SharePoint 2010 Image Sync to AD

Similar to previous identity management issues with SharePoint (I hate you FIM!), I just ran into another issue the other day.  There is a requirement to have SharePoint 2010 be the place where users can managed their profile information, but the most important thing is to have images sync to AD so they can be used in Lync and Outlook.

The guys on the ground were pulling their hair out, as they had followed the instructions from two corroborating sites.  Unfortunately, even with all of that setup, images were not being successfully added to AD.

Knowing how much fun FIM is, I did a bit of banging prior to arriving on site and found an article that sounded very similar to the issues they were having.  Turns out it was the answer, but I’m going to duplicate a bit of it here just in case it disappears.

  1. You have correctly configured FIM to sync the images correctly as per the TechNet article linked above (“sites”).
  2. Looking in the IIS logs of the mysite (or whatever name is accurate) web app, you see 401.1 214807254 and/or 214807252 errors on anonymous users accessing the thumbnail jpegs.

What you need to do is log into the box where FIM is running as the FIM user sync account.  From there, add your mysite URL to the intranet zone in IE.  Re-run the sync and it should work.

The reason is that the error IIS log error is because FIM is not passing the credentials as it is being challenged.  By adding the mysite to the intranet zone, it will automatically send credentials and not wait to be prompted (unless a GPO has overridden this setting).

Windows 8 RTM, Realtek NIC, and WOL

At home I have my NAS setup with VPN so that I can pretty much always get back on my home network if required.  This comes in handy for running virtual machines.  However, since I moved to the NAS I run my virtual machines from my desktop.

The whole point of the NAS was for less power and noise though, so I don’t want the desktop on all the time.  My solution was wake-on-lan (WOL) and in Windows 7 it worked great.  However, over the past couple of days, I’ve upgraded to Windows 8 RTM and I couldn’t get WOL working when the machine was powered off.  It worked great when the machine was asleep, but not completely off (most of the time).

Turns out the default realtek NIC drivers in Windows 8 aren’t really the best, but downloading the Windows 8 drivers from the realtek website fixed the issues.

P.S. Being able to run Hyper-V instead of Virtualbox is nice, plus you don’t loose hibernation!

Proxy Other Ports to Port 80 on Synology

Ok, so you want to be able to access services running on a random port on your Synology NAS over standard ports (80 and 443).  To do that, you need to do the following items:

  1. Enable the web station from the web services icon in control panel.  This gives you Apache
  2. Add the following lines to the end of /usr/syno/apache/conf/httpd.conf-user (you must re-do this after doing a DSM update).  Replace <accessPath> with a name, and <port> with the port it is running on.  For example, http://localhost:8080/party. 
    LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
ProxyRequests Off
ProxyPreserveHost On

<Location /<accessPath>>
ProxyPass http://localhost:<port>/<accessPath>
ProxyPassReverse http://localhost:<port>/<accessPath>
</Location>
  3. Restart apache with “/usr/syno/etc.defaults/rc.d/S97apache-user.sh restart”

Just make sure whatever service you are doing this with has a base url of <accessPath>.

UPDATE:  Just updated to DSM 5.0 and a few things have changed:

  1. /usr/syno/apache/ has moved to /etc/httpd/
  2. /usr/syno/etc/rc.d/S97apache-user.sh is gone, so just use ‘httpd -k stop|start|restart’
  3. You may need to create the folder /var/services/web/internal for httpd to restart
Published
Categorized as synology

My Perfect Windows 8 Tablet

With Computex in full swing and Windows 8 Release Preview being released last week, I think it’s time I start thinking about a new tablet.  A few of my colleagues and I have been really excited about having a tablet that can also double as a media center.  In fact, one of them currently uses his Samsung Slate in just such a fashion.

  • 10″ or 11″ display with >=200ppi
  • Minimum of 8 hour battery life
  • Ivy Bridge CPU
  • Active Digitiser for pen support (yay OneNote!)
  • TPM Module
  • WIDI or WHDI
  • USB 3 port
  • HDMI port
  • 64-128GB SSD
  • >=4GB RAM (would like it to be upgradeable)
  • Ideally, the ability to drive 2 24″ external monitors

Based on what I’ve seen so far, this definitely looks like it could be possible in the very near future!

Update: Well, after the MSFT announcement, it looks like we have a tablet that is definitely a front-runner (Pro).  There are some outstanding questions, but it looks like it ticks most of the boxes…

  • 10″ or 11″ display with >=200ppi – 207 ppi!
  • Minimum of 8 hour battery life – No idea yet…
  • Ivy Bridge CPU – Yes!
  • Active Digitiser for pen support (yay OneNote!) – Yes!
  • TPM Module – We think so!
  • WIDI or WHDI – No idea yet…
  • USB 3 port – Yes!
  • HDMI port – DisplayPort gives the same flexibility!
  • 64-128GB SSD – Yes!
  • >=4GB RAM (would like it to be upgradeable) – Not sure, but should be 4GB!
  • Ideally, the ability to drive 2 24″ external monitors – No, but a matrox dualhead2go would work.
Published
Categorized as computers

Find PID of Application Using a Port

Best way to do it is to run the command

netstat -lnptu | grep :<port#>

This will give you the PID of the service, and then you can run

kill <PID>

or

kill -9 <PID>

if just a regular kill doesn’t work.

