The Service Level Dashboard is an application built on Windows SharePoint Services 3.0. It is designed to work with an existing Operations Manager 2007 R2 infrastructure configured to monitor business-critical applications. The dashboard evaluates an application or group over a time period that the administrator selects during setup, determines whether it met the defined service level commitment, and displays summarized data about the service levels.
The Service Level Dashboard integrates with the Operations Manager Data Warehouse database and displays service level metrics on the Windows SharePoint Services interface. All the customized and personalized data associated with the Web Parts of the Service Level Dashboard is stored in the Windows SharePoint Services Content database.
The dashboard can summarize the current status and health of all defined SLOs against an application or group of objects. Key measures used to evaluate various aspects of the health of defined SLOs include such information as service level metrics, mean time to repair (MTTR), mean time between failures (MTBF), and service level trends.
New features in Version 2.0 of the Service Level Dashboard include:
Get it here: http://technet.microsoft.com/en-us/library/cc540485.aspx
You know… the kind of day where all of the hard drives fail on one of your domain controllers, and then the new sysadmin runs a script on your production AD environment that deletes all user accounts, and then a hurricane hits your backup datacenter and floods your server room, submerging the last few backup servers you had left?
I hate it when that happens…
Fortunately, the Planning for Active Directory Forest Recovery guide has been updated to cover AD environments with Windows Server 2008.
This guide contains best-practice recommendations for recovering an Active Directory forest, if forest-wide failure has rendered all domain controllers in the forest incapable of functioning normally. The procedure steps in this guide, which you must customize for your particular environment, describe how to recover the entire Active Directory forest to a point in time before the critical malfunction. They also ensure that none of the restored domain controllers replicates from a domain controller with potentially dangerous data. The procedures apply to Active Directory Domain Services (AD DS) in Windows Server 2008 and the Active Directory® directory service in Windows Server 2003.
The time to plan for disaster is BEFORE it happens. Read through the guide, build a solid backup plan (including offsite backups), and practice the disaster recover process often enough that you know what to do when a real disaster strikes.
Download the guide here: http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=326c8a7a-dcad-4333-9050-a6303ff3155c#tm
If you are performing a greenfield or clean install of SharePoint, it is a good idea to install the latest version (which as of today would be Service Pack 2 with the April Cumulative Update). The latest install media for SharePoint, however, only has SP1 integrated, so today I will show you how to slipstream the latest updates into your install media.
To get started, you will need a copy of the SharePoint 2007 install media, the SP2 installers for both Windows SharePoint Services and Office SharePoint Server, and the latest Cumulative Updates for both WSS and MOSS. You can download them all here:
Edit: October cumulative updates have been released. Follow the same steps, but use the two following CU files instead of those released for April:
First, create a folder that will hold the slipstreamed installer. In my case I’ll call it c:\SP2Slipstream.
Next, extract the install media into that folder as follows:
OfficeServer.exe /extract:c:\SP2Slipstream (there are no spaces after the /extract switch). You will end up with the folder structure below.
The Updates folder is where we are going to extract all up the SP2 and Cumulative Update files, and setup.exe will be smart enough to integrate the updates at install time.
Next, extract the four update files as follows:
When you are done, the Updates folder will be full of msp files.
One last step before you burn the SP2Slipstream folder to a CD… Delete Wsssetup.dll from the updates folder because it conflicts with Svrsetup.dll. Having both Wsssetup.dll and Svrsetup.dll in the updates folder for a slipstreamed installation source is not supported.
Burn your SP2Slipstream folder to a CD and you are all set to go!
*Update: I had someone ask me if the above steps will work if you are starting out with SP1 Media instead of RTM, and the answer is yes. I just like using the RTM Media as it starts out with a clean Updates folder instead of being full of SP1 updates that are superseded in SP2.
I just finished installing Service Pack 2 on my team’s SharePoint server, and the process went absolutely flawlessly (which is very different from some of my past upgrades). What made the difference? Reading the instructions (something we geeks tend to not do :)
Before we get started, here are the links for the current updates (Service Pack 2 and the April Cumulative Update) in case you want to start downloading in the background.
You will want to install the updates in the sequence above, but feel free to cancel the SharePoint Configuration Wizard that pops up at the end of installing each update. You only need to run it once at the end.
So… before you get ready to update SharePoint, make sure you visit the following:
Updates Resource Center for SharePoint Products and Technologies
This site will always list the latest updates, as well as information on the best practices for installing them.
