How To Get the Managed Accounts Password in SharePoint 2010

This script I’ve got some time ago from a Microsoft Field Engineer. It is ok to share (you can find this same utility here and a more elaborated version here). Make sure to run this script in the SharePoint Management Shell, using an account with Farm Admin privileges.
function Bindings()
    return [System.Reflection.BindingFlags]::CreateInstance -bor
    [System.Reflection.BindingFlags]::GetField -bor
    [System.Reflection.BindingFlags]::Instance -bor

function GetFieldValue([object]$o, [string]$fieldName)
    $bindings = Bindings
    return $o.GetType().GetField($fieldName, $bindings).GetValue($o);

function ConvertTo-UnsecureString([System.Security.SecureString]$string) 
    $intptr = [System.IntPtr]::Zero
    $unmanagedString = [System.Runtime.InteropServices.Marshal]::SecureStringToGlobalAllocUnicode($string)
    $unsecureString = [System.Runtime.InteropServices.Marshal]::PtrToStringUni($unmanagedString)
    return $unsecureString

Get-SPManagedAccount | select UserName, @{Name="Password"; Expression={ConvertTo-UnsecureString (GetFieldValue $_ "m_Password").SecureStringValue}}

You should see a result like this:


Things to Watch Out

Some tricky things might happen when you execute this script. So, If you run this script and…

  • All passwords displayed are BLANK: check your current logged  account permissions (remember, farm admin rights)

  • Some of the passwords displayed are BLANK: the accounts are likely out-of-synch with Active Directory ..ouch!

Accounts Out-of-Synch With AD

if you have multiple farms or geographically distributed farms, do not be surprised if after you setup the Auto-Reset Managed Accounts Password you see them out-of-synch with AD. If you experience that, try to run the following command:


This will redeploy all the credentials and checks if the current farm passphrase is consistent across all the servers. This command will also tell you if any accounts are broken. In that case you should see a screen similar to the below:


in that case you can try to…

Set the Managed Account Password Manually

Run the following command:

Set-SPManagedAccount -UseExistingPassword

This will allow to enter the password for the managed account. This command is the same used to set the password. You will see a screen similar to the below where you will manually enter the set-sharepoint-managed-accounts-password


If when trying to execute the command, you receive an error message like the one below,


then make sure the SharePoint Timer Jobs are running in all the servers. I hope all these experiences I’ve had help you and maybe save some of your precious time.



How to Fix PassBook: Cannot Connect to iTunes Store iOS6

If you just upgraded your iPhone to the new iOS6 you will note one of the new apps called PassBook. Click here to learn more about the PassBook.

iphone-passbook-hot-to-fix- (2)

However, if you try to access it you will see this frustrating message:

iphone-passbook-hot-to-fix- (3)

here’s a little hack to overcome this. Go to your phone settings and change your device date to the future. Choose year 2013, for example.

iphone-passbook-hot-to-fix- (4)

then confirm and do not select the option to automatically update the time.

With the clock set to the future, go to the PassBook app. You should see once more the cannot connect to the Apple store message, but then after that is all good.

iphone-passbook-hot-to-fix- (5)

iphone-passbook-hot-to-fix- (1)



How to Fix: Verify that the critical User Profile Application and User Profile Proxy Application timer jobs are available and have not been mistakenly deleted

When provisioning a Project 2010 Server or a SharePoint 2010 server, if you are using the Service Pack 1 you will have an unpleasant surprise which is the User Profile Service misbehaving and potentially breaking your system. To fix that, the recommendation is to apply the August 2011 Cumulative Update.
However soon you will notice that every hour or so, your SharePoint Health Analyzer will start bombarding your screen with this error:
That is in fact an issue introduced with the August CU. It is a known issue and MS is working on that. Chances are there is nothing wrong with your UPS. That's very likely a false positive. They are just timer jobs which are being deleted without any intervention, but because a bug was introduced by the cumulative update package.
So to avoid that message keeps showing up and drawing your attention, you have to set SharePoint to automatically try to fix the issue. Follow these steps.
In the Monitoring section, in the Central Admin, click the link Review Rule Definitions
A list of all the current job definitions will be listed by group. Browse the Configuration group and find the rule called "Verify that the critical User Profile Application and User Profile Proxy Application timer jobs are available and have not been mistakenly deleted"

Click the rule and edit the item selecting the checkbox Repair Automatically, then save.

