Migrating into a Hybrid SharePoint on premise and SharePoint Online
We currently have a SharePoint 2007 farm and are migrating to SharePoint 2013 on premise + SharePoint Online hybrid. FYI we are using AvePoint DocAve for this.
We are trying to get as much contents as possible into SharePoint Online and only keep the highly complex sites (eg, sites with complex workflows, custom web parts, full-trust infopath forms, email-enabled libraries) in SharePoint 2013 on-premise.
So the requirement is to 'split' a site collection in the source and move a portion of it to SharePoint Online, and the complex portion to SharePoint 2013 On-premise. For sizing guidance, the site collection I'm looking
at contains 400 subsites that is nested up to 4 levels deep.
Level 0 is the root site, Level 1 sites are the direct subsites of root site, Level 2 sites are direct subsites of Level 1 sites, and so on until Level 4 sites. We have conducted an analysis of these subsites individually and know whether they can go to
SPO or there are complexities that dictate they have to live in the On-premise world.
So question here is what is the best and recommended way to split this site collection and push as many sites as possible to SPO.
Hi,
From your description, you would like to move subsites to another server and to be remained as subsites of original site, so that users will still have the same use experience as before. They will not feel the change for the migration. If
I misunderstood, please point it out.
Actually, site collection could not be splited to two locations. For your requirement, here is a workaround:
Move those sites to SPO as you expect.
Create a site collection on on-premise server in the place of Lv0.
Move the rest two site to step 2 site collection as two subsites.
Modify the navigation on both SPO and on-premise, make it appear to be as the old one. Create links to the sites on another server.
Regards,
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
[email protected]
Rebecca Tu
TechNet Community Support
Similar Messages
-
Difference between Sharepoint 2007 ,sharepoint server 2010 and sharepoint 2013
Difference between Sharepoint 2007 ,sharepoint server 2010 and sharepoint 2013
SaidireddyHi
your little question, could have a big big answer, or answers ;)
To complete your question, ai will try
Difference between Sharepoint 2007 ,sharepoint server 2010 and sharepoint 2013 and Office 365
Isn't a simply an unique answer and deppends on your need , business needs, and you infrastructure. Depends also which type ( Foundation ( which is free ), Standard/ Enterprise )
Depends on you to read, learn and ask , punctually about one issue/problem/request
I recommend you to bing the net
http://www.bing.com/search?q=sharepoint+2007+vs+2010+vs+2013&pc=MOZI&form=MOZSBR
Romeo Donca, Orange Romania (MCSE, MCITP, CCNA) Please Mark As Answer if my post solves your problem or Vote As Helpful if the post has been helpful for you. -
Hi,
I have built a vacation leave holiday system for SharePoint Foundation 2010 using SharePoint Designer workflows and Javascript. Everything works perfectly but I'm struggling to design a solution for users to specify half day requests that span over dates
greater than 1 day, i.e. my half day solution works but only when the start and end date are the same. How would I change the user interface to allow users to choose which day they want the half day to be requested when the vacation leave holiday request is
from, say, 6th - 10th Jan 2014?
Thanks.Hi ,
I have a test on my machine with a custom approval workflow and it can work normally .Here are the detailed steps :
1.
Open the site in SharePoint Designer .Create a workflow to associate with the document library .Set the workflow to start when an item is created and when an item is changed
.Also allow the workflow to start manually .
2.
Choose ‘Collect Data from a user’ .
3.
Click on the data and give a name to the Task created .
4.
Define the custom form field name as ‘Approve ?’ .Set the information type as Choice .
5.
Set the choices as ‘Approve’ and ’Reject’ .Display as Checkboxes .Uncheck the ‘Allow fill-in values’ and ‘Allow blank values’
.Click finish to save .
6.
Click on users and add the users who will approve the documents .
7.
Keep the output to variable as collect .
8.
Add a new step .Choose ‘If any value equals value ’ .Set the any value ‘Data source’ as workflow variables and parameters .Set the ‘Field
from source’ as Variable: collect .
9.
Set the value behind ‘equals ’ as ‘Approve’ .
10.
Add a new action ‘Update list item ’ .Set the item as current item .Add the field Approval status as Approved .
11.
Add an Else-if branch to update the Approval status as Rejected .
12.
Publish the workflow and test in your site .
Thanks,
Entan Ming -
Sharepoint 2010 comsumer and Sharepoint 2013 is the provider
The client has sharepoint 2010 as the consumer and 2013 as the provider for the service application "User profile service application"
When the client clicks on My profile and tries to change his picture we get an error mesage, when the logs were reviewed we see the below message
Timestamp Process TID Area Category EventID Level Message Correlation 09/05/2014 10:17:46.17 w3wp.exe (XYZXYZXYZ:0x26E0) 0x5DEC SharePoint Foundation Logging Correlation Data xmnv Medium Name=Request (GET:http://xxxxx/_layouts/SelectPicture2.aspx?Type=User&accountname=yyyyy&IsDlg=1)
9f43fafd-1f9d-436b-9100-bbe66ed75e72 09/05/2014 10:17:46.18 w3wp.exe (XYZXYZXYZ:0x26E0) 0x5DEC SharePoint Foundation Logging Correlation Data xmnv Medium Site=/ 9f43fafd-1f9d-436b-9100-bbe66ed75e72 09/05/2014 10:17:46.20 w3wp.exe (XYZXYZXYZ:0x26E0) 0x5DEC
SharePoint Portal Server Runtime 7pm5 High Url Path: "/_layouts/SelectPicture2.aspx" 9f43fafd-1f9d-436b-9100-bbe66ed75e72 09/05/2014 10:17:46.21 w3wp.exe (XYZXYZXYZ:0x26E0) 0x5DEC SharePoint Portal Server Runtime 7pma Exception Unhandled exception
caught during execution of Microsoft.SharePoint.Portal.PageBase::ErrorHandler(). Exception information: Exception information: System.IO.FileNotFoundException: The Web application at http://my-sites/ could not be found. Verify that you have typed the URL correctly.
