which country user step here?

Tag Cloud

MOSS (47) SharePoint 2007 (37) SharePoint 2013 (25) SharePoint 2010 (22) MOSS admin (17) PowerShell (17) admin (17) developer (16) List (15) WSS (14) sql query (14) MOSS SP2 (13) end user (11) scripting (11) wss V3 (11) Moss issue (8) search (8) permission (7) sql (7) Service Pack (6) database (6) reportadmin (6) workflow (6) Excel (5) RBS (5) client object model (5) CU (4) Client Code (4) Command (4) Cumulative Updates (4) IIS (4) Patch (4) SharePoint designer (4) stsadm (4) ASP.NET (3) Content Database (3) Groove (3) Host Named Site Collections (HNSC) (3) Tutorial (3) alert (3) batch file (3) codeplex (3) error (3) incomming email (3) restore (3) upload (3) user porfile (3) Caching (2) Folder (2) Index (2) Internet (2) My Site Cleanup Job (2) My Sites (2) News (2) People Picker (2) Share Document (2) View (2) Web Development with ASP.NET (2) add user (2) authentication (2) coding (2) column (2) deploy solution (2) domain (2) download (2) enumsites (2) exam (2) export (2) issue (2) june CU (2) load balance (2) mySites (2) network (2) office 365 (2) orphan site (2) performance (2) profile (2) project server (2) query (2) server admin (2) theme (2) timer job (2) training (2) web master (2) web.config (2) wsp (2) 70-346 (1) 70-630 (1) AAM (1) Anonymous (1) Approval (1) Cerificate (1) Consultants (1) Content Deployment (1) Content Type (1) DOS (1) Document Library (1) Drive Sapce (1) Excel Services (1) Export to Excel (1) Feature (1) GAC (1) Get-SPContentDatabase (1) Get-WmiObject (1) HTML calculated column (1) ISA2006 (1) IT Knowledge (1) ITIL (1) Install (1) Link (1) MCTS (1) Macro (1) Migration (1) NLBS (1) Nintex (1) Office (1) Open with Explorer (1) ROIScan.vbs (1) Reporting Services (1) SPDisposeCheck.exe (1) SQL Instance name (1) SSRS (1) SharePoint admin (1) SharePoint farm (1) Shared Services Administration (1) Site Collection Owner (1) Site template (1) Steelhead (1) URLSCAN (1) VLOOKUP (1) WSS SP2 (1) XCOPY (1) abnormal incident (1) admi (1) app (1) application pool (1) aspx (1) audit (1) availabilty (1) backup (1) binding (1) blob (1) branding sharepoint (1) cache (1) calendar (1) connection (1) copy file (1) counter (1) crawl (1) custom list (1) event (1) excel 2013 (1) facebook (1) filter (1) fun (1) group (1) iis log (1) import (1) import list (1) improment (1) interview (1) keberos (1) log in (1) metada (1) migrate (1) mossrap (1) onedrive for business (1) operation (1) process (1) publishing feature (1) resource (1) security (1) send email (1) size (1) sps2003 (1) sql201 (1) sql2012 (1) sub sites (1) system (1) table (1) task list (1) today date (1) vbs (1) video (1) web part (1) web server (1) widget (1) windows 2008 (1) windows 2012 R2 (1) windows Azura (1) windows account (1) windows2012 (1) wmi (1)

Thursday, December 25, 2014

Managing Office 365 Identities and Requirements : Exam 70-346

wohoo, get the exam 70-346 pass ! Thanks Microsoft offer the free exam certified !!

ok back to the discussion , I have found one discussion is very useful for study which is : https://anderseideblog.wordpress.com/reading-lists/ms-exam-70-346-managing-office-365-identities-and-requirements/

sometime study for knowledge and study for exam is different story , he he. if you like to have more tips on study for exam fell free put on the comment. I will email the trick for you Open-mouthed smile

Wish you all happy new year.

