In this overview I will give the general guidance to load balance your existing 3 or 4 tier SharePoint 2010 Farm with 2 KEMP LoadMasters. This configuration starts after you have setup the farm and the LoadMasters as a HA pair.
1. Create your new VIP with the internal IP address you intend to use with your SharePoint site.
2. Make sure to Force Layer 7 and remove the Transparency or it will fail to allow user authentication.
3. Persistence option is best set to active cookie and increase time-out to 1 hour. I use the scheduling method of round robin with the most success.
4. Under real servers check use HTTP/1.1 and add the host header that would be the URL of your site. This should match the AAM and IIS bindings.
5. Add you reel servers
6. Sit back and relax as you have now your farm balanced!
UPDATE*** Its now supported https://tools.google.com/dlpage/gappssync ***
Google Does not support Office 2013 yet with Google Aps sync. But I wanted to find a way for me to get it working, I found a detailed discussion on Google Groups that provided the answer. I have been able to get Outlook 2013 working with Google Apps Sync. Credits Go to wcodyanderson of Google Groups, for finding the original DLL swap idea. These are the steps I took. I was on Windows 8 64-bit, with office 2013 32 bit to start.
- Removed all Office from PC
- Copied gsync32.dll and unifiedlogin.dll to these two locations; (DLL’s from C:\Program Files (x86)\Google\Google Apps Sync)
- – C:\Program Files\Microsoft Office\Office15
- – C:\Program Files (x86)\Microsoft Office\Office15
- Installed Outlook 2010 (32 Bit)
- Ran Application Sync and setup profile
- Upgraded to Outlook 2013 (32 Bit)
- Re-Ran Application Sync and setup profile
- Opened Outlook and it started syncing everything.
Of Course not supported by Google, Good Luck
Came across a interesting situation earlier this week that I had not come across before. All email messages in this small (<100 users) Exchange 2010 SP2 environment where being delayed at random intervals between a few minutes and 30 minutes. Checking the event logs, services and exchange management console did not show any real problems. Only one message was logged in the application log. Task manager did show issues as the transport service was up to several GB in memory and CPU over standard.
The execution time of agent ‘Journal Agent’ exceeded 90000 milliseconds while handling event ‘OnRoutedMessage’ for message with InternetMessageId: ‘Not Available’. This is an unusual amount of time for an agent to process a single event. However, Transport will continue processing this message.
Event ID 1050 Source MSExchange Extensibility
I checked the queue viewer and found that one of the queues for a mailbox database was in a connecting status. Upon further investigation I found some messages delivering and others being delayed before delivery. I found one message that was very large in size being delayed the longest. I attempted to suspend the message and was not able to given an error. It appears that this message was stuck, can’t delete or remove etc. After a long attempts at powershell to remove and suspend messages I had to delete and create a queue, its a fairly simple process here are the steps:
Note: If messages are in the queue when you stop and delete the queue they are lost, there is lossless methods to remove the Queue database.
- Stop Exchange Transport Service
- Browse to the queue in explorer, if its defaults its located at (C:\Program Files\Microsoft\Exchange Server\V14\TransportRoles\data\Queue)
- Move the mail.que database file to a new folder inside the queue root.
- Start the transport service
This will create a folder called queue.old and place all logs and databases inside of it. It will also create a new queue database and messages should return.
Technet – Managing the Queue Database
Recently a problem occurred where a client was unable to delete contacts or accounts in business contact manager. The following error was displayed;
Error Converting Data type int to smallint.
The problem can be corrected with a change to one stored procedure on the SQL server called dbo.UpdatePhoneLogs, the corrected storedprocedure is below. Only two small changes are required at the top of the code stack. On lines 11 & 12. change the variable type from smallint to int. This is caused by the 32,000 limit of smallints in SQL.
