Sunday, August 15, 2010

STREAMING VIDEOS

ANNOUNCEMENT:- The following write-up was culled from

Anshul's SharePoint Blog for trackback purpose (it is one of many video solutions available for MOSS 2007.

As we all know that SharePoint 2007 can not play streaming Videos out-of-the box so i decided to find out a way by which you can stream videos on your MOSS 2007 site so i turned to my best friend... Google. I found a little material on the web where i came to know that to play streaming videos on the web you need a Streaming Server. So i decided to integrate SharePoint with a streaming Server. To play streaming videos Microsoft provides something called as Windows Media Services.Windows Media Services (WMS) is a streaming media server from Microsoft  that allows an administrator to generate streaming media (audio/video). It is an update for Windows Server operating system. You can install it on your Windows Server 2003/2008 as a windows server role and then your server will be a Streaming Server.

Ok so after this introduction to Windows Media Services (WMS) let us move ahead and look at the steps to integrate SharePoint with WMS.

Once Windows Media Services is Installed open the Windows Media Services Manager.

In the WMS Manager click the tab called Announce (using this you can create a Video Stream)

The media stream that WMS creates uses mms protocol the link that it will generate can be put directly in Windows Media Player to play the video stream but you can not store this link in SharePoint because the Link List in SharePoint only takes http protocol so we will run the Unicast Announcement Wizard which will create asx file which supports http protocol.

Clicking on the "Run Unicast Announcement Wizard" will start the Unicast Announcement Wizard. Click on Next

On the "On-Demand Directory" window click the browse button and select a video that you want to stream then click on Next


On the Access the Content Screen click on Next

On the Save Announcement Option screen select the path where you want to save the announcement. I decided to save the asx file on an IIS web site so that i can get an hhtp link to that file. So i created a simple IIS website called Media Services and gave its physical path as "C:\Inetpub\wwwroot\Media" and saved the asx file on the same path



On the Edit Announcement Metadata page you add metadata to the asx file and then click Next

On the Complete Announcement Wizard Page click Finish.

Till now we have a Video Stream created but now we need a Video Player web part to play this stream on the SharePoint site.

So the next step is to create Media Player Web part. I created a simple webpart which embeds the Windows Media Player on the SharePoint page and takes the source parameter of the Video dynamically from the query string. The following is the code for the Media Player Web Part.


using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Web;
using Microsoft.SharePoint;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI;
namespace MediaPlayerWebPart
{
    public class MediaPlayer : WebPart
    {
        private string videoPath = string.Empty;
        [WebBrowsable(true), Personalizable(true), WebDisplayName("Video Path")]
        public string VideoPath
        {
            get
            {
                return ((this.videoPath == null) ? string.Empty : this.videoPath);
            }
            set
            {
                this.videoPath = value;
            }
        }
        private string width = "192";
        [WebBrowsable(true), Personalizable(true), WebDisplayName("Width")]
        public string Width
        {
            get
            {
                return ((this.width == null) ? string.Empty : this.width);
            }
            set
            {
                this.width = value;
            }
        }
        private string height = "190";
        [WebBrowsable(true), Personalizable(true), WebDisplayName("Height")]
        public string Height
        {
            get
            {
                return ((this.height == null) ? string.Empty : this.height);
            }
            set
            {
                this.height = value;
            }
        }
        protected override void CreateChildControls()
        {
            //if(Page.Request.QueryString["VideoPath"] != null || Page.Request.QueryString["VideoPath"] != string.Empty)
              if (Page.Request.QueryString["VideoPath"] != null)
            {
                videoPath = Page.Request.QueryString["VideoPath"].ToString();
            }
            this.Controls.Add(new LiteralControl(" ");
}


Next.. create a Links List on a SharePoint site and add the link to the asx file that we just created.

Once all this is done add the Media Player Web Part and a List View Web Part showing the list of videos on a SharePoint Web Part Page. For this PoC I added a DataView web part of this Links list which displayed the Name of the Video as a hyperlink to the same page with the url of the Video as the query string so that the Media Player Web Part picks up the source of the Video from the Query string and plays the Video.

So here it is Video Streaming on SharePoint!!!

Now you can play videos from your Streaming Server directly on SharePoint

Friday, August 13, 2010

SIMPLE BACKUP AND RESTORE OPERATIONS

One would think that SharePoint would prevent you from loading up a SharePoint backup on a new domain with conflicting SIDs and usernames, but it actually allows you to do so without too much grief. Your reason for this could be anything from simulations to test or duplicating a site or just about anything...I guess the reason is up to you but it invloves moving a site from one place to another.

Here’s How It's Done

Source Server

Login to the source server and run the following command:
stsadm -o backup -url "http://servername:port/sites/sitename" -filename "c:\foldername\sitename.bak"
This backs up the site to the specified destination folder.

Destination Server

Build out the destination server and run SharePoint configuration wizard, it is OK if you’ve already created a site collection on the target server because the new site will be overwritten by the -overwrite command below.
Warning – When you build out the new server you should try to build it using the same version and install all of the same Application Templates and binaries that were on the original server.

stsadm -o restore -url "http://servername:port/sites/sitename" -filename c:\foldername\sitename.bak" -overwrite

If you access the site immediately after restore here’s what you’ll see (if you restored it to a new domain)
image
Add a user via command line because the restored site will deny all of your login attempts (unless your server is on the same domain as the original source server.
stsadm -o siteowner -url "http://servername:port/sites/sitename" -ownerlogin domain\accountname


 OR
Using the Central Administration console, you will note that the site collection still references the original administrators which are now invalid on this new domain:
>> Central Administration >> Application Management >> Site Collection Administrators
image
Run the command below to change ownership:
stsadm -o siteowner -url "http://servername:port/sites/sitename" -ownerlogin domain\accountname
image
Now if you refresh Central Admin console you will see the new administrator as an owner, you can change the secondary administrator at this point as well.
image
Run the command below to add your new administrator to the site collection with the administrator role
stsadm -o adduser -url "http://servername:port/sites/sitename" -userlogin domain\accountname -useremail test@test.com -role administrator -username administrator
clip_image005
On the command prompt type IISRESET and execute.
Warning – Do not skip this step, you won’t be able to login until you run IISReset
clip_image006
Now you can refresh your main site and successfully login as the administrator.
Afterwards, you can optionally run this to clean up the old lingering logins explicitly
stsadm -o migrateuser -oldlogin olddomain\accountname -newlogin newdomain\accountname
That's all !