Tuesday, April 15, 2014

Authentication in SharePoint 2013

copy from http://go.microsoft.com/fwlink/p/?LinkId=313915

Three types of authentication: User, App, Server-to-Server

User Authentication:

  • Windows claims-based authentication ( NTLM, KerberosAD , basic)
  • Forms-based authentication
  • SAML token-based authentication



The key elements of SAML token-based authentication are the following:

  • Configure the IP-STS with the set of authentication providers (such as AD DS, databases, and others) corresponding to organization and partner accounts.
  • Configure the IP-STS with the set of relying parties corresponding to the web applications that use SAML token-based authentication and claims mappings. 
  • Configure the SharePoint 2013 farm with the token signing certificate of the IP-STS, the corresponding claims mappings as done on the IP-STS, and the name of the IP-STS as a trusted security token issuer.
  • Configure the web application with the name of the IP-STS as a SAML identity provider.
  • *Identity Provider STS (IP-STS) sts=security token service

App Authentication:

  • Low-trust Apps ( trust low-trust apps, you must have an Office 365 subscription > relies on the Windows Azure Access Control Service (ACS)
  • High-trust Apps( for Internet hosts )

Server-to-Server Authentication

Server-to-server authentication enables a new set of functionality and scenarios that utilize cross-server resource sharing and access, including the following:

  • eDiscovery Discover and place holds on content in the SharePoint farm, in Exchange Server 2013, on file shares, and in other SharePoint farms.
  • Exchange task synchronization Allows users to synchronize SharePoint Server 2013 and Project Server tasks with Exchange Server 2013 and have them appear in Outlook 2013.
  • Site mailboxes Provides SharePoint Server 2013 users with team email, hosted by Exchange Server 2013, on a SharePoint site.
  • SharePoint 2013 Hybrid Federated search, Business Connectivity Services, and Duet Online between an on-premises SharePoint 2013 farm and SharePoint Online.


Sunday, April 6, 2014

SP24 - The Free 24-hour SharePoint ​Conference


​SP24 is a SharePoint Conference with a difference and if you are interested in SharePoint you are going love it, and here's why :

  1. It's entirely on-line - so you won't need to leave the office or home!  
  2. Free for all attendees.
  3. Takes place on 16th April 10pm GMT.  
  4. Over 5000 attendees have already signed up.
  5. Lasts for 24 hours.  
  6. World famous ​speakers from all over the world. 
  7. Keynote from Bill Baer (Senior Product Manager, Microsoft). 
  8. Comprises of 2 tracks, (business and technical).  
  9. 106 sessions + on-demand sessions.

There will be 48 FREE hour long online sessions for 24 hours and the keynote speech is by Bill Baer, who is the Microsoft Senior Product Manager for SharePoint. I will find out where the industry is heading, the direction of SharePoint and associated products, the best practices and news about upcoming integration across technologies for no cost whatsoever. I will learn about the comprehensive scope of features, functionalities and solutions that SharePoint can offer, and I will bring this information back.


There are over 100 speakers and over 5000 (and rising) delegates, Microsoft engineers, Microsoft Certified Masters and MVPs will be speaking and viewing the sessions from around the world. On top of having exclusive access to the experts, I will have the opportunity to chat online with speakers and other conference attendees, and get our questions answered while learning how SharePoint can provide solutions for us.


I am already signed up to attend SP24 and I strongly suggest you book your place early by visiting : https://www.sp24conf.com


The Keynote starts on 16th April 2014 10pm GMT and will last for 24 hours.

The new start for me at Sharepoint2013 ~ Windows 2012

Without the proper training class need start to explore in Sharepoint2013 , so need to start to learn how to use windows 2012.

ha ha , the first step I learn is how to find the Start button :

Open the Start screen

The Start screen is the home of Windows apps. To open the Start screen, use one of these methods:

  • Press the Windows logo key. In a virtual machine, you can press Ctrl+Esc.
  • Hover the mouse cursor in the upper right corner of the screen, and then click Start.
  • On the desktop, hover the mouse cursor in the lower left corner of the screen, and click when the thumbnail of the Start screen appears.

Yeah!! finally I found my lovely Start button … >_< . still have long journey to go self learning step by step, hope manage to attend the windows2012 and sharepoint2013 admin class soon. 


