Explore SharePoint Products and Technologies: 2008

Tuesday, December 9, 2008

Issues when you stop inheriting permissions or configure unique permissions for SharePoint sites

In this post, we will talk about issues that may occur due to incorrect processing of certain inherited permissions.

As a site collection administrator, you need to be very careful about configuring permissions for specific sites under your site collection. You can definitely inherit or break permissions(configure unique permissions) for any sub site based on site users’ requirements however certain scenarios may result in incorrect processing of permissions and bring down the entire site collection.

We had experienced this issue where a site collection administrator changed the permissions of couple of sub sites, which brought down the entire site collection and resulted in being unable access the site collection or any of the sub sites under that site collection.

After struggling with this issue for a while, we came across following KB Article, which exactly explains our situation and hot fix to resolve this issue.

http://support.microsoft.com/kb/935958

Here are the steps to reproduce this error,

You create a site collection or a top level site – e.g. Test SC.
You create a site that is named Site A. Site A inherits permissions from the parent site – Test SC. Then, you configure Site A to stop inheriting permissions.
Under Site A, you create a sub site that is named Site B. Site B inherits permissions from the parent site – Site A. Then, you configure Site B to stop inheriting permissions.
You configure Site A to inherit permissions from the top-level site – Test SC.
You create a document library in Site B, and then you configure the document library to inherit permissions from Site B.

In this scenario, the document library inherits permissions from Site B. However, you receive the error message “HTTP 500 - Internal server error” when you try to access a site in the site collection. Additionally you may receive “Cannot complete this action” error.

The interesting thing is, you will not be able to perform any operation on this site collection and any of its sub sites. This includes deleting entire site collection – GUI or command line (stsadm operations).

Let me share one more scenario with you…

You have a folder inside document library. You have “Contribute” access to this folder but you are unable to upload the files. This issue is permission specific and will not result in any site access issues.

Here are the steps to reproduce this error,

You create a document library e.g. “ProjDocs” in SharePoint site.
You create a folder e.g. “Specifications” under this document library. Then, you configure this folder to stop inheriting permissions.
You add a new user e.g. “domain\xyz” and assign “Contribute” permissions on this folder (Specifications). This will automatically add this user (domain\xyz) to document library (ProjDocs) with “Limited Access” permissions. This user (domain\xyz) does NOT have any permission at site level. He is allowed to access contents of “Specification” folder only.
Then, you login as this new user (domain\xyz). You see “Upload” menu but you are unable to upload documents and receive “Access Denied” error.

There are two temporary resolutions to this issue.

Use Windows Explorer to upload the documents from “Actions > Open with Windows Explorer” menu.
Stop inheriting permissions for the document library where this folder resides and give that user “Read” permissions on document library. In above scenario break permission inheritance for “ProjDocs” document library and give “Read” permissions to the user “domain\xyz”. Please use work around #1, If you do not want user to see any of the contents in document library.

The ultimate solution for both of the above issues is to install Service Pack 1 (SP1) for Microsoft Office SharePoint Server 2007. Installing just a hot fix will upgrade your SharePoint farm to some intermediate version and may result in some environment specific issues. Therefore, it is highly recommended to install Service Pack 1 (SP1) for MOSS 2007.

Monday, December 8, 2008

Data View web part in SharePoint 2007

Open the WSS site in SharePoint Designer 2007 where you want to use the Data View web part. As usual, I have opened “Test Site Collection” in SharePoint Designer to add Data View web part.

Select File > New > Create from Master Page… to create a new page for Data View web part.

Select appropriate Master Page for creating a new page. I want default look and feel of WSS site so I have used Default Master Page.

The new page should look like this,

Next step is to create a web part zone where you can add the Data View web part. Select “PlaceHolderMain (Master)” and click “>” arrow on right hand side top corner. Click “Create Custom Content” under “Common Content Tasks” menu as shown below,

Now you should be able to click inside the “PlaceHolderMain (Custom)” and add a new web part zone. Select Insert > SharePoint Controls > Web Part Zone

This should add a new web part zone, which we will use to add the Data View web part. Select “Data Source Library” tab on the right hand side panel of SharePoint Designer and click “Connect to a databases…” link.

This will open “Data Source Properties” window. Click “Configure Database Connection” button.

There are multiple ways of connecting to SQL Server

1. Saving username and password as clear text in the data connection.

2. Using Single Sign-On authentication

3. Providing custom connection string

I have used the first method – Saving username and password as clear text in the data connection. I have created a new user called “DBAdmin”, which will work with SQL Server authentication as shown below.

