Partner Technical Services Blog

A worldwide group of consultants who focus on helping Microsoft Partners succeed throughout the business cycle.

Partner Technical Services Blog

  • Configuring SharePoint 2013 Forms-Based Authentication with SQLMemberShipProvider

    Post courtesy Partner Solution Consultant Priyo Lahiri


    With SharePoint 2013, a lot of partners and customers are opening up their on premise deployment to their vendors and customers. While the way you would configure this is very similar to SharePoint 2010, things get a little tricky when you perform a real-world deployment spanned across multiple servers. This post is an end-to-end walkthrough of setting up Forms Based Authentication with SQLMemberShipProvider in a 3 tier SharePoint 2013 Deployment.


    It would be whole lot easier if I had a single server environment with the same account running everything and that account is also a Domain Admin. However, I chose a different approach since most likely this is how your real-world deployment will be setup and the steps are little different when your farm is spanned across 3 servers. Here is my environment:

    WFE01 – Web Server running Microsoft SharePoint Foundation Web Application. I am connecting to the SQL instance using an Alias. It’s a very smart move. If you have ever had to move your SharePoint databases across SQL Servers or decommission an aging SQL Server, you know that having a SQL Alias will save you from a lot of nightmares. If you are looking for a step by step, click here.

    APP01 – Central Admin Server. Note: this is NOT running Microsoft SharePoint Foundation Web Application and is configured to be a “True” application server. This also means that the Web Application that we create will not reside on this server.

    SQL01 – SQL Server running SQL Server 2012 with SP1

    SharePoint 2013 server RTM and Windows Server 2012 RTM are used for this set up.

    Tools to use

    While the steps documented below can be done without these tools, they do make your life a whole lot easier.

    1. FBA Configuration Manager for SharePoint 2013 – Author and Credit goes to Steve Peschka. The download comes with a ReadMe file. Please read it, since you need to register the WSP that comes with it.

    2. SharePoint 2013 FBA Pack – Author and Credit goes to Chris Coulson. Here is the documentation that will tell you how to install/activate/work with it. This not only will this make usonly tested the user management er management a breeze, it has some very useful features like password reset and self-service account management.

    NOTE: I have portion of the FBA Pack and didn’t have time to play with the rest of the features.

    How it’s done

    Step 1 – Create the Web Application

    In this step we will be creating the web application with Windows Authentication (Claims) and Forms Based Authentication (FBA) on the same Zone. In SharePoint 2013, you can have multiple authentication providers without extending the web application. Having said that, at times, you might have to extend the web application depending on your scenario. More on that on a different post where I will show you how to use LDAPMemberShipProvider to talk to your AD.

    From Central Administration, we will create a Web Application and call it and enable both Windows Auth and FBA. Note the names I am using: ASP.NET Membership Provider Name = SQL_Membership and ASP.NET Role manager name = SQL_Role. You can call them whatever you want, just ensure you use the same names everywhere.


    We will create a new App Pool and use the Web App Pool account. Make a note of this since you would need to give this account permission in the next step in the ASPNET database.


    Create the Web App and then the Site Collection, it doesn’t matter what template you choose. Once the Site Collection is created, visiting the site collection will take you to our default sign in page where you will be asked to choose an Authentication Provider to Sign In with. If you want your External Users only to have the option of FBA, you would want to set this default zone with Windows Auth and extend it and have the FBA on the extended web app. Obviously, the URL’s will then be different.

    Your sign in page should look like this (make sure your DNS record (CNAME) point to the WFE01)


    Do you want to see a custom sign in page with your company brand on it? Well, let’s defer that to a different post.

    Step 2 – Verify Tools

    Now that the web app is created, we will make sure FBA Pack and FBA Configuration manager is deployed as it should be. Go to Central Administration >> System Settings >> Manage Farm Solutions. Make sure fbaConfigFeature.wsp is globally deployed and visigo.sharepoint.formsbasedauthentication.wsp is deployed to See screenshot below. If the visigo.sharepoint.formsbasedauthentication.wsp is not deployed, click on the WSP and deploy it to your web application.


    Login to the site collection created in the above step and activate the following feature:

    Site Settings >> Site Collection Administration >> Site Collection Features >> Form based Authentication Management


    Once the feature is activated, it should add the following to your Site Settings under User and Permissions


    Step 3 – Creating the SQL Database for User Management

    The first step is to create the SQL Database that would hold the Extranet Users

    • Browse to c:\Windows\Microsoft .NET\Framwork64\v4.0.30319
    • Run aspnet_regsql.exe
    • Click Next
    • Choose Configure SQL Server for Application Services >> Click Next
    • Enter your SQL Server Name , choose Windows Authentication and type in a Database Name


    • Click Next twice to provision the database
    • Now we need to add the Application Pool that runs the web application and give it required permission. In this case, the application pool name is waterfall\spweb. Perform the following steps:
      • Open up SQL Management Studio, Expand the database we created and expand Security
      • Right click Users and add a new User
      • User Type = Windows User
      • User name = choose <yourAppPoolAccountName>
      • Login name = browse and choose the login name (should be same as the app pool name above)


      • Click Owned Schemas and choose the following:
        • aspnet_Membership_FullAccess
        • aspnet_Persolalization_FullAccess
        • aspnet_Profile_FullAccess
        • aspnet_Roles_FullAccess
        • aspnet_WebEvent_FullAccess


    Step 4 – Editing the web.config files

    We need edit the following web.config files:

    • Web Application Web.config – WFE server
    • STS Application web.config – WFE server and Application Server
    • Central Admin web.config – CA Server
    • If you have more WFEs and App Servers, you need to edit them as well. A lot of people puts these in there machine.config file as well so that it gets inherited to the web.config file. I am not too keen on editing the machine.config file.

    Let’s login to our WFE server and fire up FBAConfigMgr.exe. While you can get the code you need from here and edit web.config yourself, if you just let the tool run its course, it will create a Timer Job and do the task for you. In the FBAConfigMgr type in your application URL and from the sample configuration choose the following:

    • People Picker Wildcard
    • Connection String
    • Membership Provider
    • Role Provider

    Here is what the screen looks like when default values are chosen:


    We will modify the default values to reflect the following (highlighted items need modification per your environment):

    • Web Application URL -
    • People Picker Wildcard - <add key="SQL_Membership" value="%" />
    • Connection String -
      <add name="fbaSQL" connectionString="server=SQL01;database=Extranet_User_DB;Trusted_Connection=true" />
    • Membership Provider -
      <add connectionStringName="fbaSQL" applicationName="/"
      type="System.Web.Security.SqlMembershipProvider, System.Web,
      Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
    • Role Provider -
      <add connectionStringName="fbaSQL" applicationName="/"
      name="SQL_Role" type="System.Web.Security.SqlRoleProvider, System.Web,
      Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>

    The screen should now look like this:


    It’s time to hit Apply Config. This will create a timer job to update your web.config files. Though it creates a backup, you should be proactive and take a backup of your web application web.config and sts web.config file. Here is how to back up the web.config file and here is how to find the STS web.config file.

    Once you click Apply Config, the tool will tell you when it’s done. It might take a few mins before you see any changes, so wait for it (you should see a new backup file created for your web.config file with time stamp and _FBAConfigMgr in the end of the file). To verify that the job is done, open up the web.config for your web application and search for <membership. You should see the following:

    <<Web Application web.config file>>


    The ConnectionStrings gets added to the end of the file right above </configuration>


    <<STS web.config file>>

    Open up the STS Web.Config and you should see the following:


    The ConnectionStrings gets added to the end of the file as well just like web.config of the web application.

    <<Central Administration web.config file on App Server>>

    If you go back to the application server and open up the web.config file for the Central Admin site, you will see there are no changes made there. So we will make that change manually. Create a backup of the file then open up the file and find <Machine. It should look like this:


    We will add the following (copied from web.config file of web application or the code from FBAConfigMgr)

    1. Search for <machineKey and paste the following under <rolemanager><providers>
    <add connectionStringName="fbaSQL" applicationName="/" name="SQL_Role" type="System.Web.Security.SqlRoleProvider, System.Web,&#xD;&#xA; Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />

    2. Under <membership><providers> paste the following
    <add connectionStringName="fbaSQL" applicationName="/" name="SQL_Membership" type="System.Web.Security.SqlMembershipProvider, System.Web,&#xD;&#xA; Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
    The screen should now look like this:

    3. Scroll to the end of the document and paste the following right before </configuration>

    <add name="fbaSQL" connectionString="server=SQL01;database=Extranet_User_DB;Trusted_Connection=true" />



    <<STS web.config file on App Server>>

    Just like the Central Admin web.config make the same changes on this web.config as well. Just make sure you are pasting the information from RoleManager Providers and Membership Providers in the right place. Here is what the code looks like (you can use the code below are make changes to the highlighted areas to suit your environment):




    <add connectionStringName="fbaSQL" applicationName="/" name="SQL_Membership" type="System.Web.Security.SqlMembershipProvider, System.Web,&#xD;&#xA; Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />





    <add connectionStringName="fbaSQL" applicationName="/" name="SQL_Role" type="System.Web.Security.SqlRoleProvider, System.Web,&#xD;&#xA; Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />





    <add name="fbaSQL" connectionString="server=SQL01;database= Extranet_User_DB;Trusted_Connection=true" />


    Here is a screenshot


    Step 5 - Use FBA Pack to add and manage users

    Our configurations are done. We will now go to our site collection and use the FBA Pack to add / manage users and Roles

    Go to Site Settings and click on FBA User Management >> Click New User and create a dummy user and add him to the contributor group


    Step 6 – Verify Forms user

    Now open up IE in InPrivate mode and visit your site collection and this time choose Forms Authentication and enter the account information you just created to log in. You’re done!


    Click on the user name and My Settings, you will see the account information coming from SQL Membership Provider


    If you go to a document library and try and add the user there, you will see it resolves from your SQL database



    How to create SQL Alias for SharePoint

    Follow the steps below to create a SQL Alias on all your SharePoint Servers:

    TechNet Reference:

    1. Perform this on the Application Server that is hosting Central Administration

    a. Stop all SharePoint Services

    b. Open CLICONFIG.exe from C:\Windows\System32\cliconfg.exe (64 bit version of cliconfig.exe)

    c. Enable TCP/IP under general tab

    d. Click on Alias Tab

    e. Type Current SQL Server Name in the Alias Name field

    f. Type Current SQL Server Name in the Server field (see screenshot below. In your case SQL Alias and SQL Server name is the same)

    g. Validate SQL Alias

    i. Create a new text file on SharePoint Server and name it “TestDBConnection.udl”

    ii. Double click to open the file and enter your SQL Server Alias name

    iii. Use Windows Integrated Security

    iv. You should be able to see all your SharePoint databases when you click on “Select the database on the Server”

    h. Start all services for SharePoint Server / Reboot SharePoint Server

    i. Perform the steps above on all other SharePoint servers

    How to backup web.config file

    To back up web.config file, perform the following:

    · From IIS Manager (start >> Run > inetmgr)

    · Right click on the web site and click Explore

    · Copy the web.config file somewhere else, or the in the same location with a different name


    Where is the STS web.config file?

    · On your WFE open up IIS Manager and expand SharePoint Web Services

    · Right click on SecurityTockenServiceApplication and click Explore


  • Embedding a PowerPoint Deck on SharePoint 2010

    (Post dedicated to Nuri, Operations Manager for our delivery team in EMEA, and courtesy Sean Earp)

    With the addition of PowerPoint Web App to SharePoint 2010, you can now view and edit PowerPoint presentations directly from within your browser.  This technology has also been made available to consumers on services such as and


    In the past, it has been difficult to embed a PowerPoint document within a webpage, requiring workarounds such as saving the presentation as pictures, PDFs, or MHT documents.  If you have a public presentation, it is now extremely easy to embed a PowerPoint deck on any web page, following the steps on the aptly named how to embed a PowerPoint presentation on a web page post.

    Unfortunately, these steps do not work if your installation of PowerPoint Web App is local.  The Share –> Embed option available from is simply not present on SharePoint 2010.


