Tag: sharepoint 2013

Take care of your node.ini in SharePoint Server 2013 Search

Restarting a virtual machine does not give me a guarantee as always because I’ve encountered many cases in which something went wrong after restarting. One of the Search in my customers’ SharePoint 2013 farm recently got several errors on its component after a SharePoint virtual machine running a set of Search components was restarted.  At least Content Processing, Analytics Processing, Query Processing and Index Partition have a red triangle icon which you wish not to see in your life. The SharePoint Search Host Controller (Windows service) somehow continuously terminated after restarting. I was called to look into this issue because I was the one who designed this Search into multi-server Search farm.


4 common misunderstandings about SharePoint Search 2013

Search in SharePoint 2013 has been completely redesigned, providing a new scalable and flexible architecture. To provide a powerful search solution, the base of your search topology must be solid. This requires some basic understandings of search, and how it is designed to provide the scalability and extensibility. Unless your search topology would make impact on the whole farm from the performance perspective.

Having talked with many folks about Search in SharePoint 2013, I have realized that they still think something not correct in basis of SharePoint search, even from seasoned SharePoint developers. With a little hope to help people mitigate problem and save time when implementing Search in SharePoint 2013, this article is going to give you the list of common misunderstandings that I have collected.

Starting Search service is to make search functionality work

Because SharePoint folks see SharePoint Server Search in Manage Services on Server page, they think that to make search functionality work, they simply need to start SharePoint search-related services, specially SharePoint Server Search service on servers

In fact, these services need to work together with search components which are provisioned after you create a new search service application. In which, Search Host Controller service manages the search components. Search Query and Site Settings Service is called by web front-end to handle queries depending on where search query component is allocated.

Without search components running, starting these services will not make search functionality work.

Each web application requires a search service application

This is not really a misunderstanding in SharePoint 2013 search. However, having such in mind, your search topology will probably become a burden to your farm. When creating a new search service application, it automatically provisions 6 search components: Admin, Crawl, Content Processing, Analytics Processing, Index and Query Processing. Because these components trigger noderunner.exe which consumes pretty much memory, if you have many search service application your server will have some problems with performance some time. I have recently involved in explaining and proposing a new search architecture for a big farm which has totally 6 search service application. Each of the search service applications serves for a dedicated content source. The most common scenario you need to have each service application for a web application is in shared SharePoint hosting where and you don’t want to utilize the capability of multi-tenancy. In this scenario, each web application is an instance of a customer/organization.

If you want to schedule or to have dedicated crawling configuration, you can create a new content source, but all are supposed to be in the same search service application. This approach is to provide a consolidated search framework serving for different SharePoint-based applications in your farm.

There is only server playing Search role in your farm

Many farm architecture documentation I’m in charge of review have the same design in which there is a dedicated server hosting all search components. Imagine your farm has 3 public facing websites serving for thousands of people every day with search-intensive customization. Your search server in this case would go into overloading. Having a dedicated search server is proper design. However we can distribute workload by hosting different components on different servers. Being said, search component can be deployed into multiple servers. For example, you can have search query component on the web front-end server while the others are on application servers. In this case, saying your farm having a dedicated server is no longer true.

I’m not saying you can’t use a dedicated server for Search. What I want to indicate here is that the perception should be changed in order to design a performance-protective SharePoint farm including search.

I would say this is the most of most common misunderstandings. For those who are even familiar with SharePoint farm or development, they still think having a pair of search service applications is a good direction for high availability of search. This is completely wrong. There is no way to specify a server to deploy a search service application. Imagine if a server goes down, how can your search continue functioning?

High availability in search from the view of logical architecture is to have a set of search components running on two servers. If a server can’t function search query for instance, search query and site setting services will load balance the query to another server where there is one query component running.

Having a high availability at database layer is also a worth consideration for search.


This article is a good companion along with you when you plan for search topology. Search in SharePoint 2013 is not complicated. It’s really flexible and can be scaled out very quickly. Before designing search topology, stick all these misunderstandings into your notebook.

Email troubleshooting in SharePoint 2013

SharePoint and Exchange is a great ever combination of making a productive environment these days you may have heard from Microsoft. Indeed, the combination offers you full collaboration features and unblocks numerous of choke points in communication. However, the integration between SharePoint and Exchange is not as easy as installing Exchange, configuring out-going setting and performing full synchronization. This sounds like a very normal case all of us know, but not really a list to make things become complete.

