IE11 and Sharepoint 2010 Problems

Surprise Surprise(remember 9 & 2003), IE11 is released and it won’t work with SharePoint 2010 regardless of the version (December 19, 2013). The cause is due to the changes in IE11 compatibility mode (MSDN details).

Initial thoughts are to hard code the version from 8 to 9, (<meta http-equiv=”X-UA-Compatible” content=”IE=8″/>)

in the master page and this alleviates some problems(Infopath Forms now work(previous error was: Critical Error: Object doesn’t support this property or method addeventlistener)) but it creates more as well(Users can’t be added to sites(System.InvalidOperationException: Namespace prefix ‘xsd’ is not defined.).

Based upton my trial and error today I would recommend until MS released a CU, the farm running is a 2010 Enterprise with all standard features and items in use.

Add this javascript to the master page just above the body close tag.

<script language=”javascript”>
/* IE11 Fix for SP2010 */
if (typeof(UserAgentInfo) != ‘undefined’ && !window.addEventListener) {
UserAgentInfo.strBrowser=1; }



SharePoint 2010 & Best IE Settings

I’ve been experimenting with what should really be a simple setting in GPO’s to eliminate the need for users to logon or experience user interruptions with service when using SharePoint. This is my findings of what works best:

  1. Assign the sites into the “Intranet Zone” my root site URL
  2. Adjust the “Intranet Zone” to low
  3. Adjust the “Intranet Zone” Logon Option to Automatic logon with current user name and password

All these settings can be found in the GPO Here:


Powershell Script to Create SharePoint Service Accounts

I find myself creating lots of of SharePoint 2010 Farm deployments these days and with that comes the requirement to create the required user accounds. I have created a quick powershell script below that you can use to script this.

Import-Module activedirectory
$password = "PW”
$domain = “Domain.local”
New-ADUser -SamAccountName sp_install -name sp_Install -UserPrincipalName sp_install@$domain -Accountpassword (ConvertTo-SecureString -AsPlainText $password -Force) -Enabled $true -PasswordNeverExpires $true -path ou="Sharepoint Service Accounts,DC=domain,dc=local" -OtherAttributes @{Description="Used to install SharePoint on farm servers."}
New-ADUser -SamAccountName sp_farm -name sp_farm -UserPrincipalName sp_farm@$domain -Accountpassword (ConvertTo-SecureString -AsPlainText $password -Force) -Enabled $true -PasswordNeverExpires $true -path ou="Sharepoint Service Accounts,DC=domain,dc=local" -OtherAttributes @{Description="Farm account"}
New-ADUser -SamAccountName sp_webapp -name sp_webapp -UserPrincipalName sp_webapp@$domain -Accountpassword (ConvertTo-SecureString -AsPlainText $password -Force) -Enabled $true -PasswordNeverExpires $true -path ou="Sharepoint Service Accounts,DC=domain,dc=local" -OtherAttributes @{Description="Farm account"}
New-ADUser -SamAccountName sp_svcapp -name sp_svcapp -UserPrincipalName sp_svcapp@$domain -Accountpassword (ConvertTo-SecureString -AsPlainText $password -Force) -Enabled $true -PasswordNeverExpires $true -path ou="Sharepoint Service Accounts,DC=domain,dc=local" -OtherAttributes @{Description="Used to run IIS application pool for service app web services"}
New-ADUser -SamAccountName sp_search -name sp_search -UserPrincipalName sp_search@$domain -Accountpassword (ConvertTo-SecureString -AsPlainText $password -Force) -Enabled $true -PasswordNeverExpires $true -path ou="Sharepoint Service Accounts,DC=domain,dc=local" -OtherAttributes @{Description="Used to run Enterprise Search service"}
New-ADUser -SamAccountName sp_crawl -name sp_crawl -UserPrincipalName sp_crawl@$domain -Accountpassword (ConvertTo-SecureString -AsPlainText $password -Force) -Enabled $true -PasswordNeverExpires $true -path ou="Sharepoint Service Accounts,DC=domain,dc=local" -OtherAttributes @{Description="Default content access account used by crawler to crawl SharePoint sites."}
New-ADUser -SamAccountName sp_ups -name sp_ups -UserPrincipalName sp_ups@$domain -Accountpassword (ConvertTo-SecureString -AsPlainText $password -Force) -Enabled $true -PasswordNeverExpires $true -path ou="Sharepoint Service Accounts,DC=domain,dc=local" -OtherAttributes @{Description="Used to run User Profile service"}
New-ADUser -SamAccountName sp_ups_import -name sp_ups_import -UserPrincipalName sp_ups_import@$domain -Accountpassword (ConvertTo-SecureString -AsPlainText $password -Force) -Enabled $true -PasswordNeverExpires $true -path ou="Sharepoint Service Accounts,DC=domain,dc=local" -OtherAttributes @{Description="Used to sync profile information with AD"}
New-ADUser -SamAccountName sp_superreader -name sp_superreader -UserPrincipalName sp_superreaderc@$domain -Accountpassword (ConvertTo-SecureString -AsPlainText $password -Force) -Enabled $true -PasswordNeverExpires $true -path ou="Sharepoint Service Accounts,DC=domain,dc=local" -OtherAttributes @{Description="Used to sync profile information with AD"}
New-ADUser -SamAccountName sp_superuser -name sp_superuser -UserPrincipalName sp_superuser@$domain -Accountpassword (ConvertTo-SecureString -AsPlainText $password -Force) -Enabled $true -PasswordNeverExpires $true -path ou="Sharepoint Service Accounts,DC=domain,dc=local" -OtherAttributes @{Description="Used for IIS caching"}

