10 August, 2012

What's New in Windows Server 2012 Active Directory

You can divide the "what's new" categories in Windows Server 2012 Active Directory into two roughly equal parts: brand new and merely improved. Either way, you're going to like what you see.

New Features:

Let's take a look at the new high-level features, starting with the brand-new functions:

GUI for Recycle Bin Microsoft introduced the Active Directory Recycle Bin in Windows Server 2008 R2, but it was limited by its Windows PowerShell-only exposure. This time it gets a GUI.

UI for Fine-Grained Password Policies Also gaining a GUI are fine-grained password policies.

Dynamic Access Control (DAC) Windows Server 2008 R2 brought the File Classification Infrastructure (FCI). This version's DAC adds far greater functionality to the (optional) second layer of FCI resource authorization.

Windows PowerShell History Viewer You see the Windows PowerShell commands that correspond to actions you perform in the Active Directory Administrative Center UI.

Windows PowerShell Cmdlets for Active Directory Replication and Topology More cmdlets

Active Directory-Based Activation (ADBA) The good: ADBA eliminates the need for a Key Management Service server. The bad: Only forthcoming Windows 8 computers can leverage ADBA. Seriously, Microsoft?

Flexible Authentication Secure Tunneling (FAST) The nickname for FAST is "Kerberos armoring," if that tells you anything. It isn't enabled by default and requires clients that support it. Think you'll be using it anytime soon?

Refreshed Features

Now let's move on to the merely improved bits:

Virtual Snapshot and Cloning Support Active Directory and hypervisor snapshots didn't mix before. Now they do, if your hypervisor supports VM Generation ID.

ADPREP Integrated into DC Promotion Can't recall the proper steps to promote a member server to a DC? No worries, it's in there.

Active Directory Federation Services (ADFS) Now In-Box Adding ADFS no longer requires a separate installation. ADFS also gains multiple improvements. Watch this space, because you'll be seeing and using more ADFS in the years to come.

Domain Join via DirectAccess One word: Nifty! Nine words: Computers can now be domain-joined over the Internet. You'll need DirectAccess first. Trust me: You'll want it.

Kerberos Constrained Delegation (KCD) Across Domains Another of those capabilities you've probably never used, but probably will in the future. KCD was first introduced in Windows Server 2003. Now it can span domains.

Group Managed Service Accounts (GMSAs) MSAs in Windows Server 2008 R2 made administering service accounts easier. GMSAs in this version extend their support to clustered and load-balanced services.

While individually these new features might not seem like a lot, as a group they're a good reason to step up your Active Directory to Windows Server 2012 as soon as you can. 

If you know about some more features please do let me know.

Cannot read from source file or disk error while using explorer view

The Explorer View is an excellent feature that is integrated with windows SharePoint Services that allows a user to access a document library as if you were accessing a file system through a Windows Explorer window.
Being end users, everyone might feel that this is very easy to use. But there are multiple complex interactions happening with different technologies to make documents which are not present in file systems to viewable using explorer.
Problem Description:
While trying to cut and paste files or folders from one document library to another using windows explorer view, the following error message may occur:

“Cannot read from source file or disk”.

This issue cannot be reproducible in a Windows XP environment; however this can be reproducible in Vista / Windows 7 / Windows 2008 / Windows 2008 R2. Here are some Scenarios when you do cut and paste of files / folders:

- MOVE between sites collections in the same web application works with XP
- MOVE between sites collections not in the same web application works with Vista and 7
- MOVE between two mapped drives (using net use command where one connected to site col1, and the second one connected to site col2) works with Vista and 7 (within a same web application, or between two webs application)

Two workarounds are available so select anyone as per the flexibility.
1: COPY and PASTE the required data; then DELETE the files instead of using CUT and PASTE.
2: Create two mapped drives using "net use" command. Then complete CUT/PASTE between the mapped drives.  
If you have any queries/questions regarding the above mentioned information then please let me know. Thank you.