Now, every time this message comes up SharePoint will try to fix the issue automatically creating the missing timer jobs



The New Microsoft Logo Done Using ONLY CSS

That’s pretty hard-core UI , the new Microsoft logo done entirely with CSS. No images, no convoluted HTML…just plain CSS.
logo {
    font: 60px "Segoe UI";
    color: #747273;
    line-height: 1.5em;
    padding-left: 1.7em;

logo:before {
    content: '\2006';
    position: absolute;
    height: 0.095em;
    left: 0;
    box-shadow: 0.35em 0.35em 0 0.25em #f8510c, 1.05em 0.35em 0 0.25em #7eba00, 0.35em 0.97em 0 0.25em #00a3f4, 1.05em 0.97em 0 0.25em #ffba00;     

If you create an html page with:


you will see

You can play around here for more results: 


Note that the logo increases/shrinks according to the length of the text



( yeah, I know…doesn't look good on Apple Smile )

Go ahead and have fun!



Project Management: Duration, Scheduling, Resourcing

Before the project starts, a schedule is created. A schedule determines the macro view of the project, which is then broken down into smaller pieces of work. The person responsible to handle this dynamic is called Scheduler.
The scheduler with all these pieces then creates a work breakdown structure, aka. WBS, which is the wallet for the effort estimated for each task. Then we find the people, then allocate them and then we get moving.
This is not news, we've been doing this for centuries. Just look at the engineering projects. We've been building cathedrals, cities, bridges, castles for many years. We do have a huge experience and materials when the subject comes to manage engineering projects.
With so much experience and materials to build upon, we still find ourselves having an incredible hard time trying to answer one question : how many tasks should we have in a schedule and how long each task should be?

The Art of Estimation
Often we see project schedules that are just plain convoluted and project managers frustrated to isolate the issue with the tasks in the project schedule because they far too macro. Some projects lasts decades, like the construction of the LHCI; some projects are just a few days. But regardless of the length, how to handle a schedule with hundreds, thousands of items?
Different industries, require different project management strategies, that's one of the primary challenges of the project: Delivering on time, on budget. Let's have a look at an IT project. Here a few samples on how to approach the scheduling and task decision process:
IT projects: IT is a very new category of projects; unlike engineering projects the experience is being built fairly recently, which might explain why so many IT projects fail in comparison with older industries.
  • Phases: IT projects normally follow a very successful model, which is a design phase, a development/build phase, a quality assurance/testing phase, a documentation phase, and a deployment/release
  • Duration: The projects are measured in weeks or months; which makes the task to allocate work a bit easier: days or weeks.
  • Resourcing: Resource allocation comes down to a person/unit. If you drink the Agile-koolaid you should try to think about the resources and tasks using  short sprints. Maximum 2 weeks sprints.
Engineering/Construction Projects: This is what the humankind knows how to do it best. Big scale projects.
  • Phases: Just like regular planned projects but having an engineering phase at the beginning. This is a very peculiar group, because despite our vast historic experience, this moment always covers one or many aspects that has never been done/thought/designed before.
  • Duration:  Engineering projects are visualized in months, years...lasting at minimum weeks and at maximum months.
  • Resourcing: Expect to see thousands of tasks in this type of project. So the Scheduler here will have to manage the units person/skill level, rather than person/day. These allocations can become quite complex and often there is a needed to create smaller projects and group them into a program to ease the management and delivery aspect.
Which these concepts in mind we will discuss now how long should be a project.
Divide to Conquer
Let’s imagine an engineering plant location move project. The company bought new offices in another location and needs to phase-out the old offices while transitioning to the new one. First we need to identify the macro-objective, then after that experience show us that the breakdown in smaller pieces are a good approach. Not only because they are more visible to manage and to handle but also because their deliverables can potentially be closed down independent of each other.
you determine the star and finish of the project. then you breakdown in smaller tasks (A, B, C, D, for example), then you try to group these tasks in logical phases (1, 2 and 3, in our case) and for each phase you try to break them in smaller micro tasks. How many micro tasks is up to the manager or responsible for the delivery but in my experience I try to avoid creating less than 5 tasks and more than 15. This is not a rule of guide, it is just the number I personally feel confortable and that has brought me most successes.
Additionally, every time a decision needs to be applied to a task try to get into the habit of asking yourself: can this task be broken down into smaller tasks? Is this going to impact the scope? the main reason for that is because generally some tasks look very simple in the schedule but effectively can become quite complex during the execution…for many reasons. You can’t foresee which ones will be but you can forecast their likelihood of happen.
And yet…
bear in mind that despite all our previous successes and our amazing management skills… some projects will fail, and sometimes nothing can stop that happening. For these cases the same old adage still applies: visibility, visibility, visibility. Make a deliverable visible as much as you can, use whatever powers you have to propagate this visibility. You cannot stop a project from failing, but you can fail gracefully (to use a term from IT management). As long as everyone is aware of how the project is going and we are doing the best we can of the situation everyone is accountable.
The plan is not important, but planning is important.