Add-ADGroupMember "Pre-Windows 2000 Compatible Access" sp_search
Add-ADGroupMember "Pre-Windows 2000 Compatible Access" sp_ups_import

Load Balance SharePoint 2010 Farm with Kemp

In this overview I will give the general guidance to load balance your existing 3 or 4 tier SharePoint 2010 Farm with 2 KEMP LoadMasters. This configuration starts after you have setup the farm and the LoadMasters as a HA pair.

1. Create your new VIP with the internal IP address you intend to use with your SharePoint site.

12. Make sure to Force Layer 7 and remove the Transparency or it will fail to allow user authentication.

23.  Persistence option is best set to active cookie and increase time-out to 1 hour. I use the scheduling method of round robin with the most success.

2a4. Under real servers check use HTTP/1.1 and add the host header that would be the URL of your site. This should match the AAM and IIS bindings.

45. Add you reel servers

56. Sit back and relax as you have now your farm balanced!




SharePoint 2010 Explorer View

If users are getting a password prompt when trying to open explorer view in SharePoint 2010 there are a few places to look. First understand there are two diffrent protocols, WebDAV and FPRPC. When using FPRPC there will always be a logon box. So how do we force webdav? Look at the quote below but just confirm that the Web Client Service is enabled and running on the client system.

The Explorer View prefers WebDAV over FPRPC. Because of the underlying design of the Explorer View and the default network provider order, it always tries to use SMB first, then WebDAV. Only when SMB and WebDAV have failed does it actually attempt to use FPRPC. This means that forcing the Explorer View to use WebDAV is more a case of creating an environment that makes sure WebDAV is successful instead of actually forcing the Explorer View to choose it.

The next logical question is what ensures WebDAVs success? Here is a list of things that you should avoid if you want WebDAV to be used as the underlying protocol for the Explorer View:

  • Make sure all computers accessing the Explorer View have the Web Client Service enabled and running. This is the default behavior for Windows XP, but not for Windows Server 2003.
  • Only host content on the default Web port of 80. If you need to host multiple Web sites on a single server, use host headers or multiple IPs to make those Web sites unique.
  • Do not encrypt Explorer View traffic using SSL. SSL uses port 443, and the Microsoft WebDAV implementation does not work on ports other than 80.

This was taken from a Microsoft While Paper title – Understanding and Troubleshooting the SharePoint Explorer View.

EDIT:: New Information if some cases are not resolved! Microsoft KB You also need to add a registry entry to the clients machine with the URL of the SharePoint site