The following code will create a site based on a template, then it will add a new contributor group: //create the subsite .. subSite is an SPWeb object
SPWeb createdWeb = subSite.Webs.Add("Url", "Title", "Project Subsite", 1033, "Template Name", true, false);
createdWeb.BreakRoleInheritance(true);
SPMember member = createdWeb.Users[createdWeb.Author.LoginName];
//create the user groups ...
createdWeb.SiteGroups.Add(createdWeb.Title + " Contributors", member, createdWeb.Author, "Contributors to the site");
SPGroup newContribGroup = createdWeb.SiteGroups[createdWeb.Title + " Contributors"];
SPRoleDefinition contribRole = createdWeb.RoleDefinitions.GetByType(SPRoleType.Contributor);
SPRoleAssignment contribRoleAssignment = new SPRoleAssignment(newContribGroup);
contribRoleAssignment.RoleDefinitionBindings.Add(contribRole);
createdWeb.RoleAssignments.Add(contribRoleAssignment);
The above code will break the permission inheritance, so the created site will have unique permissions, this code could be refactored to also create Owners and Reader’s groups.
I was playing around with setting up the navigation created by a legacy custom site definition. Information posted for my reference more than anything else: <WebFeatures> <Feature ID="541F5F57-C847-4e16-B59A-B31E90E6F9EA"> <Properties xmlns="http://schemas.microsoft.com/sharepoint/"> <Property Key="InheritGlobalNavigation" Value="true"/> <Property Key="IncludeSubSites" Value="true"/> <Property Key="IncludePages" Value="false"/> <Property Key="InheritCurrentNavigation" Value="false"/> </Properties> </Feature> </WebFeatures>
Some of the settable properties are:
The boolean properties:
- IncludeInGlobalNavigation
- IncludeInCurrentNavigation
- InheritGlobalNavigation
- InheritCurrentNavigation
- ShowSiblings
- IncludeSubSites
- IncludePages
- SortAscending
The next properties take an enum:
- OrderingMethod - Automatic, ManualWithAutomaticPageSorting, Manual
- AutomaticSortingMathod - Title, CreatedDate, LastModifiedDate
I’ve been working with a client recently that had a problem with the Web Front End servers randomly rebooting. The servers were Windows Server 2008 running virtually on VMWare ESX. Interestingly the problem didn’t occur on any of the other Win 2008 servers that also ran on VMWare. Firstly we discovered that the machines weren’t just rebooting they were in fact blue screening and then rebooting after they did a dump. So we fired up WinDbg and had a look at some of the dumps. We found that the offending method was: FAILURE_BUCKET_ID: X64_0x7E_BAD_IP_HTTP!UlAuthenticate+73 The loaded module was HTTP.sys This seemed to fit, the environment that was crashing was the only one to have Kerberos enabled, so we suspected some interaction between Kerberos and VMWare to be the cause (hence these were the only servers crashing). But since Windows 2008 runs HTTP.sys which is a kernel mode driver, we knew that as part of the Kerberos setup we had to explicitly allow the kernel to authenticate as the app pool user (via the application host file). We also knew that we could use IIS manager to move this authentication out to user mode, if you open IIS manager, expand the web site, select Authentication from the right and select the advanced properties on the Windows Authentication item. This will present you with the following option to ‘Enable Kernel-mode authentication’: 
After we deselected this option our servers have been running solidly.
I received an interesting error today while trying to ‘Manage Data Sources’ on a report “The resource object with classname ‘ReportServer’ and the key ‘DataSourceList’ was not found”: 
I found that sometimes it would work, but other times it would fail. A bit of tracing showed that when I hit web1 in the farm it would fail, but web2 would succeed. With this information in hand I hand a look at the App_GlobalResources folder under c:\inetpub\wwwroot\wss\virtualdirectories\<web application name> Interestingly web2 (which worked) had some resources called ReportServer.resx, but web1 (which failed) did not have these resources, that was what was causing the failures. I copied the resources across and the issue resolved itself. I suspect that the report services add on wasn’t installed properly.
A little while ago I created a simple Application Definition for working with some CRM 4 data via the BDC. Well recently the CRM Search Accelerator for Microsoft Dynamics CRM 4 have been released, which provides a better Application Definition File: The enterprise search accelerator allows Microsoft Office SharePoint Server (MOSS) customers to view and search for Microsoft Dynamics CRM data directly from their SharePoint portals. By combining these two technologies users from different areas of the business will be able to: - View and edit any Microsoft Dynamics CRM data such as accounts, contacts, opportunities, sales orders, invoices, service cases and any custom entity data through MOSS.
