Disabled Central Admin

I love working with SharePoint Server because there is never a dull moment on the job; the product is so rich and varied, and requires considerable knowledge of other systems and services, such as Active Directory, DNS, networking, SSL, SQL Server, etc. Working with SharePoint Server is a guarantee of learning something new nearly every day. On this day I discover a truly unique SharePoint error message.

I am performing routine maintenance on a SharePoint 2016 farm, cleaning up deprecated service accounts, to bring the farm into alignment with our project’s platform architecture security model. Using Central Admin (running on port 2016 of course!) at one point I need to refresh a page like so many times in a day but this time it comes with a little surprise, the page returns completely blank, with the bare minimum possible HTML. Whoa, what is going on?!CA home - no content

Well, I think, maybe it is just transient, so I hit the F5 refresh to get a clearer sense of the status of my SharePoint farm. Ooo ee, HTTP 404 Not Found. Eek, Central Admin is DEAD!

CA home - HTTP 404

OK, don’t panic, I say to myself, not to worry, probably the app pool is hung up, so let’s just recycle it, and refresh the Central Admin page again. After a 30 second pause waiting for the app pool to come back, Central Admin reveals its true state, Server Error in ‘/’ Application!

CA home - Server Error - customErrors RemoteOnly

Oh no, this is starting to look serious, I mutter. But never despair, it can be something simple. So I do as this all-too-common error page suggests and flip the Central Admin website’s web.config customErrors mode setting to RemoteOnly.

My favourite way to locate a SharePoint or IIS website root and its web.config file is to use Internet Information Services (IIS) Manager. So I select the website, in this case Central Admin, select Content View, and then Explore from the right panel Actions:

IIS Manager - CA content view

After an edit to the web.config, the change look like this:



   3:  "RemoteOnly" />

   4:  "256000" ... />

The I save the web.config file and it automatically recycles the Central Admin website app pool to apply the new settings. Time for another F5 refresh in the browser to see what the actual error is.

Awesome, now I have a truly original, very precise, and quite possibly entirely misleading error message:

CA home - Server Error - This operation can be performed only on a computer

The error message text is:

This operation can be performed only on a computer that is joined to a server farm by users who have permissions in SQL Server to read from the configuration database. To connect this server to the server farm, use the SharePoint Products Configuration Wizard, located on the Start menu in Microsoft SharePoint 2016  Products.

OK, it is time for a little pause and a re-think. You can easily burns hours and hours researching and troubleshooting an error like that. So often with SharePoint the apparent error message is either a red herring or incredibly obscure and only tangentially related to the root cause. Think now, what if any config recently changed in the farm?

Ah yes, I am cleaning up some deprecated service accounts and am starting by disabling them in SQL Server Management Studio. Let’s check that out. Ooops, the farm account has a little red down arrow, it is denied and disabled!

SSMS Logins.cropped

Let’s look at the detailed properties:

SSMS Logins - SP_Farm - Status - Deny & Disable

That’s not right, SP_Farm has Permission to connect to database engine: Deny and Login: Disabled. How did that happen?! Leaving out out a few details and having simplified the screen snaps, suffice to say that there were several very similarly named SQL Logins and there was a slip up which one was previously disabled.

Let’s reset that!

SSMS Logins - SP_Farm - Status - Grant & Enabled

Click OK to save and F5 refresh our browser for Central Admin, no need to recycle the app pool.

Yeah, Central Admin is back!

CA home - working again

So all’s well that ends well, and it only took about 15 minutes. Luckily this happened in Test not Production!

So why blog it?

Because it is a funky error message that I’d never seen before so it deserves to be celebrated for that, plus the issue has a super easy fix that doesn’t require any elaborate analysis. Always keep the KISS principle (Keep it simple stupid) in mind when troubleshooting SharePoint Server.

Cloud Development for Community Projects

How CloudShare has enabled me to contribute to SharePoint community projects

Until recently if you wanted to contribute to an open source or community-based software project in your spare / volunteer time it often meant having to build a full-scale software development environment on your home / personal computer, including substantial CPU cores / RAM / disk hardware and numerous software licenses, with a potential cost of thousands of dollars. Fortunately the recent rapid growth in cloud-based IaaS / PaaS offerings such as CloudShare, Microsoft Azure and Amazon Web Services to name but a few, has dramatically changed this situation. Now the software hobbyist or software engineering professional volunteering their time can contribute to nearly any project with no more equipment than a modern web browser.

