Anything for sysadmins!


VMWare ESX – Virtual Sockets vs Cores per Socket

We recently updated our VMWare ESX servers to ESX 5.0 which introduced some new features. One of the features is that you can choose between Virtual Sockets and Cores per Socket. I was wondering what the performance difference was between the two. I found an interesting discussion on the SpiceWorks community that confirms my thoughts.

When you select Virtual Socket, the core will be presented to the VM's OS as an actual hardware socket. If the application has been optimized for multiple sockets specifically, it will benefit from this. Same goes for selecting multiple Cores. I can't find any information on what it does to the host's performance though, but it has been mentioned that there's no performance change between the two options. The feature was also introduced for software licensing that is socket or cores based.

Microsoft has already announced that many of the new versions will be on a per core license model.


Office 365 – Exchange Online

No doubt you've heard about Office 365. But have you checked it out already? I have recently checked out all the pros and cons and now it's time to make a small summary of the Exchange Online service.

The people in the company that I work for are quite demanding. I'm currently offering 2GB mailboxes and as expected they are not big enough. To make the entire setup future proof, I'll have to increase the capacity of the Exchange environment drastically - OR - introduce Office 365. Of course I needed to know the limitations of Office 365 to make sure that it meets the expectations of the people that are going to use it. Here are the most important limitations of Exchange Online.

  • Public folders are not available.
  • When using ADFS 2.0 for single sign-on users can't change their password from the Outlook web access.
  • The Office 365 Directory Synchronization toll ignores dynamic distribution groups in on-premise AD.
  • Hierarchical address lists, Global Address List segmentation, custom Global Address List views, and multiple address lists per organisation are not available in Exchange Online
  • Import of .pst files using the New-MailboxImportRequest is not available in Exchange Online. Microsoft introduced the PST Capture Tool to accommodate this need.
  • OWA does not support S/MIME.
  • Administrators can't search the Transport Logs, only Delivery Reports
  • SMTP relay has to be done with a valid licensed Exchange Online mailbox using TLS, which is not widely supported by applications.
  • A deleted Exchange Online mailbox is available for 30 days, after which it is not recoverable. To restore a mailbox within the 30 days, a call to Office 365 support has is required.
  • Granular recovery of deleted email is only available through the dumpster.
  • The personal archive quota is non-configurable.
  • Message limit is set to 25MB and can't be changed.
  • Exchange Online has restrictions that prevent users and applications from sending large volumes of email. Each Exchange Online mailbox can send messages to a maximum of 1,500 recipients per day. An email message can be addressed to a maximum of 500 recipients. These limits apply to emails sent within the internal domain as well as to messages delivered to external contacts. However, a distribution group that is stored in the Global Address List counts as one recipient but in a personal distribution group each recipient is counted separately. Keep in mind that this is not unique recipients per day!

This is just a summary of the most important limitations for my organization. Every organization has its own requirements so it's best to review the documents here:

Here is some pricing information:



If you're considering Exchange Online you might want to look into the Office 365 subscriptions especially when you're also using Microsoft Office. The Microsoft Office suite is quite expensive and it might be interesting to take an Office 365 E3 or E4 subscription as that includes Office Professional Plus.

The whole Office 365 package might be a lot to take in, but when you start calculating the prices it's actually quite interesting. Just take into consideration the pricing of the storage, servers, backup, maintenance and upkeep.

The company I work for is now moving to a hybrid setup. The user mailboxes will be in an on-premise Exchange environment with the personal archives in the cloud using Office 365 Online Archiving.

I hope this helps anyone of you to make a decision!


Windows and Outlook search indexer

Search is quite a vital part of Windows 7 and also of Outlook. People always need to find that special email or file and then search doesn't show the most recent items. One of the solutions might be rebuilding the search index. However these problems have the tendency to keep coming back.

A colleague recently pointed me to an alternative approach. It seems that sometimes Windows is having problems keeping up with all the file changes and all the email that pours in. Just like in Windows Vista, the Windows Search indexer is throttled to make sure that your system stays fast and snappy. If you can't find your files and emails you are slowed down even more. The solution is to disable the indexer backoff. This tells the indexer to just keep going and not to worry about any system activity.

The indexer is especially busy when you install Xobni and it starts indexing all your mail. It will touch all your mail forcing the Windows Indexer to re-index everything. With the indexer backoff enabled it will, which is the default, Outlook performance drags for a long time. When the indexer backoff is disabled the searchindexer.exe process will ramp up the CPU cycles and finish much faster allowing you to find your email sooner!

You can also find this setting in the Group Policy editor under Computer Configuration\Windows Settings\Administrative Templates\Windows Components\Search. The setting is called Disable indexer backoff. You'll want to enable this to turn off the indexer backoff.

As a registry key you can use HKLM\Software\Policies\Microsoft\Windows\Windows Search\DisableBackoff with a value of 1.