- Launch a MOSS search which can return documents, emails, web content and Microsoft Dynamics CRM data.
If your interested in seeing how Commerce Server and SharePoint can be integrated, you might want to take a look at the December 2008 CTP of Commerce Server 2009: The bullet point of interest is: - Complete out-of-the-box e-commerce shopping site in SharePoint with new search functionality, new shopping features, and what-you-see-is-what-you-get (WYSIWYG) content management and design experiences. This helps to facilitate rapid assembly and maintenance of e-commerce Web sites by business users and creative professionals.
For more information about this upcoming release, the PDC session is a good place to start.
A new web part for CRM 4 integration into SharePoint has been released by Microsoft: Overview The List Web Part for Microsoft Dynamics CRM 4.0 provides a way to view and update Microsoft Dynamics CRM records using a Windows SharePoint Services 3.0 SP1 or Microsoft Office SharePoint Server 2007 SP1 Web site. Microsoft Dynamics CRM users can create shared or personal List Web Parts of Microsoft Dynamics CRM records from a SharePoint Web site, open records in Microsoft Dynamics CRM 4.0 from the List Web Part, and create connected List Web Parts. Ascentium has a blog post with some screen shots.
I was working with a client recently who had the idea that they could make use of Excel Calculation Services to render parts of a spreadsheet that they use heavily inside their business. The client hoped to be able to publish the spreadsheet in it’s current form. Unfortunately if any of the following features are inside your spreadsheet, it will fail to render: - Spreadsheets with code. This includes spreadsheets with VBA macros, forms controls, toolbox controls, MS 5.0 Dialogs, and XLM Sheets.
- IRM-protected spreadsheets
- ActiveX Controls
- Embedded SmartTags
- PivotTables based on “multiple consolidation” ranges
- External references (links to other spreadsheets)
- Spreadsheets saved in formula view
- XML expansion packs
- XML Maps
- Data validation
- Query Tables, SharePoint Lists, Web Queries, and Text Queries
- Spreadsheets that reference add-ins
- Spreadsheets that use the RTD() function
- Spreadsheet that use spreadsheet and sheet protection
- Embedded pictures or clip art
- Cell and Sheet background pictures
- AutoShapes and WordArt
- Ink Annotations
- Organization Charts and Diagrams.
- DDE Links
In my case the complex spreadsheet that the client was using contained a number of these features, which basically meant that they need to maintain a cut down spreadsheet just for rendering on the intranet.
I’ve been working with a client this week getting Kerberos working on their SharePoint farm. As you would expect I spent most of my time working out what SPN’s needed to be created. I created a simple little tool that will help you sort out the basic SPN’s: SharePoint Kerberos SPN Creation Tool 
The idea is that you enter the details about your farm and the tool will generate the SPN’s that you need to create (you can copy / paste from this site into your console window). The client I was working with had a much more complex farm that included reporting services, analysis services and proxy servers that all needed SPN’s, this tool doesn’t cover those types of farms, but it will help you get the base portal services up and running, then you can work out what SPN’s to create in order to get the rest of the services functioning. Don’t forget that you’ll also need to set up delegation for each of the accounts. By far the best SharePoint Kerberos reference is: http://blogs.msdn.com/martinkearn/archive/2007/04/23/configuring-kerberos-for-sharepoint-2007-part-1-base-configuration-for-sharepoint.aspx
I’ve written a web part that can help you insert JavaScript into a SharePoint page. Currently there is nothing stopping you using a content editor web part, but it has a few limitations. First is the fact that the JavaScript doesn’t stand out, people may think that the content inside the editor is blank, when in fact it contains JavaScript. By having a dedicated web part for JavaScript it becomes clearer that JavaScript lives on the page, also we can add a few features that make working with JavaScript a little easier. 
I’ve made the chrome state set to None by default, so you won’t see the web part at all during normal render time (only design time). The properties: 
Page load JavaScript: This can be any JavaScript that you want to run when JQuery loads, that is any code you want to live inside of: $(document).ready(function(){});
Something cool to try out (from EndUserSharePoint) try adding: $('#LeftNavigationAreaCell').toggle(); This will remove the left hand navigation.
Page level JavaScript: This is JavaScript that you just want to live on the page, it could be globally scoped variables or some functions that you have defined.
Script Includes: Each new line can be the URL to a JavaScript file to be included in the page, this is particularly useful for including JQuery plugins.
Use Google Libraries: Just a little novelty, it will use the Google Ajax API’s to load JQuery instead of the embedded JQuery resource.
