Wednesday, May 25, 2011

Configuring RBS for SharePoint 2010

The following posts details configuration of Remote Blob Storage (RBS) for SharePoint 2010 and SQL Server 2008 R2.

First download the RBS provider for SQL Server 2008 (don’t install it yet):

Configure file stream for the SQL Server Service using the Configuration Manager:


Execute the following SQL queries:

EXEC sp_configure filestream_access_level, 2


Execute the following SQL to set up a master encryption key and blob store file group:

use WSS_Content  if not exists (select * from sys.symmetric_keys where name = N'##MS_DatabaseMasterKey##')
create master key encryption by password = N'Admin Key Password !2#4'  if not exists (select groupname from sysfilegroups where 
groupname=N'RBSFilestreamProvider')alter database WSS_Content  add filegroup RBSFilestreamProvider contains filestream  alter database [WSS_Content] add file (name = RBSFilestreamFile, filename = 'c:\Blobstore') 
to filegroup RBSFilestreamProvider

Install the RBS provider with the following command (change DBINSTANCE to your SQL server instance):

msiexec /qn /lvx* rbs_install_log.txt /i RBS_X64.msi TRUSTSERVERCERTIFICATE=true FILEGROUP=PRIMARY DBNAME="WSS_Content" DBINSTANCE="SP2010" FILESTREAMFILEGROUP=RBSFilestreamProvider FILESTREAMSTORENAME=FilestreamProvider_1

If installing RBD on production servers, be sure to run on all WFE’s with the following command (again, change the DBINSTANCE):

msiexec /qn /lvx* rbs_install_log.txt /i RBS_X64.msi DBNAME="WSS_Content" DBINSTANCE="SP2010" ADDLOCAL=”Client,Docs,Maintainer,ServerScript,FilestreamClient,FilestreamServer”

Run the following Power Shell script from the SP2010 Management Console:

$cdb = Get-SPContentDatabase –WebApplication http://sp2010

$rbss = $cdb.RemoteBlobStorageSettings





Now create a document library in SharePoint and upload an image to it. Next visit the c:\blobstore directory and look for the GUID sub folder with recent date. Keep drilling down until you find a file. You should see a file with GUID name. Drop this into IE and you should see that it is the same file you uploaded to your document library.

SharePoint 2010 - The Security Token Service is not available

I am in the process of setting up a SharePoint Foundation 2010 machine. After installing SharePoint Foundation 2010 I noticed a warning in the Central Admin > Review problems and solutions report that the Security Token Service is not available.


The Security Token Service is not available.
The Security Token Service is not issuing tokens. The service could be malfunctioning or in a bad state.
SPSecurityTokenService (SecurityTokenService)

The problem ended up being that the default configuration of the IIS Application Pools were set to 32-bit:


When SharePoint was installed all of the application pool accounts were added with 32-Bit enabled which prevented the SharePoint application pools from starting. I had corrected this for the Central Admin site and also the root SharePoint site but the application pools for the Security Token Service were still set to use the 32-Bit application which was preventing the service from starting.

Changing this setting in each of the application pools (there were several created so check them all) fixed the issue and then the warning went away.

SharePoint 2010 Health Analysis

The SharePoint 2010 Health Analyzer is a great way of getting information about the state of your SharePoint farm. It checks things including disk space and database fragmentation and other security, performance and configuration issues. If the health analyzer finds issues you are presented with a message when you browse to the Central Administration site. There is also a link to find out details of all problems that were found.


To run all the jobs immediately fire up a SharePoint 2010 Management Shell as a farm administrator and drop in the following PowerShell:
$jobs = Get-SPTimerJob | Where {$_.DisplayName -match "Health Analysis Job"}
foreach($job in $jobs) {
  Write-Host "Running" . $job.DisplayName

You should now see any problems appear in the Health Analyzer screen, ready for you to address while you are on site before the client sees an angry red message when they use Central Administration the next day. Note this can take a few seconds to update so check the timer job history or the modified column to ensure the latest results are showing.


Once you have fixed the issues you can either run the PowerShell again or check the rules individually using the Reanalyze Now button that is displayed within each problem.


As a side note some of the common non-trivial messages are:

Missing server side dependencies.

Explanation: [MissingWebPart] WebPart class [8d6034c4-a416-e535-281a-6b714894e1aa] is referenced [6] times in the database [AdminContentDB], but is not installed on the current farm. Please install any feature/solution which contains this web part. One or more web parts are referenced in the database [AdminContentDB], but are not installed on the current farm. Please install any feature or solution which contains these web parts.

Solution: Following the steps in the article Missing Server Side Dependencies – 8d6034c4-a416-e535-281a-6b714894e1aa to browse to the SearchAdministration.aspx and SearchFarmDashboard.aspx in Central Administration and perform an iisreset seemed to fix the issue for me.

The server farm account should not be used for other services.

Explanation: DOMAIN\spfarm, the account used for the SharePoint timer service and the central administration site, is highly privileged and should not be used for any other services on any machines in the server farm. The following services were found to use this account: User Profile Synchronization Service(Windows Service)

Solution: Unfortunately I don’t have an easy fix for this one (assuming it is referring to the User Profile Service – any other services should not be running as the farm account). Spence and Spence on TechNet both indicate the farm account must be used to run the User Profile Synchronization service application. Changing this to any other managed account seems to break the UPS app so if you know how to avoid this please let me know.

Verify that the Activity Feed Timer Job is enabled

Explanation:The newsfeed displayed on My Site and Profile pages uses the Activity Feed Timer Job. Without this timer job, no newsfeed will be available on My Site and Profile pages. This also applies to any third-party product that uses this newsfeed.

Solution: Start the User Profile Service Application – Activity Feed Job from the Monitoring > Job Definitions page in Central Administration.

NetBIOS Domain Name and Fully Qualified Domain Name don’t match

If the NetBIOS domain name and it’s fully qualified name do not match there is additional configuration necessary. This does not effect provisioning, but it will prevent sync from working. You must do the steps below in the correct order, otherwise you will encounter problems with the SyncDB. Do them in the correct order!

Additional Permissions (Do this first)

  • The Synchronization Connection account must have Replicating Directory Changes on the cn=Configuration naming context. You can also perform this using the Advanced Features view of ADUC if you wish.
    1. Start… Run… ADSIEdit.msc
    2. Connect to the Configuration Partition
    3. Right click the configuration partition and choose properties
    4. From the Security tab, add the Synchronization Connection account and give it Replicating Directory Changes permissions

Configure the User Profile Service Application to support NetBIOS names

  • You do this after creating the service application, but before provisioning the UPS Service Instance.
  • Run the following Windows PowerShell:
    1$upsa = Get-SPServiceApplication –Id $upsa.NetBIOSDomainNamesEnabled=1
    3# To get the GUID of the User Profile Service Application run Get-SPServiceApplication.

Now we can go ahead and provision UPS and configure our Synchronization Connections.

Note: the December 2010 Cumulative Update breaks this capability and after setting NetBIOSDomainNamesEnabled, you will not be able to create Synchronization Connections. If you need this capability, do not install the December 2010 CU!

This issue is resolved in the February 2011 CU. Once you have applied the CU and then set the property of the UPA, perform an IIS Reset before attempting to create sync connections.

Live@Edu SSO Sharepoint 2010 WebPart and Webservice

Project Description
LiveAtEduSSOLinks is a work around for to offer Single-Sign-On links in Sharepoint to LiveAtEdu accounts.

Its Written in C# for VS 2010 and currently in early beta as it is built off similar projects for Sharepoint 2007 that I found here on Codeplex.

Written by Chris Towles at Northern Kentucky University.

For the mean time I've taken down the code and have cleaned it up and rewritten parts of it. Email me if your interested or post on my blog.

Requirements: You must have the Microsoft the Windows LiveID SSO Kit. if you haven't already done this go
to the Live@edu service management portal (, select Single sign-on. Then, click Request SSO Support to request the SSO SDK and certificate.

I've written a install guide for setting up the SSO at

Components: This project contains 2 components, all designed allow single click login from SharePoint 2010 to Microsoft® Live@EDU service.
•A Web Service that requests a token from the Windows Live@EDU service and forms a valid SSO URL.
•A SharePoint 2010 web part to call the web service and redirect the User to the URL.

This project is a extension of the work done at

How to configure single sign-on in TMG

1. In the Forefront TMG Management console, in the tree, click the Firewall Policy node.


2. In the Tasks pane, click the applicable Web publishing rule.

3. On the Tasks tab, click Edit Selected Rule. (or just double-click rule)


4. On the Listener tab, click Properties.


5. On the Authentication tab, verify that Method clients use to authenticate to Forefront TMG is set to HTML Form Authentication.


6. On the SSO tab, select Enable Single Sign On.

7. Under Specify the Single Sign On domains for this Web listener, perform the following steps for the Web sites for which you want to allow single sign-on (SSO).

8. Click Add.

9. Type the SSO domain for two or more Web sites.


10. Click OK.

11. In the details pane, click Apply, and then click OK.

Note (From TMG Help):
With SSO, users can click a link on a Web page supplied by one Web site and move safely to another Web site without having to supply their credentials again.

Single sign-on is available for Web sites that are published by rules that use the same Web listener. The Web listener must be configured to use HTML forms-based authentication, and SSO must be enabled for it.

SharePoint Server 2010 OOTB web Parts

The categories and web parts are as follows:-

List and Libraries

Announcements – Use this list to track upcoming events, status updates or other team news

Calendar – Use the Calendar list to keep informed of upcoming meetings, deadlines, and other important events

Links - Use the Links list for links to Web pages that your team members will find interesting or useful

Shared Documents – Share a document with the team by adding it to this document library

Site Assets – Use this library to store files which are included on pages within this site, such as images on Wiki pages

Site Pages – Use this library to create and store pages on this site

Tasks – Use the Tasks list to keep track of work that you or your team needs to complete

Team Discussions – Use the Team Discussion list to hold newsgroup-style discussions on topics relevant to your team

Business Data

Business Data Actions – Displays a list of actions from Business Data Connectivity

Business Data Connectivity Filter – Filters the contents of Web Parts using a list of values from the Business Data Connectivity

Business Data Item – Displays one item from a data source in Business Data Connectivity

Business Data Item Builder – Creates a Business Data item from parameters in the query string and provides it to other Web Parts

Business Data List – Displays a list of items from a data source in Business Data Connectivity

Business Data Related List – Displays a list of items related to one or more parent items from a data source in Business Data Connectivity

Chart Web Part – Helps you to visualize your data on SharePoint sites and portals

Excel Web Access – Use the Excel Web Access Web Part to interact with an Excel workbook as a Web page

Indicator Details – Displays the details of a single Status Indicator. Status Indicators display an important measure for an organization and may be obtained from other data sources including SharePoint lists, Excel workbooks, and SQL Server 2005 Analysis Services KPIs.

Status Lists – Shows a list of Status Indicators. Status Indicators display important measures for your organization, and show how your organization is performing with respect to your goals.

Visio Web Access – Enables viewing and refreshing of Visio Web Drawings

Content Rollup

Categories – Displays categories from the Site Directory

Content Query – Displays a dynamic view of content from your site

Relevant Documents – Displays documents that are relevant to the current user

RSS Viewer – Displays an RSS feed

Site Aggregator – Displays sites of your choice.

Sites In Category – Displays sites from the Site Directory within a specific category

Summary Links – Allows authors to create links that can be grouped and styled

Table Of Contents – Displays the navigation hierarchy of your site

Web Analytics web Part – Displays the most viewed content, most frequent search queries from a site, or most frequent search queries from a search center

WSRP Viewer – Displays portlets from web sites using WSRP 1.1

XML Viewer – Transforms XML data using XSL and shows the results


Choice Filter – Filters the contents of Web Parts using a list of values entered by the page author

Current User Filter – Filters the contents of Web Parts by using properties of the current user

Date Filter – Filter the contents of Web Parts by allowing users to enter or pick a date

Filter Actions – Use the Filter Actions Web Part when you have two or more filter Web Parts on one Web Part Page, and you want to synchronize the display of the filter results

Page Field Filter – Filters the contents of Web Parts using information about the current page

Query String (URL) Filter – Filters the contents of Web Parts using values passed via the query string

SharePoint List Filter - Filters the contents of Web Parts by using a list of values

SQL Server Analysis Services Filter – Filters the contents of Web Parts using a list of values from SQL Server Analysis Services cubes

Text Filter – Filters the contents of Web Parts by allowing users to enter a text value


HTML Form Web Part – Connects simple form controls to other Web Parts

InfoPath Form Web Part – Use this Web Part to display an InfoPath browser-enabled form

Media and Content

Content Editor – Allows authors to enter rich text content

Image Viewer – Displays a specified image

Media Web Part – Use to embed media clips (video and audio) in a web page

Page Viewer - Displays another Web page on this Web page. The other Web page is presented in an IFrame

Picture Library Slideshow Web Part – Use to display a slideshow of images and photos from a picture library

Silverlight Web part – A web part to display a Silverlight application

Outlook Web App

My Calendar – Displays your calendar using Outlook Web Access for Microsoft Exchange Server 2003 or later

My Contacts – Displays your contacts using Outlook Web Access for Microsoft Exchange Server 2003 or later

My Inbox – Displays your inbox using Outlook Web Access for Microsoft Exchange Server 2003 or later

My Mail Folder – Displays your mail folder using Outlook Web Access for Microsoft Exchange Server 2000

My Tasks – Displays your tasks using Outlook Web Access for Microsoft Exchange Server 2003 or later


PerformancePoint Filter – This web part displays PerformancePoint filters. Filters may be linked to other web parts to provide an interactive dashboard experience. Filter types include lists and trees based on a variety of data sources

PerformancePoint Report – This web part displays PerformancePoint reports. Reports may be linked to other web parts to create an interactive dashboard experience. Report types include: Analytic charts & grids, Strategy Maps, Excel Services, Reporting Services, Predictive Trend charts, and web pages

PerformancePoint Scorecard – This web part displays a PerformancePoint scorecard. Scorecards may be linked to other web parts, such as filters and reports, to create an interactive dashboard experience.

PerformancePoint Stack Selector – This web part displays a PerformancePoint Stack Selector. All PerformancePoint web parts, such as filters and reports, contained in the same zone will be automatically stacked and selectable using this web part.


Advanced Search Box – Displays parameterized search options based on properties and combinations of words.

Dual Chinese SearchUsed to search Dual Chinese document and items at the same time.

Federated Results – Displays search results from a configured location

People Refinement Panel – This webpart helps the users to refine people search results

People Search Box – Presents a search box that allows users to search for people

People Search Core Results – Displays the people search results and the properties associated with them.

Refinement Panel – This webpart helps the users to refine search results

Related Queries – This webpart displays related queries to a user query

Search Action Link – Displays the search action links on the search results page

Search Best Bet – Displays high-confidence results on a search results page.

Search Box – Displays a search box that allows users to search for information.

Search Core Results – Displays the search results and the properties associated with them

Search Paging – Display links for navigating pages containing search results.

Search Statistics – Displays the search statistics such as the number of results shown on the current page, total number of results and time taken to perform the search.

Search Summary – Displays suggestions for current search query

Search Visual Best BetDisplays Visual Best Bet

Top Federated Results – Displays the Top Federated result from the configured location

Social Collaboration

Contact Details – Displays details about a contact for this page or site.

Note Board Enable users to leave short, publicly-viewable notes about this page.

Organization Browser – This Web Part displays each person in the reporting chain in an interactive view optimized for browsing organization charts.

Site Users – Use the Site Users Web Part to see a list of the site users and their online status.

Tag Cloud – Displays the most popular subjects being tagged inside your organization

User Tasks – Displays tasks that are assigned to the current user.

What’s New – This Web part shows new information from specified lists and libraries

Whereabouts – Use to display Whereabouts information.

