… just technical stuff!

Here is a small PowerShell script to fix the pictureurl for all userprofiles after changing the mySite Url:

$mySiteWebapplicationUrl = "https://mysite.normanbauer.com/"
#current Url of your mySite website

$mySiteOldUrlValue = "http://mysitetest:80/"
#former Url where your pictures do not reside any more

$mySiteNewUrlValue = "https://mysite.normanbauer.com:443/"
#current Url where your images can be found now

$mySite = Get-SPSite $mySiteWebapplicationUrl
$SPServiceContext = Get-SPServiceContext $mySite
$userProfileManager = New-Object Microsoft.Office.Server.UserProfiles.UserProfileManager($SPServiceContext)
$userProfiles = $profileManager.GetEnumerator()

foreach ($userProfile in $userProfiles)
{
  #if pictureurl is not empty replace the old url part with the new one
  if ($userProfile["PictureURL"] -ne '')
  {
    $oldPictureUrl = $userProfile["PictureURL"].toString()
    $newPictureUrl = $oldPictureUrl.Replace($mySiteOldUrlValue, $mySiteNewUrlValue)
    write-host "oldPictureUrl = " $oldPictureUrl " --> newPictureUrl = " $newPictureUrl
    $userProfile["PictureURL"].Value = $newPictureUrl
    $userProfile.Commit()
  }
}

In Windows 7 administrators have the possibility to monitor boot and shutdown performance by reviewing event logs. The most common one is located at Event Viewer > Application and Services Logs > Microsoft > Windows > Diagnostics-Performance > Operational. Events with an ID of 100 for boot up and 200 for shutdown will give you some basic information on the general tab, for example, when did the last boot up or shutdown happen and how long took it to complete and more detailed information on the Details tab.

On the Details tab you can find even more. Here is how to get this information programatically with the help of powershell. Run the following commands from an elevated powershell:

$bootevents = Get-WinEvent -FilterHashtable @{logname="Microsoft-Windows-Diagnostics-Performance/Operational"; id=100}
$bootevent = 1$bootevents[0].ToXml()
$bootevent.Event.EventData.Data

$shutdownevents = Get-WinEvent -FilterHashtable @{logname="Microsoft-Windows-Diagnostics-Performance/Operational"; id=200}
$shutdownevent = 1$shutdownevents[0].ToXml()
$shutdownevent.Event.EventData.Data

These upper 3 lines will get all events from the named logfile with the event id 100. Afterwards in converts the first result to xml, which now can be used in different ways. At this time we just want to print it on the screen. The lower 3 lines will do the same for shutdown events with event id 200.

This is the boot result for my computer:

Name                                    #text
----                                    -----
BootTsVersion                           2
BootStartTime                           2012-01-10T07:33:36.656000300Z
BootEndTime                             2012-01-10T07:35:43.438676400Z
SystemBootInstance                      167
UserBootInstance                        122
BootTime                                78563
MainPathBootTime                        30263
BootKernelInitTime                      28
BootDriverInitTime                      1521
BootDevicesInitTime                     1809
BootPrefetchInitTime                    0
BootPrefetchBytes                       0
BootAutoChkTime                         0
BootSmssInitTime                        7424
BootCriticalServicesInitTime            534
BootUserProfileProcessingTime           4625
BootMachineProfileProcessingTime        10802
BootExplorerInitTime                    2383
BootNumStartupApps                      17
BootPostBootTime                        48300
BootIsRebootAfterInstall                false
BootRootCauseStepImprovementBits        0
BootRootCauseGradualImprovementBits     0
BootRootCauseStepDegradationBits        0
BootRootCauseGradualDegradationBits     0
BootIsDegradation                       false
BootIsStepDegradation                   false
BootIsGradualDegradation                false
BootImprovementDelta                    0
BootDegradationDelta                    0
BootIsRootCauseIdentified               false
OSLoaderDuration                        1026
BootPNPInitStartTimeMS                  28
BootPNPInitDuration                     1990
OtherKernelInitDuration                 1006
SystemPNPInitStartTimeMS                2990
SystemPNPInitDuration                   1340
SessionInitStartTimeMS                  4337
Session0InitDuration                    5181
Session1InitDuration                    1192
SessionInitOtherDuration                1050
WinLogonStartTimeMS                     11761
OtherLogonInitActivityDuration          691
UserLogonWaitDuration                   8463

And here is the shutdown result:

