Dinusha's Blog: 2017

Saturday, December 30, 2017

VPN connectivity to SharePoint server farm in Azure using OpenVPN

Recently I wanted to have a VPN connectivity to one of my SharePoint server farms hosted in Microsoft Azure. Although Microsoft Azure provides VPN gateway options, they were not suitable to this scenario.

Following are the steps I used to configure OpenVPN server

1. Provision Ubuntu VM

2. Configure DNS name for the public IP

Select VM
Click on Public IP Address
Assign DNS address

3. Configure Inbound Security Rule

Allow UDP 1194

4. Connect to VM using PuTTY, update and upgrade

sudo su
apt-get update
apt-get upgrade

5. Install OpenVPN

Run following configuration script. You can get more information from this location
wget https://git.io/vpn -O openvpn-install.sh && sudo bash ./openvpn-install.sh

6. Configure OpenVPN

IP : Provide default local IP address
Protocol : UDP
Port : 1194
DNS : Current system resolver
Specify external IP if the server is behind NAT : the DNS address we have assigned to our public IP (in step 2)

7. Download the client.ovpn file using FileZilla

8. Download and configure VPN client (Windows)

Navigate to https://openvpn.net/index.php/open-source/downloads.html
Download the latest client version

9. Place the downloaded ovpn configuration in “C:\Program Files\OpenVPN\config” directory

10. Connect using OpenVPN GUI

Now I’m able to create a VPN connection to my SharePoint environment hosted in Azure. I can access the environment using different platforms (Linux PC, Mobile devices, etc ..) by connecting via respective OpenVPN clients

Friday, December 15, 2017

SharePoint framework– “Syntax error: Unexpected token = ” for Yeoman SharePoint Generator

When I executed “yo @microsoft/sharepoint” to generate a SharePoint extension, I got following error message

Attempt - 01

First I tried to uninstall and install SharePoint Framework Yeoman generator by executing following command

npm uninstall -g generator-@microsoft/generator-sharepoint
npm install -g @microsoft/generator-sharepoint

This could not resolve the issue

Attempt - 02

Tried uninstalling and installing both Gulp and Yeoman using following commands

npm uninstall -g gulp
npm uninstall –g yeoman
npm install -g yo gulp

Still the issue persisted

Attempt – 03 (Success!!)

Uninstall Gulp and yeoman

npm uninstall -g gulp
npm uninstall –g yeoman

Uninstall NodeJs
Install NodeJS v6.11.5
Install Gulp and Yeoman

npm install -g yo gulp

Install Yeoman generator

npm install -g @microsoft/generator-sharepoint

That’s it.

Wednesday, November 15, 2017

SharePoint Online : “2013 experience version will be used” when creating a Site Collection

Recently one of my customers asked whether we have SharePoint 2013 or 2016 in SharePoint Online. This was due to the label “2013 experience version will be used” which is visible when creating new site collections.

It’s true that the following notification is bit confusing

What is the meaning of this message?

Currently a fork of SharePoint 2016 is being used in SharePoint Online. However it uses SharePoint 2013 compatibility level to avoid any compatibility issues in site templates.

How to check the current compatibility level?

Get-SPOSite -Identity https://dinushaonline.sharepoint.com/sites/dev -detailed |fl

How to check the currently installed SharePoint version?

Navigate to a SharePoint Online site and inspect Response Headers. 16.0.0.7514 means a SharePoint 2016 implementation

Conclusion

Currently we have SharePoint 2016 in SharePoint Online with SharePoint 2013 compatibility mode to avoid compatibility issues. Microsoft will gradually upgrade to SharePoint 2016 experience near future.

Wednesday, November 1, 2017

Collab365 Conference 2017 : Join my session on Single Page Applications with SharePoint

Have you heard about the virtual Collab365 Global Conference 2017 that’s streaming online November 1st – 2nd?

Join me and 120 other speakers from around the world who will be bringing you the very latest content around SharePoint, Office 365, Flow, PowerApps, Azure, OneDrive for Business and of course the increasingly popular Microsoft Teams. The event is produced by the Collab365 Community and is entirely free to attend.

Places are limited to 5000 so be quick and register now.

