Set Item level user permissions to add/edit/read only own items

In a recent project with SharePoint 2016, I needed to configure a library with the following user requirement: The users only have to view, their own items.

By default, this option it is not available in Library settings, it is only available for List settings, so… what we can do for a Library? You guessed right, PowerShell.

To do it, we can follow the following process:

You can also use s PowerShell script to manage the item level permissions:

Manage Read Access
$web = Get-SPWeb http://urlsite/
$list = $web.Lists[“Library Name”]
$list.ReadSecurity = 2
$list.Update()
$web.Dispose()

Note: 1 = “Read all items”, 2 = “Read items that were created by the user”

Manage Write Access
$web = Get-SPWeb http://url site/
$list = $web.Lists[“Library Name”]
$list.WriteSecurity = 2
$list.Update()
$web.Dispose()

Note: 1 = “Create and edit All items”, 2 = “Create items and edit items that were created by the user” 4 = “None”

Hope that helps!

File Shares as Content Source in SharePoint 2013 On Premises

Hi all!

Another quick post about file shares and SharePoint:

  1. Identify your crawl account, because this account will be used to index the file share (unless specified differently with a crawl rule), so it is necessary to have read access to the file share to this account
  2. If crawled files in file share system contain metadata, this will be used by the search refiners in SharePoint
  3. Security trimming is respected, so when end users search the document in the search site, it will be displayed according to the permissions given on the files and folders.
  4. Only metadata of the documents will be stored in SharePoint, not the documents
  5. It is not possible to get a preview from Office documents that are stored in File Shares, to get a preview, you’ll need to use third party tools.

That’s all!

Run IISReset on All Servers in your farm at the same time

In case you have a large number of servers in a farm, the following script will help you to do a iisreset in all servers at the same time:

#Specify servers in an array variable
[array]$servers = “Server1″,”Server2″,….”

#Step through each server in the array and perform an IISRESET
foreach ($server in $servers)
{
Write-Host “Restarting IIS on server $server…”
IISRESET $server /noforce
Write-Host “IIS status for server $server”
IISRESET $server /status
}
Write-Host IIS has been restarted on all servers

Till next time!

Exceeding list view threshold

Hi folks,

Recently in a project where we need to work with large lists, as you will know, in SharePoint, lists with more than 5000 items causes problems to the users, and lists with more than 20k items are not possible to manage by the admins, in that cases you will receive a problem like:

“The view can not be displayed because it exceeds the list view threshold(5000 items) enforced be the administrator”

But if you look into the logs, you’ll see the following:

Microsoft.SharePoint.SPQueryThrottledException: The attempted operation is prohibited because it exceeds the list view threshold enforced by the administrator. —> System.Runtime.InteropServices.COMException: The attempted operation is prohibited because

In this case, it was a news list, so it was not possible to order the list in folders or any other method to avoid the item threshold limitation. What is the problem? This issue is By Design, so the throttling limit is enforced to protect the SharePoint Server, why? because each time we access to that list we make a SQL query as the number of items that this list has, so in case that this query exceeds 5000 items (by default) this action is avoided.

As you’ll know, it is possible to change this limit, but you’ll change this limit to the entire web app, which is not recommended, so why we can do as a workaround? Disable throttling 🙂 But you have to take into account that disabling throttling will cause performance issues on the SharePoint Server or the SQL Server.

$web= get-spweb “url”
$list=$web.lists[“listname”]
$list.enablethrottling = $false
$list.update()

After doing this, you’ll query more items in that list 🙂

hope that helps!

ADFS Configure external url for Alerts

To configure SharePoint to receive the url of the email alerts in ADFS zone format, it is necessary to execute the following PS:

$wa= get-spwebapplication “https://urlwebapp”
$wa.useExternalUrlZoneForAlerts = $true
$wa.ExternalUrlZone = “Intranet”

You can change the zone to set it within your ADFS zone in the SharePoint farm

CSOM The request message is too big while uploading attachment

If you are using SharePoint client Object Model and you need to change max size of the message you need to pass to Client.svc, what you probably need is to increase the default value. This can occour for example if you are uploading files to a remote SharePoint using client object model.

The message you are receiving when executing query with client obejct model should be something similar to this: “The request message is too big. The server does not allow messages larger than 2097152 bytes.”