If the URL should be serving existing content, the system administrator may need to add a new request URL mapping to the intended application. at Microsoft.SharePoint.SPSite..ctor(SPFarm farm, Uri requestUri, Boolean contextSite, SPUserToken userToken) at
Microsoft.SharePoint.SPSite..ctor(String requestUrl) at Microsoft.SharePoint.Portal.WebControls.ProfileImagePicker.LoadPictureLibrary() at Microsoft.SharePoint.Portal.WebControls.ProfileImagePicker.<onload>b__0() at Microsoft.SharePoi... 9f43fafd-1f9d-436b-9100-bbe66ed75e72
09/05/2014 10:17:46.21* w3wp.exe (XYZXYZXYZ:0x26E0) 0x5DEC SharePoint Portal Server Runtime 7pma Exception ...nt.SPSecurity.<>c__DisplayClass4.<runwithelevatedprivileges>b__2() at Microsoft.SharePoint.Utilities.SecurityContext.RunAsProcess(CodeToRunElevated
secureCode) at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(WaitCallback secureCode, Object param) at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(CodeToRunElevated secureCode) at Microsoft.SharePoint.Portal.WebControls.ProfileImagePicker.OnLoad(EventArgs
ea) at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Page.ProcessRequestMain(Boolean
includeStagesBeforeAsyncPoi... 9f43fafd-1f9d-436b-9100-bbe66ed75e72 09/05/2014 10:17:46.21* w3wp.exe (XYZXYZXYZ:0x26E0) 0x5DEC SharePoint Portal Server Runtime 7pma Exception ...nt, Boolean includeStagesAfterAsyncPoint) System.IO.FileNotFoundException: The
Web application at http://my-sites/ could not be found. Verify that you have typed the URL correctly. If the URL should be serving existing content, the system administrator may need to add a new request URL mapping to the intended application. at Microsoft.SharePoint.SPSite..ctor(SPFarm
farm, Uri requestUri, Boolean contextSite, SPUserToken userToken) at Microsoft.SharePoint.SPSite..ctor(String requestUrl) at Microsoft.SharePoint.Portal.WebControls.ProfileImagePicker.LoadPictureLibrary() at Microsoft.SharePoint.Portal.WebControls.ProfileImagePicker.<onload>b__0()
at Microsoft.SharePoint.SPSecurity.<>c__DisplayClass4.<runwithelevatedprivileges>b__2() at Microsoft.SharePoint.Utilities.... 9f43fafd-1f9d-436b-9100-bbe66ed75e72 09/05/2014 10:17:46.21* w3wp.exe (XYZXYZXYZ:0x26E0) 0x5DEC SharePoint Portal Server
Runtime 7pma Exception ...SecurityContext.RunAsProcess(CodeToRunElevated secureCode) at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(WaitCallback secureCode, Object param) at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(CodeToRunElevated
secureCode) at Microsoft.SharePoint.Portal.WebControls.ProfileImagePicker.OnLoad(EventArgs ea) at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) 9f43fafd-1f9d-436b-9100-bbe66ed75e72 09/05/2014 10:17:46.21
w3wp.exe (XYZXYZXYZ:0x26E0) 0x5DEC SharePoint Server Unified Logging Service c91s Monitorable Watson bucket parameters: SharePoint Server 2010, ULSException14, 06d8f9f3 "sharepoint portal server", 0e00178d "14.0.6029.0", 1f65804a "microsoft.sharepoint",
0e0017f9 "14.0.6137.0", 5136df43 "wed mar 06 00:16:35 2013", 000057b4 "000057b4", 00000077 "00000077", 4d150129 "filenotfoundexception", 37706d61 "7pma" 9f43fafd-1f9d-436b-9100-bbe66ed75e72 09/05/2014
10:17:46.21 w3wp.exe (XYZXYZXYZ:0x26E0) 0x5DEC SharePoint Foundation Runtime tkau Unexpected System.IO.FileNotFoundException: The Web application at http://my-sites/ could not be found. Verify that you have typed the URL correctly. If the URL should be serving
existing content, the system administrator may need to add a new request URL mapping to the intended application. at Microsoft.SharePoint.SPSite..ctor(SPFarm farm, Uri requestUri, Boolean contextSite, SPUserToken userToken) at Microsoft.SharePoint.SPSite..ctor(String
requestUrl) at Microsoft.SharePoint.Portal.WebControls.ProfileImagePicker.LoadPictureLibrary() at Microsoft.SharePoint.Portal.WebControls.ProfileImagePicker.<onload>b__0() at Microsoft.SharePoint.SPSecurity.<>c__DisplayClass4.<runwithelevatedprivileges>b__2()
at Microsoft.SharePoint.Utilities.SecurityContext.RunAsProcess(CodeToRunEleva... 9f43fafd-1f9d-436b-9100-bbe66ed75e72 09/05/2014 10:17:46.21* w3wp.exe (XYZXYZXYZ:0x26E0) 0x5DEC SharePoint Foundation Runtime tkau Unexpected ...ted secureCode) at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(WaitCallback
secureCode, Object param) at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(CodeToRunElevated secureCode) at Microsoft.SharePoint.Portal.WebControls.ProfileImagePicker.OnLoad(EventArgs ea) at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
9f43fafd-1f9d-436b-9100-bbe66ed75e72 09/05/2014 10:17:46.21 w3wp.exe (XYZXYZXYZ:0x26E0) 0x5DEC SharePoint Foundation Monitoring b4ly Medium Leaving Monitored Scope (Request (GET:http://xxxxx/_layouts/SelectPicture2.aspx?Type=User&accountname=yyyyy&IsDlg=1)).
Execution Time=50.9131783692527 9f43fafd-1f9d-436b-9100-bbe66ed75e72 </runwithelevatedprivileges></onload></runwithelevatedprivileges></onload></runwithelevatedprivileges></onload>
Checked the Alternative access mapping on the provider server and it looks good.
what would cause this to happne and how can this be resolved
SatyamCameron,
Thanks for taking the time to reply.
Actually, it may not be related to compatibility. Let me explain in detail (As below)
Client has 2 different environments SharePoint 2010 and SharePoint 2013.
On SharePoint 2010 they have the web application-Site collections, however for My sites they use SharePoint 2013, where the trust (Root certificate and the STS ) was shared... Making the SP2010
as the consumer and SP 2013 as the provider.
When a user from SharePoint 2010, click on my profile the user is then taken to this page "edituserprofile.aspx"
which still has the look and feel of sharepoint 2010, and under pictures when we choose the button "Choose Picture" we get the error message with the corelation ID, when checked the ULS logs we get the message (Mentioned in the first post and is
also mentioned below)
"Exception Unhandled exception caught during execution of Microsoft.SharePoint.Portal.PageBase::ErrorHandler().
Exception information: Exception information: System.IO.FileNotFoundException: The Web application at http://my-sites/ could not be found. Verify that you have typed the URL correctly. If the URL should be serving existing content, the system administrator
may need to add a new request URL mapping to the intended application. "
I have checked the AAM and it looks good.
When the user clicks on my profile on SP2010 environment , the user must be diverted to the sp2013 environment to update his information...correct ?
Satyam.. -
Exchange 2013 Office 365 Hybrid Cloud On-Premise Outlook Connection Problem
Hi Everyone,
We are required to migrate FROM the cloud TO an on-premise Exchange 2013 server. We set up a trial of Office365 and linked our test domain to that account. The test domain mimics our current domain, but ends in .net instead of .org.