Recently I have seen several misunderstandings about email address in SharePoint 2013 from my clients and colleagues. Most of them let User Profile Synchronization do its job and were in trouble as to why email addresses in SharePoint didn’t get updated. As a result, end users didn’t get email notification from SharePoint making a big problem in business operation. On several issues about email address, this article is going to clarify a few things. It will also provide some tips to troubleshooting common email-related cases in SharePoint 2013.

Note: this article is not going to target to business user, instead to people who work with SharePoint as an administrator or a developer.

Where do you see email address in SharePoint?

Email address of a user object in User information list is the very first place for the answer. This email address is used for email process. If an email is outdated, the owner will not receive any notification SharePoint via your email server. I would say it’s an actual working email in SharePoint. To see it, browse this URL http://<your_sitecollection>/_layouts/userdisp.aspx

If you are using Social features provided by User Profile Service application, you will be redirected to your personal site.

From PowerShell, use the following command line to check the email address:

Make sure the LoginName value is form of claim (i:0#.w|)

If you like to do something like a DBA, query the UserInfo table of the content database where your site collection is stored within. Below is the sample T-SQL code snippet

The second place you’ve got to see the email address is user profile service application. Just open it and navigate to Manage User Profiles page.

How does email get updated to the User Information List?

As said earlier, the email address you see in User Information List is used by SharePoint for notification. Hence, understanding how it is synchronized or updated to the list is very important and will support your troubleshooting.

In all of basis, SharePoint has User Profile Synchronization service responsible for mapping data from an identity provider to each user profile in SharePoint relatively. The mapping depends on how you set in Manage User Properties page. By default, Work email property is mapped to proxyAddress attribute in Active Directory.

Described by Microsoft, a proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign messaging system. Proxy addresses are required not just for users, but for all recipient objects, such as contacts, distribution groups, and public folders. Another description from Microsoft Exchange team is that proxyAddress is the main attribute where email address information is kept. Because proxyAddress can contain multiple values, I suppose they are as follows:

  • SMTP:thuan@sg.ts-tech.net (primary address)
  • smtp: thuanNN@sg.ts-tech.net (secondary address)

The description does tell us that if SharePoint synchronizes proxyAddress, there will be multiple values in Work email property.

When an email is synchronized or updated to a user profile, there are two timer jobs that are responsible for email synchronization to the user information list.

  • User Profile to SharePoint Full Synchronization: synchronizes user information from the user profile application to SharePoint users and synchronizes site membership from SharePoint to the user profile application.
  • User Profile to SharePoint Quick Synchronization: synchronizes user information from the user profile application to SharePoint users recently added to a site.

The flow above gives you an overview of how proxyAddress is synched to user profile and is updated to the UserInfo table of a content database.

How to edit the mapping of email property

Keeping proxyAddress by default mapped to Work email property is not recommended. First, if you do not have Microsoft Exchange, proxyAddress property would be always empty. Secondly, if proxyAddress has multiple values, User Profile Synchronization doesn’t understand multi-value format while the property type is E-mail. Therefore, we need to map the email property to the mail attribute in Active Directory.

This way facilitates email management because you can edit to troubleshoot anytime you want without the need of rights on Exchange server.  It’s also to let SharePoint understand that mail attribute only contains a single value.

From SharePoint User Profile Service Application page, click Manage User Properties. Locate to Work email property and click Edit (from a small arrow beside).

Scroll down to Property Mapping for Synchronization setting, click Remove

Under Add New Mapping setting, select synchronization connection under Source Data Connection. Under Attribute, select mail. Under Direction, select Import.

Click Add. Make sure you see the new mapping of mail attribute in Property Mapping for Synchronization setting. Click OK to complete then verify the mapping before full synchronization.

Perform full synchronization and open Forefront Identity Manager (C:\Program Files\Microsoft Office Servers\15.0\Synchronization Service\UIShell\miisclient.exe) to monitor and test the result.


In almost cases when an end user doesn’t receive an email notification while his colleague is, folks often leave a look at the User Information List where that end user resides. They also seem to be in trouble with User Profile Service application and Exchange server.