During the conference I'd love you to watch my session which is called : 'Rich single page applications with SharePoint'

There are lots of ways to develop applications on top of SharePoint. You can build full trust farm solutions, SharePoint add-ins or SharePoint framework based apps. But can we do customizations without limiting to any of these frameworks? In this session, I will explain how to build and package Single Page Applications (SPA) on top of SharePoint and embrace client-side technologies. Furthermore, I will explain how to involve continuous integration and unit testing whenever possible

If you join me, you will learn:

Single Page Applications (SPA) concepts
AngularJS, SharePoint REST API
Packaging
Further improvements

Topic(s):

SharePoint

Audience :

Developer

Time (in UTC) :

Thursday, November 2 2017 2:00 PM ( 7.30PM IST)

How to attend :

Register here.
At the time listed above go here to watch my session. (you can also add me to your own personal planner from the agenda.
Be ready to take notes!

Wednesday, October 11, 2017

Create Teams under teams managed path instead of sites path

When you create a team, your SharePoint site collection will be provisioned under “sites” managed path by default.

How to create those site collections under “teams” path. It is easy.

Navigate to SharePoint Admin Center in Office365

Navigate to Settings

Do the adjustment under Site Creation section

Tuesday, September 19, 2017

Parse and fill SharePoint IIS Logs in to SQL Server database for query

This is the second part of the article series, on monitoring SharePoint with Advanced IIS Logging

By using Advanced IIS Logging we can filter our IIS logs. However logs are scattered into multiple log files which makes it difficult to query.

Following are the steps to import log files into SQL Server table

1. Use Log Parser to parse log files

Download Log Parser

2. Select required fields for Advanced IIS logs.

Remember to put User Agent as the last field as it can contain spaces

3. Create a header separate header file and store it in a place accessible to SQL Server

4. Write a stored procedure to capture parsed log entries

SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO

CREATE PROCEDURE SP_AdvancedLogs

AS
BEGIN
     DECLARE @CMD nvarchar(512)
     ,@Result int = 0
     SET @CMD = '"G:\Tools\LogParser2.2\LogParser.exe -i:TSV -iSeparator:space -headerRow:OFF -nSkipLines:4 -iHeaderFile:"F:\LPS\IISADVHeader.txt" -createtable:ON -o:SQL -oConnString:"Driver=SQL Server;Server=Localhost;Database=Audit_Logs;Trusted_Connection=yes" "SELECT * INTO SP_Logs FROM ''\\SP_FARM\Logs\IIS\AdvancedLogs\HOME\*.log'' where RowNumber > 5 AND c-Ip <> ''10.10.10.11'' AND cs-Username is not null AND cs-Username NOT IN (''0#.w|DOMAIN\USER'')"'

    EXEC @Result = MASTER..xp_cmdshell   @CMD
END
GO

5. Configure the Stored Procedure to execute periodically

Table will be filled after the stored procedure is executed

(You might need to drop existing log table or retrieve the delta as per your requirement)

Tuesday, September 12, 2017

Monitor SharePoint farm with Advanced IIS Logging

There are so many options when it comes to SharePoint monitoring. ULS logs and IIS logs are some examples.

ULS logs are generated from different components of SharePoint. These logs are very helpful when troubleshooting. We can use tools like ULSViewer to make our lives easier.

On the other hand IIS logs capture all information relevant requests made to our SharePoint server. But it is very difficult to mine relevant information.

What if I want do some filtering before the logging, rather than capturing all requests. Otherwise my logs will eventually fill my storage space. Unfortunately this is not possible directly with IIS logging.

That’s where Advanced IIS Logging comes in to the picture.

Let me summarize my requirement

I don’t need to log requests coming from 10.10.10.10 server
I want to apply the filter only to my SharePoint web application
Other IIS web applications should use normal IIS Logging

Following are the steps to fulfill my requirement

1. Download Advanced IIS Logging and install

Download from this location : https://www.iis.net/downloads/microsoft/advanced-logging

2. Disable Advanced IIS Logging at root level

3. Navigate to SharePoint application and enable Advanced IIS Logging

4. Disable IIS Logging for SharePoint web application

5. Apply the filter at Advanced IIS Logging

6. Verify whether the filter is applied

Wednesday, August 16, 2017

Collab365 conference : “Rich single page applications with SharePoint”

It feels great to be selected yet another time to speak at Collab365 conference. This time I will be talking about how to build single page applications with SharePoint.