We set up a test Exchange 2013 server with a few database servers. Internally, we can connect without issue (Outlook). We mapped our test CAS to face the Internet, and can access what we need without issue. We also set up the Hybrid
configuration on both the Exchange 2013 and Office365 servers. We have validated that DirSync works, and migration can occur up to the cloud and back down to the on-premise server.
Now, here is the issue:
We have our DNS records still pointing to Office365, so when we add an Office365 mailbox to Outlook (internal to the network or outside the network) we see absolutely no issues. We migrated a mailbox today to our on-premise server, but upon doing so,
can no longer connect to, or add, that mailbox to Outlook. When we put this integration in to effect for production, we want to be able to migrate mailboxes on-premise from the cloud, and we want to make sure users can still access their mailboxes. This
also goes for distribution groups, conference rooms, etc.
I see that most suggestions say to change your DNS record to point to the on-premise Exchange server, which is great, but after doing so Office365 accounts experience the same issue as above. We NEED to make sure that when we batch migrate, the users
DO NOT lose connectivity to their accounts. We need both Office365 accounts and Exchange on-premise accounts are accessible internally and externally. As an extra tid-bit, we HAVE configured Outlook Anywhere on Exchange 2013, but see no difference.
Any thoughts on this? Office365 and Exchange 2013 see eachother and recognize that the hybrid environment is set up good, but it appears we are missing some configurations. Currently, we have a CNAME record points our autodiscover to autodiscover.outlook.com.
Any help would be MUCH appreciated. Thanks!
DanHi,
Here is an article on Move mailboxes between on-premises and Exchange Online organizations in 2013 hybrid deployments, for your reference:
http://technet.microsoft.com/en-us/library/jj906432(v=exchg.150).aspx
I want to make sure OWA works well with the moved mailbox.
To use CNAME based autodiscover method, we need to have all domain names present in a SAN certificate.
With Exchange 2013 CU1, we now have the option of adding multiple SMTP domains to Exchange Federation/Hybrid configuration and we can specify which of these domains should act the "autodiscover" domain.
To configure an SMTP domain as the autodiscover domain, you can run following command:
Set-HybridConfiguration -Domains "domain1.com, domain2.com, domain3.com", "autod:domain.com"
More details, please refer following blogs:
http://www.msexchange.org/articles-tutorials/office-365/exchange-online/configuring-exchange-2013-hybrid-deployment-and-migrating-office-365-exchange-online-part11.html
http://www.msexchange.org/articles-tutorials/office-365/exchange-online/configuring-exchange-2013-hybrid-deployment-and-migrating-office-365-exchange-online-part12.html
Disclaimer:
Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make sure
that you completely understand the risk before retrieving any suggestions from the above links.
Thanks
Mavis Huang
TechNet Community Support -
Cannot share documents between On-Premises and Online Users by email invitation
We have a hybrid setup, no problems with email communications between on-premises and Microsoft Online users. We have also activated online Onedrive/sharepoint to start testing. One interesting thing is that users Online can share their documents by inviting
users who are on Microsoft Online, On-premises and outside this two systems. But the problem is with the users who are on-premises cannot share their documents by email invitation with the other users who are also on-premises, they can share the documents
with the users who are online only. When they try to share documents by email invitation they get error messages it their emailboxes saying that;
A communication failure occurred during the delivery of this message. Please try resending the message later. If the problem continues, contact your helpdesk.
Generating server: SMT947322-001.YLO001.MSOPRD.MSFT.NET
#< #5.5.0 smtp;550 Denied by policy> #SMTP#
It seems some kind of relay should be granted on my CAS servers or something like that but I am not sure of what should be added. I am just stuck as to what next step and where to start looking for the problem
Exchange 2010/2013 with Microsoft Online Office 365 HybridNo, just wanted to share documents using the invitation by mail in sharepoint/onedrive. We can share the documents normally without the email notification. Sorry to mention that even the users who are Online cannot share documents in sharepoint/onedrive
between themselves, so not between user on-premises and online users. For example a user selects a document in the library, click share and tick on by email, just gets an error
"#< #5.5.0 smtp;550 Denied by policy> #" , No RMS enabled yet.
Hi,
Sorry for my delay.
According to your further posting, the sending Denied cause is No RMS enabled yet. If that is the case, please activate Azure Rights Management (RMS) to check whether the issue persits.
When you activate Azure Rights Management (RMS), you turn on this feature for all rights-enabled services and applications. You must activate Rights Management before you can begin to use the information rights management (IRM) features within Office, SharePoint,
and Exchange. For details about how to activate RMS, please refer to:
http://technet.microsoft.com/en-us/library/jj658941.aspx
Regards,
Winnie Liang
TechNet Community Support -
The client has his AD and Exchange 2010 on premise and would like to integrate with Office 365 SharePoint.
I know it is possible to integrate SharePoint On premise to Exchange Online but how possible and what is required to create it in the opposite way while using AD and Exchange On Premise to SharePoint Office 365?
Thanks!This is not possible. The only integration point for SharePoint Online is Exchange Online.
Trevor Seward
Follow or contact me at...
  
This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs. -
Office iPad and Sharepoint.
Hello,
I downloaded office for iPad and I am trying to connect to our SharePoint site and I am getting the following error:
Cannot Connect to SharePoint: This SharePoint Site is an Unsupported Version.
Can someone tell me what we need to do to get this to work?Hi,
I have a simple test to connect to SharePoint 2010 on premises and SharePoint 2013 on premises from
internal network. It works well to download excel files and open it on iPad. It should be possible to connect SharePoint Online an SharePoint on premises sites via Office for iPad.
http://www.clearbox.co.uk/connecting-office-for-ipad-to-sharepoint/
Is the iPad connected to internal network? Can you please paste a screenshot of the error?
the site on port 2013 is SharePoint 2013 sites while the site on port 2010 is SharePoint 2010)
Miles LI TechNet Community Support -
MasterPages and SharePoint foundation 2013
Hi
I have created a web application in SharePoint Foundation 2013. I also have created multiple subsite.
I want to change the visual (branding) of the website (and all subsites).
I have created a custom masterpage and wanted to set it as the default master page. But when I do that, everything is now set with that custom masterpage (even the site setting pages, the viewlsts.aspx, settings.aspx).
Is there a way to bind masterpages only with the content pages of my website ?
Any links for info about that ?
Thanks
Richard Martin Web Developer / BI DeveloperHi marric01,
All of the site setting pages, the viewlsts.aspx and settings.aspx is the application page. An application page is an ASP.NET Web page that is designed for
use in a SharePoint Web site. Application pages are stored on the file system of the front-end Web server in the %ProgramFiles%\Common Files\Microsoft Shared\web server extensions\14\TEMPLATE\LAYOUTS directory and exist for every site in a Web application.
