Content Deployment Job Failure – Checked Out Document

Problem

The following error message is displayed in the job status log and content deployment job fail.  The error message indicates a file is checked out.

Solution

This issue can happen due the following reasons.
1. A document is checked out in the destination site collection. Manually check in the document at the destination site and reran the content deployment job.

When logging into sharepoint, it fail to Log In to site and give a error: Server Error or Runtime Error

Problem

You attempt to log into the server, inputted the correct username and password, then the system respond with a server application error

Runtime Error
<!- Web.Config Configuration File –>

also similar to the following:

Note:

I am posting this error out here because I want to point out one very important thing. If you ever see a Runtime Error. THIS ALWAYS MEANS IT’S A IIS ERROR. If this is a SharePoint error, it will always have the SharePoint logo (the little logo in the upper left J) with that in mind. Check your IIS if you ever get this error…  Basically any error that give you the above “look and feel” have to do with your IIS server.

Solution

This issue can fix with the follow approach.
1.Issues can be cause by incorrectly modifying the web.config file. Restore the original web.config file and then restart IIS
2.IIS fail to respond to the request.  Restart IIS services on all the web front end server.

Installing Microsoft Operations Manager Agent on a Computer on a different domain than the MOM Server

Intro:     I spend a great deal of time working on using MOM to monitor non-domain computer.  Here is what I found:

– MOM 2007 require domain trust, a non-domain computer does not have domain trust and will not work

– every documentation from Microsoft “claim” it is suppose to work, but no where in any white paper talks about “what” you are suppose to do!!!!

– by mixing a few documentation together below is the full detail on how to get this to work…  Yes, it does work per the documentation…

– I did this a while back so feel free to correct me on the fine detail as I might have forgotten what they are.

– repeat Step 3 to 6 for every Monitoring Client.  Step 1 and 2 is for the MOM Server

– this is not a simple task…  this includes modification of host files locally on the monitor agent (will explain why later)

– some references are:

http://technet.microsoft.com/en-us/library/bb735417.aspx

http://technet.microsoft.com/en-us/library/bb735413.aspx

http://technet.microsoft.com/en-us/library/bb432149.aspx

some other Microsoft whitepapers…

 

 

Requirement:

– if this non-domain computer is outside of a firewall,  make sure the proper port (port 5723 on both end) is open on both end to route data to the proper servers

– you will need a Certificate Server (yes…  a REAL certificate server…  it can be a self generated, but if you are going to do this in mass, you will want to have a certificate server).  you can have one by going to Add/Remove program of a Windows 2003 server and install one

– you will need files such as MOMCertImport.exe as found it on the install media in \SupportTools\

 

Step 1: Install the proper certificate from the Root CA Server.

1. From the MOM Server, open a web browser and point it to your certificate server http://your_certificate_server.xxx.com/certsrv

note1:  certsrv this is the default subweb location within IIS when you install the certified server.

note1:  in most case you are trying to do this over the internet, which is why my example uses a URL.  you will need to make sure the certificate server is accessible thru the web.

a. Log into the site

2. Click the Request a Certificate link.

3. Click the advanced certificate request link.

4. Click Create and Submit a request to this CA link.

5. In the Name field, enter the FQDN (Fully Qualified Domain Name) of the MOM Server, make sure to include all domain info if the MOM Server is part of a domain. (Ex: myworkstation.abc.local)

6. In the Type of Certificate Needed field, select Other.

Note, OID field is: 1.3.6.1.5.5.7.3.1,1.3.6.1.5.5.7.3.2 (no spaces between the OIDs or around the comma separating OIDs), to avoid error, do a copy and paste.

7. Click the Mark keys as exportable check box.

8. Click the Store certificate in the local computer certificate store check box.

9. Enter the FQDN of the Client, this field should be the same as step 5.

10. Click Submit.

11. Once your request is submitted, log on to your Certificated Server’s MMC console.  And authorize the request (aka:  log into the computer and open the MMC)

a. Note: once authorize the request, you have 10 days to pickup and install the certificate.

12. Once the request is authorized, you can return to the webpage (http://your_certificate_server.xxx.com/certsrv) to retrieve the authorized certificate.

13. Click the View the status of a pending certificate request link.

14. When you click the proper certificate you will be directed to a new page with the opportunity to install the certificate.

15. Click Install this Certificate and click yes to the Security warning dialog.

16. This should finish installing the required certificates for the server.

 

Step 2:  Export the Root CA certificate from your MOM server

1.  Once you have the certificate install on your MOM.  you will need to export it so you can install it on the client.

2. On the Client, open an MMC (Microsoft Management Console) instance by clicking on Star, then Run and type MMC.EXE and click OK.

3. Once the MMC console is opened, click Add/Remove Snap-In, click Add, and then click on Certificates located in available Standalone Snap-ins.

4. Once you click Add, it will give you three choices and you will need to pick Computer. Click Next.

5. Then accept the default computer (which is localhost) and click Finish. Click Close and then click OK which should conclude the MMC snap-in configuration.

6. Navigate to Trusted Root Certificate Authorities.

7. You will see you certificate on the right hand side. Right click on the certificate and click All Tasks and then Export.

8. A Wizard will prompt you telling you that it is starting the export process, click Next.

9. The next step will ask you if you want to export the Private Key. In this case, you want to do this so click the selection “Yes, export the private key” and click Next.

9. This part is very important because if you do not pick the right export format, the utility will not work. You will want to pick “Personal Information Exchange – PKCS #12” and click Next.

10. When the Wizard prompt you for a password, and use abc123 to simplify the process

a. Note: In order for the import tool to work properly you will need to input a password. I try leaving it blank, it will fail

9. The Wizard will then prompt you for a location to save the exported certificate. To simplify the process, you may save it to the same directory where the MOMCertImport.exe tool is located. Once you have entered a location and name click Next.  (by saving the certificate in the same location as your MOMCertImport.exe will make your life easier when working with it)

10. Verify the information is correct and hit Finish.

11.  It should have exported a .p7b file, this is your MOM server’s certificate (which you will need for every agent you want MOM to monitor).

 

Step 3: Install the Root CA certificate on the Monitoring Client

1.  You will need to import this certificate into the server or client (Client) you are working on.  Copy the MOM Agent Installation file (the MOMCertImport.exe file) and the MOM certificate (should be a p7b file) to the C:

Optional: Copy the MOM Agent Installation files to the local C: will help with the setup process. If you do copy the files to the local C:, be sure to delete the files when you are done.

2. On the Client, open an MMC (Microsoft Management Console) instance by clicking on Start, then Run and type MMC.EXE and click OK.

3. Once the MMC console is opened, click Add/Remove Snap-In, click Add, and then click on Certificates located in available Standalone Snap-ins.

4. Once you click Add, it will give you three choices and you will need to pick Computer. Click Next.

5. Then accept the default computer (which is localhost) and click Finish. Click Close and then click OK which should conclude the MMC snap-in configuration.

6. Navigate to Trusted Root Certificate Authorities.

7. Right click on Certificates (which is located right under Trusted Root Certificate Authorities) and click Import.

8. Click on Import and when prompted click Next.

9. At this point you will be prompted for the certificate file, click Browse.

10. Change Files of Type to PKCS #7 Certificates (*.spc,*.p7b )

11. Click the appropriate certificate file from the MOM Agent Installation files (the_name_of_the_cert.p7b) mentioned in step 2 during the export.

12. Click Open, then Click Next, Accept defaults and Click Next, then Click Finish.

13. We have just imported the Root CA that will validate our next certificate.

 

Step 4: Request and install the proper certificate from the Root CA Server on your Monitoring Client.

1. Directly from your Monitoring Client, open a web browser and point it to your certificate server http://your_certificate_server.xxx.com/certsrv .  Click the Request a Certificate link.

2. Click the advanced certificate request link.

3. Click Create and Submit a request to this CA link.

4. In the Name field, enter the FQDN (Fully Qualified Domain Name) of the Client, make sure to include all domain info if the Client is part of a domain. (Ex: myworkstation.abc.local)

5. In the Type of Certificate Needed field, select Other.

Note1, OID field is: 1.3.6.1.5.5.7.3.1,1.3.6.1.5.5.7.3.2 (no spaces between the OIDs or around the comma separating OIDs), to avoid error, do a copy and paste.

6. Click the Mark keys as exportable check box.

7. Click the Store certificate in the local computer certificate store check box.

8. Enter the FQDN of the Client, this field should be the same as step 5.

9. Click Submit.

10. Once your request is submitted, log on to your Certificated Server’s MMC console.  And authorize the request (aka:  log into the computer and open the MMC)

a. Note: instead of calling in for every certificate request, it is possible to bulk authorize certificate request.

b. Note: once authorize the request, you have 10 days to pickup and install the certificate.

12. Once the request is authorized, you can return to the webpage (http://your_certificate_server.xxx.com/certsrv) to retrieve the authorized certificate.

13. Click the View the status of a pending certificate request link.

14. When you click the proper certificate you will be directed to a new page with the opportunity to install the certificate.

15. Click Install this Certificate and click yes to the Security warning dialog.

16. This should finish installing the required certificates for the server.

 

Step 5: Install MOM Agent

1. To start the install process for the MOM Agent, run MOMAgent.msi in the MOM Agents\agent\i386 folder from your MOM install media.

Note: a amd64 and ia64 version is also available in MOM install media., you will need to make sure you install he proper version for the Client you are working on 

2. After executing the MSI, you should get a Welcome screen. Click Next.

3. Accept default destination folder, click Next.

4. On the next page, uses the installation default and make sure Specify Management Group information is check

5. The next page is where you enter the Management Group Name, Management Server, and Management Server Port. Use the following for each field

a. Management Group Name: hosted

b. Management Server: XXX.yourdomain.com (what ever is the name of your public URL of your MOM server)

c. Management Server Port: 5723

6. Next page will ask you for a Gateway Action Account. Select Local System and click Next.

7. At the Ready to Install page, click Install.

8. When the installation finishes, just click Complete to exit the program.

 

Step 6: Updating host files

1. Because the Monitoring Server is not using part of the hosted domain, it must have hosts file entries to locate the Monitoring Server by name.

Note:  this is the stupid part…  even if you have the Management Server with a FQDN, it require you to also specify the local domain name of the server in order for this to work…

2. On Client, use Notepad to add entries to the C:\windows\system32\drivers\etc\hosts file for Monitoring Server.

3. Enter the following entries: 1.1.1.1 your.local.domain.name.hosted.local  (instead the public IP and also the local DNS name, which the local DNS name is often not the same as your FQDN)

4. Save the file and exit Notepad.

 

Step 7: Install Certificate on MOM Monitoring Agent

1. To start the process of importing a certificate to MOM Monitoring Agent, open a MMC by clicking the Start Menu and then click Run. Type MMC and press Enter.

2. Add Certificates and click Add. Click Computer Account and then click Finish.

3. In the Certificate Tree on the left hand side, click Personal and the click Certificates.

4. You will see you certificate on the right hand side. Right click on the certificate and click All Tasks and then Export.

5. A Wizard will prompt you telling you that it is starting the export process, click Next.

6. The next step will ask you if you want to export the Private Key. In this case, you want to do this so click the selection “Yes, export the private key” and click Next.

7. This part is very important because if you do not pick the right export format, the utility will not work. You will want to pick “Personal Information Exchange – PKCS #12” and click Next.

8. When the Wizard prompt you for a password, and use abc123 to simplify the process

a. Note: In order for the import tool to work properly you will need to input a password.

9. The Wizard will then prompt you for a location to save the exported certificate. To simplify the process, you may save it to the same directory where the MOMCertImport.exe tool is located. Once you have entered a location and name click Next.

10. Verify the information is correct and hit Finish.

11. To import the certificate to MOM Monitoring Agent, we will use the MOMCertImport.exe tool located in the MOM Agent Installation files.

Note:  If you copy the MOMCertImport.exe file to C: as mentioned in prior step

a. The command line arguments are as follows: c:\>MOMCertImport.exe <certificate filename>

b. Input the password (abc123) you enter in Step 8 when prompt

Note: In this example both the tool and the certificate will be located on the root of the C: drive. You will not receive any response after you import the certificate

12. Once this completes you will need to restart the Operations Manager 2007 Health Service to load the certificate.

13. To restart the Operations Manager 2007 Health Service, click Start, then click Run and type services.msc. Locate the service called OpsMgr Health Service and restart the service by clicking the Restart icon on the services toolbar.

Sharepoint Designer Workflow infinite loop

The other day I run into this problem when using Sharepoint Designer to create workflow.

– the workflow start conduction is every time the object change

– the workflow action is to change the object when this occur

Well…  as stupid as it sound, this will create a infinite loop.  Here is how

– when a object change, the workflow starts

– the workflow is then set the change the object (as part of the workflow).

– because the workflow change the object, a new workflow will start again and make another change again…  creating a infinite loop

 

With a infinite loop, a new workflow will keep starting until the server resources runs out…  the only way to stop it is to do a IIS reset or stop the web app.

Even if you “end” the workflow as part of the workflow, it will still keep looping none of the out-of-the-box function in Sharepoint Desginer Workflow seem to be able to fix this problem.  But with some creativity, you can work around this such as using list to track the changes, etc. 

Just FYI for those working on SharePoint Designer workflow

Server Farm Scalability

Here is some info on how to scale a MOSS Server Farm:

Server Farm Scalability

The following tables describe the scalability data for different server types. Each layer and server type can be scaled out individually by clustering each server type (with the exception of Indexing server, which can only be scaled up).

Sharepoint Topology

Scalability

Web Server Farm Scalability

Farm size Web Server x Applications Server x Database Server	Request Per Seconds		Web server CPU		Database server CPU		Client computer CPU
	Mix	Read	Mix	Read	Mix	Read	Mix	Read
1x1x1	49.8	73.3	91.00	98.40	17.90	15.00	10.89	6.50
2x1x1	79.2	141	76.40	93.10	24.50	29.40	14.04	11.10
3x1x1	106	208	71.23	90.75	42.00	54.20	19.10	15.00
4x1x1	128	248	67.55	82.58	66.70	80.20	23.34	18.00
5x1x1	116	278	47.96	70.46	73.70	93.40	26.60	20.00
6x1x1	95	284	32.87	53.62	72.10	96.10	19.16	21.00
7x1x1	n/a	284	n/a	42.19	n/a	96.40	n/a	21.00
8x1x1	n/a	224	n/a	33.34	n/a	76.90	n/a	17.00
Table 1. Web server farm scalability

Query Server Farm Scalability

Farm size Web (Query) Server x Applications Server x Database Server	Request Per Seconds	Query server CPU utilization percentage	Index server CPU utilization percentage	Database server CPU utilization percentage	Database server disk writes/sec average
1x1x1	24.01	99.49	1.98	7.23	6.11
2x1x1	48.04	96.98	3.95	13.02	2.66
3x1x1	71.07	94.73	5.61	20.56	2.29
4x1x1	93.11	91.77	8.81	29.21	2.41
5x1x1	114.95	90.50	10.27	39.38	2.45
6x1x1	133.34	87.29	11.91	52.94	2.83
7x1x1	148.52	80.20	15.24	63.72	3.14
8x1x1	146.94	65.65	15.15	69.15	2.87
Table 2. Query server farm scalability

Indexing Server Scalability

Number of processors	Percentage of improvement in crawl speed
1	0.00
2	10.89
4	19.77
8	30.77
Table 3. Indexing server scalability

Number of crawl threads

	Index server CPU utilization percentage	Database server CPU utilization percentage
4	35	12
8	40	15
12	45	15
16	60	20
Table 4. Impact on crawl threads for index servers

Hardware and Software Requirement

Minimum Hardware Requirement|

Server Type	Minimum Hardware	Recommended Hardware
Web Server	Dual 2.5 GHz or faster processors 1 GB RAM, 3 GB of available disk space, DVD drive, local or network accessible 1024×768 or higher resolution monitor	Dual 3 GHz or faster processors, 2 GB RAM or more, 3 GB of available disk space, DVD drive, local or network accessible 1024×768 or higher resolution monitor
Query Server	Dual 2.5 GHz or faster processors, 2 GB RAM, 3 GB of available disk space, DVD drive, local or network accessible.  1024×768 or higher resolution monitor	Dual 3 GHz or faster processors, 4 GB RAM or more, RAID 10 with 3 GB of available disk space, DVD drive, local or network accessible, 1024×768 or higher resolution monitor.
Indexing Server	Dual 2.5 GHz or faster processors, 2 GB RAM, 3 GB of available disk space, DVD drive, local or network accessible, 1024×768 or higher resolution monitor	Dual 3 GHz or faster processors, 4 GB RAM or more, RAID 10 with 3 GB of available disk space, DVD drive, local or network accessible, 1024×768 or higher resolution monitor. RAID 10 with 2 millisecond (ms) access times and greater than 150 MB/sec write times for fast disk writes.
Database Server	Dual 2.5 GHz or faster processors, 2 GB RAM. DVD Drive, local or network accessible, 1024×768 or higher resolution monitor. Hard disk space based on a 1:1.2 ratio of content to database, plus additional space for transaction logs.	Dual 3 GHz or faster processors, 4 GB RAM or more, RAID 10 hard drives. DVD Drive, local or network accessible, 1024×768 or higher resolution monitor Hard disk space based on a 1:1.2 ratio of content to database, plus additional space for transaction logs.

Minimum Software Requirement

Server Type	OS	Applications
Web Server	Windows 2003 Web Edition SP1 or higher	Office SharePoint Server 2007 Enterprise Internet Information Services (IIS) 6.0 with Common files, WWW, Simple Mail Transfer Protocol (SMTP) Microsoft .NET Framework 3.0
Query Server	Windows 2003 Web Edition SP1 or higher	Office SharePoint Server 2007 Enterprise Internet Information Services (IIS) 6.0 with Common files, WWW, Simple Mail Transfer Protocol (SMTP) Microsoft .NET Framework 3.0
Indexing Server	Windows 2003 Web Edition SP1 or higher	Office SharePoint Server 2007 Enterprise Internet Information Services (IIS) 6.0 with Common files, WWW, Simple Mail Transfer Protocol (SMTP) Microsoft .NET Framework 3.0
Database Server	Windows 2003 Enterprise Edition SP1 or higher	Microsoft SQL Server 2005 Enterprise Edition SP1 or later

Minimum Storage Requirement

Server Type	Sizing Scaling Calculation	Storage Size
Web Server	N/A	At least 3GB of available disk space
Query Server	Index size of X, we recommend that initial disk space be at least 2.5*X for every content index on each query server in the farm.
Indexing Server	Size of data crawled = Y, Size of index on index server = a range of 5% through 12% * Y = X, Initial disk space = 2.5*X. 4 GB RAM on the index server for crawling a corpus with more than 1 million documents.
Database Server	Hard disk space based on a 1:1.2 ratio of content to database, plus additional space for transaction logs.	At least 10GB of available disk space

End User Brower and OS Support

Browser	Windows	Linux/Unix	Macintosh OSX
Microsoft Internet Explorer 6.x (32-bit)	X
Windows Internet Explorer 7.x (32-bit)	X
Firefox 1.5	X	X	X
Mozilla 1.7	X
Netscape Navigator 7.2		X
Netscape Navigator 8.1	X
Safari 2.0			X

Recommended End Users Software Requirement

Users Type	Recommended Software and OS
Developer	Windows XP or Higher Virtual Studio 2005 Professional SharePoint Designer 2007 Internet Explorer 6.x or higher
Contributor	Windows XP or Higher Internet Explorer 6.x or higher
System Administrator	Windows XP or Higher SharePoint Designer 2007 Remote Desktop (or any remote system management software) Internet Explorer 6.x or higher

Recommended Expandable Server Farm Configuration

Small Server Farm

Server Type	Recommended # of Server	Configuration Type
Web Server / Query Server	3	Clustered, Load Balance, and Redundant
Database Server	2	Active and Passive model
Indexing Server	1	Standalone Server in Farm

Mid Size Server Farm

Server Type	Recommended # of Server	Configuration Type
Web Server	3	Clustered, Load Balance, and Redundant
Query Server	3	Clustered, Load Balance, and Redundant
Database Server	2	Clustered, Load Balance, and Redundant
Indexing Server	1	Standalone Server in Farm

Technical Dependencies

Apart from the Microsoft Office SharePoint products and technologies (including WSS 3.0, MOSS, and Search system), the MOSS Server Farm also depends on the following software components for full functionality:

Messaging System

The MOSS Server Farm will use SMTP services for e-mails that are generated for alerts and workflow activities, MOSS Server Farm will use the Lilly SMTP server through port 25 for sending outgoing e-mail messages. The only e-mail messages that will be sent from the MOSS Server Farm system correspond to the out of the box task notifications that are provided with the out of the box workflow templates.

MOSS will perform best with Microsoft Exchange Server as MOSS will be able to take advantage of the contact and calendar function within MS Exchange. MOSS will also operates with other standard SMTP services for incoming and outgoing.

Backup and Restoration

Special MOSS backup agent is require in order to back and restore individual document within MOSS. Some MOSS backup agent which allows for individual document backup and restoration are: Microsoft System Center Data Protection Manager (http://www.microsoft.com/systemcenter/dpm/default.mspx) and Symantec Backup Exec Agent for Microsoft SharePoint (http://www.symantec.com/business/products/family.jsp?familyid=backupexec)

When event a agent is not utilize, backup can be perform using MOSS’s stsadm.exe command together with Windows scheduled tasks and batch file processing, however stsadm.exe only allows for backup of the entire site collections, individual content restorations is not allow.

Application and System Monitoring

It is recommended a system monitoring application is to be utilize to monitor the operation of the MOSS Server Farm, the application should constantly monitor key matrix within the farm to ensure the operation of the farm is correct. One of the MOSS enable system monitoring application is Microsoft System Center’s Operation Manager (http://www.microsoft.com/systemcenter/opsmgr/default.mspx), as Operation Manager comes default with montioring agent design for Windows Server and MOSS operation.

Recommended Applications and System Monitoring Matrix

Key Performance counter, Services, or Applications	Apply to Server	Notes
% Processor time	Web Server Query Server Indexing Server Database Server	utilization (>90% consumption for more than x minutes)
% Memory utilization	Web Server Query Server Indexing Server Database Server	Utilization (>90% consumption for more than x minutes)
Total Free Spaces	Web Server Query Server Indexing Server Database Server	Disk space usage (70% warning, 90% alert)
Backup Services	Web Server Query Server Indexing Server Database Server	Services must be running. Backup must be perform correctly daily.
Site Collections	All Sharepoint Site Collections	Each site collections must return with proper information when query. Site must be running.
Sharepoint Services	Web Server Query Server Indexing Server	Services must be running
Internet Network Latency and Respond Time	Web Server Border Router/Firewall	5 seconds on a 56k modem, 2 seconds on a cable modem, 1 second on a T1 connection
Network Latency	Web Server Query Server Indexing Server Database Server
Database Services	Database Server	Services must be running
Internet Information Services	Web Server Query Server Indexing Server	Services must be running

Firewall and Network

The following diagram and table illustrates the ports that need to be opened in various servers within MOSS Server Farm for proper communication between various components within the system.

Fig. 1. Ports between servers

Callout	Default Ports and protocols
1	Client access: – TCP port 80 – TCP port 443 (SSL)
2	File and printer sharing service: – Direct-hosted server message block (SMB) (TCP/UDP 445)
3	Office Server Web Services: – TCP port 56737 – TCP 56738 (SSL)
4	Database communication: – TCP/SSL port 1433 (default)
5	Search crawling: – TCP 80 – TCP 443 (SSL)
6	Active Directory: – TCP 445 (Directory Services) – TCP 88 (Kerberos)
7	SMTP: – TCP 25

Table 5. Ports between servers

The following diagram and table illustrates the ports that need to be opened between the administration system and the various servers within the MOSS Server Farm for proper communication between various components within the system.

Fig. 2. Ports between administration systems

Callouts	Default Ports and protocols
A	Shared Services Administration site §         TCP 80 §         TCP 443 (SSL)
B	Central Administration site §         TCP 80 §         TCP 443 (SSL)
C	Database communication: §         TCP/SSL port 1433 (default)
Table 7. Ports between administration systems