SharePoint @ Big Scholar

I was having some difficulty setting up User Profile imports from AD recently and it took me a while to figure out what I was doing wrong. Because I was working on a VM, that also gave me a headache. Although Virtual Machines are great (if you make a disastrous mistake and need to revert back), they also, for some reason, cuts off the connection to AD when it is reverted back. So each time I reverted, I needed to re-set the connection to the domain.

I'm not sure if this would help, but here's what I had to do to get the user profile synchronization service started in SP 2010 and to import users from AD.

When you initially installed SharePoint, make sure you use a service account that has access to AD. Let's call this account DOMAIN\svc-spadaccess (short for SharePoint Active Directory Acess). Make sure that this user is in the Farm Administrators group (in Central Admin).

Once SharePoint is installed, in Central Admin, click on Security > Configure Service Accounts.

Where it says Select one..., choose Windows Service - User Profile Synchronization Service. Where it says Select an account for this component, select DOMAIN\svc-spadaccess. If you don't see it there, then you need to click on Register new managed account to register it.

Click OK. If for some reason you get an error that looks like "An object of the type Microsoft.SharePoint.Administration.SPWindowsServiceCredentialDeployment JobDefinition named "windows-service'credentials-FIMSynchronizationService" already exists under the parent Microsoft.Office.Server.Administration.ProfileSynchronizationService named "FIMSynchronizationService". Rename your object or delete the existing object." then you need to do what it says and remove it. Click on Monitoring > Review job definitions (under Timer Jobs) and look for "Windows Service "FIMSynchronizationService" Credential Deployment". Click on it and click on Delete. Then try again.

Once you have done that, you need to set the Farm Account (from the same Select one... dropdown in the image above) to use DOMAIN\svc-spadaccess and click OK.

When I do that, I would get a 503 error. When you changed the farm administrator, the Application Pool identity for the SharePoint Central Administration v4 app pool also changes. For some reason, this causes the application pool to stop and refuse to start. I'm not sure if this is the best fix, but I found that when I clicked on Advanced Settings for that application pool and edit the Identity by re-entering the username and password again, then trying to start the app pool, it actually starts.

Next, we need to start the User Profile Synchronization Service. Click on Application Management > Manage services on server. The status for the User Profile Synchronization Service should be Stopped. Click on Start and you are prompted to log in to DOMAIN\svc-spadaccess. Once you log in, it should start after a few minutes (could take about 10 minutes). I find that this isn't the case and it hangs on "Starting" indefinitely. On checking the event logs, I see this error:

Error provisioning the local timer service instance during deploying of administration application pool credentials, please provision manually. The password for the account DOMAIN\svc-spadaccess, as currently stored in SharePoint, is not the same as the current password for the account within Active Directory. To fix this with PowerShell, run Set-SPManagedAccount -UseExistingPassword.

To fix, I had to go to Start > Administrative Tools > Services and select the SharePoint 2010 Timer. It wasn't started in my case and when I try to start it, I get the login error. As with the application pool, I had to re-enter my password and start the service in order to get it to run.

Now when I go back to Central Admin the status is still stuck on "Starting" and there is no way for me to stop it. So I had to start the SharePoint 2010 Management Shell, type in get-spserviceinstance to get a list of all the GUIDs. Copy the GUID for the User Profile Synchronization Service (which should have its Status as Provisioning) and enter stop-spserviceinstance <GUID> to stop the service. Once you have done that, you can go back into Central Admin and you'll notice that you can try to Start the service again.

Click on Start, enter your password and 10 minutes later, it should be running.

After the service starts, you can go ahead and configure the AD import. Click on Application Management > Manage Service Applications > User Profile Service Application > Configure Synchronization Connections and Create New Connection. If you are getting an Unknown Error when you try to do this, then do an iisreset before coming back here. You might have to wait a couple of minutes after logging back in to see this section working.

Enter all the relevant details to your connection but use the Account name DOMAIN\svc-spadaccess to access AD. Click on Populate Containers, select what you want to import and click ok. Then go back, Click on Application Management > Manage Service Applications > User Profile Service Application and Start Profile Synchronization which should import all user details from what you selected in the Container into SP 2010.