SharePoint 2010 Version Comparison Table

SharePoint 2010 Version Comparison




Access ServicesNo
Advanced Content ProcessingNo
Advanced SortingNo
Audience TargetingNo
Basic SortingNo
Best BetsYesYesYes
Browser Based CustomizationsYesYesYes
Business Connectivity ServicesYesYesYes
Business Data Connectivity ServiceYesYesYes
Business Connectivity Services Profile PageNo
Business Data Integration with the Office ClientNo
Business Data Web PartsNo
Business Intelligence CenterNo
Business Intelligence Indexing ConnectorNo
Calculated KPIsNo
Claims-Based AuthenticationYesYesYes
Chart Web PartsNo
Click Through RelevancyNo
Client Object Model (OM)YesYesYes
Colleague SuggestionsNo
Colleagues NetworkNo
Compliance EverywhereNo
Configuration WizardsYesYesYes
Connections to Microsoft Office ClientsYesYesYes
Connections to Office Communication Server and ExchangeYesYesYes
Content OrganizerNo
Contextual SearchNo
Data Connection LibraryNo
Decomposition TreeNo
Deep RefinementNo
Developer DashboardYesYesYes
Document SetsNo
Duplicate DetectionNo
Enterprise Scale SearchNo
Enterprise WikisNo
Event ReceiversYesYesYes
Excel ServicesNo
Excel Services and PowerPivot for SharePointNo
External Data ColumnYesYesYes
External ListsYesYesYes
Extensible Search PlatformNo
Extreme Scale SearchNo
Federated SearchNo
High-Availability ArchitectureYesYesYes
Improved GovernanceYesYesYes
Improved Backup and RestoreYesYesYes
Improved Setup and ConfigurationYesYesYes
InfoPath Forms ServicesNo
Keyword SuggestionsNo
Language Integrated Query (LINQ) for SharePointYesYesYes
Large List Scalability and ManagementYesYesYes
Managed AccountsYesYesYes
Managed Metadata ServiceNo
Metadata-driven NavigationNo
Metadata-driven RefinementNo
Mobile ConnectivityYesYesYes
Mobile Search ExperienceNo
Multilingual User InterfaceYesYesYes
Multistage DispositionNo
Multilingual User InterfaceYesYesYes
My ContentNo
My NewsfeedNo
My ProfileNo
Note BoardNo
Organization BrowserNo
Out-of-the-Box Web PartsYesYesYes
Patch ManagementYesYesYes
People and Expertise SearchNo
PerformancePoint ServicesNo
Permissions ManagementYesYesYes
Phonetic and Nickname SearchNo
Photos and PresenceYesYesYes
Query Suggestions, “Did You Mean?”, and Related QueriesNo
Quota TemplatesYesYesYes
Read-Only Database SupportYesYesYes
Recent ActivitiesNo
Recently Authored ContentNo
Relevancy TuningNo
Remote Blob Storage (SQL Feature)YesYesYes
REST and ATOM Data FeedsYesYesYes
Ribbon and Dialog FrameworkYesYesYes
Rich Media ManagementNo
Rich Web IndexingNo
Sandboxed SolutionsYes
Search ScopesNo
Secure Store ServiceNo
Shared Content TypesNo
SharePoint 2010 Search Connector FrameworkNo
SharePoint DesignerYesYesYes
SharePoint Health AnalyzerYesYesYes
SharePoint ListsYesYesYes
SharePoint RibbonYesYesYes
SharePoint Service ArchitectureYesYesYes
SharePoint Timer JobsYesYesYes
SharePoint WorkspaceYesYesYes
Similar ResultsYesYesYes
Silverlight Web PartYesYesYes
Site SearchYesYesYes
Solution PackagesYesYesYes
Status UpdatesYesYesYes
Streamlined Central AdministrationYesYesYes
Support for Office Web AppsYesYesYes
Tag CloudsNo
Tag ProfilesNo
Tags and Notes ToolNo
Thumbnails and PreviewsNo
Tuneable Relevance with Multiple Rank ProfilesNo
Unattached Content Database RecoveryYesYesYes
Unique Document IDsYesYesYes
Usage Reporting and LoggingYesYesYes
Visio ServicesNo
Visual Best BetsNo
Visual Studio 2010 SharePoint Developer ToolsYesYesYes
Visual UpgradeYesYesYes
Web AnalyticsNo
Web PartsYesYesYes
Windows 7 SearchNo
Windows 7 SupportYesYesYes
Windows PowerShell SupportYesYesYes
Word Automation ServicesNo
Workflow ModelsYesYesYes
Workflow TemplatesNo

SharePoint Configuring Keywords and Best Bets

Keywords and Best Bets can be easily configured by a site collection owner. As always, you start with the Site Actions menu, and select Site Settings. Since Search is configured at the site collection level, if you are in a sub-site you will need to click through to "top level site settings" in order to get the page below.

