Microsoft Case Studies: Coca-Cola Enterprises and Microsoft Online Services

Recently posted:  A Microsoft Case Study examining Microsoft Online Services and Coca-Cola Enterprises.

Read more about this Microsoft Case Study here:  Coca-Cola Enterprises Tackles Competition with Microsoft Online Services

To read more Microsoft Online Services case studies visit https://partner.microsoft.com/40090617 or to learn more about Microsoft Online Services visit http://www.microsoft.com/online/default.mspx.

Quota Templates and Powershell

Continuing the series using Powershell and Microsoft SharePoint Products and Technologies, this weeks script sample illustrates how Powershell can be leveraged to programmatically provision Quota Templates in Windows SharePoint Services 3.0 and/or Microsoft Office SharePoint Server 2007.

Instructions

  1. Copy the source below into somefile.ps1.
  2. Copy the Xml source in QuotaTemplates.xml.
  3. In the Windows Powershell console call ./somefile.ps1

Source

#——————————————————————————-
# Function:    main
#
# Description:    Main entry point for the script.  Loads the configuration source
#        Xml and initializes the foreach loop to iterate over a
#         collection of Xml nodes.
#
# Parameters:    None
#——————————————————————————-

function main()
{
  [xml]$cfg = Get-Content .QuotaTemplates.xml

  if( $? -eq $false ) {
    Write-Host "Cannot load configuration source Xml $cfg."
    return $false
  }

  $cfg.Configuration.QuotaTemplates.QuotaTemplate | ForEach-Object {
    new-QuotaTemplates( $_ )
  }
}

#——————————————————————————-
# Function:     new-QuotaTemplates
#
# Description:     This script enables you to do programmatically what you can do
#         manually through the user interface in the SharePoint Site
#         Management section on the Central Administration Quota
#         Templates page.
#
# Parameters:     None
#——————————————————————————-

function New-QuotaTemplates( [object] $cfg )
{
  [Void][System.Reflection.Assembly]::LoadWithPartialName("Microsoft.Sharepoint")

  $webService = [Microsoft.SharePoint.Administration.SPWebService]::ContentService
  $quota=New-Object Microsoft.SharePoint.Administration.SPQuotaTemplate

  $quota.Name = $cfg.Name
  $quota.StorageMaximumLevel = $cfg.StorageMaximumLevel
  $quota.StorageWarningLevel = $cfg.StorageWarningLevel

  $webService.QuotaTemplates.Add($quota);

  $webService.Update();
}

main

Source Xml

<?xml version="1.0" encoding="utf-8"?>
<Configuration>
  <![CDATA[SPQuotaTemplate (Microsoft.SharePoint.Administration)]]>
  <QuotaTemplates>
    <QuotaTemplate Name="2GB">
      <StorageMaximumLevel>2097152000</StorageMaximumLevel>
      <StorageWarningLevel>1887436800</StorageWarningLevel>
    </QuotaTemplate>
    <QuotaTemplate Name="3GB">
      <StorageMaximumLevel>3145728000</StorageMaximumLevel>
      <StorageWarningLevel>2936012800</StorageWarningLevel>
    </QuotaTemplate>
    <QuotaTemplate Name="4GB">
      <StorageMaximumLevel>4194304000</StorageMaximumLevel>
      <StorageWarningLevel>3670016000</StorageWarningLevel>
    </QuotaTemplate>
    <QuotaTemplate Name="5GB">
      <StorageMaximumLevel>5242880000</StorageMaximumLevel>
      <StorageWarningLevel>4718592000</StorageWarningLevel>
    </QuotaTemplate>
    <QuotaTemplate Name="10GB">
      <StorageMaximumLevel>10485760000</StorageMaximumLevel>
      <StorageWarningLevel>9961472000</StorageWarningLevel>
    </QuotaTemplate>
    <QuotaTemplate Name="100GB">
      <StorageMaximumLevel>104857600000</StorageMaximumLevel>
      <StorageWarningLevel>99614720000</StorageWarningLevel>
    </QuotaTemplate>
  </QuotaTemplates>
</Configuration>

Interesting find on Event Id’s 3760 and 5586…

I was recently asked to look at an issue in which SharePoint would intermittently drop its connection to SQL.  Taking the typical course of action, I started looking at the Application Event Logs, Trace (ULS) logs, etc.  I noticed in the Application Event Logs event Id 3760 and 5586 occurred every hour on the hour.  The initial event Id 3760 indicated authentication issues, the Domain Controllers did not see issue that corresponded to the events reported by SharePoint; Scalable Networking Pack Features, MaxConcurrentAPI, etc. settings looked clean across the machines as well, event Id 5586 immediately followed event Id 3760.

Product:

Windows SharePoint Services
ID: 3760
Source: Windows SharePoint Services 3
Details:

SQL Database ‘<Configuration Database>’ on SQL Server instance ‘<SQL Server>’ not found. Additional error information from SQL Server is included below.

