Blog FeedSolution to stop unecessary calls to SharePoint Server from Microsoft Office applications
By Namwar Rizvi - Last updated: Saturday, October 8, 2016
Published Links are the addresses of SharePoint sites/libraries which are available to user as a destination to save the document from Office Application. User can add additional sites/libraries by clicking on viagra for sale edmonton professional critical thinking editing site us go here https://elkhartcivictheatre.org/proposal/mba-entry-essay/3/ doctoral dissertation proposal outline te hace mal el viagra amount homework dissertation de philo annonce du plan http://www.cresthavenacademy.org/chapter/ielts-writing-essay/26/ https://sacredwaters.net/citrate/cheap-cialis-lilly/60/ main difference between viagra cialis lasix without prescription mastercard accepted https://medpsychmd.com/nurse/order-viagra-online-review/63/ research design sample thesis qualitative http://yogachicago.com/pills/buy-zyvox-online/25/ essay topic esl writing service contract agreement research paper sample outline format cialis canada yahoo com https://homemods.org/usc/marijuana-legalization-persuasive-essay/46/ best custom essay editor website gb l-arginine viagra independent india essay https://campuschildcare-old.wm.edu/thinking/thesis-statement-about-jack-in-lord-of-the-flies/10/ obama nobel peace prize speech see tunay na kaibigan essay imagens de comprimidos viagra delay aversion hypothesis nsaid prednisone microeconomics homework follow url Connect To Office button on SharePoint Document Library ribbon.
Microsoft Office Applications e.g. Word and Excel try to sync information for all Published Links of SharePoint when a user opens “Save As” dialogue. This call is necessary to ensure that Office application has the latest list of sites which a user has selected by using “Connect to Office” option. Office applications gets the latest list by calling a SharePoint out of the box webservice available at following server relative address:
/_vti_bin/publishedlinksservice.asmx
Problem:
If Office application unable to access this address, it will display the login prompt. This will quickly become a nuisance, if you no longer use that SharePoint (e.g. you have left organisation, SharePoint address has changed etc.)
Resolution:
Remove the following two Registry entries as follows:
- Remove all unncessary sub-keys from HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\15.0\Common\Portal\Link Providers
- Remove all unnecessary sub-keys from HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\15.0\Common\Server Links\Published
Above two keys store the SharePoint site addresses to retrieve latest SharePoint locations. Office applications use these registry keys to find SharePoint site addresses and try to connect to SharePoint and shows Sign-in prompts, if unable to connect.
Filed in How To, Information, Solutions, Troubleshooting • Tags: How To, Information, Sharepoint, Solutions, Troubleshooting
How to receive latest updates in O365 Developer Tenant As Soon As Possible?
By Namwar Rizvi - Last updated: Sunday, September 11, 2016
Microsoft contniously updates Office 365 with new features and experiences and releases them to the users as per release preference selected by customer.
If you have a Developer Tenant account and want to receive updates as soon as possible, you will need to swicth your Release Preference to First release track.
Following is the step by step procedure to switch the release preference. Please note these action can only be performed by Office 365 Admin. In Developer tenant, you are the Admin 🙂
- Sign in to your Office 365 account;
- Click Admin tile;
- Under Settings, click Organization profile;
- Click Release preferences;
- In newly opened Release preferences blade, click First release for everyone;
- click Next;
- Click Yes;
- Click Close
How to enable new User Experience for SharePoint Online Document Libraries and Lists
By Namwar Rizvi - Last updated: Tuesday, July 26, 2016
Microsoft is rolling out new user experience for Document Libraries and Lists in SharePoint Online. If you are a SharePoint Online tenant user and want to test new User Experience for your Document Library and/or SharePoint Lists then perform following steps:
Document Library:
- Open Library Settings
- Click Advanced Settings
- Scroll to bottom of the page, you will see a new setting called List Experience, similar to following:
- Click New experience
- Click OK
SharePoint List:
You can try the same steps for SharePoint Lists also but if they do not work, here is another trick:
- Navigate to your desired list
- Append a QueryString parameter TryNewExperience=true in your url and refresh the page
- Example:
- Original List Url: https://yourdomain.sharepoint.com/Lists/Test%20List/AllItems.aspx
- After QueryString parameter: https://yourdomain.sharepoint.com/Lists/Test%20List/AllItems.aspx?TryNewExperience=true
What is a SharePoint Farm?
