Monday, June 25, 2012

New-SPAlternateURL : You must specify the default zone URL for all Web applications ...

I was configuring AAM using Powershell. I wanted my current Default URL to be my new Intranet URL and to use a new URL as my Default. To add a setting for a new zone, I was using New-SPAlternateURL. 

$app = Get-SPWebApplication
New-SPAlternateURL -WebApplication $app -Zone "Intranet" -Url $app.Url


However, this is what I am getting:

New-SPAlternateURL : You must specify the default zone URL for all Web applications. To delete the Alternate URL Collection, remove the public URLs in all other zones, and then remove the default zone URL

It turns out this is the error message you get when you try to use the same URL for more than one zone. It would have been nice if the error message actually said that. So now my code is like this:

$app = Get-SPWebApplication
$intranetUrl = $app.Url
Set-SPAlternateURL -Identity $app.Url -Zone "Default" -Url $defaultUrl
New-SPAlternateURL -WebApplication $app -Zone "Intranet" -Url $intranetUrl

Thursday, June 21, 2012

Powershell style command line arguments in c# console application

I have jumped back into writing a c# console application which requires some command line argument. Since I love the way Powershell does it, I figured why not? Doing some searching around, I came across this blog post, "Powershell like command line arguments in a C# Console Application", which does it beautifully for me. Now to move onto actually writing my console application itself ...

Thursday, June 7, 2012

The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.

I just setup my SharePoint 2010 instance to run under SSL. I have a Powershell script that creates users and does a bunch of other setup things. One of the steps is to load some SharePoint pages which I do with something like this:

$Page = $WebClient.DownloadString($URL)

This was working fine when the default zone was HTTP but now that I am on HTTPS, I get the following error:

Exception calling "DownloadString" with "1" argument(s): "The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel."
At line:1 char:34
+ $Page = $WebClient.DownloadString <<<< ($URL)
    + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException     + FullyQualifiedErrorId : DotNetMethodException

I am using a commercially signed certificate and triple checked that the CA root certificates are in the right places. 

Doing some research I came across this thread on SSL/TLS Trust Relationship. Simply overriding the server certificate validation callback to blindly accept everything did the trick:

[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}

Not feeling totally comfortable with that, I decided to do more research and found a post about Managing Trusted Root Authorities for Claims Authentication in SharePoint 2010 Central Admin. This led me to try the following:

  1. Central Administration->Manage Trust
  2. New (trust relationship)
I added my Root Authority Certificate and now I don't have any more trust issues. Well, my Powershell script doesn't - I still don't trust anybody :-) 

Wednesday, June 6, 2012

System.IO.FileLoadException thrown on managing service application from Central Administration

I had just extended my web application to allow for SSL access. In order to do some configuration, I needed to go into Central Administration->Manage Service Applications. I was unable to manage some applications because Central Administration was throwing the following exception:

System.IO.FileLoadException: The located assembly's manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040)  

Not much more available in ULS.

It looks like just a simple iisreset did the trick. It probably has to do with the fact my demo server has Central Administration on the same server as the Service Application (just like the issue with the User Profile Application being on the same machine as Central Administration).

Tuesday, June 5, 2012

Set-ADAccountPassword : Access is denied

I was trying to reset  a bunch of passwords and was trying to do this in Powershell:

Set-ADAccountPassword -Identity myuser -Reset -NewPassword (ConvertTo-SecureString -AsPlainText 'newpassword' -Force)

However, it was coming back with the following despite running the Powershell console as Administrator:

Set-ADAccountPassword : Access is denied
At line:1 char:22
+ Set-ADAccountPassword <<<<  -Identity myuser -Reset -NewPassword (ConvertTo-SecureString -AsPlainText 'newpassword' -Force)
    + CategoryInfo          : PermissionDenied: (christys:ADAccount) [Set-ADAccountPassword], UnauthorizedAccessException
    + FullyQualifiedErrorId : Access is denied,Microsoft.ActiveDirectory.Management.Commands.SetADAccountPassword

I did a quick search and found this, which didn't help, but it did inspire me to try this:

$newpassword = ConvertTo-SecureString -AsPlainText 'newpassword' -Force
Set-ADAccountPassword -Identity myuser -Reset -NewPassword $newpassword

This worked well.

Monday, June 4, 2012

Creating default associated groups

While creating a new site through the UI (Site Actions->New Site) my browser crashed. This caused the default associated groups to not get created among other things. As a result, I had to do this manually.

Looking back at a previous post, Creating predefined groups in site collection created by Powershell, I ran the following Powershell:

$web.CreateDefaultAssociatedGroups($web.Site.Owner.UserLogin, $web.Site.SecondaryContact.UserLogin, $web.Title)

I went back into Site Permissions and still didn't see my groups. Reading the SPWeb.CreateDefaultAssociatedGroups Method document's Remarks, it mentions that the AssociatedVisitorGroup and the AssociatedOwnerGroup have to be null before invoking this method. Mine were set to point to the equivalent Home groups. So I ran the following:
$web.AssociatedOwnerGroup = $null
$web.AssociatedMemberGroup = $null
$web.AssociatedVisitorGroup = $null
$web.CreateDefaultAssociatedGroups($web.Site.Owner.UserLogin, $web.Site.SecondaryContact.UserLogin, $web.Title)

and all is fine.

Using iPad as an external monitor

Sometimes I'm on the road but still doing some heavy duty work and having a second monitor helps. Carrying a second monitor is out of the question. I have thought about bringing extra cables and using my hotel room TV. I have even thought about buying an external pico projector. However, since I have an iPad, I thought I might as well use that as a second display.

I researched the following options:
ultraVNC / Mocha VNC Lite - as described here
Air Display - Shelve it for now as it costs $9.99
iDisplay - I stayed away from this one due to some bad reviews.
MaxiVista - I stayed away from this one due to some bad reviews.
OnLive Desktop also popped up in my searches, but from what I can tell it gives you a whole Windows environment and not simply a display

I ended up using DisplayLink as it seems like it was built specifically for my purpose.

The installation was smooth, but it appeared to have screwed up some Bluetooth driver as my Bluetooth mouse no longer worked. It could be coincidence, but I had to reinstall the driver after installing DisplayLink and everything worked again.

I wish there were one that would connect over Bluetooth instead of over wifi, but I will take it for now.

Now to buy a cover / stand.

[Update - 2012-06-07]
Got BSOD coming from dlkmd.sys twice yesterday before deciding to uninstall. I haven't even used it for a few days. In both cases, it may have happened when my machine locked itself for being idle.