The Exchange Server administrators usually keep separate mailbox databases to organize the users and their quotas.  In this particular scenario, the Exchange account provisioning on an appropriate database using FIM 2010 would require a mechanism for retrieving the list of databases and its properties before making a provisioning decision.

The solution that I opted for, involved defining a few additional rules in the Management Agent Extension. Particularly, in my case I already had a need a custom extension to meet some business requirements so this didn’t seem too much of an effort.

This solution relies on the Windows Remote Management and Remote Exchange Management Shell. Some reference material on these technologies can be found at Connect Remote Exchange Management Shell to an Exchange Server and Windows PowerShell SDK.

Exchange Management or any other PowerShell based management Cmdlets can be access through the PowerShell SDK.  Below is the a sample that I used for creating a PowerShell session is as below:

        private Collection<PSObject> RunScript(string command, 
                              string param, string paramValue)

        {

            Collection<PSObject> psResult = null;

            using (Runspace runspace = 
                     RunspaceFactory.CreateRunspace(this._connectionInfo))

            {

                using (PowerShell powershell = PowerShell.Create())

                {

                    powershell.AddCommand(command);

                    powershell.AddParameter(param, paramValue);

                    try

                    {

                        runspace.Open();

                        powershell.Runspace = runspace;

                        psResult = powershell.Invoke();

                    }

                    catch (Exception ex)

                    {

                    }

                    return psResult;

                }

            }

        }

The RunspaceFactory.CreateRunspace method requires a valid set of credentials and a URL for the PowerShell virtual directory on the target server.  This URL is typically http:// <servername>/PowerShell.  Before calling the RunScript method I had the following snippet in my helper class to instantiate the PSCredential and WSManConnectionInfo objects.

Additionally I used a few wrapper methods for sending specific commands through the remote shell;

Snippet for getting mailbox database statistics:

       public Dictionary<string, int> GetMailboxDatabaseStatistics()

        {

            Dictionary<string, int> mailboxProperties = 
                    new Dictionary<string, int>();

            List<string> mailboxDBList = this.GetMailboxDatabases();

            int mailboxCount = 0;

            foreach (string mailbox in mailboxDBList)

            {

                mailboxCount = this.GetMailboxCount(mailbox);

                mailboxProperties.Add(mailbox, mailboxCount);

            }

            return mailboxProperties;

        }

Retrieve list of mailboxes

       private List<string> GetMailboxDatabases()

        {

            string command = "Get-MailboxDatabase";

            string param = "status";

            string paramValue = null;

            List<string> mailboxList = new List<string>();

            Collection<PSObject> result = 
                 this.RunScript(command, param, paramValue);

            foreach (PSObject obj in result)

            {

                    mailboxList.Add(obj.Members["Name"].Value.ToString());

            }

            return mailboxList;

        }

Total number of mailboxes on a given database

Fetching the right set of information using the above snippets and through Exchange Management Shell provides you every bit of information that you need on the current status of any given database.  Once you have a simple sorting/filter method written to choose a desired database,  the final step is to map the attributes flow to the Metaverse and then finally to the homeMDB attribute in the active directory.

In many cases, when a user clicks on a document in a document library inside SharePoint 2010, the login dialog is displayed asking the user to authenticate. In most deployments this is not a required behaviour.

To modify this, go to SharePoint 2010 Central Administration->"Application Management"->"Manage Web Applications" then click on the web application you want, from the ribbon: select "General Settings" and go to the "Browser File Handling" property, change it to permissive.

Recently I ran into a strange issue with out-of-the-box SharePoint workflow. Once the workflow is started, the SharePoint automatically cancels the workflow and the workflow outcomes becomes as "access denied", the description you see is "The workflow could not update the item, possibly because one or more columns for the item require a different type of information".

While the root cause of this issue is not yet known, a simple work around would be to re-publish the workflow using SharePoint designer...

• Open SharePoint designer
• Go to the "Workflows" section
• Select the workflow in question and then click publish

The impact of this solution that new version of the workflow will be published to your site and all new workflow instances should work normally. However, this will not fix the status of existing workflow instances that ran into error status.

To fix these instances (Possibly on a production environment) follow these steps...

• Launch the affected SharePoint site.
• Click Site Actions, and then click Site Settings.
• If the affected site is a sub-site rather than a top-level site, in the Site Collection Administration section, click Go to Top Level Site Settings.
• Click Site Collection Features.
• Deactivate the Workflows feature.
• In SharePoint Designer, open the root of the site collection.
• Go to Workflows.
• Remove the Workflows in question (for example, Approval - SharePoint 2010).
• In SharePoint, in Site Collection Features, reactivate the Workflow feature.
• Confirm that the workflows are functioning as expected.

Complete KB Article: http://support.microsoft.com/kb/2496152

For an IT Operations team in any large organization, the powerful set of tools provided by Forefront Identity Manager 2010 for managing groups really come in handy when it comes to organizing and streamlining the process of managing distribution groups. The administrators only need to define a criteria for the membership of those groups and FIM takes over from that point onwards.

