Posted on:
Categories: SharePoint
Description:
Below describes an excellent troubleshooting methodology for SharePoint errors. Scenario - Issue is occurring but user has not been able to capture correlation ID or correlation ID does not exist. - Intermittent errors that cannot be replicated Method 1. Obtain IIS logs from all SharePoint Web Servers and use log parser to filter logs based on user name and password. Further filtering can be done based on specific event if available. The example blow filters all the IIS log files in c\cases for a username %mdewji% and a line containing %workflow.asmx% in it. · Example C\cases \iis logs>logparser -iIISW3C "select logfilename,date,time,cs-method,cs-username,cs-uri-stem from *.log where cs-username like '%mdewji%' and cs-uri-stem like '%workflow.asmx” 2. The result will look similar to the output below. LogFilename date time cs-method cs-username cs-uri-stem ---------------------------------------------------------------- ---------- -------- --------- -------------------- ----------------------- C\cases\111083063986678-teck\iis logs\CGYSPSP42-Au_ex111208.log 2011-12-08 143058 POST domain\mdewji /vti_bin/workflow.asmx C\cases\111083063986678-teck\iis logs\CGYSPSP42-Au_ex111208.log 2011-12-08 143138 POST domain\mdewji /_vti_bin/workflow.asmx C\cases\111083063986678-teck\iis logs\CGYSPSP46-Au_ex111208.log 2011-12-08 143335 POST domain\mdewji /_vti_bin/workflow.asmx C\cases\111083063986678-teck\iis logs\CGYSPSP46-Au_ex111208.log 2011-12-08 152904 POST domain\mdewji /_vti_bin/workflow.asmx Statistics ----------- Elements processed 134730 Elements output 4 Execution time 0.77 seconds 2. Using the time frame from above, merge the SharePoint ULS logs using PowerShell. · Command has to be run once on the farm. · Use start/end time to create a smaller log file. · Example merge-splogfile -path "D\Merged Log files\combined.log" -overwrite -starttime "12/08/2011 0800" -endtime "12/08/2011 0900" 4. Filter through the ULS log using ULS viewer based on the following i. Correlation ID ii. Thread Gives Deep down analysis of what each CPU thread is doing iii. Time Stamps iv. Event IDs




Posted on:
Categories: SharePoint
Description:
I was recently involved in a SharePoint search performance troubleshooting exercise and thought it be helpful to outline my troubleshooting methodology and resolution for people with similar issues. Application Architecture The application architecture consists of the following elements Single web application with single site collection A single database containing all content with a single file in the default file group (not optimized) Two large libraries containing over 100K documents separated using folders Users access the content using "out of the box" enterprise search web parts within minimal customization (custom XSLT for formatting ) Issues The following is a list of issues with the environment Search response times for targeted searches were less than optimal Search response time for keywords and navigating between pages was extremely poor Search queries would time out and sometimes would error out Troubleshooting Methodology and Resolution I confirmed the user search experience by shadowing the user and did notice significant performance issues when executing targeted and keyword searches. Users also experienced timeouts and errors when targeting larger document sets during searches. I ruled out the obvious issues such as WFE, APP and SQL Server health by validating performance reports and alert conditions through SCOM. The issue was localized to the web application so I enabled the developer dashboard on the web application by running the following commands Stsadm –o setproperty –pn developer-dashboard –pv ondemand This action allowed me to invoke the dashboard on demand from any page within the web application. I enabled the dashboard on the search site and ran a typical query and here’s a screenshot of the dashboard (issue circled in red) As you can see from the snippet above page is making two WCF calls to the search service and the corresponding times are unacceptable – what’s more is that I noticed the property "isDocumentTRUE" configured in the search webpart. I proceeded to repeat the process from a generic page with search enabled and results were within acceptable range Upon further examination of the page I found two issues. The first WCF call was take a long time because the search webaprt was customized to return complete result set and then filter out the search criteria. I guess there was general lack of understanding how to interface with Search. Second search request was caused by a closed search webpart on the page. Removal of the webpart addressed the subsequent WCF call. I addressed the first issue by creating search scopes on the site for targeted searches. Here’s a snipped of the search results after implementing search scopes