/****** Object: StoredProcedure [dbo].[UpdatePhoneLogs] Script Date: 11/27/2012 10:05:00 ******/
SET ANSI_NULLS ON
SET QUOTED_IDENTIFIER ON
ALTER proc [dbo].[UpdatePhoneLogs]
DECLARE @Version bigint
SELECT @Version = ClientDataVersion from OrgTable
DECLARE @UpdatedCampaigns TABLE (ActivityID int NOT NULL PRIMARY KEY, ActivityGUID uniqueidentifier not null, NPhoneLogs int, IsDeletedLocally bit)
Insert into @UpdatedCampaigns (ActivityID, ActivityGUID, IsDeletedLocally, NPhoneLogs)
INNER JOIN dbo.ActivitiesTable at ON at_campaign.ActivityGUID = at.ReferredEntryId
INNER JOIN dbo.ActivityContacts ac ON at.ActivityID = ac.ActivityID
(ac.ContactID = @ContactServiceID OR ac.GrandParentContactServiceID = @ContactServiceID)
AND at_campaign.ActivityType = 21
AND at.ActivityType = 15
AND at.ReferredEntryId IS NOT NULL
at_campaign.ActivityID, at_campaign.ActivityGUID, at_campaign.IsDeletedLocally
UPDATE dbo.CampaignTable SET
NumberPhoneLogs = ISNULL(NumberPhoneLogs, 0) + @multiplier * uc.NPhoneLogs
dbo.CampaignTable ct INNER JOIN @UpdatedCampaigns uc
ON ct.ActivityID = uc.ActivityID
-- Add campaign to change queue (assumes client data version has already been bumped)
-- FolderKind.Campaign ItemType.Campaign ChangeType.Modified
Insert Into dbo.ChangeQueue (EntryGUID, EntityID, ViewRowID, FolderType, ItemType, Operation, Version, ChangeUser, ChangeTime)
FROM @UpdatedCampaigns uc)
Have come across this several times now so thought it warranted a post. In an environment where a site tunnel is established between a TMG to Cisco ASA (IPSec) websites that are on other side of the tunnel cannot be displayed and give the following:
Technical Information (for support personnel)
Error Code 10060: Connection timeout
Background: The gateway could not receive a timely response from the website you are trying to access. This might indicate that the network is congested, or that the website is experiencing technical difficulties.
The TMG log view the outgoing connection attempt in the log then shows the follow error:
Failed Connection Attempt
Log type: Web Proxy (Forward)
Status: 10060 A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
Rule: Allow access between Site A and Site B
The easiest fix was to open the HTTP protocol and disable the application filter. See eg:
This obviously disables some useful features; the better option is to create a custom HTTP protocol that is not associated to the web proxy filter. Then create a rule that applies to traffic between sites using this HTTP protocol.
Exchange 2010 server that has User Access Control (UAC) enabled fails to install Update Rollup 1.
Symptoms: The install flys by with no waiting at steps, especially the generating assemblies.
Cause: The roll up requires .NET assemblies to be rebuilt. This step takes place BEFORE the msp asked for administrative control in UAC.
Resolution: Run a CMD as administration then execute the msp!
If users are getting a password prompt when trying to open explorer view in SharePoint 2010 there are a few places to look. First understand there are two diffrent protocols, WebDAV and FPRPC. When using FPRPC there will always be a logon box. So how do we force webdav? Look at the quote below but just confirm that the Web Client Service is enabled and running on the client system.
The Explorer View prefers WebDAV over FPRPC. Because of the underlying design of the Explorer View and the default network provider order, it always tries to use SMB first, then WebDAV. Only when SMB and WebDAV have failed does it actually attempt to use FPRPC. This means that forcing the Explorer View to use WebDAV is more a case of creating an environment that makes sure WebDAV is successful instead of actually forcing the Explorer View to choose it.
The next logical question is what ensures WebDAVs success? Here is a list of things that you should avoid if you want WebDAV to be used as the underlying protocol for the Explorer View:
- Make sure all computers accessing the Explorer View have the Web Client Service enabled and running. This is the default behavior for Windows XP, but not for Windows Server 2003.
- Only host content on the default Web port of 80. If you need to host multiple Web sites on a single server, use host headers or multiple IPs to make those Web sites unique.
- Do not encrypt Explorer View traffic using SSL. SSL uses port 443, and the Microsoft WebDAV implementation does not work on ports other than 80.
This was taken from a Microsoft While Paper title – Understanding and Troubleshooting the SharePoint Explorer View.
EDIT:: New Information if some cases are not resolved! Microsoft KB You also need to add a registry entry to the clients machine with the URL of the SharePoint site
A client recently needed to upgrade a Server 2008 R2 RDWeb access to a two factor authentication solution. We decided to go down the TMG 2010 with RSA secure ID route.
After some googling I found this paper http://www.scribd.com/doc/15682090/TS-Gateway-2008-RSA Its a great walk thru but leaves out some key steps. Also for 2008 R2 replace wherever he put TS with RDWeb. But the clients always need to logon twice once at the TMG and they are prompted with the RDweb Access form page. To remove this form page we will take a look at this C:\Windows\Web\RDWeb\Pages\web.config file scroll down to and you will find this, wow great! a few comments here and there and all of the sudden the
To turn on Windows Authentication:
- uncomment <authentication mode="Windows"/> section
- and comment out:
1) <authentication mode="Forms"> section.
2) <modules> and <security> sections in <system.webServer> section at the end of the file.
3) Optional: Windows Authentication will work in https. However, to turn off https, disable 'Require SSL' for both RDWeb and RDWeb/Pages VDIR.
Launch IIS Manager UI, click on RDWeb VDIR, double click on SSL Settings in the middle pane, uncheck 'Require SSL' and
click Apply in the top right in the right pane. Repeat the steps for RDWeb/Pages VDIR.
After completing the comments restart the IIS session and tada! the forms based logon is gone.