This folder is mapped to an Internet Information Services (IIS) virtual directory called _layouts. Every site and subsite will have access to the application pages by using the _layouts virtual directory.
The scenario you have seen is what SharePoint will do when set the master page through Site Settings->Master page. All the pages on the site will apply this master page.
The settings.aspx, viewlsts.aspx and upload.aspx. etc. are application pages, the difference between application page and content page is that: application page store in server 15/Template/Layouts folder, all applications in the SharePoint farm use the same
application page, while content page store in content database, each site use a unique page of them, you can update the page content in different site as you like.
SharePoint by default doesn’t provide a method to set different master page for application pages, and this is not recommended, even if you can change this through update the page directly in the layouts folder, whenever you change it, it will affect the whole
SharePoint farm, on all web applications.
If you really need to this, I would suggest you to custom the ribbon button to direct to your custom specific application page like settings page. The concern by doing this is the default settings page is still available, and if users access the page by typing
the url directly, he will see the default settings page.
Reference:
http://msdn.microsoft.com/en-us/library/aa979592.aspx
Thanks,
Eric
Forum Support
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support,
contact [email protected].
Eric Tao
TechNet Community Support
Hi,
Thanks for the information. While waiting for help with this forum, I was playing with SharePoint Foundation 2013 and SharePoint designer 2013. I saw that I can bind custom masterpage for each page that I create.
(Style => Attach => Custom masterpage)
I also managed to bind subsite pages to that same custom masterpage.
Is this a good way to customize the look and feel of my SharePoint foundation 2013 website (We are building a small intranet for about 100 person).
Users are only gona be able to modify content inside the pages. We are (IT dept) the only one that can modify structure, add new pages and modify the look for the website.
Thanks again !
Richard
Richard Martin Web Developer / BI Developer -
Encrypt communication between SharePoint Web App and SSRS
Hi
I have SharePoint 2010 in multi server farm. The SharePoint web app has SSL enabled. The Reporting Server (SSRS) is http URL.
So when the Report Viewer web part is used, the communication between SharePoint web server and SharePoint Reporting Server is unsecured. The existing SSL has hard coded hostnames and for business reasons we prefer not to modify it.
Does anyone know how can I make that communication secured? Do I need to apply new SSL for SP Reporting Services? Is there any other option?This should get you off and running on SSL
http://technet.microsoft.com/en-us/library/ms345223(SQL.100).aspx
and if you haven't go SQL on SSL - ->
http://technet.microsoft.com/en-us/library/ms189067(v=sql.100).aspx
Stacy Anothersharepointblog.blogspot.com -
Hi,
I want to setup an outpund hybrid search for SharePoint 2013 on-premise to SharePoint Online.
But I'm not shure if this works with ADFS SSO.
Has somebody experience with this setup?
Here's my guide which I'm going to use for this installation:
Introduction
In this post I'll show you how to get search results from your SharePoint Online in your SharePoint 2013 on-premise search center.
Requirements
User synchronisation ActiveDirectory to Office 365 with DirSync
DirSync password sync or ADFS SSO
SharePoint Online
SharePoint 2013 on-premise
Enterprise Search service
SharePoint Online Management Shell
Instructions
All configuration will be done either in the Search Administration of the Central Administration or in the PowerShell console of your on-premise SharePoint 2013 server.
Set up Sever to Server Trust
Export certificates
To create a server to server trust we need two certificates.
[certificate name].pfx: In order to replace the STS certificate, the certificate is needed in Personal Information Exchange (PFX) format including the private key.
[certificate name].cer: In order to set up a trust with Office 365 and Windows Azure ACS, the certificate is needed in CER Base64 format.
First launch the Internet Information Services (IIS) Manager
Select your SharePoint web server and double-click Server Certificates
In the Actions pane, click Create Self-Signed Certificate
Enter a name for the certificate and save it with OK
To export the new certificate in the Pfx format select it and click Export in the Actions pane
Fill the fields and click OK Export to: C:\[certificate
name].pfx Password: [password]
Also we need to export the certificate in the CER Base64 format. For that purpose make a right-click on the certificate select it and click on View...
Click the Details tab and then click Copy to File
On the Welcome to the Certificate Export Wizard page, click Next
On the Export Private Key page, click Next
On the Export File Format page, click Base-64 encoded X.509 (.CER), and then click Next.
As file name enter C:\[certificate
name].cer and then click Next
Finish the export
Import the new STS (SharePoint Token Service) certificate
Let's update the certificate on the STS. Configure and run the PowerShell script below on your SharePoint server.
if(-not (Get-PSSnapin "Microsoft.SharePoint.PowerShell" -ErrorAction SilentlyContinue)){Add-PSSnapin "Microsoft.SharePoint.PowerShell"}
# set the cerficates paths and password
$PfxCertPath = "c:\[certificate name].pfx"
$PfxCertPassword = "[password]"
$X64CertPath = "c:\[certificate name].cer"
# get the encrypted pfx certificate object
$PfxCert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 $PfxCertPath, $PfxCertPassword, 20
# import it
Set-SPSecurityTokenServiceConfig -ImportSigningCertificate $PfxCert
Type Yes when prompted with the following message.
You are about to change the signing certificate for the Security Token Service. Changing the certificate to an invalid, inaccessible or non-existent certificate will cause your SharePoint installation to stop functioning. Refer
to the following article for instructions on how to change this certificate: http://go.microsoft.com/fwlink/?LinkID=178475. Are you
sure, you want to continue?
Restart IIS so STS picks up the new certificate.
& iisreset
& net stop SPTimerV4
& net start SPTimerV4
Now validate the certificate replacement by running several PowerShell commands and compare their outputs.