    So what to do if you want to embed an internal, private, or confidential PowerPoint presentation on an internal SharePoint page?  Fortunately, it is possible to embed a presentation on a webpage without posting the presentation on a broadly available public site.

    Step 1: Ensure that Office Web Apps have been installed and configured on SharePoint 2010.  Those steps are out of scope for this article, but the official documentation should be all you need:  Deploy Office Web Apps (Installed on SharePoint 2010 Products)

    Step 2: Upload the PowerPoint to a document library


    Step 3: Click on the PowerPoint Deck to open it in PowerPoint Web App.  It will have a URL that looks like:



    Don’t worry about writing down the URL. Unfortunately, you can’t paste it into a Page Viewer web part without getting an error message.  So… a little magic to get the URL we need to embed our PowerPoint deck on our SharePoint Page.

    Step 4: Open the Developer Tools in Internet Explorer (F12), and search for iframe.


    Step 5: Copy the first result into your text editor of choice.  The magic URL you need is the one within the src attribute.


    Step 6: Delete everything except the part inside the quotes.  Before the PowerPointFrame.aspx, add the relative URL to your site collection _layouts directory, and copy the whole URL into your clipboard.


    Step 6: Go to the SharePoint Page you want to embed the PowerPoint into.  Add a Page Viewer Web Part to the page.  Open the tool pane for the web part,


    Step 7: In the Page Viewer tool pane, paste in the URL, and optionally enter a height/width and chrome state for the PowerPoint Deck.


    Step 8: Hit “OK” and be awed at how awesome it looks to have a fully functional PowerPoint deck embedded on your page.  You can view the deck full screen by clicking “Start Slide Show”, you can change slides, view notes, click links, or click the “popout” button to have the deck open up in a popout window.


    Super-secret-squirrel trick: If you want the deck to default to a slide other than the cover slide, click through to the slide you want, and then click the popout button in the top right of the PowerPoint Web App.  The deck will be open to that slide in its own window. 

    Use the same Developer Tools trick from step 4, but this time search for &SlideId.  You will see the URL has added two parameters… a slide ID and popout=1 (the URL will end with something like &SlideId=590&popout=1).  You can guess what popout=1 does, and the SlideId is some sort of internal reference to the Slide ID (I have no idea how it is generated, but it doesn’t matter Smile.  My web app-fu will work just the same). Just copy the &SlideID=somenumber and paste it to the end of your URL in the Page Viewer web part, and now your web page will display the PowerPoint deck starting on whatever page you specified!

    Additional Resources

    Office Web Apps technical library

  • Migrating File Shares to SharePoint Online

    (Post courtesy Partner Solution Consultant Andre Kieft)

    It has been a while since I created a blog post, but recently I received a lot of questions and requests for advice on how to migrate file shares to SharePoint and use SkyDrive Pro (SDP). So I figured to create a blog post with the things you need to consider as a Small and Medium Business (SMB) partner when you are planning to migrate file share content into SharePoint and want to make use of SDP for synchronizing the SharePoint content offline.

    Note: that these steps are both valid for SharePoint 2013 on-premises (on-prem) and SharePoint Online (SPO).

    Step 1 – Analyze your File Shares

    As a first step, try to understand the data that resides on the file shares. Ask yourself the following questions:

    • What is the total size of the file share data that the customer wants to migrate?
    • How many files are there in total?
    • What are the largest file sizes?
    • How deep are the folder structures nested?
    • Is there any content that is not being used anymore?
    • What file types are there?

    Let me try to explain why you should ask yourself these questions.

    Total Size

    If the total size of the file shares are more that the storage capacity that you have on SharePoint, you need to buy additional storage (SPO) or increase your disk capacity (on-prem). To determine how much storage you will have in SPO, please check the Total available tenant storage in the tables in this article. Another issues that may arise is that in SharePoint is that you reach the capacity per site collection. For SPO that is 100 Gigabyte, for on-premises the recommended size per site collection is around 200 Gigabyte. This would automatically mean that the content database is around 200 Gigabyte, which is the recommended size. Thought you can stretch this number up in on-prem, it is not recommended.

    So, what should I do when my customer has more than 100 Gigabyte?

    • Try to divide the file share content over multiple site collections when it concerns content which needs to be shared with others.
    • If certain content is just for personal use, try to migrate that specific content into the personal site of the user.

    How Many Files

    The total amount of files on the file shares is important as there are some limits in both SharePoint as well as SDP that can result in an unusable state of the library or list within SharePoint but you also might end up with missing files when using the SDP client.

    First, in SPO we have a fixed limit of 5000 items per view, folder or query. Reasoning behind this 5000 limit boils all the way down to how SQL works under the hood. If you would like to know more about it, please read this article. In on-prem there is a way to boost this up, but it is not something we recommend as the performance can significantly decrease when you increase this limit.

    Secondly for SDP there is also a 5000 limit for synchronizing team sites and 20000 for synchronizing personal sites. This means that if you have a document library that contains more that 5000 items, the rest of the items will not be synchronized locally.

    There is also a limit of 5 million items within a document library, but I guess that most customer in SMB won’t reach that limit very easily.

    So, what should I do if my data that I want to migrate to a document library contains more than 5000 items in one folder?

    • Try to divide that amount over multiple subfolders or create additional views that will limit the amount of documents displayed.

    But wait! If I already have 5000 items in one folder, doesn’t that mean that the rest of the other document won’t get synchronized when I use SDP?

    Yes, that is correct. So if you would like to use SDP to synchronize document offline, make sure that the total amount of documents per library in a team site, does not exceed 5000 documents in total.

    So, how do I fix that?

    • Look at the folder structure of the file share content and see if you can divide that data across multiple sites and/or libraries. So if there is a folder marketing for example, it might make more sense to migrate that data into a separate site anyway, as this department probably wants to store additional information besides just documents (e.g. calendar, general info about the marketing team, site mailbox etc). An additional benefit of spreading the data over multiple sites/libraries is that it will give the SDP users more granularity about what data they can take offline using SDP. If you would migrate everything into one big document library (not recommended), it would mean that all users will need to synchronize everything which can have a severe impact on your network bandwidth.

    Largest File Sizes

    Another limit that exists in SPO and on-prem is the maximum file size. For both the maximum size per file is 2 Gigabyte. In on-prem the default is 250 MB, but can be increased to a maximum of 2 Gigabyte.

    So, what if I have files that exceed this size?

    • Well, it won’t fit in SharePoint, so you can’t migrate these. So, see what type of files they are and determine what they are used for in the organization. Examples could be software distribution images, large media files, training courses or other materials. If these are still being used and not highly confidential, it is not a bad thing to keep these on alternative storage like a SAN, NAS or DVDs. If it concerns data that just needs to be kept for legal reasons and don’t require to be retrieved instantly, you might just put these on DVD or an external hard drive and store them in a safe for example.

    Folder Structures

    Another important aspect to look at on your file shares is the depth of nested folders and file length. The recommended total length of a URL in SharePoint is around 260 characters. You would think that 260 characters is pretty lengthy, but remember that URLs in SharePoint often has encoding applied to it, which takes up additional space. E.g. a space is one character but in Unicode this a %20, which takes up three characters. The problem is that you can run into issues when the URL becomes to large. More details about the exact limits can be found here, but as a best practice try to keep the URL length of a document under 260 characters.

    So, what if I have files that will have more than 260 characters in total URL length?

    • Make sure you keep your site URLs short (the site title name can be long though). E.g. don’t call the URL Human Resources, but call it HR. If you land on the site, you would still see the full name Human Resources as Site Title and URL are separate things in SharePoint.
    • Shorten the document name (e.g. strip of …v.1.2, or …modified by Andre), as SharePoint has versioning build in. More information about versioning can be found here.

    Idle Content

    When migrating file shares into SharePoint is often also a good momentum to clean up some of the information that the organization has been collecting over the years. If you find there is a lot of content which is not been accessed for a couple of years, what would be the point of migrating that data it to SharePoint?

    So, what should I do when I come across such content?

    • Discuss this with the customer and determine if it is really necessary to keep this data.
    • If the data cannot be purged, you might consider storing it on a DVD or external hard drive and keep it in a safe.
    • If the content has multiple versions, such as proposal 1.0.docx, proposal 1.1.docx, proposal final.docx, proposal modified by Andre.docx, you might consider just moving the latest version instead of migrating them all. This manual process might be time consuming, but can safe you lots of storage space in SharePoint. Versioning is also something that is build into the SharePoint system and is optimized to store multiple versions of the same document. For example, SharePoint only stores the delta of the next version, saving more storage space that way. Note that this functionality is only available in SharePoint on-prem.

    Types of Files

    Determine what kind of files the customer is having. Are they mainly Office documents? If so, then SharePoint is the best place to store such content. However, if you come across developers code for example, it is not a good idea to move that into SharePoint. There are also other file extensions that are not allowed in SPO and/or on-prem. A complete list of blocked file types for both SPO and on-prem can be found here.

    So, what if I come across such file extensions?

    • Well, you can’t move them into SharePoint, so you should either ask yourself, do I still need these files? And if so, is there an alternative storage facility such as a NAS, I can store these files on? If it concerns developer code, you might want to store such code on a Team Foundation Service Server instead.

    Tools for analyzing and fixing file share data

    In order to determine if you have large files or exceed the 5000 limit for example, you need to have some kind of tooling. There are a couple of approaches here.

    • First off, there is a PowerShell script that has been pimped up by a German colleague Hans Brender, which checks for blocked file types, bad characters in files and folders and finally for the maximum URL length. The script will even allow you to fix invalid characters and file extensions for you. It is a great script, but requires you to have some knowledge about PowerShell. Another alternative I was pointed at is a tool called SharePrep. This tool does a scan for URL length and invalid characters.
    • Secondly there are other 3rd party tools that can do a scan of your file share content such as Treesize. However such tools do not necessarily check for the SharePoint limitations we talked about in the earlier paragraphs, but at least they will give you a lot more insight about the size of the file share content.
    • Finally there are actual 3rd party migration tools that will move the file share content into SharePoint, but will check for invalid characters, extensions and URL length upfront. We will dig into these tools in Step 2 – Migrating your data.

    Step 2 – Migrating your data

    So, now that we have analyzed our file share content, it is time to move them into SharePoint. There are a couple of approaches here.

    Open with Explorer

    If you are in a document library you can open up the library in the Windows Explorer. That way you can just do a copy and paste from the files into SharePoint.


    But, there are some drawbacks using this scenario. First of all, I’ve seen lots of issues trying to open up the library in the Windows Explorer. Secondly, the technology that is used for copying the data into SharePoint is not very reliable, so keep that in mind when copying larger chunks of data. Finally there is also drag & drop you can use, but this is only limited to files (no folders) and only does a maximum of 100 files per drag. So this would mean if you have 1000 files, you need to drag them 10 times in 10 chunks. More information can be found in this article. Checking for invalid characters, extensions and URL length upfront are also not addressed when using the Open with Explorer method.

    Pros: Free, easy to use, works fine for smaller amounts of data

    Cons: Not always reliable, no metadata preservations, no detection upfront for things like invalid characters, file type restrictions, path lengths etc.

    SkyDrive Pro

    You could also use SDP to upload the data into a library. This is fine as long as you don’t sync more than 5000 items per library. Remember though that SDP is not a migration tool, but a sync tool, so it is not optimized for large chunks of data to be copied into SharePoint. Things like character and file type restrictions, path length etc. is on the list of the SDP team to address, but they are currently not there.

    The main drawbacks of using either the Open in Explorer option or using SDP is that when you use these tools, they don’t preserve the metadata of the files and folder that are on the file shares. By this I mean, things like the modified date or owner field are not migrated into SharePoint. The owner will become the user that is copying the data and the modified date will be the timestamp of the when the copy operation was executed. So if this metadata on the files shares is important, don’t use any of the methods mentioned earlier, but use one of the third party tools below.

    Pros: Free, easy to use, works fine for smaller amounts of data (max 5000 per team site library or 20000 per personal site)

    Cons: No metadata preservations, no detection upfront for things like invalid characters, file type restrictions, path lengths etc.