These cloud-based IaaS / PaaS offerings are a huge boon especially for community projects targeting enterprise software systems such as Microsoft SharePoint Server and Microsoft Dynamics CRM. Both SharePoint Server 2013 and the upcoming 2016 versions have hardware requirements that generally exceeded the specs of most home office computer equipment, for example a single server farm with all services requires 24GB RAM. Furthermore, when your focus is on rapidly enhancing a community project then the time and effort to install, configure, tune, and patch server software such as the operating system, database server, and SharePoint Server is an overhead cost that does not directly advance the project.

Why CloudShare?

Two important consideration when I’m volunteering my spare time on an open source or community project are:

  • Ready availability of a pre-configured virtual machine suited to the community project’s technology stack – so I don’t have to spend hours or days building up a standard development environment before I can even begin making my volunteer contribution
  • Rapid provisioning and resumption of the virtual machine – which allows me to eke out useful contributions in spare moments of 20-30 minutes at a time

For my cloud-based custom software development platform I chose the CloudShare Platform-as-a-Service (PaaS) product because it offers the best fit for me as an independent software developer. A CloudShare environment comes with these essential features which satisfy my need for pre-configured virtual machines:

  • Extensive gallery of fully pre-built and pre-configured virtual machines
  • Gallery includes SharePoint Server 2013 and 2010 farms in various single-server and multi-server configurations
  • Commonly used SharePoint service applications are pre-configured, eg Managed Metadata, Search, and User Profile
  • Commonly used SharePoint web applications are pre-configured, eg Publishing Portal, My Sites, and Team Site

With CloudShare it takes under 5 minutes to provision a brand new fully functional SharePoint Server 2013 farm, and under 1 minute to restore it from hibernation. And it is completely self-serve, which fits in well with my erratic volunteer schedule.

The CloudShare platform also includes these additional features:

  • Full local admin access for additional server configuration and software installation
  • “Environment” container for sets of virtual machines used for managing hardware resources and other global resources
  • On demand snapshot of environment to baseline the configuration, eg for repeatability of functional and deployment testing
  • Easy to dispose of a virtual machine and re-provision a new one
  • External URLs for browser / HTTP access to virtual machine SharePoint site, eg for demos of the open source / community project
  • Easy to share full local admin access to virtual machine or an independent private copy with a collaborator
  • Low cost pay-as-you-go entry point to allow try-before-you-buy which is easily upgraded to very cost competitive annual subscription model

CloudShare for my Community Projects

Over the past several years I’ve used the CloudShare platform to present at several conferences and user group meeting, and to support and contribute to several SharePoint and web community projects in my spare / volunteer time.

Using a CloudShare environment I have presented live interactive demos of various SharePoint capabilities, configuration procedures, and custom development techniques at various conferences and user groups, including:

  • SharePoint Summit Toronto – Introduction to Social with SharePoint 2013
    Live demo of My Sites social features and user profiles using a CloudShare SharePoint 2013 virtual machine
  • SharePoint Saturday Ottawa – Migrating to SharePoint 2013 – Business and Technical Perspective
    Live demo of content database migration, and content database and site collection health checks using a CloudShare SharePoint 2013 virtual machine
  • DevTeach private conferences for House of Commons Canada – Transform SharePoint Forms with HTML, CSS and JavaScript
    Live demo of various techniques to enhance List forms using a CloudShare SharePoint 2013 virtual machine
  • Microsoft Federal SharePoint User Group (Ottawa) – Cloud-Based Development for SharePoint using CloudShare
    Live demo of provisioning and using a CloudShare SharePoint 2010 virtual machine to perform SharePoint custom .NET development
  • SharePoint Ottawa – Survival Guide to SharePoint 2013 Migration
  • Ottawa IT Community – Cloud-Based Dev–Test environments for .NET & SharePoint using CloudShare

Using a CloudShare environment I have also contributed original custom code, patches, defect reports, and forum answers to various open source projects and custom development answer websites, including:

  • Gary Lapointe’s PowerShell-SPCmdlets
    Validated and troubleshot source code download; identified several code defects and code components missing from download package; proposed code fixes; all using a CloudShare SharePoint 2013 virtual machine
  • Microsoft-inspired SharePoint Guidance Library 2010 Demo
    Built a fully functional demo solution package (WSP) for a custom SharePoint logger based on the Microsoft guidance library; using a CloudShare SharePoint 2010 virtual machine
  • Ron Valstar’s TinySort
  • Dev4Side’s SharePoint 2010 Filtered Lookup Field
    Analyzed and troubleshot an issue in the custom field definition; using a CloudShare SharePoint 2010 virtual machine
  • Stack Overflow, SharePoint Stack Exchange and other Stack Exchange sites
    Analyzed, answered, and commented on questions; using CloudShare SharePoint 2013 and 2010 virtual machines
  • and others

Now let’s take a closer look at how you prepare and share a CloudShare environment and SharePoint virtual machine ready for custom .NET, App-model, and pure HTML5 / JavaScript software development for an open source / community project.

Prepare a CloudShare Environment

CloudShare offers over 90 pre-built / pre-configured virtual machine templates in a gallery making it easy to pick from amongst several variations:


These VM templates are clustered around two main technology stacks:

  • Microsoft Windows
  • Linux

With numerous variations of enterprise software, including on the Microsoft stack:

And on the Linux stack:

  • CentOS – variant of Red Hat Enterprise Linux distribution; in combination with MySQL, Ruby on Rails, MongoDB, NodeJS
  • Xubuntu – variant of Canonical Ubuntu Linux distribution
  • Ubuntu – in various combinations with Apache, PostgreSQL, Docker

In my case I’m working primarily with Microsoft SharePoint so I created two virtual machines in my CloudShare environment:

  • Microsoft SharePoint 2010 Server
  • Microsoft SharePoint 2013 Server


The SharePoint 2013 farm virtual machine is a single server farm with the following service applications and web applications pre-configured which makes the virtual machine immediately ready for custom development for your open source or community project:

  • Application Discovery and Load Balancer service application
  • Managed Metadata service application
  • Search service application
  • State service application
  • Usage and Health Data Collection service application
  • User Profile service application
  • Publishing Portal web application
  • My Sites web application
  • Team Site web application

Share an Environment

CloudShare makes it easy to collaborate with a colleague on an open source or community project in a more direct / hands-on way than the typical code and documentation sharing via a cloud repository such as GitHub or CodePlex. With CloudShare you and your colleague can directly access the same or an identical private copy of your CloudShare virtual machine environment to make code changes, run tests or write documentation:


  • Assign a contributor grants direct access to your CloudShare environment by your contributor, where they can log into the same virtual machines and run or make changes to the same copy of the open source or community project
  • Assign a copy grants access to an identical private copy of your CloudShare environment by your contributor,  where they can log into a fully isolated virtual machines and run or make changes to their own private copy of the open source or community project

When you assign a contributor to your environment your colleague will receive an email similar to this one, inviting them to access your CloudShare environment.


When your colleague (fictitious name Jane) accesses the shared CloudShare environment, they see the following welcome page:


From the details in the environment’s Invited by and Expiration fields they can easily determine that this is the identical environment to your own as it will expire at the same time. Your colleague can log into the environment’s virtual machines to view or collaborate on and edit the open source or community project, and they can also modify the CloudShare environment itself or the virtual machine hardware resources.


On the other hand, when you assign a copy of your environment to a colleague they receive an identical private copy of your CloudShare environment. When they access their copy they see the following welcome page:


From the details in the environment’s Invited by and Expiration fields they can easily determine that this is a time limited copy of your environment that will expire after a short time. Your colleague can log into the environment’s virtual machines to view or collaborate on and edit the open source or community project, but they cannot immediately modify the CloudShare environment itself or the virtual machine hardware resources until they take ownership of this private copy of your environment.


In order to take ownership of this private copy of your environment your collaborator must purchase their own account licence:


Once they have done that, they will have full control to modify the CloudShare environment or virtual machine hardware resources as they require while working on the open source or community project.

Wrap Up

Thanks to CloudShare my idea of the home office has completely changed. Now my home office is in the cloud and I can resume and access it or even re-provision it whenever I need, not just when I’m physically at home. This has enabled me to contribute to numerous open source or community software projects in my spare volunteer time.