Click the "Search Keywords" link. This will bring you to the Manage Keywords page.

The Manage Keywords page looks and operates much like a SharePoint list. You have the toolbar with its Add button, for example. Notice though, that it has a somewhat different search bar. Search can be very important here because you could end up generating a lot of keywords. The "where" drop down gives you the ability to look up keywords various ways.

In addition, there are some predefined views listed in the Quick Launch area. These provided an appropriately reduced list based on information entered into the keyword definition. When you click Add Keyword, you are presented with this form, which is also used to edit existing keyword definitions.

Again, it looks a lot like any other list form in SharePoint.

There is only one required field - the keyword itself. Of course, a keyword alone doesn't do much to help your users. The Synonyms field allows you to register other terms your users might enter which should bring up the same results. For example, if your company president's name is "Selma Superior" you might have that as a keyword, with synonyms of CEO, Managing Director, President, or even Big Cheese. From that point on, any of these terms will return the entry associated with the keyword.

Note: Remember that the keyword/best bets system is independent of the primary search service. Synonyms you enter here will not affect regular results. To achieve a similar effect there, you need to edit the Thesaurus files on the SharePoint Servers.

Once you have used a term as a keyword or synonym, the system knows it has already been used, prevents you from using it again in another keyword definition. This can help you avoid creating ambiguous results.

The best bets are links to the actual pages or documents you want your users to find when they enter the keyword or its synonyms. When you click "Add Best Bet," you will see the form listed below.

In addition to the link itself, you can provide some descriptive text. You can have multiple best bets on a keyword. You can also associate the same best bet with multiple keywords. Using the earlier example, one of the Best Bets for the CEO might be the Executive Committee's Newsletter/Blog. That location could be equally valid for the CFO and CIO.

You can enter some descriptive text, which will be shown along with any matching results. You can also use the keyword feature for time-sensitive information by entering a start and end date for the keyword's display, and review date to ensure the content is still valid. The contact information allows you to distribute ownership of different keyword entries, as well as automatically notify people when entries are due for review.

The results from keywords and best bets are displayed on the default SharePoint results page above the results from the standard search.

The keyword search system has its own web parts for displaying results. If you are creating your own results page, you will need to add either a "Search Best Bets" or "High Confidence Results" web part to that page.

More Ways to use SharePoint Keywords and Best Bets

Earlier I pointed out that most of the fields in a keyword configuration are optional. While it is true that a keyword "by itself" isn't very useful, there are a lot of ways you can use keywords that go beyond highlighting particular pages and files in your corpus. This is one of the big benefits of the system being independent of the primary search. Here are just a few examples:

Policy Flags

You can bring critical company information to the users' attention before they even click into a document:

  • Description text for obscene keywords might bring up the actual text of the company's profanity or abuse policy, without showing the offensive word itself.
  • Searches for "financials" might display a warning that any public release of financial information must go through the PR department.
DisambiguationIn the case where a word could have several meanings, you can describe each definition, and provide appropriate detail links.
AnnouncementsUse the time-stamp to ensure that searches for the Phoenix Office note that it is closed for remodeling.
"Sponsored" linksEveryone wants "their" content listed first in search results. If it fits in with your resource charge-back model and information management policy, let them pay for premium placement.
Direct InformationThe real purpose of search is to help people find what they need. If the information can be shown directly in the result set, why make them click through to a document? This could be useful for a glossary of your industry's buzzwords, for example.
External LinksEven when you do enter a link, there is no requirement that it be within your intranet corpus, or even within your company. This can be handy for such things as industry association web sites, or maybe an index of clients or competitors