Add user or group to web application user policy

Below script to add a group to full control access to all the web-applications in SharePoint farm.

$userOrGroup = "domainROL-G-All-SharePointAdmin-Admin" 
$displayName = "SharePoint Team"

Get-SPWebApplication | foreach { 
    $webApp = $_ 
    $policy = $webApp.Policies.Add($userOrGroup, $displayName) 
    $policyRole = $webApp.PolicyRoles.GetSpecialRole([Microsoft.SharePoint.Administration.SPPolicyRoleType]::FullControl) 
    $policy.PolicyRoleBindings.Add($policyRole) 

    $webApp.Update() 
}

Get-SPWebApplication | foreach { 
    $webApp = $_ 
    $policy = $webApp.Policies.Add($userOrGroup, $displayName) 
    $policyRole = $webApp.PolicyRoles.GetSpecialRole([Microsoft.SharePoint.Administration.SPPolicyRoleType]::FullRead) 
    $policy.PolicyRoleBindings.Add($policyRole) 
    $webApp.Update() 
}

 

Advertisement

Change or rename the subsite URL

I can’t rename a URL of a site (using the Site Settings>Title,Description and Icon) I received an error “The attempted operation is prohibited because it exceeds the list view threshold enforced by the administrator”

None of the lists in the subsite exceeds the list view threshold item limits.  But when the same operation is attempted with farm admin account is succeeded as that account default is 20000 anyway. So it seems the total items in that site is adding up for this action and not allowing the rename of url.

Two options :

• Find and increase the LVT.
• Alternatively use ‘farm account’ to rename on site or use powershell to update (Get-SPWeb http://portal/subsite | Set-SPWeb -RelativeUrl newsubsitename)  in either case the underlying account uses List View Threshold for auditors and administrators which has higher limits of LVT so it could succeed.

Find All InfoPath Form Libraries and lists in SharePoint

As part of the cleanup activity one of the SharePoint analyst requested a report listing all the forms libraries and lists as well with document count and last modified date. Finding lists with forms enabled was different used SharePoint manager to search and query for the property which separates lists with and without forms but no luck.

Then I found the following property from one of the blog and married up the script with Rajack’s script to produce a script works for me.

 

[System.Reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint") > $null
 
#Get the web application
Write-Host "Enter the Web Application URL:"
$WebAppURL= Read-Host
$SiteColletion = Get-SPSite($WebAppURL)
$WebApp = $SiteColletion.WebApplication
 
#Write the CSV header
"Site Collection `t Site `t List Name `t List Url `t Docs Count `t Last Modified `t Form Template" > InfoPathLibs.csv
 
#Loop through all site collections of the web app
    foreach ($site in $WebApp.Sites)
    {
       # get the collection of webs
       foreach($web in $site.AllWebs)
        {
            write-host "Scaning Site" $web.title "@" $web.URL
               foreach($list in $web.lists)
               {
                   if( $list.BaseType -eq "DocumentLibrary" -and $list.BaseTemplate -eq "XMLForm")
                    {
                    $listModDate = $list.LastItemModifiedDate.ToShortDateString()
                    $listTemplate = $list.ServerRelativeDocumentTemplateUrl
                    
       #Write data to CSV File
                   $site.RootWeb.Title +"`t" + $web.Title +"`t" + $list.title +"`t" + $Web.Url + "/" + $List.RootFolder.Url  +"`t" + $list.ItemCount +"`t" + $listModDate +"`t"  + $listTemplate >> InfoPathLibs.csv
                }
                elseif ($list.ContentTypes[0].ResourceFolder.Properties["_ipfs_infopathenabled"])
                {
                    $listModDate = $list.LastItemModifiedDate.ToShortDateString()
                    $listTemplate = $list.ServerRelativeDocumentTemplateUrl
                    #Write data to CSV File
                   $site.RootWeb.Title +"`t" + $web.Title +"`t" + $list.title +"`t" + $Web.Url + "/" + $List.RootFolder.Url  +"`t" + $list.ItemCount +"`t" + $listModDate +"`t"  + $listTemplate >> InfoPathLibs.csv
                }
             
               }
        }
    }
 
#Dispose of the site object
$siteColletion.Dispose()
Write-host  "Report Generated at same path of the powershell script InfoPathLibs.csv" -foregroundcolor green

The following report looks like:

In the below report which ever list does not have a form template implies its a list and all others are document libraries.