What is BYOD and Why Some Companies are Against It ?

BYOD (bring your own device) is one of the big topics being discussed now in the organizations. The main questions arise from:
  • is our organization mature/prepared enough to allow external devices coming into our ecosystem?
  • is our workforce trained and educated enough to understand their possibilities, actions and consequences?
  • is our overall culture and strategy aligned with the new world of BYOD?
These are extremely thoughtful questions and if governance around this topic is not done with due diligence, these policies can swiftly backfire.
What's the point in blocking Facebook, twitter etc. when clearly your employees likely have a smartphone in their pocket and will use these services anyway?
Having said that, I believe we need to understand the motivations and the cost x benefits that BYOD would bring to an organization.
For example, it is common practice that content created on company's computers are intellectual property not of the employee but the company itself; however what are the implications if the employee creates his material in a personally own laptop? who has the IP of the production? you see...that's already raising big questions and yet this is not even the tip of the iceberg. The lines between IP and behaviour are getting blurred by the minute.
and here's the raw truth. 67% of the people are already using it and the majority of people is in favour of bringing their own devices to work anyway.

How did the BYOD thing started?

We live in a social world, and the technology reflected this in many ways, mimicking across the virtual world. Now we have Facebook, tweeter etc. So when people went to work, they felt the need to adjust their new virtual persona across the boundaries as well. People don't want to wait until 6PM to live their online personas, they want full experience, control. So, BYOD started from the employee/worker's perspective.
The next step was then to use the devices they felt more confortable with. Your company might have a preferred mobile device such as BlackBerry for business, HP for laptops, encrypted USB drives for data transfer. And more often than not, these are pushed via company policies. However, some workers did not like BlackBerry, they want to use iPhones, they prefer using a Samsung Series 9 instead of HP, and they prefer to keep their stuff in pocket hard disks. People were then using the company's recommended devices and side-by-side using their own preferred ones. Almost like a parallel reality.
And for a whole new generation which was born with a myriad of technological options, being able to choose their own hardware and software platforms makes them more satisfied. More satisfied workers likely makes more productive people. More productive people increases the chances of a project success. Project success makes companies happy. Win-Win for companies and workers.
Sounds like simple joining the dots. It isn't.
Research has shown more majority of organizations are against BYOD  , and in fact some organizations actually ban workers bringing their own devices to work. But don't blame the corporations for it, some of them have very good points to back their policies.
Look at this research and you can see that almost 60% of U.S. IT professionals view mobile devices owned by employees as posing the greatest risk their organization face . If you work in the healthcare or finance, this is even more real.
Mainly this happens because some industries are highly regulated by very strong code of practices when it comes to sensitive and privacy data such as company and customers. These industry regulators stand a very strong stance and it an organization is found breaching some of their obligations they can easily face fines and some cases even jail.
See now? the iceberg tip starts to show up and the conversation is not focused anymore just on gadgets but how a business is run and their obligations with the market, government and citizens.
Overall, all this is great. It opens up the canvas for discussion around the pros and cons of adopting BYOD.
Just accepting BYOD as the coolest thing ever at the workplace is not the smartest route. As in any project, all the risks and benefits need to be weighted.



How to Get AD Forest in PowerShell

Here’s another small PowerShell script useful for your administration. It returns the AD object for a specified forest; the forest in the current context is returned  if nothing is passed as parameter. This is also compatible with Office 365.
function Get-Active-Directory-Forest-Object ([string]$ForestName, [System.Management.Automation.PsCredential]$Credential)
    #if forest is not specified, get current context forest
    If (!$ForestName)     
    {        $ForestName = [System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest().Name.ToString()    

    If ($Credential)     
        $credentialUser = $Credential.UserName.ToString()
        $credentialPassword = $Credential.GetNetworkCredential().Password.ToString()
        $adCtx = New-Object System.DirectoryServices.ActiveDirectory.DirectoryContext("forest", $ForestName, $credentialUser, $credentialPassword )
        $adCtx = New-Object System.DirectoryServices.ActiveDirectory.DirectoryContext("forest", $ForestName)    

    $output = ([System.DirectoryServices.ActiveDirectory.Forest]::GetForest($adCtx))    

    Return $output



How to Change Currency from Windows Store in Surface, Windows RT

if you just received your Microsoft Surface RT, when going to the Windows 8 app store you should see the prices in your local currency. In my case I saw the prices in British Pounds…living in Australia it does not make much sense…so if you come across this, here’s how to fix:


at the Start Menu, type ‘location’. and select the option ‘Settings’ and ’Change location’


in the next screen, choose your correct location. In my case, my Surface was configured to ‘United Kingdom’, so I just changed to ‘Australia’

click OK and voila! all set. If you go to the Windows Store again you should see the prices adjusted to your correct currency.



