build. It appears to be much improved, in that more of the product works in this version and a few niggles have been fixed now. However, it’s widely acknowledged that the resource requirements for this virtual machine are gargantuan due to the breadth of what it offers.
Continue reading “Optimising the SharePoint 2010 IW Demo VM Part 1”

Scheduled Sitemap Generation for SharePoint 2010 Websites

As promised in my SharePoint 2010 SEO Analysis with the IIS SEO Toolkit post, while the IIS.NET SEO Toolkit does an excellent job of generating an initial sitemap and providing a nice GUI for ad hoc updates, it does not offer any obvious scheduling mechanism to ensure that your sitemap stays current with the changing content in your CMS. Thankfully, my colleague Glyn Clough whipped up some PowerShell to produce a full sitemap for your web application based on Jie Li’s initial script, which was scoped at the root web. Running this as a Windows scheduled task will get you a very up-to-date sitemap for all sites in your web application with very little on-going maintenance. Nice one Glyn!

Fixing the Usage and Health Data Collection Service Application Proxy

You may notice that the Usage and Health Data Collection Proxy is Stopped after deploying it in your environment. This is not just a matter of starting the service like it is with some Service Applications. In this case the SA proxy itself appears to be stopped.

Unfortunately I’ve found a problem with our development build, or rather, with SharePoint 2010. You may notice that the Usage and Health Data Collection Proxy is Stopped after deploying it in your environment. This is not just a matter of starting the service like it is with some Service Applications. In this case the SA proxy itself appears to be stopped. It appears that this is a known problem when provisioning this Service Application via the GUI. In fact, ours was created automatically as part of the Search Service Application creation process. At any rate, it doesn’t work in its current state in our environments, so it won’t actually collect any data.

To fix this just requires a couple of lines of PowerShell, courtesy of this article (to which I’ve added some clarification here).

Continue reading “Fixing the Usage and Health Data Collection Service Application Proxy”

SharePoint 2010 SEO Analysis with the IIS SEO Toolkit

The IIS.NET Search Engine Optimization (SEO) Toolkit provides a powerful analysis tool that can generate reports for web editors and can automatically generate sitemaps and robots.txt files as well. These reports not only provide insight in to page rank improvements but also help content editors identify missing/duplicate content and find broken links. This post provides an overview of how the tools can be used by content editors or web managers who do not have access to the server infrastructure and what you can expect to see when running an SEO Analysis against an out of the box SharePoint 2010 Publishing site. I will also review the server tools that generate sitemaps and robots.txt files.

Installing the SEO Toolkit

Although Remote Server Administration Tools can be installed on Windows Vista and Windows 7, I have produced the directions below on my Windows Server 2008 R2 desktop. The instructions should be fundamentally the same for any OS once IIS Manager is available locally, however it is installed. To be crystal clear, the SEO Toolkit can be used by anyone with Windows Vista, Windows 7, Windows Server 2008 or Windows Server 2008 R2. It is not a requirement to have access to the web server and it is not necessary to install IIS locally.

Continue reading “SharePoint 2010 SEO Analysis with the IIS SEO Toolkit”

SharePoint Redirections

In the lead-up to our SharePoint 2010 website launch I’ve been doing a fair amount of research in to the SEO Tools that work with SharePoint. We’ve been looking at automatic/scheduled generation of sitemaps, robots.txt management and conversion of 302 (temporary) to 301 (permanent) redirects. There are a couple of approaches to tackling the first two issues, which I’ll discuss in my next post, but this last issue is more peculiar to SharePoint, as you will have noticed if you’ve ever looked at Fiddler when you browse to the root of a path. For instance, if I browse to the root of my http://publishing/ publishing site I will be automatically redirected to http://publishing/Pages/default.aspx. On a blank site template I would be redirected from http://blank/ to http://blank/default.aspx. In each case SharePoint issues a 302 temporary redirect from the root of the path to the default page. This is not optimal for search on the internet, so many people have tried to rewrite the URL using the IIS URL Rewrite module. Unfortunately, “rewrites” are not supported with SharePoint but I have never seen this explained clearly. To clarify, this is what we’re talking about:

Continue reading “SharePoint Redirections”