I highly recommend trying out CloudShare and seeing for yourself how easy it is to use the platform. To get started, create your account in CloudShare. To learn about pricing options, visit the pricing page.

Instagram Spam from Dummy Account with My Email Address

Like any savvy Internaut I am vigilant to identify and delete spam email so I always carefully review any unexpected item that lands in my inbox before clicking on it. I was suspicious when this email appeared the other day as I am not an Instagram user:


I’ve blacked out personal identifying information in these screen snaps.

My first thought was this item is not a legitimate email from Instagram but I couldn’t find any obvious indication of this. The structure and format of the email and all the links seemed to indicate it was legitimate. I even looked at the message source; the headers and delivery routing all seemed to be appropriate given my limited knowledge of such things:

Received: from mail-ie0-f200.google.com ([]) by COL004-MC6F25.hotmail.com over TLS secured channel with Microsoft SMTPSVC(7.5.7601.23008);
     Fri, 12 Jun 2015 03:40:11 -0700
Received: by ieua9 with SMTP id a9sf54529306ieu.0
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20130820;
X-Received: by with SMTP id y3mr17535455obm.7.1434105611119;
        Fri, 12 Jun 2015 03:40:11 -0700 (PDT)

Received: by with SMTP id p21ls2413587qgd.34.gmail; Fri, 12 Jun
2015 03:40:10 -0700 (PDT)
X-Received: by with SMTP id 130mr17722759yko.73.1434105610950;
Fri, 12 Jun 2015 03:40:10 -0700 (PDT)

Received: from mx-out.facebook.com (outmail009.prn2.facebook.com. [])
        by mx.google.com with ESMTPS id x68si1394039ywf.212.2015.
Received-SPF: pass (google.com: domain of no-reply@mail.instagram.com designates as permitted sender) client-ip=;
X-Facebook: from 2401:db00:2130:70d3:face:0:4f:0 ([MTI3LjAuMC4x]) 
    by api.facebook.com with HTTP (ZuckMail);
Date: Fri, 12 Jun 2015 03:40:09 -0700
To: historyproject@oldottawasouth.ca

Subject: Highlights from instagram, knighthaak, notafraid2fail and more
X-Priority: 3
X-Mailer: ZuckMail [version 1.00]

Reply-to: Instagram <no-reply@mail.instagram.com>
Errors-To: no-reply@mail.instagram.com

X-Auto-Response-Suppress: All

MIME-Version: 1.0

X-Original-Sender: no-reply@mail.instagram.com
X-Original-Authentication-Results: mx.google.com;       spf=pass (google.com:

Ordinarily I would simply delete the email but my curiosity was piqued by its apparent legitimacy so I put it aside for a few days until I had more time to check it out.

When I looked at this email again, I decided to verify if perhaps I had created an Instagram account to check out the service but then abandoned the account and forgotten about it. So I started by directly navigating to Instagram’s login page to look for an account recovery link rather than clicking on any links in the email.

It is worth noting that my email address is very distinctive and unlikely to be similar to another address because it belongs to a vanity domain that is limited to a very small number of users that I know personally. Hence it is impossible that someone unknown to me would have accidentally typed my email address into their Instagram account registration. Hence I felt justified in trying to recover the account as possibly my own.

Having found a link “Forgot?” [password] on the Instagram login page I navigated to the password reset screen. I requested a reset using my email address from the To: line of the original Instagram email, assuming it was linked to a legitimate Instagram account that I created at some point in the past:


The password reset screen was followed by a confirmation screen:


This resulted in a password reset email from Instagram arriving in my inbox which revealed the underlying account name responsible for the original Highlights email, @benoverbrabou:


This deepened the mystery as I had no recollection of having chosen this account name. However, clearly this account was linked with my email address, and once again the email structure and format looked 100% legitimate. So I proceeded to click on the Reset Password link in the email to complete the reset in the hopes of gaining clarification from the Instagram account properties and settings.

In retrospect since I still had doubts about the legitimacy of the Instagram email I should have copied this link into an incognito / private browser session or even better a browser in a virtual machine, to avoid any chance of a drive-by download attack. But I didn’t think of that Sad smile. It is hard to remember 100% of the safety best practices for email and web browsing! Luckily the Reset Password link was a legitimate Instagram URL, https://instagram.com/accounts/password/reset/confirm/xxxxxx/xxx…/, and this second email actually from Instagram.