    3rd party tools

    Here are some of the 3rd party tools that will provide additional detection, fixing and migration capabilities that we mentioned earlier:

    (Thx to Raoul for pointing me to additional tools)

    The list above is in random order, where some have a focus on SMB, while other more focused on the enterprise segment. We can’t speak out any preference for one tool or the other, but most of the tools will have a free trial version available, so you can try them out yourself.


    So, when should I use what approach?

    Here is a short summary of capabilities:

      Open in Explorer SkyDrive Pro 3rd party
    Amount of data Relatively small No more than 5000 items per library Larger data sets
    Invalid character detection No No Mostly yes1
    URL length detection No No Mostly yes1
    Metadata preservation No No Mostly yes1
    Blocked file types detection No No Mostly yes1

    1This depends on the capabilities of the 3rd party tool.


    SDP gives me issues when synchronizing data
    Please check if you have the latest version of SDP installed. There have been stability issues in earlier released builds of the tool, but most of the issues should be fixed by now. You can check if you are running the latest version, by opening up Word-> File-> Account and click on Update Options-> View Updates. If your current version number is lower than the one you have, click on the Disable Updates button (click yes if prompted), then click Enable updates (click yes if prompted). This will force downloading the latest version of Office and thus the latest version of the SDP tool.


    If you are running the stand-alone version of SDP, make sure you have downloaded the latest version from here.

    Why is the upload taking so long?
    This really depends on a lot of things. It can depend on:

    • The method or tool that is used to upload the data
    • The available bandwidth for uploading the data. Tips:
      • Check your upload speed at and do a test for your nearest Office 365 data center. This will give you an indication of the maximum upload speed.
      • Often companies have less available upload bandwidth then people at home. If you have the chance, uploading from a home location might be faster.
      • Schedule the upload at times when there is much more bandwidth for uploading the data (usually at night)
      • Test your upload speed upfront by uploading maybe 1% of the data. Multiply it by 100 and you have a rough estimate of the total upload time.
    • The computers used for uploading the data. A slow laptop can become a bottle neck while uploading the data.

    If you feel that there are things missing here, please let me know and I’ll try to add them to this blog post.

  • SharePoint and Exchange Calendar together

    (post courtesy Anand Nigam)

    One of the cool things in SharePoint 2010 is the ability to show the Exchange Calendar on a SharePoint site, side by side. This is called as Calendar Overlay

    This post will walk through how to configure this.

    Step 1 (prerequisite)

    1. I have a SharePoint Site http://fabrikam which looks like this


    2. I also have a calendar “MySharePointCalender” , with a few calendar events entered.


    3. I have my Exchange Calendar in Outlook, with a few meeting/events there as well.


    4. What we want is to see events from my Exchange calendar show up on the SharePoint calendar.

    Step 2 (The actual process)

    1. Open the SharePoint calendar  --> Calendar Tools –> Calendar Overlay –>New Calendar,



    Fill in the :

    • Name: Give a name to this calendar
    • Type: Select Exchange
    • Outlook Web Access URL: the OWA url of your organization.
    • Exchange Web Service URL: which can be determined as follows:

    If your OWA URL is, then the Exchange web Service URL would be

    (in other words, from the OWA URL , remove the trailing “owa” and add “ews/exchange.asmx”)


    Step 3 (The awaiting Error and the fix)

    If you have not previously configured SharePoint to trust your Exchange server, you will receive the following error message:

    Could not establish trust relationship for the SSL/TLS secure channel with authority ‘dc’. (GUID)


    Here is the fix

    1. Get the CA Root Certificate for your domain

    (Just a note, there are many ways to get the certificate, I’m taking the one that is less prone to error)

    a. Go to the Server where you have the Certificate Authority installed. Open IIS and select the Server Certificates component.


    Double click on Server Certificates

    Locate the Root Certificate of the CA from the list, here is the one what I have.


    (To double check if this it the Root certificate, open the certificate and see the certification path, It should have just one entry (root), that is the name of the Certification Authority, in your domain.). Below the image or my root certificate


    b. Now that we have located the certificate, Open it go to Details tab and Click Copy to File

    clip_image026 clip_image028

    clip_image031 clip_image033

     clip_image036 clip_image038

    And now we have the Certificate exported to a file


    Copy this certificate to the SharePoint Server, and follow the below steps

    a. Open Central administration > Security> Manage Trust


    b. Click on New, Provide a Name (I use RootCA), and navigate to the RootCA.cer file you exported in the previous step and Click OK


    Now refresh the same calendar and confirm that you can see the Exchange calendar event for the logged in user


    Step 4 (Enhance the default behavior)

    Although we can now see the Exchange calendar, we can on only see the free/busy status, and not the actual details of the event. It would be good if we could have the details displayed here too. To display details:

    1. Open Outlook> File > Options>


    2. Go to the Calendar Section > click Free/Busy Options


    3. Select any one of the options below, I have selected Full details. Click Apply and Ok and exit out of Outlook.  Now refresh the SharePoint calendar and see the difference.



    Additional reading:

    Note: The calendar overlay is per user, meaning it will only show calendar items for the currently logged-in user.

  • Sending e-mails from Microsoft Dynamics CRM

    (post courtesy Sarkis Derbedrossian)

    I often meet Microsoft CRM users who don’t know how sending e-mail works within Microsoft Dynamics CRM. Most users think that when they create an e-mail in CRM and hit the send button, the e-mail is sent automatically. Neither Outlook nor CRM can send e-mails without a post system e.g. Exchange server. Below you will learn how e-mail within CRM works with and without Outlook

    E-mail in relation to CRM

    Once you've created an e-mail activity in MS CRM and click the Send button to send the e-mail, this mail is handled differently depending on the settings of each user is set to in MS CRM.

    E-mail can be handled through Outlook or directly through CRM ... but neither Outlook nor MS CRM can implement the physical handling of the e-mail. This is done by a mail server (Microsoft Exchange Server or another mail system).

    Sending an E-mail in MS CRM

    Do not make a fast conclusion and think that MS CRM can neither receive nor send e-mail. You should understand that the above task requires an e-mail system to accomplish.

    When you send email from MS CRM it usually happens by the following steps:

    1. The user creates an e-mail activity and clicks on the send button. The e-mail is now saved with the user as the recipient
    2. The e-mail gets synchronized to the user’s Outlook
    3. The users Outlook sends the e-mail to the mail server (Exchange)
    4. Exchange sends the e-mail through the internet

    What if the user does not have the Outlook client open? This will result in the mail will not be sent until the user logs into Outlook. For some situations this can be insufficient. Fortunately installing the e-mail router can solve it.

    Sending e-mail via the e-mail router

    If you want to be independent of Outlook, and thus could send email directly from MS CRM without using Outlook, this can be done by installing and configuring an E-mail Router.

    The e-mail Router is free software that comes with MS CRM. The software can be installed on any server that has access to a Mail Server (Exchange Server or other mail system (POP3/SMTP)) and MS CRM.

    When you send email from MS CRM using an E-mail Router it often happens by the following steps

    1. The user creates an e-mail activity and clicks on the send button. The e-mail is now saved with the user as the recipient
    2. The e-mail is sent to the e-mail router
    3. The email router sends the e-mail to the mail server (Exchange)
    4. Exchange sends the e-mail through the internet

    E-mail settings in CRM

    Depending on how you want your organization to send e-mails, remember to check the following settings:

    1. In CRM, Settings, Users
    2. Open the user form
    3. In the configuration section of the e-mail access, select the desired setting


    Configuring e-mail access

    It is possible to choose one of the following settings from the option list:

    Outlook cannot be used for sending and receiving e-mails which is related to MS CRM

    Microsoft Dynamics CRM for Outlook
    Outlook is responsible for sending / receiving e-mail. Integration with MS CRM for Outlook must be installed and configured. E-mails sent / received only when Outlook is active (open)

    E-mail router
    E-mail is sent and received with MS CRM Email Router. If this element is selected, a dialog box allows entering credentials. Check the box if you want to specify credentials

    Forwarded mailbox
    E-mail forwarded from another e-mail address. The e-mail Router is responsible for sending / receiving e-mails.

    More Information:

  • Performing an Active Directory Health Check Before Upgrading

    (Post courtesy Bonoshri Sarkar)

    Hi everyone, this is Bonoshri Sarkar here. I have worked for Microsoft as Partner Technical Consultant specializing in Directory Services for the past two years; providing end to end consulting to enable partners to design, position, sell and deploy Microsoft Platforms for their customers. In my earlier role, I worked for more than 4 years on the Microsoft Support team focusing on Microsoft Directory Services.

    Since I have a great affinity for Directory Services, I thought it would be a great idea to pen down my thoughts and experience on ensuring a smooth Active Directory Upgrade.

    For any kind of Upgrade/ Migration / Transition to go smooth, and later on to have an healthy environment, it is required to spend a fair amount of time in planning and making sure that the source or the present environment is in a healthy state. Two driving factors for any upgrade or transition include the need to utilize the new features that the new version of the product has to offer, and the other being to ease the complexities and the issues of the current environment. However, most IT Pros do not take adequate steps to check the health of their existing Active Directory environment. In this post, I would like to address some of the key steps that an AD Administrator must perform prior to an upgrade or transition.

    In my experience of assisting customers and partners in different transitions, most of the issues pertain to the source domain or the source domain controllers, so I will discuss few important things which should be considered as mandatory before going for any kind of Upgrade / Migration / Transition.

    Performing an Active Directory Health Check

    The health check should be done in 2 phases.

    1. Planning Phase

    2. Deploy Phase (just before implementing the upgrade, transition or migration)

    In the first phase we should identify what all services and roles are running on the machine that we are planning to upgrade, and rule out things that we do not want to move to our new box.

    Putting emphasis on diagnosing AD issues, we can use dcdiag to ensure a healthier Active Directory, I know we have been using dcdiag for many years, and we look for failure messages in the output, but apart from the failure messages, we can also consider issues such as those highlighted in yellow below:




    If you notice the first part of dcdiag says “failed test replication”, which implies that there are issues with Active Directory replication with this Domain Controller.

    The second message tells us that there are issues with netlogon and sysvol which are default logon shares, both the errors can be interdependent or could be because of completely different reasons. 

    In this scenario we need to fix AD replication first or dig into it more to find what is causing these errors. Now you can use few more commands to check the AD replication like repadmin /syncall /eAP. In case of a huge enterprise, you can also use Replmon (2003).

    The third message tells us that the important services are running. We need to be sure that the above services are started to ensure a smooth transition.

    If we don’t get enough details from the dcdiag results, check the event viewer, and if you do not see anything restart the FRS service and then check the event viewer for Event ID 13516.


    Apart from dcdiag you can also use Netdiag to check the network status and get detailed information.

    In addition to this, make sure the NIC card drivers are updated on the old server. 

    Instead of disabling the hardware or software based firewall between on the servers (old &new), ensure that you make the appropriate exceptions and port configurations to ensure proper communication between the directory servers (see Active Directory and Active Directory Domain Services Port Requirements).

    Any third party legacy application(s) should be tested in lab environment to make sure that they are compatible with new version of server OS and Active Directory.


    We also have different versions of Exchange BPA (Best Practice Analyzer) tools depending on the version of Exchange to check Exchange integrity and Exchange specific permission (You can select Permission check to gather that information).

    Last but not the least read the migration or transition documents ( to make sure server has all the minimum requirements.

    Once we are sure that the servers are in healthy state do not forget to take a full and a system state backup using a supported backup system as documented in the TechNet article below

    All these stitches in time would definitely save you nine hours’ worth of troubleshooting. It’s up to you to decide, would you like to troubleshoot or enjoy your Fries with Coke?

    Additional References

  • SharePoint 2010–Returning Document ID in Search Results

    (Post courtesy Sean Earp, with research and XSLT authoring by Alaa Mostafa)

    One of my favorite features of SharePoint 2010 is the Document ID.