Note: You may need to configure database connection with Single Sign-On authentication, if you want to use Windows authentication. You may provide custom connection string but that may require stored procedure to query the database instead of custom query. I have seen few blog posts regarding the issues in using custom query with custom connection string and you can query database only with stored procedures.

http://www.u2u.info/Blogs/karine/Lists/Posts/Post.aspx?ID=4

Provide the name of the database server, username and password by selecting “Save this username and password in the data connection” under Authentication.

Click “OK” on warning message window – “The selected authentication option saves the username and password as clear text in the data connection. Other authors of this Web site can access this information.”

Select appropriate database and table to bring the data in Data View web part. I have chosen “Emp” table of “test” database as shown below.

You may select only certain fields instead of all by clicking “Fields…” button. You may also use “Filter…” and “Sort…” buttons for customizing your query. You may provide appropriate name to this data connection in “General” tab. I have named it “Employee Details”. Click “OK” after you are done.

Click “Employee Details” under Database Connections in Data Source Library tab and click “Show Data”.

This will display data under “Data Source Details” tab. Click “Insert Selected Fields as…” button and select appropriate view. I have selected “Multiple Item View”.

This will add the Data View web part to the web part zone. Select Data View web part and select appropriate operation under “Common Data View Tasks” menu if you want to customize it further.

Finally click “Save” icon on the top of SharePoint Designer and save this page to the desired location. I stored it as “EmpDetails.aspx” at http://sharepoint-dev.corp.netapp.com/sites/SCTest/EmpDetails.aspx.

Following screen capture shows EmpDetails.aspx in SharePoint Designer 2007.

Here is the screen capture after browsing EmpDetails.aspx page which shows Data View web part with the data pulled from SQL Server 2005.

Friday, October 17, 2008

Step by step installation of Service Pack1 for Microsoft Office SharePoint Server 2007 - MOSS 2007 SP1

These steps assume following SharePoint topology:

1. SPSRVR1: Query Server and SharePoint Central Administration Site

2. SPSRVR2: Index Server and Dedicated Web Front End server for crawling

3. SPDB: Database Server – SQL Server 2005

Note: We have heterogeneous environment, where SPSRVR1 and SPSRVR2 have Windows Server 2003 Enterprise Edition with SP1-32 bit (x86) and SPDB has Windows Server 2003 Enterprise Edition with SP1-64 bit. We have installed Microsoft Office SharePoint Server 2007 Standard Edition-32 bit (x86) with SQL Server 2005 Standard Edition with SP1-64 bit.

SharePoint Topology overview:

ExchangeServer2003:
Windows SharePoint Services Outgoing E-Mail

SPSRVR1:
Central Administration
Office SharePoint Server Search (Query Role)
Windows SharePoint Services Help Search
Windows SharePoint Services Incoming E-Mail
Windows SharePoint Services Web Application

SPSRVR2:
Office SharePoint Server Search (Index Role with dedicated web front end (SPSRVR2) for crawling)
Windows SharePoint Services Web Application

SPDB:
Windows SharePoint Services Database

Steps to install Service Pack1 for Microsoft Office SharePoint Server 2007:

1. Stop Word Wide Web Publishing Services on SPSRVR1 server. Use following batch file,
“C:\Stop And Start All SharePoint Services\Stop SharePoint Services SPSRVR1.bat”

2. Stop Word Wide Web Publishing Services on SPSRVR2 server. Use following batch file,
“C:\Stop And Start All SharePoint Services\Stop SharePoint Services SPSRVR2.bat”

3. Download and Run (double click on .exe file) WSS 3.0 SP1 on SPSRVR1 server.

4. Read the license terms and click “Accept” button.

5. Click “Continue”.

6. At the reminder message click “OK”.

7. At the installation complete message click “OK”.

8. If SharePoint Products and Technologies Configuration wizard starts, CANCEL/CLOSE it.

9. Repeat steps 3-8 for SPSRVR2 server.

10. Download and Run (double click on .exe file) MOSS 2007 SP1 on SPSRVR1 server.

11. Read the license terms and click “Accept” button.

12. Click “Continue”.

13. At the reminder message click “OK”.

14. At the installation complete message click “OK”.

15. At the end of the software update installation, SharePoint Products and Technologies Configuration wizard starts, if it does NOT then go to Start > All Programs > Microsoft Office Server > SharePoint Product and Technologies Configuration Wizard to start it manually.

16. On the SharePoint Products and Technologies Configuration wizard welcome screen, click “Next” button.

17. Click “Yes” if it notifies for services might need to be restarted.

18. On completing SharePoint Products and Technologies Configuration wizard, click “Next”.

19. When the dialog box about installation in a server farm appears, do NOT click “OK”. Instead leave each server with the following dialog box displayed.

