Wednesday, October 27, 2010

Remove unnecessary or orphaned Service Application Pool for SharePoint 2010 Service Application


If you have created and deleted several service applications in SharePoint 2010, you will see that deleting the service application doesn't automatically delete an application pool associated with the service application. If you do not plan to re-use the application pool, here is how to get rid of such unnecessary/orphaned application pool using PowerShell.

  1. Launch SharePoint 2010 Management Shell on any one of your SharePoint servers.
  2. In order to enumerate all existing application pools that were created for existing and existed service application, run Get-SPServiceApplicationPool as shown below.
  3. As shown in the picture, I have 3 application pools for Managed Metadata Service and to delete 2 unnecessary application pools, I need to run Remove-SPServiceApplicationPool command as shown below.

One thing to keep in mind here when you run Remove-SPServiceApplicationPool command is that -Identity parameter is not any GUID or ID for the specific service application or application pool, but it's rather the application pool name that can be obtained by running Get-SPServiceApplicationPool. This will help you maintain your SharePoint environment cleaner. Good luck!
    
Posted by at 3 comments:
Labels: , , , , , ,

Friday, October 8, 2010

User Profile Service Application with Forefront Identity Manager Event ID 3 in SharePoint 2010


One of my SharePoint 2010 environment started to throwing a bunch of errors at one point regarding Forefront Identity Manager (Event ID 3). The error message is as followed:


Log Name:      Application
Source:        Forefront Identity Manager
Date:          9/29/2010 2:13:35 AM
Event ID:      3
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      [SP_server].[domain].com
Description:
Microsoft.ResourceManagement.Service: Microsoft.ResourceManagement.Workflow.Hosting.WorkflowManagerException: Forefront Identity Management Service does not support workflows of type 'Microsoft.ResourceManagement.Workflow.Activities.SequentialWorkflow, Microsoft.ResourceManagement, Version=4.0.2450.5, Culture=neutral, PublicKeyToken=31bf3856ad364e35'.
   at Microsoft.ResourceManagement.Workflow.Hosting.HostActivator.ActivateHost(ResourceManagementWorkflowDefinition workflowDefinition)
   at Microsoft.ResourceManagement.Workflow.Hosting.WorkflowManager.StartWorkflowInstance(Guid workflowInstanceIdentifier, KeyValuePair`2[] additionalParameters)
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Forefront Identity Manager" />
    <EventID Qualifiers="0">3</EventID>
    <Level>2</Level>
    <Task>0</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2010-09-29T07:13:35.000000000Z" />
    <EventRecordID>69280</EventRecordID>
    <Channel>Application</Channel>
    <Computer>[SP_server].[domain].com</Computer>
    <Security />
  </System>
  <EventData>
    <Data>Microsoft.ResourceManagement.Service: Microsoft.ResourceManagement.Workflow.Hosting.WorkflowManagerException: Forefront Identity Management Service does not support workflows of type 'Microsoft.ResourceManagement.Workflow.Activities.SequentialWorkflow, Microsoft.ResourceManagement, Version=4.0.2450.5, Culture=neutral, PublicKeyToken=31bf3856ad364e35'.
   at Microsoft.ResourceManagement.Workflow.Hosting.HostActivator.ActivateHost(ResourceManagementWorkflowDefinition workflowDefinition)
   at Microsoft.ResourceManagement.Workflow.Hosting.WorkflowManager.StartWorkflowInstance(Guid workflowInstanceIdentifier, KeyValuePair`2[] additionalParameters)</Data>
  </EventData>
</Event>


Locating the problem....Just like other people, I have searched everywhere to identify the real problem but most of the people were having a problem during trying to get the User Profile Service Sychronization job started. My issue was different from these because my environment was perfectly working fine without any issue. After I got this error, I went back and traced what was done to the SharePoint servers. I realized that I downloaded SharePoint 2010 Auguest 2010 Cumulative Update (CU) and ever since both CUs for Foundation and Server 2010 have been successfully installed, I started getting the error messges.


