SharePoint On Premises vs. SharePoint Online (Office 365)

Listing of notable limitations of SharePoint Online for Enterprise

Sites Types

  • Single public facing site
  • Multiple internal/private sites (top level is a Team Site).
    *There are no web applications.  All sites must exist under a single web application using separate site collections

Data Storage Limitations

  • Tenant storage: 10 GB + 500 MB per subscribed user + additional storage purchased.  For example, if you have 10,000 users, the base storage allocation is approximately 5 Terabytes (10 GB + 500 MB * 10,000 users).
  • Site collection: Hard limit of 100GB
  • Overall subscription limit: 25TB

External Users

Per MS: “An external user is a person who has been granted access to your SharePoint Online site, but who is not a licensed user within your organization. External users are users who are not employees, contractors, or onsite agents for either you or your affiliates.”

  • Maximum number of external users: 10,000
  • External users cannot create their own My Sites or OneDrive Pro
  • Cannot change their profile, edit picture or see tasks
  • Cannot be an administrator for a site collection
  • Cannot access search center or execute searches against “everything”

Missing Features/Services in SharePoint Online (365)

Missing: Central Administration

Does not exist in SharePoint Online (SPO), rather there is an “SharePoint Admin Center”

Office365-SharePoint-Admin-Center

Missing: Web Application Management / Managed Paths

  • Starts at the Site Collection level
  • All sites, other than the public and top level team site, must exist under the “.sharepoint.com/sites/” area

Office-365-Managed-Paths-Options

Missing: Full Trust Solutions

You can only create Sandbox and App model solutions.  3rd party solutions would need to be in this format.

Missing: Search Control and Index

  • Unable to set crawl schedules
  • Unable to initiate crawl (default is ~5 minutes)
  • Unable to create custom solutions against Search Index
  • Unable to add entity extraction (custom refiners)
  • Unable to enhance relevancy (custom ranking models)
  • No federated search

Missing: Cross site publishing

Per MS: “Cross-site publishing is a new publishing method that lets you create and maintain content in one or more authoring site collections and publish this content in one or more publishing site collections by using Search Web Parts. Cross-site publishing complements the already existing publishing method, author-in-place, where you use a single site collection to author content and make it available to readers of your site.”

Missing: Content by search

(Content by search allows content to be displayed in a web part via search.  One of the top features of SP13.)

Unavailable SharePoint Services

  • Access Services 2010
  • PerformancePoint Service
  • PowerPoint Automation Service
  • State Service
  • User and Health Data Collection Service*
    *(Office 365 provides separate health info in admin center)
  • Word Automation Service
  • Work Management Service
  • Microsoft Foundation Subscription Settings Service

Branding Limitations

Adding a custom design to the internal site “Team Site” is a bit counter intuitive.  The option to select a MasterPage is not available under “Site Settings.”  You must upload the MasterPage to the MasterPage gallery, along with a “Preview” file.  Then, you must create a “Composed” look.  From there it will be available under the “Change the Look” feature.  I hope to detail this out more in a future post.

Other Notable Limitations

  • Migration must be done remotely
  • Disks cannot be shipped
  • Cannot control upgrade schedule
  • BCS security concerns about opening local data up to the cloud

A detailed feature comparison from Microsoft:

http://technet.microsoft.com/en-us/library/jj819267.aspx

Another consideration: hybrid environment

http://technet.microsoft.com/en-us/library/jj838715.aspx

Another consideration: Azure hosted

http://msdn.microsoft.com/en-us/library/windowsazure/dn275958.aspx

Modify “Upload To” (“Destination Library”) Choices For Discussions

I will start out with a caveat by saying that I have not tried this script on 2013.  However, the “Upload file” dialog also has an iframe like 2010, so I believe it should work, or will work with some minor alterations.

The problem we had is that users have permissions to contribute to multiple document libraries, however, for a specific discussion board, we wish to have them upload their attachments (when not using the “Attach File” option, but rather the “Upload file” option), to a specific document library.  The beauty of having the users create their posts using this method is that it allows the content to be directly embedded in the post itself, rather than having to click on the “View Properties” link to get to the attachment.

doc-libraries

SharePoint however, does not present a way to modify the list of upload locations it presents.  Whilst browsing the interwebs, I did find ways that recommend modifying the underlying aspx pages, however, trying to adhere to what Microsoft recommends, I never modify these pages unless it has been recommended.

upload-embed-attachment

Undesired choice appears in “Upload Document” select box:

upload-location-choices

Find the value of the option we wish to remove:

find-choice-to-remove
Add the following script to your masterpage. This assumes you already have a reference to jQuery lying around. You may need to update the “live” reference to “on” if you have a new version.