The Reset Password link from the second email led to a page on the Instagram website where I entered a new password. Unfortunately I didn’t immediately take a screen snap of this page and it was expired when I tried to navigate back to snap it, so I can’t include it here.

Instead here is a sample of how the screen looked when I attempted to reproduce these steps a few days later:


As an aside, when I reproduce these steps a few days later, the Instagram website behaviour following this password reset page was different than the steps that I describe next. The new behaviour is to redirect to the Instagram login page. Seems like someone noticed the issue that I describe in this blog post, and changed the page flow.

At the time when I first followed this sequence the password reset page was followed by an account verification screen that prompted me to supply my cellular phone number. As I still had some doubts about the Instagram account and the whole situation, I had no intention of providing further personal information to Instagram for this account, so I entered a pseudo phone number:


This was followed by a predictable screen to enter the security coded sent to the phone number provided on the prior screen, a code which I would never receive since I provided a dummy phone number:


This seemed to be the end of my investigation into the Highlights email and the associated mysterious Instagram account @benoverbrabou as it appeared that a confirmed cellular phone number was required as part of the password reset process.

I was about to give up when I looked again at the Reset Your Password (second) email and noticed another option, “If this is not your account you can remove your email from it,” with URL https://instagram.com/accounts/remove/report_wrong_email/xxxxxx/xxx…/:


This seemed like the next best alternative in the event that the account was not mine and my email address was incorrectly or maliciously associated with it. So I proceeded to click on the “remove your email from it” link in the email in the hopes of no longer receiving any further Instagram emails associated with the @benoverbrabou account. This led to a page on the Instagram website confirming that my email was no longer associated with this account.

Unfortunately again I didn’t immediately take a screen snap of the “remove your email” page and the action was invalidated when I navigated back to snap it, so an error message (“This is not a valid link”, partially greyed out by me) was displayed where the original confirmation message was displayed:


Here is a sample of how the screen looked when I attempted to reproduce these steps a few days later:


Once again the latest Instagram website behaviour was different than the steps I describe next. Now the result is to confirm that the email address has been removed from the Instagram account without having the account logged in and hence granting further access to the account. As before it seems the Instagram folks noticed the issue that I describe in this blog post, and changed the page flow.

In the original sequence, the really interesting detail is that the page shows the @benoverbrabou account logged in. This was very surprising as the prior password reset sequence with the request for a cellular phone number for account verification and the security access code gave the impression that the access code was required in order to complete the password reset. However, it appears that Instagram actually completed the password reset with an automatic login without providing any indication of this.

At that point I was able to navigate around the @benoverbrabou account and in particular to select the Edit Profile link from the left-hand navigation which lead to the following page:


The email field clearly contains a dummy email address since it was from the @example.com domain. Having never used Instagram I was not aware how or where my own email address might have been linked or stored as a secondary email address before I deleted it; there was no clear indication of this.

Next I selected the account name from the top navigation bar which lead to the following page:


This account home page was immediately auto-redirected before I could full view the page contents (eg using browser-based JavaScript) to the Verify Your Account page which again prompted me to confirm the pseudo phone number that I had entered as part of the password reset process earlier:


Fortunately for my sleuthing I was able to navigate back to the account home page and abort the auto-redirect with a simple ESC key sequence, so I was able to fully view the page contents.

Clearly the @benoverbrabou account had never been used as it had no posts, no photos, and no followers or following account.

At this point I had gathered enough information to judge with considerable certainty that the @benoverbrabou account that had been linked to my email address and had given rise to the Highlights email was not an account created by me. Further it seemed quite likely that the @benoverbrabou account was either abandoned or in use by spammers. In either case, I was satisfied having unlinked my email address from the account. I resolved to leave the acount alone and only intervene further with Instagram if this account or any other account again became linked to one of my email addresses.

Coda: Two weeks later I stumbled on the news that the Instagram Highlights email was a brand new feature designed to re-engage users who had lost interest in the photograph sharing service, Instagram ‘highlights’ emails hitting your inbox soon (The Verge, May 24, 2015) and may other tech news sites. The fact that the Highlights email was a brand new occurrence would explain why the circumstances I describe here occurred only just now, and were then patched to avoid information leaking.