Name                                    #text
----                                    -----
ShutdownTsVersion                       1
ShutdownStartTime                       2012-01-07T15:06:38.501239300Z
ShutdownEndTime                         2012-01-07T15:07:03.559344800Z
ShutdownTime                            25058
ShutdownUserSessionTime                 2728
ShutdownUserPolicyTime                  37
ShutdownUserProfilesTime                84
ShutdownSystemSessionsTime              20852
ShutdownPreShutdownNotificationsTime    15732
ShutdownServicesTime                    5007
ShutdownKernelTime                      1477
ShutdownRootCauseStepImprovementBits    0
ShutdownRootCauseGradualImprovementBits 0
ShutdownRootCauseStepDegradationBits    0
ShutdownRootCauseGradualDegradationBits 0
ShutdownIsDegradation                   false
ShutdownTimeChange                      0

Have a look at this blog post to learn how to push this data into a SQL database with powershell.

Related to my last post about how to change BitLocker recovery password from an elevated command prompt here is how you can achieve the same result with vbScript and WMI. This script is from Microsoft TechNet: BitLocker Drive Encryption Operations Guide: Recovering Encrypted Volumes with AD DS.

' Target drive letter
strDriveLetter = "c:"

' Target computer name
' Use "." to connect to the local computer
strComputerName = "."

' --------------------------------------------------------------------------------
' Connect to the BitLocker WMI provider class
' --------------------------------------------------------------------------------

strConnectionStr = "winmgmts:" _
                 & "{impersonationLevel=impersonate,authenticationLevel=pktPrivacy}!\\" _
                 & strComputerName _
                 & "\root\cimv2\Security\MicrosoftVolumeEncryption"

On Error Resume Next 'handle permission errors

Set objWMIService = GetObject(strConnectionStr)

If Err.Number <> 0 Then
     WScript.Echo "Failed to connect to the BitLocker interface (Error 0x" & Hex(Err.Number) & ")."
     Wscript.Echo "Ensure that you are running with administrative privileges."
     WScript.Quit -1
End If

On Error GoTo 0

strQuery = "Select * from Win32_EncryptableVolume where DriveLetter='" & strDriveLetter & "'"
Set colTargetVolumes = objWMIService.ExecQuery(strQuery)

If colTargetVolumes.Count = 0 Then
    WScript.Echo "FAILURE: Unable to find BitLocker-capable drive " &  strDriveLetter & " on computer " & strComputerName & "."
    WScript.Quit -1
End If

' there should only be one volume found
For Each objFoundVolume in colTargetVolumes
    set objVolume = objFoundVolume
Next

' objVolume is now our found BitLocker-capable disk volume

' --------------------------------------------------------------------------------
' Perform BitLocker WMI provider functionality
' --------------------------------------------------------------------------------

' Add a new recovery password, keeping the ID around so it doesn't get deleted later
' ----------------------------------------------------------------------------------

nRC = objVolume.ProtectKeyWithNumericalPassword("Recovery Password Refreshed By Script", , sNewKeyProtectorID)

If nRC <> 0 Then
     WScript.Echo "FAILURE: ProtectKeyWithNumericalPassword failed with return code 0x" & Hex(nRC)
     WScript.Quit -1
End If

' Removes the other, "stale", recovery passwords
' ----------------------------------------------------------------------------------

nKeyProtectorTypeIn = 3 ' type associated with "Numerical Password" protector

nRC = objVolume.GetKeyProtectors(nKeyProtectorTypeIn, aKeyProtectorIDs)

If nRC <> 0 Then
     WScript.Echo "FAILURE: GetKeyProtectors failed with return code 0x" & Hex(nRC)
     WScript.Quit -1
End If

' Delete those key protectors other than the one we just added.

For Each sKeyProtectorID In aKeyProtectorIDs
     If sKeyProtectorID <> sNewKeyProtectorID Then
          nRC = objVolume.DeleteKeyProtector(sKeyProtectorID)
          If nRC <> 0 Then
               WScript.Echo "FAILURE: DeleteKeyProtector on ID " & sKeyProtectorID & " failed with return code 0x" & Hex(nRC)
               WScript.Quit -1
          Else
               ' no output
               'WScript.Echo "SUCCESS: Key protector with ID " & sKeyProtectorID & " deleted"
          End If
     End If
Next

WScript.Echo "A new recovery password has been added. Old passwords have been removed."

' - some advanced output (hidden)
'WScript.Echo ""
'WScript.Echo "Type ""manage-bde -protectors -get " & strDriveLetter & " -type recoverypassword"" to view existing passwords."

In May I wrote a post about iPhone apps not opening after updating iOS to version 4.3.3. (iPhone apps won’t open after update to 4.3.3, complete post and comments). Now that Apple iOS versions 4.3.4 and 4.3.5 have been published this problem seems to still exist when updating from prior 4.3.3 to 4.3.3. or later.