//for removing the load detecting

var hideRibbonTimeout = 0;

var newButtonPresent = false;

 

//check to see if this the discussion board we want to trim

if (jQuery('#s4-titlerow a:contains(Product)').length > 0) {

       setTimeout(HideRibbonButton, 10);

}

//replace the current "Upload File" button to override the SharePoint button

function HideRibbonButton() {

       $('a[id*="UploadFile-Large"]').replaceWith('<a class="ms-cui-ctl-large newDialog" id="btnUpload" aria-describedby="Ribbon.EditingTools.CPInsert.Links.UploadFile_ToolTip" mscui:controltype="Button" role="button" id="Ribbon.EditingTools.CPInsert.Links.UploadFile-Large"><span unselectable="on" class="ms-cui-ctl-largeIconContainer"><span unselectable="on" class=" ms-cui-img-32by32 ms-cui-img-cont-float"><img unselectable="on" alt="" src="/_layouts/1033/images/formatmap32x32.png" style="top:-224px; left: -64px;"></span></span><span unselectable="on" class="ms-cui-ctl-largelabel">Upload<br>File</span></a>');

       if (jQuery('.newDialog').length> 0) {

              newButtonPresent = true;

       }

       hideRibbonTimeout++;

       if (hideRibbonTimeout < 1000) {

              if (newButtonPresent == false{

                     setTimeout(HideRibbonButton, 10);

              }

       }

}

//handle the "Upload File" click and create our own upload

$('#btnUpload').live('click'function () {

       newButtonPresent = true;

       SP.UI.ModalDialog.showModalDialog({

              url: L_Menu_BaseUrl + "/_layouts/RteUploadDialog.aspx?LCID=1033&Dialog=UploadDocument&UseDivDialog=true",

              title: "Upload a file",

              dialogReturnValueCallback: function (result, value) {

                     if (result == SP.UI.DialogResult.OK) {

                           //adds the link to the body of the discussion post

                           $('.ms-rtestate-write').append($(value));

                     }

              }

       });

       setTimeout(function () {         

       //finds the upload choice dialog box

              var dlg = SP.UI.ModalDialog.get_childDialog();

              if (dlg != null) {

                     var dlgWin = $("html"window.parent.document);

                     //get the iframe with the select box

                     var dlgCont = $(dlgWin).find("#dialogTitleSpan:contains('Upload a file')").parent().parent().parent().find('iframe');

                     //remove the option we want taken out

                     $(dlgCont).contents().find("#ctl00_PlaceHolderRteDialogBody_TargetList option[value='3141e042-d74f-440d-b836-a82b79a576f5']").hide();

              }

       }, 1000);

});

 

Upload choice has been removed and users are now directed to upload to the correct document library.

choice-removed

ADFS Authentication Unable To Connect To Reporting Services (Workaround)

When trying to set up a datasource in SharePoint 2013 with Reporting Services Integration, if you want to pass through the user’s identity to the report, you will get an error if you try to use the “Windows authentication (integrated) or SharePoint User”.  This is because SharePoint does not allow for SAML / ADFS auth to go through using the build in C2WTS.

Can not convert claims identity to windows token. This may be due to user not
 logging in using windows credentials.

saml-ssrs-beforeThere is a workaround for this that does not require any extra programming, however, it may be an  inconvenience to your users.  Set the mode as “Prompt for credentials” and then check the “Use as windows credentials” checkbox.

saml-ssrs-after

This will allow reporting services to connect to the datasource using the users’ Windows auth account, and allow the report to run.  The downside is they will have to enter their user name and password whenever they want to run the report.

saml-ssrs-enter-username-pw

Success!

saml-ssrs-report-runs

Reporting Services Content Type Names – Wrong Display Names

If you have upgraded from SharePoint 2010 to 2013, and find that the Content Type titles look a bit odd for Reporting Services content types, you may want to change those to something more familiar.  There is a relatively simple fix.

