Thursday, November 27, 2014

DirSync tool - Quickview

This is my self notes on preparing for the Office 365 exam 70- 346 from various sources including MSDN, Office 365 community forum , online video tutorial.

DirSync tool lets the Active Directory domain admin to synchronize the users from on-premise to Cloud (Azure AD) for consuming the Microsoft Online Services such as Office 365,Intune,Desktop office installation [Complete],Exchange and Lync Online .

This tool can be installed on any server which is joined to Active Directory and can be part of AD forest.

Using this tool you can sync the contacts,groups and mail enabled objects from AD to Azure AD

The recently, this tool has been improved to sync [one way push ] the password hash [read it as not password ] from AD to Azure AD.When you sync the password , Office 365 disable the change password option for users in the admin site and user password can be reset only on on-premise AD.

[This feature will be highly recommended when your on-premise AD FS server or services not consistent player.]
If there is an outage in the Single Sign-On (AD FS 2.0 ) on your on premise, you cannot use the Office 365 services ]
This approach also considered as backup for AD FS infrastructure.

By default a tenant [One subscription] and Azure AD can hold up to 50,000 objects and it can be increased up to 300,000 objects when you verify your domain.

DirSync tool by default comes with SQL Server Express 2012 SP1 that can process up to 50,000 and if your AD has more than this limit, then this tool must be installed to use the SQL Server standard edition with one dedicated instance.

It will create a service account on your local computer which is joined to active directory,that account will have high privilege permission on AD and all the AD Forest read all domains and write back to Azure AD.

This tool can sync the user objects for every 3 hours by default,you can change this interval as per your own policies.

Saturday, November 15, 2014

Visual Studio Cannot connect to SharePoint 2013 Site

Cannot connect to SharePoint , Make sure that this is the Valid URL if you happen to see this error in your Visual Studio while deploying the SharePoint application. 

Even if you sure that the URL works fine on your browser then the reason could be as follows,

  1. You are not a  site collection administrator on the site where you trying to deploy.
  2. Your account is not part of the Farm Administrator Group.
  3. Host file might be missing your Alternate Access Mapping URL.
To workaround to this issue.

1 : Add your account to Site Collection Administrator
Site Settings ------> User and Permission-->Site Collection Administrator.
Still if you are facing this issue, probably you don't have permission on the WSS_Content DB in which your site collection data residing.

If you are working your local Server or VM then you are the super user, good to go in to SQL Server and locate the WSS_Content DB add your  account "db_owner" role.

2,Add your account to SharePoint Farm Administrator Group.

In Central Admin Page under "Security" header "Manage the Farm Administrator Group" there add your account and test the deployment activity in visual studio.

Alternatively you can also do power shell script

$ConfigDb = Get-SPDatabase | Where-Object { $_.Name -eq "Sharepoint_Config" }
Add-SPShellAdmin -Username Murugesan\Murugesan -Database $ConfigDb.ID

3,On your Server C:\Windows\System32\drivers\etc\host file
Open this with note pad file add your site Alternate Access Map URL of your site collection
example :    

Additionally if you are working on App Model in SharePoint,I assume already you have configured your SharePoint 2013 for App Development ready,
still if you get this below error :

Error Occurred in deployment step "Install App" for SharePoint : we are sorry weren't  able to complete the operation,Please try again in few minutes.If you are seeing this error repeatedly,contact your administrator.

Then you need to give "SPDataAccess" role on the below database.