Next, read the article about deploying software updates for Windows SharePoint Services 3.0 or the article about deploying software updates for SharePoint Server 2007. These articles are money and are what made my install go so well. Some tips that I did not follow on earlier upgrades that may help you out (there are many more tips in the above articles):
The article covers other important steps such as the correct order in which you want to install the update in a farm, how to speed up the upgrade in a farm with large content databases, updating language packs.
Make sure you also visit the Known issues that you may experience when you install the 2007 Microsoft Office suite Service Pack 2 and Windows SharePoint Services 3.0 Service Pack 2 page in case there is any late breaking issues that CSS becomes aware of from customer calls.
Lesson Learned: Read the instructions (especially on a beastie as complex as SharePoint)
Todd Klindt has already covered the new stsadm commands that were added in Service Pack 2 (SP2) of SharePoint here (Top 6 new STSADM operations in SharePoint 2007 SP2), but it looks like we slipped in a few more in the April Cumulative Update:
Lets a site collection be marked as deleted, which immediately prevents any further access to its content.
Added in the April Cumulative Update to perform gradual deletion of site collections. When an operation uses gradual deletion, a site collection is immediately marked as deleted, which prevents any further access to its content. The data in the deleted site collection is then deleted gradually over time by this timer job instead of all at once, which reduces its effect on Windows SharePoint Services 3.0 and SQL Server performance. Gradual deletion is available in the Deletesite: Stsadm operation (Office SharePoint Server)and Mergecontentdbs: Stsadm operation (Office SharePoint Server)operations.
Sets the current values of the Enterprise search settings in Microsoft Office SharePoint Server 2007.
For additional information about how to manage settings to improve search results, see Helping users make successful queries (Office SharePoint Server).
Displays the current values of the Enterprise search settings in Microsoft Office SharePoint Server 2007.
The two following articles were updated to include use of the gradualdelete parameter:
Back up and restore site collections by using built-in tools (Office SharePoint Server 2007)
Delete a site collection (Office SharePoint Server)
Today I was getting ready to install the virtual lab for a SQL Server maintenance class I am taking, and since I am on Windows 7 RC, I figured it would be a good chance to try out the new version of Virtual PC and XP Mode.
You can download both from here: http://www.microsoft.com/windows/virtual-pc/download.aspx
Don’t make the same mistake I did… you can’t install XP Mode without first installing Virtual PC. Install both.
Installation is very straightforward, and when it has completed you will have a new icon for Virtual Windows XP in your start menu.
Start up Virtual Windows XP, and you will be prompted to enter a password (you can have it remember the password if you would like).
The next screen prompts you to enable Automatic Updates (why would you do anything else?)
and then Virtual PC proceeds to complete the expansion/setup of Windows XP in the background.
After a bit, VOILA! You have Virtual PC running a fully licensed version of Windows XP SP3.
Programs that you install in the VM show up in the “Virtual Windows XP Applications” folder, and clicking on any of those applications will launch the application itself while hiding the underlying Windows XP that runs it.
It works quite well, although I am so used to the subtle look-and-feel of Windows 7 that appearance of Windows XP themed-applications hurts my eyes a bit. That’s fine… I won’t be using this on a day-to-day basis. This is really design as a transitional technology until small businesses can update their applications to versions that run natively in Windows 7.
Where did Virtual PC go?
If you get this far, you are going to run into an interesting issue. Virtual PC (the actual console) doesn’t exist.
According to the Virtual PC page, this is a feature :) I’ll withhold judgment as I was not involved in the design discussions, but it was certainly confusing to me as a long-time VPC user.
So how do you create new VMs or change settings? The answer is a new special folder (technically a Known Folder called “Virtual Machines”).
Once you open this folder (you can also get there by tapping your windows key and typing vmwindow and hitting enter), you can see a list of your machines, their status, allocated memory, hard drive locations, etc. You would create a new machine by clicking the button at the top of the window.
If you have an image selected, two more buttons show up.
The “Open” button will start up the VM, while the Settings button pulls up the familiar UI for changing VM settings.
Other than my difficulty with discovering the new UI, the VPC team has added a ton of oft-requested features such as USB support, Folder integration between host and guest (for My Documents, Pictures, Desktop, Music, and Video), clipboard sharing, and printer redirection.
Download and play with it here: http://www.microsoft.com/windows/virtual-pc/default.aspx
If you have been tasked with securing SharePoint, there are a lot of considerations to take into account. How do users authenticate? Does part of your farm live in an extranet or DMZ? How do you secure user-to-server communications? How do you secure server-to-server communications? How do you scan for viruses? How do you harden the servers in the farm?