By Namwar Rizvi - Last updated: Thursday, June 9, 2016
It is a common question asked by many users that what exactly we mean by SharePoint Farm? The answer is
A SharePoint Farm is a collection of all those SharePoint servers that share the same SharePoint configuration database.
By Default, configuration database name is SharePoint_Config. As per Microsoft TechNet article here, configuration database is the fundamental SharePoint database and used for following:
- Contains data about all SharePoint databases,
- all Internet Information Services (IIS) Web sites or Web applications,
- Trusted solutions,
- Web Part Packages,
- Site templates,
- Web application and farm settings specific to SharePoint 2013, such as default quota and blocked file types.
Requirements:
- Must be co-located with Central Administration Content database
- Only one Configuration database is supported per farm.
- Scale up only, significant growth is unlikely.
Step-by-Step SharePoint Online Authentiaction Process via HTTP Protocol
By Namwar Rizvi - Last updated: Monday, March 21, 2016
Here is the step-by-step, behind the scene, authentication process of SharePoint Online. You can use it to connect to SharePoint Online from any Microsoft or Non-Microsoft technology. It gives you an idea of how things work at the very basic level of HTTP protocol, while authenticating a user in SharePoint Online.
Assumption:
- User is trying to access a SharePoint resource (e.g. File, list Item) by code, but does not have valid authenticated session.
- Code needs to authenticate the user to SharePoint Online and needs to receive authentication cookie for future requests.
Process:
Note
Replace “yourdomain.com” with your actual domain as registered on sharepoint.com.
Replace “username” with full username e.g. paul.brooks@mycompany.com
- Try to access a resource on your SharePoint Online by sending GET e.g.
- GET https://yourdomain.sharepoint.com/
- Set Header X-IDCRL_ACCEPTED: t
- SharePoint Online server will reply with error
- 401 Unauthorized along with following header
- WWW-Authenticate: IDCRL Type=”BPOSIDCRL”, EndPoint=”/_vti_bin/idcrl.svc/“, RootDomain=”sharepoint.com”, Policy=”MBI”
- The above response means, SharePoint Online is challenging you to first authenticate yourself by a trusted AD (Federation Provider) and then come back again, to provided EndPoint (i.e. /_vti_bin/idcrl.svc) , to get authentication Cookie for future session requests.
- Now, to get authenticated, you need to send POST request with your username to https://login.microsoftonline.com/getuserrealm.srf?login=username@yourdomain.com&xml=1
- SharePoint Online web server will reply with XML similar to following:
<?xml version="1.0"?><RealmInfo Success="true"> <State>3</State> <UserState>2</UserState> <Login>username@yourmain.com</Login> <NameSpaceType>Federated</NameSpaceType> <DomainName>yourdomain.com</DomainName> <FederationGlobalVersion>-1</FederationGlobalVersion> <AuthURL>https://sts.yourdomain.com/adfs/ls/</AuthURL> <IsFederatedNS>true</IsFederatedNS> <STSAuthURL>https://sts.yourdomain.com/adfs/services/trust/2005/usernamemixed</STSAuthURL> <FederationTier>0</FederationTier> <FederationBrandName>yourdomain.com</FederationBrandName> <AllowFedUsersWLIDSignIn>false</AllowFedUsersWLIDSignIn> <Certificate>Very Long String Containing your Certificate Information</Certificate> <MEXURL>https://sts.yourdomain.com/adfs/services/trust/mex</MEXURL> <SAML_AuthURL/> <PreferredProtocol>1</PreferredProtocol> <EDUDomainFlags>0</EDUDomainFlags> </RealmInfo>
- Retrieve STSAuthURL value in above XML
- POST the following XML to above retrieved STSAuthURL e.g.
