Thursday, March 12, 2015

ListView Day Filter in SharePoint

There was a query at technet forum , "Requirement to show "Daily" stats on a custom list.  Criteria are to show items modified between 3pm yesterday to 3pm today. "

Solution -  

1- Create a Calculated column in list. The formula should be  -
  • Name - ModifiedHrs
  • Type - Calculated
  • Formula:     =HOUR(Modified)
  • Format -Number (1, 1.0, 100)
    Number of decimal places:  0
2- Create a Tabular View ( e.g. DayState.aspx) for List. (not Calendar View), through browser with filter ( Modified equal to [Today]).
3. Now Open the view page (DayState.aspx) in SharePoint Designer code view [Edit in Advance Mode]
4. Locate the CAML query associated with the filter (Modified = [Today]), you can find something like

<WebPartPages:WebPartZone ---
<WebPartPages:XsltListViewWebPart ----
-----
<XmlDefinition>
<View --->
<Query>
<OrderBy>--</OrderBy>
<Where>
<Eq>
<FieldRef Name="Modified"/>
<Value Type="DateTime"><Today/></Value>
</Eq>
</Where>
</Query>
<ViewFields---->
----
</View></XmlDefinition>
</XmlDefinition>




5. Replace the <Where>----</Where> Section with this one

<Where>
<Or><And><Eq><FieldRef Name="Modified"/>
<Value Type="DateTime"><Today OffsetDays="-1"/>
</Value></Eq><Gt><FieldRef Name="ModifiedHrs"/>
<Value Type="Number">14</Value></Gt></And>
<And><Eq><FieldRef Name="Modified"/>
<Value Type="DateTime"><Today/></Value></Eq><Lt>
<FieldRef Name="ModifiedHrs"/>
<Value Type="Number">16</Value></Lt></And></Or>
</Where>
 
6. Save the page , and test in browser

Microsoft.SharePoint.PostSetupConfiguration.PostSetupConfigurationTaskException was thrown


Problem :
In a sharepoint 2013 Installation or SP1/CU installation ,  after installation when start psconfig wizard, it throws error - " An exception of type Microsoft.SharePoint.PostSetupConfiguration.PostSetupConfigurationTaskException was thrown.  Additional exception information: Failed to upgrade SharePoint Products."

Solution:

  •  Restart your Timer service before you run config wizard."Run As Administrator" on the Products Configuration Wizard.
  • Make sure no other user, other than SharePoint managed accounts, have dbowner permissions for the SharePoint databases.
  • Reboot after CU installed and disable the User Account Control for you service accounts.
  •  Try using powershell -PSConfig.exe -cmd upgrade -inplace b2b -force -cmd applicationcontent -install -cmd installfeatures

Ref - https://social.technet.microsoft.com/Forums/en-US/bd6f406a-a75b-4958-88be-06d364a60451/microsoftsharepointpostsetupconfigurationpostsetupconfigurationtaskexception-was-thrown-while?forum=sharepointadmin

Wednesday, November 27, 2013

Forms Based Authentication (FBA) in SharePoint 2013

Setting Forms Based Authentication (FBA) in SharePoint 2013 is almost same as to SharePoint 2010 [ http://gj80blogtech.blogspot.in/2010/12/forms-based-authentication-in.html ]. Some differences are in .net framework version (4.0),  web.config entries ,  .Net 4.0 membership provider configuration not supported in IIS directly, No option for classic mode authentication now etc.

In this article, we will see how to configure SQL Server based authentication on SharePoint 2010 site. The Process involve following step of configuration …

  1.     Create SqlServer User membership database
  2.     Create or Extend SharePoint Web application
  3.     Modify Web.Config files for following we applications
  4.     Create Custom Login Form   