 

Delete duplicate fields in a sharepoint list based on internal name

I have a similar issue where a content and structure migration created duplicate fields and had to delete fields based on internal name

My code:

$web = Get-SPWeb https://myWeb
$list = $web.Lists["Technical"]
$field = $list.Fields |?{$_.InternalName -eq "InternalNameofthefield"}
$field.ReadOnlyField = $false
$field.AllowDeletion = $true
$field.Sealed = $false
#if I dont update prior I can't delete - on sharepoint 2010 so update command first.
$field.update()
$field.Delete()
$list.Update()
$web.Dispose()

 

Script to find sharepoint group members across sites

The below is a script to look for a group and group members across sites in the SharePoint farm.

You can customize it for site collection and web apps along with export columns.

$sites = Get-SPWebApplication P_Teams" | Get-SPSite -limit all
"Site Collection`t Group`t User Name`t User Login" | out-file groupmembersreport.csv
foreach($site in $sites)
{
	$webs = $site.allwebs
    foreach($web in $webs)
   {
    if($web.hasuniqueroleassignments)
    {
    $group = $web.Groups |?{$_.Name -like "*power*"}
    # you can also filter by exact group name { $_.Name -eq "Power Users"} or look for word in a group
	foreach($user in $group.Users)
		{	
		"$($web.url) `t $($group.Name) `t $($user.displayname) `t $($user) " | out-file groupmembersreport.csv -append
		}
    }
  }
$site.Dispose()

}

 

 

PowerShell Script – list all SharePoint group members

A quick script to query  site collections in a web application for SharePoint group and list all the members of that group and export into an CSV file. In the below example I am looking for “Power Users” group and list all the members of that group

$sites = Get-SPWebApplication http://intranet.contoso.com | Get-SPSite -limit all
"Site Collection`t Group`t User Name`t User Login" | out-file groupmembersreport.csv
foreach($site in $sites)
{
	$sitegroup = $site.RootWeb.SiteGroups |?{$_.Name -EQ "Power Users"}
	foreach($user in $sitegroup.Users)
		{	
		"$($site.url) `t $($sitegroup.Name) `t $($user.displayname) `t $($user) " | out-file groupmembersreport.csv -append
		}
$site.Dispose()
}

If you are interested in querying all the groups in the site collections and list all the members

# if you want to query all the site collections and its groups members then un comment line 4 and comment line 5
# $sites = get-spsite -limit All
$sites = Get-SPWebApplication http://intranet.contoso.com | Get-SPSite -limit all
"Site Collection`t Group`t User Name`t User Login" | out-file groupmembersreport.csv
foreach($site in $sites)
{
	foreach($sitegroup in $site.RootWeb.SiteGroups)
        {
	  foreach($user in $sitegroup.Users)
	 	{	
		"$($site.url) `t $($sitegroup.Name) `t $($user.displayname) `t $($user) " | out-file groupmembersreport.csv -append
		}
          }
$site.Dispose()
}

You can also write in a single line if you quickly want to query for a single site collection

Get-Spweb http://intranet.contoso.com | Select -ExpandProperty SiteGroups | Where {$_.Name -EQ "Power Users"} | Select -ExpandProperty Users | Select Name, userlogin, Email

 

Cleanup user information list and remove users from Site

Recently one of the analyst requested can we cleanup profiles in the User Information List in a site collection as he was looking to create a template out of it. This is an interesting topic because not only this is important for as a template but it is also an extranet site (internet facing) and its a good practice to minimize the user information exposed externally, most of the extranet site collections if not taken care the details can be queried by directly pointing the site collections to the following url’s

http://<site_collection_url>/_layouts/userdisp.aspx?Force=True&ID=20  (change the number to query groups and users and their personal details)

Coming back to the point how to delete user profiles in a site collection, and also cleanup the user information list, check the below powershell.