# set the cerficates paths and password
$PfxCertPath = "c:\[certificate name].pfx"
$PfxCertPassword = "[password]"
# get the encrypted pfx certificate object
New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 $PfxCertPath, $PfxCertPassword, 20
# compare the output above with this output
(Get-SPSecurityTokenServiceConfig).LocalLoginProvider.SigningCertificate
[/code]
## Establish the server to server trust
[code lang="ps"]
if(-not (Get-PSSnapin "Microsoft.SharePoint.PowerShell" -ErrorAction SilentlyContinue)){Add-PSSnapin "Microsoft.SharePoint.PowerShell"}
Import-Module MSOnline
Import-Module MSOnlineExtended
# set the cerficates paths and password
$PfxCertPath = "c:\[certificate name].pfx"
$PfxCertPassword = "[password]"
$X64CertPath = "c:\[certificate name].cer"
# set the onpremise domain that you added to Office 365
$SPCN = "sharepoint.domain.com"
# your onpremise SharePoint site url
$SPSite="http://sharepoint"
# don't change this value
$SPOAppID="00000003-0000-0ff1-ce00-000000000000"
# get the encrypted pfx certificate object
$PfxCert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 $PfxCertPath, $PfxCertPassword, 20
# get the raw data
$PfxCertBin = $PfxCert.GetRawCertData()
# create a new certificate object
$X64Cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2
# import the base 64 encoded certificate
$X64Cert.Import($X64CertPath)
# get the raw data
$X64CertBin = $X64Cert.GetRawCertData()
# save base 64 string in variable
$CredValue = [System.Convert]::ToBase64String($X64CertBin)
# connect to office 3656
Connect-MsolService
# register the on-premise STS as service principal in Office 365
# add a new service principal
New-MsolServicePrincipalCredential -AppPrincipalId $SPOAppID -Type asymmetric -Usage Verify -Value $CredValue
$MsolServicePrincipal = Get-MsolServicePrincipal -AppPrincipalId $SPOAppID
$SPServicePrincipalNames = $MsolServicePrincipal.ServicePrincipalNames
$SPServicePrincipalNames.Add("$SPOAppID/$SPCN")
Set-MsolServicePrincipal -AppPrincipalId $SPOAppID -ServicePrincipalNames $SPServicePrincipalNames
# get the online name identifier
$MsolCompanyInformationID = (Get-MsolCompanyInformation).ObjectID
$MsolServicePrincipalID = (Get-MsolServicePrincipal -ServicePrincipalName $SPOAppID).ObjectID
$MsolNameIdentifier = "$MsolServicePrincipalID@$MsolCompanyInformationID"
# establish the trust from on-premise with ACS (Azure Control Service)
# add a new authenticatio realm
$SPSite = Get-SPSite $SPSite
$SPAppPrincipal = Register-SPAppPrincipal -site $SPSite.rootweb -nameIdentifier $MsolNameIdentifier -displayName "SharePoint Online"
Set-SPAuthenticationRealm -realm $MsolServicePrincipalID
# register the ACS application proxy and token issuer
New-SPAzureAccessControlServiceApplicationProxy -Name "ACS" -MetadataServiceEndpointUri "https://accounts.accesscontrol.windows.net/metadata/json/1/" -DefaultProxyGroup
New-SPTrustedSecurityTokenIssuer -MetadataEndpoint "https://accounts.accesscontrol.windows.net/metadata/json/1/" -IsTrustBroker -Name "ACS"
Add a new result source
To get search results from SharePoint Online we have to add a new result source. Run the following script in a PowerShell ISE session on your SharePoint 2013 on-premise server. Don't forget to update the settings region
if(-not (Get-PSSnapin "Microsoft.SharePoint.PowerShell" -ErrorAction SilentlyContinue)){Add-PSSnapin "Microsoft.SharePoint.PowerShell"}
# region settings
$RemoteSharePointUrl = "http://[example].sharepoint.com"
$ResultSourceName = "SharePoint Online"
$QueryTransform = "{searchTerms}"
$Provier = "SharePoint-Remoteanbieter"
# region settings end
$SPEnterpriseSearchServiceApplication = Get-SPEnterpriseSearchServiceApplication
$FederationManager = New-Object Microsoft.Office.Server.Search.Administration.Query.FederationManager($SPEnterpriseSearchServiceApplication)
$SPEnterpriseSearchOwner = Get-SPEnterpriseSearchOwner -Level Ssa
$ResultSource = $FederationManager.GetSourceByName($ResultSourceName, $SPEnterpriseSearchOwner)
if(!$ResultSource){
Write-Host "Result source does not exist. Creating..."
$ResultSource = $FederationManager.CreateSource($SPEnterpriseSearchOwner)
$ResultSource.Name = $ResultSourceName
$ResultSource.ProviderId = $FederationManager.ListProviders()[$Provier].Id
$ResultSource.ConnectionUrlTemplate = $RemoteSharePointUrl
$ResultSource.CreateQueryTransform($QueryTransform)
$ResultSource.Commit()
Add a new query rule
In the Search Administration click on Query Rules
Select Local SharePoint as Result Source
Click New Query Rule
Enter a Rule name f.g. Search results from SharePoint Online
Expand the Context section
Under Query is performed on these sources click on Add Source
Select your SharePoint Online result source
In the Query Conditions section click on Remove Condition
In the Actions section click on Add Result Block
As title enter Results for "{subjectTerms}" from SharePoint Online
In the Search this Source dropdown select your SharePoint Online result source
Select 3 in the Items dropdown
Expand the Settings section and select "More" link goes to the following URL
In the box below enter this Url https://[example].sharepoint.com/search/pages/results.aspx?k={subjectTerms}
Select This block is always shown above core results and click the OK button
Save the new query ruleHi Janik,
According to your description, my understanding is that you want to display hybrid search results in SharePoint Server 2013.
For achieving your demand, please have a look at the article:
http://technet.microsoft.com/en-us/library/dn197173(v=office.15).aspx
If you are using single sign-on (SSO) authentication, it is important to test hybrid Search functionality by using federated user accounts. Native Office 365 user accounts and Active Directory Domain Services
(AD DS) accounts that are not federated are not recognized by both directory services. Therefore, they cannot authenticate using SSO, and cannot be granted permissions to resources in both deployments. For more information, see Accounts
needed for hybrid configuration and testing.
Best Regards,
Eric
Eric Tao
TechNet Community Support -
Hybrid Search not working from SharePoint 2013 Online to SharePoint On-premise
Hi,
I have setup a SharePoint 2013 Hybrid environment setup with the following –
Windows Server 2012 R2
SharePoint Server 2013 with April 2014 CU
SQL Server 2014
ADFS 3.0 using SSO with Web proxy and DirSync
SharePoint 2013 Online tenant on Office 365 Enterprise Subscription
I have configured the Hybrid following the article
http://technet.microsoft.com/en-us/library/jj838715(v=office.15).aspx and configured Hybrid Search. The hybrid environment was working fine including Search both ways initially
but after upgrade to April CU 2014 (along with upgrade to SQL 2014 from SQL 2012), now search from SharePoint online to SharePoint in-Premise is not working anymore.
I am still able login with the federated IDs in both the environments and get results from SharePoint Online in SharePoint in-Premise environment.
I have already tried most of the troubleshooting steps mentioned at
http://technet.microsoft.com/en-us/library/dn518363(v=office.15).aspx
Now every time, we perform a search in our SharePoint Online site, which is configured to show hybrid results from SharePoint in-premise, we don’t get results from in-premise and instead we see the following error logged in SharePoint
In-premise Web Server –
Error - An exception occurred when trying to issue security token: Exception of type 'System.ArgumentException' was thrown. Parameter name: value.