The property is MaxReceivedMessageSize of ClientRequestServiceSettings.The default value is 2MB (2097152 bytes).

Use this PowerShell script (from SharePoint Management Shell in Administrative mode with a Farm Administrative Account) to change this value, in the example below we are changing this limit to 5Mb, also is it possible to increase this limit to 2Gb.

$ws = [Microsoft.SharePoint.Administration.SPWebService]::ContentService
$ws.ClientRequestServiceSettings.MaxReceivedMessageSize = 5242880
$ws.ClientRequestServiceSettings.MaxParseMessageSize = 5242880
$ws.Update()

If you want more information about this: https://msdn.microsoft.com/en-us/library/ff599489.aspx

Till the next time!!

Where is the miisclient??

Tons of times I have asked this question to myself, finally I was able to found it by doing a search in the drive letter, but I want to me more efficient 😛

So, if you are in same situation as me, you can find the 2010 and 2013 clients in the following locations:

MSS2010: C:Program FilesMicrosoft Office Servers14.0Synchronization ServiceUIShell

MSS2013: C:Program FilesMicrosoft Office Servers15.0Synchronization ServiceUIShell

Till the next time!

web.config size limit – Overcome IIS 500.19 error

Hi everyone, today I’d like to share an experience I had on a production server. At the beggning I though the problem was related with a SharePoint server, indeed it was related with SharePoint, but in this case to be more precise, with IIS.

We were updating some solutions in SharePoint that adds configuration to the web.config file of SharePoint, but when we tried to refresh the site homepage to test the configuration made, we got a 500 error
In this case, the web.config file size was exceeding the limits. Indeed, by design a web.config file should not exceed 250kb. From there, two solutions could be chosen to solve this issue, ang get access back to our website.

So to solve this problem, the solution is to modify the size configured by design for a web.config file in the registry. To do so, open your registry by typing regedit in windows start menu, and find the following key:
HKEY_LOCAL_MACHINESOFTWAREMicrosoftInetStp
Create a new key named “Configuration”, and a DWORD value named “MaxWebConfigFileSizeInKB”. Change the value of this DWORD to match your requirement. For example, I set 2048 in decimal, which translates to 0x00000800 ib hexadecimal.

To refresh this changes, is it necessary to open an administrator CMD and type iisreset, once the web is refreshed you will be able to access again.

Alternative solution

If you don’t want to add registry entries in your server, there is another solution that allows to split the web.config file in several files.

In this case, you will have a main web.config file in which you’ll reference sub config files by adding a configSource attribute onto the sections you would like to split into other files.

To illustrate this, if you’d like to split the section “appsettings” in another file, you would change the appSettings section in your web.config file to :

  appSettings configSource="appsettings.config"

So, you will need to add all your appsettings entries like they were in the original web.config file, for example :

appSettings
add key="aspnet:RestrictXmlControls" value="true"
add key="FeedCacheTime" value="300"
add key="FeedPageUrl" value="/_layouts/15/feed.aspx?"
add key="FeedXsl1" value="/Style Library/Xsl Style Sheets/Rss.xsl"
add key="aspnet:AllowAnonymousImpersonation" value="true"
appSettings>

So, after doing this, you’ll have two files (web.config and appsettings.config) in the inetpub folder, so remember that you will need to modify each on of the files, and in case you need to do some configuration changes to do an iisreset to deploy the changes to the webapp.

Hope it helps someone!

Request was rejected by the HTTP filter

Recenlty a client had published a SharePoint site through TMG.  Everything looked great until you went to view/edit the properties of a document in a document library.  I got the following error:

“Error Code: 500 Internal Server Error. The request was rejected by the HTTP filter. Contact the server administrator. (12217) ”

image_thumb

Trying the same actions on any other list/library worked fine; just not for a document library.

The problem turned out to be related to HTTP filtering in TMG.

To fix the issue, Open the properties of the firewall policy.  Click Filtering > Configure HTTPunder the Traffic tab.

image_thumb1

Uncheck Verify normalization.

image_thumb2

Save and apply changes and you should be all set.

But in case your problem is related with the people picker you should uncheck the value “Block high bit characters.”  This will fix the problem. This problem also happens when you publish the OWA urls thorugh TMG or ISA

Hope that helps!