“You must run setup to install new binary files for every server in your server farm. If you have multiple servers in your server farm, run setup and the configuration wizard on the other servers now, and then return to this server and click “OK” to continue.”

20. Repeat steps 10-19 for SPSRVR2 server.

21. Return to SPSRVR1 server and click “OK” button to finalize the installation.

22. SharePoint Products and Technologies Configuration wizard will go through configuration steps (typically from step1-9).

23. On the configuration successful page, click “Finish”.

24. Verify installation. Open SharePoint Central Administration site, Click Operations > Topologies and Services > Servers in Farm and verify version number next to each server, it should be 12.0.0.6219. You may check log files to review any errors while installing updates (SP1). Log files can be found at C:\Program Files\Common Files\Microsoft Shared\web server extensions\12\LOGS with the name “Upgrade.log”.

25. Go to SPSRVR2 server and click “OK” button to finalize the installation.

26. Go through steps 22-24 for SPSRVR2 server.

27. After you verify that the installation of Service Pack1 was successful for both the servers – SPSRVR1 and SPSRVR2 servers, start Word Wide Web Publishing Services on SPSRVR2 server and then on SPSRVR1 server. Use following batch files,

“C:\ Stop And Start All SharePoint Services\Start SharePoint Services SPSRVR2.bat”

“C:\ Stop And Start All SharePoint Services\Start SharePoint Services SPSRVR1.bat”

28. Verify access to SharePoint application – SharePoint sites. It should be available to all (Intranet).

Note: It would be a good idea to reboot all the SharePoint servers in the farm after installing Service Pack 1 for Microsoft Office SharePoint Server 2007 – MOSS 2007.

Here are the batch files to stop and start all SharePoint services while updating the SharePoint server farm,

1. Stop SharePoint Services SPSRVR1.bat/SPSRVR2.bat:

echo This script will stop all SharePoint and IIS Services. Press any key to continue...

pause

net stop w3svc
net stop "HTTP SSL"
net stop SPAdmin
net stop spsearch (SPSRVR1 server only)
net stop SPTimerv3
net stop SPTrace
net stop oSearch
net stop smtpsvc (SPSRVR1 server only)
net stop msdtc
net stop iisadmin

pause

2. Start SharePoint Services SPSRVR1.bat/SPSRVR2.bat:

echo This script will start all SharePoint and IIS Services. Press any key to continue...

pause

net start w3svc
net start "HTTP SSL"
net start SPAdmin
net start spsearch (SPSRVR1 server only)
net start SPTimerv3
net start SPTrace
net start oSearch
net start smtpsvc (SPSRVR1 server only)
net start msdtc
net start iisadmin

pause

Note: You may stop and start World Wide Web publishing service (w3svc) only while installing Service Pack 1 for your Microsoft Office SharePoint Server 2007 however we decided to stop and start all SharePoint and IIS services.

References:
Download WSS 3.0 SP1 and for description KB Article 936988
Download MOSS 2007 SP1 and for description KB Article 936984
Download WSS 3.0 Post SP1 hot fixes and for description KB Article 941422
Download MOSS 2007 Post SP1 hot fixes (request Microsoft for download) and for description KB Article 942819
More updates – KB Article 956056
More information regarding SharePoint 2007 Post Service Pack 1 hot fixes
Troubleshoot errors that occur when you run the SharePoint Products and Technologies Configuration Wizard
Prompted unexpectedly to restart the computer after you install a 2007 Office service pack or a 2007 Office update

Wednesday, October 8, 2008

Query Server is not responding and SharePoint Search is broken

This post is in reference to my previous post regarding SharePoint Search issue. I have tried to add detailed resolution steps for that issue.

Issue: Query Server does not respond for content index propagation and SharePoint search does not work for searching new contents. It may work for searching old contents.

These steps assume following SharePoint topology:

1. SPSRVR1: Query Server and SharePoint Central Administration Site
2. SPSRVR2: Index Server and Dedicated Web Front End server for crawling
3. SPDB: Database Server – SQL Server 2005

Create a new folder (e.g. “Applications2”) on SPSRVR1 (Query Server) for content index propagation. There is no need to share it. SharePoint will do it automatically and remove sharing for “Application” folder (original location for content index propagation). It is highly recommended to create a new folder (“Application2”) at the same level as its original folder (“Application”).