Step 1: Create SqlServer User membership database

  • Run aspnet_regsql.exe Located at "C:\Windows\Microsoft.NET\Framework64\v4.0.30319" Directory
  • ASP.NET SQL Server Setup Wizard Will appears, On welcome screen . Click Next 
  • Select “Configure SQL Server for application services”, and then click next
  • Enter the SQL Server, authentication information  and FBA Database name; E.g. Server = SP2013 ;  Windows Authentication;   Database = FBADB
  • Complete the Wizard and close;
  • Make sure the Application Pool accounts (your web application, Security Token Site, Central Administration web site) have access [dbowner role] to the FBA database.
  • Create some test user on this database ;You can use some Membership tools for this e.g. http://www.codeplex.com/CKS/Release/ProjectReleases.aspx?ReleaseId=7450.Or alternatively do it from any asp.net website in IIS. Create a dummy asp.net web site only for managing users. –
    • Open IIS - inetmgr. Right click on Sites and select “Add Web Site…”
    • Enter the field values, e.g. site name = TestASPFBAUser , physical Path = C:\ TestASPFBAUser VirtualDirectory , port =12345 and click OK.
    • Open “Application Pools”. Check framework for this new application pool “TestASPFBAUser”, it should be “2.0″.  Note: IIS does not support management of users and roles for .NET 4.0.
    • Set the identity of application pool “TestASPFBAUser”  to the account that has read/write permissions to the membership database [FBADB]. – Right Click application pool -> click Advanced Settings -> click Identity.
    • Add Connection String :
      • Select your new site “TestASPFBAUser”   and open the “Connection Strings” page.
      • On Connection Strings page, click “Add…”
      • On the Add Connection String dialog, Enter the field values , e.g. name = FBADBConnection , server = SP2013 , database = FBADB , Credentials - “Use Windows Integrated Security” and click OK.
    • Add Provider :
      • Select your new site “TestASPFBAUser”   and open the “Providers” Page.
      • On Providers page, select Feature = ‘.Net Users’. Click “Add…”
      • In Add dialog, choose type = “SQLMembershipProvider”. Enter a name, e.g. FBAASPMembershipProvider.
      • Set Profile Properties. Note: The options selected here must match with the options in SharePoint web.config provider settings. e.g. I chose: [EnablePasswordReset=True, RequiresUniqueEmail    = True , StorePasswordInSecureFormat=True and left others as default false]. 
      • Set ConnectionStringName = FBADBConnection (we just created) and ApplicationName = /
      • Click OK to close the dialog
    • Add User:
      • Select your new site “TestASPFBAUser”   and open the “.Net Users” page.
      • Set default membership provider. Click “Set Default Provider…” in the right side panel.  Choose the membership provider “FBAASPMembershipProvider” (we just created )and click OK.
      • Click “Add…” in the right side panel to add a user.
      • From the “Add .Net User” dialog, give the user a name, email and password. E.g. User -  FBAAdmin , password  - admin@1234, email – abc@test.com, left Question and Answer fields blank. Click OK to create the user and close the dialog.
  • Now we have one test user in FBADB , we will use this user as a admin for FBA. You can use this page to add and edit other users.

Create or Extend SharePoint Web application

You Can create a new site for testing and can use both windows authentication and FBA on same site. Or you can extend any existing site and use FBA for extended site & windows authentication for existing site.E.g. in my case i have extended port 80 site (http://server/) to port 90 (http://server:90)
  • Create a new web application
    • Open SharePoint Central Administration -> Application Management -> Manage Web Applications -> Click New
    • Select “Create a new IIS web site” and enter other fields – Name , Port , Path etc.
    • Check the Enable Forms Based Authentication(FBA) checkbox
    • Enter the ASP.Net Membership Provider Name and ASP.NET Role Provider Name that you are planning to configure in the web.config. e.g. FBAMembershipProvider and FBARoleProvider
    • Left “Enable Windows Authentication” checked, to use dual authentication, Click OK.
    • An Application Created dialog will appear. Click the “Create Site Collection” link to create the first site collection for this web application.
    • On Create Site Collection dialog, enter name,  URL , template, Primary Site Collection administrator [domain account], leave Secondary Site Collection Administrator blank for now. 
    • Click OK.
  • Extend existing web application
    • Open SharePoint Central Administration -> Application Management -> Manage Web Applications ->Select Existing Web Application
    • Click on Extend in ribbon menu
    • Select “Create a new IIS web site” and enter other fields – Name , Port , Path etc.
    • Uncheck Enable Windows Authentication
    • Check the Enable Forms Based Authentication(FBA) checkbox
    • Enter the ASP.Net Membership Provider Name and ASP.NET Role Provider Name that you are planning to configure in the web.config. e.g. FBAMembershipProvider and FBARoleProvider
    • Select Zone = Intranet , click Ok

Edit Web.Config Files

Modify Web.Config files for following web applications
  1. Central Administration
  2. Security Token Service (STS)
  3. Web application 
Modify Central Administration site’s web.config File

•  "ConnectionStrings" Entry 
<configSections>…</configSections>
<connectionStrings>
<clear />
<add name="FBADBConnection" connectionString="data source=SP2013; Integrated Security=SSPI; Initial Catalog=FBADB" providerName="System.Data.SqlClient" />
</connectionStrings>

•  "PeoplePickerWildcards" Entry
<PeoplePickerWildcards>
<clear />
<add key="FBAMembershipProvider" value="%" />
<add key="AspNetWindowsTokenRoleProvider" value="%"/> 
</PeoplePickerWildcards>

