Thursday, July 16, 2015

Publish SharePoint Calendar to Microsoft Outlook

1. Browse to SharePoint site

2. Click on the SharePoint Calendar link on the left navigation

3. This brings up the calendar.

4. On the top of the page, select Calendar Tools -> Calendar. This will open the ribbon option for the calendar.

5. Click on Connect to Outlook.

6. This opens a pop up. Click Allow.

7. Click Allow

8. Click Yes

9. This will add the SharePoint Calendar in your Microsoft Outlook Calendar section

Tuesday, July 14, 2015

How to delete a corrupted SharePoint list using PowerShell

$web = get-spweb -Identity http://sp2010
$list = $web.lists["corrupted list name"]
$list.AllowDeletion = $true

Monday, July 13, 2015

SharePoint Developer Dashboard

Developer Dashboard is a great feature on SharePoint 2010. This feature is disabled by default. And it provides performance and tracing information that can be used to debug and troubleshoot page rendering time issues. (slow page loads, web part issues, query delays) .Enabling this great feature will get critical information about execution time, log correlation ID, critical events, database queries, service calls, SPRequests allocation and webpart events offsets.

The Developer Dashboard feature is turned off by default, but it can be enabled very easy via stsadm or PowerShell.

Check status of Developer Dashboard
stsadm -o getproperty -pn developer-dashboard

Enable Developer Dashboard via stsadm:

‘On’ Mode:
stsadm -o setproperty -pn developer-dashboard -pv On

‘OnDemand’ Mode:
stsadm -o setproperty -pn developer-dashboard -pv OnDemand

Disable Developer Dashboard via stsadm:
stsadm -o setproperty -pn developer-dashboard -pv Off

Wednesday, July 8, 2015

SharePoint Recycle Bin – First Stage and Second Stage

SharePoint Recycle Bin stores and keeps a track of the items deleted from the site. When an item is deleted in SharePoint, it is not completely deleted, it is actually stored in a Recycle Bin . The main idea of a Recycle Bin is to restore contents that are accidentally deleted or retrieve data that should not have been deleted. There are 2 stages to the Recycle Bin.

First Stage Recycle Bin

Whenever an item is deleted from the site it goes to the Recycle Bin (users’ Recycle Bin) of the site and stays there till it is restored or it expires. By default the items are stored in the Recycle bin for 30 days. This setting is configured at the web application level from Central Administration. You can access a site's Recycle Bin by clicking on the Recycle Bin link on the left navigation (Quick Launch).

Normal user's Recycle Bin URL - /_layouts/recyclebin.aspx

If an item is deleted from the User’s Recycle Bin (First Stage Recycle Bin), it goes to the Site Collection Recycle Bin (Second Stage Recycle Bin).

Second Stage Recycle Bin

When an item is deleted from a site's Recycle Bin it goes to Site Collection Recycle Bin and stays there till it is restored or it expires. By default the items are stored in the Recycle bin for 30 days. If the item is deleted from here, it is deleted forever. To access the Site Collection Recycle Bin, browse to Site Settings -> Site Collection Administration -> Recycle Bin.

This Recycle Bin has two views: End User Recycle Bin Items view displays all the contents of all the recycle bins of all the sites under that particular site collection whereas Deleted From End User Recycle Bin view displays all the items which have been deleted from the sites recycle bins

Site Collection's Recycle Bin has two views :

End user Recycle Bin items URL - /_layouts/AdminRecycleBin.aspx

Deleted from end user Recycle Bin URL - /_layouts/AdminRecycleBin.aspx?View=2

- If an end user deletes and item, it will go to his Recycle Bin. Other users will not be able to see another users’ recycle bin.

- When you disable the Recycle Bin feature, all the items existing in it will be removed permanently.

Tuesday, July 7, 2015

How to Implement Hold and eDiscovery in a SharePoint Site

Adding a Hold to a Record

1) Browse to the Site Settings

2) Manage Site Features -> Hold and eDiscovery -> Activate

3) This will display the Hold and eDiscovery section in Site settings now.

4) Browse to Holds list and create a new item (Hold)

5) Now browse to a document library and select a document, right click and choose Compliance Details.

6) This will show the Hold status of the document. Choose Add/Remove from hold

7) Select Add to a hold and Save. Use the drop-down selection box to choose the relevant hold to apply to this record.  The ‘Comments’ field is not required.

8) Now check the Compliance Details. This shows that the document is On hold.If you noticed, now the Delete option is not available( and will not be available as long as the Hold is in place)


a. This means this record cannot be deleted and will not be destroyed through its Information Management Policy until the new hold is removed.

b. Please note that SharePoint allows you to apply multiple holds to the same record.  If a record has multiple holds applied to it, SharePoint will not allow the record to be destroyed until all the holds are removed.