How to Populate a ObjectDataSource from a Dataset

To use datasets for data manipulation and grid displaying is great in a SharePoint environment.  
The .NET framework offers many displaying controls for that task amongst them is the SPGridView. Grid views are excellent for presenting data because people like to see things organized in grids. it is almost natural to our eyes and project stakeholders love grids because they are like the heart and soul of a project management report.
If you are using SharePoint it is pretty straightforward to instantiate a SPGridView control and then use the datasource property to point to a dataset.
So let's say, you want to display all the team sites or site under a specific URL. you can populate a dataset with the rows and bind to the grid.

The only issue here is the network traffic. Every time you perform a postback you will force the dataset to be loaded and then the grid will just change the page displayed, but under the hood the whole dataset was there populated. If you have hundreds of sites and these are being accessed by multiple users it can potentially be using unnecessary bandwidth. ( note: There are strategies to place around this mechanism like using cache objects and persisting information in the viewstate, but we wont be discussing them here )
Would not be great if we could have a out-of-the-box structure good enough to allow fetching the necessary records for a specific page?
For that we can use the ObjectDataSource control.

You can read a lot about the usages of the ObjectDataSource all over the net, but if you are like me a big fan of datasets and you have been dealign with datasets objects in many legacy applications, you want to just want to have an easy way to migrate your datasets to ObjectDataSources.
Unfortunately, the ObjectDataSource control does not have a property like objectDataSource.DataSource neither it has a LoadFromXml or Load(Dataset)...
So how do you do?
Here's how I find it: using reflection.

ObjectDataSources do not have a property to perform something like MyObjectDataSource.DataSource=MyDataSet, but it does have a constructor that allows you to parse classes and extract data methods.
So let's say you have a scenario like this in a webpart
        /// <summary>
        /// Called by the ASP.NET page framework to notify server controls that use
        /// composition-based implementation to create any child controls
        /// they contain in preparation for posting back or rendering.
        /// </summary>
        protected override void CreateChildControls()
            Grid = new SPGridView
                               AutoGenerateColumns = false,
                               AllowSorting = true,
                               AllowPaging = true,
                               AllowFiltering = true,
                               PageSize = 10
            Grid.DataSource = MyDataSet.MyTable;

To convert this to an ObjectDataSource you then do this...
        /// <summary>
        /// Gets the data table for object source.
        /// </summary>
        /// <returns></returns>
        public DataSet GetDataTableForObjectSource()
            // do whatever you want to do here and
            // return the table with the data
            return MyDataSet.MyTable;
        /// <summary>
        /// Called by the ASP.NET page framework to notify server controls that use
        /// composition-based implementation to create any child controls
        /// they contain in preparation for posting back or rendering.
        /// </summary>
        protected override void CreateChildControls()
            // in this constructor specify the type name, the class name and
            // the public method inside this class where the object datasource will retrieve the data
            // make it a signed assembly for security reasons.
            var edgeDataSource =
                new ObjectDataSource(
                    "MyNamespace.MyClass, MyNamespace.MyClasss, Version=, Culture=neutral, PublicKeyToken=ce8ab85a8f42a5e8",
                    "GetDataTableForObjectSource") {ID = "EdgeDataSource"};
            Grid = new SPGridView
                               AutoGenerateColumns = false,
                               AllowSorting = true,
                               AllowPaging = true,
                               AllowFiltering = true,
                               PageSize = 10
            // do not use DataSource property. MUST USE DataSourceID with the control name
            Grid.DataSourceID = "EdgeDataSource";
            // do this before the databind
            // bind the objects and execute the call
            //specified in the ObjectDataSource constructor
Cute trick!
So there you go. To migrate, load, or populate ObjectDataSources using DataSets, all you have to do is to wrap the data returned in a public class and pass the method information to the ObjectDataSource constructor. I hope this helps you guys out there using ObjectDataSources.
Now go coding. Happy paging, happy filtering, happy caching!