Note: It also deletes the users and user permission on the site collection.

$sc = Read-host "Enter Site Collection URL"
$site = get-spsite $sc
$users = get-spuser -web $site.rootweb -limit All
foreach ($user in $users){remove-spuser -identity $user.userlogin -web $site.rootweb -confirm:$false -erroraction Silentlycontinue }

Another approach to filter and cleanup the user information list below. This remove the groups as well if not filtered by the item.ID while passing the item to remove.

# Note: take a backup of your site collection before attempting this script - 
# Note: this script could strip all the users and their permissions on the site
$sc = Read-host "Enter Site Collection URL"
$web = get-spweb $sc
$list = $web.SiteUserInfoList
#this will get all the users and groups so be careful while passing $item to remove.
$items = $list.getitems()

foreach ($item in $items){$web.siteusers.RemoveByID($item.ID) -erroraction Silentlycontinue }

This is a simple post to achieve what I am looking and there is a potential to corrupt your site collections, I had taken care to test in my DEV farm. This has been tested in sharepoint 2010 sp1 only.

The below posts can help you further on this topic.

http://www.sharepointdiary.com/2012/04/delete-users-clean-up-user-information-list.html

http://blog.falchionconsulting.com/index.php/tag/set-spuser/

 

“Alert Me” Missing in the SharePoint Ribbon

These is a strange issue that “Alert Me” button Missing in the SharePoint Ribbon but only for a few site collections and for one complete web application. Check the following paths in central administration.

• Central Admin –> Systems settings –>E-Mail and Text messages –> Configure outgoing email settings

• Also make sure the web application outgoing email settings are filled as well.

But in this case some web applications are showing “Alert Me” button and this I vaguely remembered something with STSADM commands, and this was suggested by me to the customer to disable alerts for any restored databases from prod to test to stop the site collection from sending alerts to users.

There is a STSADM property which is by default enabled and we can turn the property to false for each site collection or to a complete web application.

#To disable alerts, use the following syntax:
stsadm -o setproperty -url http://server_name -pn alerts-enabled -pv false

#To view the setting for the alerts-enabled property, use the following syntax:

stsadm -o getproperty -url http://server_name -pn alerts-enabled

PS C:> stsadm -o getproperty -url http://teams.contoso.com -pn alerts-enabled

<Property Exist="Yes" Value="no" />

PS C:> stsadm -o setproperty -url http://teams.contoso.com -pn alerts-enabled -pv true

Operation completed successfully.

The following documentation will be helpful to start on this: Here

At the time of this writing these details applies to SharePoint 2010.

 

tags: SharePoint 2010, powershell, SharePoint Alerts, STSADM

Automate monitoring SharePoint and Windows Services

As a SharePoint admin, the most important role calls for monitoring servers and maintain the SLA’s. I guess there will be no second thoughts on this. For an admin as the environment grows to multiple farms and servers at different location it calls for automation – mostly on routine tasks to save time for their personal life and here in I am attempting to address how it did saved me some time. Automate monitor/start SharePoint Services on farm servers. You can script it to check these services at every restart and if you are the unlucky one where some of the services  keep on stopping or unstable you can schedule the the script to check the services and attempt to start them and also email you the status.

So, we are looking at the script to:

1. Check the services at startup or on scheduled time.
2. Attempt to start the services if they are stopped
3. Send an email with the status of the services from each server.

What you need to know before trying this option:  SMTP server or mailhost server (which has to be unauthenticated SMTP).