While I cannot answer all of those questions in a single post (the Roadmap to security content for Office SharePoint Server 2007 is a great place to start), I can give you a HUGE leg up on the last question. How do you harden servers in a SharePoint farm? There are a ton of dependencies (on IIS, on SQL, on TCP/IP, potentially on IPSEC, etc) and it is very easy to miss a setting or misconfigure something that will break functionality.
Fortunately, there is a feature that was introduced in Windows Server 2003 SP1 that will make your life much easier…. the Security Configuration Wizard (SCW). In short, the SCW automates the process of hardening SharePoint (or any other type of server) by using security templates that will lock down the server as tight as a drum. Even better, if you choose a wrong setting or somehow break something while configuring security, you can simply un-apply the template and you are back where you started. No more wondering which setting you applied that broke functionality.
The SCW wizard will walk you through configuring settings including:
Assuming the generated security policy works well for your needs, it is a simple matter to apply that policy to similar servers (such as all Web Front End servers) in your farm.
The templates used to power the wizard (and generate the security policy) are standard XML files that store all the settings specific to a given component. The SharePoint template, for example, specifies what services SharePoint requires, what ports, that it has a dependency on IIS and ASP.NET, etc. To begin, download the Security Configuration Wizard Manifest for Microsoft Windows SharePoint Services 3.0 here:
If you open up the file, you can see everything that will be configured by applying the template.
The Security Configuration Wizard is not enabled by default, so stop by the Add/Remove Programs control panel, click on “Windows Components” and check the appropriate box.
Once installed, SCW will show up under Administrative Tools.
From there on, just follow the steps in the wizard. It will detect the services and roles you have installed, and most of the defaults should work fine. Most of the screen shots are self explanatory, so I’ll let them speak for themselves.
For more information on the Security Configuration Wizard, there is a page up on TechNet with all the information you may need:
I’ve been waiting for this guide for a while (‘cause that’s how I roll), but if you are interested in guidance on when/how to use Active Directory in your perimeter network, the AD team has released a guide for that:
Active Directory Domain Services in the Perimeter Network (Windows Server 2008)
The guide covers the following AD models for the perimeter network:
This guide contains direction for determining whether Active Directory Domain Services (AD DS) is appropriate for your perimeter network (also known as the DMZs or extranets), the various models for deploying AD DS in perimeter networks, and planning and deployment information for Read Only Domain Controllers (RODCs) in the perimeter network.
Because RODCs provide new capabilities for perimeter networks, most of the content in this guide describes how to plan for and deploy this new Windows Server 2008 feature. However, the other Active Directory models introduced in this guide are also viable solutions for your perimeter network.
YAASAFTSAT (AKA Yet Another Awesome Solution Accelerator From the Solution Accelerator Team) :)
Check out the new Service Level Dashboard 2.0 Beta for System Center Operations Manager 2007 R2 RC1
This free Solution Accelerator collects and monitors operational measurements for your line of business (LOB) applications. Its graphical dashboard makes it easy to keep tabs on service availability and performance, letting you:
· Spot trends in service availability and performance
· Head off problems before they occur
· Reduce costs by streamlining IT operations
This new version of the Dashboard uses Operations Manager as the engine, and Windows SharePoint Services 3.0 as its presentation platform to track and report service levels on a near real-time basis. The Dashboard now tracks additional metrics for service level compliance, including mean time to repair (MTTR), mean time between failures (MTBF), and application service level trends. The Dashboard’s SharePoint-based authentication lets you create individual Dashboards by department, so you can easily track service levels for different groups in the organization.
Click here to join the Beta on Microsoft Connect (you’ll need your Microsoft Live ID). Already using SCOM 2007 R2 Release Candidate 1 ? Click here
I just got the following from the Microsoft Operations Framework (MOF) team, and wanted to share:
The MOF team is pleased to present the MOF Quick Start Kits. Complete with ready-to-use graphics and comprehensive presentation decks, the Quick Start Kits allow you to add to any presentation with ease. Topics covered include an overview of MOF 4.0, information on MOF and compliance, training and certification updates, and study guides. The kits speak to targeted audiences— customers and partners. · MOF IT Pro Quick Start Kit. Available on the MOF home page, this customer-facing kit includes presentations, data sheets, graphics, mind maps, and links to supporting content. The kit does not include MOF core content—it directs users back to the /MOF page to download the documentation. · MOF Quick Start Kit for Partners. This kit is available through the Microsoft Partner Program site. In addition to the customer-facing content in the IT Pro Kit, this resource includes exclusive partner materials, such as data sheets, conversation points, and a customer-facing flyer.
The MOF team is pleased to present the MOF Quick Start Kits. Complete with ready-to-use graphics and comprehensive presentation decks, the Quick Start Kits allow you to add to any presentation with ease. Topics covered include an overview of MOF 4.0, information on MOF and compliance, training and certification updates, and study guides.