    As discussed in the MSDN article Developing with Document Management Features in SharePoint Server 2010 (ECM):

    A document ID is a unique identifier for a document or document set and a static URL that opens the document or document set associated with the document ID, regardless of the location of the document. Document IDs provide:

    • A way to reference items such as documents and document sets in SharePoint Server 2010 that is less fragile than using URLs. URLs break if the location of the item changes. In place of the URL, the document ID feature creates a static URL for each content item with a document ID assigned to it.

    • More flexible support for moving documents or document sets at different points in the document life cycle. For example, if you create a document on a MySite or Workspace page and then publish it on a team site, the document ID persists and travels with the document, circumventing the broken URL problem.

    • A document ID generator that assigns a unique document ID to items. You can customize the format of the IDs that the service generates. By using the document management API, you can write and use custom document ID providers.


    When browsing a document library with this feature enabled, you can display the Document ID column, and you will be able to see the Document ID for a given document.  Easy enough, and useful if you need to reference this Document ID in another system.

    This works great when you can browse a document library, perhaps using the new metadata navigation and filtering capabilities of SharePoint 2010, but if your document library is holding thousands and thousands of documents, users may resort to using search to find the document they are looking for.  Unfortunately, SharePoint search does not display the document ID is the search results by default.


    Fortunately, SharePoint indexes Document IDs as a managed property by default, which means that with a little magic, we can add the Document ID into the search results.

    In a nutshell, SharePoint retrieves the search results as XML, and uses XSLT to transform the XML into the pretty results you see on the search results page.  Same basic concept as HTML (which has your content) and CSS (which styles that content).  We just need to tell SharePoint to return the managed property with our Document ID, and then update the XSLT to display that managed property in the search results. 

    It is not as hard as it sounds.

    Assumptions: I assume you have enabled the Document ID feature on the site collection, all documents have been assigned Document IDs, and a full crawl has been done of the site.  I also assume you are a site collection administrator with full permissions to the site collection.

    From your Search Results page  in the site collection (wherever you have it),   click on Page –> Edit (or Site Actions –> Edit Page).  You will see a ton of zones and web parts (such as the Refinement Panel, Search Statistics, Search Box, etc.  You can customize the heck out of the search results page, and move things all over the place.


    For now, however, we are just going to modify the Search Core Results web part that contains…er… the core search results.  How intuitive!

    Edit the Search Core Results web part, and expand the section that says “Display Properties”.  Uncheck the box that says “Use Location Visualization”.  I have no idea why this option is named as it is… this is really the option that lets you edit the fetched properties and XSL.


    As a quick aside… although you can edit the fetched properties and XSL directly from the web page properties, the experience is horrible.  I strongly recommend using an XML editor like Visual Studio or NotePad++

    In the Fetched Properties section you will see a number of columns that look like the following.  these are the managed properties that are returned by SharePoint Search

    <Column Name="PictureHeight"/>  <Column Name="PictureWidth"/>

    Somewhere before the closing </Columns> tag, add a:

    <Column Name="spdocid"/>

    (Note: if you are using SharePoint search instead of FAST search replace all instances of “spdocid” with “DocID”)

    This will cause SharePoint to return the Document ID in the search results XML.  Now let’s modify the XSL so that we display the ID in the search results.  Click on the “XSL Editor…” and copy the XSL into your XML editor of choice (or, if you like pain, just edit the 938-line long XSL sheet in a browser that does no validation or color coding.  Your choice.)

    At the top of the XSL is a list of parameter names.  Add in the following parameter (order does not matter)

    <xsl:param name="spdocid" />


    Next, search for “DisplayAuthors.  After the DisplayAuthors call template, we are going to add a new call template called “DisplayID” to… well, display the ID. The template is wrapped in a conditional to ensure that if there is NOT a document ID, that it does not attempt to display a null value. 

    Add the following: following lines:

                  <xsl:if test="string-length($hasViewInBrowser) &gt; 0">
                          <xsl:call-template name="DisplayID">
                            <xsl:with-param name="spdocid" select="spdocid" />
                            <xsl:with-param name="browserlink" select="serverredirectedurl" />
                            <xsl:with-param name="currentId" select="$currentId" />


    Search for “DisplayString” and we will add a section to call our template, display the ID (along with a URL that links to the document), and we’ll put brackets around the Document ID so it stands out visually.  Add the following:

      <xsl:template name="DisplayID">
        <xsl:param name="spdocid" />
        <xsl:param name="currentId" />
        <xsl:param name="browserlink" />
        <xsl:if test="string-length($spdocid) &gt; 0">
          <xsl:text xml:space="default"> [ </xsl:text>
          <a href="{concat($browserlink, $ViewInBrowserReturnUrl)}" id="{concat($currentId,'_VBlink')}">
            <xsl:value-of select="$spdocid" />
          <xsl:text xml:space="default"> ] </xsl:text>

    We’re almost done!  Select all your XSL, copy it, and paste it back into your SharePoint window, hit Save –> Okay –> Check In –> Publish

    Voila!  The Document ID now shows up in the search results with a clickable link back to the source document.


    Random troubleshooting tip:  If you get the message “Property doesn't exist or is used in a manner inconsistent with schema settings”, this typically means one of two things:

    1. You created a custom managed property and have not yet run a full crawl so that this property does not exist in the index (this property is mapped out of the box, so it does not apply here)
    2. You are using the wrong managed property.  FAST search uses “spdocid” while SharePoint search uses “DocId”



    Attachments: I have attached a copy of the XSL I used for the above post to save you time copying and pasting into the right sections.  It works for me with SharePoint search, but use on a test server first and at your own risk.

  • Network Monitoring with System Center Operations Manager 2012

    (Post courtesy Nikunj Kansara)

    This post describes the network monitoring capabilities of the System Center Operations Manager 2012 Beta.

    In my opinion, network monitoring is the most exciting feature of the upcoming Operations Manager 2012 release. This article will help users to get an overview of the network monitoring, how to discover network devices, configure network monitoring rules and object discoveries, sneak-peek on reports generated out of network management and network dashboard.

    I have split up the blog in four different topics:

    How to discover the network devices:

    Discovery is the process of identifying network devices to be monitored.

    Operations Manager 2012 can monitor devices that use SNMP v1, v2c and V3.

    The benefit that we get by configuring Network Monitoring is that if a critical server seems to be down, and if network monitoring is configured, we will see an alert that a switch/router port is down which was connected to the critical server. We can also see the network topology diagram called the Network Vicinity view.

    Operations Manager 2012 provides the following monitoring for discovered network devices:

    • We can view connection health between the network devices and between the server and the network device
    • We can view the VLAN health based on health state of switches in VLAN
    • We can view HSRP group health based on health state of individual HSRP end points
    • We can view Port/Interface Monitoring like Up/Down, Inbound / Outbound volume traffic
    • We can view Port/Interface Utilization, Packets dropped, broadcasted.
    • We can view Processor Utilization for some certified devices
    • We can view Memory utilization some certified devices

    Network device discovery is performed by discovery rules that you create.

    Below are steps for creating the discovery rule:

    1. Open the Operations Console

    2. Go to Administration Workspace, right click Administration and the click Discovery

    Figure 1

    3. The What would you like to manage? Page in Figure 1 will open up and we need to select the Network Devices option and click Next.

    4. The General page in Figure 2 appears and we need to provide the Name of the discovery rule and then we need select the Management server from the drop down. And then click Next.


    • We can create one discovery rule per management server or gateway server.
    • If we are creating a second discovery rule then we will only see the management servers that don’t have any discovery rule associated with them.
    • Also, we might want plan ahead and strategically place the management servers or gateway servers so they can access the network devices that we would like to discover.

    Figure 2

    5. On the Discovery Method page in figure 3, we need to select the method to discover the network device. In this example we need to select Explicit discovery and then click next.


    • Differences between Explicit discovery and Recursive Discovery:
      • Explicit discovery – An explicit discovery rule will try to to discover the devices that you explicitly specify in the wizard by IP address or FQDN. It will only monitor those devices that it can successfully access. The rule will try to access the device by using ICMP, SNMP, or both depending on the configuration of the rule.
      • Recursive discovery – A recursive discovery rule will attempt to discover those devices that you explicitly specify in the wizard by IP address, as well as other network devices that are connected to the specified SNMP v1 or v2 device and that the specified SNMP v1 or v2 device knows about through the device’s Address Routing Protocol (ARP) table, its IP address table, or the topology Management Information Block (MIB).

    Figure 3

    6. On the Default Account Page in Figure 4, click on the Create default Run As Account as we need to create an account which will be used to discover the network devices.

    Figure 4

    7. On the Introduction page of Create Run As account Wizard in Figure 5, click next

    Figure 5

    8. On the General Properties page of the Create Run As account Wizard in Figure 6; enter the Display name of the Run As Account and click next.

    Figure 6

    9. On the Credentials page on the Create Run As account Wizard in Figure 7, enter the SNMP community string and click on create.

    SNMP Community Strings

    We can configure Read only [RO] and Read Write [RW] SNMP Community strings. With the RO Community string we have read access to the network device. For Operations Manager 2012, we need only RO SNMP Community String to access the device. So it’s should be easy to convince the network guys ;-)

    Figure 7

    10. On the Default Account Page in Figure 8, select the created Run As Account and click on Next.

    Figure 8

    11. On the Devices Page, click on Add Button

    Figure 9

    12. On the Add a device window in Figure 10, enter the IP address / Name of the device we want to monitor; Select the Access Mode as ICMP and SNMP (You can also select ICMP only and SNMP only); Select the version on SNMP as v1 or v2; Select the created Run As account and then click OK.


    • We use ICMP only in the scenario where we need to know the availability of the gateway router from the ISP to verify if the interface is up or down.
    • We use SNMP only in the scenario where we want to monitor a Firewall on which ICMP is blocked.
    • If we specify that a device uses both ICMP and SNMP, Operations Manager must be able to contact the device by using both methods or discovery will fail.
    • If you specify ICMP as the only protocol to use, discovery is limited to the specified device and monitoring is limited to whether the device is online or offline.

    Figure 10

    13. Now Click Next on the Devices Page as in Figure 11.

    Figure 11

    14. On the Schedule discovery Page in Figure 12, Select the discovery schedule and click Next.


    You may also select to run the discovery manually.

    Figure 12

    15. Click Create on the Summary page

    Figure 13

    16. Click Yes on the Warning box as in Figure 14. We need to distribute the created Run As account to the Management server for discovery and to the Management Server resource pool for monitoring that was selected in General properties [Figure 2]

    Figure 14

    17. Click close on Completion.

    Figure 15

    18. Now in the Administration Workspace, go to Discovery Rules Node under the Network Management Node. You will able to see the Discovery Rule that has created. Click Run if we want to Run the discovery manually. See Figure 16

    Figure 16

    19. See the Figure 17 for the Task Status window that appears when we run the Discovery Manually. The success Status suggests that the discovery is submitted successfully and not that the devices have been discovered. Click close.

    Figure 17

    20. We will see probing status of the discovery rule when it has actually found the device. See Figure 18

    Figure 18

    21. The Discover Rule starts processing the discovered components as in Figure 19

    Figure 19

    22. The status of the discovery rule will go to pending and will run again as per the discovery schedule that we selected Wizard. If we would have selected manual discovery option in the Wizard than the status would go to Idle. See Figure 20.

    Figure 20

    23. Go to Network Devices under Network Management to see the discovered device. See Figure 21.

    Figure 21

    24. Double click the Network device to view the properties page and more information about that discovered device. See Figure 22.

    Figure 22

    B. Network Monitoring:

    We will see some of the views that are relevant to the network device that we discovered in previous step.

    1. Go to Monitoring Workspace; double click the Network Monitoring Folder to see the Network views. See Figure 23.

    Figure 23

    2. Select the Network Devices view to see the Network Devices being monitored.

    Figure 24

    3. Click on the Health Explorer to the Subcomponents of the Switch. See Figure 25 & 26

    Figure 25

    Figure 26

    4. Click on the VLANs view to see the VLANs in which the switch is participating. See Figure 27

    Figure 27

    5. Click on the ICMP Ping Response Performance view or Processor utilization Performance view to see the performance graph for ping response. See Figure 28 & 29.