Cannot open database "<Configuration Database>" requested by the login. The login failed.
Login failed for user ‘<DomainUsername>’.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

 

Product:

Windows SharePoint Services
ID: 5586
Source: Windows SharePoint Services 3
Details:

Unknown SQL Exception 10060 occurred. Additional error information from SQL Server is included below.

An error has occurred while establishing a connection to the server.  When connecting to SQL Server 2005, this failure may be caused by the fact that under the default settings SQL Server does not allow remote connections. (provider: TCP Provider, error: 0 – A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.)

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

I did some research and came across Todd Carter’s post and considered IPSec as a potential problem, ran IPSec diagnostics, and eventually after parsing the diagnostic logs ruled out IPSec as a potential cause.  While walking through the environments’ configuration I noticed a SQL Server Connection Alias was implemented on the SharePoint WFE and application servers.  Typically a Connection Alias is used when an administrator would like to redirect a SQL connection with the existing SQL Server to another SQL Server instance on any machine or more commonly make a connection to a SQL Server using a specific protocol (e.g. TCP, Named Pipes, etc) with specific parameter (e.g. TCP port, pipe name), the database design consisted of two (2) SQL servers in a Database Mirroring architecture so the implementation of a Connection Alias was expected. 

While checking the information in the SQL Server Client Network Utility I noticed that the option to dynamically determine port was selected, since the SQL server instance was configured to listen on 1433 and not an alternative port, I configured the fixed port and protocol in the Client Network Utility.  NOTE When no port number is stored for the alias entry the DBNETLIB attempts to contact the server through a known UDP port to obtain the correct connection information to establish the connection.   After configuring the connection parameters to use the fixed port of 1433 the issue subsided.  Going back to the failures, parsing Trace Log data, the connectivity drops appeared to correlate to the execution of built-in Timer Jobs which taking the dynamic port detection into account seems to have been the cause of the problem.

Windows Rights Management Services, Microsoft SharePoint Products and Technologies, and Forest Boundaries

I recently was asked about the possibility of implementing Windows Rights Management Services with Microsoft Office SharePoint Server 2007 in a resource forest, or otherwise, the Microsoft Office SharePoint Server 2007 deployment was in a forest other than that where the users reside (login forest).  In this particular scenario, a one-way non-transitive trust was implemented, which provided an isolation boundary between the resource and login forest.

Microsoft Office SharePoint Server 2007 is generally supportive of the resource forest concept (see posts tagged Cross-Forest Hosting) however, with the Windows Rights Management Services (RMS) cluster in a forest other than that of the resource forest, problems will surface in that SharePoint will need to obtain a RMS user certificate / RAC (from the /_wmcs/certification pipeline) that is trusted by the RMS Licensing pipeline(s) configured in SharePoint 3.0 Central Administration – as a result there are two (2) requirements during the certification process that Microsoft Office SharePoint Server 2007 is unable to support when the RMS cluster resides outside of the resource forest:

  1. Authentication
  2. Boundaries

Authentication

Since Microsoft Office SharePoint Server 2007 is deployed in the resource forest, the identities associated with the individual IIS application pools are also most likely identities derived from the resource forest.  Those identities are not valid in the login forest because the one way trust is the wrong way in this particular scenario.

Boundaries

The RMS certification service can only issues certificates to identities from the same forest as the RMS cluster.

Possible Solutions

Deploy an RMS certification cluster in the resource forest and configure the RMS server in the login forest to trust the user certificates issues from this server or optionally (haven’t tested this theory ;-)), implement identities for the IIS application pools from the login forest.

The result of an implementation that does not meet the requirements of RMS will be presented in the Event Log on the front-end Web servers as:

Event Type:        Error

Event Source:    Windows SharePoint Services 3

Event Category:                IRM

Event ID:              5058

Date:                     6/10/2009

Time:                     8:47:07 PM

User:                     N/A

Computer:          <WFE_SERVER>

Description:

Information Rights Management (IRM): There was a problem while trying to activate a rights account certificate.

Unspecified connection error. Try activating again later.

Additional Data

Error value: 8004cf3b

Server URL: /_wmcs/certification">/_wmcs/certification">/_wmcs/certification">https://<RMS_CLUSTER>/_wmcs/certification

Event Type:        Error

Event Source:    Windows SharePoint Services 3

Event Category:                IRM

Event ID:              5133

Date:                     6/10/2009

Time:                     8:47:07 PM

User:                     N/A

Computer:          <SERVER>

Description:

Information Rights Management (IRM): There was a problem while obtaining a Rights Management Services (RMS) group identity certificate (GIC).

A GIC is an essential credential that allows a user to read/view rights protected documents.

Additional Data

Error value: 8004cf3b