Blog of Sundar Narasiman

Import MS Project 2010 plan to Project Server

This article will cover the steps required to import the Project Plan created in MS Project 2010 to the Project Server (Project Web Access). This assumes that you’ve already established a connectivity to the Project Server through File –> Info –> Manage Accounts –> Add

pic1

Now let’s add an option in the Ribbon Control to enable upload the project plan to Project Server

File –> Options –> Customize Ribon

Under Main Tabs –> Project –> Create a a new group pressing ‘New Group’ button

On the left side –> Choose commands from –> Select ‘Import Project to Enterprise’

pic2

Now you’ll get to see an option called ‘Import Project to Enterprise’ under Projects in Ribbon.

 Subscribe to my blog

Connecting MS Project 2010 to Project Web App

I was trying to connect MS Project 2010 to a Project Web App (MS Project Server), got this error “.

pic1

The root cause of the issue was that, the MS Project 2010 was not able to connect to Project Web App using the logged on user’s credential.

I had to make a change to the following browser settings to get this working.

IE –> Tools –> Internet Options –> Security –> Intranet (in my case PWA site is hosted in intranet zone)

Custom Level –> User Authentication –> Logon –> Prompt for user name and password

pic2

 Subscribe to my blog

You can’t remotely debug events Windows Azure Service Bus connection string is missing

I was trying to debug a SharePoint 2013 remote event receiver running against a SharePoint Hosted App in Visual Studio 2012. I got the following error.

pic1

I learnt that I need to create a Windows Azure Service Bus and configure the end point of Azure Service Bus in the Visual Studio project property.

Create a new service bus object in Azure Management Portal

pic3

Go to project property in Visual Studio 2012 –> SharePoint Tab –> Enable Remote Debugging by providing the endpoint of the Azure Service Bus

pic4

Now we’re able to debug the remote event receiver in Visual Studio 2012.

pic2

 Subscribe to my blog

Microsoft MVP Lunch Hour Session on Sep 18

I’m conducting a session for the South Asia Microsoft MVP Lunch Hour series  on Microsoft events online platform (msevents.microsoft.com).

The topic is ‘SharePoint 2013 Remote Event Receivers” and it will be a Level 300 session. The event date is 18’th September 2013.

If you are interested, please register it in the below link
https://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032561518&Culture=en-IN&community=0

 Subscribe to my blog

SharePoint 2013 OAuth Tokens–Frequently asked questions

In one of my previous blog post I wrote about SharePoint 2013 App authentication flow, which briefed about oAuth protocol. There is lot of things to be learnt with respect to oAuth. I feel it’s worth compiling an FAQ  on oAuth, this is the result of that :

1. What is a Context Token ?

The context token is specific to App Configuration information and it is issued by Windows Azure Access Control Services (ACS). The trusted ACS server signs and issues the Context Token, when it receives request from App.

2. What is the format of CacheKey of Context Token ?

The CacheKey of context token is a combination of UserNameId, UserNameIdIssuer, ApplicationId and Realm.

CacheKey= UserNameId + “,” + UserNameIdIssuer + ApplicationId + “,” + Realm.

Note: The Cache Key does not have site URL details. The Cache Key relies on the uniqueness of the realm, it is unique for user, app and tenant.

3. How a Context Token look like ?

The same context token is illustrated below:

{"typ":"JWT","alg":"none"}.{"aud":"a044e184-7de2-4d05-aacf-52118008c44e/contoso:122@040f2415-e6e3-4480-96ce-26ef73275f73","iss":"00000001-0000-0000-c000-000000000000@040f2415-e6e3-4480-96ce-26ef73275f73","nbf":"1335822895","exp":"1335866095","nameid":"s-1-5-21-2127521184-1604012920-1887927527-415149","actor":"00000003-0000-0ff1-ce00-000000000000@040f2415-e6e3-4480-96ce-26ef73275f73","identityprovider":"urn:sharepointsundar:idp:activedirectory",
"appctx":"{"CacheKey":"KQAIUpDUD0sm5Tr83U+jZGYVuPPCPu8BGwoWiAACqNw=","SecurityTokenServiceUri":"
https://accounts-int-sn2-005.accesscontrol.aadint.windows-int.net/tokens/OAuth/2"}","refreshtoken":"IAAAAC1Lv5w0OrcFAmJx0xk6aaBdhgsw3VPnPzNEDAWypTHtCYytZ2/dBBUKj+HLK8YB3IUCUfDxYpAque
NHKtgs4rYJJ5AegQpNMOJR1yYK8ngivQx0oetj7aSPuGVb+k6at6G0Kx5LZ5vhxkAq8iUSwu8p4L2cvNMzDF1mDKfMivqxgrIZkr2nbf9as0SJFL6VG5hZnDE4HKq
xJnejSW3umatKM4fsfY1MClVCxrkXb2EQ8H/TmwaJc388YW063GEVUS/3BTSgSIRBKQUmXJuJ6BZY7WTm84LaGrx3mIjnUTM/jnqPoPG55JbCC9sS/MeGNPtzPPCDg
6Vv7dVhQ1Dq5Y3fQ65e9LpJ580jCgzYYvpIFT+Wx5V+17mjY2T8wug04K2ts87Znsr+GfFCorf7NS/lj5HjoxRAQ2tva/8dwguSLwxcUwi/Q9MbpR0NNtlpwVazqi9O
hJ4Df7gVhUDdJ0Dtc6aFCPbl5ZLDDRs42xK2"}

4. What are the various information present in the Context Token ?

Terms

Details

Represented Fields

Sample Value

add

‘add’ means audience. The format of add is below

{target client ID}/ {target URL authority} @ {target realm}

TargetClientId

b044f184-7df2-4e05-aakf-52118008d44e

iss iss stands for issuer. It represents the principal that has created the Token. The format is {ACS}@{target realm} ACS

00000002-0000-0000-c000-000000000000

realm Tenancy realm

04gf2415-e6k3-4480-96bb-26ee73275f73

nbf ‘nbf’ stands for not before. It represents the validity start of the token nbf

1435822895

exp ‘exp’ stands for expiration. It represents the time after which the token is not valid. exp

1435822895

Actor It is the principal identity of SharePoint 2013 SharePoint 2013

 

5. How to calculate the validity and expiry timestamp from nbf and exp ?

Nbf and Exp are denoted based on JWT specification. It is calculated as number of elapsed seconds since 1’st January, 1970.

6. How long a refresh token is valid ?

The refresh token is valid for 6 months (as of today’s App Authentication Framework design).

7. Can we store the access token in cookies ?

It is recommended not to store the access token in cookies (it’s not very secure). The refresh token can be stored in cookies (which is valid for 6 months), a new Access Token can be requested based on the stored refresh token.

8. Can we grant or deny the permissions for launching an App ?

No. If the user has access to browse the site, he’ll automatically be able to launch the app. The Grant or Deny permissions for an app can be defined only during the install time.

9. Can we use HttpDav protocol (HttpDav APIs) inside the App ?

The HTTP Dav protocol does not work with oAuth.

10. Whether AppId and SecretId will be same across all tenants for a given app ?

The AppId and SecretId are constant across all tenants for a given app, if the app is running in a separate remote web application and app is registered in the Seller dashboard.

 

 Subscribe to my blog

How to Add external users to SharePoint Online

I was wondering if there is a way to add external users to SharePoint Online. The external users are nothing but people who don’t have user accounts in the SharePoint Online environment. The access to external users can be provided by sending them an invitation through e-mail. I’ve learnt that we can send the e-mail invitation to any type of e-mail address such as *.gmail.com, *.yahoo.com or *.yourowndomain.com. However to log-in to the SharePoint online environment, the e-mail account has to be associated with a valid Microsoft account.

 

Click Share

pic1

Now the a email invite will be sent to the invitees (external users)

Open the e-mail invite and click the link on that.

pic2

To accept the invite, you need to have a valid Microsoft account.

pic3

This completes the sign-in process for the external user to the SharePoint Online Team site using a valid Microsoft account.

 Subscribe to my blog

Virtual Tech Conference by South Asia MVPs–August 01, 2013

Virtual Tech Conference (VTC) is a South Asia MVP community initiative to bring you up-to the speed on latest Microsoft technologies. This event is being hosted by South Asia MVP team and they have a very interesting line-up of speakers and topics in this event. This includes two parallel tracks – developer and IT Pro.

