Useful PowerCli Snippets

Title: Revert to a specific set of snapshots
Description:

• Ps that accepts a configuration file and the name of the snapshot to revert to. 
• Xml holds the config values to connect to vSphere. 
• Add the PowerCli PS add-in.
• Connect to vSphere
• Loop thru the VM's and revert to a specific snapshot.

    *****************

Title: Create a snapshot of multiple VM's

 

 

   *****************



Create SQL Server Aliases using Powershell

Create SQL Aliases example Powershell
For DR and Moving/splitting up SQL Server load use aliases, costs you nothing and later on you can split the load.  I use 3-4 even on small SP farms.

Tip: SQL 2012 has always on availability clustering, the SQL Server listener (need for Availability Groups (AG)) does the same functions as a SQL Alias.  So my take is if you use a SQL 2012 AG then the listener on an always on availability cluster does the same function as the SQL Alias.  Obviously rather use the listeners DNS name as opposed to the IP adr of the listener but if you are using AG you don't need a SQL Alias.

Thoughts: SQL 2012 brings a new option to the table regarding SQL Aliases for SP2010 & SP2013.  If you are using Always-on Availability Groups (AP) in SQL 2013, you get a SQL listener that does the same function as as the SQL Alias.  AG gives you automatic db fail over for your Sp farm.  Issue is if you use AG with a SQL alias you have a single point of failure so your DB won't automatically fail over.

So the big reason to use SQL Aliases for me in the past was to allow me to split my database servers when 1 became the bottleneck.  The goodness with AG outweighs this option to improve performance especially as if I'm using AG I probably have sufficient resources as this is planned upfront.

Creating Registry keys safely in PowerShell:
    # Check if the key already exists - Example from AutoSPInstaller on creating aliases.   
    $client = Get-Item 'HKLM:\SOFTWARE\Microsoft\MSSQLServer\Client' -ErrorAction SilentlyContinue
    # Create the key in case it doesn't yet exist
    If (!$client) {$client = New-Item 'HKLM:\SOFTWARE\Microsoft\MSSQLServer\Client' -Force}

Tip:  Check SQL connections and SQL Aliases using a udl file.  Create a text file on your desktop, rename the .txt extension to .udl.  Open the UDL file and verify the connection string works.  I check the Alias that uses the AOAG listener, if this fails I check the connection using the listener, if this fails I check I can hook to any SQL instance.  This pretty much tells me where I have gone wrong.

Tip:  Review your SQL Alaises and cleintside neworking using the SQL Server Client Network Utility tool.  In the run window type: cliconfg

Digital Signatures and Install Software gotcha

Problem: In automating SQL Server and SharePoint images, the actual installation is taking a long time on my managed environment whereas my developer laptop is fast.  All installations are done without Internet access (offline).

I have a dev environment build on my laptop that runs SSD and I run 3 VM using VMware workstation 9 (all use Windows 2008 R2 SP1).  I create an 1) AD with 1GB or RAM and 1 CPU 2) SQL 20012 with 10GB RAM and 4 CPU's 3) SP2010 CU Aug 2012 10GB 4 CPU's.  All the installation is automated using slip streamed images.

So for simplicity on the CI environment I will explain a simplified comparable setup. I have 3 machines with the same roles however the SQL 2012 and SP2010 install take considerably longer.  The CI environment is on ESX (Cisco blades & chassis, and Violin (SSD) storage.  The CPU/compute is connected to the storage via SAS/Fibre channel made no difference either).  I have summarised the results below:

                                                                 SQL2012 (duration)      SP2010 (duration)
Laptop(VMworkstation Workstation)           15 min                              16 min
CI (ESX)                                                        22 min                              92 min 

Finding: My hardcore/good ESX infrastructure is taking 9 minutes longer to install SQL Server 2012 on beter hardware and an amazing 70 minutes longer to install SP2010.

Update 21 Feb 2013: Don't use PowerShell 3 with AutoSPInstaller (including using the version switch i.e. -version 2), it doesn't work and even changing AutoSPInstallers internal web call fail.  It can be made to work with the version 2 switch but it isn't worth the effort.

Initial Hypothesis:
After many many hours between service providers managing the infrastructure, it was not hardware or ESX configuration/setup.  However if the network card on the VM is disabled, the performance change improves to:

                                                          SQL2012 (duration)            SP2010 (duration)
CI (ESX)                                                     13 min                       5 min and 5 seconds

Pretty hefty improvement.  Using netstat is looks like there are requests to the Internet.  After adding Wireshark to monitor all traffic.  I can see requests being sent to crl.mirosoft.com (certificate revocation lists) and ctldl.windowsupdate.com

Issue shown in Wireshark

Issue Shown in Fiddler

This is the 1st time I have seen this issue in a clients production environment.  If the WFEs/SP servers have internet access (less preferable) or the servers don't have access the install work in a timely fashion.  The symtoms of the issue are when the WFE's/SP Servers don't have internet access but think they do.  All the binaries are digitally signed and the install will try validate the signatures despite this being an offline install.