Thursday, August 12, 2010

SharePoint Backup Script

 This is one of the most important, yet also one of the most neglected areas of computing. Backing up your data should be at the top of your computer maintenance list, right next to virus protection. Without data backup or virus protection, you are running the risk of losing your data. And it will happen, don't think that you don't have to worry about it.

Why should you back up?
Data loss can happen in many ways. One of the most common causes is physical failure of the media the data is stored on. You probably have everything saved on your PCs hard drive. That hard drive will not live forever. To quote a friend of mine, "there are only two types of hard drives - the ones that have failed and the ones that will fail." Yes, normally hard drives will live for years without incident. But eventually they will die. It might happen gradually, by more and more bad clusters accumulating until most of the drive is unusable. Or it might happen suddenly, the hard drive just dies without warning.


Before data is sent to its storage location, it is selected, extracted, and manipulated. Many different techniques have been developed to optimize the backup procedure. These include optimizations for dealing with open files and live data sources as well as compression, encryption, and de-duplication, among others. Many organizations and individuals try to have confidence that the process is working as expected and work to define measurements and validation techniques. It is also important to recognize the limitations and human factors involved in any backup scheme. 

Full + Incrementals 
A Full + Incremental repository aims to make storing several copies of the source data more feasible. At first, a full backup (of all files) is taken. After that, any number of incremental backups can be taken. There are many different types of incremental backups, but they all attempt to only backup a small amount of data relative to the full backup. Restoring a whole system to a certain point in time would require locating the full backup taken previous to that time and the incremental backups that cover the period of time between the full backup and the particular point in time to which the system is supposed to be restored. The scope of an incremental backup is typically defined as a range of time relative to other full or incremental backups. Different implementations of backup systems frequently use specialized or conflicting definitions of these terms.
Differential backup 
A differential backup copies files that have been created or changed since the last normal or incremental backup. It does not mark files as having been backed up (in other words, the archive attribute is not cleared). If you are performing a combination of normal and differential backups, restoring files and folders requires that you have the last normal as well as the last differential backup.
Full System backup 
This type of backup is designed to allow an entire PC to be recovered to "bare metal" without any installation of operating system, application software and data. Most users understand that a backup will prevent "data" from being lost. The expense in a full system recovery is in the hours that it takes for a technician to rebuild a machine to the point of restoring the last data backup. So, a full system backup makes a complete image of the computer so that if needed, it can be copied back to the PC, usually using some type of bespoke software such as Ghost, and the user can carry on from that point.
This is a script I use to run my full backups for my SharePoint farm. It's been working, you will need to modify it to suit your environment. The portion of the script in red is where you will modify. For example the first red wants to create a folder called SPSPortal, well you might want to give it another name, it's up to you. The second read specifies the path in which the backup goes to and you might want to choose a different path on your system BUT the script will not run for the following reasons:
This path D:\SPS2007Backups\SPSPortal, the underlined part must be manually created by you first (the script doesn't create the folder, it only looks for it. When it finds it, it will create SPSPortal into it and proceed smoothly from there.
 

 Lastly, the quotes I used here " must not be the rich text format. All you do is copy the code into notepad and after saving it, change the extension name to .vbs. Then go to your Scheduled Task and schedule it, and if you prefer to run it directly, go ahead it will be fine.
 
-----------------------------------------------------------
Dim fso, f, fspec
dim yr, mo, dt, hr, min, sec

yr = Year(Now)

mo = Month(Now)
if mo < 10 Then
mo = "0" & mo
end if

dt = Day(Now)
if dt < 10 Then
dt = "0" & dt
end if

hr = Hour(Now)
if hr < 10 Then
hr = "0" & hr
end if

min = Minute(Now)
if min < 10 Then
min = "0" & min
end if

sec = Second(Now)
if sec < 10 Then
sec = "0" & sec
end if

destFolder = "SPSPortal-" & yr & "-" & mo & "-" & dt & "-" & hr & "-" & min & "-" & sec

Set fso = CreateObject("Scripting.FileSystemObject")
Set f = fso.CreateFolder("D:\SPS2007Backups\SPSPortal-" & yr & "-" & mo & "-" & dt & "-" & hr & "-" & min & "-" & sec)

bkFolder = f.Path
bkFolder = Replace(bkFolder, "", "\")
bkFolder = bkFolder

Set objShell = CreateObject("WScript.Shell")
objShell.CurrentDirectory = "c:\Program Files\Common Files\Microsoft Shared\web server extensions\12\BIN\"

objShell.Exec ("STSADM.exe -o backup -directory " & bkFolder & " -backupmethod full")
WScript.Echo "Backup Started!"
----------------------------------------------
Thanks to the Technet Forum where I got the script and it referral url to this script's location.

Wednesday, August 11, 2010

ACCESS DENIED & CRAWL ERROR IN INDEX SERVER/SEARCH SERVER


This is a quick blog because I encountered this problem and had it solved quickly enough. Recently took down my index server because NT found it wasn't up to spec (not sharepoint spec but NTs spec such as age of the server, it should be getting ready to enter into the archived servers). So, had to remove the index and when a fresh server came on board last week, promptly configured it and ran into this problem. So, here it is:
Windows Server 2003 SP1 introduced a loopback security check. This feature is obviously also present in Windows Server 2008. The feature prevents access to a web application using a fully qualified domain name (FQDN) if an attempt to access it takes place from a machine that hosts that application. The end result is a 401.1 Access Denied from the web server and a logon failure in the event log.

The trouble is there are also scenarios where this fix will break normal operations of SharePoint.
1. Search Indexing.
If you are hosting the WSS Web Application Service on your Indexer for the purposes of having a “Dedicated Crawl Front End” and avoiding a network hop. This is common in small scale “Medium Server Farms”. Because the Indexer is crawling itself, the crawl log will fill up with 401s and your content won’t get indexed.
Crawl Access Denied Error
Crawl Access Denied Error

2. Web Application “Warm Ups”.
If you are running a scheduled task or timer job to hit the Web Application to avoid the start up lag after an application pool recycle, the “warm up” will fail with a 401.

