Oct 122011

Running remote Powershell scripts for SharePoint

 

I’ve been playing around with Powershell the last week and thought I’d post some of my trickier findings:

 

Remoting with powershell

 

With remoting you can script installations or configurations that should be done on multiple farms/servers without having to login to each farm and run the script with it’s variables. Now you can just build 1 big script with variables and run each part of the script with a remote powershell session opened with the correct credentials.

 

The code below calls some functions to start a new remote session with fixed name, load variable / functions file into the session to be used later, run your code using the variables and functions, end session.

 

StartRemoting $AUTH_Servername $AUTH_ServerUser $AUTH_ServerUserPassword
            $s = Get-PSSession -Name "RemoteSP2010Script"
            Invoke-Command -Session $s -ScriptBlock {
            LoadSharePointCmdlets
                                                #YOUR CODE
            }
            StopRemoting $AUTH_Servername

 

function LoadSharePointCmdlets()
{

Write-Host "- Loading SharePoint cmdlets" -foregroundcolor "Green"
Add-PsSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue
}

function StartRemoting($Server, $Username, $Password)
{
    #Build credentials from variables
    if($Username -eq $NULL)
    {
        $Credentials = $NULL
    }
    else
    {
        $Credentials = New-Object -TypeName System.Management.Automation.PSCredential 
                                                        -argumentlist $Username , $Password 
    }

    #enable remoting
    enable-PSRemoting -confirm:$false
    
    #increase memory limit for remote shell
    Set-Item WSMan:\localhost\Shell\MaxMemoryPerShellMB 1000 

    #Disconnects the client remote desktop
    #Enable-WSManCredSSP -Role client -DelegateComputer $Server -Force
    
    Write-Host "Starting new remote session to" $Server -foregroundcolor "Green"
       if ($Credentials -eq $NULL)  
      {  
            $s = new-psSession -ComputerName $Server -Name "RemoteSP2010Script"
      } 
      else
      {
           $s = new-psSession -ComputerName $Server -Authentication CredSSP
                                       –Credential $Credentials -Name "RemoteSP2010Script"
      }
    
    #Load Variables & functions into remote session
    Write-Host "Loading variables and functions into remote session"  -foregroundcolor "Green"
    
    Invoke-Command -Session $s -FilePath $VariableFileLocation -ErrorAction SilentlyContinue
    Invoke-Command -Session $s -FilePath $FunctionsFileLocation -ErrorAction SilentlyContinue
}

function StopRemoting($Server)
{
    Write-Host "Closing remote session to" $Server -foregroundcolor "Green"
    Remove-PSSession -ComputerName $Server
}
Published: 10/12/2011  8:38 PM | 0  Comments | 0  Links to this post

Oct 122011

SharePoint 2010 web applications with host header eventID 4625 – 0xc000006d

I made a new web application today on my SharePoint 2010 development machine through Central Administration and entered a Fully qualified domain name FQDN as url like http://company.intranet and added the mapping in my host file.

 

When trying to connect to my new web application / root site collection I got a pop-up windows asking my login 3 times after which I just got a blank screen.

I ping’ed the url and it did return my 127.0.0.1 IP so I was sure the address lookup was correct.

 

In the event viewer I could see an error with eventID 4625 and error 0xc000006d.

 

Turns out this is quite normal and by design, it’s a safety precaution in IIS. I found the solution on this blogpost.

 

When you use integrated authentication and you have the website as a local IIS site, then you will only be able to access the website using the machine name (http://codejourney). You will not be able to access it using a FQDN.

 

How to disable loopback check for local IIS websites:

 

There are 2 ways to get past this annoyance.


Both solutions require registry editing, so remember to create a backup first.
Solution 1 (Preferred): Specify which host names that does not cause loopback check.

1: Open up the registry editor by typing regedit under Run.
2: Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
3: Right-click MSV1_0 and click New and choose to make it a Multi-String Value.
4: Enter BackConnectionHostNames as name for the entry, and double-click it to modify it.
5: Type the hostnames you need to use (code-journey.com for instance).
6: Restart IISAdmin Service (“Start” -> “Administrative Tools” -> “Services”)

Solution 2 (Not recommended):
 1: Open up the registry editor by typing regedit under Run.
2: Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
3: Right-click Lsa and click New and choose to make it a DWORD Value.
4: Enter DisableLoopbackCheck as name for the entry, and double-click it to modify it.
5: Set the value to 1 and click OK

Published: 10/12/2011  8:26 PM | 0  Comments | 0  Links to this post