If you have ever encountered such a case, make sure the email address in the user information list has been newly updated. Otherwise, SharePoint will send the request of old email address to email server. If the email address is old, check the email address of the affected end user in User Profile Service Application. If the user profile has the new email address updated, chances are User Profile to SharePoint Full Synchronization and User Profile to SharePoint Quick Synchronization timer jobs haven’t worked correctly. In this case, you need to check Last run time value and history of each timer job. You would need to clear configuration cache to update the configuration database and make things come back normally.

In case the email in the user profile is still not correct, open Forefront Identity Manager to see synchronization history, status and error if any. Also make sure User Profile Synchronization service is started and isn’t affected by any automatic SharePoint backup script using server-side object model.

Until you verify the email address in both locations (user profile service application and user information list) are updated correctly, you can begin testing SMTP status. There is a PowerShell script to do that:

If the output is true, your SMTP is working well with SharePoint. Otherwise there is a problem between the SMTP server and your SharePoint.


If you need a quick way to update the email address for an affected end user, use the following PowerShell command line:


Email in SharePoint looks pretty complicated as it presents in several different locations and requires a complete process to make email notification in SharePoint work. To troubleshoot, you need to be familiar with User Profile Service application, a little more with Forefront Identity Manager and some skills for timer job troubleshooting. Or all of these things can be out of you list if you feel confident of making a custom job that can directly reach to Active Directory via LDAP syntax then update directly to user information list utilizing SPUser class. That’s your choice.

You may need to read Synchronizing User Account in Active Directory to SharePoint

Limitation of uploading big file to SharePoint 2013 with CSOM

We have recently rolled out an Outlook plugin that integrates with SharePoint. The plugin allows end users to upload selectable email to SharePoint 2013 libraries. Client-side object model (CSOM) is used for the plugin development. We realized that if the email’s size was more than 2MB, it was unable to be uploaded to SharePoint 2013 libraries. The following message was thrown out:

“The request message is too big. The server does not allow messages larger than 2097152 bytes.”

We just figured out that SharePoint 2013 has limit when using CSOM. The default value to make a request through CSOM is 2MB if you have never paid attention to CSOM setting. There is a property called MaxReceivedMessageSize in SPWebService object that is adjustable.

To allow big files to be uploaded through CSOM, use the following PowerShell snippet code:

Note: make sure SharePoint Timer service is stopped before you execute the above PowerShell

You could programmatically set the MaxReceivedMessageSize property using C# snippet code below

If you use built-in SharePoint API, you might need to read this article: Quick tip to overcome limitation of uploading using SharePoint web service

For more information about increasing the Maximum Message Size, read this article http://msdn.microsoft.com/en-us/library/office/ff599489(v=office.14).aspx

[Update – 27/01/2015] Jason has a good tip for uploading large files via CSOM with SaveBinaryDirect method and MemoryStream.

Is FrontPage Server Extensions vulnerable in SharePoint 2013?

If you have never performed vulnerability assessment using any tools, you are going to be surprised what the FrontPage Server Extensions means to SharePoint at least from the tittle and why it’s part of the assessment vector. If you see it one day in an assessment report when you are responsible for SharePoint security, you wouldn’t manage to easily remediate the issue or justify your security team. You could call Microsoft for a question but it’s not that just easy to do so almost time. What I’m going to share in this this article might show you the light at the end of the tunnel if you are stuck in whether fixing FrontPage Server Extension (FPSE) related vulnerability or justifying your security team.

Disclaimer: this article doesn’t provide you actual fix for the FPSE related issue or an official justification. The best way anyway is to call Microsoft support if you can’t convince your security team.

If you don’t know Microsoft FrontPage and Microsoft FrontPage Server Extensions, read the following articles:

What is detected?