Solving the problem.....So, I created a farm backup and tried deleteing a SA for User Profile Service and re-created it. If you have My Sites created by your end-users, the My Sites will not be accessible until you re-create the SA (and don't worry, all contents in My Sites will still remain the same even though they look like they are gone). You should also expect that any profile edits made by individuals on their My Profile will be wiped out. After I re-created the SA for the User Profile Service, my error messages gone and my server shows no error. If you run into this similar problem and have a trouble getting the User Profile Service re-created or re-configured, please leave a comment! Good luck!
Posted by at No comments:
Labels: , , , , ,

Wednesday, September 22, 2010

Office Web Apps (Word, Excel, PowerPoint, Visio) open/edit in browser mode doesn't work


You probably have deployed Office Web Apps on your Microsoft SharePoint Server 2010 farm by reading TechNet articles below:
-Deploy Office Web Apps (Installed on SharePoint 2010 Products)
-Account permissions and security settings (SharePoint Server 2010)

The TechNet article tells you to use the existing application pool but we know that it's the best practice to use dedicated service accounts for each service application and give the accounts the least privilege access. If you happen to use dedicated service accounts for your Word Viewing Service, Visio Graphics Service, Excel Services Application and PowerPoint Services Application (which means you are creating a new application pool for the service), follow the below steps for additional database permissions for the service accounts.

Let us assume we have following configurations and newly created service accounts registerd as registered as managed accounts in Central Administration:

Content Database where documents reside: SP_Intranet_Content_DB_01
Word Viewing Service managed account: domain\sp_word
Visio Graphics Service managed account: domain\sp_visio
Excel Service Application managed account: domain\sp_excel
PowerPoint Services Application managed account: domain\sp_ppt

Note: Ensure your environment is updated to the latest version which is 14.0.5123.5000 as of 9/22/2010.

  1. Open the SQL Server Management Studio and connect to your SharePoint 2010 database instance.
  2. Go to the SharePoint content database (i.e., SP_Intranet_Content_DB_01) that contains a site collection that contains documents to you like to view and edit in a browser.
  3. In SP_Intranet_Content_DB_01 database, make sure you give the above 4 service accounts db_datareader and db_datawriter roles (under SP_Intranet_Content_DB_01 -> Security) and remove any other roles assigned.
    Note: If these accounts are assigned any other roles, you must have modified the permission settings on the account previously.
  4. Under SP_Intranet_Content_DB_01 -> Security -> Roles -> Database Roles, right-click and select to create a New Database Role.
  5. Enter Office_Web_Apps_Access as the role name and dbo as the owner.
    Note: You can choose a different name for the database role; however, you want to make sure you avoid using any SharePoint reserved database role name for future.
  6. On the same screen, click Add button located at the bottom to add domain\sp_visio, domain\sp_word, domain\sp_excel and domain\sp_ppt accounts.Note: Assumption is that these accounts already exist in SP_Intranet_Content_DB_01 -> Security -> Users prior to this step.
  7. After adding necessary users, click Securables on the left and then click Search button on the right.
  8. With the All objects of the types selected, click OK.
  9. Choose an object type as Databases and click OK.
  10. At the bottom in Explicit tab, look for Execute and check the Grant checkbox.
  11. Click OK to save all settings and close the pop-up window.
  12. Under SP_Intranet_Content_DB_01 -> Security -> Schemas, right-click and select to create a New Schema.
  13. Create a schema with Office_Web_Apps_Access (or the name of your choice used in step 5) as both the schema name and schema owner. Click OK.
  14. Make sure you delete your browsing history, offline files, etc. in your browser settings. Run an iisreset –noforce in your SharePoint front end servers and restart sptimerv4 and spadmin services in all of your SharePoint servers.
    Note: I did this because I have observed weird behaviors on Office Web Apps right after I configured the database permissions. By performing a step 14, I seem to get consistent results.
  15. Now, try opening Word, Visio, PowerPoint and Excel document in a browser and also try editing them to make sure your Office Web Apps work fine.
In the above steps, we are giving read/write permissions to the Office Web Apps service accounts as instructed by TechNet and in addition, we are giving Execute access to the service accounts which I observed to be one additional permission for Office Web Apps to work fine.

Hope this helps and let me know if you have any comment
Posted by at No comments:
Labels: , , , , ,
Subscribe to: Posts (Atom)