And ULS log shows the following – Even though the message seems apparent that there could be duplicate users in user profile Application, but that’s not the case. There are just 2 unique users added there.
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Portal Server
User Profiles ae0sx
Unexpected Error trying to search in the UPA. The exception message is 'System.ArgumentException: Exception of type 'System.ArgumentException' was thrown. Parameter name: value at Microsoft.SharePoint.Administration.Claims.SPIdentityProviders.GetIdentityProviderType(String
value) at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.SearchUsingNameIdOrThrow(UserProfileManager upManager, String nameId, String nameIdIssuer) at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.GetSingleUserProfileFromClaimsList(UserProfileManager
upManager, IEnumerable`1 identityClaims)' 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Foundation
Monitoring b4ly Verbose
Leaving Monitored Scope (Executing the user mapping operation in GetMappedIdentityClaim()). Execution Time=1.4449 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Portal Server
User Profiles ae0su High The set of claims
could not be mapped to a single user identity. Exception Exception of type 'System.ArgumentException' was thrown. Parameter name: value has occured. 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Foundation
Monitoring b4ly Verbose
Leaving Monitored Scope (Inside SPIdentityClaimMapperOperations.GetClaimFromExternalMapper(); calling the registered SPIdentityClaimMapper). Execution Time=1.5596
4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Foundation
Claims Authentication ae0tc
High The registered mappered failed to resolve to one identity claim. Exception: System.InvalidOperationException: Exception of type 'System.ArgumentException' was thrown. Parameter name: value ---> System.ArgumentException:
Exception of type 'System.ArgumentException' was thrown. Parameter name: value at Microsoft.SharePoint.Administration.Claims.SPIdentityProviders.GetIdentityProviderType(String value) at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.SearchUsingNameIdOrThrow(UserProfileManager
upManager, String nameId, String nameIdIssuer) at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.GetSingleUserProfileFromClaimsList(UserProfileManager upManager, IEnumerable`1 identityClaims)
--- End of inner exception stack trace --- at Microsoft... 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59* w3wp.exe (0x1C88)
0x2494 SharePoint Foundation Claims Authentication
ae0tc High ....Office.Server.Security.UserProfileIdentityClaimMapper.GetSingleUserProfileFromClaimsList(UserProfileManager
upManager, IEnumerable`1 identityClaims) at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.<>c__DisplayClass2.<GetMappedIdentityClaim>b__0() at Microsoft.SharePoint.SPSecurity.<>c__DisplayClass5.<RunWithElevatedPrivileges>b__3()
at Microsoft.SharePoint.Utilities.SecurityContext.RunAsProcess(CodeToRunElevated secureCode) at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(WaitCallback secureCode, Object param) at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(CodeToRunElevated
secureCode) at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.GetMappedIdentityClaim(Uri context, IEnumerable`1 identityClaims) ...
4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Foundation
Claims Authentication af3zp
Unexpected STS Call Claims Saml: Problem getting output claims identity. Exception: 'System.InvalidOperationException: Exception of type 'System.ArgumentException' was thrown. Parameter name: value ---> System.ArgumentException:
Exception of type 'System.ArgumentException' was thrown. Parameter name: value at Microsoft.SharePoint.Administration.Claims.SPIdentityProviders.GetIdentityProviderType(String value) at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.SearchUsingNameIdOrThrow(UserProfileManager
upManager, String nameId, String nameIdIssuer) at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.GetSingleUserProfileFromClaimsList(UserProfileManager upManager, IEnumerable`1 identityClaims) ---
End of inner exception stack trace --- at Microsoft.O... 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint
Foundation Claims Authentication fo1t
Monitorable STS Call: Failed to issue new security token. Exception: System.InvalidOperationException: Exception of type 'System.ArgumentException' was thrown. Parameter name: value ---> System.ArgumentException:
Exception of type 'System.ArgumentException' was thrown. Parameter name: value at Microsoft.SharePoint.Administration.Claims.SPIdentityProviders.GetIdentityProviderType(String value) at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.SearchUsingNameIdOrThrow(UserProfileManager
upManager, String nameId, String nameIdIssuer) at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.GetSingleUserProfileFromClaimsList(UserProfileManager upManager, IEnumerable`1 identityClaims)
--- End of inner exception stack trace --- at Microsoft.Office.Server.Secu... 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59* w3wp.exe (0x1C88)
0x2494 SharePoint Foundation Claims Authentication
fo1t Monitorable ...rity.UserProfileIdentityClaimMapper.GetSingleUserProfileFromClaimsList(UserProfileManager upManager, IEnumerable`1
identityClaims) at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.<>c__DisplayClass2.<GetMappedIdentityClaim>b__0() at Microsoft.SharePoint.SPSecurity.<>c__DisplayClass5.<RunWithElevatedPrivileges>b__3()
at Microsoft.SharePoint.Utilities.SecurityContext.RunAsProcess(CodeToRunElevated secureCode) at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(WaitCallback secureCode, Object param) at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(CodeToRunElevated
secureCode) at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.GetMappedIdentityClaim(Uri context, IEnumerable`1 identityClaims) at Microsoft.ShareP... 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59* w3wp.exe (0x1C88)
0x2494 SharePoint Foundation Claims Authentication
fo1t Monitorable ...oint.IdentityModel.SPIdentityClaimMapperOperations.GetClaimFromExternalMapper(Uri contextUri, List`1 claims)
at Microsoft.SharePoint.IdentityModel.SPIdentityClaimMapperOperations.ResolveUserIdentityClaim(Uri contextUri, ClaimCollection inputClaims) at Microsoft.SharePoint.IdentityModel.SPIdentityClaimMapperOperations.GetIdentityClaim(Uri contextUri,
ClaimCollection inputClaims, SPCallingIdentityType callerType) at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.GetLogonIdentityClaim(SPRequestInfo requestInfo, IClaimsIdentity inputIdentity, IClaimsIdentity outputIdentity,
SPCallingIdentityType callerType) at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.EnsureSharePointClaims(SPRequestInfo requestInfo, IClaimsIdentity outputIdentity, SPCallingIdentityTy... 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59* w3wp.exe (0x1C88)
0x2494 SharePoint Foundation Claims Authentication
fo1t Monitorable ...pe callerType) at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.AugmentOutputIdentityForRequest(SPRequestInfo
requestInfo, IClaimsIdentity outputIdentity) at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.GetOutputClaimsIdentity(IClaimsPrincipal principal, RequestSecurityToken request, Scope scope) at Microsoft.IdentityModel.SecurityTokenService.SecurityTokenService.Issue(IClaimsPrincipal
principal, RequestSecurityToken request) at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.Issue(IClaimsPrincipal principal, RequestSecurityToken request)
4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Foundation
Monitoring b4ly Verbose
Leaving Monitored Scope (SPSecurityTokenService.Issue). Execution Time=6.3185 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Foundation
Monitoring nass Verbose
____CPU Cycles=12774004 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Foundation
Monitoring nass Verbose
