Assistant mapped user profile property is broken

After a bit of research I’m giving up on this one.

What I want to do is map the sharepoint user profile property ‘assistant’ to active directory (AD). I could map it to 1 of 2 attributes in AD, either ‘assistant’ or ‘msExchAssistantName’. The assistant attribute in AD stores the DN of that user. Much in the same way as the manager attribute in AD. The msExchAssistantName attribute stores the displayname of the user.

Initially I was mapping assistant to assistant however the problem was that the profile page for a user would display the DN of the assistant. Very ugly!

So I change the mapping to msExchAssistantName hoping that might work but no it now shows the assistant displayname on the profile page however it does not fix the click through problem.

In both of these cases the assistant field is a hyperlink to what you would expect to be the user profile page of the assistant but in both cases sharepoint does not translate it correctly and returns an error page with ‘user not found’.

Now I’m pretty sure that the assistant attribute in AD is widely used and I think that this is a bug or a case of a not quite completed component by the sharepoint dev team. And if they can get it to work for the manager attribute why not for the assistant attribute? During my research I found little info related to the issue except for one post from Joris Poelmans on YASQ – AD Assistant field not correctly imported into SharePoint User Profile database. I have to agree with Joris that this is yet another sharepoint quirk.

If any sharepoint microsoft’y is reading this could they pass it along to the product team and have it fixed please.

Posted in bug, sharepoint

Enabling the inbuilt msg ifilter on sharepoint (even 64bit!)

One of our big decisions on the proposed physical architecture of our sharepoint farms has been can we go 64bit on the index server. For us the ability to index .msg files is crucial and until now I thought I would have to purchase a third party ifilter. The problem being that the third party does not have a 64bit version of their ifilter and initial discussion with the vendor indicated that building a 64bit ifilter would not be easy.

Some recent updates to the technet sharepoint doco were pointed out to me yesterday that listed msg indexing support as being available out of the box.
This is the relevant page:-

File types and IFilter reference (Office SharePoint Server)

So this doc basically states that msg filters are inbuilt. So I do a search of some content that is in the body of a .msg file and no results are returned.

Now I’ve been down this path before with the foxit pdf ifilters so I’m pretty sure that it is a problem with missing values in the registry. I also note at the bottom of the above reference page is a link to an article on search onenote 2007 files. This document provides hints as to the missing registry keys.

Install and register the OneNote IFilter (Office SharePoint Server 2007)

Crank up regedit check that the :-

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office Server\12.0\Search\Setup\ContentIndexCommon\Filters\Extension\.msg keys exist.
(They should do, all my installs have this by default)

The following key is the one that is missing.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office Server\12.0\Search\Setup\Filters\.msg]

[Edit 08JUL2010 – changed MimeTypes key above as per testing from others. Thanks to devparts comment below]

Now, I have taken a guess on the mimetype for outlook. I can find no mimetypes for .msg files in the registries on my servers and my workstations. A web search yielded 3 possibilities, “application/”, “application/x-msg” & “application/msoutlook” 

So the next thing was to restart the office search service, and iisreset. I think reset all crawled content (purge the index). Then I ran a full crawl.

Fortunately I got lucky on the mimetype and the index successfully crawled the content of the email! Now for the caveats. I’ve only done basic testing. I haven’t checked if the msg ifilter will pull an attachment (eg word doc) and index that as well. Also I haven’t checked this with Microsoft, though I think it is worthy of a bug report (at least in the doco).

Also thanks to Mutaz from MCS for his initial guidance on pointing me in the right direction this.

Posted in ifilter, Search, sharepoint

Restricting Self-Service Site Creation

This is one of those things that had me beating my head against a wall for the last couple of hours and in the end its all in the doco you just need to find it.

I have a knowledge management sharepoint web app and I want to turn on self service site creation (SSSC) so that each ‘community of practice’ (CoP) site will be created as its own site collection. By default anyone who has read permission to the KM portal will be able to use the SSSC and create additional site collections. In my environment this would be bad and lead to lots of uncontrolled sites. What I need is the ability to lock this tool down so that only our knowledge managers can create additional CoP sites.

So I know from the default security model that the Read, Contribute, Design and Full Control ‘Permission Levels’ have the ability to ‘Use Self-Service Site Creation’.  What I want to do is create a group that I can add users to who are allowed to create sites. This visio diagram is a great reference for all the permissions –  ‘Model- Office SharePoint Server Application Security‘.

So the procedure from the start follows.

  1. Turn on Self Service site management. This is found in central admin / app mgmt. Make sure that you select the correct web app.


  2. My KM Portal root site collection is based on the Publishing / Collaboration Portal template, so to make the create site link from the ‘Sites’ subsite link to the scsignup.aspx page, we go to the ‘site collection administration / site directory settings’ page and turn on ‘Create new site collections from Site Directory’. This will change the create site link.
  3. Next we need to remove the ‘Use Self-Service Site Creation’ permission from the default permission levels. So to do this on the root site collection go to site settings / Advanced Permissions. From this page drop down the settings menu and select permission levels.


  4. Next I click on the ‘Read’ permission level and then scroll down to the ‘Site Permissions’ section and un-check the ‘Use Self-Service Site Creation’ permission. I then need to remove this from the other groups, in my case the groups are: contribute, approve, Manage Hierarchy, Design, and View Only. I’m leaving it on the Full Control permission level.


  5. Back on the permission page I create a new sharepoint group called ‘KM Portal Site Creators’ and assign the new permission level to this group.


Well thats it. I think this is another example of the default permissions being to open and a real world example of how to trim them back.