Yesterday I updated my Apple iPhone to iOS 4.3.3 (no, it is not jailbreaked). After that I noticed that none of the installed apps run any more. Of course the built-in apps ran fine (like Maps, App Store, Calendar, Mail, Messages, Clock, Contacts, iTunes, Calculator, YouTube …). But none of the custom installed apps (I tried Facebook, WhatsApp, Amazon, eBay and at least every other app) – they just start, seem to run shortly (not even a second) and then the phone will return to the desktop, homescreen or whatever you call it.
Rebooting the phone didn’t fix the issue… But then, today, the problem was solved by simply installing all updates available in appstore. I don’t know if it was just enough logging in to appstore or if the updates where really necessary. Since there were only two updates available but dozens of apps that were not running, I think just logging in did the trick.

I know that there are already a couple of articles covering this issue – but since I ran into trouble with exactly this configuration issue I realized that these articles do not cover everything. For example the problems you can run into.

To keep the steps to be taken as simple as possible I explain it regarding a Sharepoint farm with one server called “SHAREPOINT1″ and a DPM server called “DPM1″. The database server is sharepoint2010_test_db but we will not need this one while configuring backup.
Even in larger farms the steps to be taken will remain the same, because you will need to configure just one web frontend server.

First we need to deploy the Data Protection Manager 2010 agent. Just do it like you always did before:

1. Open the DPM 2010 Administrator Console
2. Switch to the management tab
3. On the Agents panel hit “Install…”
4. In the “Protection Agent Installation Wizard” choose “Install agents”
5. Add your Sharepoint web frontend server
6. Hit Next and enter you credentials
7. Click Next and choose to not automatically restart the server
8. On the last page click Install

When the installation is complete log on to your Sharepoint 2010 server and open an elevated command prompt. Now you need a domain account that has the farm administrator right and local administrator right on the server. I used the database access / farm administrator account used when deploying the farm: normanbauer.com\sp2010_test_fa. Of course you will also need its password!

Now type the following in the elevated command prompt (line by line; you may need to change the directory):

cd "%programfiles%\Microsoft Data Protection Manager\DPM\bin"
ConfigureSharepoint.exe -EnableSharePointProtection
ConfigureSharepoint.exe -EnableSPSearchProtection

For each of the ConfigureSharepoint commands you’ll need the account mentioned before. If the account you are using is not a member of the local administrators group on the server you will get an error message like this: “The specified Username and Password combination is Invalid.”

If everything worked correctly both commands will return “Operation completed successfully.” :

The account used for those two commands will be used as the run as credentials of a DPM developed DCOM object called WssCmdletWrapper:

Now you can configure the Sharepoint 2010 protection group in DPM. Again, go to the DPM 2010 Administrator Console and open the “Protection” panel. Create a new or modify an existing protection group. Add the server by choosing the database child item below the Sharepoint node of your server.

After completing the wizard DPM will start to synchronize all data. After that, you can review the progress in the Monitoring > Jobs panel, your databases can be restored using the Recovery panel. Simply navigate to your server > All Protected SharePoint Data > your database name. In the Recoverable Items list you can see your AdminContent DB, Config DB and any other Application databases you created before.

The problem now is, that you cannot navigate your application databases down to single items. DPM needs to create a catalog containing all urls of your Sharepoint sites first. This operation can take up to 24 hours but you can force DPM to do so immediately using PowerShell.

Open the DPM Management Shell from start menu and enter the following commands (please modify them to meet your servers names):

$dpmserver = "DPM1"
$sharepointserver = "SHAREPOINT1"
$pg = Get-ProtectionGroup $dpmserver
$ds = $pg | Get-Datasource
$sp = $ds | Where-Object {"$_.computer" -like "*" + $sharepointserver + "*" -and $_.type -like "*SharePoint*"}
$sp | Start-CreateCatalog

or as a one-liner:

Get-ProtectionGroup DPM1 | Get-Datasource | Where-Object {"$_.computer"; -like "*SHAREPOINT1*"; -and $_.type -like "*SharePoint*"} | Start-CreateCatalog

Now you should be able to navigate down to every single item of your farm:

If this is still not possible your account used to enable Sharepoint protection may not have sufficient rights. I had the problem when I first used a separate backup account that did not have a certain permission – I still do not know which one. I am currently using the farm administrator account, which is not a perfect solution but it works.

There is only one problem I found using that account: You cannot let Sharepoint change its password automatically from the managed accounts. Doing so would result in backup not working properly because the DCOM object mentioned before would need to be configured to use always the current password, which is not possible (as far as I know).