Bulk Provision User Profiles in a CloudShare SharePoint VM for Demo/Test Scenarios

A CloudShare hosted environment is a great way to quickly and easily provision virtual machines for demo and testing. In order to present realistic demo and test scenarios you will want a variety of Active Directory user accounts and SharePoint user profiles including My Sites profile information.

A brand new CloudShare environment virtual machine comes with only a few system accounts defined, eg Administrator. You can certainly develop and provision additional user accounts and profiles yourself, along with the scripts to repeat the provisioning each time your environment is refreshed. However, this will take time and effort, which you would probably rather spend on your core business activities. So why not leverage and re-purpose a ready-built alternative from Microsoft.

Microsoft publishes “content packs” to provision several of its popular demo environments (WingTip, etc) that you may have seen at the SharePoint Conference and in other training and demo presentations. These content packs generally include all the installers, scripts, and user accounts data files necessary to fully automate deployment, configuration and provisioning of the various bits of server infrastructure.

In our case we have the server infrastructure already deployed and configured thanks to CloudShare. So we are going to cherry pick out of the content packs just what is necessary to provision a predefined set of user accounts into Active Directory and user profiles into SharePoint. This will save us quite a bit of time over developing similar capability from scratch.

Before starting, download the required content packs from CodePlex. From the SharePoint 2013 Business Intelligence Demo Builds with SQL Server 2012 SP1 CodePlex project,


download the following two content packs and extract their zip archives:

Don’t be confused by the name of this CodePlex project. The various content packs in this project can be used somewhat independently of one another, for our purpose to provision Active Directory user accounts and SharePoint user profiles in a CloudShare environment SharePoint farm.

First we use a PowerShell script to create the Active Directory user objects from the Employees.csv file included with the Active Directory Content Pack. The following code fragment shows the important steps in the script. The full script can be download here, load-users.ps1 (caveat, can’t upload PowerShell to WordPress so have embedded it into a Word document). Run the script from the root folder of the Active Directory Content Pack or adjust the Import-Csv cmdlet’s path to the employees.csv file.

Import-Module ActiveDirectory

$dn = (Get-ADDomain).DistinguishedName
$forest = (Get-ADDomain).Forest

$ou = New-ADOrganizationalUnit -Name "MS Demo Users" -Path $dn –PassThru
#Do this to allow easy clean up or reset
Set-ADOrganizationalUnit $ou -ProtectedFromAccidentalDeletion $false

#Either edit CSV file to remove service accounts and blank lines or filter those out with the transform
$data = Import-Csv "$($(Get-Location).Path)\Demo\Scripts\employees.csv"

#Transform $data to $users with template that is compatible with the New-ADUser cmdlet, and add AD forest reference

$users | ForEach-Object {
    $_ | Select @{Name="Path"; Expression={$ou.DistinguishedName}},* | New-ADUser

Once this script runs successfully there will be over 270 demo user account available. In Active Directory Users and Computers you should see the following container and user objects:


Second we use another PowerShell script to provision the SharePoint user profiles from the People.xml file included with the PeoplePack – UserProfile Provisioning Content Pack.

We must tweak the People.xml file as it explicitly includes the CONTOSO domain in the user account names whereas we must match the domain defined by the CloudShare environment virtual machine, as shown highlighted in the following sample from the file. It is not necessary to change the domain of the email address. <Employee>
<Name>Aaron Painter</Name> <WorkEmail>aaronp@contoso.com</WorkEmail> <AccountName>CONTOSO\aaronp</AccountName> <Manager>CONTOSO\christk</Manager>
<Picture>images\Aaron Painter.jpg</Picture>

Determine the domain name by looking at the VM machine properties or from Active Directory Users and Computers. Create a backup copy of the People.xml file, then edit the original file or tweak the script to point to the correct file name.

The script to provision user profiles is as follows. Run the script from the root folder of the UserProfile Provisioning Content Pack or set the PowerShell working folder to the content pack folder.

