de-DEen-GB
 
rss

Granikos Technology Blog

Sebastian Rubertus
Sebastian Rubertus

Sebastian Rubertus is a Senior Consultant for Microsoft Infrastructure Technologies at iCOMcept GmbH and guest blog author for Granikos. His main fields of activity are SharePoint and miscellaneous security topics.

He likes the command line and coding PowerShell scripts for automating Administrator´s standard tasks.

You can contact Sebastian via info@granikos.eu.

SharePointProblem:

When you try to connect to SharePoint Online using PowerShell you receive an Access Denied error as follows:

PS C:\> Connect-SPOService -Url https://tenant-admin.sharepoint.com -credential $credential
 
Connect-SPOService : Cannot contact web site
'https://tenant-admin.sharepoint.com/' or the web site does not support
SharePoint Online credentials. The response status code is 'Unauthorized'. The
response headers are 'X-SharePointHealthScore=0,
SPRequestGuid=310ce59d-002b-3000-ef1a-70e5fe7eaf72,
request-id=310ce59d-002b-3000-ef1a-70e5fe7eaf72, X-MSDAVEXT_Error=917656; Acces
s+denied.+Before+opening+files+in+this+location%2c+you+must+first+browse+to+the
+web+site+and+select+the+option+to+login+automatically.,

Solution

Connecto to the SPO Service without the previously entered credentials ($credential) and enable the LegacyAuthProtocolsEnabled attribute.

Set-SPOTenant -LegacyAuthProtocolsEnabled $True

 

Enjoy SharePoint Online.

 

 

Weiterlesen »

Problem

After configuring Access Services you cannot deploy Access custom web apps from Access 2013 - an error with a Correlation ID occurs.

Screenshot Custom web app error

 

Reason

As if it´s not inconvenient enough to configure the SharePoint Access Services Requirements (e.g. AppStore with DNS), the SQL Server Configuration can be the cause, too. In the SharePoint Site Content overview you can see the faulty deployed App and in it`s details the following error:

The database server is temporarily unavailable.
Details: The sp_configure value 'contained database authentication' must be set to 1 in order to alter a contained database. You may need to use RECONFIGURE to set the value_in_use. ALTER DATABASE statement failed.

Screenshot Custom web app error details

 

Solution

You need to enable the SQL Server 2012 Feature Contained Database Authentication if you receive this error. You can do this in the Management Studio via this T-SQL statement:

SP_CONFIGURE 'contained database authentication', 1;
GO
RECONFIGURE;
GO

 

Enjoy SharePoint!

 

Weiterlesen »

Problem

While trying to synchronize a new device with an Exchange mailbox, you receive an error with your new mobile phone partnership.

The Exchange Server 2010 Default Throttling Policy is configured to accept 10 ActiveSync devices per mailbox only.

You can validate this setting by using EMS

Get-ThrottlingPolicy def* | Select Name,EASMaxDevices

Solution

Use a scheduled PowerShell script to delete old ActiveSync Device partnerships that have not been used for a defined period of time.

Script

Find the most recent version on TechNet Gallery and Github, following the links provided in the Links section.

Modifiy the script path variables to fit your requirements. The variables are configured in the ### BEGIN Variables section.

Steps being executed:

  1. Fetch all user mailboxes
  2. Iterate through each user mailbox and determines the number of ActiveSync devices and the number of devices which have not synchronized since 150 days
  3. Delete ActiveSync device registration, if a user has more than 4 devices in total and a minimum of 1 device that have not synced within 150 days
<#
    .SYNOPSIS
    Remove Exchange Server 2010 ActiveSync Device Partnerships 
   
   	Sebastian Rubertus / Thomas Stensitzki
	
	THIS CODE IS MADE AVAILABLE AS IS, WITHOUT WARRANTY OF ANY KIND. THE ENTIRE 
	RISK OF THE USE OR THE RESULTS FROM THE USE OF THIS CODE REMAINS WITH THE USER.

    Send comments and remars to: support@granikos.eu
	
	Version 1.0, 2015-04-09
 
    .LINK  
    More information can be found at http://www.rubertus.net/Blog/tabid/85/EntryId/41/Scripted-removing-of-ActiveSync-Device-Partnerships.aspx 
	
    .DESCRIPTION

    THis script removes ActiveSync device association from user mailboxes
    that have been inactive for more than 150 days.

