Hi All,
After so long...started playing around so thought of sharing my findings with you.
Today I tried to enable Recycle bin in AD on Windows server 2008 R2. This is ultra cool new feature in Windows server 2008 R2 and prevent from tiring NTDSUTIL AD restores.
In Windows Server 2003 and Windows Server 2008, a deleted Active Directory object was not physically removed from the database immediately. Instead, the object’s distinguished name (also known as DN) was mangled, most of the object’s non-link-valued attributes were cleared, all of the object’s link-valued attributes were physically removed, and the object was moved to a special container in the object's naming context (also known as NC), named Deleted Objects. The object, now called a tombstone, became invisible to normal directory operations. Tombstones could be reanimated anytime within the tombstone lifetime period and become live Active Directory objects again.
Windows Server 2008 R2 Active Directory Recycle Bin helps minimize directory service downtime by enhancing your ability to preserve and restore accidentally deleted Active Directory objects without restoring Active Directory data from backups, restarting AD DS, or rebooting domain controllers. When you enable Active Directory Recycle Bin, all link-valued and non-link-valued attributes of the deleted Active Directory objects are preserved and the objects are restored in their entirety to the same consistent logical state that they were in immediately before deletion. For example, restored user accounts automatically regain all group memberships and corresponding access rights that they had immediately before deletion, within and across domains.
1. PREREQUISITES:
1. All the domain controllers must be running Windows server 2008 R2
2. Forest and domain must be on Windows server 2008 R2 functional level.
(if you need to raise the mode, it can be done through raising functional level via "Active directory users and groups" and "Active directory domains and trusts".
2. Enable Recycle Bin
Recycle bin in AD is DISABLED by Default. It can be enabled using Powershell command or using LDP.exe:
===============================================================================
PS C:\Users\Administrator>
PS C:\Users\Administrator> Enable-ADOptionalFeature -Identity `CN=Recycle Bin Fe
ature,CN=Optional Features,CN=Directory Service,CN=Windows NT,CN=Services,CN=Con
figuration,DC=vda,DC=com' -Scope ForestOrConfigurationSet -Target `vda.com'
WARNING: Enabling 'Recycle Bin Feature' on
'CN=Partitions,CN=Configuration,DC=vda,DC=com' is an irreversible action! You
will not be able to disable 'Recycle Bin Feature' on
'CN=Partitions,CN=Configuration,DC=vda,DC=com' if you proceed.
Confirm
Are you sure you want to perform this action?
Performing operation "Enable" on Target "Recycle Bin Feature".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help
(default is "Y"):y
PS C:\Users\Administrator>
=====================================================================================Change "VDA" and "COM" accordingly as being used in your environment.
3. In Active Directory, Create a User "User1" under OU "OU1"
Make sure that "Prevent from accidental deletion is not Checked for both objects
(to check, in AD users and computers consle, click on view and check -> Advanced Features. Now right click on the object (User1 or OU1) and click on Object tab, you will see the setting.
4. Delete the user(User1) and the OU (OU1)
5. Check the deleted user via powershell: (MAKE SURE TO CHANGE DOMAIN NAME IN COMMAND ACCORDINGLY)
=============================================
PS C:\Users\Administrator> Get-ADObject -SearchBase "CN=Deleted Objects,DC=vda,D
C=com" -ldapFilter "(objectClass=*)" -includeDeletedObjects | Format-List Name,O
bjectClass,ObjectGuid
Name : Deleted Objects
ObjectClass : container
ObjectGuid : 2deca7ad-1fca-4389-80d4-053c86c93302
Name : User1
DEL:7e9e5ddc-efcc-432d-882d-948f1f12782f
ObjectClass : user
ObjectGuid : 7e9e5ddc-efcc-432d-882d-948f1f12782f
Name : OU1
DEL:8a24a21c-cd96-41f7-b6e0-98565721805b
ObjectClass : organizationalUnit
ObjectGuid : 8a24a21c-cd96-41f7-b6e0-98565721805b
=================================================================
6. Restore the object via POWERSHELL:
================================================================
1. First Restore the OU1 through it's Object GUID from command above
PS C:\Users\Administrator> Restore-ADObject -identity 8a24a21c-cd96-41f7-b6e0-98
565721805b
PS C:\Users\Administrator>
2. Restore User1 using it's GUID from the command above
PS C:\Users\Administrator> Restore-ADObject -identity 7e9e5ddc-efcc-432d-882d-94
8f1f12782f
PS C:\Users\Administrator>
Go to Active directory users and computer and you will see OU1 and User1 under it.
