Tuesday, 20 June 2017

Term store mussings with iFrames


Problem: I have a SharePoint site (ClientOrders i.e. https://orders.radimaging.com/sites/client1) being iFramed in another SharePoint site (Portal i.e. https://portal.radimaging.com/), to iframe in the ClientOrders site collection.  I want to iframe in the list, the list has termsets for it's metadata i.e. Country.

Initial Hypothesis:  In the site Client Orders, I need to allow the site to be iFramed, I do this by suppressing the iFrame HTTP header that stops subdomain iFrame using the server control: AllowFraming.  See this post for details.  Once the oages can be iFramed, I use a Page Viewer Web Part in the Portal on a page and now I can see my Client Orders inside the Portal SharePoint site collection.  When I want to add meta data to the Order items such as country, the popup (webTaggingDialog.aspx) fails to load with the Security exception.  This aspx page uses it's own mast page on the 15 hive than can be updated (wathc out for CU's overriding the change).  The information below highlights the change.

When adding term set meta data to a SharePoint list item, the SharePoint use a Root hive/15 hive file, WebTaggingDialog.aspx:
/_layouts/15/WebTaggingDialog.aspx?Field=Content%20Language&IsDlg=1

Resolution: In my case I need to allow this page to be iFramed so I had to go to the WFE's and change the hive, I changes the master page to suppress the SameOrigin HTTP response (using theAllowWebFraming server control).  I added the X-Framing-Options header back with the SameOrigin and allowfrom https://portal.radimg.com.  So just plain horrible.  The WebTaggingDialog.asp does not use the site collection master page.  I amend the dialog.master file.

Problem: Now the problem is that the WebTaggingDialog is not loading the treeview control to display the term set.

Initial Hypothesis: JS lazy loading issue or it is using the iFrame parent page (Portal) rather then (the calling page) to build up the display?

Friday, 9 June 2017

SharePoint on-premise reporting options

Overview:  As always this really depends on the circumstances but my broad view on reporting for SharePoint is outlined below.

Thoughts:

  • Power BI on-prem. has not been release but will work for SSRS reports and have the Power BI functionality that shall be embedded using an iFrame into SharePoint.
  • The upgrade path from SSRS SharePoint integrated mode is going to be hard, whereas the upgrade path from SSRS native mode will be simple.
  • Power-BI on-prem is not going to support SAML.  Use WAP (Web Application Proxy)/reverse proxy to get NTLM ot Kerbros tickets for authentication.
  • SSRS SharePoint integrated mode shall be available only in SP2013 and SP2016 and not have any continued path going forward.


SharePoint 2013 Options:

SharePoint 2013 BI Options SharePoint 2013 SQL BI Options
Excel Services
PerformancePoint
SharePoint KPI/Filters
SSRS SharePoint Integrated Mode
Power Pivot for SharePoint

The table below shows what you client probably uses historically and the challenge is to map them out to a supportable solution on SharePoint going forward.

BI in SharePoint and the Microsoft stack has drastically changed over the past 2 years.  The next 12 months should keep this pace up with the release on Power BI.  As my knowledge in this area improves I'll update this post.

Other Posts that may be useful:
A good post to read as of EOY 2016 on BI  for SharePoint
SP2013 with SSRS 2012 SharePoint integrated Mode Overview
Installing SSRS on SP2013 Reporting Post

Monday, 5 June 2017

Enforcing Authentication using the Windows IdP

Overview: SharePoint farms often have multiple Identity Providers (IdP) such as Ping or SiteMinder and you always need to have Windows for the Search and other reasons.  Often you need to force the browser or CSOM code to use a specific IdP, in my case, the Windows IdP needs to be used.

In Fiddler, I have added a header as shown below to enforce the browser uses the Windows IdP:


CSOM HTTP Header added to force usage of the Windows IdP:

Simple Code for a CSOM SharePoint Test Rig



Thursday, 25 May 2017

Xamarin is fantastic-

Overview:  I am enjoying working with Xamarin, easy for any C# developer with a little experience and forethought to build decent applications.  Microsoft/Xamarin really reduces the barriers and makes building native mobile applications very achievable.  Nothing to do with SharePoint but maybe my next out of hours project will encompass O365.  I saw a demo at an Azure conference 2 months ago and thought it looks pretty straight forward.

Proposed Solution:  Scratch card game

  • Build a Web  Service for holding game and user details
  • Build UI to reveal scratch card for Android and iOS
  • Sign in using Facebook
  • Retain users winnings and games played information 

Summary: PoC is going well, deployed the Web Service and SQL backend, registered with Facebook and can login.  Secured mobile apps Droid and iOS.