The kits speak to targeted audiences— customers and partners.
· MOF IT Pro Quick Start Kit. Available on the MOF home page, this customer-facing kit includes presentations, data sheets, graphics, mind maps, and links to supporting content. The kit does not include MOF core content—it directs users back to the /MOF page to download the documentation.
· MOF Quick Start Kit for Partners. This kit is available through the Microsoft Partner Program site. In addition to the customer-facing content in the IT Pro Kit, this resource includes exclusive partner materials, such as data sheets, conversation points, and a customer-facing flyer.
There is lots of good stuff in the Quick Start Kits, including the Visio diagrams, diagrams, graphics, presentations, training information, etc. The framework is completely open, and you can incorporate any of the MOF concepts, diagrams, workflows in your day-to-day work.
As always, your definitive source for MOF is http://www.microsoft.com/mof.
If you are like me, you haven’t fired up WordPad since somewhere around 1998. It has virtually no functionality at all.
Except… now it does. I was listening to Windows Weekly, and Paul Thurrott and Leo Laporte mentioned that WordPad is significantly improved in Windows 7. I fired it up to check, and they are right… it has morphed into a rather capable word processor! I love the ribbon in Office 2007, and I’m glad to see it show up in WordPad.
Not only that, but you can also natively save in Open Office XML (default format for Word 2007) or ODT (default format for OpenOffice). Not that I’d ever want to, but it’s nice to have the choice.
If you want SharePoint to, well, not look like SharePoint… we just released 10 themes that look awesome!
Download them here.
They are packaged as SharePoint Solutions so you don’t have to do the messy work of going to all of your front end web servers and horking around with your C:\Program Files\Common Files\Microsoft Shared\web server extensions\12\TEMPLATE\THEMES folder. Seriously… install them as solutions. It will save you from breaking something.
The themes are sample code. To use them you need to have:
Learn SharePoint Development here:
I ran into an interesting issue with the People Search functionality of SharePoint today (which is the opposite of a problem I ran into sometime back, and which is also covered here)
The problem today: People results are duplicated.
The problem earlier: No people results at all.
The root cause of the issue is the same… People/Profiles in SharePoint are a special object, and need to be crawled with the SharePoint (as opposed to http) protocol handler. You need to make sure that you have a content source of sps3://yourservername/. In Central Administration, open your Shared Services Provider, and click on Search Settings, and then on your Content Sources.
On my particular server, I have My Sites setup on a separate Web Application from my root Site Collection, so I thought it would be smart to add an additional entry to search my My Sites of sps3://yourservername:12345
However, SharePoint was already smart enough to crawl my profiles with the existing sps3://yourservername, so the additional entry for the My Sites host just caused it to crawl (and display) the profiles twice. Deleting the extra entry and running an incremental crawl cleared things right up. (the opposite problem of no people results occurred when I only had http://yourservername/ as a Start Address. I needed to add the sps3://yourservername entry).
I didn’t see anyone else with the duplicate people search results on the Internet, so it is possible I’m the only person that has ever made this mistake, but if not… I hope this helps :)
When SharePoint 2007 creates new Content Databases, by default it adds a GUID to the end of the database name. While you can rename it during the creation process, maybe you forgot to and you now you have a Content Database that looks like the one below (which I intended to hold my “My Sites”). Fortunately, my friend Priyo showed me how to rename the databases.
To rename it, we are going to:
Start by going to Central Administration –> Application Management and click on Content Databases
Select the Web Application associated with the database you want to rename, and click on the Database name itself.
Change the Database Status to Offline (which just makes it so that no new sites can be added to the database), click OK. Click on the database again, select “Remove content database” and click OK. This does not delete the database, just removes it from SharePoint.
Switch over to SQL Management Studio, and back up the database, then take it offline.
Next… restore the database
And choose a friendly name to restore the database to. In this case, it will be the ContentDB for my My Sites.
Switch back over to Central Admin (you probably still have open) and click on “Add a content database”
Change the database to your new friendly name, and hit OK. Voila! You now have a database name that makes sense. Once you have verified that everything still works, you can go back into the SQL Management Studio and delete the database that you previously took offline.
Note: There are some special considerations when talking about the SharePoint AdminContent database, as the GUI does not give you an opportunity to name it during initial setup, and following the GUI method will lock you out of the GUI as soon as you remove the database. The three following posts will walk you through that process, and I’ll try to do the same with screenshots in the next few days.