Hope you enjoyed going through this feature..
Thanks For reading
Wednesday, March 28, 2012
Friday, April 16, 2010
I am Happy
Why?
I have been contributing my technical knowledge with the sharepoint community through the medium of Microsoft technet forum on sharepoint. I am glad to share that I have corssed another Mile today by earning my THIRD MEDAL today with 2002 score.
My total posts as of now are 389 with 107 Answers.
Long way to go to earn the next one at 7500, but will get it for sure.
Just wanted to share the happiness with you and thanks for support.
I have been contributing my technical knowledge with the sharepoint community through the medium of Microsoft technet forum on sharepoint. I am glad to share that I have corssed another Mile today by earning my THIRD MEDAL today with 2002 score.
My total posts as of now are 389 with 107 Answers.
Long way to go to earn the next one at 7500, but will get it for sure.
Just wanted to share the happiness with you and thanks for support.
Wednesday, March 31, 2010
users that have the surveys in the incomplete or saved status
While working on Surveys on Sharepoint, the strange question that we generally face is that, the number of surveys is different than the total surveys shown in the list.
Mostly, the reason is “incomplete surveys”. Also, we are asked many times about the list of users that have the surveys in the incomplete or saved status but unfortunately there is no direct method in the SharePoint UI which allow you to see this.
Today I came across the same question where list had 4 survey count but in the list there was not any survey response and the mystery again was incomplete surveys but it raised the same question, which users are these that have not completed the survey?
While moving through different forums, got the following SQL statement which can be run against the content database of the site collection and get the user name.
Select userdata.tp_author,
(Select tp_Title from UserInfo where UserInfo.tp_ID=userdata.tp_author and tp_siteID='SiteID') As UserName
from USERDATA
where tp_ListId like 'LISTID'
and tp_level = 255
Now, SiteID and LISTID are the fields that needs to be inserted.
1. For Site ID, Open Central administration -> application management->site administrators-> Select the site collection and Site ID is shown in the URL.
2. For List ID, Open the List with Admin account, click on settings->target Audience settings. LIST ID is the in the URL like {LISTID}.
Hope this will Help
Mostly, the reason is “incomplete surveys”. Also, we are asked many times about the list of users that have the surveys in the incomplete or saved status but unfortunately there is no direct method in the SharePoint UI which allow you to see this.
Today I came across the same question where list had 4 survey count but in the list there was not any survey response and the mystery again was incomplete surveys but it raised the same question, which users are these that have not completed the survey?
While moving through different forums, got the following SQL statement which can be run against the content database of the site collection and get the user name.
Select userdata.tp_author,
(Select tp_Title from UserInfo where UserInfo.tp_ID=userdata.tp_author and tp_siteID='SiteID') As UserName
from USERDATA
where tp_ListId like 'LISTID'
and tp_level = 255
Now, SiteID and LISTID are the fields that needs to be inserted.
1. For Site ID, Open Central administration -> application management->site administrators-> Select the site collection and Site ID is shown in the URL.
2. For List ID, Open the List with Admin account, click on settings->target Audience settings. LIST ID is the in the URL like {LISTID}.
Hope this will Help
Monday, January 11, 2010
My meeting with BLOB in Sharepoint
I have been working with Microsoft Sharepoint technologies since long and the question I always had somewhere in my mind was... how does the physical file gets stored into the Sharepoint database?Database itself runs on .MDf and .ldf files so saving a file into a database is pouring a file into file.
Last night I tried to scratch the question and was amazed to see the sky above me. BLUE..Deep Blue sky.
My first blog read was of Kyle:
http://www.kyletillman.net/blog/post/SharePoint_External_Binary_Store-PartI.aspx
She explained much and a line of it is "Out of the box WSS stores all binary content in the application’s Content database in the AllDocStreams.Content column (which is an image type". SO there is something that turns the file into a Binary and pushes it into the SQL database as Binary content.
Link from the same carried my mind packed to MSDN article:
http://msdn.microsoft.com/en-us/library/bb802976.aspx
This one is awseome and tells clearly "BLOB storage routed the binary data stream associated with a SharePoint file to the Microsoft SQL Server content database, which it shared with the site's structured data. Under that scenario, when you invoked a Save command on the SharePoint file, a parser in the Save path recognized the Save command and promoted a parcel of metadata out of the file stream. Then the metadata, along with the BLOB associated with the file, was stored in the SQL Server content database".
Diagram:
.gif)
Image above is from Microsoft MSDN site: http://i.msdn.microsoft.com/Bb862195.be761d13-4bb4-44d2-aece-b8d99d9d7536(en-us,office.12).gif
This is great working model of Sharepoint storage and further I checked that developers may develop their own applications and use SQL BlOb storage capabilities.
Now, the question came in when I further dig into the rabbit hole and found that storing Large Blobs being unstructured are not best suited for SQL Server and may reduce the performace and cause fragmentation. There are many discussion articles and forums talking about the same and Microsoft's work on doing even better on BLOB Storage in SQL Server 2005 and much better in SQL Server 2008.
Finally the research article from MS put more focus into what the architecture asks for.
http://research.microsoft.com/pubs/64525/tr-2006-45.pdf
Most of such articles advocates storing data larger than 256KB - 1 MB on filesystem than SQL server. Default MAx upload size for a single file in MOSS is 50 MB which is Much Much larger than the 1 MB, so further, I found that it is the
chunk size whichdetermines the amount of data that the client retrieves in one go when opening a document. For example, if a client tries to open a document of 50MB and the chunk size is 10MB, the document is divided and retrieved in 5 chunks. Each chunk will be loaded into the memory of both the WFE handling the request and SQL Server. The default chunk size is 5MB and you can adjust the chunk size by issuing the following stsadm command:
Stsadm.exe -o setproperty -pn large-file-chunk-size -pv
(courtsey: http://www.lcbridge.nl/vision/2008/largefiles.htm)
but it seems that the WEBDAV doesnt use the chunk size and hence try to load the complete 50 MB file into the memory and hence causes failure with Large files sometimes.
WIth WSS SP1, Microsoft extended the Stroage and exposed the API for external Blob storage where the Large files may get stored on the filesystem and the matadata along with Binary ID would get into the Database.
THis would be just very Opaque to the Application as this would happen under the Storage Access Stack and THe sharepoint object model.
This being Grey area was not much worked uponin this Version of Sharepoint but with SHarepoint 2010, Microsoft has done great work with BLOB storage and the functionality is into the product.
I am going to try BLOB in Sharepoint 2010 and will share in my next post...
Thanks for reading
Last night I tried to scratch the question and was amazed to see the sky above me. BLUE..Deep Blue sky.
My first blog read was of Kyle:
http://www.kyletillman.net/blog/post/SharePoint_External_Binary_Store-PartI.aspx
She explained much and a line of it is "Out of the box WSS stores all binary content in the application’s Content database in the AllDocStreams.Content column (which is an image type". SO there is something that turns the file into a Binary and pushes it into the SQL database as Binary content.
Link from the same carried my mind packed to MSDN article:
http://msdn.microsoft.com/en-us/library/bb802976.aspx
This one is awseome and tells clearly "BLOB storage routed the binary data stream associated with a SharePoint file to the Microsoft SQL Server content database, which it shared with the site's structured data. Under that scenario, when you invoked a Save command on the SharePoint file, a parser in the Save path recognized the Save command and promoted a parcel of metadata out of the file stream. Then the metadata, along with the BLOB associated with the file, was stored in the SQL Server content database".
Diagram:
Image above is from Microsoft MSDN site: http://i.msdn.microsoft.com/Bb862195.be761d13-4bb4-44d2-aece-b8d99d9d7536(en-us,office.12).gif
This is great working model of Sharepoint storage and further I checked that developers may develop their own applications and use SQL BlOb storage capabilities.
Now, the question came in when I further dig into the rabbit hole and found that storing Large Blobs being unstructured are not best suited for SQL Server and may reduce the performace and cause fragmentation. There are many discussion articles and forums talking about the same and Microsoft's work on doing even better on BLOB Storage in SQL Server 2005 and much better in SQL Server 2008.