Published
Categorized as synology

United System Wide Upgrades

As I can’t find this nicely spelled out anywhere, here are the economy fare class codes that you need to book to ensure you can use your system wide upgrades on any flight: Y, B, M, E, U, H, Q, V, W.  And for Business: J, C, D.  This is especially true for those of us flying in and out of Australia…

http://pss.united.com/web/en-US/content/mileageplus/awards/upgrade/default.aspx

2 http://www.united.com/web/en-US/content/booking/flight/fareClass.aspx

 

Published
Categorized as work

nopCommerce Install

The other day I was playing around with nopCommerce.  There was some talk about it internally, and I thought I’d see what it was all about.  I didn’t get very far, and realized the installation instructions were definitely missing a few steps.  The guys over there have outlined most of the steps in the documentation, but they’ve forgotten a few:

  1. Ensure that your worker process (what the AppPool runs under) has the ability to create a database if you check the box Create database if it doesn’t exist.
  2. How to access the installation page.  You need to browse to http://site/views/install/default.aspx

There are other OWASP and scalability best practices that I may go into later if I really dig down further, but three that immediately come out:

  1. Unencrypted DB Connection string info
  2. compilation debug=”true” being set in the web.config
  3. Single DB
Published
Categorized as IIS, work

Synology DS1511+ and Crontab

I’ve added an rsync job to my crontab file in order to backup all my websites I have being served from Dreamhost (including this one).  The specific job is set to run every night at midnight starting last night.  Unfortunately, it didn’t run.

This is because the crontab service needs to be recycled in order to grab the new jobs (also, don’t update your DSM, because that seems to blow it away).  As this is a non-standard linux distro, you need to restart crontab the following way:

/usr/syno/etc.defaults/rc.d/S04crond.sh stop
/usr/syno/etc.defaults/rc.d/S04crond.sh start

Published
Categorized as synology

Synology Plex Media Server and Samsung Smart TV Client

This one wasn’t completely obvious, but I think I’ve managed to figure it out.  It at least appears to be working correctly, assuming it continues to work a bit better after the media scan is complete.

Steps for the Server:

  1. Grab the spk from http://www.plexapp.com/linux/linux-pms-download.php.
  2. Log into DSM and in Package Installer, install the downloaded spk.
  3. After it is installed, visit the website at http://<nas-server>:32400.  It doesn’t look like the shortcut that is created works.
  4. Add in the locations to your media.

The steps for the Client on a Samsung TV with SmartHub is broken up into two options: installer hosted on your own server, or on someone elses.  It doesn’t matter where you get the installer from, as you can specify the Plex Server after the application is installed.

Hosted on your NAS:

  1. In Control Panel, enable web station under web services
  2. Copy the installer (link) to the web share that was created in step 1
  3. Copy the widgetlist.xml (link) to the web share that was created in step 1
  4. Edit the widgetlist.xml to contain the IP of your NAS (or the URL where the installer is located)
  5. On the TV, open the Smart Hub
  6. Log in as a different user (A/red button)
    • User: develop
    • Password: 123456
  7. Click the Settings button (D/blue button)
  8. Select Development
  9. Set the Server IP to that of your NAS
  10. Select User Application Synchronisation
  11. Once the installation is finished, restart your TV
  12. Visit SmartHub and Plex is installed.
  13. Point Plex at your Plex Media server.

Hosted by someone else:

  1. On the TV, open the Smart Hub
  2. Log in as a different user (A/red button)
    • User: develop
    • Password: 123456
  3. Click the Settings button (D/blue button)
  4. Select Development
  5. Set the Server IP to 92.50.72.58
  6. Select User Application Synchronisation
  7. Once the installation is finished, restart your TV
  8. Visit SmartHub and Plex is installed.
  9. Point Plex at your Plex Media server.

These install instructions were taken from the Plex forums.

Update 1/6/2012: The crawler has completed, and it does actually work!  I also found out that it only supports TV shows right now, and not music or photos.  Looking into it, it’s just a webpage with a lot of javascript.  If I have time, I may look to add music in, as having one solution for everything is a lot better than both this and DLNA!

Update 8/19/2012: Instead of going through all of this, just grab the Plex app from the Samsung App Store!

Published
Categorized as synology

SharePoint 2010 User Profile Sync: stopped-extension-dll-exception

Well, it’s good to see that User Profile Sync can be better in 2010 than it was in 2007.  However, there are definitely some issues still.

The first one, which is something we just noticed was that the User Profile Sync jobs were constantly failing.  Unfortunately, there isn’t really a good way to know without going into the MIISClient program to look at the errors.  Basically, if you think, for whatever reason, profile sync is not working, open up the MIISClient.exe (Program FilesMicrosoft Office Servers14.014.0Synchronization ServiceUIShell) as the farm account and take a look to see if everything is a success.

For us, we were seeing all the MOSS-{guid} jobs failing with the error stopped-extension-dll-exception as you can see below.

Based on the lovely error message, I’m still amazed that I was able to isolate this issue (event logs reported that CA was being accessed via a non-registered name).  However, it turns out it is because of alternate access mappings (AAMs) for the central admin (CA) website.  Normally, SharePoint sets up the AAM for CA as the machine name you first install SharePoint on to.  However, we changed the AAM to be a more friendly name.

When you update the “Public URL for Zone” for the CA website, it does not propagate the change into the MIISClient.  This causes the MIISClient to not correctly access the CA APIs for the user profile sync (or at least I am imagining this is the case).

Fix it with the following steps:

  1. MIISClient.exe as the farm account.
  2. Tools > Management Agents (or click the Management Agents in the bar)
  3. Right-click on the MOSS-{guid} management agent and select Properties
  4. Go to the Configure Connection Information section in the left-hand pane
  5. In the connection information box, change the Connect To URL to be the same URL as listed as the “Public URL for Zone” for your CA in the AAM configuration.
  6. Re-enter the farm account username and password for good measure
  7. Save the configuration
  8. Run a full profile sync from CA