SharePoint 2010: Site Collection Administrator does not receive storage quota alerts

To help manage site and server resources, an administrator of the local server computer can specify quotas that are used to limit the amount of storage available on a site and the number of users that are added to a site collection. These quotas help to ensure that one site cannot deplete so many resources that other sites can no longer function.

The server administrator can use locks to stop sites from exceeding the storage quota limits, and to block all users from accessing a site if necessary.
A user is a SharePoint Site Collection Administrator. The Site Collection reaches its quota, and has passed the warning limit. However, the user does not receive a warning email message. 

Probable causes:
This issue occurs because the warning email message only goes to the Site Owner.

To resolve this issue, validate that the user is not the Site Owner. To do this, follow these steps: 
1)      Log on to any server of the farm. 
2)      Open Central Administration. 
3)      Application Management, and then
4)      Click View All Site Collections.  
5)      Find the site in question.  
6)   Notice the "Primary administrator." 

The primary site collection administrator will be the user who receives quota alerts. If the customer has to change this, we can run the following cmdlet:

stsadm -o siteOwner -url <Site Collection> -ownerLogin <Domain\Alias>

If you have any queries/questions/doubts regarding the mentioned information then please let me know. I would be more than happy to help you as well as resolves your issues :)

People Picker control gets spell checked on a custom layout page: SharePoint 2010

Happy Friday to all of you :)

People Picker is configured at the zone level for a farm by using the Stsadm setproperty operation. By configuring the settings for the control, you can filter and restrict the results that are displayed when a user searches for a user, group, or claim. Those settings will apply to every site within the site collection.

Problem Description:
While editing a custom layout page that contains a people picker control, you spell check the page. The spell check returns a large number of errors on the people picker control.

Probable Causes:
During the page editing process, SharePoint looks for text that are spell checking candidates. The text is included unless the control is explicitly marked for exclusion by a non-public attribute or by having its class set to 'ms-spellcheck-false'.
The people picker control fails both tests and its text, in xml format, is included in the spelling chunks.

Add a small custom code to override the above behavior and exclude the control from the spell checking. Follow the steps listed below:
1.   Launch SharePoint Designer and from the File Menu, choose Sites.

2.   Open your site and from the site objects menu on the left, select Page Layouts.

3.   From the list of page layouts on the right panel, right click on the page with the issue (the one containing the people picker control) and select “Edit File in Advanced Mode”.  

Note: If the page is not checked-out, you will get a prompt for it. Click ‘Yes' for it.
For the next steps, refer to the following code example:
Step 1

On the HTML that defines the control, add an ID property if one does not exist already. You will need this ID for the next step. Your page should resemble something like this:
            Contact:<SharePointWebControls:UserField FieldName="Publishing Contact" runat="server" ID="PeoplePicker1">
Step 2

before the last statement on the page (the </asp: Content> tag), add the following script:
 <script type="text/javascript">

function OverrideSpelling(){ 
   var $fld_in = document.getElementsByTagName('input'); 
   var $fld_tx = document.getElementsByTagName('textarea'); 
   for( $i = 0; $i < $fld_in.length; $i ++ ) {
      var $inputName = $fld_in[$i].getAttribute('name');   
      if($inputName.indexOf('PeoplePicker1') != -1) {
         $fld_in[$i].className = 'ms-spellcheck-false';   

   for( $i = 0; $i < $fld_tx.length; $i ++ ) {
      var $inputName = $fld_tx[$i].getAttribute('name');   
      if($inputName.indexOf('PeoplePicker1') != -1) {
1.   Note the bold value on the function argument. You will need to use the same ID that was used on the control declaration.
Save the page and try the spell check now.

3.   The page should now exclude the people picker control from the spell check.

If you have any queries/questions regarding the above mentioned information then please let me know. I would be more than happy to help you as well as resolves your issues :) Happy SharePoint to all of you :)