https://sts.yourdomain.com/adfs/services/trust/2005/usernamemixed
This will contain your username and password for authentication
<?xml version="1.0" encoding="UTF-8"?> <s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsa="http://www.w3.org/2005/08/addressing" xmlns:wssc="http://schemas.xmlsoap.org/ws/2005/02/sc" xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust"> <s:Header> <wsa:Action s:mustUnderstand="1">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</wsa:Action> <wsa:To s:mustUnderstand="1">https://sts.yourdomain.com/adfs/services/trust/2005/usernamemixed</wsa:To> <wsa:MessageID>GUID in this format 7f60eeb9-db69-4411-b600-b6570dfb0ddf</wsa:MessageID> <ps:AuthInfo xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" Id="PPAuthInfo"> <ps:HostingApp>Managed IDCRL</ps:HostingApp> <ps:BinaryVersion>6</ps:BinaryVersion> <ps:UIVersion>1</ps:UIVersion> <ps:Cookies/> <ps:RequestParams>AQAAAAIAAABsYwQAAAAxMDMz</ps:RequestParams> </ps:AuthInfo> <wsse:Security> <wsse:UsernameToken wsu:Id="user"> <wsse:Username>username@yourdomain.com</wsse:Username> <wsse:Password>Password of the user</wsse:Password> </wsse:UsernameToken> <wsu:Timestamp Id="Timestamp"> <wsu:Created>2016-03-18T16:26:35.0709397Z</wsu:Created> <wsu:Expires>2016-03-18T16:36:35.0719398Z</wsu:Expires> </wsu:Timestamp> </wsse:Security> </s:Header> <s:Body> <wst:RequestSecurityToken Id="RST0"> <wst:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</wst:RequestType> <wsp:AppliesTo> <wsa:EndpointReference> <wsa:Address>urn:federation:MicrosoftOnline</wsa:Address> </wsa:EndpointReference> </wsp:AppliesTo> <wst:KeyType>http://schemas.xmlsoap.org/ws/2005/05/identity/NoProofKey</wst:KeyType> </wst:RequestSecurityToken> </s:Body> </s:Envelope>
- Server will reply with the following XML, if you have valid username and password. Following contains the SAML security token
You will note that <a:RelatesTo> node contains the same GUID which you passed as MessageID in the Request
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> <s:Header> <a:Action s:mustUnderstand="1">http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue</a:Action> <a:RelatesTo>7f60eeb9-db69-4411-b600-b6570dfb0ddf</a:RelatesTo> <o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> <u:Timestamp u:Id="_0"> <u:Created>2016-03-18T16:27:39.529Z</u:Created> <u:Expires>2016-03-18T16:32:39.529Z</u:Expires> </u:Timestamp> </o:Security> </s:Header> <s:Body> <t:RequestSecurityTokenResponse xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust"> <t:Lifetime> <wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2016-03-18T16:27:39.523Z</wsu:Created> <wsu:Expires xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2016-03-18T17:27:39.523Z</wsu:Expires> </t:Lifetime> <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> <wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing"> <wsa:Address>urn:federation:MicrosoftOnline</wsa:Address> </wsa:EndpointReference> </wsp:AppliesTo> <t:RequestedSecurityToken> <saml:Assertion MajorVersion="1" MinorVersion="1" AssertionID="_b73fceb0-XXXX-4f70-98e0-ad664d27afc9" Issuer="http://yourdomain.com/adfs/services/trust/" IssueInstant="2016-03-18T16:27:39.529Z" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"> <saml:Conditions NotBefore="2016-03-18T16:27:39.523Z" NotOnOrAfter="2016-03-18T17:27:39.523Z"> <saml:AudienceRestrictionCondition> <saml:Audience>urn:federation:MicrosoftOnline</saml:Audience> </saml:AudienceRestrictionCondition> </saml:Conditions> <saml:AttributeStatement> <saml:Subject> <saml:NameIdentifier Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">yFcXXXXC9kS3vGXgpnSyNw==</saml:NameIdentifier> <saml:SubjectConfirmation> <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</saml:ConfirmationMethod> </saml:SubjectConfirmation> </saml:Subject> <saml:Attribute