For example, they appear as:

$Resources:ReportServerContentTypeGroup;

   $Resources:DataSourceContentTypeName; Document Home
   $Resources:ReportBuilderContentTypeName; Document Home
   $Resources:ReportBuilderModelName; Document Home

Correct display:

Report Server Content Types

   Report Builder Model Document Home
   Report Builder Report Document Home
   Report Data Source Document Home

So for example, when to create a new report library, and you start adding content types for your reports, you may see something like this:

poorly-named-content-types

To fix this, go to “Site Actions”, “Site Settings.” Click on “Site Content Types.”

navigate-to-content-types

Click on the content type you need to update, and then click on “Name, description, and group”

content-type-settings

Change the title text for the three content types, and give it a group.  For instance:

Report Data Source
Report Builder Model
Report Builder Report

Group: Reporting Services

rename-content-type

Once you have done that, go back into your library, and delete out the previous content types, and re-add them.

updated-content-types

You should then get the correct names displayed when you need to add a new reporting file.

updated-titles

Reporting Services – System Settings (Error: Sorry something went wrong)

While trying to set up Reporting Services for SharePoint 2013, I ran into a “Something went wrong” message in Reporting Services.

The confusing part is that I was able to provision SQL Server Reporting Services, both verifying that the service was indeed “STARTED” and that I had successfully created a service application and proxy using the GUI from Central Admin.

new-ssrs-app

service-started

reporting-services-application

reporting-services-system-s

Clicking on the application (“Reporting Services”) brought me to the configuration area, however, when I went in to set it up, I received an error message stating: “Sorry, something went wrong”.

sorry-something-went-wrong

This left me scratching my head. I determined that the SQL 2012 feature: “Reporting Services – SharePoint” must not have been successfully installed.

To check this, you will want to go to C:\Program Files\Common Files\microsoft shared\Web Server Extensions\15\WebServices.  Once here, look for the “Reporting” folder.

directory-before

As you can see, there is no “Reporting” folder.  It is missing entirely.  To remedy this, I first attempted to install the feature via my SSRS 2012 SP1 installation disc.

install-step-1

install-step-2 install-step-3 install-step-4

However, when I got the step that would allow me to install the feature, it indicated it had already been installed.

install-step-5

Thus I thought the solution was to re-install it, but this was as far as the SQL 2012 SP1 disc would take me in terms of reinstalling.  To get around this, I first attempted to uninstall the  feature through Control Panel / Programs.  However, that gave me an error message :  ‘Install-SPRSServiceInstall-SPRSService’ is not recognized, when I got to the final uninstall step.

I unprovisioned the service application in Central Admin, and STOPPED the service on the server, and tried again. No luck.

Also , attempting to uninstall the application through Powershell yielded the same “not recognized” results using the following uninstall commands:

Install-SPRSService -uninstall
Install-SPRSServiceProxy -uninstall

Finally, I discovered a solution.  It turns out that the full installation disc for SQL 2012 SP1 apparently was not sufficient.  Instead, just the SP1 exe need to be installed on top of what is already there, not the full install of SQL 2012 SP1, but just the SP1 bits.

Download it here: http://www.microsoft.com/en-us/download/details.aspx?id=35575

Be sure to choose the correct download, and not the full version.

download-sql2012-sp1-only

After grabbing this, run the install.

run-sp1-install

Verify that that “Reporting” folder is now present.

directory-after

Finally, you can provision your services:

Install-SPRSService
Install-SPRSServiceProxy
get-spserviceinstance -all |where {$_.TypeName -like "SQL Server Reporting*"} | Start-SPServiceInstance

new-ssrs-app

service-started

reporting-services-application

Then click on “System Settings” in your app.

system-settings-success

Success!!!

Multi-tenancy / Site Subscriptions

One of the benefits of SharePoint 2013 is its ability to scale property for use in a multitenant environment.  In addition to having isolated webs, it also provides for isolation within service applications.  This means, that for instance, Company A can have a web that provides search results that are completely isolated from Company B.  Of those that can be partitioned, some of the most important are the BDC, Search, Managed MetaData and the Secure Store.  Here are the SharePoint 2013 Service Applications that can be partitioned.

Partionable:

Business Data Connectivity
Managed Metadata
Machine Translation Service
Search
Secure Store
User Profiles (via Profile Sync)
Word Automation Service

Non-Partionable:

Access Services
App Management Service
Excel Services
Performance Point
Subscription Settings
State Service
Usage and Health
User Profiles (via AD Import)
Visio Services
Work Management Service

The key way SharePoint takes advantage of multi-tenancy capabilities is through Site Subscriptions.  Site subscriptions allow grouping of Site Collections of the same Web Application to consume the same features and service information.  The key thing to remember is that a site can only have one subscription at a time, and that it has to be managed through powershell.  Once a subscription is set up the service application can be partitioned.

To create a new subscription:

$subscription = New-SPSiteSubscription
Set-SPSite -Identity http:// mydomain.com/sites/billing  -SiteSubscription $subscription

Partioning:

When creating your service application, such as search, add:

-Partitioned

when creating the service in Powershell.