Things are pretty straight forward when it comes to defining the filter criteria for any existing attribute out of FIM’s schema. Let’s consider a scenario when you get a request for defining new distribution groups based on the employee’s ‘Rank Number’ that is being pushed into FIM from the HR database. Fair enough.  You already have FIM 2010 up and running, doing the provisioning job without a hassle so defining an extra attribute mapping and a new distribution group is all you need. You decide to customize the metaverse and FIM schema, update the Management Agents and run the synchronization process. The next thing you notice is a bunch of funky errors.

What am I missing here?

The Management Policy Rules are the heart and soul of FIM 2010. These rules provide a highly granular level control over the access to the various objects inside the system. In order to allow the synchronization of the newly defined schema attribute you’d need to update your synchronization related MPR (as shown in the screenshot below) so the synchronization account can export the information from the metaverse to FIM.

On the Target Resources tab add the newly created attribute.

Time for a sync job

Run the synchronization process and ensure that the newly created attribute is synchronized successfully with FIM. You can verify the results from Synchronization Manager’s run log or simply by opening the information of any existing user. The custom defined attributes will be visible in the ‘Advanced View’ on the ‘Extended Attributes’ tab.

Creating distribution group

Ok. Now is the time to create our distribution group that uses a criteria-based member selection method. In my case the requirement is that all the people with ‘Rank Number = 7’ are some sort of acting ‘Line Managers’ and will be part of a single distribution group.

Let’s hit the ‘View Members’ button and voila! We see the list of users. So it’s all good to go. Let’s proceed to the summary tab and press ‘Submit’. The next we see is another access denied error.

Click on the [Details] hyperlink right next to the status error and notice the error message ‘Filter definition is not permitted.’

More permissions

Filter permissions are different from the MPRs and only allow any attributes to be used in filters. In order to allow the administrators to use the newly created attribute you need to follow these steps.

1. Log on to the FIM Portal as the administrator.

2. In the navigation pane, click Administration.

3. On the Administration page, click Filter Permission.

4. On the Filter Permission page, click Administrator Filter Permission.

5. Click on Permitted Filter Attributes and add the newly created attribute to the ‘Allowed Attributes’ list.

Let’s redo the exercise of creating the criteria-based distribution group. This time, it works perfect so let’s run the synchronization cycle.

Finally, let’s take a look at the distribution group in AD itself and ensure that the same users are part of the distribution group provisioned by FIM.

In the previous post we have covered the document based forms; now we will use InfoPath to create the second type of list based forms to customize SharePoint 2010 List forms; this post is related to the main post of InfoPath Forms Options in SharePoint 2010 :

What we will do in this post is to create SharePoint list and to customize the list input form using InfoPath then we will have quick comparison between the two type of list form.

1- Navigate to SharePoint portal and From home page Site action > View all site content

2- Click on Create

3- Click on List > Custom List > enter the list name(in our case feedback list) > Create

4

4- Click on Create Column

5- Enter the name of the column (Title and Feedback) and choose Multiple lines of text then click ok

6- Now go to Microsoft Info path designer 2010 and create a new file as follow

7- Click on new > SharePoint List > Design Form

8- Enter portal URL, click Next

9- Choose Customize an existing SharePoint List , choose (Feedback List) then click Next. Wait while connecting to the data source then click Finish

10 – The feedback Form will be automatically generated

12- Since we don’t need the attachment field, right click on the attachment row Delete > Delete row

13 – Click on File > Publish > SharePoint List

14 –After the Publish is done Click on open SharePoint List in browser to view the form in browser

15 – Browse to list (Feedback list Library) then click on to open the form; our customized form is getting displayed.

16 –After you save your feedback,browse to the library (Feedback list in our case)

The saved data is getting displayed on the list.

Now after we have finished creating sample form using the two types ,which form type should I use in my application?

Before deciding which one is better for you, let’s discuss some differences between the two types:

The first difference  is that the schema structure for a list based form is flat; it is not possible to build hierarchical information sets with grouped and nested items. And you can’t apply repeating, optional, or choice behavior to individual elements or groups; the second difference is the set of controls available in a list form . Figures below shows the available form controls that can be used in each type.

Figure: List based form controls

Figure: Document based form controls

Other difference is that List form populates the columns in the host list only in other side document based form generates an XML document containing the information entered and gathered in the form based on the schema, so if your data needs to be archived in files you can use document based forms then download the captured data in the documents themselves, in other hand you can use SharePoint workspace to have offline copy of list data in case you have used list based forms.

List based forms cannot contain managed code or repeating/nested data. so If the your solution requires managed code or complex data structures in forms it’s better to use a form based forms. Form designers can add managed code to document based forms by using VSTA Visual Studio Tools for Applications  . VSTA is an optional installation component available in InfoPath 2010 Setup. finally if Digital signatures is a requirement then document based form wines.

To summarize ; I think the following table from this article is useful to decide which type to use in your solution: