Thursday, January 9, 2014

SharePoint, CCleaner and IE10 – be nice!

So, funny story…

During update of our SharePoint 2013 QA machine, as a routine before saving a template I run CCleaner to cleanup the disk after installing updates and what not.

Got a strange report from my QA: using IE10 from the server can load the site, but any menu they try to use (such as the site settings) give out this error:

clip_image002

(An error has occurred with the date fetch. Please refresh the page and try again).

So, refreshing, closing and reopening the browser, clearing cache, even resetting IE to factory settings – nothing worked!

Other browsers worked just fine, as well as IE from another machine.

Opening JS debugger pointed me to window.localStorage that caused this error, and as I didn’t want to disable it I found that clearing the browser cache is the right solution, only I didn’t do it properly…

image

Notice the first checkbox “Preserve Favorites website data” that is checked by default?

Well, the SharePoint site I was working with is set as a trusted site and my guess is that clearing the cache with this setting on skipped it.

Once I cleared this checkbox and deleted my cache everything went back to normal.

Just to be sure, I run CCleaner again – sure enough the problem immediately occurred.

Running clear cache again – fixed it immediately.

So, there you have it… good luck

Wednesday, January 8, 2014

Update certificate on SharePoint 2010

I recently needed to update the certificate issued by our ADFS server on our dev/QA SharePoint 2010.

I found few posts online with good pointers, but not one of them solved my issue, so I came to compile a list of actions I did to fix the certificate and make it work.

I cannot say if some steps are not needed or wrong, but this is what I did exactly on 2 environments and worked on both, step by step:

On ADFS server

Run PowerShell

Add-PSSnapin Microsoft.Adfs.PowerShell
set-adfsproperties -CertificateDuration 730
update-adfscertificate -CertificateType: Token-Signing -Urgent:$True
update-adfscertificate -CertificateType: Token-Decrypting -Urgent:$True

Open ADFS management

export both signing and decrypting certificate to .cer file
copy the cer files to your SharePoint 2010 machine

 

On SharePoint

Windows Explorer

Install both certificates in trusted root by right clicking on them –> install certificate. Choose location “trusted root authority”

 

Run PowerShell

(I used signing certificate in power shell):
$cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2("c:\test\adfs-signing.cer")
Get-SPTrustedRootAuthority
-- copy the id at the end of the printout, replace it in the following command:
Set-SPTrustedRootAuthority -Identity "[id]" -Certificate $cert
Get-SPTrustedIdentityTokenIssuer
-- copy the name at the end of the printout, place it in the following command:
Set-SPTrustedIdentityTokenIssuer "[Name]" -ImportTrustCertificate $cert

On central admin

Go to security, manage trust
Update 2 certificates there (click on them, click edit, upload the new .cer files)
Delete "local" and recreate it in power shell:

Run PowerShell

$rootCert = (Get-SPCertificateAuthority).RootCertificate
New-SPTrustedRootAuthority -Name "localNew" -Certificate $rootCert

Complete, verify

Run IISRESET – very important!

Pray, finger crossed, tell your wife you love her and make sure no one in the world is angry at you

Open browser and try to login to your HTTPs site using ADFS and if you did everything right it should work.

Like I said, it was working for me on our dev/QA environments, so I am not asking questions – if you have comments on something I should/could have done different, feel free to leave a comment.

Good luck.