To browse to the SharePoint Central Administration website in Windows Server 2012

  1. On the Start screen, click SharePoint 2013 Central Administration.

    If SharePoint 2013 Central Administration is not on the Start screen, complete the following steps:

    1. Right-click Computer.

    2. Click All apps.

    3. Click SharePoint 2013 Central Administration.

  finally I see the lovely SharePoint 2013 Central Administration . (of course you can just open ie and type the address.)


Wednesday, March 12, 2014

How it works: MOSS 2007 automatic user profile removal

this article is copy from http://blogs.msdn.com/b/gyorgyh/archive/2009/11/13/how-it-works-moss-2007-automatic-user-profile-removal.aspx

I would like to copy over here as reference and keep for my self Smile 

this is a really help full article for us to understand on how the process Sharepoint2007 remove the profile.


In MOSS 2007 the inactive user profiles are deleted by a timer job called “My Site Cleanup Job”.

my site cleanup job screenshot

This new job was the product group’s answer for customer feedback about the problems with SPS 2003 user profile removal to make it more robust.

The job runs once every hour which confused many people who thought that 3 full imports will delete users in MOSS 2007 as it was in SPS 2003. It is not the case anymore. You can do as many full imports as you like, if you disable this job, no user will be removed from the inactive user list. Since it runs hourly and full import can be long, 3 runs can take about 1 hour and it seems the full import did the trick, but in fact it did not.

To understand how this new feature works let’s start from the basics.

During the user import process (crawl) if MOSS cannot find a user in AD/LDAP directory it marks the user deleted in the SSP user profile store without removing it.

user deleted during import screenshot

You can check these users in the SSP administration site under user profiles and properties on the View user profiles page selecting the “Profiles Missing From Import” view. You can delete the profiles here manually.

missing profiles view in sssp admin site

This list is the input for the “My Site Cleanup Job”.

Let’s dive into the details.

The job in fact does two things every hour:

  1. Updates all personal sites and sets the mysite host's portal url as portal url on all mysites. This way if you defined your company intranet as portalurl on the host, users’s mysites will have a top breadcrumb pointing to the company intranet.
  2. Processes pending user profile deletes using the “profiles missing from import” list

The following steps happen during user profile removal:

  1. Using the account name of the to be deleted user the job fetches the user profile

Checks if the user is active using all defined import connections defined in this SSP

  1. LDAP connection is created to search for the user
    1. using it’s Username (just the user without the domain\) for Active directory connections. The filter is samaccountname=user and the filter which was defined in the connection.
    2. using the user portion of the AccountName , for eg user is used for an AccountName of “membershipprovider:user”. The filter is uid=user and the filter which was defined in the connection.
  2. After MOSS 2007 Sp2 if the user’s domain cannot be contacted the user is assumed inactive and user profile is removed.
    1. UPDATE: In 2009 December MOSS Cumulative update there is a change in behavior in the previous step. Now it is possible to control how aggressive this job will be on user profile removal with the stsadm -o sync command. From 2009 December CU by default if the domain controller cannot be contacted, the user is not considered missing. It is only considered missing if the domain controller can be contacted and the DC says that the user does not exist. To turn back the SP2 behavior of aggressive delete in case DC cannot be contacted, you must run stsadm -o sync -AggressiveMySiteCleanup 1 . Thanks for my colleague Jose Vigenor to draw my attention to this recent change.
  3. If all connections return zero results then the user is assumed inactive and the profile is removed.
  4. Just before the actual profile delete happens, the profile delete event handler is called. The event handler can cancel the deletion if it returns false in its PreProfileDeleted method implementation.
    1. The out-of-the-box event handler takes the manager of the to-be-deleted user and sets that user (if found) as the owner of the user’s my site.
    2. The manager gets an email with a subject of “The My Site of username is scheduled for deletion” and the url of the mysite.
    3. The event handler returns true for all users, there is no filtering.
  5. If the user is found in any of the import connections its deleted status is removed and the user is set active in the SSP.

