Tag Archives: Microsoft

Microsoft Exchange

Cleaning Up Exchange Messages with Search-Mailbox

Leave a comment

Like most sysadmins, I receive notifications from end users about SPAM showing up in their inbox.  While not all spam can be avoided, we can deal with it.  I wanted to lessen the impact of already delivered spam and potentially avert a crisis if the same phishing email is sent to all 1500 mailboxes, so I whipped up this script to search out and destroy these messages from my Exchange environment:

$Subject = “About your last transaction”
$StartDate = $(‘1/1/2015’)
$BodyLanguage = “sellam.fr”
$TargetMailbox = “spamdump”
$TargetFolder = “WHD2918”

$Search = [scriptblock]::Create(“Received>=`”$StartDate`” and Subject:`”$Subject`” and `”$BodyLanguage`””)

Get-Mailbox -ResultSize Unlimited | Search-Mailbox -SearchQuery $Search -targetmailbox $TargetMailbox -targetfolder $TargetFolder -loglevel full -logonly

Note the last flag in the last line of the script: “-logonly.”  Be very careful to run the command with this command the first go-round.  This ensures that the query you specify does not grab messages that it shouldn’t (and you wind up deleting everyone’s entire mailbox).  The result of logonly is an excel file in the target mailbox with the headers of the resultant messages.

After reviewing the messages, replace -logonly with -deletecontent.  This will actually move the messages from the users’ mailboxes into the target mailbox.

If you want to modify the query, take a look into how Search-Mailbox actually works.   Search-Mailbox uses KQL, so be sure to brush up on the syntax.  If you’ve beocme accustomed to the powershell boolean operators such as “-and,” You’ll be unpleasantly surprised when you learn that the same operator will evaluate to “not and” in KQL

Identity Management

ForeFront Identity Manager (2010 R2) Synchronization Service Becomes Disabled

Leave a comment

I had just installed FIM 2010 R2 in a lab environment – All roles on one server, and noticed that the “Forefront Identity Manager Synchronization Service”  Kept stopping, and being set to “Disabled.”

I had installed all of the latest patches for both FIM (4.1.3613.0) and SharePoint (14.0.7140.5000). I saw nothing in the Windows Event log to indicate there was a problem.  The “Synchronization Service Manager on FIM” application would launch fine while the service was running.  All configured management agents would synchronize no problem.  It’s just that – Every so often, the  “Forefront Identity Manager Synchronization Service” would just up and STOP!

After some research, I found this TechNet Blog Post which suggests that SharePoint is the culprit!

Since SharePoint is installed on this server only for the purpose of providing the FIM Portal, I had no need to set up (or otherwise use) the User Profile Service.   Consequently, SharePoint isn’t expecting the Synchronization Service to be in a running state! So, as part of the “Health Analysis Job (Hourly, Microsoft SharePoint Foundation Timer, All Servers)” SharePoint notices the service is running, and disables it!

I verified this by returning the service to the normal Automatic – Running state, and manually kicking off that Timer Job.

Sure enough, the job was stopped! ULS Viewer shows me this also:

See that? – “The SharePoint Health Analyzer found and fixed the following problem: One or more services have started or stopped unexpectedly..”  No details about which service was “started unexpectedly,” but I presume that the “Forefront Identity Manager Synchronization Service” was the culprit.

To prevent this from happening again, I nagivated to “Review Job Definitions” under “Monitoring” in Central Administration, located the  “Health Analysis Job (Hourly, Microsoft SharePoint Foundation Timer, All Servers)” and disabled it.

All seems well at this point in time…

My set of links for FIM installation tips, tricks, procedures, etc:

  • https://technet.microsoft.com/en-us/library/hh332711(v=ws.10).aspx
  • http://www.harbar.net/articles/fimportal.aspx
  • http://www.toddklindt.com/blog/Lists/Posts/Post.aspx?ID=224
  • http://social.technet.microsoft.com/wiki/contents/articles/2229.fim-2010-build-overview.aspx
  • http://www.fimspecialist.com/fim-portal/installing-fim-2010-r2-sp1-portal-on-sharepoint-foundation-2013/
  • https://social.technet.microsoft.com/Forums/en-US/76bd6012-f619-4636-8401-74cac8436f1f/fim-sync-service-keeps-disabling?forum=ilm2
  • http://www.fimspecialist.com/category/fim-hotixes-service-packs-updates/
  • https://technet.microsoft.com/en-us/library/jj200258(v=ws.10).aspx
  • https://technet.microsoft.com/en-us/library/hh322920(v=ws.10).aspx
  • https://technet.microsoft.com/en-us/library/hh322863(v=ws.10).aspx
  • https://technet.microsoft.com/en-us/library/jj134316(v=ws.10).aspx
  • https://technet.microsoft.com/en-us/library/hh322877(v=ws.10).aspx
  • https://technet.microsoft.com/en-us/library/hh332711(v=ws.10).aspx
  • https://technet.microsoft.com/en-us/library/hh332707(v=ws.10).aspx
  • https://technet.microsoft.com/en-us/library/hh332708(v=ws.10).aspx
  • https://technet.microsoft.com/en-us/library/hh332710(v=ws.10).aspx
  • https://fim2010techie.wordpress.com/2012/12/10/synchronizing-active-directory-users/
  • http://blogs.msdn.com/b/connector_space/archive/2014/12/30/understanding-the-fim-service-management-agent.aspx
  • http://social.technet.microsoft.com/wiki/contents/articles/3610.fim-2010-wiki-articles.aspx

 

 

SharePoint

Forgot SharePoint Farm User Account Password

Leave a comment

I had recently patched an inherited SharePoint 2010 Farm up to the December 2014 CU.  I’m currently prepping to migrate the farm to SharePoint 2013, but I needed to get it patched in the interim.