____Execution Time=6.3185 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Foundation
Monitoring nasq Verbose
Entering monitored scope (CleanUpSecurityTokenServiceOperation). Parent ExecuteSecurityTokenServiceOperationServer 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Foundation
Monitoring b4ly Verbose
Leaving Monitored Scope (CleanUpSecurityTokenServiceOperation). Execution Time=0.0282 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Foundation
Monitoring nass Verbose
____CPU Cycles=14832078 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Foundation
Monitoring nass Verbose
____Execution Time=0.0282 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Foundation
Monitoring b4ly Medium
Leaving Monitored Scope (ExecuteSecurityTokenServiceOperationServer). Execution Time=7.2841 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Foundation
Monitoring nass Verbose
____WebPart Events Offsets=0 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Foundation
Monitoring nass Verbose
____User Address= 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Foundation
Monitoring nass Verbose
____=00000000-0000-0000-0000-000000000000 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Foundation
Monitoring nass Verbose
____Log Correlation Id=4c8b979c-f112-d050-9764-c445282f9184 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Foundation
Monitoring nass Verbose
____Service Calls=0 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Foundation
Monitoring nass Verbose
____Claims Counter=0 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Foundation
Monitoring nass Verbose
____Critical Events=0 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Foundation
Monitoring nass Verbose
____ULS Large Gap= 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Foundation
Monitoring nass Verbose
____Execution Time=7.2841 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Foundation
Monitoring nass Verbose
____CPU Cycles=0 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Foundation
Monitoring nass Verbose
____Current SharePoint Operations=0 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Foundation
Monitoring nass Verbose
____SPRequest Objects=2 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Foundation
Monitoring nass Verbose
____Distributed Cache=0 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Foundation
Monitoring nass Verbose
____SQL Query Count=0 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Foundation
Monitoring nass Verbose
____Current User= 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Foundation
Monitoring nass Verbose
____Request Management= 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Foundation
Monitoring nass Verbose
____Page Checkout Level=Published 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Foundation
Logging Correlation Data 77a3 Verbose
Ending correlation. Transfer to 4c8b979c-f112-d050-9764-c834ee4cf36d 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Foundation
Unified Logging Service cn4g Verbose
Trace level override is turned off. 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1C88) 0x2494 SharePoint Foundation
Logging Correlation Data 77a3 Verbose
Ending correlation. 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1EEC) 0x26BC SharePoint Foundation
Monitoring nasq Verbose
Entering monitored scope (CleanUpSecurityTokenServiceOperation). Parent ExecuteSecurityTokenServiceOperationCaller:http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1EEC) 0x26BC SharePoint Foundation
Monitoring b4ly Verbose
Leaving Monitored Scope (CleanUpSecurityTokenServiceOperation). Execution Time=0.0257 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1EEC) 0x26BC SharePoint Foundation
Monitoring nass Verbose
____Execution Time=0.0257 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1EEC) 0x26BC SharePoint Foundation
Monitoring nass Verbose
____CPU Cycles=2377140 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1EEC) 0x26BC SharePoint Foundation
Monitoring b4ly Verbose
Leaving Monitored Scope (ExecuteSecurityTokenServiceOperationCaller:http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue). Execution Time=13.2855 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1EEC) 0x26BC SharePoint Foundation
Monitoring nass Verbose
____Execution Time=13.2855 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1EEC) 0x26BC SharePoint Foundation
Monitoring nass Verbose
____CPU Cycles=0 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1EEC) 0x26BC SharePoint Foundation
Claims Authentication fsq7
High SPSecurityContext: Request for security token failed with exception: System.ServiceModel.FaultException`1[System.ServiceModel.ExceptionDetail]: Exception of type 'System.ArgumentException' was thrown. Parameter name:
value (Fault Detail is equal to An ExceptionDetail, likely created by IncludeExceptionDetailInFaults=true, whose value is: System.InvalidOperationException: Exception of type 'System.ArgumentException' was thrown. Parameter name: value ----> System.ArgumentException:
Exception of type 'System.ArgumentException' was thrown. Parameter name: value at Microsoft.SharePoint.Administration.Claims.SPIdentityProviders.GetIdentityProviderType(String value) at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.SearchUsingNameIdOrThrow(UserProfileManager
upManager, ... 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59* w3wp.exe (0x1EEC)
0x26BC SharePoint Foundation Claims Authentication
fsq7 High ...String nameId, String nameIdIssuer) at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.GetSingleUserProfileFromClaimsList(UserProfileManager
upManager, IEnumerable`1 identityClaims) --- End of inner ExceptionDetail stack trace --- at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.GetSingleUserProfileFromClaimsList(UserProfileManager upManager,
IEnumerable`1 identityClaims) at Microsoft.Office.Server.Security.UserProfileI...). 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1EEC) 0x26BC SharePoint Foundation
Claims Authentication 8306
Critical An exception occurred when trying to issue security token: Exception of type 'System.ArgumentException' was thrown. Parameter name: value. 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1EEC) 0x26BC SharePoint Foundation
Monitoring b4ly Verbose
Leaving Monitored Scope ([S2S] Getting token from STS and setting Thread Identity). Execution Time=16.83 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1EEC) 0x26BC SharePoint Foundation
Monitoring nass Verbose
____Execution Time=16.83 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1EEC) 0x26BC SharePoint Foundation
Monitoring nass Verbose
____CPU Cycles=7084490 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1EEC) 0x26BC SharePoint Foundation
Monitoring b4ly Medium
Leaving Monitored Scope (Application Authentication Pipeline). Execution Time=20.6415 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1EEC) 0x26BC SharePoint Foundation
Monitoring nass Verbose
____Execution Time=20.6415 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1EEC) 0x26BC SharePoint Foundation
Monitoring nass Verbose
____CPU Cycles=14789795 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1EEC) 0x26BC SharePoint Foundation
Application Authentication ajezs High SPApplicationAuthenticationModule:
Error authenticating request, Error details { Header: {0}, Body: {1} }. Available parameters: 3001000;reason="There has been an error authenticating the request.";category="invalid_client" {"error_description":"Exception
of type 'System.ArgumentException' was thrown.\u000d\u000aParameter name: value"} . 4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59 w3wp.exe (0x1EEC) 0x26BC SharePoint Foundation
General
8nca Medium Application error when access /_vti_bin/sites.asmx, Error=Exception of type 'System.ArgumentException' was thrown.