Finally the research article from MS put more focus into what the architecture asks for.
http://research.microsoft.com/pubs/64525/tr-2006-45.pdf
Most of such articles advocates storing data larger than 256KB - 1 MB on filesystem than SQL server. Default MAx upload size for a single file in MOSS is 50 MB which is Much Much larger than the 1 MB, so further, I found that it is the
chunk size whichdetermines the amount of data that the client retrieves in one go when opening a document. For example, if a client tries to open a document of 50MB and the chunk size is 10MB, the document is divided and retrieved in 5 chunks. Each chunk will be loaded into the memory of both the WFE handling the request and SQL Server. The default chunk size is 5MB and you can adjust the chunk size by issuing the following stsadm command:
Stsadm.exe -o setproperty -pn large-file-chunk-size -pv
(courtsey: http://www.lcbridge.nl/vision/2008/largefiles.htm)
but it seems that the WEBDAV doesnt use the chunk size and hence try to load the complete 50 MB file into the memory and hence causes failure with Large files sometimes.
WIth WSS SP1, Microsoft extended the Stroage and exposed the API for external Blob storage where the Large files may get stored on the filesystem and the matadata along with Binary ID would get into the Database.
THis would be just very Opaque to the Application as this would happen under the Storage Access Stack and THe sharepoint object model.
This being Grey area was not much worked uponin this Version of Sharepoint but with SHarepoint 2010, Microsoft has done great work with BLOB storage and the functionality is into the product.
I am going to try BLOB in Sharepoint 2010 and will share in my next post...
Thanks for reading
Wednesday, December 30, 2009
SQL ALIAS: Replacing SQL Server in Sharepoint FARM
Hey Techies,
I have come across situations many times where organisations decide to switch thier Sharepoint databases to another SQL Instance, Replace SQL server for different reasons including upgrading to new version.
I tried to Use SQL Alias for such requirement and it worked just fine for me.
My Test configuration:
1.Mac1 - DC+DNS+SQL
2.Mac2 - MOSS WFE and Query,
3.Mac3 - MOSS App and Index Box.
Here I wanted to replace Mac1 with a New Machine Mac1B.
Plan:- As Mac1 had Imporant roles, I decided to proceed one by one starting with AD then DNS and finally SQL . Please Move directly to Step L below incase you are not intrested in AD and DNS transfer.
A. Installed another machine Mac1B,connected it to the Network and joined to the Domain.
B. Configured Mac1B as ADC and Global Catalog Server (GC).
C. Installed DNS on the Mac1B and configured Active DIrectory Integrated Zone on it for the Domain. Configured Mac1B to use itself as Primary DNS Server.
D. Added Mac1B as Secondary DNS server in the Scope Option in DHCP Server (Lying on some other machine)
E. Added GC to Mac1B and removed it from MAC1. Transferred all Master Roles from Mac1 to Mac1B.
F. Removed any references from DNS and AD sites and services for the DC Mac1. Removed Mac1 as Name Server from DNS Zone Settings (_msdcs and Domain)
G. Demoted Mac1 as member Server in Domain.
H. Configured Mac1B as Primary DNS Server.
I. Shutdown /Stop Sharepoint Services on MAc2 and MAc3.
J. Installed SQL Server on Mac1B with same settings as Mac1, Took backup of all the databases from Mac1 (including ConfigDB,Content, SSP, admin content, search etc) and restored them on Mac1B.
K. Uninstalled SQL, DNS from Mac1 and disjoined it from domain. Shutdown the box.
L. Now the Issue:- Sharepoint is configured to use Mac1 as the Database server which now is Mac1B. I have tried renaming the server earlier, which worked well but still not a great Idea.
M. On the sharepoint servers, configure SQL CLient to use ALias as Mac1 for MAc1B.
Steps:
On the Sharepoint server, open command prompt and run cliconf(this is builtin client in windows).
CLick on GENERAL TAB and enable TCP/IP by selecting it under disabled Protocols box and click ENABLE button.
CLick on the ALIAS TAB , CLick on ADD:
Server Alias: Mac1
Network Libraries: TCP/IP
Server Name: Mac1B
Port: depnding on your SQL Installation (default-1433)
CLick Apply.
TEST the connection:
Create a blank text file and change the extension from .txt to .UDL
Double click to Open and click on Provider Tab,
Select "Microsoft OLEDB Provider for SQL Server" and click Next
On Connection tab, Type SQL ALIAS configured above (Mac1 in this case)in the "use data source name" and click refresh.
