Author: Andreas Stenhall

Some time ago I migrated a client’s Small Business Server 2003 to a Small Business Server 2008. When migrating their WSS 2.0 SharePoint from the old server to the new one I ran into some problems. I just could not get access to the Operations or Application management in SharePoint Central Administration, with the  below event logged.

Log Name:      Application
Source:        ASP.NET 2.0.50727.0
Date:          2009-02-26 13:23:42
Event ID:      1314
Task Category: Web Event
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      CONTOSOSRV02.Contoso.local
Description:

Event code: 4007
Event message: URL authorization failed for the request.
Event time: 2009-02-26 16:21:50
Event time (UTC): 2009-02-26 15:21:50
Event ID: 0087e3fc2a3440178e6a801602c514f7
Event sequence: 113
Event occurrence: 6
Event detail code: 0
 
Application information:
    Application domain: /LM/W3SVC/1899589246/ROOT-1-128801351457937683
    Trust level: WSS_Minimal
    Application Virtual Path: /
    Application Path: C:\inetpub\wwwroot\wss\VirtualDirectories\4721\
    Machine name: CONTOSOSRV02
 
Process information:
    Process ID: 7888
    Process name: w3wp.exe
    Account name: CONTOSO\Administrator
 
Request information:
    Request URL: http://contososrv02:4721/_admin/operations.aspx
    Request path: /_admin/operations.aspx
    User host address: ::1
    User: CONTOSO\tempadmin
    Is authenticated: True
    Authentication Type: Negotiate
    Thread account name: CONTOSO\tempadmin

After doing som troubleshooting I got everything working by editing the web.config file of the C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\TEMPLATE\ADMIN directory. I simply added the line below to the file, saved it and then I could access the Operations and Application Management of SharePoint Central Administration.

<allow roles="CONTOSO\WSS_ADMIN_WPG" />

Case closed!

Today I faced a problem where I had to put different sites in IIS on the same SSL port which by default is 443. As you might know you cannot set more than one web site to use port 443 in the GUI of IIS Manager, and you can neither specify different host headers there. However you can put more than one web site on the SSL port by using the command line script as stated below. Run it from C:\inetpub\adminscripts but before you do, find out what the identifier for the site you want to enable SSL for is by clicking on “Web sites” in IIS Manager.

cscript.exe adsutil.vbs set /w3svc/1/SecureBindings
":443:intranet.contoso.com"

Make sure that the above command is put and run on one line and you are done. Please note that if you do not have a wildcard certificate installed (*.contoso.com) you will receive certificate warnings for one of the sites, as the certificate name will not match the host name.

I’ve seen quite an interesting behaviour of the DNS service in Windows Server 2008 for a long time without even thinking about the DNS service having a bug. Apparently there has been a fix for this issue out since summer time but it was not until Microsoft blogged about the bug a few days ago that it got my attention.

The problem is with secondary DNS zones that suddenly loses all (or many) records of the zone, which is not a very good thing I can tell you.

After reading through the description of the bug a couple of times I just sat there with my mouth open. This is exactly what I have been experiencing for some time now. So what is the moral of the story? Always check if it is bug!

Download and more info: KB953317 A primary DNS zone file may not transfer to the secondary DNS servers in Windows Server 2008

Recently I have had experience with a customer running Windows Vista on an Apple Macintosh computer. Quite interesting configuration setup and totally unsupported from Microsoft, and to be honest I have never seen so many errors and problems with hardware and drivers as with this machine. Anyway, trying to upgrade BootCamp to the latest version turned out to be a nightmare. Applying the latest BootCamp patch resulted in an instant error message: “Error applying transforms. Verify that the specified transform paths are valid”.

It didn’t take me long to figure out that this was caused by not using a system which is “all-American” but finding out exactly what to change took a bit longer. I soon learned that one have to edit the registry and making sure that the language code set there is changed to the US English code.

You do this by looking up the registry key HKEY_CLASSES_ROOT\Installera\Products \82654E0F812156845A61E8A84572A2CD and then changing the value of the REG_DWORD setting named “Language”. To be able to install Apple BootCamp update this setting must be 0x00000409 (1033).

The other day I implemented the Microsoft tool Access-based Enumeration tool for the first time with a customer. The tool installs on Windows Server 2003 and present you with a new tab when you choose Properties on shares on the server. When activated it will make sure that users on their client computers don’t see files and folders in Windows Explorer to which they do not have permission.

Download the Access-based Enumeration tool

In my latest posts I’ve been talking about the now released infrastructure for Windows SharePoint Services 3.0, an update that would solve the automatic workflow problem once and for all. The problem with workflows not being run automatically is now solved, but be aware that installing the infrastructure update (KB951695) alone does not resolve the problem.

To permanently resolve the problem one must also apply the command that is mentioned in KB953289: A declarative workflow that is configured to start automatically when e-mail enabled items are created does not start automatically after you install Windows SharePoint Services 3.0 Service Pack 1.

TechRepublic has written a post on how to Extract troubleshooting info from Windows XP BSOD error messages. This is good, but I must say that extracting even more information from the memory crash dump file is even better. If you’ve missed my guide on how to do this you have it right here:

Troubleshoot and analyze Blue Screens of Death

So finally Microsoft have released the infrastructure update which once and for all fixes the problem with automatic workflows not working in Windows SharePoint Services 3.0.

More information: Description of the Infrastructure Update for Windows SharePoint Services 3.0: July 15, 2008
More information: Issues that are fixed in Windows SharePoint Services 3.0 by the Windows SharePoint Services 3.0 Infrastructure Update
More information: A declarative workflow that is configured to start automatically when e-mail enabled items are created does not start automatically after you install Windows SharePoint Services 3.0 Service Pack 1 

Source: SharePoint blog

Many users that are using automatic workflows in Windows SharePoint Services 3.0 (WSS) have experienced problems with the workflows not running automatically after applying Service Pack 1 for WSS. According to Microsoft this is a feature because of changes to security. Anyway, Microsoft have had a KB article out (see KB947284) for a possible workaround on this since February but many people including myself has found this KB article to be useless as the problem remain after performing the steps mentioned in the article.

Anyway, after working with Microsoft Product Support Services on this issue for some weeks it seems that Microsoft soon will be done with a hotfix that once and for all will resolve the automatic workflow bug. I’m holding my thumbs!

Microsoft is now announcing some information about Windows Vistas successor with codename “Windows 7”. There wil be no all new kernel in “Windows 7”, instead Microsoft will improve the kernel from Windows Vista and make it more componentized.

Killer compatibility is something that is coming in “Windows 7”, as “all” applications and drivers that work in Windows Vista also will work in “Windows 7” thanks to “Windows 7” being based on the same kernel as Windows Vista. Looking forward to the beta program for “Windows 7”!