3. Custom Code using SharePoint Web Services.
If you have custom code, either in SharePoint or out with it that leverages SharePoint Web Services (such as using the ExcelService API) these requests will fail with a 401.

Workaround
If you are working on a development environment or on just a single MOSS box – go for it – disable it completely. You need to debug and test locally and it’s likely you don’t know what addresses you will use ahead of time. I as a matter of course disable the check as part of my sysprep build for all my development and test machines. I never hit the problem because my base image is all sorted as I want it. I recommend you do the same.

1. Login to the SharePoint server.
2. Click Start, click Run, type regedit, and then click OK.
3. In Registry Editor, locate and then click the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
4. Right-click Lsa, point to New, and then click DWORD Value.
5. Type DisableLoopbackCheck, and then press ENTER.
6. Right-click DisableLoopbackCheck, and then click Modify.
7. In the Value data box, type 1, and then click OK.
8. Quit Registry Editor, and then restart your computer.

However, for production environments, DO NOT DISABLE this feature. You are unpicking a serious security check of the OS. If that environment underwent a security audit by a competent security engineer, it would be flagged. You should add a list of addresses you wish to exclude. This makes your scenario work whilst retaining the security check.

1. Login to the SharePoint server.
2. Click Start, click Run, type regedit, and then click OK.
3. In Registry Editor, locate and then click the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
4. Right-click MSV1_0, point to New, and then click Multi-String Value.
5. Type BackConnectionHostNames, and then press ENTER.
6. Right-click BackConnectionHostNames, and then click Modify.
7. In the Value data box, type the host name or the host names for the sites that are on the local computer, and then click OK.
8. Quit Registry Editor, and then restart the IISAdmin service.

References
Microsoft KB 896861
harbar.net
mossgurus.com
nishantrana.wordpress.com
social.technet.microsoft.com article I
social.technet.microsoft.com article II

Sunday, August 8, 2010

PLANNING, INSTALLING AND CONFIGURING A SHAREPOINT FARM

A server farm typically consists of one or two back-end database servers and one or more front-end servers that provide Web services and Office SharePoint Server 2007 services, such as search, Excel Services, and indexing.

Hardware and software requirements
Before you install and configure Office SharePoint Server 2007, make sure your servers have the recommended hardware and software. To deploy a server farm, you need at least one server computer acting as a Web server and an application server, and one server computer acting as a database server. The server computers must meet the following requirements:

 Hardware requirements
  • Front-end Web server and application server computers: a dual-processor computer with processor clock speeds of 2.5-gigahertz (GHz) or higher and a minimum of 2 gigabytes (GB) of RAM.
  • Back-end database server: a dual-processor computer with processor clock speeds of 2.0 GHz or higher and a minimum of 2 GB of RAM.
 Software requirements Web and Application Server
  • Microsoft Windows Server 2003 (Standard, Enterprise, Datacenter, or Web Edition) with Service Pack 1 (SP1)
  • Microsoft .Net Framework 2.0
  • Microsoft .Net Framework 3.0
  • The Web server and application server computers must be configured as Web servers running Microsoft Internet Information Services (IIS) in IIS 6.0 worker process isolation mode.
  • Each of the computers must be using the NTFS file system. Windows Server 2003 includes a conversion utility (Convert.exe) that you can use to convert an existing file allocation table (FAT) volume to NTFS without losing data.
Back-End Database Server
  • The back-end database server computer must be running Microsoft SQL Server 2005 or Microsoft SQL Server 2000 with Service Pack 3 (SP3) or later. It is assumed that you have installed and configured the database program on the back-end server computer. You do not need to set up or create specific databases for Office SharePoint Server 2007. The Office SharePoint Server 2007 Setup program will create the necessary databases when you install and configure Office SharePoint Server 2007.
 In addition to these requirements, if you are using SQL Server 2005, you need to configure surface area settings. Use the following procedure to do this.

Configure surface area settings in SQL Server 2005
  1. Click Start, point to All Programs, point to Microsoft SQL Server 2005, point to Configuration Tools, and then click SQL Server Surface Area Configuration.
  2. In the SQL Server Surface Area Configuration dialog box, click Surface Area Configuration for Services and Connections.
  3. In the tree, open your instance of SQL Server, open Database Engine, and then click Remote Connections.
  4. Click Local and Remote Connections, click Using both TCP/IP and named pipes, and then click OK.
Security account requirements
To install Office SharePoint Server 2007 in a server farm environment, at-least 2 accounts are required:
  • A user account that you can use to install Office SharePoint Server 2007 and run the SharePoint Products and Technologies Configuration Wizard. This account must be:
  • A domain user account.
  • A member of the Administrators group on each of your front-end servers.
  • A member of the SQL Server Logins, which grants login access to your SQL Server instance.
  • A member of the SQL Server Database Creator server role, which grants permission to create and alter databases.
  • A member of the SQL Server Security Administrators server role, which grants permission to manage server logins.
Sharepointe%202007%20Install
  • A unique domain user account that you can specify as the Office SharePoint Server 2007 service account. This user account is used to access your SharePoint configuration database. It also acts as the application pool identity for the SharePoint Central Administration application pool and it is the account under which the Windows SharePoint Services Timer service runs. The SharePoint Products and Technologies Configuration Wizard adds this account to the SQL Server Logins, the SQL Server Database Creator server role, and the SQL Server Security Administrators server role. It is recommended that you follow the principle of least privilege and do not make this user account a member of any particular security group on your front-end servers or your back-end servers.
Configure the server as a Web server
Before you install and configure Office SharePoint Server 2007, you must install and configure the required software on each of your front-end servers. This includes installing and configuring IIS so your front-end servers act as Web servers, installing Windows .NET Framework 2.0, enabling ASP.NET 2.0, and installing Windows Workflow Foundation Runtime Components Beta 2.2 (build 3807.7).


Install and configure IIS
IIS is not installed or enabled by default in Windows Server 2003. To make your server a Web server, you must install and enable IIS, and you must make sure that IIS is running in IIS 6.0 worker process isolation mode.
  1. Click Start, point to All Programs, point to Administrative Tools, and then click Configure Your Server Wizard.
  2. On the Welcome to the Configure Your Server Wizard page, click Next.
  3. On the Preliminary Steps page, click Next.
  4. On the Server Role page, click Application server (IIS, ASP.NET), and then click Next.
  5. On the Application Server Options page, click Next.
  6. On the Summary of Selections page, click Next.
  7. Click Finish.
  8. Click Start, point to All Programs, point to Administrative Tools, and then click Internet Information Services (IIS) Manager.
  9. In the IIS Manager tree, click the plus sign ( ) next to the server name, and then right-click the Web Sites folder and select Properties.
  10. In the Web Sites Properties dialog box, click the Service tab.
  11. In the Isolation mode section, clear the Run WWW service in IIS 5.0 isolation mode check box, and then click OK.
Note: The Run WWW in IIS 5.0 isolation mode check box is only selected if you have upgraded to IIS 6.0 on Windows Server 2003 from IIS 5.0 on Microsoft Windows 2000. New installations of IIS 6.0 use IIS 6.0 worker process isolation mode by default.

Install Windows .NET Framework 2.0
  1. Run .Net Framework 2.0 Setup
Enable ASP.NET 2.0
  1. Click Start, point to All Programs, point to Administrative Tools, and then click Internet Information Services (IIS) Manager.
  2. In the IIS Manager tree, click the plus sign ( ) next to the server name, and then click the Web Service Extensions folder.
  3. In the details pane, click ASP.NET v2.0.50727, and then click Allow.
Install .Net Framework 3.0
1. Run .Net Framework 3.0 Setup

Install Microsoft Windows Workflow Foundation Runtime. Install and configure 2007 Office SharePoint Server
It is recommended that you install and configure Office SharePoint Server 2007 on all of your front-end servers before you configure Office SharePoint Server 2007 services and create sites. If you want to build a minimal server farm configuration, and incrementally add front-end servers to expand the farm, you can install and configure Office SharePoint Server 2007 on a single front-end server and configure the front-end server as both a Web server and an application server. Regardless how many front-end servers you have in your server farm, you must have SQL Server running on at least one back-end database server before you install Office SharePoint Server 2007 on your front-end servers.


Run 2007 Office SharePoint Server Setup

  1. Run Officeserver.exe, on one of your Web server computers.
  2. On the Enter your Product Key page, enter your product key and click Continue.
Sharepointe%202007%20Install

  1. On the Read the Microsoft Software License Terms page, review the terms, select the I accept the terms of this agreement check box, and then click Continue.
Sharepointe%202007%20Install

  1. On the Choose the installation you want page, click Advanced.
Sharepointe%202007%20Install

  1. On the Server Type tab, do one of the following:
If you are setting up a computer that will act as an application server, or a Web server and an application server, click Complete, and then click Install Now.

If you are setting up a computer that will act as a Web server only, click Web Front End, and then click Install Now.
Sharepointe%202007%20Install
  1. When Setup finishes, a dialog box appears telling you that you must complete the configuration of your server. Make sure that the Run the SharePoint Products and Technologies Configuration Wizard now check box is selected.
  2. Click Close to start the configuration wizard. Instructions for completing the wizard are provided in the next set of steps.
Run the SharePoint Products and Technologies Configuration Wizard
After Setup finishes, you can use the SharePoint Products and Technologies Configuration Wizard to configure Office SharePoint Server 2007. The SharePoint Products and Technologies Configuration Wizard automates several configuration tasks, including: installing and configuring the configuration database, installing Office SharePoint Server 2007 services, and installing SharePoint Central Administration. Use the following instructions to run the SharePoint Products and Technologies Configuration Wizard.
  1. On the Welcome to SharePoint Products and Technologies page, click Next.
Sharepointe%202007%20Install

  1. Click Yes in the warning dialog box that appears notifying you that some services might need to be restarted during configuration.
  2. On the Connect to a server farm page, do one of the following:
If this is the first front-end server that you are configuring in your server farm, click No, I want to create a new server farm, and then click Next.

If you have already configured your first server in your server farm, click Yes, I want to connect to an existing server farm, and then click Next.

Sharepointe%202007%20Install

  1. On the Specify Configuration Database Settings dialog box, in Database server, type the name of the computer that is running SQL Server.
  2. Do one of the following:
If this is the first server that you are configuring in your server farm, type a name for your configuration database in Database name, or use the default database name.

If you have already configured the first server in your server farm, click Retrieve Database Names, and in Database name click the database name that you created when you configured the first server in your server farm. The default name is SharePoint_Config.

Sharepointe%202007%20Install

  1. In User name , type the user name of the account used to connect to the computer running SQL Server (be sure to type the user name in the format DOMAIN\username).
Important: This account is the Office SharePoint Server 2007 service account under which several Office SharePoint Server 2007 services run. The user account that you specify as the Office SharePoint Server 2007 service account must be a domain user account, but it does not need to be a member of any specific security group on your front-end servers or your back-end database servers. However, the user account that you specify must be a member of the following two SQL Server security roles on your back-end database servers: Database Creator and Security Administrator. It is recommended that you follow the principle of least privilege and specify a user account that is not a member of the Administrators group as your Office SharePoint Server 2007 service account.
  1. In Password, type the user's password, and click Next.
  2. Skip the next step if you have already configured first server in your server farm.
  3. On the Configure SharePoint Central Administration Web Application page, select the Specify port number check box and type a port number if you want the SharePoint Central Administration Web application to use a specific port, or leave the Specify port number check box unchecked if you do not care which port number the SharePoint Central Administration Web application uses. Sharepointe%202007%20Install

  1. On the Configure SharePoint Central Administration Web Application dialog box, select NTLM authentication (the default), click Next.
  2. On the Completing the SharePoint Products and Technologies Wizard page, click Next.
  3. On the Configuration Successful page, click Finish.
The SharePoint Central Administration Web page opens.

Notes
  • If you are prompted for your user name and password, you might need to add the SharePoint Central Administration site to the list of trusted sites and configure user authentication settings in Internet Explorer. Instructions for configuring these settings are provided in the next set of steps.
  • If you see a proxy server error message, you might need to configure your proxy server settings so that local addresses bypass the proxy server. Instructions for configuring this setting are provided later in this section.
Add the SharePoint Central Administration site to the list of trusted sites
  1. In Internet Explorer, on the Tools menu, click Internet Options.
  2. On the Security tab, in the Select a Web content zone to specify its security settings box, click Trusted Sites, and then click Sites.
  3. Clear the Require server verification (https:) for all sites in this zone check box.
  4. In the Add this Web site to the zone box, type the URL for the SharePoint Central Administration site, and then click Add.
  5. Select the Require server verification (https:) for all sites in this zone check box.
  6. Click Close to close the Trusted Sites dialog box.
  7. Click OK to close the Internet Options dialog box.
Configure user authentication settings for trusted sites
  1. In Internet Explorer, on the Tools menu, click Internet Options.
  2. On the Security tab, in the Select a Web content zone to specify its security settings box, click Trusted sites, and then click Custom Level.
  3. In the Settings list box, under User Authentication, click Automatic logon with current username and password.
  4. Click OK twice.
Note: If you do not want to add the SharePoint Central Administration site to the list of trusted sites, but you do not want to be prompted for your user name and password every time you access the SharePoint Central Administration site, you can instead add the SharePoint Central Administration site to the Local intranet zone. If you do this, you must enable the Automatic logon only in Intranet zone user authentication setting instead of the Automatic logon with current username and password user authentication setting

Configure 2007 Office SharePoint Server services
After you have installed and configured Office SharePoint Server 2007 on all of your front-end servers, you must configure Office SharePoint Server 2007 services. The services you need to configure depends on your server topology and the server roles you deploy. Use the following guidelines to determine which services you need to configure in your server farm.
  • Search and indexing servers You must start and configure the Office SharePoint Server Search service on at least one of your front-end servers. This service provides search and indexing services. You can start and configure this service on any type of server, including a server that is acting as an application server and provides only Office SharePoint Server 2007 services, a server that is acting as both an application server and a Web server and provides both Office SharePoint Server 2007 services and Web services, or a server that is acting as a Web server and provides only Web services.
  • Web servers The Web server role is implemented by IIS and the Windows SharePoint Services Web Application service. The Windows SharePoint Services Web Application service must be running on any server that acts as a Web server and renders Web content. This service is started by default on servers that you set up using the Web Front End option during Setup. If you set up a server using the Complete option during Setup, and you want that server to act as a Web server and render Web content, then you must start the Windows SharePoint Services Web Application service on that server.
Sharepointe%202007%20Install

Sharepointe%202007%20Install
In addition to configuring services on your front-end servers, you must create the Shared Services Provider (SSP). The SSP makes it possible to share the Office SharePoint Server 2007 services across your server farm. You must create the SSP before you can use it in a farm environment; Office SharePoint Server 2007 does not create the SSP by default in a farm environment.

The following procedures step you through the process of configuring Office SharePoint Server 2007 services, creating a Web application for the SSP, creating the SSP, and configuring indexing settings.


Start and configure the Search service
  1. On the SharePoint Central Administration home page, click the Operations tab on the top navigation bar.
  2. On the Operations page, in Topology and Services, click Servers in farm.
  3. On the Servers in Farm page, click the server on which you want to configure the search service.
  4. Click Start next to Office SharePoint Server Search.
  5. On the Office SharePoint Server Search Settings page, in the Query and Indexing section, make sure that the Use this server for indexing content and Use this server for serving search queries check boxes are selected.
  6. In the Default Catalog Location section, type a path to a physical folder to store the index files, or use the default location that is specified.
  7. In the Contact E-Mail Address section, specify a valid e-mail address.
  8. In the Service Account section, click Configurable, and in User name and Password, type the user name and password for the user account under which you want the Search service to run. The user account must be a member of the Administrators group on the computer that is running the Search service. If you want to use the principle of least privilege and select a unique user account that does not have administrative rights on your front-end servers or on your back-end database servers, see the Known Issues/Readme for Office SharePoint Server 2007 Beta 2. The user name must be in the format DOMAIN\username.
  9. In the Web Front End And Crawling section, do one of the following:
    • If you are configuring the search service on a server that provides Web services and renders Web content, click No dedicated Web front-end computer for crawling
    • If you are configuring the search service on a server that is a standalone search server that does not provide Web services and render Web content, click Use a dedicated web front end computer for crawling, and then, in Select a web front end computer, click the computer you want to use for crawling.
  1. Click Start.
Start the Windows SharePoint Services Web Application service
You must start the Windows SharePoint Services Web Application service on every computer that you want to act as a Web server and was set up using the Complete option during Setup. This service is started by default on servers that were set up using the Web Front End option. To enhance security, you can leave this service turned off on application servers that do not provide Web content to client computers. Also, you do not need to turn this service on to use SharePoint Central Administration on a server.
  1. On the SharePoint Central Administration home page, click the Operations tab on the top navigation bar.
  2. On the Operations page, in Topology and Services, click Servers in farm.
  3. On the Servers in Farm page, click the server on which you want to start the Windows SharePoint Services Web Application service.
  4. Click Start next to Window SharePoint Services Web Application.
Create the Shared Services Provider
  1. On the SharePoint Central Administration home page, click the Application Management tab on the top navigation bar.
  2. On the Application Management page, in the Office SharePoint Server Shared Services section, click Create or configure this farm's shared services.
  3. On the Manage this Farm's Shared Services page, click New SSP.
Important: If you have not created a Web application for the SSP administration site, you need to create one before you create the SSP. If you have already created a Web application for the SSP administration site, skip to step 14.
  1. On the New Shared Services Provider page, click Create a new Web application.
  2. On the Create New Web Application page, in the IIS Web Site section, click Create a new IIS web site, and do not modify the default settings in this section.
  3. In the Security Configuration section, under Authentication provider, select the appropriate option for your environment, and do not modify the default settings in the remainder of this section.
  4. In the Load Balanced URL section, do not modify the default settings.
  5. In the Application Pool section, click Create new application pool.
  6. In Application pool name, enter the name of your application pool or use the default name.
  7. Click Configurable, and in User name and Password, type the user name and password for the user account under which you want the application pool to run. The user account does not have to be a member of any particular security group. It is recommended that you use the principle of least privilege and select a unique user account that does not have administrative rights on your front-end servers or on your back-end database servers. You can use the user account that you specified as the Office SharePoint Server 2007 service account; however, if that user account is a member of a security group that has administrative rights on your front-end servers or your back-end database servers, you will not be following the principle of least privilege. The user name must be in the format DOMAIN\username.
  8. In the Database Name and Authentication section, verify the database information and make sure that Windows Authentication (recommended)is selected.
  9. In the Search Server section, do not modify the default settings.
  10. Click OK. Upon successful creation of the Web application, the New Shared Services Provider page appears.
  11. In the SSP Name section, in Web Application, select the Web application that you created for the SSP, and do not modify any of the default settings in this section.
  12. In the My Site Location section, do not modify any of the default settings.
  13. In the SSP Service Credentials section, in User name and Password, type the user name and password for the user account under which you want the SSP to run. The user account does not have to be a member of any particular security group. It is recommended that you use the principle of least privilege and select a unique user account that does not have administrative rights on your front-end servers or on your back-end database servers. You can use the user account that you specified as the Office SharePoint Server 2007 service account; however, if that user account is a member of a security group that has administrative rights on your front-end servers or your back-end database servers, you will not be following the principle of least privilege. The user name must be in the format DOMAIN\username.
  14. In the SSP Database section, you can either accept the default settings (recommended), or specify your own settings for the database server, the database name, or the SQL authentication credentials.
  15. In the Search Database section, you can either accept the default settings (recommended), or specify your own settings for the search database server, the database name, or the SQL Server authentication credentials.
  16. In the Index Server section, in Index Server, click the server on which you configured the Search service.
Note: If there is no index server listed in the Index Server section, then no server in your farm has been assigned the index server role. To assign the index server role to a server in your farm, follow the instructions in the "Configure the Search service" section earlier in this topic.
  1. In the SSL for Web Services section, click No.
  2. Click OK. Upon successful creation of the SSP, the Success page appears.
  3. On the Success page, click OK to return to the Manage this Farm's Core Services page.
Configure indexing settings
  1. On the SharePoint Central Administration home page, click the Application Management tab on the navigation bar.
  2. On the Application Management page, in the Office SharePoint Server Shared Services section, click Create or configure this farm's shared services.
  3. On the Manage this Farm's Shared Services page, click SharedServices1.
  4. On the Shared Services Administration page, in Search, click Search Settings.
  5. On the Configure Search Settings page, in the Crawl Settings section, click Default content access account.
  6. In the Default content access account section, in Account, Password, and Confirm Password, type the user name and password for the user account that you want to use to crawl content on your sites. This account must be a domain user account. It is recommended that you use the principle of least privilege and select a unique user account that cannot modify content and does not have administrative rights on your front-end servers or on your back-end database servers. You can use the user account that you specified as the Office SharePoint Server 2007 service account; however, if that user account is a member of a security group that has administrative rights on your front-end servers or your back-end database servers, you will not be following the principle of least privilege. The user account that you specify will be added to the Web application Full Read policy for your farm. The user name must be in the format DOMAIN\username.
  7. Click OK.
  8. In the Crawl Settings section, click Content sources.
  9. On the Manage Content Sources page, click Local Office SharePoint Server sites.
  10. On the Edit Content Source page, in the Crawl Schedules section, under Full Crawl, click Create schedule.
  11. In the Manage Schedules dialog box, configure schedule settings for full crawls of your content, and then click OK.
  12. In the Crawl Schedules section, under Incremental Crawl, click Create schedule.
  13. In the Manage Schedules dialog box, configure schedule settings for incremental crawls of your content, and then click OK.
  14. In the Start Full Crawl section, select the Start full crawl of this content source check box, and then click OK.
Create and configure a site 
After you configure services in your server farm, you can create a Web application and a site collection. You should create the Web application on the first server on which you installed Office SharePoint Server 2007 (in other words, the same server that is running the SharePoint Central Administration service).


Create a Web application for your SharePoint site
On the SharePoint Central Administration home page, click the Application Management tab on the top navigation bar.

  1. In the SharePoint Web Application Management section, click Create or extend Web application.
  2. On the Create or Extend Web Application page, click Create a new Web Application.
  3. On the Create New Web Application page, in the IIS Web Site section, click Create a new IIS web site, and change the port setting to port 80. This will allow you to access your site by typing http://ServerName. If you use a nonstandard port number you will have to include the port number in the URL to access your site (for example, http://ServerName:port).
  4. In the Security Configuration section, under Authentication provider, select the appropriate option for your environment, and do not modify any other settings in this section.
Note: By default, the authentication provider is set to NTLM.
  1. In the Load Balanced URL section, do not modify the default settings.
  2. In the Application Pool section, select Create new application pool, and use the default settings for the application pool name.
  3. Click Configurable, and in User name and Password, type the user name and password for the user account under which you want the application pool to run. The user account does not have to be a member of any particular security group. It is recommended that you use the principle of least privilege and select a unique user account that does not have administrative rights on your front-end servers or on your back-end database servers. You can use the user account that you specified as the Office SharePoint Server 2007 service account; however, if that user account is a member of a security group that has administrative rights on your front-end servers or your back-end database servers, you will not be following the principle of least privilege. The user name must be in the format DOMAIN\username.
  4. In the Database Name and Authentication section, verify the database information and ensure Windows Authentication (recommended)is selected.
  5. In the Search Server section, do not modify the default settings.
  6. Click OK.
  7. On the Application Created page, which appears after successful creation of the Web application, click Create a new Windows SharePoint Services site collection.
Create the site collection for your Web application
  1. On the Create Site Collection page, in the Title and Description section, in Title, enter a title for the new site.
  2. In Description, enter a description of the site collection.
  3. In the Web Site Address section, click Create site at this URL, and in URL path click (root).
It is most common to create a site collection at the root; however, you can create a site collection at a specific URL path.
  1. In the Primary Site Collection Administrator section, in User name, type the user name of the site collection administrator. This can be the same user account that you specified as the Office SharePoint Server 2007 service account, but you should follow the principle of least privilege and use a user account that does not have administrative privileges or rights on your front-end or back-end servers.
  2. In the Quota Template section, select a predefined quota template to limit resources used for this site collection.
Note: You can also select No Quota, thereby allowing this site collection to use any available resources.
  1. In the Template Selection section, click the Publishing tab, and then click Corporate Intranet Site.
  2. Click OK to create the site collection with the attributes you specified.  Upon successful completion, a Top-Level Site Successfully Created page appears.
  3. Click OK to return to the SharePoint Central Administration home page, or click the http://ComputerName link to go to your new SharePoint site home page.
After you install and configure Office SharePoint Server 2007
After you finish creating your first site, you can start adding content to the site and you can start customizing the site. However, it is recommended that you first configure several administrative settings to ensure that your Office SharePoint Server 2007 environment is operating properly and you are using all of the features and capabilities provided by Office SharePoint Server 2007.


Install and configure Excel Calculation Services

To take full advantage of the business intelligence capabilities of Office SharePoint Server 2007 you need to start and configure Excel Calculation Services. Instructions for doing this are provided below.

Note: Excel Services is only available if you use a product key that activates the Enterprise version of Office SharePoint Server 2007.

Start and configure Excel Calculation Services
  1. On the SharePoint Central Administration home page, click Administrative Tasks.
  2. On the Administrative Tasks page, click Add Excel Services Trusted Locations.
  3. On the Add Excel Services Trusted Locations page, in Action, click Add Excel Services Trusted Locations.
  4. On the Excel Services Trusted File Locations page, click Add Trusted File Location.
  5. In the Location section, in Address, type the address of the trusted file location. It is recommended that the trusted file location be an Office SharePoint Server 2007 site, but you can also specify universal naming convention (UNC) paths or HTTP Web sites.
  6. In Location Type, click Windows SharePoint Services if you specified an Office SharePoint Server 2007 site, click UNC if you specified a UNC path, or click HTTP if you specified an HTTP Web site.
  7. In the External Data section, in Allow External Data, select the trust level for external data sources that you want to enable by doing one of the following:
    • Click None to prevent Excel Calculation Services from processing connections to any external data connection.
    • Click Trusted data connection libraries only to prevent Excel Calculation Services from processing connections to external data sources that are embedded within workbooks. This setting permits Excel Calculation Services to process links to trusted data connection libraries.
    • Click Trusted data connection libraries and embedded to permit Excel Calculation Services to process direct connections to external data sources that are embedded within workbooks. This setting also permits Excel Calculation Services to process links to trusted data connection libraries.
Configure alternate access mappings for your Web applications
If you installed and configured Office SharePoint Server 2007 on a single front-end server, and a user browses to your server, the server will render the content that is in your Web application. However, if you added subsequent front-end servers to your server farm, the newly-added servers will not have alternate access mappings configured to your Web application. To map newly-added front-end servers to your existing Web application, you need to configure alternate access mappings.

Before you configure alternate access mappings, install and configure Office SharePoint Server 2007 on all of the front-end servers that you want to add to your server farm, and make sure that the servers are joined to your server farm. See "Run Windows SharePoint Services Setup" and "Run the SharePoint Products and Technologies Configuration Wizard" for information about installing and configuring Office SharePoint Server 2007.

To configure alternate access mappings
  1. On the SharePoint Central Administration home page, click the Operations tab.
  2. On the Operations page, in the Global Configuration section, click Alternate access mappings.
  3. In Alternate Access Mapping Collection, click Change Alternate Access Mapping Collection.
  4. In the Select an Alternate Access Mapping Collection dialog box, click the Web application that you want to modify. If you have created only one Web application, and you specified port 80 for the Web application, the Web application should be listed as SharePoint (80).
  5. Click Edit Outbound URLs, and verify that your Web application is listed in the Default zone for outbound URLs. The outbound URL is the URL that you want users to use to access your Web application.
Note: If you have a load-balanced configuration with a host name, add the host name to the Outbound URL for the Default zone.
  1. Click Save.
  2. Click Add Incoming URLs.
  3. On the Add Incoming URLs page, in New default zone URL protocol, host and port type the URL for the server that you want to map to your Web application. Typically, this is http://servername:portnumber.
Note: If you have a load-balanced configuration, you should add the server name of each of your front-end Web servers to the list of internal URLs. This will allow each of your Web servers to reach the content in your common Web application. Also, make sure the zone you selected for the incoming URL matches the zone of the outbound URL for the load balancer. You can have multiple incoming URLs associated with a single outbound URL.
  1. In Zone, make sure that Default is selected.
  2. Click Save.
Configure additional administrative settings
After you have deployed the SharePoint Server, there are some other additional settings which you need to configure. You should perform these tasks to take full advantage of the SharePoint 2007 administrative Features:

  • Email Settings:
    • Incoming:
Configuring server for incoming emails will enable you to get advantage of the following SPS 2007 features:
1. SharePoint sites can accept and archive incoming e-mail.
2. SharePoint sites can archive e-mail discussions as they happen, save e-mailed documents, and show e-mailed meetings on site calendars.
3. In addition, configure the SharePoint Directory Management Service for e-mail distribution list creation and management.
  • Outgoing
Configure Outgoing SMTP Email server to enable SPS 2007 for sending Notifications and alerts to the site users and administrators. You can configure “From” and “Reply to” email addresses for outgoing emails.
  • Create SharePoint sites: Create more SharePoint sites and Web applications if your site design requires multiple sites or multiple Web applications.
  • Diagnostic logging settingsTo get yourself helped in troubleshooting, configure various logging and diagnostics settings including trace logs, event messages, user-mode error messages, and Customer Experience Improvement Program events.
  • Configure antivirus protection settingsConfigure Antivirus Settings for Server to enable the virus scanning for document upload and downloads, also configure virus scanning timeout and execution threads on the server for antivirus. A SharePoint Server 2007 compatible Antivirus program is required for this.
  • You can use the following procedure to configure optional administrative settings using SharePoint Central Administration.
Configure administrative settings using SharePoint Central Administration
  1. Click Start, point to All Programs, point to Administrative Tools, and then click SharePoint 3.0 Central Administration.
  2. On the SharePoint Central Administration home page, under Administrative Tasks, click the administrative task you want to perform.
  3. On the Administrative Tasks page, next to Action, click the task.