Unless you are Uber-l33t, you are probably not working on your Microsoft Certified Master certification. This is where the best-of-the-best come visit the better-of-the-best on the Redmond Campus to learn everything there is to know about Active Directory Services, SharePoint, OCS, SQL Server, or Exchange.
Seriously… take a look at the instructors.
Anyhoo, just because you paid the entrance fee, bought a plane ticket, and reserved a hotel room, you still have some work to do before you even set foot in the classroom. The Microsoft Certified Master team posted the pre-reading lists that candidates are encouraged (required?) to power through before showing up. If you are looking for something to keep you busy until the economy picks up, here you go:
What are you waiting for?
One thing that we are absolutely doing right in Windows 7 is paying attention to tiny details that may seem trivial, but that add significant polish to the End User experience.
In checking the date today, I see that the clock politely informs me that it changed the time due to Daylight Savings Time.
So that’s where that hour of my life went…
Good news! The SharePoint 2007 February Cumulative Update (CU) has been released. And there was much rejoicing.
In case you were wondering (I see these questions every once in a while):
Q. Does it include the Infrastructure Update? A. Yes. Q. Does it include all Hotfixes from SP1 on? A. Yes. A. Does it include the August/October/December Cumulative Updates? A. Yes.
Q. Does it include the Infrastructure Update? A. Yes.
Q. Does it include all Hotfixes from SP1 on? A. Yes.
A. Does it include the August/October/December Cumulative Updates? A. Yes.
And now for the official announcement (yes, “February” and “activated” are misspelled. I didn’t write it, just copied-and-pasted ;):
Download Information Feburary Cumulative Update Uber Package for Windows SharePoint Services 3.0 (Version: 12.0.6341.5000) http://support.microsoft.com/hotfix/KBHotfix.aspx?kbnum=961755 Feburary Cumulative Update Uber Package for Microsoft Office SharePoint Server 2007 (Version: 12.0.6341.5002) http://support.microsoft.com/hotfix/KBHotfix.aspx?kbnum=961756 Detail description Description of the Windows SharePoint Services 3.0 cumulative update package: February 24, 2009 Description of the Microsoft Office SharePoint Server 2007 cumulative update package: February 24, 2009 (Link is not actived yet) Installation Recommendation for a fresh SharePoint Server To keep all files in a SharePoint installation up-to-date, the following sequence is recommended. Windows SharePoint Services 3.0 Service Pack 1 The 2007 Microsoft Office Servers Service Pack 1 Feburary Cumulative Update for Windows SharePoint Services 3.0 Feburary Cumulative Update for Microsoft Office SharePoint Server 2007 Meanwhile, if customer need to index Visio files, there is a Visio iFilter hotfix which is not a part of the uber package. http://support.microsoft.com/kb/960502 After applying the preceding updates, run the SharePoint Products and Technologies Configuration Wizard or “psconfig –cmd upgrade –inplace b2b -wait” in command line. This needs to be done on every server in the farm with SharePoint installed. The version of content databases should be 12.0.6341.5000 after successfully applying these updates. For more in-depth guidance for the update process, we recommend that customers refer to the following articles. These articles provide a correct way to deploy updates, identify known issues (and resolutions), and provide information about creating slipstream builds. Deploy software updates for Windows SharePoint Services 3.0 http://technet.microsoft.com/en-us/library/cc288269.aspx Deploy software updates for Office SharePoint Server 2007 http://technet.microsoft.com/en-us/library/cc263467.aspx How to create a SharePoint slipstream using the latest updates (Updated for FEB CU!)
Feburary Cumulative Update Uber Package for Windows SharePoint Services 3.0 (Version: 12.0.6341.5000)
Feburary Cumulative Update Uber Package for Microsoft Office SharePoint Server 2007 (Version: 12.0.6341.5002)
Description of the Windows SharePoint Services 3.0 cumulative update package: February 24, 2009
Description of the Microsoft Office SharePoint Server 2007 cumulative update package: February 24, 2009 (Link is not actived yet)
Installation Recommendation for a fresh SharePoint Server
To keep all files in a SharePoint installation up-to-date, the following sequence is recommended.
Meanwhile, if customer need to index Visio files, there is a Visio iFilter hotfix which is not a part of the uber package.
After applying the preceding updates, run the SharePoint Products and Technologies Configuration Wizard or “psconfig –cmd upgrade –inplace b2b -wait” in command line. This needs to be done on every server in the farm with SharePoint installed.
The version of content databases should be 12.0.6341.5000 after successfully applying these updates.
For more in-depth guidance for the update process, we recommend that customers refer to the following articles. These articles provide a correct way to deploy updates, identify known issues (and resolutions), and provide information about creating slipstream builds.