In the IT Pro track, I am speaking on ‘SharePoint 2013 App Model – SharePoint Hosted Apps’. My session starts at 6 PM IST.

For IT Pro Registration please check this link : http://aka.ms/Uu9msj

For Developer Registration: http://aka.ms/Ozhcyh

All the session timings are based on the Indian Standard Time

Name

Session Category

Proposed Session Title

Date

Time in IST

Karthikeyan

Developer

Create Cross Platform apps effectively with Portable Class Libraries

1-Aug-13

4:00 PM

Niraj Bhatt

Developer

Introduction to Windows Azure Active Directory

1-Aug-13

5:00 PM

Vishnu Kumar Tiwari

Developer

Integrating Onpremise SQL Server with Salesforce using BizTalk Server 2013

1-Aug-13

6:00 PM

Nauzad Kapadia

Developer

OAuth and the App security model in SharePoint 2013

1-Aug-13

7:00 PM

Ashutosh Singh

Developer

Enriching SharePoint Search using FAST

1-Aug-13

8:00 PM

Dr Nitin Paranjape

Developer

What every developer should know about Office

1-Aug-13

9:00 PM

Shantanu Kaushik

IT Pro

Preparing and Deploying Windows 8

1-Aug-13

4:00 PM

Geetesh Bajaj

IT Pro

Working with Flowcharts in Microsoft Office (Audience Profile: Consumer)

1-Aug-13

5:00 PM

Sundaraarajan Narasiman

IT Pro

SharePoint 2013 App Model – SharePoint Hosted Apps

1-Aug-13

6:00 PM

Ravikanth C

IT Pro

Desired State Configuration in PowerShell 4.0

1-Aug-13

7:00 PM

Ratish Nair

IT Pro

Exchange Server 2013 Load balancing and Outlook Client connectivity

1-Aug-13

8:00 PM

Prabhat Nigam

IT Pro

Exchange 2013 – Database availability Group and Auto Reseed.

1-Aug-13

9:00 PM

 Subscribe to my blog

Create SharePoint sites using Powershell

I was trying to create the SharePoint Site Provisioning using PowerShell. The following PowerShell script will help us to create a SharePoint sites based on Site Address, Site Name and Site Template parameters.

# This is Script to  Create the Sites, based on the Siteadress and Templates, given by the user.
# Use Get-SPWebTemplate cmdlet to get the list of the installed Site templates.


PARAM 
(
[Parameter(Mandatory=$true, Position=0)]
[string] $YourSiteAddress,

[Parameter(Mandatory=$true, Position=1)]
[string] $YourSiteName,


[Parameter(Mandatory=$true, Position=2)]
[string] $YourSiteTemplate
#,

#[Parameter(Mandatory=$true, Position=3)]
#[bool] $OverWrite =$false
)

$OverWrite ='N'
$web = Get-SPWeb $YourSiteAddress -erroraction silentlycontinue
if ($web -ne $null)
{
     Write-Host ("Web site already present with same name : {0}"-f $YourSiteAddress)
     $OverWrite = Read-Host "If want to overwrite the current website Please enter [Y] else enter [N]"
     
    if($OverWrite -eq 'Y')
    {
            Write-Host ("Removing the Site {0}" -f $YourSiteAddress)
            Remove-SPWeb $YourSiteAddress -Confirm:$false -erroraction silentlycontinue
            Write-Host (" {0} - Site Removed" -f $YourSiteAddress)
    }

     $web = Get-SPWeb $YourSiteAddress -erroraction silentlycontinue
}


if($web -eq $null)   
{
    Write-Host ("Creating the Site {0}"-f $YourSiteAddress)
    New-SPWeb     –url $YourSiteAddress     -name $YourSiteName     -template $YourSiteTemplate     –AddToTopNav:$false   
    –UniquePermissions    -UseParentTopNav:$false
 }
else
 {
    Write-Host "use OverWrite =[Y]  to overwrite this Site upon getting the prompt, once you rerun the script"
 }
 Subscribe to my blog