I confirmed the problem being how the networking is setup.  My issue shows up on the VM NIC adapter, Originally the IPv4 Connectivity has a status of "No Internet Access", once I ping google I get a reply and the status changes to "Internet".  I can ping google but not browse to it.

Resolution:  The problem is that executable code is digitally signed.  This is good, all code should be digitally signed so it can be authenticated.  However in this situation a lot of requests are being sent out from the VM as the install tries to verify all the SharePoint complied code.  The install on the local VM acts as if there is an Internet connection (which there is not).

It takes unique networking to get into this issue and SP/any digitally signed code will check the digital certs.

There are a few fixes such as:
1.> Allowing the servers to get out to the Internet, so open the firewall or set a proxy on the local VM.
2.> Add host entries to the cert fails immediately but will continue installing (This is not working for me).
3.> Make the following registry change:

set-ItemProperty -path "HKCU:\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing" -name State -value 146944

set-ItemProperty -path "REGISTRY::\HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing" -name State -value 146944
get-ChildItem REGISTRY::HKEY_USERS | foreach-object {set-ItemProperty -ErrorAction silentlycontinue -path ($_.Name + "\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing") -name State -value 146944}


More Information:

Certificates for installing sofware is cause slow install:
http://joelblogs.co.uk/2011/09/20/certificate-revocation-list-check-and-sharepoint-2010-without-an-internet-connection/

http://ddkonline.blogspot.co.uk/2010/05/fix-sharepoint-very-slow-to-start-after.html

If you want to verify if a machine is having problems with a poarticlar process Process Explorer (Usefule if a machine has high memory, CPU or IO issues)

SharePoint Saturday UK 2012

Great event again, it amazes me that such a great place to get info meet people learn about SharePoint attracts 250 people - that is free.  Sure you need to give up your time and it is a long way but more folks involved with SP in the UK should be at these events.

Mark Macrae, Anthony Pounder & Brett Lonsdale set up SharePoint Saturday, it's huge, the speakers are great and give their time.  People who attend are good to speak too.  So my thanks to the speakers, the 3 fellas mentioned above and Rik from BlackMarble (great conversation).

The presentations I saw were with my thoughts:

• Wes Hackett (Bring SP into your Office with Apps for Office), I saw a fair amount of this at SPC but Wes brought some good ideas and presented the topic extremely well.  Apps are really powerful in Office and SP2013 but I'm not sold it's going to work as well as MS are preaching.
• Bill Ayers (Lean-Agile Development with SharePoint), best session I went to.  Had a chat with Chris, Alan (Eardly) & Bill afterwards - really  good stuff, with a topic relevant to my current project.  Unit test and SP are not a great combination in my opinion sure you can using a Mocking framework but I'm not sold, the learning curve for the team is high (effective TDD takes time no matter how many converted devs tell me it's simple), you spend time mocking.  The list goes on and the right projects with the right management buy in 100% I'm behind it I just think it's probably less than 10% of SharePoint projects.   The main take away which I agree with is SCRUM for SP projects is great.  Implementing scrum has challenges but is worth the pain in most scenarios.  Testing is key, you can use Integration tests instead of Unit Tests in VS.  I advocate projects use Code UI testing as with most SP projects you get the most "bang for your buck" (not part of the talk).
• Martin Hatch (Performance and Load Testing using Visual Studio), good overview with demo and walk thru.  It is amazing what VS 2012 ultimate.  You can definitely remove project risk by using these tools and it's no longer in the domain of load runner experts.  VS has firmly tooled dev and teams to monitor performance and determine bottlenecks.
• Marjn Somers (Extending SP with Simple jQuery Solutions), this is a funny guy well at a SP conference the bar is pretty low in the comedy genre.  I felt it was too simple (and i'm a simpleton (not the pattern) - sic) but as a 101 into SP and jQuery excellent.
• Adam Burcher (PowerShell - Let me script that for you!), was well presented.  It was an intro into PS and PS for SP. I didn't get much out of it but it was well presented and the demo of showing SP devs how easy it is to convert a C# event handler's code into PS was extremely effective.

Sessions I missed and would of like to see where Andrew Woodwards on Why you need a SharePoint Centre of Excellence (CoE), Paul Hunts session on Sift thru Search and deliver more, Chris O'Brien Getting to Grips with SP2013 Apps, Mark Macrae's BI talk would of been good to attend also.


 

Setting up VMs (VMware ESX5)



Overview:  VMware ESXi is a 1st class virtualisation platform and commonly used to host SharePoint VM's.  The post looks at the common tools for managing/setting up my VMware based infrastructure.  I'm certainly not an expert in virtualisation but this is a 101 in setting up VM's.

 

vSphere Client connects to the ESXi server infrastructure and provides a UI management tool.

 

PowerShell with PowerCLI to let you manage your ESX infrastructure using PowerShell. 