#Ensure that ReadXml.ps1 and SetupUser.ps1 can run, or unblock those files
Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass

#Determine My Sites URL for CloudShare environment virtual machine
$site = "http://mysites.dc14.loc:80/"

#Pipe each user profile to the user setup script
.\ReadXml.ps1 ".\People.xml" ".\SetupUser.ps1" $site

By default the ReadXml.ps1  and SetupUser.ps1 scripts are blocked as they originated in the content pack downloaded from the Internet, as shown in the file properties panel in the following figure:

ReadXml.ps1 properties

If we choose to unblock these two scripts then the change in PowerShell execution policy is not required, Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass.

The domain user that runs this PowerShell script must have sufficient rights, for UserProfileManager.CreateUserProfile() this is PortalRight.ManageUserProfile permissions as per MSDN. The default permissions and security configuration for each virtual machine template available in a CloudShare environment can vary considerably as the CloudShare team revises the VM templates from time to time. Before we run the above PowerShell script we should check the User Profile Service settings for Administrators and Permissions. We may also need to review the profile database permissions by running Get-SPDatabase | Where-Object {$_.Name –eq “<MySitesProfileDBName>”} | Get-SPShellAdmin, where we replace the fragment enclosed in angle brackets <> with the value specific to our CloudShare environment virtual machine.

Once these two scripts run successfully there will be over 260 fully populated user profiles in your SharePoint 2013 farm My Sites and we will see the following in the User Profile Service Application properties under People | Manager User Profiles:

User Profile Service - Number of User Profiles

At this point we can connect to the SharePoint farm web applications and My Sites host using any of the demo user accounts eg by running a browser as a different user. The My Sites for the demo user Jesper Aaberg will appear as in the following figure:

MySites for Aaberg Jesper

In conclusion, CloudShare’s SharePoint virtual machine templates provide a fully configured and ready to go SharePoint farm for demos and testing but without a set of realistic user accounts and user profiles. With the addition of realistic user accounts and user profiles your demo and testing scenarios will light up and provide a rich and meaningful experience.

Presenting at SharePoint Summit Toronto 2014 on Tue May 27 on “How to be Social in SharePoint 2013”

I’ll be speaking at the SharePoint Summit Toronto 2014 on Tuesday, May 27, 9:50am on the topic How to be Social with My Sites in SharePoint 2013.

In this session learn about the social features in SharePoint 2013, why you will absolutely love them, and how they will make you more productive. My Sites and user profiles have huge improvements, follow sites, people and documents, micro-blogging with mentions and hash tags, ratings and likes, People search, and other professional social network capabilities.

If you are going to be at the conference be sure to look out for me and say hi.

Presenting at IIBA Ottawa-Outaouais Breakfast Roundtable on Thu May 1 at 7:30am

Come out to hear me present at the IIBA Ottawa-Outaouais Breakfast Roundtable this coming Thursday, May 1 at 7:30am on the topic of “Is a Business Analyst required on SharePoint projects?”

SharePoint offers the promise of instant functionality for all sorts of business needs: collaboration, document management, Internet/intranet web content management, search, business intelligence, etc. In addition there are seemingly endless possibilities for configuration and customization, much of it easily accessible to business and power users. Do SharePoint deployments and customizations need formal requirements gathering, business modeling, and functional analysis as part of the project plan? Or is it all about the technical infrastructure and IT configuration? Let’s discuss some real-world project scenarios and share our experiences to answer this question.

This is an informal, interactive event, the first 30 minutes is for open networking, followed by the structured roundtable at 8:00am. The event is free and open to everyone whether or not you are a member of IIBA, the International Institute of Business Analysis.


Presenting at SharePoint Saturday Ottawa 2013 on Sat, Nov 23 at 8:30am

Come out to hear me present at SharePoint Saturday Ottawa 2013 this coming Saturday, November 23 at 8:30am on the topic of “Practical SharePoint 2010/2013 for the .NET dev: Crash course on coding in SharePoint for the .NET dev, what is different and what tools you need to have.”

In this session you will learn how to transfer your .NET experience into effective designing and coding for SharePoint 2010/2013. Learn what tools and tips will help make the transition easier.

Some topics we will cover:

  • 2013 app model vs packages & features
  • APIs – client-side, server-side, OData/REST,
  • getting data & documents into and out of SharePoint
  • debugging
  • logging
  • deployment
  • LINQ in & for SharePoint
  • managed metadata vs code tables vs lists