SharePoint mysite is deleted

February 26, 2010 Leave a comment

Issue:


The My Site of Joe Blow is scheduled for deletion. As their manager you are now the temporary owner of their site. This temporary ownership gives you access to the site to copy any business-related information you might need. To access the site use this URL: http://servername/mysite/personal/joeblow.

Cause:

In SharePoint under Central Administration there is a ‘My Site Cleanup Job’ which runs every hour. When a user is deleted or disable in Active Directory, the My Site Cleanup job starts a workflow on that user’s My Site. The default behaviour is to send an e-mail message to the manager with a link to the deleted user’s site. The e-mail message contains a request to the manager to move any documents or data that the manager wants to preserve, because the site might be deleted in the future.

MySite clean up job screen

MySite clean up job screen

There is also ‘site use confirmation and deletion’ page under central administration operations which may be checked.

Site use confirmation deletion screen

Site use confirmation deletion screen

Solution:

To mitigate this issue I think you can apply any of the following steps.

1. If you have two domain controllers use the domain name and ‘Auto discover domain controller’ option. If the one domain controller goes down SharePoint will look for the other domain controller. Please look at my aricle on ‘Employee Lookup or User Profile searches in SharePoint 2007‘ to find a filter for not importing disable Active Directory accounts.

AD connection auto discovery

AD connection auto discovery screen

2. In central administration we can disable ‘My Site Cleanup Job’ and run once a week manually to do cleanup. Not a great options.

3. Potentially you can also call the SharePoint profile stored procedure manually. If you do this you may want to disable ‘My Site Cleanup Job’.

DECLARE @UserID uniqueidentifier
DECLARE @NTName nvarchar(400)
DECLARE @SID varbinary(512)

DECLARE userCursor CURSOR FOR
SELECT Userid, NTName, SID from userprofile _full where bdeleted = 1

OPEN userCursor

FETCH NEXT FROM userCursor INTO @UserID, @NTName, @SID

WHILE @@FETCH_STATUS = 0

BEGIN

EXEC profile_RemoveUser @UserID, @NTName, @SID

FETCH NEXT FROM userCursor INTO @UserID, @NTName, @SID

END

CLOSE userCursor
DEALLOCATE userCursor

References:

SharePoint profile stored procedure article

SharePoint Profile Cleanup

White paper on mysite

How To Delete Sharepoint Timer Job Definition

Filed under SharePoint

File Upload/Download File Size Limits

October 12, 2009 1 Comment

SharePoint store all the uploaded documents in the database. Having a restriction on the file upload size is always a good idea. You can do this two ways,

1. Give a upload file size limit under general setting of the web application in the central administration.

SPUploadSize

Upload size setting

2. Modify the metabase.xml file on the IIS server.

a. Before you can edit the metabase.xml file you must tell IIS to allow you to edit the file. In IIS, right click the name of the server and select properties. Check “Enable Direct Metabase Edit”.

IIS File Upload

IIS File Upload

b. Find the metabase.xml file located in C:\windows\sytem32\inetserv and open the file in Notepad.

c. Search for AspMaxRequestEntityAllowed and increase the value. The default value is 204800 (200K). Setting the value to 1000000 will allow 1 MB file uploads.

d. You may now wish to uncheck the IIS property called “Enable Direct Metabase Edit”.

To increase the file download size limit, repeat all steps above but in Step 3 find the parameter called AspBufferingLimit. The default download limit is 4MB.

Reference

http://stackoverflow.com

www.banmanpro.com

Filed under SharePoint Tagged with

Disable Loopback Check to resolve “Crawl Log error: Access Denied” error in SharePoint

October 12, 2009 Leave a comment

Issue
Windows Server 2003 SP1 introduced a loopback security check. This feature is obviously also present in Windows Server 2008. The feature prevents access to a web application using a fully qualified domain name (FQDN) if an attempt to access it takes place from a machine that hosts that application. The end result is a 401.1 Access Denied from the web server and a logon failure in the event log.

The trouble is there are also scenarios where this fix will break normal operations of SharePoint.

1. Search Indexing.
If you are hosting the WSS Web Application Service on your Indexer for the purposes of having a “Dedicated Crawl Front End” and avoiding a network hop. This is common in small scale “Medium Server Farms”. Because the Indexer is crawling itself, the crawl log will fill up with 401s and your content won’t get indexed.

Crawl Access Denied Error

Crawl Access Denied Error

2. Web Application “Warm Ups”.
If you are running a scheduled task or timer job to hit the Web Application to avoid the start up lag after an application pool recycle, the “warm up” will fail with a 401.

3. Custom Code using SharePoint Web Services.
If you have custom code, either in SharePoint or out with it that leverages SharePoint Web Services (such as using the ExcelService API) these requests will fail with a 401.

Workaround

If you are working on a development environment or on just a single MOSS box – go for it – disable it completely. You need to debug and test locally and it’s likely you don’t know what addresses you will use ahead of time. I as a matter of course disable the check as part of my sysprep build for all my development and test machines. I never hit the problem because my base image is all sorted as I want it. I recommend you do the same.

1. Login to the SharePoint server.
2. Click Start, click Run, type regedit, and then click OK.
3. In Registry Editor, locate and then click the following registry key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
4. Right-click Lsa, point to New, and then click DWORD Value.
5. Type DisableLoopbackCheck, and then press ENTER.
6. Right-click DisableLoopbackCheck, and then click Modify.
7. In the Value data box, type 1, and then click OK.
8. Quit Registry Editor, and then restart your computer.

However, for production environments, DO NOT DISABLE this feature. You are unpicking a serious security check of the OS. If that environment underwent a security audit by a competent security engineer, it would be flagged. You should add a list of addresses you wish to exclude. This makes your scenario work whilst retaining the security check.

1. Login to the SharePoint server.
2. Click Start, click Run, type regedit, and then click OK.
3. In Registry Editor, locate and then click the following registry key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
4. Right-click MSV1_0, point to New, and then click Multi-String Value.
5. Type BackConnectionHostNames, and then press ENTER.
6. Right-click BackConnectionHostNames, and then click Modify.
7. In the Value data box, type the host name or the host names for the sites that are on the local computer, and then click OK.
8. Quit Registry Editor, and then restart the IISAdmin service.

References

Microsoft KB 896861

harbar.net

mossgurus.com

nishantrana.wordpress.com

social.technet.microsoft.com article I

social.technet.microsoft.com article II

Filed under SharePoint Tagged with

Older posts