My preferred option is to use PowerGUI and user the add the PowerCli add in so I can interact with ESX but I have Intellisense and nice debugging capabilities.   The snippet below shows how to connect to the ESXi server.
Script expanded with more detail.  Really need to loop throu config to create multiple VM's and get their individual settings.

Before running the script ensure you have the OSCustomizationSpec and OS template as you need them to build.

Check the VM is created.

Summary:  Useful scripts for building a unique set of VM's on VMware.  For Continuous Integration it is better to start with pre-build environments.  My next step would be to fire off the SQL Server 2012 builds on 1 or more of these VM's as shown in the SQL Server 2012 slipstreamed install.

Thanks to Wayne Senior for info in this post.

PowerShell to Create User Accounts for SP Install

Problem:  I keep building this script to setup accounts with permissions to put a SharePoint farm using AutoSPInstaller.  I have decided to post so I don't have to go look for this each time.  My list is based on the accounts for AutoSPInstaller recommended install accounts per Tobias Lekman's blog post series.

Use Powershell to create the accounts (This script was originally given to me by Mark Slavik)

Download the PS file here (rename to be a ps1 file)

Note: ThePowerShell file creates tha accounts in the right groups.  The User Profile Service/Synchronisation Account needs "Replicating Directory Changes" permissions, this can be done in various ways and depends on if the NETBIOS name and domain name match. 

Steps to add "Replicating Directory Permissions" to the User Profile synchronisation account:
1.> Open "Active Directory Users and Computers".  Right click on the domain name in the management console and select "Delegate Control..."

2.> On the "Delegation Control Wizard" click "Next" > On the "Users or Groups" screen used to delegate control.  Click "Add" and add your User Profile Sync account.  Click "Next".

3.> On the "Tasks to Delegate" screen select the option "Create a custom task to delegate" > "Next".

4.> On the "Active Directory Object Type" screen accept the default settings and click "Next".

5.> On the "Permissions" screen check the box to allow "Replicate Directory Changes" and Click "Next".  The last screen is for review and select "Finish".

Check your account has permissions using PowerShell.  I needed to amend Tobias Lekman's script
http://lekman.codeplex.com/releases/view/65930  to make it work for me; this is 99% Tobias's work.  I also check if the account is a domain administrator as if they are you won't need to add the special permission (not recommended).  Your other option is to make the User Profile Synchronisation account a local administrator on the VM where the User Profile Service is running.

Alternatively check the permissions thru the AD User and groups UI:

Summary: Add 10 (or as many as you decide to use) accounts.  SP_Install needs administrator domains permissions all the others just need domain user account access.  The SP_Install account needs SQL roles DBCREATOR and SECURITYADMIN. Lastly, ensure the SP_ProfileSync account has "Replicating Directory Changes" permissions.  These permissions are implicit if the SP_ProfileSync account is a local admin or part of the domains administrators group.

Tip: The Execute method of job definition Microsoft.SharePoint.Diagnostics.SPDiagnosticsMetricsProvider (ID ..) threw an exception. More information is included below. An update conflict has occurred, and you must re-try this action. The object SPWebService was updated by demo\sp_farm, in the OWSTIMER (8140) process, on machine... 

 

List of SP2013 improvements

My SP2013 Favourite Changes
This list is just random thoughts pls add your comments and I'll make it longer.

1. Delta's for Document management (don't use a full version for each version of an Office document),
2. Sparse columns,
3. WCM (cross site collection navigation OOTB, improved publishing & page size options),
4. Search is 1 product (FAST & SP Search),
5. App model (development options are more numerous),
6. REST (OData) is a 1st class citizen - improved access to REST API/external access to services such as search,
7. .NET 4.5 instead of .NET 3.5 (Workflow is a big winner),
8. Workflow (Workflow in SP2010 is better than MOSS) but performance and architecture is greatly improved,
9. Side by side Enterprise and standard edition CAL's to lower TCO,
10. Sticky sessions no longer needed - distribute cache is shared,
11. SharePoint 365 is awesome,
12. People search is even better with less customisations being required - OOTB it does more,
13. UPS has 3 sync options in SP2013 as opposed to 1 method in SP2010 - the simpler AD sync and an option to link to FIM (beautiful),
14. Improved OOTB pdf support,
15. SkyDrive Pro 2013 replaces Workspace (may not be good but I do like SkyDrive),
16. OWA is a separate product not bundled with SP2010 as a Service Application.
17. Licencing (simplified and cheaper, OWA is free.  Search which is the FAST replacement is part of SP2013.  There is no longer a separate Internet (FIS) and Internal SP Server licence.)
18. Search-Driven content
19. Search Provides html previews without OWA.  OWA adds previews/thumbs for search results on Office documents.  I believe pdf can also be setup with some work.
20. Search has REST API that support requests in both Keyword Query Language (KQL) and FAST Query Language (FQL).

 Comparison of the SP2013 On-Premise editions