SharePoint 2013, InfoPath and External Data Connections

I will be brief today, busy day, however I wanted to get this one out there.

Here is the list…

Broken Infopath Form (You do not have permission to access a database that contains data required for this form the function correctly) – Check!
External Data Connection, SQL – Check!
SharePoint 2013 – Check!
Data Connection Library Created – Check!
Secure Store Service Application Setup – Check!

I have run into this quite a few times. SharePoint 2013, Web Applications have kerberos enabled and the form breaks. This usually doesn’t happen “just because” unless you have a residual form that someone found recently… Either way, it’s broken.

Find the UDCX file in the data connection library of the site the form resides in. Generally under site contents. Make a copy of it and edit, notepad works.

Here is the change that is needed.

Before. Uncomment and set the Application ID.

<!–udc:Authentication><udc:SSO AppId=” CredentialType=” /></udc:Authentication–>

After. Enter in the App ID and Cred Type.

<udc:Authentication><udc:SSO AppId=’InfoPathForms‘ CredentialType=’NTLM‘ /></udc:Authentication>

This has fixed it most of the time.



SharePoint 2013: Error: ID3204: WS-Federation SignIn request must specify a ‘wtrealm’ or ‘wreply’

As you may know, I work with Microsoft products, SharePoint specifically lately. I ran into an issue with the setup of utilizing ADFS as a claim token provider for authentication on a specific URL.

The issue was…

Error: ID3204: WS-Federation SignIn request must specify a ‘wtrealm’ or ‘wreply’

There was more to this with custom errrors on. I like it when I get the full spiel from .NET.

While I care very much for wreply in my situation, I didn’t get initially what was broken… the setup of a token issuer is quite simple, especially ADFS, it’s less fuss and a Microsoft product. Plus my scripts usually don’t fail me much.

After a quick working environment comparison and running a few powershell scripts, I saw that my realm providers did not have the URN attached.

Key                                        Value
—-                                      —–

Bah Humbug…

A quick clear, of the values.

$ap = Get-SPTrustedIdentityTokenIssuer

And re-run my script… and voila…

Key                                        Value
—-                                      —–
https://URL1/                     urn:fancy1:fancy1
https://URL2/                     urn:fancy1:fancy1
https://URL3/                     urn:fancy1:fancy1
https://URL4/                     urn:fancy1:fancy1
https://URL5/                     urn:fancy1:fancy1
https://URL6/                     urn:fancy1:fancy1
https://URL7/                    urn:fancy1:fancy1

The urn:fancy1:fancy1 provider realm matches the ADFS relying party I had setup before. Now my site works…





SharePoint Online Management Shell

Microsoft has finally released the SharePoint Online management shell for powershell (Link).

Another helpful tool is the “Windows PowerShell for SharePoint Command Builder” (Link) which helps you quickly understand and use Windows PowerShell cmdlets for SharePoint Online.

The details can be found at the (Link) with the cmdlets listed. Not very robust yet, but as you are aware Microsoft is constantly releasing new features to O365.

SharePoint Online Management Shell cmdlets

Task Cmdlet name
User management Add-SPOUser
User management Get-SPOUser
User management Remove-SPOUser
User management Set-SPOUser
User management Get-SPOExternalUser
User group management Get-SPOSiteGroup
User group management New-SPOSiteGroup
User group management Remove-SPOSiteGroup
User group management Set-SPOSiteGroup
Site collection management Get-SPODeletedSite
Site collection management Get-SPOSite
Site collection management New-SPOSite
Site collection management Remove-SPODeletedSite
Site collection management Remove-SPOSite
Site collection management Repair-SPOSite
Site collection management Restore-SPODeletedSite
Site collection management Set-SPOSite
Site collection management Test-SPOSite
Organization level monitoring and management Get-SPOAppErrors
Organization level monitoring and management Get-SPOAppInfo
Organization level monitoring and management Get-SPOTenant
Organization level monitoring and management Get-SPOTenantLogEntry
Organization level monitoring and management Get-SPOTenantLogLastAvailableTimeInUtc
Organization level monitoring and management Get-SPOWebTemplate
Organization level monitoring and management Set-SPOTenant
Upgrade Upgrade-SPOSite
Upgrade Request-SPOUpgradeEvaluationSite
Service connection and disconnection Connect-SPOService
Service connection and disconnection Disconnect-SPOService
OneDrive sync client Get-SPOTenantSyncClientRestriction
OneDrive sync client Remove-SPOTenantSyncClientRestriction
OneDrive sync client Set-SPOTenantSyncClientRestriction

SharePoint 2016, woot!