Programmatically update Author and Editor fields in SharePoint

I’m working on a data-migration scenario, where there is a need to update the CreatedBy (Author) and ModifiedBy(Editor) fields in SharePoint.

            using (SPSite oSPSite = new SPSite(http://yoursitecollectionurl))
            {
                using (SPWeb oSPWeb = oSPSite.RootWeb)
                {
                    SPList oSPList = oSPWeb.Lists["testlist"];


                    foreach (SPListItem oSPListItem in oSPList.Items)
                    {
                        SPFieldUserValue oSPFieldUserValue = new SPFieldUserValue(oSPWeb, oSPWeb.AllUsers[@"domainuser"].ID, 
                           oSPWeb.AllUsers[@"domainuser"].LoginName);
                        oSPListItem["Author"]= oSPFieldUserValue;
                        oSPListItem["Editor"]= oSPFieldUserValue;
                        oSPListItem.Update();                      

                                        }
                
                } 
The above code-snippet updates the Author and Editor fields of SharePoint list, based on the specific user (SPFieldUserValue object).

 Subscribe to my blog

SharePoint Multitenancy – Faqs–Part 2

This post is the continuation to my previous post tiled SharePoint Multitenancy – Faqs

1. What are multiple ways in which customer sites can be deployed a SharePoint farm enabled with multi-tenancy ?

  • Dedicated application pool and Web application
  • Shared application pool and dedicated Web application
  • Authenticated Sites
  • Unauthenticated Sites
  • Shared Web application

2.  When to choose dedicated web applications for tenants ?

If the customizations required for tenants affect the resources that are shared across a web application, such as a web.config file

3. What will be the recommended strategy when multiple tenants need to be combined in a single web application ?

While combining multiple tenants into one, it is recommended to have one dedicated web application for authenticated content of all the tenants and another dedicated tenant for all unauthenticated content for all the tenants. Finally, it will require two different subscription IDs for tenants for both the types of content. This approach also will make the licensing simpler.

4. What are the factors to be considered while deploying customizations to a multi-tenant environment ?

The following factors need to be considered while deploying customizations to multi-tenant environment :-

  • Do not allow full-trust code to be deployed to the sites
  • Do not allow the customizations that require changes to the shared resources like web.config file
  • Use host named site-collections to create multiple root-level site-collections (domain-named sites) within a web application

5. What is the factor to be considered when the tenant must span 1 database ?

If the tenant needs to span more than 1 database, there must one and only tenant in all those databases (dedicated content databases for a tenant)

6. What is the factor to be considered when the multiple tenant needs to share a database ?

If a tenant needs to share a database with another tenant, those tenants should NOT span databases.

7. How a hosted environment can be scaled out ?

The hosted environment can be scaled out by creating separate set of farms.

a)Services farm – A dedicated services farm can be created for all the services (applicable) that can be shared across farms.

b)Search farm – A dedicated farm can be created to host Search

c)Tenant content farm – Tenant content farms can be scaled out in a similar way as the services farm

8. What is Organizational Units (OU) of Active Directory and how its is relevant in the context of SharePoint hosting?

Organizational units are used to organize users and computer objects in the Active Directory environment. The same Organizational Unit for SharePoint is illustrated below :-

organizational units IU

9. What is the role of Domain Root ?

The Security policies that need to be applied to the entire domain is applied in the Domain policy. They are configured in the GPOs that apply to the entire domain.

10. What is the role of Domain Controllers OU ?

It holds the most sensitive data in the organization, the data which controls the security configuration itself. GPOs are applied at this level to protect the domain controller.

11. What is the role of SharePoint Server OU ?

It has unique role not included in other servers in the directory. It can be placed in its own OU to allow unique policies to be applied on the servers. It can also be segregated from other servers in the directory.

12. What is the role of customers OU ?

The Customer OU (top-level OU) allows all users accounts to be segregated from the rest of the directory. The next level OU would be the respective customer’s OU (like Customer A OU or Customer B OU). In order to give the users the impression they are logging into their own customer domain, use ADSI Edit or another Active Directory tool to edit the uPNSuffixes attributes.

 Subscribe to my blog