When SharePoint 2013 is installed by default, there are two folders in which each name gives the assessment tool the sign of the FrontPage structure: _vti_bin and _vti_pvt. The _vti_bin folder contains several folders and built-in SharePoint web services. For example, you can see many web services for administrative tasks in the _vti_adm folder. The _vti_pvt contains files that show you current SharePoint version and its build when browsed. With that sign, the tool likely thinks that SharePoint 2013 still uses legacy FrontPage that is notoriously vulnerable historically. There are numerous vulnerability reports related to FrontPage you can quickly find from Google. There are the following URLs virtually detected after you run the assessment tool:

  • contoso.com/_vti_bin/_vti_adm/(*) (the list of many URLs starting with this prefix)
  • contoso.com/_vti_bin/_vti_aut/(*) (the list of many URLs starting with this prefix)
  • contoso.com/_vti_pvt/services.cnf
  • contoso.com/_vti_pvt/service.cnf
  • contoso.com/_vti_pvt/buildversion.cnf
  • contoso.com/_vti_inf.html

However, if you browse http://contoso.com/_vti_inf.html, you will see the blank page but its HTML source code contains some FrontPage configuration information. You even couldn’t find this file in SharePoint directory source.

What is reported?

Basically the assessment tool performs a GET method to crawled URLs and waits for response. If it receives something it thinks critical or sign of vulnerability, it will definitively repot. There are potential reasons as to why the tool reports about FPSE

  • By the structure detected, your system is using FPSE that is said to be insecure almost time so far
  • Disclosure of SharePoint version (_vti_pvt/service.snf)
  • Disclosure of FrontPage Configuration Information (_vti_inf.html)

If you use HP WebInspect, the report will look like as follows:

The service.cnf file was found in the _vti_pvt directory on a system running Microsoft FrontPage Server Extensions. This file contains meta-information about the web server. An attacker could submit a request for the vulnerable file and cause the server to reveal sensitive system information. The attacker could use this information to launch further attacks against the affected host. Recommendations include removing this file from the system if it is not needed, or tightening the default permission settings.

If the tool uses directory enumeration scan, it may indicate that FrontPage allows remote users to upload and modify web site content. Historically, attackers seek out FrontPage sites since FrontPage is often misconfigured to not require authentication.

Another tool (IBM AppScan) even recommends you to upgrade the latest FrontPage version available. Anyway almost tools state that your system is potentially vulnerable with the existing FPES. The disclosure of configuration information needs to be restricted to authorized people.

What to do then?

Ironically there is no official statement from Microsoft saying that FPES is the last version or significantly improved from the security perspective. You could explain that SharePoint requires FrontPage Remote Procedure Call (RPC) and to allow legacy software to connect. FrontPage RPC is implemented by both FrontPage Server Extensions and by Windows SharePoint Services that is foundation of the SharePoint platform. This reference (FrontPage Server Extensions RPC Protocol) provides you a list of methods that requires FPSE RPC protocol (e.g. check-in document). Although it’s written for SharePoint 2010, it’s still true for SharePoint 2013.

Paul Stork – an internationally renowned SharePoint expert commented in the MSDN thread that you could use as an explanation:

That’s because SharePoint and SharePoint Designer are built on the foundation of the original FrontPage Server Extension. Note however that the version number is 14, which is in keeping with SharePoint 2010. They just didn’t change the internal naming as they enhanced the product.

Reference: https://social.msdn.microsoft.com/Forums/en-US/0d273e45-4c6f-422b-be35-8f358de00722/

If your SharePoint is anonymously accessible, you need to consider implementing authorization rule to restrict access to web services under _vti_bin, or at least prevent attacker from accessing to gain SharePoint version or FrontPage configuration information (_vti_inf.html). I’m not sure how the attacker utilizes the configuration information to exploit your SharePoint but it’s much better if you restrict access to all of them. See the sample code snippet to restrict _vti_inf.html

The asterisk mark (*) represents authenticated user and the question mark (?) represents anonymous user. This post (Restricting access to SharePoint 2013 web services) does give you more details.


Since FPES is still a nightmare, the best way I’d highly recommend you is to call Microsoft in case you can’t justify the harmlessness of FPES in SharePoint 2013 reported by vulnerability assessment tool. Even when you call, it’s still pretty hard for Microsoft to fully protect you. They may say that information found is sent in the header of all HTTP requests to the server so having access to this file does not warrant a Configuration Disclosure. As a result, there would be an everlasting debate between you (or Microsoft) with your security team.  C’est la vie!

Additional helpful references:

Quick thought on “Password Never Expires”

Last week my colleague asked me if there was any official documentation or reference from Microsoft recommending setting “Password Never Expires” for SharePoint farm account. No Microsoft never provided such a recommendation. I then immediately responded to him as to why we needed that policy. Should we set Password Never Expires policy for SharePoint farm account or critical service account?

There are a couple of reasons why people tendentiously do that:

  • If the farm account gets expired, SharePoint timer service is stopped. All SharePoint Timer Job can’t function that make your SharePoint become broken. Central Administration web application isn’t accessible.
  • If the account that runs the web application pool of the corporate web application (e.g. intranet portal) gets expired, your end-user can’t access to the intranet portal.

To mitigate that failure, Password Never Expires policy is often set.

However, if your company has password management policy, Password Never Expires is forbidden. If this policy is required, you would probably have to deal with SharePoint failure. Here are a few solutions if Password Never Expires policy doesn’t exist in your SharePoint environment:

  • Configure friendly error message on IIS (HTTP error)
  • Establish Incident Management procedure
  • Register all Password Never Policy enabled accounts in the Managed Account list and use Automatic Password Change.

SharePoint 2013 Document Management Features

These days there are many issues that organizations have identified for a long time of use in their document storage. First, file server would only be accessible to end-users in internal network and would have to require VPN (Virtual Private Network) in case documents need to be present to partner or people outside of the company. Next, classification by hierarchy of folder is not a flexible approach. End-users have to navigate dozen of times when finding content. Moreover, the existing search feature is actually poor that does not reach to expectation. In terms of security policy, although the NTFS mechanism is applied, documents look unsecured all the time. Below are some of many concerns organizations are dealing with:

  • Security is applied carelessly, which exposes sensitive information to inappropriate people.
  • Important documents are stored on laptop that could be lost, stolen at any time
  • Documents stored centrally on Windows network drives, once deleted; may not go into a recycle bin.
  • No version management process is established to recover original version of document when needed.
  • It’s hard to audit document as no record exists

SharePoint was built intentionally to replace the manual document filling which was just used to store, and manage document in the manner of structured folder/sub-folder, by providing a new centralized document management system, to storing, controlling and protecting effectively for all documents.


SharePoint is web-based application that allows end-user to be able to access to shared documents regardless of where they are and mobile devices they use. Currently, the solution supports and is compatible with common browsers including Internet Explorer, Google Chrome, Firefox and Safari.  Almost mobile platforms are supported.

Document Center

The document center is designed as a repository for lager quantities of documents. Document center looks like a portal where shared corporate documents are located. It provides the following features:

  • Document Upload button
  • Find Document by ID
  • Newest Documents
  • Highest Rated Document
  • Modified by Me

Additional reference:

Document Library

Document library is a place that is designed to replace folder in common use. End-user can decide whether uploading a document or creating a new one in document library.

With Related Content feature available in document libraries, organizations can define the relationship between many documents. The solution auto suggests many relevant documents that can be defined initially.

Version Management

Every time a document is edited, a copy of it is created automatically with a configurable version number. It’s helpful to protect your document because you can recover original version.

With this feature, time and effort involved in figuring out who has the latest version of a document, and recovering when various revisions overwrite each other are definitively saved a lot.

Document Approval

SharePoint allows organizations to effectively control documents by forcing them to be approved before they are present to authorized users. With this organizations are able to manage corporate documents such as expense reporting, product design documentation, engineering changes, employee vacation or so on.

The solution allows administrators who do not have much technical skill can customize approval process (i.e. adding/removing approver, creating more branch of approval steps)

Document Set

Document Set enables organizations to group multiple documents that support a single project or task, together into a single entity.

Some example where document set might be useful to manage information would be:

  • RFP response: managing multiple documents like proposal (.docx), presentation (.pptx), estimate and pricing (.xlsx) which are part of the response to a RFP.
  • Product documentation: managing multiple document like TDM/BDM brochure (.docx/.pdf), evaluation guides (.docx), various presentations (.pptx), feature comparison sheets (.xlsx) etc. which need to be created as part of product release.
  • Construction project management: managing multiple documents like architecture design (.pdf/.cad/.vdsx), master plan (.xlsx/.mpp), financial sheet (.xlsx).

Document ID

Document ID is useful for organizations that need to apply compliance for corporate document. By using ID, end-users can look up their documents more quickly.

Document ID is configurable and can be applied globally.

Additional reference:

Metadata and Navigation

The solution provides the ability to accommodate metadata for each document when created. Metadata is created per organization’s information architecture. For example, metadata of a project documentation may include Author, Client Name, Budget, Project Name, Project Manager, Expiration Date etc. With such a metadata, organizations can apply classification at best to provide a seamless way to search document.

With custom navigation that displays defined metadata, end-users can choose to see documents based on them. For example, someone can select all project documents that are provided to client A. With this, they do not have to spend time looking up documents in urgent case.

Office Web App

For personnel and traveling executives, access to the internal documents is always a burden. It happens normally to IT department as well. With Office Web App solution, end-users can view, edit documents directly in browser without having to install Microsoft Office client application in their personal computer.

View or Edit permission can be set to specific user or group in organization.

Helpful reference:


SharePoint  provides powerful search engine that provide greatest user experience for end-user. For the use of search normally, end-user simply needs to enter keyword in Search box like Google experience. Search is customized for big data that is very effective to organizations that have to serve large databases.

Additional reference:

Security/Information Rights Management

SharePoint supports a variety of authentication types including Windows authentication, OAuth, SAML …etc. In terms of authorization, it offers a visual look in permission administration portal.

SharePoint allows administrator to be able to add not only Active Directory group but also custom SharePoint group to manage document access. Moreover, permission can be assigned to specific documents or a group with different level (Full Control, Design, Contribute, Read, View Only…).

Information Rights Management

Information Rights Management in SharePoint can combine Active Directory Rights Management Service to provide organization the ability to control rights on content. Policy can be defined to meet security policy and compliance.


Archiving solution enables organization to archive documents when needed. That said, documents that are no longer effective could be moved to another document libraries to improve database performance and to meet compliance. Archived documents are still searchable if necessary.


SharePoint allows administrator to be able to track which users have taken what actions on documents. Knowing who has done what with which information is very important for company regulatory compliance. For example, administrator can determine which users edited a specific document and when they did it. These activities below can be captured:

  • Opening or downloading documents, viewing documents in libraries, or viewing document’s metadata.
  • Editing documents
  • Checking out/Checking in documents
  • Moving or copying documents to another location
  • Deleting or restoring documents

Administrator will be able to export audit report to Excel file with the following information:

  • Site from which an activity originated
  • Document ID, type, name and location
  • User ID associated with the activity
  • Activity type, date, time and source
  • Action taken on the document

Offline working

End-users can synchronize shared documents to their personal computers and mobile devices for offline working. Once their devices connect to the Internet, chances made on documents would be synchronized to SharePoint document libraries.


SharePoint supports translating content in documents from corporate language to another language using Microsoft Translation Engine.

Multi-lingual Support

Not only supporting translation functionality, the solution also supports multi-lingual format. End-users can decide to select which language they are familiar with.

Beside out-of-the-box features above, if you would like to use my consulting and development service, please feel free to shoot me an email at thuan@outlook.com

Determine your Web Front-end server

Almost architecture design documentation I have had chances to review so far wrongly indicated actual number of web front-end servers in SharePoint farm. There are not many articles dedicated to telling you how to identify which servers performing web front-end role in an existing farm. They likely are written to let you know how many web front-end servers you should have for a good design and better performance.

This article is going to share you a very quick tip to determine a web front-end server. It will also provide a few caveats to help you maintain and mitigate potential risks.

What is so called a web front-end server?

A web front-end server basically is responsible for handling web services and hosting web applications and pages representing to end-users. It also receives incoming page request including query made in browser from end-user. To check to see whether a server in your farm is a web front-end or not, open Central Administration > System Settings > Manage services on server. In the Services on server page, select server and check Microsoft SharePoint Foundation Web Application service. If it’s started, the selected server is acting as a web front-end server.

You can also do a quick check through PowerShell.

If you see Online status, the service is started.

Caveats and Considerations

There are caveats and considerations on the topic you would have to be aware of. First, when documenting your SharePoint architecture, count any servers that have Microsoft SharePoint Foundation Web Application service started. For example, a farm that has totally 5 servers may have 3 web front-end servers, 2 application servers and 1 database server. It’s because one of the server that acts two roles: web front-end and application. Incorrect documenting would probably lead to wrong direction in SharePoint farm design in the feature when you need to scale out.

What will happen if you stop or restart Microsoft SharePoint Foundation Web Application service on any SharePoint servers? People simply think that restarting a SharePoint service doesn’t affect SharePoint or when it affects, things can get sorted out rapidly. That’s not really true. When you stop the Microsoft SharePoint Foundation Web Application service, SharePoint will understand that the farm is going to remove a web front-end server. The configuration database will then either update the topology again. There would be no problem at this point. However, when you start the service again, custom solutions will be automatically deployed to the new web frond-end server. If your solutions have user controls, SafeControl entries will be added to the web.config file. IIS settings are changed as well.

I recently involved in a disaster case in which the main web front-end MOSS 2007 server went down due to inadequate space for logging. I then stopped Windows SharePoint Services Web Application service in it to route all requests to the second web front-end server. Everything worked on the end-user side after then. The problem was that the Central Administration hosted in the main web front-end server was not accessible to us. When we started Windows SharePoint Services Web Application service again, all SharePoint sites we opened in the main server completely went down throwing out Unexpected error message – one of the provoking error messages Microsoft has ever made in the SharePoint platform. We spent hours investigating in SharePoint logs and realized that many controls were missing, IIS changes or so on. Making a copy of the second web front-end server’s IIS settings and web.config file didn’t work. Finally, we came to the decision to have to recover the main web front-end server entirely including system state. In a nutshell, if you restart Microsoft SharePoint Foundation Web Application service, be aware of the following things:

  • Custom solutions are deployed to the new web front-end. Resources including GAC files may overlap existing one.
  • Central Administration web site may not be accessible if it’s hosted in the server you stop the service.
  • Changes are made in the web.config file and IIS settings.

If you encounter that the Microsoft SharePoint Foundation Web Application service in SharePoint 2010/2013 is stuck on starting, chances are you have to run the following command:

This command can be applied for MOSS 2007 environment. In terms of third-party production deployment, the pricing may vary. Most common are based on the number of web front-end servers in farm. Saving the licensing cost by stopping Microsoft SharePoint Foundation Web Application service is not recommended.

When you are not enabling Microsoft SharePoint Foundation Web Application service, Health Analyzer warns you. Trust you design plan first, then Health Analyzer.

Last thing, impact on application server’s performance may exist if you start Microsoft SharePoint Foundation Web Application service in it. The worker process and timer service consume high memory while the application server needs resources to perform critical service applications (e.g. Search or Excel Service application).


Determining Web front-end role in your SharePoint farm is critical to your entire SharePoint solution. Upon the design, you can tune up SharePoint performance by enabling services in servers properly. Moreover, with correct determination, your web application and SharePoint sites are fully protected.

Do consider carefully planning for backup and recovery for your web front-end servers as they make SharePoint available to end-users who pay you money. Making them down means you lose buck and possibly dream job.

Manage product development with Visual Studio Online

When looking at a variety of tools for our product development management, we feel like we are sour and scornful women walking around modern fashion stores in a big shopping centre. It’s very hard to make a decision on what you would like to buy with small budget in the situation all of things do attract you. These include Jira, Kanban, Trello, Visual Studio Online, Basecamp or so on. Each has its own pros and cons and gives us headaches. In the past the team used Trello and Jira for almost projects. We had no experience on Visual Studio Online until we were introduced by a friend of mine working at Microsoft.  After digging into it, we finally have made decision on the tool we will use for CollaPoint product management. 

Visual Studio Online, formerly Team Foundation Service, is an online service providing features for software project management. It offers a hosted development platform and code repository for developer and doesn’t require an on-premises sever to support development.

If you are an expert in software development, you probably know about some world-class processes such as Agile, CMMI. These templates including Microsoft Visual Studio Scrum 2013.2 are supported when you start creating a project. Microsoft also put its own framework named Microsoft Solution Framework.


Moreover, Visual Studio Online supports not only Team Foundation Version Control developed by Microsoft but also Git that is one of the most common used tools.

If you come to Visual Studio Online at the first time, there are several terms you may have to learn, e.g. backlog item, sprint…etc. This is not a big deal! You will adapt these Scrum stuffs rapidly. Backlogs are displayed in a list format. They can be displayed in a board that allows you to drag and drop pieces to another status. This makes easier for you to control tasks assigned to your developers.


Microsoft comes up with a reasonable pricing for Visual Studio Online. Read it here: http://www.visualstudio.com/en-us/products/visual-studio-online-overview-vs 

There are so many things the team is going to share with you on Visual Studio online when developing CollaPoint Quiz product. We just have you look around Visual Studio Online in a short introduction in this article. We will go back to write some articles on how we utilize from Visual Studio Online in the near future.

CollaPoint Quiz – My SharePoint-based Gamification Startup

As gamification is one of the topics I like the most, I started thinking of a simple quiz product that would run on SharePoint platform to help companies to build a productive environment earlier 2014. The idea then ran through my blood and kicked my ass every time I thought about gamification. I then discussed with my perfect team about the idea. All of them totally agreed and were interested in making the idea into reality. It’s been 3 months since we started planning for the new product. I would like to take my time on this post to introduce CollaPoint Quiz – a simple SharePoint-based gamification product that we have been crazy about.

Why CollaPoint Quiz?

According to some researches, a relaxed working environment will lead to productivity. It can benefit to your business by enhancing job satisfaction and reduce stress so you can get the most out of your employees. People are in good spirits are more likely to be productive. Their mental aptitude produces increase oxygen and blood flows to the brain that enables them to think more clearly and creatively.

Many companies are almost convinced by the capabilities of SharePoint platform. Tons of features are beneficial to companies and employees. However, folks have not realized the fact that even their solutions save very much time, users still don’t want to use it. The transition to the new modern technology is a big barrier to making a successful solution. One of the most common questions come up is: “How do we bring people to SharePoint?” A user adoption plan provided by Microsoft wouldn’t help much in real-world scenarios.

The idea was then “Let’s build a very simple solution in SharePoint environment that companies can use against their SharePoint user adoption plan”.

CollaPoint Quiz Features

When your employees open the intranet website, they can see the popup at the right bottom that displays questions randomly. They can answer questions to score. Everything has never been easier to be used from the first glance. The right answer is marked green and wrong one is marked red. From the popup, users can change questions, close the popup and navigate to the leaderboard page.


Adding a question is very easy to those who have rights to manage questions. For those who are familiar with SharePoint list, there is nothing new in the question list. The adding form allows users to select existing categories or add a new one directly.

The leaderboard is where users can see their score and number of different analytics (the number of players, categories, questions…).


For more information about CollaPoint Quiz and its screenshots,  download and read the guide.

CollaPoint Quiz Benefits

Heads huddled together to define the product’s benefits through many workshops and techniques. There are many advantages companies can take from CollaPoint Quiz.

Here is just the list of few of them

  • Improve engagement: by allowing employees to more freely connect to another one, CollaPoint Quiz helps pulling everyone together easily so that they can understand each other.
  • Improve work-in-group quality: It’s especially important for those who work in groups. By understanding strengths of each other, they can complement weaknesses to corporate in reaching the common benefits.
  • Improve company knowledge: employee knowledge will be naturally improved by taking game with a variety of topics such as company history, culture, society, science or so on
  • First step to SharePoint: CollaPoint Quiz helps organizations and companies put their employees at the front door of getting familiar with SharePoint.

The Team behind CollaPoint Quiz

I consider myself very fortunate to have a perfect team. All of us are very young but have enough skills to build the product. The oldest one is just nearly 24 years old. Believe or not? Your choice! We have not only developers who excel at SharePoint, designers who know how to make an easy-to-use interface but also freaky marketing geeks who like to spread the words out. Each person in the team has a particular characteristic that can combine with another one to form a unique team.

As a small startup, we are shouldering investment, effort to blood and tears. We are in the process of working on partnership program with a few prospective companies to help us maintain CollaPoint Quiz and other upcoming products that we are starting. Shoot me an email at thuan@outlook.com if you would like to participate in investment.

What’s next?

CollaPoint Quiz is being finalized. It will come out to be commercial at the beginning of June 2014. We have sent out CollaPoint Quiz to some companies for trial use. If you are interested in experiencing CollaPoint Quiz, please contact me at thuan@outlook.com or info@collapoint.com.

Bookmark my blog to read more upcoming articles on how we use Microsoft Cloud services to manage our product development.

© 2018 The Soldier of Fortune.