To troubleshoot this feature you need to increase the trace level of “User Profiles” ULS category in central administration / operations / diagnostic logging.

Alternatively you can use stsadm to set it:

stsadm -o setlogginglevel -category "User Profiles" -tracelevel Verbose

Then verify all lines with “MySiteCleanup:” to follow what the job is doing.

I have to mention a special case of problem which is difficult to figure out. When an admin defines an import connection which uses a custom account, MOSS stores this setting in two locations. When you save the setting, a crawl rule is created for the Profile import project in the registry – since the user profile import is in fact a crawl, this is somehow expected. Furthermore the regularly called Synchronize method stores/updates this account information in the configuration database as well which is used by the “My Site Cleanup Job”. Sometimes these accounts gets out of sync and the “My Site Cleanup Job” tries to validate a user with invalid connection credentials. In this case usually the user profiles are not deleted automatically. To solve the problem, first of all resolve any exceptions which happen during the Synchronize method which is synchronizing the search settings on all SharePoint machines. Once the errors are gone, you need to delete the recreate the user profile import connections to ensure that the credentials are ready to be created again in the configuration database.

Known issue as of 5/31/2011:

If there are two import connections to two different forests and the same username is used in both, deleting the user from the second forest will be picked up by the profile import correctly but the my site cleanup timerjob will issue an AD query against the first forest as samaccountname=user without the domain part and will find this user active and will restore the marked user from second forest  as active while it does not exists in that AD anymore.


Automatic profile removal only works for MOSS imported profiles which can be marked as deleted during an import. If you manually add any profiles, those will never will be automatically deleted. Same applies if you add profiles using Object Model. You need to delete these users manually or with Object Model.

UPDATE: I received a lot of questions around actual my site deletion. I would like to emphasize that the  “My Site Cleanup Job” - although its name might suggest it - does not delete actual my sites. It only removes the user profile from the SSP profile store and changes the my site owner to the user’s manager if there is one. The my site site collection will not get deleted by this job. In order to get to a my site which belongs to a deleted user, you have to type the actual my site url directly, since the user profile has been deleted, you cannot get there using person.aspx?accountname=domain\user – it will display user not found as expected. You have to know the direct url or check the my site naming convention on the SSP admin page and figure out the url yourself.

There is an independent feature for automatic site deletion which can be enabled for a web application which is not discussed in this post. It is called “SIte Use Confirmation and Deletion” and can be found under Application management in Central administration. That feature will apply to any site collection in the web application which is idle, not necessarily to my sites which belong to a removed user profile.

Tuesday, March 11, 2014

how to manually run timer job at SharePoint 2007 ?

suddenly need to trigger custom timer job run manually but just found out no easy /OOB to do of it, so searching around the solution at web.

You cannot force the execution of the jobs through the Central Administration

Note : For the out of the box timer jobs, you can use the stsadm –o execadmsvcjobs command but this will mereexecute the administrative timer jobs ly execute the administrative timer jobs but it will not execute the custom ones.

below is my found out conclusion :

  • stsadm –o execadmsvcjobs only execute the administrative timer jobs ( from this blog )
  • you can Using SharePoint Manager 2007 to monitor timer jobs.( from this blog )
  • Changing schedule of timer jobs ( so can make it to minute later to run it )
  • you can run the extended command STSADM -O RUNTIMERJOB -NAME (NAME OF TIMER JOB) -URL (SITE COLLECTION URL) but is not an OOB command, it requires additional functionality installed on SP2007
  • Install TVR timerjob solution from codeplex ( here )


Sunday, February 16, 2014

Microsoft SharePoint 2013 Platform Options

SharePoint 2013 有四个平台可以供我们使用:

SharePoint in Office 365 (云端服务)


  • Secure external sharing and collaboration (unique feature!).
  • Intranet — team sites, My Sites, and internal collaboration
  • Document storage and versioning in the cloud.
  • Basic public-facing website.

Additional features with Office 365 Dedicated Subscription Plans:

  • Microsoft data center equipment that is dedicated to your company or organization and not shared with any other organization.
  • Each customer environment resides in a physically separate network.
  • Client communication across an IPSec-secured VPN or customer-owned private connection. Two-factor authentication is optional.
  • ITAR-support plans.