Tips: PCI projects and Xamarin forms projects do not play nicely together.  Choose wisely.  Also get some help from a Xamarin developer, it is saving me so much time when i hit a problem.

Friday, 28 April 2017

Switch Master Page Minimum Permissions

Problem: Use the Client Side Object Model (CSOM C#) to add a new master pages to a site collection and switch the master page.

Initial Hypothesis: Writing to a site collection only required contribute rights or even "designer" rights at the web application permission level.

Resolution: The minimum permission set for changing master pages is "Full Permission" which a site owner and the site collection admin have.  So to switch master pages you need a high set of permissions.  UI allows master pages to be switched when the user only has "Design" permissions. This proof is flawed as the UI and CSOM permissions are different.  Can the UI have different permissions to the CSOM API???  Am I going mad.  
SPWeb object with Design user permissions cannot be updated and the API returns an "Access Denied Error" - Thanks to Sachin Khade for identifying this.

Updated 26/05/2017:  So the reply I got from the engineer who raised a Microsoft ticket is "SharePoint designer and  SharePoint GUI only need to have design permission to change the master page. This is because SharePoint designer is created as an extension of the SharePoint product. However, since CSOM calls are coded using Visual studio, the code flow involved in this is different and hence requires permissions that are higher than what SPD needs."

Summary: "Design" rights allow the user to change the master page using the UI however the same user cannot switch the master page using the CSOM C# approach.

Updated 26/05/2017: Thanks to Aswin Bhaskaran for working out a minimum permission set for using CSOM to switch the master pages on a site collection:
Note: "Design" rights can be applied at the Web Application Policy level allowing the accounts with "Design" rights the ability to add master pages.  The "Design" permission is only built into SP at the Site Collection level, I created the "Design" permission with the same permissions at the web application level to ensure my account in the Web app Design group has access to all site collections on my web app.

Note: Microsoft do not recommend customized master pages for O365 or future development.  Rather inject JavaScript to modify pages.

Thursday, 6 April 2017

SharePoint Search to extract SharePoint list Data into SQL

Problem:  I have multiple lists that I need to get data changes updated into SQL on multiple site collections.  Think 1000 site collections with 5 lists in each so 5K lists are being updated (my actual requirement is much larger).

Initial Hypothesis: In SP 2010 or SP 2013 I would use a Full Trust Event Receiver and register each list using a feature but now we are in the new world of no full trust code.  The 1st thought is RER (Remote Event Receivers), I need to register 5,000 of these and they are notoriously unreliable for delivery.  Search has to pick up all changes to list items for indexing and I can break into the crawl pipeline during Content Enrichment.

Proposed Solution:


Points to Consider:
  1. I need to create a Content Enrichment Web Service (CEWS) that I shall call from the crawl component.  I can only register a single web service on a crawl SSA so consider using the toolkit/Microsoft CEWS Framework on the Web Service endpoint this allows multiple Web Servies to be strung together.  Good idea to implement a toolkit so multiple pieces of logic can be applied.  So if BA Insights registered, then can't add another CEWS Web service. CEWS toolkit provides a pipeline of stages to add custom logic later.  So write our own stages and hook into the CEWS framework.
  2. CEWS does not process item deletes so a possibility is using the crawl log to identify deletes
  3. There is no CEWS on SharePoint Online/O365.
Note: Properties returned from CEWS has minimal data input (common custom fields such as Title) and need to augment with registered MP's to get the data in the CEWS web Service.  Do not get a dump of properties/need to register and ask for the properties.

27/04/2017 Note: An idea I had to deal with "Deletes", I could put the item into a status of "About to Delete" and the crawl would pick up the status and the CEWS could delete from he SQL database and then the Web Service could delete the list item from the SharePoint list.  It doesn't work, the CEWS pipeline does not pickup and item updated and then deleted.  So the crawl is smart but I can't enhance using this approach so more work to fix the delete ...


Wednesday, 5 April 2017

CSOM for Deployment of SharePoint sites and Assets


Problem:  Historically we built Site Templates and WSP to build up of SharePoint solutions.  With the current state of SharePoint it's not advisable to release Full Trust Code (FTC).

Initial Hypothesis: So I often tend to write CSOM for custom provisioning and asset deployment.  I utilise the Tenant Admin API for provisioning site collections and then CSOM SharePoint in C# to provision and deploy my assets.

Possible Resolution:
PnP has a great library to provision assets to base you solution on, customising and building XMLfiles allows you to quickly build repeatable SharePoint solutions that are easily configurable.
Also InstantQuick has a solution called IQApp that is worth a look at.