SharePoint Site Not Prompting for ADFS logon, Automatic Windows Auth in IE instead

After migrating “My Sites” from SharePoint 2010 to SharePoint 2013, I wanted to convert the My Sites to claims and then move it over to ADFS 2.0 authentication.   I had no issues with migrating other SP2010 sites to SP13 ADFS claims.  After going through the process for My Sites, I was able to use Chrome and sign into the main site, and then clicking on the “My Site” link will took me to my correct migrated My Site / Profile by logging me in through ADFS.

In IE, however, this was a completely different story.  I could sign into the main site with ADFS just fine.  However, clicking on “My Site”, or navigating there directly took me straight in without ever prompting me to log in via ADFS.  It was defaulting to Windows Auth, even though I had turned off NTLM, and it created a NEW profile for me using my Windows credentials instead of using my existing claims based profile.

Even toggling off “Enable Windows Authentication” in Central Admin under “Authentication Providers” did not stop this from happening.  Windows Auth continued to persist even after disabling this.


It turns out the issue was on the client side (IE), which was to be expected.  The first thing I did was disable all the “Trusted Sites” and “Local Intranet” settings in IE, also turning off “Enable Integrated Windows Authentication”.  This however left me with a windows login prompt.

Finally, as a last attempt, I cleared out my cache in IE.  That did the trick.  Apparently an old cookie was somehow getting picked up and prompting me for Windows Auth instead of the desired ADFS auth.

AppFabricCachingService – Service Status: Unknown

I ran into a bit of an issue where one of our SharePoint 2013 farm servers was acting unusual when it came to the AppFabricCachingService. When logging in, we were getting some errors, which showed up in the logs as being related to the cache.  If you are having similar issues, you may want to try some of the following steps:

Starting the Distributed Cache Service

First, verify that it is showing as “Started” in Central Admin on the offending server under “Services on Server”.  If you are having trouble starting it, as I have occasionally experienced in Central Admin, try manually starting “AppFabric Caching Service” under “Administrative Tools”,  “Services.”  Then run :

$instanceName =”SPDistributedCacheService Name=AppFabricCachingService”
$serviceInstance = Get-SPServiceInstance | ? {($_.service.tostring()) -eq $instanceName -and ($_.server.name) -eq $env:computername}
$serviceInstance.Unprovision()
Then:
$instanceName =”SPDistributedCacheService Name=AppFabricCachingService”
$serviceInstance = Get-SPServiceInstance | ? {($_.service.tostring()) -eq $instanceName -and ($_.server.name) -eq $env:computername}
$serviceInstance.Provision()
You may need to reboot occasionally during this process of trying to get things back in working order.

Server Status: Unknown

The issue I ran into was when running “Get-CacheHost”, it a returned status of “Unknown” for one of the servers.

As first course, reprovisioning the service is a good start. I verified that the service was indeed running on the server in Central Admin, and the ran the following PowerShell on the troublesome server:

Remove-SPDistributedCacheServiceInstance

$instanceName ="SPDistributedCacheService Name=AppFabricCachingService"

$serviceInstance = Get-SPServiceInstance | ? {($_.service.tostring())
-eq $instanceName -and ($_.server.name) -eq $env:computername}

$serviceInstance.delete()

Add-SPDistributedCacheServiceInstance

Use-CacheCluster

Get-CacheHost

If you run this on the local server, and it is still showing as “Unknown” when running “Get-CacheHost”, you may need to run:

Start-CacheHost

It will prompt you to enter the name of your server, and the port.  After this, check your work by running Get-CacheHost again.

Running this indicated that all the services were “UP” across our servers, but this was when running Get-CacheHost on the troublesome server. When running Get-CacheHost on the other servers, we still got indications of status “Unknown”.

Check the Firewall Settings

This left me to think that perhaps the problem was not related to the service itself. Sure enough, when attempting to ping the troublesome server from one of the other servers, I received a “Request timed out” message.

I went into Windows Firewall and changed the settings to match the incoming settings of those on the other servers that were not having an issue. I attempted to reprovision the service again after that, and it began to work.

Restart Windows Time to Ensure Servers are in Sync

Another problem I discovered that can occur in situations like this is if the time on the servers gets out of sync.  This can also cause issues with the cache.  What you will want to do in this scenario is navigate to “Services” on the offending server, and restart “Windows Time.”