You can have multiple web parts on the same page, the best bit about this is that all the code will be output into one place, so if you have one web part with some page load JavaScript that has say: alert(‘load’); and anther that includes the left nav cell hide from above, the result in the page would be:
$(document).ready(function(){alert’load’); $('#LeftNavigationAreaCell').toggle(); });
After you deploy the solution, be sure to activate the feature under ‘site features’:
You can download the solution package from here.
A while ago I wrote a little tag cloud web part, I’ve updated that web part so that it has its own solution package and can be used stand alone. After you install and deploy the solution, make sure you activate the tag cloud feature in ‘site features’ 
Lets take the example of adding tags to a standard events calendar. First add a new column named ‘tags’ to the events list. 
Add the tag cloud web part to the page and set the following properties: 
You can specify the link that each tag will link to as well. By default it will link to the search center and try to search on the metadata property of the tag field. i.e: "/SearchCenter/Pages/Results.aspx?k={tagfield}:{tag}", using this format however you could link to any page and then maybe use a query string filter web part to pull the tag from the url. 
The final web part looks like: 
You can download the solution from here.
This week I ran into an interesting problem. When adding a workflow to a content type we saw the following error: Unable to validate data. at System.Web.Configuration.MachineKeySection.GetDecodedData(Byte[] buf, Byte[] modifier, Int32 start, Int32 length, Int32& dataLength) at System.Web.UI.ObjectStateFormatter.Deserialize(String inputString) I did the normal thing at searched on Google, only to find this KB (http://support.microsoft.com/kb/928028) which describes the error message, it gives the solution as ensuring that SharePoint is installed with the same path on each of the server. This seemed odd, since all our servers have a standard build. The error message indicated that the view state has been modified between postbacks, so it was back to the drawing board looking for a solution that involved some change that could possibly have some effect on the view state. After talking with the designer it turned out that he had made some changes to the application.master page. We replaced the altered file with a backed up version of the application.master and sure enough the workflow could be added without any issues. After a bit more experimentation it turned out that the problem was with this: <SharePoint:DelegateControl ID="MyDelegateControl" runat="server" controlId="SmallSearchInputBox" /> It seems that the small search box alters the view state in some way to cause it not to validate on postback. Hopefully this will save someone else the hassle of this error.
I’ve been setting up Kerberos for a client that is using Windows Server 2008, I’ve found the following: Since Windows Server 2008 uses http.sys which is a kernel mode driver designed to intercept web requests at the kernel level (thus improving performance) it required a little more configuration. By default http.sys will handle the authentication request using the local system account not the application pool account, this will cause problems if you want to use Kerberos. The solution is the following: In the application.host file (located at: <system drive>/windows/System32/inetsrv/applicationHost.config ) Find the following xml fragment: <configuration><system.webServer><security><authentication> Change the windows authentication node: <windowsAuthentication enabled=”true” useKernelMode=”true” useAppPoolCredentials=”true”/> This just tells the http.sys kernel module to use the application pool credentials. Enable Kerberos logging: Run regedit: Find: HKEY_LOCAL_MACHINE / SYSTEM / CurrentControlSet / LSA / Kerberos / Parameters Add a new DWORD entry named: LogLevel and set it’s value to 1. On windows server 2008 this will take effect immediately. Now that logging has been turned on, you might want to reference the Common Kerberos Error Codes: http://support.microsoft.com/kb/230476 These error messages will show up in the System Tab of the Event Viewer. Of course there are a few more steps involved in setting up Kerberos, but hopefully this will help with the windows server 2008 specific problems.
The latest patch Tuesday includes the following for SharePoint: Executive Summary This security update resolves a privately reported vulnerability. The vulnerability could allow elevation of privilege if an attacker bypasses authentication by browsing to an administrative URL on a SharePoint site. A successful attack leading to elevation of privilege could result in denial of service or information disclosure. You should seriously consider this patch and apply it.
I was recently asked a question around this scenario: If you log into a SharePoint Portal by using the ‘Sign in as Different User Button’ as User2 it works fine, however when you click on the ‘MySite’ link it will show the MySite of User1 not User2 as you would expect. 
I should also point out that the MySite and Portal are running in separate web applications (this should give away the answer). So what is happening here is that when you click on the MySite link, this web applications asks the browser for the users authentication details, since it is a different URL (i.e. because its running in a separate web application, it will be a subdomain or even a different domain name) the browser will forward the logged in users credentials i.e. User1 (provided that it is in the local intranet zone), the browser will not keep User2’s credentials and will not forward them on. So the end effect is the scenario described above which may seem odd to the end user. The only way to get around this is to user the ‘RunAs’ command from windows and run the browser process as User2. What we’ve normally found is that the ‘Sign in as Different User’ option is normally only used by power users, these people will generally understand the problem if you explain it to them.
|