AttributeName="UPN" AttributeNamespace="http://schemas.xmlsoap.org/claims"> <saml:AttributeValue>username@yourdomain.com</saml:AttributeValue> </saml:Attribute> <saml:Attribute AttributeName="ImmutableID" AttributeNamespace="http://schemas.microsoft.com/LiveID/Federation/2008/05"> <saml:AttributeValue>yFcXXXXC9kS3vGXgpnSyNw==</saml:AttributeValue> </saml:Attribute> </saml:AttributeStatement> <saml:AuthenticationStatement AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password" AuthenticationInstant="2016-03-18T16:27:39.520Z"> <saml:Subject> <saml:NameIdentifier Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">yFcXXXXC9kS3vGXgpnSyNw==</saml:NameIdentifier> <saml:SubjectConfirmation> <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</saml:ConfirmationMethod> </saml:SubjectConfirmation> </saml:Subject> </saml:AuthenticationStatement> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <ds:Reference URI="#_b73fceb0-c9e9-XXXX-98e0-ad664d27afc9"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <ds:DigestValue>NK0XXXXapBi+LwTyIXiicj5rfsc=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>Very long string as Signature</ds:SignatureValue> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> <X509Data> <X509Certificate>Very Long String as Certificate Data</X509Certificate> </X509Data> </KeyInfo> </ds:Signature> </saml:Assertion> </t:RequestedSecurityToken> <t:RequestedAttachedReference> <o:SecurityTokenReference k:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:k="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"> <o:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID">_b73XXXX0-c9e9-4f70-98e0-ad664d27afc9</o:KeyIdentifier> </o:SecurityTokenReference> </t:RequestedAttachedReference> <t:RequestedUnattachedReference> <o:SecurityTokenReference k:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:k="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"> <o:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID">_b7XXXeb0-c9e9-4f70-98e0-ad664d27afc9</o:KeyIdentifier> </o:SecurityTokenReference> </t:RequestedUnattachedReference> <t:TokenType>urn:oasis:names:tc:SAML:1.0:assertion</t:TokenType> <t:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</t:RequestType> <t:KeyType>http://schemas.xmlsoap.org/ws/2005/05/identity/NoProofKey</t:KeyType> </t:RequestSecurityTokenResponse> </s:Body> </s:Envelope>
- Extract saml:Assertion node from t:RequestedSecurityToken
- POST following XML to https://login.microsoftonline.com/RST2.srf
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> <s:Header> <a:Action s:mustUnderstand="1">http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue</a:Action> <a:RelatesTo>7f6XXXb9-db69-4411-b600-b6570dfb0ddf</a:RelatesTo> <o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> <u:Timestamp u:Id="_0"> <u:Created>2016-03-18T16:27:39.529Z</u:Created> <u:Expires>2016-03-18T16:32:39.529Z</u:Expires> </u:Timestamp> </o:Security> </s:Header> <s:Body> <t:RequestSecurityTokenResponse xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust"> <t:Lifetime> <wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2016-03-18T16:27:39.523Z</wsu:Created> <wsu:Expires xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2016-03-18T17:27:39.523Z</wsu:Expires> </t:Lifetime> <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> <wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing"> <wsa:Address>urn:federation:MicrosoftOnline</wsa:Address> </wsa:EndpointReference> </wsp:AppliesTo> <t:RequestedSecurityToken> <saml:Assertion