    .NOTES 
    Requirements 
    - Exchange Server 2010
    - Windows Server 2008 R2 SP1, Windows Server 2012 or Windows Server 2012 R2  

    Revision History 
    -------------------------------------------------------------------------------- 
    1.0     Initial community release 
    
    .EXAMPLE
    Remove-ActiveSyncDevicePartnership
    	
    #>

### BEGIN SnapIns -------------------------------------------------------------

# Add Exchange SnapIn if not already loaded
if ( (Get-PSSnapin -Name Microsoft.Exchange.Management.PowerShell.E2010 -ErrorAction SilentlyContinue) -eq $null )
{
    Add-PsSnapin Microsoft.Exchange.Management.PowerShell.E2010 -ErrorAction SilentlyContinue
   
    if ( (Get-PSSnapin -Name Microsoft.Exchange.Management.PowerShell.E2010 -ErrorAction SilentlyContinue) -eq $null )
    {
        Write-Host "Microsoft.Exchange.Management.PowerShell.Admin could NOT be loaded!" -ForegroundColor Red
        Write-Host "Verify that the Exchange 2010 Management is installed on this computer!" -ForegroundColor Red
    }
}

### END SnapIns ---------------------------------------------------------------

### BEGIN Variables | EDIT ACCORDING TO YOUR NEEDS ----------------------------

# ScriptPath
$scriptPath = "C:\Scripts\Remove-ActiveSync-Devices\"

# Logfile
$logfile = "C:\Scripts\Remove-ActiveSync-Devices\Logs\$(get-date -format yyyy-MM-dd___HH-mm-ss)___Logname.log"

### END Variables -------------------------------------------------------------


### BEGIN Functions -----------------------------------------------------------

Function Log
{
   Param ([string]$logstring)
   Add-content $logfile -value "$(get-date -format yyyy-MM-dd___HH-mm-ss) $logstring "
}

### END Functions -------------------------------------------------------------

### BEGIN Main ----------------------------------------------------------------

# Create a new log file
Write-Host
Write-Host "Script started, creating Log File."
Log "Script started."
Write-Host

# Query User Mailboxes and Device Statistics
Write-Host "Querying User Mailboxes, please wait a few seconds..." -ForeGroundColor green
Log "Querying User Mailboxes."
Write-Host
$Mailboxes = Get-Mailbox -RecipientTypeDetails UserMailbox -ResultSize Unlimited -WarningAction SilentlyContinue
$NumberOfMailboxes = $Mailboxes.count
Write-Host "Number of Mailboxes: $NumberOfMailboxes "
Log "Number of Mailboxes: $NumberOfMailboxes "
Write-Host

# Iterate each User Mailbox
ForEach ($Mailbox in $Mailboxes)
{
    $MailboxAlias = $Mailbox.Alias
    Write-Host
    Write-Host "================================================================================="
    Write-Host
    Write-Host "Getting ActiveSync Devices from user $MailboxAlias..."
    Log "Getting ActiveSync Devices from user $MailboxAlias. "
    $AllDevicesFromSpecificUser = Get-ActiveSyncDevice -Mailbox $MailboxAlias -Result Unlimited  -WarningAction SilentlyContinue | Get-ActiveSyncDeviceStatistics -WarningAction SilentlyContinue
    $AllDevicesFromSpecificUserNotSynchronizedSince150Days = Get-ActiveSyncDevice -Mailbox $MailboxAlias -Result Unlimited  -WarningAction SilentlyContinue | Get-ActiveSyncDeviceStatistics  -WarningAction SilentlyContinue | Where {$_.LastSuccessSync -le (Get-Date).AddDays("-150")}
    Write-Host
    $CountAllDevicesFromSpecificUser = $AllDevicesFromSpecificUser.Count
    $CountAllDevicesFromSpecificUserNotSynchronizedSince150Days = $AllDevicesFromSpecificUserNotSynchronizedSince150Days.Count
   
    If ($CountAllDevicesFromSpecificUser -lt 5)
    {
        Write-Host "User $MailboxAlias has only $CountAllDevicesFromSpecificUser ActiveSync Devices. Nothing to delete!" -ForegroundColor Green
        Log "User $MailboxAlias has only $CountAllDevicesFromSpecificUser ActiveSync Devices. Nothing to delete!"
    }
   