Parameter name: value at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.ReadResponse(Message response) at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst, RequestSecurityTokenResponse&
rstr) at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst) at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForContext(Uri context, Boolean bearerToken, SecurityToken
onBehalfOf, SecurityToken actAs, SecurityToken delegateTo, SPRequestSecurityTokenProperties properties) at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForApplicationAuthentication(Uri context, SecurityToken onBe...
4c8b979c-f112-d050-9764-c834ee4cf36d
06/04/2014 12:58:41.59* w3wp.exe (0x1EEC)
0x26BC SharePoint Foundation General
8nca Medium ...halfOf)
at Microsoft.SharePoint.IdentityModel.SPApplicationAuthenticationModule.<>c__DisplayClass4.<GetLocallyIssuedToken>b__3() at Microsoft.SharePoint.Utilities.SecurityContext.RunAsProcess(CodeToRunElevated secureCode)
at Microsoft.SharePoint.IdentityModel.SPApplicationAuthenticationModule.ConstructIClaimsPrincipalAndSetThreadIdentity(HttpApplication httpApplication, HttpContext httpContext, SPFederationAuthenticationModule fam) at Microsoft.SharePoint.IdentityModel.SPApplicationAuthenticationModule.AuthenticateRequest(Object
sender, EventArgs e) at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
4c8b979c-f112-d050-9764-c834ee4cf36d
Any ideas?
Anupam ShrivastavaI am experiencing the same issue. Don't have the answer yet about what's wrong exactly. And my SSO works fine too.
I know precisely what makes the SharePoint throw the ArgumentException, but I can't yet figure out how to influence this behavior. I will respond back if I find out, but I hope the following will create an "aha moment" for someone.
So the SP Online issues an OAuth request to the on-prem SharePoint. If verbose logging is on for the Claims category, you may see how it reads these claims. One of them is this:
Claim['nii':'urn:federation:microsoftonline']
Using this claim and the nameid claim the profile mapping logic then reports the following immediately before the error (Set User Profiles to verbose to see this):
Creating encoded sid for nameid '100300008b29cb02' and nameidissuer 'urn:federation:microsoftonline'
Inspecting this logic with Reflector, I can see that it then attempts to infer the identity provider type from the nameidissuer, and throws the exception, because "federation" is not what it expects. It expects either "windows", "trusted" or "forms" for
the provider type.
So the user's actions to lead to this error were as follows:
1. I connect to the Office 365 portal, and get redirected to my ADFS server (same domain for the ADFS server, on-prem SharePoint, and the user accounts).
2. I log on, and from the SP Online portal I issue my search query using a result source configured as per the Hybrid TechNet guidance.
So thanks in advance for any suggestions, on what it could be. -
Form and Workflow in SharePoint Online vs SharePoint On-Premise
Hi Expert,
I have the question about Form and Workflow in SharePoint Online vs ShrePoint On-Premise
Current Problem : Customer is implemented Form and Workflow in SharePoint Online but they have a problem some features that didn’t work in SharePoint Online. I will have a meeting to discuss Do and Don’t Form and Workflow in SharePoint Online compare SharePoint
On-Premise.
Please suggestion.
Thank youHi MasterBird,
For SharePoint 2013 On-premise, we can :
Comlete control of our environment and data
Supports heavy customization
Keep sensitive information in-house
Easier integration into line of business systems
Full development options for developers
For SharePoint Online workflow:
Workflow 2010 & 2013 are available with Standard and Enterprise Editions without having to install
If using Windows Azure workflow functionality is the same as 2013
Cannot create custom Visual Studio workflows
For InfoPath Form Services you will need Office 365 Enterprise Could Edition or SharePoint Online Plan 2
More information, please refer to the video:
http://www.youtube.com/watch?v=eNtCH3qOk2g
Best Regards,
Wendy
Forum Support
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
[email protected]
Wendy Li
TechNet Community Support -
How can I copy documents from a Sharepoint On Premises library to a Sharepoint Online library and at the same time preserving their metadata?
I use the Open Explorer Windows to drag and drop the files, but the metadata are not copied. Thanks.To maintain the metadata you'll need to use one of the third party tools that does this kind of migration. Metalogix has a product with a free trial that we have used before. (Don't remember whether the free version maintains metadata or not).
You can read about it here:
http://www.metalogix.com/Products/Content-Matrix.aspx
Paul Stork SharePoint Server MVP
Principal Architect: Blue Chip Consulting Group
Blog: http://dontpapanic.com/blog
Twitter: Follow @pstork
Please remember to mark your question as "answered" if this solves your problem. -
Migration steps for moss 2007 to sharepoint 2010 and sharepoint 2013
Hi,
I need to learn migration steps from moss 2007 to sharepoint 2010 and sharepoint 2013.Can any one please explain the step by step procedure for this.What are the migration tools available.Please reply.
Regards,
PraveenHi Praveen,
This link describes the process:
http://www.winwire.com/moss-2007-to-sharepoint-2013-migration-using-database-attach-method/
Some paid tools for migration:
https://www.harepoint.com/Products/HarePoint-Content-Workflow-Migrator/Default.aspx?gclid=CM2l1v3m28MCFRVxvAodpq0AVA
https://www.avepoint.com/sharepoint-migration-download/?gclid=CPK17_fm28MCFQ1xvAodekAA8w
Thanks,
Nadeem
Please remember to up-vote or mark the reply as answer if you find it helpful.
Maybe you are looking for
-
Xcelsius and relative cell in Excel from another document
Hi, gurus. I have one question about Xcelsius opportunities. Can I use relative cells in Excel document, which as links to cell in another excel document. For example I have two Excel document. At first I use relative cell like this "='\job\[test_1.x
-
Images cut from Microsoft Word document being picked up in the file size by Acrobat distiller
Hello All; I have a large MS Word document (book manuscript) with almost 400 images (all grayscale) and found that the tiff images needed to be replaced with jpegs to reduce the file size. I created the jpegs, cut the tiff images from the document, a
-
Variable Offset for Fiscal Year Not Working
Hello, My fiscal year variable offsets are not working. I have an input-ready query setup with 3 restricted key figures. 1) Restricted by FY Variable 0P_FYEAR, 0VTYPE = 20, KF = 0QUANTITY 2) Restricted by FY Variable 0P_FYEAR (variable offset -1), 0V
-
Dear All; I have the following sample data shown below create table t1_concept list_id varchar2(1000), list_model varchar2(400), list_num varchar2(1000) insert into t1_concept (list_id, list_model, list_num) values ('A11-11', '1', 'A22-2');
-
Restore ipod shuffle 1st generation not successful
few day ago i restore my ipod but it not successful, after i try to plug it into computer again then computer won't recognize it and it not appear on itune too, i try 5R already but it seem doesn't fix anything because it doesn't have any signal so i