Deploy software updates for Windows SharePoint Services 3.0
Deploy software updates for Office SharePoint Server 2007
How to create a SharePoint slipstream using the latest updates (Updated for FEB CU!)
Internet Explorer: What’s New in Internet Explorer 8
Everyone expects something different from their browser. Some users are most concerned with security and privacy while others are more focused on customizability. Some want full standards compatibility, and others just desire ease of use. Explore the numerous new features and enhancements in Internet Explorer 8 that allow it to meet every user’s needs. Matt Hester
Active Directory: Export, Compare, and Synchronize Active Directory Schemas
If your organization has multiple Active Directory forests, you need to manage multiple Active Directory schemas and ensure consistency between schemas. Check out our step-by-step guide to comparing and synchronizing Active Directory schemas in multi-forest environments. John Policelli
Office Communications Server: Stay Connected with Office Communicator Web Access
Office Communicator Web Access is a messaging client that requires nothing more than a Web browser. Discover how it can extend the capabilities of Office Communicator—instant messaging, presence, desktop sharing, and so on—to anyone with an Internet connection and a supported browser. Greg Stemp and Jean Ross
Office Communications Server: How Voice Conferencing Powers OCS 2007 R2
Office Communications Server 2007 provides very powerful and flexible conferencing capabilities. Learn how OCS 2007 R2 allows users to set up real time conferences with other users inside and outside the corporate firewall, supporting both ad-hoc escalation of calls to a conference and pre-scheduled conferences and meetings. Rajesh Ramanathan
Windows HPC Server 2008: High Performance Computing in the Real World
Windows HPC Server 2008 was designed specifically for use in compute-intensive environments. See how it is used, along with other Microsoft technologies, in a life science laboratory to provide a solution that enables automated processing of data generated from an imaging device. Joshua M. Kunken
I was browsing the ATI/AMD site today to find an updated driver for Windows 7 (no luck…) and got a prompt letting me know that "This website wants to run the following add-on: 'Name ActiveX Control'"
As I am not one to enable ActiveX controls unless they serve a specific purpose that I need, I searched for this particular control. It turns out it is an ActiveX control that provides presence functionality to SharePoint Server (guess what support.amd.com is running on?). On an intranet, this control is enabled by default, but not so in the Internet (guess where support.amd.com is located)?
There are 3 workarounds for this problem, two on the client side and one on the Server site, all documented here: http://support.microsoft.com/kb/931509
If anyone from AMD’s web team is reading this article, please look into the server-side fix KThxBye. :)
If you are looking to migrate from Lotus Domino or from a generic POP/IMAP mail server to Exchange 2007, I have good news! The (free) Microsoft Transport Suite has been updated, to allow for multithreaded import of POP/IMAP mailboxes, and now supports migration from Lotus Notes R8.x.
Where do I get it ? http://www.microsoft.com/technet/move
Or direct links:
Transporter Suite Release Notes Guidance
The February 2009 release includes the following major updates to the Transporter Suite for Internet Mail:
The February 2009 release includes the following major updates to the Transporter Suite for Lotus Domino:
I ended up having to do quite a bit of cleanup on the profiles associated with a team SharePoint server, and learned a bit in the process that doesn’t seem to be on the Internet in one place, so I thought I’d share.
Note: I will touch on several related areas in this post, so I apologize if I jump all over the place. All buckled in? Let’s go!
Ideally, in SharePoint, you have profiles (and maybe My Sites) for users that actually use the site (or that you want to search). For the most part, you do not want profiles of users that are disabled in Active Directory, users who have left the company, etc.
Most of the work that y0u do with profiles as an Administrator is within the SSP, under “User Profiles and My Sites”.
By default, when setting up Profile Import, SharePoint imports all users from your current domain. This is fine as a default, but you may end up pulling profiles that are not needed and/or wanted in two cases (off the top of my head):
1) You have a bunch of user/service accounts that are disabled in Active Directory.
2) You only want accounts from a particular group or OU to be imported into your SharePoint profiles.
In either of these cases, you will have to customize the LDAP query that SharePoint does on the backend to pull users out of AD. By default, the query searches for (&(objectCategory=Person)(objectClass=User)). In other words “Pull all users”.
SharePoint does not distinguish whether they are active or not. KB 827754 gives us the modified query we need to use if only pulling active users:
If you want to import users just from a particular group or OU, the query will look something like:
(&(objectCategory=Person)(objectClass=User)(memberOf=[distinguished name of the group]))
Wayne Hall’s post here is the definitive source on how to find the Distinguished Name of the group you are looking for, and how to write the query. If you want to go completely buck-wild, you can read all about LDAP Search Query Syntax on MSDN.