MajorVersion="1" MinorVersion="1" AssertionID="_b7XXXeb0-c9e9-4f70-98e0-ad664d27afc9" Issuer="http://yourdomain.com/adfs/services/trust/" IssueInstant="2016-03-18T16:27:39.529Z" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"> <saml:Conditions NotBefore="2016-03-18T16:27:39.523Z" NotOnOrAfter="2016-03-18T17:27:39.523Z"> <saml:AudienceRestrictionCondition> <saml:Audience>urn:federation:MicrosoftOnline</saml:Audience> </saml:AudienceRestrictionCondition> </saml:Conditions> <saml:AttributeStatement> <saml:Subject> <saml:NameIdentifier Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">yFcXXX6C9kS3vGXgpnSyNw==</saml:NameIdentifier> <saml:SubjectConfirmation> <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</saml:ConfirmationMethod> </saml:SubjectConfirmation> </saml:Subject> <saml:Attribute AttributeName="UPN" AttributeNamespace="http://schemas.xmlsoap.org/claims"> <saml:AttributeValue>username@yourdomain.com</saml:AttributeValue> </saml:Attribute> <saml:Attribute AttributeName="ImmutableID" AttributeNamespace="http://schemas.microsoft.com/LiveID/Federation/2008/05"> <saml:AttributeValue>yFcXXXXC9kS3vGXgpnSyNw==</saml:AttributeValue> </saml:Attribute> </saml:AttributeStatement> <saml:AuthenticationStatement AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password" AuthenticationInstant="2016-03-18T16:27:39.520Z"> <saml:Subject> <saml:NameIdentifier Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">yFcXXXXC9kS3vGXgpnSyNw==</saml:NameIdentifier> <saml:SubjectConfirmation> <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</saml:ConfirmationMethod> </saml:SubjectConfirmation> </saml:Subject> </saml:AuthenticationStatement> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <ds:Reference URI="#_b73XXXb0-c9e9-4f70-98e0-ad664d27afc9"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <ds:DigestValue>NKXXXXsapBi+LwTyIXiicj5rfsc=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>Very long string as Signature</ds:SignatureValue> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> <X509Data> <X509Certificate>Very Long String as Certificate Data</X509Certificate> </X509Data> </KeyInfo> </ds:Signature> </saml:Assertion> </t:RequestedSecurityToken> <t:RequestedAttachedReference> <o:SecurityTokenReference k:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:k="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"> <o:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID">_b7XXXeb0-c9e9-4f70-98e0-ad664d27afc9</o:KeyIdentifier> </o:SecurityTokenReference> </t:RequestedAttachedReference> <t:RequestedUnattachedReference> <o:SecurityTokenReference k:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:k="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"> <o:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID">_b7XXXeb0-c9e9-4f70-98e0-ad664d27afc9</o:KeyIdentifier> </o:SecurityTokenReference> </t:RequestedUnattachedReference> <t:TokenType>urn:oasis:names:tc:SAML:1.0:assertion</t:TokenType> <t:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</t:RequestType> <t:KeyType>http://schemas.xmlsoap.org/ws/2005/05/identity/NoProofKey</t:KeyType> </t:RequestSecurityTokenResponse> </s:Body> </s:Envelope>
- Server Returns following XML and sets following Cookies
- SASession=; expires=Thu, 30-Oct-1980 16:00:00 GMT;domain=login.microsoftonline.com;secure= ;path=/;HTTPOnly= ;version=1
- x-ms-gateway-slice=orgidprod; path=/; secure; HttpOnly
- stsservicecookie=orgidprod; path=/; secure; HttpOnly
- Compact Policy token is present. A trailing ‘o’ means opt-out, a trailing ‘i’ means opt-in.