那IT Pro就没工做了?哈哈。。还是有的:

  • Ensure user workstations meet Office 365 client prerequisites.
  • Implement the directory integration plan.
  • Plan and implement internal and external DNS records and routing.
  • Configure the proxy or firewall for Office 365 IP address and URL requirements.
  • Create and assign permissions to site collections.
  • Implement customizations, solutions, and apps for SharePoint Online.
  • Monitor network availability and identify possible bottlenecks.

Architecture 的范围看来比较好玩点,但是做完就没得玩了。

  • Plan and design directory integration. Two options (either option can be deployed on premises or in Windows Azure):   #Password sync (requires one 64-bit server). # Single sign-on (requires ADFS and multiple servers).
  • Ensure network capacity and availability through firewalls, proxy servers, gateways, and across WAN links.
  • Acquire third-party SSL certificates to provide enterprise-security for Office 365 service offerings.
  • Plan the tenant name, design site. collection architecture and governance.
  • Plan customizations, solutions, and apps for SharePoint Online.
  • Decide if you want to connect to Office 365 by using the Internet Protocol 6 (IPv6) — not common.

Hybrid with Office 365 ( Combination of Office 365 + on-premise)


  • 好处是有SharePoint Search , Business Connectivity, Duet Enterprise Online
  • Users can see search results from both environments. Extranet users can log in remotely with an on-premises Active Directory account and use all available hybrid functionality
  • From SharePoint Online: Users can perform both read and write operations. The BCS service connects to an on-premises SharePoint Server 2013 farm. The BCS service configured on the on-premises farm brokers the connection to on-premises OData Service endpoints.
  • From SharePoint Online: Users can perform read and write operations against an on-premises SAP system.
  • Use Office 365 for external sharing and collaboration instead of setting up an extranet environment
  • Move My Sites (Sky Drive Pro) to the cloud to make it easier for users to access their files remotely.
  • Start new team sites in Office 365.
  • Integrate an Office 365 site with on-premises BCS SharePoint environment.

Windows Azure (基本来说就是微软帮我们hosting- Infrastructure as a Service (IaaS))


  • Windows Azure is a platform that provides the infrastructure and app services needed to host a SharePoint 2013 farm.
  • Infrastructure as a Service (IaaS).
  • Best native cloud platform for SQL Server and SharePoint.
  • Computing resources are available almost immediately with no commitment.
  • Focus on applications, instead of datacenters and infrastructure
  • Inexpensive development and test environments
  • SharePoint solutions can be accessible from the Internet or only accessible from a corporate environment through a site-to-site VPN tunnel.
  • Customizations are not limited.


  • SharePoint for Internet Sites — Public facing sites. Take advantage of Windows Azure AD for customer accounts and authentication.
  • Developer, test, and staging environments — Quickly provision and un-provision entire environments.
  • Hybrid applications — Applications that span your datacenter and the cloud.
  • Disaster recovery environment — Quickly recover from a disaster, only pay for use
  • Farms that require deep reporting or auditing.
  • Web analytics.
  • Data encryption at rest (data is encrypted in the SQL databases).


  • Windows Azure subscription (includes the server operating system)
  • SQL Server
  • SharePoint 2013 Server License
  • SharePoint 2013 Client Access License

Architect 和 IT pro 就比较好玩多了(不然公司请你来做么?)


On Premises(这就是普通我们Sharepoint2007/2010在公司用的)


Sunday, February 9, 2014

SharePoint 2013 Database

http://go.microsoft.com/fwlink/p/?LinkId=271932 >> Microsoft SharePoint Server 2013 architecture


look like sharepoint2013 database have extra a lot database is created for the service application database. Look cool , need to take sometime to understand again.

so far I can recognized one is about the system database only , I have leaving far away from sharepoint2013 since my working place still remain at sharepoint2007.

hope this year I can play around with sharepoint2013 soon and get chance to attend some formal training on it and get certified for it.