All right. Now if you ran the full profile import before modifying the query, and have a bunch of disabled users in AD, or imported all AD users instead of a specific group, those extra profiles now exist in SharePoint where they are not doing a lot of good.
How can you delete them?
The answer is that you have to do a Full (not incremental) profile import. This does not delete the users, but marks them as “Profiles Missing from Import”. On the “User Profiles and Properties” page of the SSP, click on “View User Profiles”
From here, there is a drop down box that lets you choose between “Active Profiles” and “Profiles Missing from Import”
Don’t laugh at the difference between my Total number of user profiles and Number of active user profiles in the picture below. Long story, no happy ending ;)
In any case, if you select “Profiles Missing from Import”, it will show all profiles that exist in SharePoint that did NOT get pulled/updated from AD in your last full crawl. This could be because someone left the company, or because your modified query now pulls less people. In any case, once you verify that that user no longer exists (or shouldn’t have a profile on the server), check the box next to their profile/account name and hit delete. You can also wait for SharePoint to run three full (not incremental) imports, after which it will delete the profiles on its own. *Update: Although this is how it worked in SPS 2003, it is not how it works in MOSS 2007. It is actually the “My Site Cleanup Job” that does the dirty work. Gyorgy covers how this works here: http://blogs.msdn.com/b/gyorgyh/archive/2009/11/13/how-it-works-moss-2007-automatic-user-profile-removal.aspx
A few other considerations to be aware of… If the user is no longer with the company, but somebody explicitly assigned them permissions to a site, list, or library… they will continue to have permissions if they ever come back (This is an issue at Microsoft as vendors may do work for one team and then come back some months later to do work for another team using the same AD account). Removing explicit permissions is a manual process (and is the reason why explicit user permissions should be the exception and not the rule). Use (and do not break) permission inheritance where ever possible. I usually put Active Directory groups within SharePoint groups, and assign SharePoint permissions to SharePoint groups. That way, if any given person joins or leaves the company, I assign/remove them from the appropriate AD group and their permissions accordingly come or go in SharePoint.
The other consideration is My Sites. How do you delete My Sites that belong to people that left the company? Once SharePoint no longer has a profile for a user with a My Site (see above), it will (by default) send an e-mail to that user’s Manager (assuming their profile has a manager listed) saying:
The My Site of Joe Blow is scheduled for deletion. As their manager you are now the temporary owner of their site. This temporary ownership gives you access to the site to copy any business-related information you might need. To access the site use this URL: http://servername/mysite/personal/joeblow
The My Site of Joe Blow is scheduled for deletion. As their manager you are now the temporary owner of their site. This temporary ownership gives you access to the site to copy any business-related information you might need. To access the site use this URL: http://servername/mysite/personal/joeblow
The manager is then added as the secondary site collection administrator for the user’s My Site, and any important documents can be copied off before the My Site is deleted. The wording of the e-mail itself is hardcoded and the wording cannot be changed. As well, this My Site cleanup is NOT part of or related to the “Site Use confirmation and deletion” feature of SharePoint. It takes place as part of the “My Site Cleanup Job” which runs hourly (you can find it under Central Administration –> Operations –> Timer Job Definitions). There were some problems with this job in RTM, but they were fixed in SP1 (in case you are still running RTM and old My Sites are still hanging around). (update to the paragraph above… commenter Chris reminded me that I was not quite right about the My Site deletion. While the e-mail itself is not related to the “Site Use confirmation and deletion” feature, sites are not actually deleted unless that feature is turned on. The e-mail to the manager is telling a fib. If the “Site Use confirmation and deletion” feature is enabled, the site is deleted due to the fact that the user never confirms the e-mail checking to see if they are still using the site; not due to the My Site Cleanup Job itself. I also came across another great resource on My Sites and disabled/deleted users from Phil Wicklund that is well worth reading: http://philwicklund.com/whitepapers/Documents/My%20Site%20Concerning%20Scenarios%20Study%20and%20Strategy.pdf)
I hope the information above helps someone if they ever end up trying to figure out how to clear out 75,000 profiles from a SharePoint server that is only used by a few hundred people :) (yes, I think I am the very definition of an edge case)
If you have a large (1-2 GB or larger) mailbox in Outlook 2007, you have undoubtedly noticed that it can take a long time to start up in the morning. Like startup-Outlook-then-go-get-a-cup-of-coffee long. (There is a reason I am not in Product Marketing).
You may have also noticed long shutdown times, an messages about “The data file ‘<file name>’ was not closed properly. This file is being checked for problems”.