I had this script, apparently it is been pieced together for my requirements and then scheduled to run on each reboot. How to call this script, 2 files created: Batch file which refers the PowerShell script  (keep both these files in same path)

1. servicescheck.bat

@echo off
PUSHD "%~dp0"
powershell -file "servicescheck.ps1" < NUL
exit

1. Servicescheck.ps1

param
(
    [Parameter(Mandatory=$false, HelpMessage='-ServiceNames Optional, provide a set of service names to restart.')]
    [Array]$ServiceNames=@("SharePoint 2010 Tracing","Simple Mail Transfer Protocol (SMTP)","SharePoint 2010 Timer","SharePoint 2010 Administration","IIS Admin Service","World Wide Web Publishing Service", "Net.Tcp Listener Adapter","Net.Pipe Listener Adapter")
);

$server = hostname;
$emailbody = "";

        Write-Host "Attempting to start services on" $server -ForegroundColor White;
        foreach($serviceName in $ServiceNames)
        {
            $serviceInstance = Get-Service  -DisplayName $serviceName -ErrorAction SilentlyContinue;
            if(($serviceInstance -ne $null) -AND ($serviceInstance.Status -eq "Stopped"))
            {
               # Write-Host "Attempting to start service" $serviceName ".." -ForegroundColor White -NoNewline;
                
                    try
                    {
                    start-Service -InputObject $serviceInstance; 
                                
                    }
                    catch
                    {
                        Write-Output "Error Occured: " $_.Message;
                    }
             }
        }
$emailbody = foreach($servicename in $servicenames){ Get-Service $servicename -ErrorAction SilentlyContinue | Select-Object Status, DisplayName | ConvertTo-Html -Fragment}

$users = "Venu Madhav <VenuMadhav@outlook.com>"
$fromemail = "$server@Contoso.com"
$smtpserver = "mailhost.contoso.com"
# assemble the HTML for our body of the email report.

$HTMLmessage = @"
$emailbody
"@ 

send-mailmessage -From $fromemail -to $users -subject "$server Rebooted - Services Status" -BodyAsHTML -Body $HTMLmessage -priority High -smtpServer $smtpserver
$emailbody = "";
exit

 

 

 

 

 

 

 

 

 

Tags: Monitor Services, Automate Service Monitoring, PowerShell, SharePoint, Automate monitoring SharePoint and Windows Services

SharePoint 2013 Upgrade Process

[dropcap][/dropcap] [dropcap][/dropcap]How to we get the SharePoint 2010 upgraded to 2013?

We do not have anymore inplace upgrade, so we need to bring the databases over to SharePoint 2013 Farm. So we need to have SharePoint 2013 farm built, services setup and server distribution before the upgrade.

What are the high level upgrade Stages?

 

What service applications can be upgraded?

Only a few of the service applications below can be upgraded.

1. Managed Metadata
2. Business Data Connectivity
3. Secure Store
4. Search Administration
5. PerformancePoint
6. User Profile – Profile, social and sync databases

How are the service applications upgraded?

Restore the database from 2010 farm and in required rename it while restoring to any new 2013 service app database naming convention. Then can use this database name while creating new service application either from CA or with

How can we upgrade upgrade Site Collections or Content databases?

This involves three steps: Get the databases restores in SQL server. Mount the content database associated with web application. Upgrade the site collection from the sites banner. Or upgrade the content database and the associated site collections with PowerShell.

While upgrading consider  – how are the cpu, memory and disk IO doing as the process running on the servers. Before we do the production upgrade we need to have an test or stage 2013 farm where we can run and note how long the upgrade can take will it help if we run the upgrade parallel. Upgrade performance is very crucial while planning for production upgrade.

We can upgrade as an administration all the content databases, and as a user they can upgrade their site collections by clicking on the upgrade banner.

We will see other detailed admin upgrade commands and considerations in the following post.