Removing a Hold from a Record

1) Browse to a document library and select a document, right click and choose Compliance Details

2) This will show the Hold status of the document (On hold). Choose Add/Remove from hold

3) Select Remove from a hold and Save. Use the drop-down selection box to choose the relevant hold to apply to this record.  The ‘Comments’ field is not required.

4) Now you should be able to delete the record

SharePoint Hold and eDiscovery feature

The Hold and eDiscovery feature of SharePoint sites prevents items such as documents, images, pages, from expiration policies. This feature is typically used for items that are subject to events such as litigation, audits, or investigations.

Organizations use holds to prevent items that may be relevant to ongoing litigation or investigation from expiring or being destroyed before the event to which they are relevant has been resolved. Also , when an item is placed on hold , it cannot be edited or deleted.

How Hold works

To use the Hold feature, Hold and eDiscovery feature must be activated in that site.You can add a Holds list to any site by accessing the Site Settings page for the site and activating the Hold and eDiscovery feature.

Note: By default, every Records Center site has a Holds list (feature is already activated)

A new entry is added to the Holds list for creating a new hold. The Holds list provides tools for finding and holding relevant items, viewing items that are currently on hold, or releasing a hold when it is no longer required. When an item is added to a hold, its hold status is updated to indicate that it is on hold, and the application prevents this item from expiring or being deleted. An item can have multiple holds at the same time. If an item is put on multiple holds, it is suspended from its original information management policy until all of the holds to which it has been added are released.

I have detailed the implementation of Hold and eDiscovery feature here.

Wednesday, July 1, 2015

SharePoint 2010 User Active Directory Permissions not updating

When you are using Active Directory groups and add those groups into SharePoint groups, you will run into issues while modifying the members of the Active Directory group. It takes 24 hours (by default) to reflect this change to SharePoint.This behavior is controlled by a property called Token-timeout.By default, this value is set to 1440 minutes (24 hours) .
SharePoint fetches user token information from the SharePoint database. If the user has never visited the site or if the user’s token was generated more than 24 hours previously, SharePoint generates a new user token by trying to refresh the list of groups that the user belongs to.(MSDN Reference)

To check which values you currently have, try running the below:
 stsadm –o getproperty –propertyname token-timeout

If you want to minimize this token time out value (time it takes to refresh the token), follow the below instructions.

To set a valid time to 2000 minutes, use the following syntax:
stsadm -o setproperty -pn token-timeout -pv 2000
Note: You can substitute -pn for -propertyname and -pv for -propertyvalue. 
Gets or sets the name of the property.
A valid time interval, in minutes. The default setting is 1440 minutes.

The syntax for the setproperty operation is:
stsadm -o setproperty -propertyname token-timeout –propertyvalue <A valid time interval, in minutes>

- This property applies to the entire farm.

- The use of stsadm will only affect the ContentService Web service property and not the AdministrationService Web service property.

Warning: If you set Token-timeout to zero (0) it can bring the farm down and you get this error message
"The context has expired and can no longer be used. Exception from HRESULT: 0x80090317"

Active Directory Group Sync Issue with SharePoint 2013 Permissions

AD security group permissions are being used to control access in SharePoint 2013, however, changes to group membership in AD are not taking effect immediately in SharePoint 2013. In simple words, even after you remove a user from the AD security group - user is still able to access the site. If you add a new user to the AD security group, user still receives access denied error message in SharePoint.

Workaround - If you need to have the change take effect immediately, you can do an Application Pool recycle for that web application. 

In Windows Claims enabled web application (the default for SharePoint 2013), the logon token life time is by default 10 hours and cache life time is by default 10 minutes. Hence, the AD group modifications will not reflect immediately in SharePoint user sign-in. internally what happens is when a user accesses a SharePoint site, SharePoint checks the security token store cache for the user's claims. If the claim is found in the cache, SharePoint uses it to authorize the user. If not, SharePoint queries for claims again from the AD.

To check which values you currently have, try running the below:

$sts = Get-SPSecurityTokenServiceConfig

The value of token life time and cache expiration time can be set to the desired value per your needs.Lowering the token life time introduces more round trips to AD to authenticate the user, which means performance characteristics should be monitored to determine the appropriate lifetime.I have seen 10 minutes being recommended to use, but this is something that needs to be tested as it should be considered on a case by case scenario.If you would like to change the token life time, you can use the following PowerShell cmdlet to set the Windows token life time and cache expiration window to the desirable value.

The below example sets your WindowsTokenLifetime to 10minutes (10 hours is the default) and the Cache Expiration to 2 minutes (10 minutes is the default).

$sts = Get-SPSecurityTokenServiceConfig
$sts.WindowsTokenLifetime = "00:10:00"
$sts.LogonTokenCacheExpirationWindow = (New-TimeSpan –minutes 2)

If you set Token lifetime lesser than the token expiration window, you get this error message
"The context has expired and can no longer be used. Exception from HRESULT: 0x80090317"