I successfully applied SP2, and the the December 2014 CU (14.0.7140.5000 – Much thanks to Todd Klindt’s SharePoint Admin Blog for the easy build number lookup), and all seemed well.

That is, until I had to change an extranet user’s email address.  These users don’t have mail accounts in our Exchange environment, but we do populate the mail attribute in AD with their corporate email address.  I made the change to the attribute in AD, and attempted to run the User Profile Synchronization (Central Administration | Manage Service Applications | User Profile Service Application | Start Profile Synchronization).

This action failed because the User Profile Synchronization Service was not running on the server! (Central Administration | Manage Services on Server).

I attempted to start the service but was prompted for the DOMAIN\SPFarm account! I searched all archives and documents, but found no reference to this password!  UH OH!!!!!

I finally found this post: http://joelblogs.co.uk/2012/09/22/recovering-passwords-for-sharepoint-2010-farm-web-application-and-service-application-accounts/

I had full administrative access to the server on which Central Administration was installed, so all I had to do was run a “one liner” in PowerShell.  Could it really be that easy?!

Here’s how easy it is:

&$env:windir\\system32\\inetsrv\\appcmd.exe list apppool 
 "SharePoint Central Administration v4" /text:ProcessModel.Password

I ran the command in my dev environment first (we always test foreign code outside of production, right?), and got this!

No Way.  That’s my Farm account password….in PLAIN TEXT! WHOA SCARY!

So, If you ever find yourself forgetting any of your IIS Application Pool Account Passwords, you now have the tool to recover it!

HOO-RAH!

SharePoint

Collecting User Data in SharePoint 2010 with custom Site Columns

Leave a comment

The Task: Build a system to archive paper documents (being scanned from e-mail enabled scanners) and optimize for retrieval

I decided to build an E-Mail enabled library to get the documents into SharePoint.   This allows users to save the email address in their contact list on the copier, and makes scanning in documents very easy.

To gather the metadata for these documents, I used the “Collect  Data From a User” (CUD) Action in SharePoint Designer.  This created a Content Type based on the name of the task – In my case “Student Document Data Collection.”

I then added some of my existing site columns to this content type from SPD – things like first name, last name, and district.  I didn’t want to use the CUD wizard to add these fields to the data collection task because a) all of the fields already exist in the site, and b) some of the fields are multiple choice, and I really don’t want to manage two instances of the same data!

After I modified the content type, I refreshed the workflow and returned to the CUD wizard in SPD, and saw that all of my fields populated! Hoorah!

I proceeded to build the rest of the workflow, referencing the fields collected in the CUD task in the normal manner; however, I was noticing a problem: None of the user entered data was showing up!

How could this be? SharePoint was prompting me for the data, I entered it, and I hit save… It should be there, right?  I wrote entries to the workflow history log to see if maybe the data just wasn’t being applied to the current item.  No dice – It looked like SharePoint just wasn’t storing the collected data.

Thanks to reddit user sbrick89, It looks like fields (Site Columns) created in the CUD action within SPD actually have a distinction from standard Site Columns! It’s not a big difference, but it will mess up your day (or, in my case WEEK)!   These fields are prefixed with “FieldName_”.

I jumped into my SharePoint Management PowerShell and whipped this up in order to create my Site Columns (in a way that they will be usable for data collection):

$SiteURL = “<YOUR SITE HERE>”

$Web = Get-SPWeb $SiteURL
$FieldXMLString = ‘<Field Type=”Text”
Name=”FieldName_StudentFirstName”
Description=”Student First Name”
DisplayName=”Student First Name”
Group=”0 Student Columns”
Hidden=”FALSE”
Required=”FALSE”
Sealed=”FALSE”
ShowInDisplayForm=”TRUE”
ShowInEditForm=”TRUE”
ShowInListSettings=”TRUE”
ShowInNewForm=”TRUE”></Field>’
$Web.Fields.AddFieldAsXML($fieldXMLString)

Documentation for the syntax of the $FieldXMLString can be found here: https://msdn.microsoft.com/en-us/library/office/ms437580(v=office.15).aspx

Of note is this “Name: Required Text: The name of a field. This is the internal name of a field and is guaranteed never to change for the lifetime of the field definition. It must be unique with respect to the set of fields in a list. The name is autogenerated based on the user-defined name for a field.

I also wanted to create a multiple choice Site Column for District:

$FieldXMLString = ‘<Field Type=”Choice”
Name=”FieldName_District”
Description=”District”
DisplayName=”District”
Group=”0 Student Columns”
Hidden=”FALSE”
Required=”FALSE”
Sealed=”FALSE”
ShowInDisplayForm=”TRUE”
ShowInEditForm=”TRUE”
ShowInListSettings=”TRUE”
ShowInNewForm=”TRUE”>
<CHOICES>
<Choice>District 1</Choice>
<Choice>District 2</Choice>
</CHOICES>
</Field>’
$Web.Fields.AddFieldAsXML($fieldXMLString)

After creating the Site Columns with the proper internal name, I was able to add the newly created site column to the CUD Content Type, update my workflow, and collect the user data successfully!   Yes, It does seem that any alterations (including changes to the items in a choice Site Colume) to the CUD Content Type require that the workflow be loaded in SPD, the CUD Step opened, “next through” the wizard, and the workflow re-published in order for the changes to appear in the actual data collection step.

Links:

http://www.sbrickey.com/Tech/Blog/Post/Secrets_Revealed-_SharePoint_Designer_-_Workflows_-_Approval_Task_-_Task_Form_Fields