Posted on:
Categories: Exchange
Description:
The main purpose of this post is to demonstrate how to connect to Office 365 using an ADFS 2.0 infrastructure and then publish it out using Microsoft ISA Server or Forefront Threat Management Gateway. I have provided only a summary of the steps involved in configuring ADFS 2.0 and setting up directory synchronization with Office 365 as these steps are very well documented by Microsoft. I have provided links to the relevant Microsoft documentation where applicable. Prerequisites · Install ADFS 2.0 on Windows Server 2008 or Windows Server 2008 R2 · A third party certificate for your Federation Service Name (e.g. fs.contoso.com) · All users that connect to Office 365 will require a UPN that is known to the user (e.g. user@contoso.com) · The UPN domain suffix must be the domain that you choose to setup for single sign on. · The domain that you choose to federate must be registered as a public domain · Servers that will host ADFS 2.0 must be joined to the domain · Create a dedicated service account for ADFS Deploying ADFS 2.0 · Install your third party certificate in IIS · Install ADFS 2.0 software o http//www.microsoft.com/download/en/details.aspx?id=10909 · Run the ADFS 2.0 setup wizard and create your ADFS 2.0 server farm o For detailed instructions follow Microsoft’s deployment guide http//onlinehelp.microsoft.com/en-us/office365-enterprises/ff652539.aspx#bk_deployfsfarm o Ensure that the Federation Service Name matches your certificate Create a Relying Party Trust Between ADFS 2.0 and Office 365 · After you have successfully deployed your AD FS 2.0 infrastructure, you need to set up the relying party trust between your new AD FS 2.0 servers on-premises and Office 365 · After you, the administrator, have deployed Active Directory Federation Services 2.0, the next step to set up single sign-on (also called identity federation) is to download, install, and configure the Microsoft Online Services Module for Windows PowerShell. To do this, you must have the required software for the Microsoft Online Services Module. After you have downloaded and installed the module, you then run a series of cmdlets in the Windows PowerShell command-line interface to add or convert domains for single sign-on. The Microsoft Online Services Module for Windows PowerShell is a download that comes with Office 365. This module installs a set of cmdlets to Windows PowerShell; you run those cmdlets to set up single sign-on for Office 365. · Download the 32-bit module http//g.microsoftonline.com/0BD00en-US/85 · Download the 64-bit module http//g.microsoftonline.com/0BD00en-US/126 · Refer to the following Microsoft documentation in order to configure the Microsoft Online Services Module http//onlinehelp.microsoft.com/en-us/office365-enterprises/ff652560.aspx Setup Directory Synchronization · Install the Microsoft Online Services Directory Synchronization tool (http//onlinehelp.microsoft.com/en-us/office365-enterprises/ff652545.aspx#BKMK_InstallDirSyncTool) o To install the Directory Synchronization tool, follow these steps from the Office 365 portal. o In the header, click Admin. o On the Admin page, in the left pane, click Users. o At the top of the Users page, click the link next to Active Directory synchronization. o Under step 4, select either Windows 32-bit version or Windows 64-bit version, click Download, and follow the instructions to save the installation file on your computer. If necessary, copy the installation file to the computer on which it will be installed. o On the last page of the installation program, select Start Configuration Wizard now, and then click Finish. o The Microsoft Online Services Directory Synchronization Configuration Wizard starts. · Synchronize your directories o http//onlinehelp.microsoft.com/en-us/office365-enterprises/996fa36d-b4ea-441d-aacd-39a59a21b59f#BKMK_ConfigureTool Publishing ADFS 2.0 using ISA/TMG The following Steps should help you publish ADFS over ISA\TMG\IAG\UAG First Open ISA\TMG\UAG\IAG Right-Click Firewall Policy -> New-> Web Server Publishing Rule Enter Publishing Rule Name Federated Services Select Next through the next screens unless you are load balancing Enter the name of the URL (suggest this to be the same as the external URL and the IP of the server For the path /adfs/* select Forward host header Enter public name and the same path Create a new listener Add Certificate Always authenticate No Domain for authentication domain name Authentication Method No Authentication Port 443 and 80 Forward all HTTP to HTTPS Network select external IP address Click next Authentication Method select No delegation, and client can authenticate directly Make sure all users are selected Click Finish. Then Edit the rule and change the following Select the Link Translation Tab, Uncheck the Apply Link translation to this rule. Right Click The Rule and select HTTP and change General Tab, uncheck Verify Normalization and Block high bit characters boxes Click OK and Apply changes Alternatively Use the non-web server protocol publishing rule and select HTTPS Server as the protocol. If the default HTTPS Server protocol still doesn’t work, create a new protocol using port 443 so that the Filter is completely bypassed




Posted on:
Categories: Storage
Description:
A word of personal preference/advice I recommend mapping out the hardware and software configuration before you begin implementing. By this I mean, establish a logical map of your physical layout and work from this throughout the build. Map physical NIC ports and note the networking details associated with them. This will be a good reference point when actually building the environment. Steps Step-wise, the tasks to be completed when building an environment from scratch are as follows Build server OS and assign IP addresses accordingly to NICs (I recommend naming the NICs for their particular purpose prior to assigning IPs. A potential naming scheme could follow the template [node_card_port_purpose, eg. N1_intel1_P0_iSCSI1] ) You will be using at least 2 subnets depending on the purpose of the server. E.g. 192.168.1.x for regular server management traffic and 10.10.10.x for iSCSI Settings to be configured on switch for iSCSI traffic Flow control enabled Storm control disabled Jumbo frames enabled Configure V-lans for iSCSI network Connect to Equallogic management com port interface through putty and configure * grpadmin password * EQ member name * eth0 IP address (on 10.10.10.x network) * eth0 subnet * eth0 gateway (use fake gateway as there is likley * no gateway on network used for iSCSI) * group name * group IP address Connect to web GIU for EQ via group IP address and configure remaining interfaces for management eth1-iscsi (this will be on the 10.x network) eth2-mgmt (this will be on the 192.168.x network and will be the IP you use for the web interface from now on) Update SAN firmware (this is obtained from the Equallogic support site) Configure a storage pool then configure the member with RAID version desired Decide on weather or not to use authentication (in our tests we did not) Create any volumes required for the environment Download,install and run Host Integration Toolkit on each host (the HIT is provided from the Equallogic support site) Run HIT configuration for MPIO, in our testing the least queue depth option resulted in predictable utilization drops when stress testing) Connect to LUN’s via Microsoft iSCSI initiator and add to favorites Potential Issue When performing Microsoft JetStress testing on a CSV volume, we experienced predictable repetitive drops in iSCSI utilization on both NICs. This occurred when using the MPIO configuration for Least Queue Depth. When these were configured for Load Balancing, the utilization remained constant during the stress testing.