Ludo's LRT blog

Here in the LRT team at MMU we would love to use AD (global security) groups to target SharePoint web parts.  We are using MOSS 2007.

Unfortunately, it doesn’t quite work, although it used to some time ago.

Here’s a pictorial guide to what happens when we try to create a new AD group and use it in SharePoint:

1. Create a new global security group in AD.mmu.ac.uk.  Incidentally, inside our own LRT container. 
2. Populate the group with a number of users who already have access to our test SharePoint web portal.
3. Pick a shared web part, edit its properties, go to Advanced.
4. Under Target Audiences, try typing in the name of the new group and clicking the ‘tick’ icon to have it recognised.  It isn’t recognised, so SP underlines it in crinkly red and italicises it.
5. That can’t be right!  The group is right there in the AD!  Just to check, let’s delete the group name, then click on the ‘book’ icon next to the text box and look in there.
6. The ‘find audiences and groups’ dialogue box opens.  Select ‘Distribution / Security Groups’.  Try typing part of the name of your group and click on the magnifying glass.  The group is not found.
7. OK, let’s try all the above again from step 3 onwards, but first we’ll go to the SSP and do a full profile import.
8. Nope, still doesn’t work.

However, some groups that we have created do eventually appear in SharePoint, only with not as many members as they should have.  For instance, the group ‘hlss-election’ wasn’t appearing before.  Now it appears, with only one member.  It isn’t recognised in the ‘Target Audiences’ box if I type it in and click ‘Check Names’, but it is available using the ‘Browse’ feature (book icon).

If we ‘Browse’ the book, we can see that hlss-election has one member.  However, in AD it has three members.

One thing that might be of note is that I had added some text to the group’s Description field in AD Users & Computers before the last import.  This was suggested as being important in a blog post we found on the subject (look for Jason in the comments).

–Ends–

By default, the Shutdown button on the login screen of a Windows Server is disabled. This is to ensure that unauthorised users cannot walk up to the server and just switch it off from the login screen. Or worse, remote-desktop to it and just switch it off from the login screen!

But if you’re running Windows Server 2003 on a virtual machine on your desktop PC, this can be annoying. If, for example, your server suddenly decides not to log you on due to an ephemeral problem, as mine did today. Or in case you’ve booted it up, but decide you don’t want to log in after all.

To enable the Shutdown button, go into Local Security Policies (secpol.msc) or Group Policy (gpedit.msc), depending on which is more appropriate (I went with Local) – the setting should be accessible through either.

In the treeview on the left, you should have a root node of Security Settings. Under this go to Local Policies > Security Options. In the list of policies in the right pane, you should be able to see “Shutdown: Allow system to be shut down without having to log on”. This should be Disabled. Right-click to open Properties, then Enable the policy. Restart the computer.

The following MS KB article pretty much describes the above procedure: http://support.microsoft.com/kb/313924/en-gb

NB: you can see what Group Policies (and local security policies?) are installed on your machine using the tool rsop.msc, which shows you the “Resultant Set of Policies”.

This is a “reprint” of an article originally published on a private wiki not open to the public by me in July 2009.

Add & Deploy
To install a SharePoint solution called solution.wsp from C:\MMU Web Parts\ on your SharePoint farm (you should be able to run these commands from any web server in the farm):

Add:
stsadm -o addsolution -filename "C:\MMU Web Parts\solution.wsp"

Now deploy it to the web application of your SharePoint site:

Deploy:
stsadm -o deploysolution -name "solution.wsp" -url "https://my.mmu.ac.uk" -immediate [-allowgacdeployment]

Enumerate current solutions

If you’d just like to see which solutions are installed on your SharePoint server farm:

stsadm -o enumsolutions

But this spits out a lot of XML that’s very difficult to read on the command line (or at all). Here’s a Perl script to run to get enumsolutions without all the surrounding flim-flam:

@o=split /</,`stsadm -o enumsolutions`;
while(<@o>){
chop;
print qq[$_\n] if /^Name=.*wsp/;
}

or on the Windows cmd line:

perl -e "@o=split /</,`stsadm -o enumsolutions`; while(<@o>){chop;print qq[$_\n] if /^Name=.*wsp/;}"

Retract & Delete

To uninstall a SharePoint solution from your farm run both of these commands:

stsadm -o retractsolution -name "solution.wsp" -url "https://my.mmu.ac.uk" -immediate

stsadm -o deletesolution -name "solution.wsp"

Lastly, here’s an improved Perl one-liner for taming the tidal wave of XML output from enumsolutions.

I run a virtual Windows 2003 Server development server on my laptop (using Microsoft Virtual PC 2007) so that I can develop web parts for SharePoint easily.   This uses a lot of system resources, so I have to be careful how many applications I have open when I’m using Virtual PC, which is a lot of the time.

So if I want to test out a few SQL queries, it would be helpful if I could avoid having to open Microsft SQL Management Studio, which although it is fairly sprightly, is still what I would consider a ‘big’ application.

Instead, I can use the SQLCMD command line SQL Server client – the latest incarnation of the older ISQL program.  Great!  But how?

Since my laptop and the SQL Server are both in the same Active Directory domain, I can use a trusted connection (use the ‘-E’ parameter) and not have to specify my username and password.  This is very helpful as when I tried to use the -U and -P parameters with my username and password, it didn’t work.  (D’oh.)  And it’s always nice not to have to have your password hanging around on your computer screen in clear text, even in an office with only your trusted colleagues in it.

The following code runs a query on a hypothetical database server running SQL Server 2005 using a Windows Authentication trusted connection:

sqlcmd -E -S DB01.AD.MYCOMPANY.CO.UK -d pcusage -Q "select * from information_schema.tables"

Using a capital Q for the query runs it, returns the results and then disconnects from the server.  Using a lowercase q for the query will leave you connected, allowing you to run more SQL queries or statements.  To enter them, type out your query, press return, then type the go command and press return again. For instance:

sqlcmd -E -S DB01.AD.MYCOMPANY.CO.UK -d pcusage -q "select * from information_schema.tables"

[ results displayed ]

> select * from information_schema.tables

> go

[ results displayed again ]

> quit

How much more satisfying than having to open Management Studio – great app though it is – just to run a query.   Don’t you just love fast computing?  I do.

use RegisterClientScriptBlock

Last week I was delighted to be heavily involved in the development, testing and deployment of the Postgraduate Taught Experience Survey web part on behalf of CASQE.

http://bit.ly/pgsurvey

The survey link is available on its own web part page. Although this can be accessed by any SharePoint user, the web part hides itself from non-postgrads, instead displaying a suitable message.

The web part achieves this by accessing a database table containing a list of all known postgrads to check whether the logged-in user is among them. If so, a link to the survey is displayed.

The initial spec involved the use of Javascript in the web part to pop open the survey in a new window when a button was clicked. However, after concerns at the design stage that a lot of browsers block pop-ups with varying degrees of visibility, it was decided to replace the button with a simple link.

You can’t just edit a Content Editor Web Part from anywhere.  Perhaps because of the wide range of content you could put into a CEWP, i.e. just about anything, you cannot edit the content from any old terminal, even when you’re logged into the SharePoint website with your correct login.

Instead, when you open either content editor (Rich Text or Source), you see an error message of  “Cannot retrieve properties at this time”.  When you try to save your content, you see an error message “Cannot save your changes”.

We found that we could only edit a CEWP succesfully if we logged into myMMU on one of the actual SharePoint servers (accessed via Remote Desktop).

It seems that a CEWP can only be edited from a host server inside the same SharePoint farm.  Just being behind the same corporate firewall doesn’t help.

Since the LRT development team is on a different network inside MMU than our SharePoint servers, this means Remote Desktopping to one of the servers to do the editing.

Charles Petzold, the legendary Windows programmer and writer of books about how to write programs for Windows, has written a freely distributable book about .NET programming, which is aimed at programmers already experienced with a C-family language.

http://www.charlespetzold.com/dotnet

It’s downloadable in PDF or XPS format.

Petzold is internationally renowned as one of the most engaging and respected writers anywhere on Microsoft technologies. This book will be highly valuable to most .NET programmers. Although it was written in 2007 and is thus nearly three years old, it’s probably still one of the best intros to .NET available.

Last week K installed a web part only to find that errors were reported during the deployment.

The web part seemed to actually work – good.  But the solution couldn’t be removed from the farm, making improving the app difficult.

K tried installing a later version of the web part  under a different solution name.  This time, the deployment never completed!  It looked as though we wouldn’t be able to install any more web parts until this was sorted out.

Naturally, the web part was one that we also needed to improve urgently because a feature of the code was having a detrimental effect on one particular set of students and staff, as a result of a WebCT announcement that had been written that was >4k in size.

How we fixed it:

K found some advice online from a reliable source that suggested we needed to restart the Timer service on one of the SP servers.

We looked at the Timer Jobs in CA > Operations to determine what impact this would have on the site and decided current users would experience no apparent impact.

When we looked at Timer Job Status, we saw that for both of the solution deployments, only one server – JDEAPP2 – was experiencing problems, while the others were fine.  This would presumably cause a problem with farm-wide deployment while allowing the web part to work OK on most servers (including all the front-end ones). So we decided to restart the Timer service on JDEAPP2.  This is a Windows service called ‘Windows SharePoint Services Timer’.

Restart took less than a second.  Going into CA > Operations > Solution Management, we could now see that the stalled deployment had completed, while the original one that errored now presented options to retract or redeploy that weren’t there before.

Job’s a good’un.