    If (($CountAllDevicesFromSpecificUser -gt 4) -and ($CountAllDevicesFromSpecificUserNotSynchronizedSince150Days -gt 1))
    {
        Write-Host "User $MailboxAlias has $CountAllDevicesFromSpecificUser devices. $CountAllDevicesFromSpecificUserNotSynchronizedSince150Days have not synced for more than 150 days." -ForegroundColor Red
        Log "User $MailboxAlias has $CountAllDevicesFromSpecificUser devices. $CountAllDevicesFromSpecificUserNotSynchronizedSince150Days have not synced for more than 150 days."
       
        ForEach ($Device in $AllDevicesFromSpecificUserNotSynchronizedSince150Days)
        {
            $DeviceType = $Device.DeviceType
            $DeviceFriendly = $Device.FriendlyName
            $DeviceID = $Device.DeviceID
            $DeviceFirstSyncTime = $Device.FirstSyncTime
            $DeviceLastSuccessSync = $Device.LastSuccessSync
            Write-Host
            Write-Host "ActiveSync Device 2 delete Properties: "
            Write-Host "-------------------------------------- "
            Write-Host "Type         : $DeviceType "           
            Write-Host "Friendly Name: $DeviceFriendly "
            Write-Host "ID           : $DeviceID "
            Write-Host "Last Sync    : $DeviceLastSuccessSync " -ForegroundColor Red
            Log "Removing Device $DeviceType with ID $DeviceID ..."
            Write-Host
            Write-Host "Removing Device $DeviceID ..." -ForegroundColor Red
            $Device | Remove-ActiveSyncDevice -WarningAction SilentlyContinue
        }
    }
}

# Script finished
Write-Host
Write-Host "Script finished!"
Write-Host
Log "Script finished!"

### END Main ------------------------------------------------------------------

Links

 


You need assistance with your Exchange Server setup? You have questions about your Exchange Server infrastructure and going hybrid with Office 365? Contact us at office365@granikos.eu or visit our website http://www.granikos.eu.

 

Weiterlesen »
On November 6, 2014
876 Views

Problem

After In-place upgrading from Windows Server 2008 R2 to Windows Server 2012 R2 (not a good idea in production environment) and activating the new Windows Server Updates Services Role, I´ve encountered several errors. The machine had also the System Center Configuration Manager 2012 R2 installed.

The post-installation task ended with the error Failed to start and configure the WSUS service.

WSUS Post-Installation Task failed

 

A manually start did not work either (Error 193: 0xc1):

WSUS Post-Installation Error 193

 

Reason

CCMSetup (SCCM) created a file called Program in the root folder and the WSUS Application Pool ran under the wrong .NET CLR Version.

CCMSetup Error

 

Solution

Delete or rename Program file and change the .NET CLR Version from .NET 2 to .NET 4.

Change .NET CLR Version

 

After an IISReset restart the Post-installation tasks of WSUS:

Post-Installation Task finishing
 
 

 

 

Weiterlesen »
On Oktober 15, 2014
948 Views

SharePoint Server 2013Problem

Saving a Site Template with activated Publishing Feature is not possible in SharePoint 2013 (menu link missing).

When using the direct browser link (which worked perfect in SharePoint 2010) http://YourSharePointSite/_layouts/15/savetmpl.aspx you get the error The "Save site as template" action is not supported on this site.

Save site as template error

 

Solution 

Modify the SaveSiteAsTemplateEnabled property in your SPWeb object via PowerShell.

# Store your Site in a variable:
$SiteToModify = Get-SPWeb http://YourSharePointSite

# Display the current value of the property:
$SiteToModify.AllProperties["SaveSiteAsTemplateEnabled"]

# Set the property to true:
$SiteToModify.AllProperties["SaveSiteAsTemplateEnabled"] = "true"
$SiteToModify.Update()

 

Screenshot PowerShell

 

When now trying the savetmpl.aspx link again, you can save your template:
http://YourSharePointSite/_layouts/15/savetmpl.aspx

Save as Site Template working

 

 

 

Weiterlesen »