Saturday, July 24, 2010

SQL SERVER CONNECTIVITY ISSUES


We have been seeing and trying to resolve SQL connectivity issue all the time, I remember I started using SQL from 7.5, but not much then. I really dug in from SQL 2000. I guess it would be helpful if we can put some guidance on how to resolve connectivity issues. So, here comes a proposal based on my experience and some study. Basically, when you failed to connect to your SQL Server, the issue could be:


1) Network issue
2) SQL Server configuration issue
3) Firewall issue
4) Client driver issue
5) Application configuration issue
6) Authentication and logon issue

Usually, customers see connectivity issue in their applications, but it would be great if you can follow the SQL MSDN Forum steps below to eliminate issues one by one and post a question on SQL forum in MSDN (http://msdn.microsoft.com) if needed.

Step 1: Network Issue
You might be able to make local connection without a working network, but that's a special case. For remote connection, a stable network is required. The first thing to trouble shoot SQL connectivity issues is to make sure the network we rely on is workable and stable. Please run the following commands:

ping -a     (use -4 and -6 for IPv4 and IPv6 specifically)

 nslookup (type your local and remote machine name and IP address multiple times)

Be careful to see any mismatch on the returned results. If you are not able to ping your target machine, it has high chances that either the network is broken or the target machine is not running. It's also possible the target machine is behind a firewall and the firewall blocks the packets sent by the ping command, though. Windows firewall does not block ping (ECHO) packet by default, but you may have to check the ICMP page to see if echo request is allowed. The correctness of DNS configuration on the network is vital to SQL connection. Wrong DNS entry could cause all sorts of connectivity issue later.

Step 2: SQL Server Configuration Issue
You need to make sure the target SQL Server is running and is listening on appropriate protocols. You can use SQL Server Configuration Manager (SCM) to enable protocols on the server machine. SQL Server supports Shared Memory, Named Pipes, and TCP protocols (and VIA which needs special hardware and is rarely used). For remote connection, NP and/or TCP protocols must be enabled. Once you enabled protocols in SCM, please make sure restart the SQL Server.You can open errorlog file to see if the server is successfully listening on any of the protocol. The location of errorlog file is usually under:

%ProgramFile%Microsoft SQL Server/MSSQLxx.xxx/MSSQL/Log (this path also depends on how you have split your data files and log files path)

If the target SQL instance is a named instance, you also need to make sure SQL Browser is running on the target machine. If you are not able to access the remote SQL Server, please ask your admin to make sure all these happen.
























Step 3: Firewall Issue
A firewall (either operating system based or antivirus based) on the SQL Server machine (or anywhere between client and server) could block SQL connection request. An easy way to isolate if this is a firewall issue is to turn off firewall for a short time if you can. Long term solution is to put exception for SQL Server and SQL Browser.

For NP (Named Pipe) protocol, please make sure file sharing is in firewall exception list. Both file sharing and NP use SMB protocol underneath.

For TCP protocol, you need put the TCP port on which the SQL Server listens on into exception.

For SQL Browser, please put UDP port 1434 into exception.

Meanwhile, you can put sqlservr.exe and sqlbrowser.exe into exception as well, but this is not recommended. IPSec between machines that are not trusted could also block some packets. Note that firewall should never be an issue for local connections.





Step 4: Client Driver Issue

At this stage, you can test your connection using some tools. The tests need to be done on client machine for sure.
First try:
Telnet
You should be able to telnet to the SQL server TCP port if TCP is enabled. Otherwise, go back to check steps 1-3. Then, use OSQL, SQLCMD, and SQL Management Studio to test sql connections. If you don't have those tools, please download SQL Express from Microsoft and you can get those tools for free.


OSQL (the one shipped with SQL Server 2000) uses MDAC.
OSQL (the one shipped with SQL Server 2005 & 2008) uses SNAC ODBC.
SQLCMD (shipped with SQL Server 2005 & 2008) uses SNAC OLEDB.
SQL Management Studio (shipped with SQL Server 2005 & 2008) uses SQLClient.
Possilbe command use:

osql -E -S

osql -U -S

SQLCMD also applies here. In addition, you can use -Stcp:Your_target_machine, Tcp_port

For TCP,  -Snp:Your_target_machine\Your_instance 
For NP,    -Slpc:Your_target_machine\Your_instance for Shared Memory. 

You would know if it fails for all protocols or just some specific protocols.

At this stage, you should not see general error message such as error 26 and error 40 anymore. If you are using NP and you still see error 40 (Named Pipes Provider: Could not open a connection to SQL Server), please try the following steps:

a)Open a file share on your server machine.
b)Run   net view \\your_target_machine and

            net use \\your_target_machine\your_share  
(You can try Map Network Drive from Windows Explorer as well)

If you get failure in b), it's very likely you have operating system/network configuration issue, which is not SQL Server specific. Please search on internet to resolve this issue first.You can try connection using both Windows Authentication and SQL Authentication. If the tests with all tools failed, there is a good chance that steps 1-3 were not set correctly, unless the failure is logon-related then you can look at step 6 below.
If you succeeds with some of the tools, but fails with other tools, it's probably a driver issue. You can post a question on the MSDN forum and give us the details.
You can also use “\windows\system32\odbcad32.exe” (which ships with Windows) to test connection by adding new DSN for various drivers, but that's for ODBC only.


Step 5: Application Issue
If you succeed with steps 1-4 but still see failure in your application, it's likely a configuration issue in your application. Think about a couple of possible issues here.
a) Is your application running under the same account with the account you did tests in step 4? If not, you might want to try testing in step 4 under that account or change to a workable service account for your application if possible.
b) Which SQL driver does your app use?
c) What's your connection string? Is the connection string compatible to your driver? Please check http://www.connectionstrings.com/ for reference.


Step 6: Authentication And Logon Issue
This is probably the most difficult part for sql connectivity issues. It's often related to the configuration on your network, your OS and your SQL Server database. There is no simple solution for this, and we have to solve it case by case. There are already several blogs in sql_protocols talking about some special cases and you can check them to see if any of them applies to your case. Apart from that, things to keep in mind include:
a) If you use SQL authentication, mixed authentication must be enabled. Check this page for reference http://msdn.microsoft.com/en-us/library/ms188670.aspx
b) Make sure your login account has access permission on the database you used during login ("Initial Catalog" in OLEDB).
c) Check the eventlog on your system see if there is more information



And that wraps it up.