- P3P Header is also sent as follows CP=”DSP CUR OTPi IND OTRi ONL FIN”
<?xml version="1.0" encoding="utf-8" ?> <S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsa="http://www.w3.org/2005/08/addressing"> <S:Header> <wsa:Action xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsa="http://www.w3.org/2005/08/addressing" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Action" S:mustUnderstand="1">http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue</wsa:Action> <wsa:To xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsa="http://www.w3.org/2005/08/addressing" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="To" S:mustUnderstand="1">http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</wsa:To> <wsse:Security S:mustUnderstand="1"> <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="TS"> <wsu:Created>2016-03-18T16:27:40Z</wsu:Created> <wsu:Expires>2016-03-18T16:32:40Z</wsu:Expires> </wsu:Timestamp> </wsse:Security> </S:Header> <S:Body> <wst:RequestSecurityTokenResponse xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:psf="http://schemas.microsoft.com/Passport/SoapServices/SOAPFault"> <wst:TokenType>urn:passport:compact</wst:TokenType> <wsp:AppliesTo xmlns:wsa="http://www.w3.org/2005/08/addressing"> <wsa:EndpointReference> <wsa:Address>sharepoint.com</wsa:Address> </wsa:EndpointReference> </wsp:AppliesTo> <wst:Lifetime> <wsu:Created>2016-03-18T16:27:40Z</wsu:Created> <wsu:Expires>2016-03-19T00:27:40Z</wsu:Expires> </wst:Lifetime> <wst:RequestedSecurityToken> <wsse:BinarySecurityToken Id="Compact0">Very Long String to represent Binary Security Token</wsse:BinarySecurityToken> </wst:RequestedSecurityToken> <wst:RequestedAttachedReference> <wsse:SecurityTokenReference> <wsse:Reference URI="OaBXXXX6kZOe7k9C3MR1SdlN/x0="/> </wsse:SecurityTokenReference> </wst:RequestedAttachedReference> <wst:RequestedUnattachedReference> <wsse:SecurityTokenReference> <wsse:Reference URI="OaXXXX46kZOe7k9C3MR1SdlN/x0="/> </wsse:SecurityTokenReference> </wst:RequestedUnattachedReference> </wst:RequestSecurityTokenResponse> </S:Body> </S:Envelope>
- Extract the value of
wsse:BinarySecurityToken [ Id=Compact0 ]from above returned XML response
- Send following GET request to
https://yourdomain.sharepoint.com/_vti_bin/idcrl.svcafter setting following Request Header X-IDCRL_ACCEPTED: t
- Authorization: BPOSIDCRL Add the above extracted value of wsse:BinarySecurityToken [ Id=Compact0 ]
- Server will respond to set the special cookie called SPOIDCRL along with P3P policy header. This is the cookie which SharePoint Online will check in all requests, to make sure that your request is coming from an authenticated client. Sample raw response response is as follows:
HTTP/1.1 200 OK Cache-Control: private Server: Microsoft-IIS/8.5 X-SharePointHealthScore: 0 X-AspNet-Version: 4.0.30319 Set-Cookie: SPOIDCRL=Base64 Encoded String containing membership info and some other information; path=/; secure; HttpOnly SPRequestGuid: a9cb699d-60de-2000-1f64-ddad45389266 request-id: a9cb699d-60de-2000-1f64-ddad45389266 Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN SPRequestDuration: 132 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.5104 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Date: Fri, 18 Mar 2016 16:27:39 GMT Content-Length: 0 |
- Send this Cookie with all other future SharePoint requests.
Filed in Architecture, Guidance, Information, Security, SharePoint Online, Troubleshooting, Uncategorized • Tags: Architecture, Information, Security, Sharepoint, SharePoint Online
Quickly find the current used storage of your site collection by using REST
By Namwar Rizvi - Last updated: Wednesday, November 19, 2014
If you want to find out how much storage your SharePoint site collection is currently using then you can use the following REST url in your browser
://<Replace your Site Collection Url>/_api/site/Usage/Storage
For example:
http://sp/_api/site/Usage/Storage
You will get response similar to following. Please note SharePoint report storage in bytes so to get the size in MB you need to divide it by 1048576 .