•  "RoleManager & Membership" Entries
<system.web>
.......
  <roleManager enabled="true"
cacheRolesInCookie="false"
cookieName=".ASPXROLES"
cookieTimeout="30"
cookiePath="/"
cookieRequireSSL="false"
cookieSlidingExpiration="true"
cookieProtection="All"
defaultProvider="AspNetWindowsTokenRoleProvider"
createPersistentCookie="false"
maxCachedResults="25">
      <providers>
        <!-- FBA -->
        <clear />
        <add connectionStringName="FBADBConnection" applicationName="/" name="FBARoleProvider" type=" System.Web.Security.SqlRoleProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a " />
      <add applicationName="/" name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />  
      <!-- FBA end -->
      </providers>
    </roleManager>
    <membership defaultProvider="FBAMembershipProvider" userIsOnlineTimeWindow="15" hashAlgorithmType="">
      <providers>
        <!-- FBA -->
        <clear />
        <add connectionStringName="FBADBConnection" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" passwordAttemptWindow="10" applicationName="/" requiresUniqueEmail="true" passwordFormat="Hashed" name="FBAMembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
        <!-- FBA end -->
      </providers>
    </membership>

</system.web>

Security Token Service web.config

<configuration>
….
<!-- FBA -->
  <connectionStrings>
    <clear />
    <add name="FBADBConnection" connectionString="data source=SP2013; Integrated Security=SSPI; Initial Catalog=FBADB" providerName="System.Data.SqlClient" />
  </connectionStrings>
  <system.web>
    <membership>
      <providers>
        <add connectionStringName="FBADBConnection"
        enablePasswordRetrieval="false"
        enablePasswordReset="true"
        requiresQuestionAndAnswer="false"
        passwordAttemptWindow="10"
        applicationName="/"
        requiresUniqueEmail="true"
        passwordFormat="Hashed"
        name="FBAMembershipProvider"
        type="System.Web.Security.SqlMembershipProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
      </providers>
    </membership>

    <roleManager enabled="true">
      <providers>
        <add connectionStringName="FBADBConnection" applicationName="/"
        name="FBARoleProvider"
        type="System.Web.Security.SqlRoleProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
      </providers>
    </roleManager>
  </system.web>
  <!-- FBA end -->
</configuration>

Web Application Web.config file
"ConnectionStrings" Entry
<!-- FBA -->
  <connectionStrings>
    <clear />
    <add name="FBADBConnection" connectionString="data source=SP2013; Integrated Security=SSPI; Initial Catalog=FBADB" providerName="System.Data.SqlClient" />
  </connectionStrings>
  <!-- FBA End -->

<PeoplePickerWildcards>
      <clear />
      <add key="AspNetSqlMembershipProvider" value="%" />
      <!-- FBA -->
      <add key="FBAMembershipProvider" value="%" />
      <!-- FBA end-->
    </PeoplePickerWildcards>

<membership defaultProvider="i">
      <providers>
         <!-- FBA -->
        <clear />
        <add connectionStringName="FBADBConnection" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" passwordAttemptWindow="10" applicationName="/" requiresUniqueEmail="true" passwordFormat="Hashed" name="FBAMembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
        <!-- FBA end -->
        <add name="i" type="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthMembershipProvider, Microsoft.SharePoint, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" />
      </providers>
    </membership>
    <roleManager defaultProvider="c" enabled="true" cacheRolesInCookie="false">
      <providers>
        <!-- FBA -->
        <clear />
        <add connectionStringName="FBADBConnection" applicationName="/" name="FBARoleProvider" type=" System.Web.Security.SqlRoleProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a " />
        <!-- FBA end -->
        <add name="c" type="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthRoleProvider, Microsoft.SharePoint, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" />
     </providers>
    </roleManager>
  </system.web>


Save all the web.config files and do an IISRESET ;


Add admin user for FBA site
  • Open SharePoint Central Administration Site
  • Open Application Management page -  Central administration -> application managmenet
  • Select your web application - e.g. SharePoint-80
  • Click ok "userpolicy" button in the Ribbon control 
  • On User-Policy window , click on Add Users, then Next [default all zone]
  • Search for your FBA admin user , e.g. fbaadmin, and add it
  • Give full control permission to the user.
Now open your FBA site in new browser , it  will open login form - 
  • In case of single site with dual authentication , form ,will allow You to select authentication type while login - Form or window 
  • In Case of extended site with single FBA authentication , it will open directly the FBA default login form