In this session I will explain how to build and package Single Page Applications (SPA) on top of SharePoint and embrace client side technologies

Following are some links for the event

Event website
Speakers line up
Tentative agenda

Friday, August 4, 2017

Integrate SharePoint Framework solution in to TFS project

This is the second part of the article series on how to manage SharePoint Framework solution in a team environment

Configure SharePoint Framework solution with Git
Integrate SharePoint Framework solution in to TFS project
Automate build and release for SharePoint Framework solution

In this article I will show how to integrate our SharePoint Framework solution in to a TFS project.

Why do we need a separate TFS project? Can’t we manage all within our Git repository?

Following are key benefits

We will get a bunch of project management features like team management, task management, etc.
Allow the project to be inline with a specific methodology (e.g Agile).
Assist build and release management

Following is a walkthrough on how to integrate our Git repository into a TFS Online project

1. Create a project in TFS online

2. Import our Git repository

Friday, July 28, 2017

Create IKEV1/V2 site-to-site VPN between Microsoft Azure and external networks using a StrongSwan VM

Microsoft Azure is a great place to host our IaaS workloads. We can create a complete setup using Azure IaaS features including but not limited to Virtual Machines, Virtual Networks, Gateways, etc..

It’s often a requirement to connect external networks to our Azure virtual network. Azure itself provides a great feature called Virtual Network Gateway which can be utilized to build Site-to-Site VPN connectivity with external network.

However, Azure Virtual Network Gateways still have some compatibility issues and other limitations. Some issues are as below

Some routes are still not supported.
We can use either IKEV1 or IKEV2 for a subnet but not both (either policy based or route based. but not both).

We don’t know, by the time you read this article, those issues may have fixed.

In my Azure environment, I have a SharePoint 2013 farm. I need to allow users from the external network to use my SharePoint farm by creating a trust between two environment. In order to perform that task I need a reliable Site-to-Site connection.

In this article I’ll show a reliable mechanism to create Site-to-Site VPN using a Ubuntu Linux VM and StrongSwan.

Following are the steps to be done at Azure environment

Prerequisites

Create Ubuntu 14.04 VM in Microsoft Azure environment
Public IP is available
IP can be forwarded
UDP ports 500 and 4500 is open

Steps

Create Ubuntu VM and connect to it using SSH client like PuTTy

sudo su
sudo apt-get update

Install OpenSSH server

sudo apt-get install openssh-server

Enable IP forwarding

echo "1" | sudo tee /proc/sys/net/ipv4/ip_forward

Navigate to /etc/iptables.rules and add following section

*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A PREROUTING -s 10.0.0.0/16 -j ACCEPT
-A POSTROUTING -d 10.0.0.0/16 -j ACCEPT
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT

Install StrongSwan and Update

sudo apt-get install strongswan
sudo apt-get upgrade strongswan

Navigate to /etc/ipsec.secrets and add following line. We will create the connection using Pre Shared Key (PSK) to create the VPN. We should create a matching entry in our client VPN device too.

Z.Z.Z.Z Y.Y.Y.Y : PSK "Password"

Add configurations for each Subnet as below. In this sample I have shown how to build a IKEV1 connection.

conn Client1
        authby=secret
        type=tunnel
        leftsendcert=never
        leftid=Z.Z.Z.Z
        left=10.0.4.4
        leftfirewall=yes
        leftsubnet=10.0.4.0/24
        rightid=Y.Y.Y.Y
        right=Y.Y.Y.Y
        rightsubnet=X.X.X.X/24
        keyexchange=ikev1
        rekeymargin=120s
        ikelifetime=3600s
        keylife=3600s
        ike=3des-sha1-modp1024!
        esp=3des-sha1!
        compress=no
        keyingtries=3
        reauth=no
        rekey=yes
        modeconfig=push
        auto=route

Building IKEV2 connection is also similar.

Create a user defined route in Azure

Start the VPN

ipsec update
ipsec secrets
ipsec restart

Following are the steps to be performed at client router

Create VPN Policy

Create VPN Connection

After completing above steps I’m able to establish a connection between my Azure environment and client network.

By using StrongSwan I can create multiple IKEV1 and IKEV2 connections to my Azure network seamlessly

Wednesday, July 19, 2017

Configure SharePoint Framework solution with Git

The most popular code editor to build SharePoint Framework solutions is Visual Studio Code. But software developers who are used to Visual Studio might find it bit challenging at times.

How can we use SPFx solutions in a team environment?

This problem was raised in a recent meetup and I thought of writing a walk through

This article is the first of an article series