Also this is the doco on the technet site that descibes how to ‘Creating custom permission levels’.

Posted in sharepoint

How to limit a site to only see users who are a member of that site

Just stumbled across this piece of info in the technet2 doco.

You can set the peoplepicker-onlysearchwithinsitecollection property to yes to only show users that are a member of that site. This is great for extranet type site collections that you want to stop them from browsing all of you AD to find details on your users.

The example syntax given on the site is:-

stsadm -o setproperty –url http://server –pn peoplepicker-onlysearchwithinsitecollection –pv yes

Note that if a user knows the fully qualified login name they can still select those names.

Posted in howto, sharepoint

Enabling web application error reporting for sharepoint

Paul Stork from Mindsharp just posted this to the sharepoint discussions yahoo group and I thought it was worth writing down as I am sure that I will need to use this one day.

If you ever receive the classic sharepoint error:-

An error has occurred.
Please contact your system administrator if this problem persists.

and would like to have some actually useful info on what has happened try the following.  (Quoting Paul directly here)

To get a bit more info make the following
changes to your Web Front end server in the Web.config file of one of
the WebApplicaitons generating the error.
Search for CallStack= and change the setting from false to true.
Search for CustomErrors= and change the setting from Off to RemoteOnly.
(This means that the CallStack will only show on a browser on the server
console. Remote users will still get the SharePoint error page.
Then do an IISreset.
Finally, go to the WFE server console and browse to one of the pages
generating the error. Instead of seeing “An error has occurred”. You
will see a full stack dump and exception statement for the error that is
occurring. That may give you enough information to find out what is
going on.

Posted in howto, sharepoint

Adding Sharepoint search to IE7 search drop down

Just discovered this cool feature in IE7 that you can add custom search providers.

Mark Harrison originally posted some reg hacking on how to this. You can also do it from the front end of IE7.

For example if you want to add a people search from your Sharepoint 2007 corporate portal. Browse to the portal and run a people search with the criteria of ‘TEST’. Then copy the URL of the results page. Next click on the search drop down in IE and select ‘Find more providers..’


On this page copy in the URL of the results page and give it some display name ‘eg Corporate People Search’.


The power of this is that your users can now directly launch and people search from IE7 without having to first browsing to the sharepoint site.

Now combine this with the registry hack that Mark Harrison posted you can now roll this out to all your users.

Posted in howto, Search, sharepoint

How to enable advanced search in a new site collection

When you create an additional site collection under a managed path, the standard search settings do not show and advanced search link. Providing that your root site collection contains a search centre this can be fixed. I have created my root site collection based on the Publishing / Collaboration portal template.

I have created a site collection based on the team template. This is what the standard search drop down looks like.


Go to Site Actions, Site Settings. Then select Seach Settings from the Site Collection Administration group. Below is the default settings. Note how it defaults to do not custom scopes.

default site collection search settings

Now change the setting to use custom scopes, and enter the following relative URL /SearchCenter/Pages (as per the example on the page). See below.

modified site collection search settings

Once you OK this a browse to the team site collection home you will now see the additional scopes on the drop down of ‘All sites’ and ‘People’ plus a link to advanced search.


Posted in howto, sharepoint

Configuring Foxit 64bit PDF ifilter

Adir Ron has posted on his blog the instructions for making the Foxit 64bit PDF ifilter work with Sharepoint 2007.

Taking from his article is the following reg hack instructions on registering the ifilter with the sharepoint search.

  1. After you install the Foxit, add a pdf extension in MOSS search settings
  2. Open regedit, locate [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office Server\12.0\Search\Setup\ContentIndexCommon\Filters\Extension\.pdf]
  3. Change the default value to {987f8d1a-26e6-4554-b007-6b20e2680632} . (You can get this handler addin value using Citeknet ifilter explorer)
  4. Cmdline: net stop osearch
  5. Cmdline: net start osearch
  6. Do a full crawl.

(PS Adir, love the MOSS club tag line on your blog.)

(PPS, To everyone else Adir Ron has some great articles on sharepoint search on his blog.)

Posted in howto, ifilter

Site collection auditing bug when using a custom site collection template

As we are looking at creating lots of site collections underneath managed paths we are trying to use a custom site template. (I have previously posted the procedure I use to create and load a template.)

I stumbled across a problem in that after a site collection was created from a custom site collection template, the audit log reports did not work.  I tried creating my template with either the site collection audit settings left turned off or all ticked. I also tried creating the site template with either include content turned on or off. None of these options worked. In each case when you tried to show the ‘audit log reports’ it gave the error:-

“The specified web does not contain a reporting metadata list”

Now the hidden reporting metadata list does exist and does contain 11 items. The quick way to see this is via ‘storage space allocation’ in site collection admin, then click the lists option (you will only see this if you have quotas turned on).

The solution to this problem is that the Reporting site collection feature needs to be forced. This can be done from the command line:-

stsadm -o activatefeature -name Reporting -url http://server/sitecollection/ -force

I think that this is a bug but I’m still waiting to hear back on that.


An update, Jason Brown the Microsoft sharepoint support engineer who is working on this case is going to blog about how he will reproduce the problem and how he will raise it as a bug.

Posted in sharepoint

2 down – none to go!

Just sat the 70-630 Configuring Microsoft Office Sharepoint Server 2007 exam. 964 out of 1000, so 1 question wrong. Damn that’s frustrating!

I’d rate it about 4 out of 5 on a hardness scale. The range of questions are quite a bit broader than the WSSv3 exam. Then again MOSS2007 is such a huge product when compared with WSS.

Posted in Uncategorized