    Figure 28

    Figure 29

    C. Dashboard:

    1. To see the connections between the connected nodes and the network device, click on the Network Vicinity view. See figure 30.

    Figure 30

    2. Click on the show computers check box to see the connections. See figure 31.


    By default we can see connections which are one hop away from the network device.

    We can select at max 5 hops. In environments with large number of network devices, selecting five hops can take a while for Operations Manager 2012 to show the data and the view might not be useful to you.

    Figure 31

    3. Now coming back to Network devices view in Monitoring workspace, click on the Network Node Dashboard. We will able to view all the information related to Network devices in the just one window. See figures 32, 33, 34 and 35.

    Figure 32

    Figure 33

    Figure 34

    Figure 35

    D. Reporting: [See Figure 36]

    Processor Utilization Report: It displays the processor utilization of a particular network device in a specified period of time.

    Memory Utilization Report: It displays the percentage of free memory on a particular network device in a specified period of time.

    Interface Traffic Volume Report: It displays the rate of inbound and outbound traffic that goes through the selected port or interface in a specified period of time.

    Interface Error Packet Analysis Report: It displays the percentage of error packets or discarded packets, both inbound and outbound, for the selected port or interface.

    Interface Packet Analysis Report: It displays the types of packets (unicast or non-unicast) that traverse the selected port or interface.

    Figure 36

    Additional Resources

  • Integrating Remote Desktop Services with SharePoint Server 2010

    Post courtesy of Yashkumar Tolia

    One of the first things that an IT administrator (and even an end user) dreams for is “Integration”. For an administrator, integration of multiple technologies in your environment, consolidation of various products, management of everything from one single place, provision of data in a secured manner; are a few reasons. While for an end user, single point of access, anytime consumption of data and Single Sign-On pops up to one’s mind.

    Remote Desktop Services

    One of the prime technologies used by IT administrators for virtualization is Remote Desktop Services, previously known as Terminal Services. The TechNet article, Remote Desktop Services Overview, gives a great beginning to understanding this technology. As the link mentions, the major advantages of adopting this technology are:

    • Application deployment: You can quickly deploy Windows-based programs to computing devices across an enterprise. Remote Desktop Services is especially useful when you have programs that are frequently updated, infrequently used, or difficult to manage.
    • Application consolidation: Programs are installed and run from an RD Session Host server, eliminating the need for updating programs on client computers. This also reduces the amount of network bandwidth that is required to access programs.
    • Remote access: Users can access programs that are running on an RD Session Host server from devices such as home computers, kiosks, low-powered hardware, and operating systems other than Windows.
    • Branch office access: Remote Desktop Services provides better program performance for branch office workers who need access to centralized data stores. Data-intensive programs sometimes do not have client/server protocols that are optimized for low-speed connections. Programs of this kind frequently perform better over a Remote Desktop Services connection than over a typical wide area network.

    SharePoint Server 2010

    SharePoint Server 2010 is not just viewed as a content sharing and accessing product any more, but as a Business Collaboration Platform for the Enterprise and the Internet. With features like content management, workflows, search, SharePoint Server 2010 helps you to connect with colleagues and information; manage and govern enterprise content; balance user experience with policy and process; and help users find the content, information, and people. A great guide for understanding SharePoint Server 2010 is found in TechNet, SharePoint Server 2010.

    Integration of Remote Desktop Services with SharePoint Server 2010

    Integration of these 2 technologies opens up great avenues for consolidation. The Remote Desktop Web Access server role can be taken over by the already present SharePoint Server 2010 in the environment. This provides the possibility such as:

    • Single Website: As the SharePoint website is already present; this can be leveraged to publish the RemoteApps that are hosted on the Remote Desktop Session Host server. This reduces the URLs that the end user has to remember to access company data and applications.
    • Customization: The SharePoint Website, unlike the Remote Desktop Web Access default web portal, can be customized as per company needs. This gives the company freedom to brand, color code, provide additional links or shortcuts as required.
    • Accessing content through RemoteApps: If the content in SharePoint needs a particular RemoteApp to run, you can make a connection to the RemoteApp and then open the doc in it. This gives you the capability of accessing this data over the internet as well, without having to worry about security.

    Steps to integrate Remote Desktop Services with SharePoint Server 2010

    The integration of SharePoint Server 2010 (from now on, we will call it SPS) with Remote Desktop Services (from now on, we will call it RDS), is divided into 5 steps:

    1. Installation of RDS Session host server role
    2. Installation of SPS
    3. Installation of RDS Web Access server role on SPS
    4. Configuration of the Terminal Services Web Part
    5. Publishing of RemoteApps

    1. Installation of RDS Session host server

    Perform these steps on the RDS Session Host server:

    a. Go to Server Manager -> Roles -> Add Roles. This will take you to the Add Roles Wizard. Click Next.


    Figure 1: Add Roles Wizard

    b. Select Remote Desktop Services. Click Next.


    Figure 2: Role Selection

    c. Click Next.


    Figure 3: Introduction to Remote Desktop Services

    d. Select Remote Desktop Services Session Host role. Click Next.


    Figure 4: Role Service Selection

    e. Click Next.


    Figure 5: Uninstall and Reinstall Application for compatibility warning

    f. Select Require Network Level Authentication. Click Next.


    Figure 6: Network Level Authentication Selection

    g. Select the appropriate licensing scheme. Click Next.


    Figure 7: Licensing Mode Selection

    h. Select the appropriate users you want to give access to the RDSH server. Click Next.


    Figure 8: User Group Definition

    i. Select any of the features that you want to include in the Desktop Experience. Click Next.


    Figure 9: Enabling Desktop Experience

    j. Click Install. Reboot the server.


    Figure 10: Installation summary

    2. Installation of SPS 2010

    Perform these steps on the SPS server:

    a. Install SPS 2010.


    Figure 1: SharePoint Installation

    b. Check mark Run the SharePoint Products Configuration Wizard now. Click Close.


    Figure 2: SharePoint Installation completion and Run Configuration Wizard

    c. Click Next.


    Figure 3: Configuration Wizard

    d. Click Yes to restart the services.


    Figure 4: Restarting of Services

    e. Go to the SPS website by typing the following URL: http://<servername>/, to check if the SharePoint site is working fine or not.


    Figure 5: SharePoint Website Home Page

    3. Installation of RDS Web Access server role on SPS

    Perform these steps on the SPS server:

    a. Go to Server Manager -> Roles -> Add Roles. This will take you to the Add Roles Wizard. Click Next.


    Figure 1: Add Roles Wizard

    b. Select Remote Desktop Services. Click Next.


    Figure 2: Selection of Role Services

    c. Click Next.


    Figure 3: Introduction to Remote Desktop Services

    d. Click on Add required role services.


    Figure 4: Add required Role Services

    e. Click on Next.


    Figure 5: Introduction to IIS

    f. Click Next.


    Figure 6: Add role services

    g. Click Finish to finish installation.

    4. Configuration of the Terminal Services Web Part

    Perform these steps on SPS server:

    a. Go to %SystemDrive%:\inetpub\wwwroot\VirtualDirectories\80. Right click Web.config and edit it in wordpad.


    Figure 1: Editing web.config file

    b. In the <SafeControls> section, add the following line under the other SafeControl Assembly entries (as a single line):

    <SafeControl Assembly="TSPortalWebPart, Version=, Culture=neutral, PublicKeyToken=31bf3856ad364e35" Namespace="Microsoft.TerminalServices.Publishing.Portal" TypeName="*" Safe="True" AllowRemoteDesigner="True" />


    Figure 2: Adding SafeControl Assembly

    c. Open an elevated command prompt. To do this, click Start, right-click Command Prompt, and then click Run as administrator:

    · Type mkdir "%SystemDrive%\Program Files\Common Files\Microsoft Shared\Web Server Extensions\wpresources\TSPortalWebPart\\images" and then press ENTER.

    · Type mkdir "%SystemDrive%\Program Files\Common Files\Microsoft Shared\Web Server Extensions\wpresources\TSPortalWebPart\\rdp" and then press ENTER.

    · Type cacls "%SystemDrive%\Program Files\Common Files\Microsoft Shared\Web Server Extensions\wpresources\TSPortalWebPart\\images” /T /E /P NetworkService:F and then press ENTER.

    · Type cacls "%SystemDrive%\Program Files\Common Files\Microsoft Shared\Web Server Extensions\wpresources\TSPortalWebPart\\rdp” /T /E /P NetworkService:F and then press ENTER.


    Figure 3: Adding files to the Web Parts


    d. Go to the SharePoint website as an administrator. In the upper-right corner, on the Site Actions tab, click Site Settings.


    Figure 4: Editing the Site Settings


    e. Under Galleries, click Web Parts.


    Figure 5: Adding Web Part to the Gallery


    f. Under the Web Part Gallery heading, click New.


    Figure 6: Adding the TSPortalWebPart to the list


    g. Select the check box next to Microsoft.TerminalServices.Publishing.Portal.TSPortalWebPart, and then click Populate Gallery.


    Figure 7: Adding the new Web Part

    5. Publishing of RemoteApps

    Perform these steps on the SPS server:

    a. On the Site Actions tab, click Edit Page.


    Figure 1: Edit Web Page

    b. Choose the location on the website where you want to add the Web Part, and then click Add a Web Part.


    Figure 2: Adding the Web Part to the site

    c. In the Add Web Parts -- Webpage Dialog dialog box, under the All Web Parts heading, select the TSPortalWebPart check box, and then click Add. The TSPortalWebPart Web Part will appear on the page.


    Figure 3: Select the TSPortal Web Part

     d. To configure the Web Part, click edit in the upper-right corner of the Web Part, and then click Modify Shared Web Part.


    Figure 4: Editing the Web Part

    e. In the RD Session Host server(s) or RemoteApp and Desktop Connection Management server name box, type <RDSservername> and then click OK.


    Figure 5: Adding the RDS Session Host Server

    f. Click Save icon in the top left corner of the website.


    Figure 6: Saving the Web Part to the site


    g. Test the application by running a RemoteApp.


    Figure 7: Selecting the RemoteApp


    Figure 8: Connecting to the RemoteApp


    Figure 9: Providing credentials


    Figure 10: Using the RemoteApp

    In this way, you can leverage your already existing environment and integrate it for a single website for the users to log into and get their RemoteApps. This combined with the search and content sharing capabilities gives the user a seamless experience.

    Additional Information

    To learn more, check out the following articles:

    Customizing Remote Desktop Web Access by Using Windows SharePoint Services Step-by-Step Guide

  • Capture a Windows® Image from a Reference Computer Using Capture Media—for IT Pros

    (This post courtesy of Simone Pace)

    In order to use System Center Configuration Manager 2007 to distribute the Windows 7 operating system to our managed clients, we need to provide to the OS bits somehow to the site server. One of the methods we can use is capturing a Windows 7 WIM image from a previously prepared reference computer.

    System Center Configuration Manager 2007 offers standard and easy ways to deploy software in our IT Infrastructure. One of the most relevant features we can take advantage of is the highly customizable Operating System Deployment capability built in the product.

    The Windows Vista® and Windows 7 new WIM image format further simplifies OS distribution by being independent from the destination client system’s hardware, so that we can use a single image to target different computers and keep our image repository less complex and more easily managed. This post shows an example of steps we can follow to successfully capture a WIM image of Windows 7 Ultimate Edition x64 from a reference computer.

    Note: Further posts will follow that illustrate the specific tasks required to upgrade a Windows XP computer.

    Testing lab description screenshots and computer names used in this article refers to a Virtual scenario running on a Hyper-V R2 host:

    • Domain: (single site)
    • All Servers are Windows 2008 R2 Enterprise servers.
    • Server CON-001
    • SCCM with almost all roles installed
    • SQL Server 2008
    • Windows Automated Installation Kit 2.0
    • WDS Transport Server role installed
    • Server CON-002
    • Active Directory Domain Controller role installed
    • DNS Server role installed
    • DHCP Server role installed
    • SCCM Primary Site: C01
    • Reference client is a Windows 7 Ultimate edition x64 clean setup

    1. Create a Capture Media iso file.

    The iso image we are creating in this section will be used to boot the reference machine and start the OS wim image creation sequence.

    a. Log on CON-001 and open the Configuration Manager console.

    b. Go to Task Sequences node.

    c. Click on “Create Task Sequence Media” in the action panel.

    d. Select Capture Media and click next on the welcome page.


    e. On the “Media file” click Browse, select the folder where you are going to save the media iso file, and give it a name (for example MediaCapture), click Next.clip_image004

    f. On “Boot Image” click Browse, and select the boot image suitable for your reference computer.

    Note: Two boot images (x86 and x64) are automatically added when you install WDS role in the system.

    g. On Distribution Point leave \\CON-001 (or select you preferred DP), click Next.clip_image006

    h. Review the summary and click Finish.

    i. The server starts building the iso image.


    j. Click Close to close the wizard.

    2. Prepare the reference computer.

    a. Log on CON-Ref7Client with user Administrator account

    b. Check the following requirements

    i. The computer must be a workgroup member.

    ii. The local Administrator password must be blank.

    iii. The local system policy must not require password complexity.

    iv. Apply the latest Service Pack and updates.

    v. Install the required applications.

    3. Capture the image using the Capture Media.

    a. Capture the MediaCaputer.iso you created in Step 1 in the Virtual DVD of the reference PC (if is a VM), or

    b. Burn the MediaCapture.iso on a DVD and insert it in the computer.

    c. Boot the reference computer normally.

    d. Start the autoplay DVD and launch the Capture Image Wizard.


    e. Click Next.

    f. Set the path where you want to save the wim file, give the image a name, and insert the appropriate credential to access the path and write on it.

    g. Click Next.

    h. Fill in the required data in the Image Information window.


    i. View the summary and launch the capture by clicking Finish.


    j. The program will start executing the sysprep phase.


    k. After sysprep, the computer will restart in WinPE to start the capture.


    l. (Reboot).


    m. Computer restarts in WinPE and starts the Capture.


    n. Capturing first Partition (1-2)


    o. And capturing second partition (2-2).


    Note: The number of partitions captured depends on the reference PC’s disk partitions. In the case shown, the VM had a 100Mb partition for BitLocker® capability (Partition 1 of 2).

    p. When finished, press OK to quit and restart.


    q. On the Server we can see the captured image file.


    4. Add the file to the image repository in SCCM 2007.

    a. Share a folder and move the image file (example \\ServerName\Images).

    b. Open the SCCM console, navigate to Site Database > Computer Management > Operating System Deployment > Operating System Images.

    c. Import the image by clicking Add Operating System Image in the task panel.

    d. Type or browse the network path to the image you want to import, and click Next.


    e. Fill in the required information, then click Next.


    f. Review the summary and complete the wizard.



    5. Distribute the image to Distribution Point.

    a. In the SCCM console, navigate to the image you uploaded in step 4 (Site Database > Computer Management > Operating System Deployment > Operating System Images) and select it.

    b. Click Manage Distribution Points in the action panel.


    c. Click Next on the wizard starting page.

    d. As DP doesn’t have the image deployed yet, leave the default selection (copy) and click Next.clip_image037

    e. Select the DPs where you want to deploy the image to and include their PXE DP’s hidden share.clip_image039

    f. Click Next and Next again in the Completion page.



    g. Check the copy progress in the Package Status folder until you see it is Installed.


    h. You are now ready to distribute the Windows 7 Ultimate x64 Image to client computers, either by upgrading or installing new machines.

  • WSUS not configured error during Configuration Manager 2012 Software Update Point Installation

    (Post courtesy Anil Malekani)

    Recently I tried configuring Software Update Management in Configuration Manager 2012. After installing WSUS on the Configuration Manager 2012 box, I tried to install Software Update Point as a site role.


    The Software Update Point role successfully installed, as per the SUPSetup.log file (under C:\Program Files\Microsoft Configuration Manager\Logs)

    However, my updates still did not appear on the console. After checking the Site Component status for SMS_WSUS_SYNC_MANAGER and SMS_WSUS_CONFIGURATION_MANAGER I noticed errors as below

    SMS_WSUS_SYNC_MANAGER: Message ID 6600




    I checked under WCM.log (under C:\Program Files\Microsoft Configuration Manager\Logs), and found the following proxy error


    SCF change notification triggered.        SMS_WSUS_CONFIGURATION_MANAGER        1/1/1601 12:00:00 AM        5408 (0x1520)

    This SCCM2012.CORP80.COM system is the Top Site where WSUS Server is configured to Sync from Microsoft Update (WU/MU) OR do not Sync.        SMS_WSUS_CONFIGURATION_MANAGER        1/1/1601 12:00:00 AM        5408 (0x1520)

    Found WSUS Admin dll of assembly version Microsoft.UpdateServices.Administration, Version=3.0.6000.273, Major Version = 0x30000, Minor Version = 0x17700111        SMS_WSUS_CONFIGURATION_MANAGER        1/1/1601 12:00:00 AM        5408 (0x1520)

    Found WSUS Admin dll of assembly version Microsoft.UpdateServices.Administration, Version=3.1.6001.1, Major Version = 0x30001, Minor Version = 0x17710001        SMS_WSUS_CONFIGURATION_MANAGER        1/1/1601 12:00:00 AM        5408 (0x1520)

    The installed WSUS build has the valid and supported WSUS Administration DLL assembly version (3.1.7600.226)        SMS_WSUS_CONFIGURATION_MANAGER        1/1/1601 12:00:00 AM        5408 (0x1520)

    System.Net.WebException: The request failed with HTTP status 502: Proxy Error ( The host was not found. ).~~ at Microsoft.UpdateServices.Administration.AdminProxy.CreateUpdateServer(Object[] args)~~ at Microsoft.UpdateServices.Administration.AdminProxy.GetUpdateServer(String serverName, Boolean useSecureConnection, Int32 portNumber)~~ at Microsoft.SystemsManagementServer.WSUS.WSUSServer.ConnectToWSUSServer(String ServerName, Boolean UseSSL, Int32 PortNumber)        SMS_WSUS_CONFIGURATION_MANAGER        1/1/1601 12:00:00 AM        5408 (0x1520)

    Remote configuration failed on WSUS Server.        SMS_WSUS_CONFIGURATION_MANAGER        1/1/1601 12:00:00 AM        5408 (0x1520)

    STATMSG: ID=6600 SEV=E LEV=M SOURCE="SMS Server" COMP="SMS_WSUS_CONFIGURATION_MANAGER" SITE=CM1 PID=2424 TID=5408 GMTDATE=Fri Oct 14 00:20:03.092 2011 ISTR0="" ISTR1="" ISTR2="" ISTR3="" ISTR4="" ISTR5="" ISTR6="" ISTR7="" ISTR8="" ISTR9="" NUMATTRS=0        SMS_WSUS_CONFIGURATION_MANAGER        1/1/1601 12:00:00 AM        5408 (0x1520)

    Waiting for changes for 46 minutes        SMS_WSUS_CONFIGURATION_MANAGER        1/1/1601 12:00:00 AM        5408 (0x1520)


    I validated that the proxy had been configured correctly and my browser settings also contained the same settings.

    Resolution: After spending some time I found that Configuration Manager 2012 uses the system account proxy settings, which were set to Automatically detect settings.

    1. Using the excellent PsExec utility, I opened a command prompt under the system account (using the –s parameter).
    2. Within this command prompt running as system, I launched Internet Explorer and removed proxy settings.
    3. Finally, updates started appearing in the console.


  • System Center Operations Manager 2012 Installation Walkthrough

    (Post courtesy Rohit Kochher)

    System Center Operations Manager 2012 has significant changes in setup from Operations Manager 2007. Setup of 2012 has become simpler and installation has become easier.

    If you want to follow along on a test server, you can download Beta version of SCOM 2012 from here.

    Note: The Root Management Server (RMS) concept which from Operations Manager 2007 R2 has been removed from Operations Manager 2012. All Operations Manager 2012 servers are management servers. However we do have an RMS emulator to support those management packs which target RMS. Architecturally, servers in Operations Manager 2012 have a peer-to-peer relationship and not a parent-child relationship like Operations Manager 2007 R2.

    In this blog we will discuss the setup of Operations Manager 2012 with some screenshots of the installation wizard. Microsoft SQL Server 2008 SP1 or 2008 R2 should be installed prior running SCOM 2012 Setup. You can get more information on SCOM 2012 supported configurations here.

    Now, once we run setup.exe we will see the following screen:


    You can click on Install for setup of Management server, Management Console, Web server and Reporting Server. Under Optional installations you can choose to install Local agent, Audit Collection Services, Gateway management server, and ACS for Unix/Linux.

    Once you click on Install you will get the screen to accept the agreement. Once you accept that you will get below screen


    You can select the component that you want to install. Clicking on the arrow pointing down in front of each role will give brief information about that role. There is no explicit option to install OPS DB and data warehouse, as they are integrated. Selecting given features, you will get screen for location of program files. The default location is C:\Program Files\System Center Operations Manager 2012.


    The next step will show you prerequisite failures (if any). You will get information for failures along with download links to install any missing prerequisites.

    Next you get screen to input information about management server. You can specify if it is first management server in new management group or an additional management server in an existing management group.


    You can specify the name of the management group here. You will also get the screen to specify operations database. We need to install both operations database and data warehouse in Operations Manager 2012. Installing Data warehouse is mandatory in 2012 (a change compared with Operations Manager 2007). The data warehouse is needed for things like dashboards etc. If this is second management server you can click on Add a management server to existing management group option.


    After specifying the required information about Operations database and clicking on next, you will get similar screen for Operations manager data warehouse.

    The next screen allows you to configure Operations Manager service accounts.


    You can specify the required accounts on this screen and click on next to complete the setup. This setup will automatically assign local administrators group on server to the Operations Manager admin role. Once you enter account information here, it will be automatically verified in the background. In case the account cannot be verified (or the password is incorrect), you will get a red warning as the above picture illustrates.

    After this, you will get the option to participate in the Microsoft Customer Experience Improvement Program (CEIP) and Error reporting. Finally, you will also get the option for configuring Microsoft Updates.


    The last screen will provide you with an installation summary. Clicking on Install will start the Installation. Once finished, you are all set to monitor your infrastructure! Some of the great features in Operations Manager 2012 are the new dashboards, network monitoring , and application monitoring; which will be covered in future posts.

    You can check the deployment guide for Operations Manager 2012 here.

    System Center Operations Manager 2012 Beta resources

  • You are invited to participate in the Partner Practice Enablement: Azure Technical Training offering!

    The Partner Technical Services team is excited to share a new initiative focused on helping you understand the Azure Technical foundation to run new (cloud) or existing (on premise) workloads in Microsoft Azure with Azure Virtual Machines, and Virtual Networks.  

    The Partner Practice Enablement Boot Camp training starts with an introduction to Microsoft Azure Virtual Machines and Virtual Networks (Infrastructure Services).  It delivers the foundational knowledge needed for users intending to run new workloads in Microsoft Azure or migrate existing workloads from on-premises. 

    Students will be introduced to the rich features of Microsoft Azure Active Directory and see how it can be used to achieve single sign-on across cloud applications, protect application access, enforce multi-factor authentication, and integrate with Windows Server Active Directory. 

    The latter half of the boot camp builds on the technical knowledge from the first half, shifting to coverage of common workload scenarios for cloud computing, such as Dev/Test, SQL Server, SharePoint Server, and monitoring of workloads running in Microsoft Azure Infrastructure Services. 

    Throughout the training, students will see presentations and demos followed with recommended resources and hands-on training experiences. Students will need a Microsoft Azure Subscription and a computer or laptop to participate in the hands-on training exercises.