If, so, then I have AWESOME news. The Outlook team has fixed all of these problems for Service Pack 2 (coming out in the next few months…), and even better, has backported these fixes into the February Cumulative Update for Outlook 2007, which is available now.
I cannot emphasize this enough… the difference is NIGHT-AND-DAY. Outlook starts up and shuts down instantly. This update strongly gets the Sean Seal Of Approval.
Outlook Team Announcement
February Cumulative Update Download Page
February Cumulative Update Whitepaper (lots of technical detail about the changes)
One thing to note… in order for the magic to take place, Outlook has to reprocess your data files the first time you open Outlook after installing the update. This can take a few minutes, after which Outlook switches into uber-snappy mode.
Within SharePoint, you can create new Site Collections or Sub Sites, which can look exactly the same to the end user, but which have some significant differences to the administrator. I won’t cover the differences here, but you can read more here or here.
One drawback to Site Collections is the fact that they do not maintain common navigation settings with parent site collections within the portal. This can lead to a jarring experience for the end user who clicks on a link, appears to just go down a level within the site hierarchy (looking at the URL), but all of a sudden has no link back to where he or she just was.
Fortunately, there is a feature to give them a path back :) At the root of the new Site Collection, click on Site Actions –> Site Settings –> Modify All Site Settings.
Under the Site Collection Administration column, click on Portal site connection
On the resulting page, click on “Connect to portal site”, enter an address and name for your portal, and hit “OK”.
Now, at the top-left of all pages in that Site Collection, you have a breadcrumb that will take them back to the parent portal, restoring sanity to the end-user experience.
Baldwin Ng and Frank Simorjay from the Solution Accelerator team will be presenting the two following webcasts. If you are a Microsoft Partner looking to increase sales opportunities or decrease customer costs (both key in our current financial environment) then make the time to log in to the sessions!
Event Name: Increase Sales Opportunities with the Microsoft Assessment and Planning Toolkit
Date and Time: Thursday January 22, 2009, 11:00 AM - 12:00 PM PST
Speaker: Baldwin Ng, Senior Product Manager, Virtualization and Online Services Solution Accelerators
Abstract: Win more engagements with the Microsoft Assessment and Planning Toolkit! Are your customers moving to Window Server 2008, Windows Vista, Office 2007, Hyper-V virtualization, or SQL Server 2008? Want to win those migration engagements? Join us for a free, invitation-only Webcast, and learn how you can use the Microsoft Assessment and Planning Toolkit (MAP) to help customers make the move to these new technologies. We’ll show you how you can use this free toolkit, to generate a secure, network-wide assessment of your customer’s hardware environment, in just a couple of hours—without deploying software agents on any inventoried machine. We’ll also show you how to use MAP’s automated IT proposals and reports to help customers plan their migration—giving you an inside track on these engagements!
Registration URL: http://msevents.microsoft.com/CUI/InviteOnly.aspx?EventID=51-87-C5-D6-B7-DA-7A-D8-F1-25-F5-94-2F-AD-9D-A0&culture=en-US
Invitation Code: 7C4121
Event Code: 1032402250
Event Name: Help Your Customers Reduce the Costs and Complexity of Regulatory Compliance!
Date and Time: Wednesday, January 28, 2009, 10:00 - 11:00 AM PST
Speaker: Frank Simorjay, Microsoft Product Manager, Microsoft Solution Accelerators – Security and Compliance
Abstract: Help Your Customers Reduce the Costs and Complexity of Regulatory Compliance! Are your customers spending too much time and money responding to a myriad of compliance laws and regulations? Are they worried about the threat of non-compliance? Join us for this free Webcast and learn how you can help customers reduce the costs and complexity of staying in compliance! You’ll hear about Microsoft’s powerful, free new suite of guides and automated compliance tools that you can easily fold into your own service offerings! We’ll show you how you can:
• Quickly and easily assess your customers’ current compliance status
• Accurately gauge your customers’ compliance risks using our new Risk Management Guide
• Streamline your customers’ ongoing compliance activities with the IT Compliance Management Guide
You’ll also have a chance to speak directly to the Microsoft team developing these exciting new solutions!
Registration URL: http://msevents.microsoft.com/CUI/InviteOnly.aspx?EventID=2A-DF-17-55-22-B1-70-8F-B7-76-DF-A6-5B-89-AC-73&culture=en-US
Invitation Code: A8F334
Event Code: 1032399071
If you at all like music, you probably visit Pandora (http://www.pandora.com) on a regular basis. Tonight, I noticed that they have a Gadget that will let you play their awesome playlists directly from your sidebar (or if you are on Windows 7, from anywhere!).
Get it here: http://www.pandora.com/on-windowsgadget