In following example: storage in MB will be 8038715 / 1048576 = 7.67 MB
Filed in Architecture, Configuration, REST, Solutions, Tips, Troubleshooting • Tags: REST, Sharepoint, SharePoint 2013, Troubleshooting
All possible ways to find SharePoint Version and Build number
By Namwar Rizvi - Last updated: Monday, November 3, 2014
If you are trying to find exact Version and Patch level of your SharePoint installation, then use one of the following methods
Method 1 : Using Service.cnf url
- Navigate to following url in your browser <Your SharePoint Site>/_vti_pvt/Service.cnf
- You will a response similar to following
vti_encoding:SR|utf8-nl
vti_extenderversion:SR|14.0.0.4762
Check the number shown in your response at SharePoint Build Numbers
Method 2 : Using Central Administration Site
- Launch SharePoint Central Administration site
- Under Upgrade and Migration, click Check product and migration status
- You will get screen similar to following
Method 3 : Using PowerShell
- Launch SharePoint 2010 Management Shell
- Enter PowerShell command Get-SPFarm | Select BuildVersion
- You will get screen similar to following
Method 4 : Checking Registry setting
- Launch Registry Editor on your SharePoint web front end
- Navigate to Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office Server\14.0
- Check the value of BuildVersion as shown in following screen
Method 5 : Checking HTTP Header
- Launch Fiddler or any other Proxy traffic inspector on any client computer which can access a SharePoint site
- Navigate to any page of your SharePoint site on client computer
- Check MicrosoftSharePointTeamServices response header in Fiddler, as shown in screen below
Filed in How To, Installation, PowerShell, Service Pack, SharePoint 2013, SP2010, Tips, Troubleshooting • Tags: Architecture, How To, Information, Installation, Management, PowerShell, Registry Settings, Sharepoint, SharePoint 2010, SharePoint 2013, SP2010, Tips, Troubleshooting
Solution for “SharePoint Designer cannot display the item” error to edit workflow
By Namwar Rizvi - Last updated: Sunday, November 2, 2014
If you are unable to edit workflows in SharePoint 2013 after upgrading from 2010 and getting following error then perform the steps mentioned below to resolve this issue.
SharePoint Designer cannot display the item
- Make sure you have uninstalled SharePoint Designer 2010
- Close SharePoint Designer 2013
- On the local computer, browse to the following folder:
- C:\Users\<Replace Your User Name>\AppData\Local\Microsoft\
WebsiteCache
- Example: C:\Users\mark.lee.contoso\
AppData\Local\Microsoft\ WebsiteCache
- C:\Users\<Replace Your User Name>\AppData\Local\Microsoft\
- Delete everything in WebsiteCache folder.
- On the local computer, browse to the following folder:
- C:\Users\<Replace Your User Name>\AppData\Roaming\
Microsoft\SharePoint Designer\ProxyAssemblyCache - Example: C:\Users\mark.lee.contoso\
AppData\Roaming\Microsoft\ SharePoint Designer\ProxyAssemblyCache
- C:\Users\<Replace Your User Name>\AppData\Roaming\
- Delete everything in ProxyAssemblyCache folder.
- Done.
- Open SharePoint Designer 2013 and make the changes to your site as needed.
This happens due to cached .NET assemblies in above mentioned folders. These cached files confuses SPD2013 to use older .NET code which is not compatible with SP2013.
Filed in SharePoint 2013, SharePoint Designer 2013, Solutions, Tips, Troubleshooting, Workflow • Tags: SharePoint 2013, SharePoint Designer 2013, Troubleshooting, Workflow
Current Item Url in SharePoint Workflow
By Namwar Rizvi - Last updated: Saturday, February 22, 2014
If you want to embed a link to current item in your SharePoint Workflow email or in any other action then use
Workflow Context -> Current Item Url
Exam 70-489 Developing Microsoft SharePoint Server 2013 Advanced Solutions Format
By Namwar Rizvi - Last updated: Sunday, January 19, 2014
If you are preparing for the SharePoint 2013 certification 70-489 i.e. “Developing Microsoft SharePoint Server 2013 Advanced Solutions” then following will be helpful for you with regards to exam format:
- Exam will consist of total 46 questions
- Minimum passing score is 700
- Exam questions will be either multiple choice or scenario based drag and drop code exercises.
- Exam is divided into multiple sections; you can not go back to a completed section once you have marked it completed.
- There are two categories of exam sections,
- Section of general SharePoint 2013 questions (Total 1 section of 20 questions)
- Section of Case Study based questions (Total 4 sections of 6 to 8 questions per section)
For exam content details, skills measured and how to prepare, please refer to the certification page
http://www.microsoft.com/learning/en-us/exam-70-489.aspx
Filed in Certification, Information, SharePoint 2013 • Tags: Certification, Information, SharePoint 2013