    Program Benefits:

    • After completing this offer, partners will be able to:
    • Learn capabilities of the Microsoft Azure platform, including cloud services and Websites.
    • Create and manage virtual machines with networking and storage.
    • Enable, secure, and load balance network endpoints with Azure Traffic Manager.
    • Create and manage the Azure Active Directories to integrate with SaaS applications, multi-factor authentication.
    • Learn deploy, manage and scale SQL Server, SQL Database and SharePoint Server in Azure

    Each engagement will be delivered in seven modules:

    • Module 1: Introduction to Microsoft Azure
    • Module 2: Virtual Machines Introduction
    • Module 3: Infrastructure Services Networking
    • Module 4: Microsoft Azure Active Directory
    • Module 5: Management and Monitoring
    • Module 6: Introduction to Azure PaaS
    • Module 7: SQL Server and SharePoint

    To see the course description, dates, and times, and to register for one or more webcasts in your region, please click on the link below:

    Partner Practice Enablement: Azure Technical Training

  • Office 365 Help Desk Troubleshooting Guide

    Update February 2016: I've had a bunch of folks reach out in the last month to tell me that this three-year-old post is out of date.  Of course!  There is an updated Help Desk Troubleshooting Guide on the FastTrack site here:  Three years from now it may not be in the same place ;)

    <Note: All of the content below is available in the Help Desk Troubleshooting Guide document that is provided as part of the Office 365 Change Management Guide for the Enterprise.  Download that kit for some great templates to enable your rollout of Office 365> 

    This resource is for first-level help desk agents who support Office 365. It provides easy access to help topics and KB articles that will help you quickly resolve the most common issues that we’ve found Office 365 users encounter. You’ll also find tools and resources for additional troubleshooting.

    How to Use this Guide

    When you receive a call from a user who has an issue, first identify the issue user is having or the task he or she is trying to accomplish. Then find the appropriate section in this document and use the tables to pinpoint the specific issue or task. Click the links for recommended articles that will help troubleshoot and resolve the user’s problem.

    Click a category below to see the common issues and tasks for that area:

    If you are an Office 365 administrator, for more information about support options see Get support for Office 365.


    Common issues and tasks related to Office 365 sign-in are listed in the following table. If a user needs help with one of frequently mentioned scenarios listed below, click the link to display an article that provides troubleshooting or how-to steps.

    Common Issues

    I’m having trouble signing in to Office 365

    I’m having trouble signing in to Lync

    I’m having Outlook connection problems after an Office 365 upgrade

    I forgot my password

    I can't sign out of Office 365 web services

    I see an error message "Your organization could not sign you in to this service"

    How Do I…

    How do I sign in to Outlook Web App?

    How do I use the new sign-in page for Office 365?

    Office 365 Email and Calendar

    Common issues and tasks related to Office 365 email and calendars are listed in the following table. If a user needs help with one of frequently mentioned scenarios listed below, click the link to display an article that provides troubleshooting or how-to steps.

    Common Issues

    I can’t receive email

    I haven’t received the message that someone claims to have sent me

    My message is taking a long time to arrive at its destination

    I’m having email issues after a custom domain was added

    When I try to access someone's mailbox folder, I see the error "Unable to open default folders-you do not have permissions to logon"

    How Do I…

    How do I set up Outlook for Office 365?

    How do I move email and contacts into my new Office 365 account?

    How do I connect Outlook Web App to other email accounts?

    How do I forward email to another email account?

    How do I use my current Office desktop programs with Office 365?

    How do I set up email in Outlook for Mac 2011?

    How do I set up Office 365 on my phone or tablet?

    How do I use the Windows 8 Mail app with Office 365?

    How do I check spelling in Outlook Web App?

    How can I recover a deleted item in Outlook?

    How do I manage some else’s email and calendar in Outlook 2013?

    How do I allow someone else to manage my mail and calendar in Outlook 2013?

    SharePoint and SkyDrive Pro

    Common issues and tasks related to Office 365 file sharing with SkyDrive Pro are listed in the following table. If a user needs help with one of frequently mentioned scenarios listed below, click the link to display an article that provides troubleshooting or how-to steps.

    Common Issues

    I’m having trouble with the “Open with Explorer” command

    I need to recover a deleted file

    I’m running into storage limits

    How Do I…

    How do I update my profile to help people find me?

    How do I post something to everyone?

    How do I post something to a small group of people?

    How do I share items in SkyDrive Pro?

    How do I create a site?

    How do I move a document from one library to another?

    How do I synchronize a library to my computer?

    How do I synchronize SharePoint content with Outlook?

    How do I password-protect a page on my site?

    How do I add an app to my SharePoint site?

    Office 365 ProPlus Desktop Programs

    Common issues and tasks related to Office 365 ProPlus desktop programs are listed in the following table. If a user needs help with one of frequently mentioned scenarios listed below, click the link to display an article that provides troubleshooting or how-to steps.

    Common Issues

    I’m having trouble installing Office 2013

    I’m having trouble installing Office 2013

    Downloading Office 2013 is slow

    Office 2013 or Office 365 setup stops responding

    I see the error "Activation Error"

    I see the error “Microsoft Office Subscription Error” or “Office Subscription Removed” or “No Subscription Found”

    I see the error “Can’t verify the signature” during installation

    I see the error “Internet Connection Required”

    I see the error “A program needed by the Office Subscription service is not running”

    I see the error “Microsoft Office Repair Required”

    I see the error "Windows cannot find 'C:\Program Files\Microsoft Office 15\clientX64\integratedOffice.exe'"

    I see the error "Something went wrong and we can't sign you in right now"

    I see the error "Can't verify the signature"

    I can’t install Office 2013 on Windows XP or Windows Vista

    I can't install both the 32-bit and 64-bit versions of Office 2013

    How Do I…

    How do I create an Outlook Data File (.pst) to save my information?

    How do I import Outlook items from an Outlook Data File (.pst)?

    How do I uninstall Office 2013?

    Lync and Web Conferencing

    Common issues and tasks related to Office 365 web conferencing and online meetings with Lync are listed in the following table. If a user needs help with one of frequently mentioned scenarios listed below, click the link to display an article that provides troubleshooting or how-to steps.

    Common Issues

    I get an error when I try to sign in to Lync

    I can’t connect to a Skype user

    How Do I…

    How do I set up Lync 2013 for Office 365?

    How do I change my picture?

    How do I add a contact in Lync?

    How do I add an external contact in Lync?

    How do I install and sign in to Lync for Windows Phone?

    How do I install and sign in to Lync for iPhone?

    How do I install and sign in to Lync for iPad?

    How do I install and sign in to Lync for Android?

    How do I call into a Lync meeting?

    How do I make a Lync audio call?

    How do I add audio to a Lync IM?

    How do I set up a Lync meeting?

    How do I change participant settings for Lync meetings?

    How do I join Lync meeting with Lync Web App?

    How do I join a Lync meeting?

    Advanced Office 365 Troubleshooting Tools

    If more advanced troubleshooting is required, administrators should start with the autochecks available in OnRamp. The autochecks are designed to deliver the most robust diagnostic information for deploying Office 365 and replace the Deployment Readiness Tool. Once you have used the autochecks to evaluate your overall deployment, you can use the tools below to troubleshoot specific areas of your deployment.

    Tools for Help Desk Personnel

    Office 365 Troubleshooting Tools


    Office 365 Outlook Connectivity Guided Walkthrough

    A guided walkthrough that helps you resolve connectivity or performance issues when you connect your Outlook client to an Office 365 mailbox.

    Office 365 Community troubleshooting tool

    A do-in-yourself troubleshooter that helps you find articles and tools related to a specific problem or question.

    Office configuration analyzer

    A downloadable tool for Help Desk personnel that analyzes several Office programs for common configurations that may cause problems.

    Tools for IT Administrators

    Office 365 Troubleshooting Tools


    Microsoft Remote Connectivity Analyzer (RCA)

    A set of tools that test Office 365 DNS, sign-on, Exchange, and Outlook connectivity.

    Microsoft Connectivity Analyzer

    A downloadable client program that identifies connectivity issues between email clients and Office 365 or Exchange Server.

    Microsoft Lync Connectivity Analyzer

    A downloadable client program that determines whether Lync supports connections from Lync Windows Store app for Windows 8 and Windows RT, and from Lync mobile apps.


    A set of tools that performs network diagnostics and collects system configuration, network configuration, and logging information for applications that are used to connect to Microsoft Office 365.


    A tool for Active Directory administrators that performs discovery and remediation of identity objects in preparation for migration from on-premises Active Directory environment to Office 365.

    Sample PowerShell scripts for Office 365 deployments

    A collection of Windows PowerShell sample scripts can be used to automate a number of Office 365 deployment tasks.

    Office 365 Troubleshooting & Diagnostic Tools

    This wiki contains information about tools that you can use to help troubleshoot issues with Office 365 pre-upgrade. It also contains links to resources such as Microsoft Knowledge Base articles, troubleshooting videos, and TechNet Radio webcasts that show how the tools are used to diagnose and resolve specific Office 365 scenarios.

    Fix Empty DisplayName Attribute for On-premises Mail-Enabled Groups

    A script that verifies displayName property for mail-enabled groups.

    Fix Duplicate User Principal Name for On-premises Active Directory Users

    A script that enables you to export Active Directory users that have duplicate or empty user principal names so that you can correct and import them.

    New Office 365 and AD FS/DirSync Information Available

    Information about new Office 365 tools: Client Access Policy Builder, Office 365 Federation Metadata Update tool, and DirSync Count Total Synchronized Objects.

    Office 365 URLs and IP address ranges

    Information about the IP addresses and URLs that are used by Office 365 for enterprises cloud-based services.

  • Accelerate the sales cycle of Microsoft Azure solutions through "Azure Starter Kit: Technical Presales" offerings

    The Partner Technical Services team can help you accelerate the sales cycle of Microsoft solution through Azure Starter Kit: Technical Presales offerings.

    The Azure Technical Presales Starter Kit is a package offering designed to accelerate the sale and business opportunity with Microsoft Azure solutions through one-to-one sessions with Azure experts. Partners will receive a bill of materials to get support and recommendations for the most common usage scenarios with Azure. 

    To see the course description and steps to schedule one-to-one technical presales assistance, please click on the link below:

    Azure Starter Kit: Technical Presales

  • Receive Consultative Guidance on Azure deployment with "Azure Deployment Shadowing Services" offerings

    The Partner Technical Services team is excited to share Azure Deployment Shadowing offerings" through consultative guidance from Microsoft Azure expert.

    Azure Deployment Shadowing is a scenario based one-to-one consultative offering designed to enable partners to deploy Azure solutions based on specific customer scenarios, including technical and project management discussions with customer engagement guidance. Scenarios include application servers and high availability, development and test, archiving and back up, and SharePoint and BI. After completion of the course, you will:

    • Reduce the learning curve cost by focusing on a proven scenario 
    • Help assess and determine the technical requirements for migrating existing applications to the cloud 
    • Get tools and templates to use when discussing common deployments with customers 
    • Receive a recommended set of topology diagrams for implementing common scenarios in Microsoft Azure 
    • Receive guidance for self-study to learn a specific scenario at a technology level 

    To see the course description and steps to schedule one-to-one consultative guidance assistance, please click on the link below:

    Azure Deployment Shadowing Services

  • Take advantage of your Office 365 Internal Use Rights

    In the past, MPN Partners with the Cloud Essentials and Cloud Accelerate had access to Internal Use Rights for Office 365.  Now, however, all partners with a Microsoft Action Pack Subscription (MAPS) as well as Partners with a Silver or Gold competency all have access to free Internal Use Rights licenses for Office 365.  This gives you an opportunity to try out the service, so you can speak from experience when you discuss the benefits with your customers.  It also means that someone else takes care of running your servers so that you can spend more time working and less time patching and troubleshooting.

    I wanted to share a few resources to help get you started.  First, the page with all the information you need on your Internal Use Rights licenses, how to access them, how to earn more licenses, and how to activate your partner features is available at:

    In the following video, York Hutton walks through the Internal Use Rights (IUR) core benefits, discussing how they now give partners the power of choice to mix and match online services and on-premises software licenses. Microsoft partners can choose between work-alike solutions for productivity, demonstration, development, testing, and internal training purposes.

    In this video, York walks through the process of activating your IUR benefits, whether you are using them for the first time, or transitioning from a previous license grant:

    A few additional resources:
    KB2887467: Support Article: What are my internal use rights benefits?

    Office 365 partner features how-to guide (Learn about partner features available to help you sell to and manage your customers, including how to offer and use delegated administration, and how to send quotes and trials.)

    If you have program questions (how do I get my license, where is my key, how do I sign up for MAPS or renew my membership?) visit the Partner Membership Community

    If you have technical questions (why am I getting an error message when migrating my mailboxes? how do I resolve a DirSync error about an invalid attribute?), visit the Partner Online Services community.

    If you have a Silver or Gold competency, you have access to 20 and 50 (respectively) hours of advisory services consultation with a Partner Technical Consultant.  These consultants are a great resource to help plan for a deployment (even if it is an internal deployment). Submit an advisory request via:

    All partners holding current internal-use software licenses available through a cloud program must make the transition so that they are in alignment with the new internal-use software license process and entitlements, which are available to Action Pack subscribers or competency partners, prior to June 30, 2014, or your internal-use software licenses will expire.
    Download the instructions to transition to the new system

  • "Modernize and Automate your Infrastructure" through consultative guidance

    The Partner Technical Services is excited to release Modernize and Automate your Infrastructure offerings through one-to-one consultative guidance.


    Engage in this one-to-one consultative guidance to upgrade your IT infrastructure and automate with self-service and cloud integration to meet the needs of your customers in the cloud era. By taking this offering you will be able to:


    • Learn challenges associated with legacy systems and how to address them with end of support coming in July 2015
    • Assess the data centers with application service topology, and compatibility with Windows Server 2012 R2
    • Discover inventory, and assess application migration path based on 7Rs for application modernization
    • Upgrade to Windows Server 2012 R2 and System Center 2012 R2 using AppZero, and Azure Application Considerations
    • Consolidate and migrate the data centers
    • Learn modern systems automation, and Orchestrator Runbook architecture
    • Enable self-service through server and VM provisioning


    To see the course description and steps to schedule one-to-one consultative guidance assistance, please click on the link below:

    Modernize and Automate your Infrastructure

  • Virtual Drumbeat Office 365


    Come learn the proven best practices for selling Office 365, Virtually!

    The Virtual Drumbeat Sales day, April 18th, provides partners in sales and pre-sales technical roles with best practice sales training for Office 365.  Selling Office 365 requires a new way of selling, come hear about it.  In addition to sharing Microsoft best practices, programs, and selling tools, we will also present insights into the cloud services market and the opportunity for partners who invest in growing an Office 365 practice.  

    You will also have the opportunity to interact and learn from your industry peers and representatives from Microsoft.

    Date: April 18th, 2014
    Time: 9:00 am – 5:00 pm PST


    Sales Professionals
    Pre – Sales Technical

    There is no charge for this exclusive training, however we will be imposing a no-show fee of $39 (USD) if you register, but do not cancel your registration within fourteen (14) business days before the start of the first event.

    Space is limited. RSVP today!

    Session Descriptions

    Session 01 The Office 365 Enterprise Partner Opportunity

    The new Office represents a once-in-a-generation shift in technology and a new era of partner opportunity.  Microsoft Is front-running the industry transformation to the cloud and Office 365 is leading the charge.  Learn more about our investments in the new Office and how we have created new partner opportunities across the customer lifecycle.

    Session 02 Office 365 What to Sell

    Office 365 is Microsoft’s fastest growing business ever to the tune of $1 billion and counting.  And, three out of four enterprise customers work with a partner to deploy their Office 365 service.  Are you one of these partners?  Learn more about the benefits of becoming a recognized Office 365 Cloud Deployment partner and what it takes to be one. 

    Session 03 How to Sell Office 365

    Microsoft's Office 365 is advantageously built on a set of cloud principles that form how we position Office 365 to customers.  Become familiar with these principles and learn how to showcase the value of Office 365 cloud services across a breadth of real customer scenarios.  

    Session 04 Google Compete

    The proliferation of devices, broadening workplace demographics and a transformative shift to the cloud are all trends impacting the way we work.  Office 365 clearly addresses all of these trends and is backed by a sales process that has helped grow a $1B business.  Learn how to sell to customers using the Customer Decision Framework, a sales process that enables partners to make the shift from traditional software selling to successfully sell Office 365 in the cloud. 

    Session 05 Selling with the Customer Immersion Experience 

    The Microsoft Customer Immersion Experience (CIE) is a hands-on introduction to Windows 8 and the new Office.  For partners, it is an effective sales tool that provides customers with an opportunity to experience these powerful new productivity solutions for themselves.  Learn how the CIE simplifies customer conversations and provides business decision-makers with an opportunity to experience the full Office stack to accelerate sales and close revenue.

    Session 06 Pilot and Deploy Customers with Office 365 FastTrack

    Office 365 FastTrack is Microsoft’s new 3-step pilot and deployment process designed so customers experience service value early in the sales cycle with a smooth path from pilot to full deployment within hours and no 'throw away' effort.  Learn how to utilize the Office 365 FastTrack process to get customers up and running quickly to win against the competition.

    Session 07 Office 365 Support and Communications

    Microsoft is strengthening its partner support and communications strategy to better enable our partners to sell, service and support customers.  Learn about new ways to enhance your service offerings and stay connected with the latest developments on Office 365.

    Register Here

  • You are invited to participate in the Windows Server 2003 Modernization offering!

    The Partner Technical Services team is excited to share a new initiative focused on helping you migrate from Windows Server 2003 before end of support. 

    The Windows Server 2003 offering has been designed to help you and your customers migrate from Windows Server 2003 to modernize their IT infrastructure with Windows Server 2012, and/ or Cloud Infrastructure (Hybrid Cloud/ Azure). 

    In these online workshops, get help to  understand various migration path to upgrade the legacy servers and datacenters. The Windows Server 2003 Modernization offering will help you understand the processes and tools around migrating datacenter infrastructure and workloads to the dynamic new model of hybrid cloud computing. 

    Program Benefits:

    After completing this training, you will be able to:

    • Understand Challenges associate with legacy systems, and need for migration
    • Address challenges with Hybrid Cloud
    • Assessment engagement overview
    • Migration paths
    • Datacenter Consolidation & Migration approach
    • Overview about Cloud Infrastructure (IaaS)


    To see the course descriptions, dates, and times, and to register for one or more webcasts, please click on the link below:

    Windows Server 2003 Modernization


  • Participate in the Office 365 Practice Accelerator for SMB offering!

    The Partner Technical Services team is excited to share a new initiative focused on helping you will learn the fundamental deployment principles and processes that lead to repeatable successful deployments of O365 for Small and Medium customers.

    In this Practice Accelerator version, you will learn the fundamental deployment principles and processes that lead to repeatable successful deployments of O365 for Small and Medium customers.  We will cover the new features and tools provided for Exchange Online, SharePoint Online, OneDrive for Business, Yammer and Lync Online deployments/migrations, as well as present the approach required to craft a solution in as little time as possible. You will be provided with next steps for delivery readiness of individual products and features, ensuring your delivery practice can quickly move from the vision and plan stage into pilot, deployment/migration and enhancement phases.

    Program Benefits:

    After completing this training, you will be able to:

    • Understand cloud partner business opportunities
    • Sign up for and use your Internal Use Rights (IUR)
    • Demonstrate, position, and pilot the right Office 365 plan for your customers
    • Plan for infrastructure, identities, and client deployment requirements
    • Plan for Office 365 workloads including Exchange Online, Lync Online, SharePoint Online and OneDrive for Business
    • Plan for user adoption of Office 365

    To see the course descriptions, dates, and times, and to register for one or more webcasts, please click on the link below:

    Office 365 Practice Accelerator for SMB


  • Office 365 Ask the Experts!

    The Partner Technical Services team is excited to share a new initiative focused on participating in a weekly Ask the Experts session to discuss Office 365 sales, compete, design, deployment, and best practices with an Office 365 expert.


    In this O365 Ask the Experts offering, you will have a weekly opportunity to discuss Office 365 sales, compete, design, deployment, and best practices with an Office 365 expert. The format is a weekly call with a brief technical presentation followed by a Q&A where partners can ask questions about solutions, deployment and issues encountered during their deployments.


    Program Benefits:


    By participating in this session partners will:

    • Receive a short technical training on top Office 365 deployment topics and support issues
    • Stay current on recent announcements about the Office 365 service
    • Learn design and deployment best practices from a Partner Technical Consultant
    • Ask and discuss deep technical questions blocking deployments with your customers
    • Engage in a round-table discussion with other Partners and Microsoft experts
    • Participate in an interactive Whiteboarding discussion of recommended architectures


    To see the course descriptions, dates, and times, and to register for one or more webcasts, please click on the link below:

    Office 365 Ask the Experts

  • Receive consultative guidance on Office 365 deployment and migration with "Office 365 Deployment Shadowing" offerings

    The Partner Technical Services team is excited to share a new initiative focused on helping you receive guidance and gain experience on all phases of an Office 365 deployment and migration project. This updated offering includes workload-specific guidance for Exchange Online, SharePoint Online, and Lync Online, all at a lower cost.

    The O365 Deployment Shadowing Service is an offering focused on supporting partners during all phases of an Office 365 deployment and migration project.  As organizations around the world plan to buy and deploy Microsoft solutions, they look to skilled Microsoft partners to assist with their planning and deployments.  For partners new to the cloud, the first deal can be the hardest and cloud projects for larger customers can be complex. Through this program you will have access to a dedicated Partner Technical Consultant to remotely shadow your team, review your design, and make recommendations through the engagement. 

    Program Benefits:

    After completing this training, you will be able to:

    •  Achieve faster deployment times due to a standardized deployment methodology, and have a shorter time-to-value after purchasing Office 365.
    • Maintain consistency in deliveries across projects due to dedicated Partner Technical Consultants that can quickly review plans and recommend best practices as you develop real-life experience.
    • Be enabled to drive effective O365 deployments and migrations, minimizing the risk of post migration technical issues.

    Each engagement will be delivered in four tracks:

    The price varies by package selected. 5 Advisory hours are charged for Office 365 Onboarding,  10 advisory hours for a Medium (150-500 seat) engagement, and 20 advisory hours for a Large (500-2000 Seat) engagement. Deployments larger than 2000 seats should engage Microsoft Consulting Services for co-engagement assistance. Advisory hours are included as part of the Microsoft Partner Network benefits; Gold and Silver competency partners or Microsoft Action Pack Development subscription.

    To see the course description and steps to schedule one-to-one consultative guidance assistance, please click on the link below:

    Microsoft Office 365 Deployment Shadowing Service

  • Creating an Office 365 Support Organization

    Creating an Office 365 Support Organization

    Available now on the Partner Learning Center is a new training on best practices for creating an Office 365 Support Organization.  From the session description:

    Partners want to have a consistent approach to support their customers and reduce the incidents they need to escalate to MS for resolution. This training will help Partners to build and grow their own Online Services Support Organizations, which will enhance their customer relationships and result in increased revenue opportunities.

    The target audience is either Partners who have an existing Support infrastructure and want to improve their customer experience by employing guidance and best practices from Microsoft, or Partners who do not have a support organization and are looking for guidance on how to plan, structure, implement, and continue to improve the customer-to-partner support experience.

    Click here to access: Creating an Office 365 Support Organization

  • New: Azure Cost Estimator Tool

    Have you ever wondered what it would cost to run a traditional on premise or virtualized machine in Azure? If you are like me, you’ve tried many different ways to accurately baseline the server utilization and translate that to the proper instance size and utilization in Azure.

    I have some good news for you. There is a new tool, Microsoft Azure (Iaas) Cost Estimator Tool, that will help you do this work faster and more accurately.  It takes just a minute to download and can be run quickly.

    The tool supports

    1. Microsoft technologies (Hyper-V, SCVMM)
    2. VMware technologies (vCenter, ESXi)
    3. Physical environments (Windows, Linux)

    Here is the download page with full specs and details on the tool:

    Note: No data is sent to Microsoft at any time. All report and profile information resides on the machine where the tool is installed.