Run following command on SPSRVR1 (Query Server)

Note: Do not move existing content index from old location (“Application”) to a new location (“Application2”) manually. In fact, SharePoint does it automatically once you create a new location for content index propagation and run above command

E:\Program Files\Microsoft Office Servers\12.0\Data\Office Server\Applications on SPSRVR1 – Query Server (Currently it is 4.84 GB with the items in index = 1271197)

E:\Program Files\Microsoft Office Servers\12.0\Data\Office Server\Applications on SPSRVR2 – Index Server (Currently it is 12 GB with the items in index = 1271197)

Above command should reinitialize Query Server for Shared Service Provider- SSP in your SharePoint Server farm. Check Search Settings from SharePoint Central Administration site. Index Server should start propagating content index to a new location on Query Server with the message stating “Propagating to new Query Server (Name of the Query Server).

Once “Indexing Status” and “Propagation Status” are idle, you should start “Full Crawl” to crawl the new contents and update the content index which will be propagated to a new location on Query Server automatically.

This should fix your issue and SharePoint search should be working fine for searching new as well as old contents after you finish “Full Crawl”.

Thursday, September 25, 2008

Test Database Connectivity and DOS command to create file of any size

Here are the steps to test database/database server connectivity from any remote computer.

These steps assume that you have deployed small, medium or large SharePoint server farm and you have established Remote Desktop Connection to one of the Front End Web Servers or Application Servers using account which has full database access privileges and you want to test database connectivity.

For example, following screen shots were taken while testing database connectivity from Front End Web Server - "SPWeb"

1. Establish Remote Desktop Connection to "SPWeb" using "domain\SPAdmin" AD account.

Note: AD Account - "domain\SPAdmin" was used for installing MOSS 2007 and it was assigned DBCreator and SecurityAdmin server roles on SQL Server.

2. Create a new text document.

3. Rename and change the file extension of text document to .udl extension (e.g. DBTest.udl).

4. Double click on DBTest.udl. It will take you to "Connection" tab by default.

5. Select "Provider" tab on the top and choose "Microsoft OLE DB Provider for SQL Server" under "Select the data you want to connect to: " and OLE DB Provider(s) menu. Click "Next" button at the bottom.

6. When you hit next button on previous screen ("Provider" tab), it will bring you back to "Connection" tab.

Step 1: Enter the name of the database server to test the database connectivity (e.g. "Database Server")

Step 2: Select "Use Windows NT Integrated security" option. This is because you are testing database connectivity from "SPWeb" Front End Web Server and you are already logged into that server using AD account "domain\SPAdmin" which has full database access privileges.

Now, click "Refresh" button.

7. This will take few seconds (5-20 seconds) and it will load all the database names to pull down menu.

8. You may select one of the SharePoint databases (e.g. SharePoint_Config_DB) and hit "Test Connection" button at the bottom. It should popup window with "Test connection succeeded." message.

Conclusion: I wanted to test database connectivity from Front Web Server - "SPWeb". So I established Remote Desktop Connection to "SPWeb" using AD Account "domain\SPAdmin", which has full database access privileges on all the SharePoint databases. I used "DBTest.udl" file to test connectivity to "SharePoint_Config_DB" database (SharePoint Configuration database) on database server - "Database Server".

This may help verifying database connectivity and if this test fails, you need to troubleshoot database connectivity issues before you start looking in to the SharePoint errors/issues.

DOS command to create file of any size:

fsutil file createnew C:\Brij\One_MB_File.doc 1024000

Above command will create 1 MB file called "One_MB_File.doc" at C:\Brij location.

You can provide any file extension - e.g. .txt, .xls, .ppt, .pdf etc.

This command may help in creating files for upload/download test in SharePoint or any other application.

Thursday, September 18, 2008

Error when you assign workflow to a SharePoint group and its work around

I want to create a simple out of the box “Approval Workflow” and assign it to a SharePoint group. Let’s create approval workflow for “Project Document Library”,

Click “Workflow settings” under “Permissions and Management” menu of document library settings,

Select “Approval” for the workflow template,

I am assigning this workflow to “Workflow Approvers” SharePoint group. As we can see, “Assign a single task to each group entered(Do not expand groups)” checkbox is not selected by default. We will keep this default setting and see what happens,

Click “OK” and add this workflow. Once you add a new document to “Project Document Library” instead of starting workflow it will show you following error,

Also, it will show “Error Occurred” status for Approval Workflow as shown below,

So here is how you can fix this issue. You need to select “Assign a single task to each group entered(Do not expand groups)” checkbox when you assign it to a SharePoint group otherwise it will not start the workflow and result in error.

This will start the approval workflow and update its status accordingly. We can see “In Progress” status and “Approved” status, once the document is approved as shown below,

Tuesday, September 16, 2008

How to check out or check in multiple documents?

I uploaded multiple documents to “Shared Documents” library, which resulted in all the documents “Checked Out”.

Note: All the documents will be checked out when you upload them. This happens only when you have “Require documents to be checked out before they can be edited” is turned on in document library settings as shown below,