Simple one... add a content editor web part and add the following code:

<style>
.ms-menubuttoninactivehover{
 display: none;
}
.ms-separator{
 display: none;
}
.ms-splitbuttondropdown{
 display: none;
}
.ms-viewselector{
 display: none;
}
.ms-listheaderlabel{
 display: none;
}
</style>

You'll notice that some of those buttons disappear.

First check that DNS is installed...

Control Panel >Add Remove Programs > Add/Remove Windows Components

Ensure the Networking Services check box is checked, Click on Details and ensure the Domain Name System (DNS) is checked. If it isn't, check it and click OK. Windows will then install DNS on the server. You will then be prompted to insert the Windows 2003 CD to complete the installation.

Once installed, click Start > Administrative Tools > DNS

Right click on the Forward Lookup Zones and select New Zone...
Primary zone, Next >
Zone name: yourdomain.com, Next >
Next >
Do not allow dynamic updates, Next >
Finish

Right click on the yourdomain.com zone you just created.

New Host (A)...
Name: ns1 (for ns1.yourdomain.com)
IP address: (this is the external IP address assigned to you by your ISP)
Click Add Host

Double click on the Name Server (NS) entry in the zone.

Remove the existing FQDN and Add a new one.
Click on Browse and browse to the Host (a) entry you created above (ns1.yourdomain.com).
Click OK.

Done... the name servers are set up.

To add domains that resolve on this name server, you would add another forward lookup zone.

As above, you need to edit the Name Server entry, remove the existing FQDN and Add a new one. As above, you also need to click on Browse and browse to the original Host (A) entry that you created (ns1.yourdomain.com).

Once you have done that, you can add more host (A) entries for this zone.

Here's a screenshot of how it should look...

I've edited out a few values, hence the white spaces... but hopefully you get the idea.

I found that when I created a custom outlook add-in to run on the Send event, that it doesn't run when I deploy it on another machine (works fine on my own). After much research, I found that a requirement on the other machine is not included in the deployment files. We needed Extensibility.dll to be installed on the target machine. For some reason, this is not included in VS 2008, despite there being a KB article for this file for VS2005. Research shows that the majority of people had to downgrade back to VS2005 to get Extensibility.dll installed on target machines, but that is not necessary.

First you need to have Visual Studio 2005 installed somewhere so you can download the kb article from here and install it: http://support.microsoft.com/kb/908002. Without VS 2005, you won't be able to install this kb (which I find silly because you need it for VS2008).

After installing, you can then do one of the following 2 ways.

The hard way...

1.    Navigate to C:\Program Files\Microsoft Visual Studio 8\SDK\v2.0\BootStrapper\Packages, locate KB908002 folder.
2.    Log on to the machine which has Visual Studio 2008 installed and copy KB908002 folder to C:\Program Files\Microsoft SDKs\Windows\v6.0A\Bootstrapper\Packages

Now if you go to the pre-requisites list on VS 2008 (right click on the Setup and view properties, then click prerequisites), you'll see a new prerequisite, Shared Add-in Support Update for Microsoft .NET Framework 2.0. Check that and select "Download prerequisites from the same location as my application. This way, when you build it, a new folder is created with the required MSI in your deployment folder.

Or the easier way...

Navigate to C:\Program Files\Microsoft Visual Studio 8\SDK\v2.0\BootStrapper\Packages on the PC with VS2005 on it, locate KB908002 folder. Copy the extensibilityMSM.msi file to the target machine and install it there.

Which method you choose will depend on your own personal requirements.

Note that depending on what you need, you may need to right click on "Office.dll" in the Detected Dependencies folder and include it. I had to include Office.dll in my project too for the add-in to function.

In Visual Studio, create a new Project > Other Project Types > Extensibility > Shared Add-in and select the application or applications you are writing the add-in for. In my case, the add in is written for Outlook, so I unchecked everything and selected Outlook only. Hit next, give it a name and description. Then next again and check both boxes. Then Finish.

Since I'm writing code for the Send event, I need to have a new method:

    void OutlookApplication_ItemSend(object Item, ref bool Cancel)
    {
        MessageBox.Show("Item sent");
    }

That's it, now you need to package it into an MSI to install it on another machine. If all goes well, it will work on the new machine and you will have no problems, however that is not the case on most machines as I will be discussing in my next article.

Off topic

When you see the properties of the Setup file, set the Manufacturer to the name of the folder where you want this installed by default and also set the InstallAllUsers to True. On installation, the user has the option of changing it anyway, but it's good to have these set as default.