Published via blog post today (Link), you can all rest easy knowing another on-premise version of SharePoint is coming. Based on the following from the article, I can’t even guess what their plans are, maybe fixing their backup and restore feature…

“It has been designed, developed and tested with the Microsoft Software as a Service (SaaS) strategy at its core, drawing from SharePoint Online. With this, SharePoint Server 2016 will offer customers enhanced, flexible deployment options, improved reliability and new IT agility, enabled for massive scale.”

In the next paragraph they also mention hybrid, ladies and gentlemen, this is where Microsoft is going. My guess at this point is local deployment for future deployment to Office 365 or the cloud. Yes, I like this idea, however due to the amount of customization of SharePoint I have seen in previous projects this may be not the save all for everyone.

In the end, hoping to have a career a few more years…

SharePoint Infrastructure Memory, “What you say!?”

As you probably guessed from the title, I deal in Microsoft daily. Most of my time the past few years has been spent on SharePoint, specifically on the infrastructure (Design, Maintenance, Upgrade and Migration) of SharePoint. A common theme with clients when I hand them a document explaining it all. They read, look up at me, ask “why should this server be configured with 28GB of memory?”. Answering this question isn’t exactly as simple as saying “Just because”. So I thought, let’s really get down to it.

I am going to focus specifically on application servers, and what I mean by this is Search and Service Applications specific machines. Most of you reading this won’t be building 20 server farms, in most cases it will consist of 6 machines listed as so;

2 Web Front End
2 Application/ PowerPivot
2 SQL Servers (in some kind of cluster)

In thinking about application servers, they can mean many different things. The gist of it is, they become the machine that everything is installed on, except web front end services, no matter how many policies you put in place. In the best case, at the beginning of a project it’s a clean machine with all the bells and whistles which include the full Service Application load, Business Intelligence Features, Central Admin and Search. Whew, that’s a lot on one machine.

Let’s get down to the details, let’s assume the following.

– Your deploying Windows Server 2012 R2
– Your installing ALL the service applications
– Your configuring performance enhancements for search
– Business Intelligence Features (Excel, Visio, etc.)

And then the details;

– 16GB Recommended Memory for Windows Server 2012 R2
– 12GB Recommended Memory for SharePoint 2013, Web Server or Application Server (Included in above)
– 2-6GB Search Performance Enhancements
– 2-6GB BI Enhancements
– 2GB for each additional application, examples would be Office, Monitoring, Management, etc.

Total = 22-30GB

So when I say, 28GB, it’s a high middle of the road configuration that many are happy with, i.e. performance wise. I see a lot of deployments within the 12-18GB range. While this will “get you by” the overall performance of the machine isn’t what I would want out of a deployment like this. Your spending the money, back it up with the hardware.

I could go into more details, but this is already boring enough 🙂

Of course you can move these service to other machines and create a more granular farm, though the licensing costs of these machines can get hefty adding a 5th+ server plus add management costs, yes, support people cost money!

In the end, I like to see the following when it comes to Memory in farm servers;

WFE – 14GB Memory
APP – 28GB Memory

And with any case, any deployment is different. It’s important to analyze what you have before you go out and buy a new farm. You may not need this, you may start out small (minimums) and add as needed, there are many different scenarios, too many to fit into this post.

Many of you may get to this post via archival, “why did we do that” type questions, I applaud your research abilities and due diligence. For those who are FINALLY venturing into the Business Intelligence stack inside SharePoint, double goody goody. There are a lot of good features and integration points, especially if you venture down the Kerberos road. On either point, kudos to you.

As with anything, research and do your due diligence before you go and order that new virtual host.