Change the CacheCluster Size

Another useful setting I found was to make all the hosts have the same size cache.  If you find one of them is not set to the same size as the other run (changing the CacheSize accordingly):

Stop-CacheCluster
Set-CacheHostConfig -CacheSize 1000 -HostName server1 -CachePort 22233

Specified host is not present in cluster

If you receive “Specified host is not present in cluster” when attempting to get the service up and running, you may want to run the following scripts:

First, check to see if it returns a correct entry.

Get-CacheHostConfig –ComputerName server1.contoso.com -CachePort 22233

That will give you the details for the servers cluster information, which should look like:

HostName        : server1.contoso.com
ClusterPort     : 22234
CachePort       : 22233
ArbitrationPort : 22235
ReplicationPort : 22236
Size            : 1229 MB
ServiceName     : AppFabricCachingService
HighWatermark   : 99%
LowWatermark    : 90%
IsLeadHost      : True

If it does not, and you get an error of “Specified host is not present in cluster.” Then try the following script:

Register-CacheHost –Provider [provider] –ConnectionString [connectionString]
-Account "NT AuthorityNetwork Service" -CachePort 22233 -ClusterPort 22234 -ArbitrationPort 22235
-ReplicationPort 22236 –HostName [serverName]

For “provider” and “connectionString” check the DistributedCacheService.exe.config , under “C:\Program Files\AppFabric 1.1 for Windows Server”, which will look like:

<clusterConfig provider=”SPDistributedCacheClusterProvider” connectionString=”Data Source=sql.contoso.com;Initial Catalog=SharePoint_Config;Integrated Security=True;Enlist=False” />

Restart Cache Cluster

Finally, if you are still experiencing issues getting the server to start, you may want to try restarting the Cache Cluster:

Restart-CacheCluster

Finally, if you are still having issues, I would heartily recommend this post, as it is the most useful one I have run across:  http://mmman.itgroove.net/2013/07/fixing-the-appfabric-cache-cluster-in-sharepoint-2013/

Here is a useful video for getting oriented with the cache service:

Upgrade SharePoint 2010 My Sites to SharePoint 2013

There seems to be a lack of information out there regarding upgrading SharePoint 2010 My Sites to SharePoint 2013.

If you try to do a straight “Mount-SPContentDatabase” to a new web application.  This will work partially, as you will be able to get to your “My Site”, however, when trying to go into “Site Settings” or “Site Permissions”, you will get a “404 – File Not Found” for a lot of the back-end system files.

The best way I have found is to set up the My Site Host first in SharePoint 2013, and then run a Mount-SPContentDatabase on your old SharePoint 2010 My Sites database.

1. Backup your WSS_Content_UserSites

2. Restore it to your SharePoint 2013 SQL as a new database

3. In Central Admin, go to “Application Management”, “Manage Web Applications”, choose “New”

4. Once the site is created, choose to “Create a new site collection”, and select the “Enterprise” tab, and “My Site Host” as the type.

5. Once the My Site Host is created, you can attach your 2010 My Sites database:

Mount-SPContentDatabase -Name WSS_Content_UserSites -WebApplication https://mysites.contoso.com

6. Finally, go into your User Profile Service (Application Management -> Manage Service Applications -> User Profile Service).  Click on “Setup My Sites”

7. Enter your My Site Host in the area provided, and don’t forget to add the appropriate groups to “Read Permission Level”

Restoring Local (Farm / Self-Signed) Certificate in SharePoint 2013

If you accidentally delete or overwrite your “local” SharePoint certificate, you may find random things breaking such as Visio or Excel web parts, or things that require authentication.

You can check to see what certificate you have installed, and see if this might be the case by typing the following in Powershell:

Get-SPTrustedRootAuthority

Examine the “local” entry. If it does not say “SharePoint Root Authority” for the certificate, you will need to fix this. It should look something like this if it is correct:

If your cert does not look like the one above, and you have a multi-server farm, you should still be in luck. Log on to one of the other servers, and fire up SharePoint Management Shell.

Type the following:

$localCert = (Get-SPCertificateAuthority).RootCertificate
$localCert.Export("Cert") | Set-Content "C:\localCert.cer" -Encoding byte
Log on to the machine with the incorrect certificate (likely your Central Admin server), and copy the exported certificate there.  Again in PS:
Get-SPTrustedRootAuthority

Find the “Id” for the “local” certificate.
Import the certificate.
$localCert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2("c:\localCert.cer")

Using the Id you noted above for the “Identity”:
Set-SPTrustedRootAuthority -Identity "3e20f374-6d2e-4115-bbb8-40d9dd803d5d" -Certificate $localCert

Finally, check your work:
Get-SPTrustedRootAuthority

This should put you back in business.