Use Authentication type
click on "test connection" button and the connection should Succeed. Also, you should see the databases on Mac1B when you expand the dropdown "Select the database on the server".
N. Start Sharepoint services on the sharepoint machines and it shouild start working just fine.
In this case, it worked as Mac1 was removed completely from the netwrk but in situations where companies have thier other applications using database from original DB server, this will not work as the original server is live, so USING A SPECIFIC SQL ALIAS just for SHAREPOINT from the very installation will help which may be used to point to any other server as required. This may help to TEST your DR Implementation as well.
Using SQL Alias for sharepoint is a Good Practice but I have seen some issues with third party Backup Products having problems while trying to backup sharepoint databases, which they should work upon.
Yeah, it was bit tedious last night :)
Thanks!
I have come across situations many times where organisations decide to switch thier Sharepoint databases to another SQL Instance, Replace SQL server for different reasons including upgrading to new version.
I tried to Use SQL Alias for such requirement and it worked just fine for me.
My Test configuration:
1.Mac1 - DC+DNS+SQL
2.Mac2 - MOSS WFE and Query,
3.Mac3 - MOSS App and Index Box.
Here I wanted to replace Mac1 with a New Machine Mac1B.
Plan:- As Mac1 had Imporant roles, I decided to proceed one by one starting with AD then DNS and finally SQL . Please Move directly to Step L below incase you are not intrested in AD and DNS transfer.
A. Installed another machine Mac1B,connected it to the Network and joined to the Domain.
B. Configured Mac1B as ADC and Global Catalog Server (GC).
C. Installed DNS on the Mac1B and configured Active DIrectory Integrated Zone on it for the Domain. Configured Mac1B to use itself as Primary DNS Server.
D. Added Mac1B as Secondary DNS server in the Scope Option in DHCP Server (Lying on some other machine)
E. Added GC to Mac1B and removed it from MAC1. Transferred all Master Roles from Mac1 to Mac1B.
F. Removed any references from DNS and AD sites and services for the DC Mac1. Removed Mac1 as Name Server from DNS Zone Settings (_msdcs and Domain)
G. Demoted Mac1 as member Server in Domain.
H. Configured Mac1B as Primary DNS Server.
I. Shutdown /Stop Sharepoint Services on MAc2 and MAc3.
J. Installed SQL Server on Mac1B with same settings as Mac1, Took backup of all the databases from Mac1 (including ConfigDB,Content, SSP, admin content, search etc) and restored them on Mac1B.
K. Uninstalled SQL, DNS from Mac1 and disjoined it from domain. Shutdown the box.
L. Now the Issue:- Sharepoint is configured to use Mac1 as the Database server which now is Mac1B. I have tried renaming the server earlier, which worked well but still not a great Idea.
M. On the sharepoint servers, configure SQL CLient to use ALias as Mac1 for MAc1B.
Steps:
On the Sharepoint server, open command prompt and run cliconf(this is builtin client in windows).
CLick on GENERAL TAB and enable TCP/IP by selecting it under disabled Protocols box and click ENABLE button.
CLick on the ALIAS TAB , CLick on ADD:
Server Alias: Mac1
Network Libraries: TCP/IP
Server Name: Mac1B
Port: depnding on your SQL Installation (default-1433)
CLick Apply.
TEST the connection:
Create a blank text file and change the extension from .txt to .UDL
Double click to Open and click on Provider Tab,
Select "Microsoft OLEDB Provider for SQL Server" and click Next
On Connection tab, Type SQL ALIAS configured above (Mac1 in this case)in the "use data source name" and click refresh.
Use Authentication type
click on "test connection" button and the connection should Succeed. Also, you should see the databases on Mac1B when you expand the dropdown "Select the database on the server".
N. Start Sharepoint services on the sharepoint machines and it shouild start working just fine.
In this case, it worked as Mac1 was removed completely from the netwrk but in situations where companies have thier other applications using database from original DB server, this will not work as the original server is live, so USING A SPECIFIC SQL ALIAS just for SHAREPOINT from the very installation will help which may be used to point to any other server as required. This may help to TEST your DR Implementation as well.
Using SQL Alias for sharepoint is a Good Practice but I have seen some issues with third party Backup Products having problems while trying to backup sharepoint databases, which they should work upon.
Yeah, it was bit tedious last night :)
Thanks!
Subscribe to:
Posts (Atom)