Or use this oneliner:
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v DisableBackoff /t REG_DWORD /d 1 && net stop "Windows Search" && net start "Windows Search"


Scheduling the Update-SPProfilePhotoStore command

When you setup your SharePoint 2010 User Profile Service to import the user's pictures from Active Directory you will have to run the Update-SPProfilePhotoStore command. Of course you don't want to do this manually every time so you'll need to schedule it on the SharePoint servers in your farm.

The best place to schedule this is on the Central Administration server.

  1. Open the Task Scheduler and click Create Taskā€¦
  2. Enter a name and select an account with enough permissions, in my case the SharePoint Farm account and check Run whether user is logged on or not
  3. Click the Triggers tab and click New. Select a schedule that makes sense to you. I'm sticking to my User Profiles Service Synchronization task schedule.
  4. Click the Actions tab and click New.
    In the Add
    arguments box enter:

    -NonInteractive -NoProfile -Command "& {Add-PSSnapin Microsoft.SharePoint.PowerShell;Update-SPProfilePhotoStore -MySiteHostLocation https://<MysiteHostLocation> -CreateThumbnailsForImportedPhotos 1}"

  5. Click OK and enter the required password

This should start the task every hour and import the Active Directory image right into the User Profile Service which also resizes the images in 3 formats.


PowerPoint Web App encountered an error

The reason behind this error definitely makes it into my top 10 of mistakes! I'm still not sure who's mistake it was, mine or Microsoft's, but I'm assuming that it's mine to be on the safe side.

The error message "PowerPoint Web App encountered an error. Please try again." doesn't really tell you where to look, but it's quite clear that you should start at the web application and check if it's operating properly. My problem was that the PowerPoint Service Application actually was a Word Viewing Service Application. It's easy enough to fix by deleting it and recreating it, however here are some other approaches that you might find useful.

  1. Open the Central Administration
  2. Go to Application Management and select Manage service applications in the Service Applications section
  3. Locate the PowerPoint Service Application
    1. If you have one that is actually a PowerPoint Service Application, remove it an recreate it
    2. If you can't find one, create it.
  4. Go back to the Application Management page and select Configure service application associations
  5. Make sure that the Web application that you're getting the error on has a PowerPoint Service Application Proxy in its Application Proxy Group
  6. Go back to the Application Management page and select Manage services on server
  7. Make sure that there's a PowerPoint Service with the status Started on the server that you're getting the error on

If it's still not fixed, you can comment below and I'll get back to you with the solution as soon as possible!


Setting up SharePoint Claims Based Authentication with Azure

I ran into a couple of good articles on setting up Claims Based Authentication on SharePoint 2010 using Azure. In these pages Mike Hacker runs you through all the settings in the Azure ACS panel and SharePoint 2010.

Part 1:


The only problem I found after following these guides was that the logon token cache expiration window expired way too fast. To solve this you'll have to set the LogonTokenCacheExpirationWindow to 1 minute instead of 10.

  1. Open the SharePoint 2010 Management Shell and run the commands below
  2. $StsC = Get-SPSecurityTokenServiceConfig
  3. $StsC.LogonTokenCacheExpirationWindow = (New-TimeSpan -Minutes 1)
  4. $StsC.Update()
  5. iisreset

Sharepoint Search Service: Access is denied

When I was working on getting the search working on my SharePoint 2010 Farm I ran into 2 problems. Both problems caused the same error:

Access is denied. Verify that either the Default Content Access Account has access to this repository, or add a crawl rule to crawl this repository. If the repository being crawled is a SharePoint repository, verify that the account you are using has "Full Read" permissions on the SharePoint Web Application being crawled.

This is quite a clear error, but there might be a couple of solutions that are less obvious.

Solution 1

Disable loopback check.

  1. Click Start, click Run, type regedit, and then click OK
  2. In Registry Editor, locate and then click the following registry key:
  3. Right-click Lsa, point to New, and then click DWORD Value
  4. Type DisableLoopbackCheck, and then press ENTER
  5. Right-click DisableLoopbackCheck, and then click Modify
  6. In the Value data box, type 1, and then click OK
  7. Quit Registry Editor, and then restart your computer

Solution 2

Specifically when you're crawling the people search (sps). Make sure that the default content access account (crawl account) has access to the User Profile Service

  1. Open the Central Administration and go to Application Management
  2. Click Manage service application in the Service Application section
  3. Select the User Profile Service Application and click on Administrators
  4. Add your content access account and give it the Retrieve People Data for Search Crawlers permission

Hope this helps you!


Cannot enable Network Discovery on Windows Server 2008 R2

I've been working on getting a Symantec Enterprise Vault up for Exchange 2010 archiving. Unfortunately Enterprise Vault isn't the best documented solution out there. While trying to get PST migration working I ran into a problem setting the PST Holding Folder in the site properties.

When you click the Change button no servers are displayed and you're unable to otherwise fill the PST Holding Folder. The culprit is that by default Network Discovery is disabled. When you enable the setting it just switches back to off without a warning. This is because Network Discovery is dependent on several Windows services that are disabled and can't be started.

To solve the issue use the following steps:

  1. Start services.msc
  2. Make sure that the services below are set to startup type manual:
    1. Function Discovery Resource Publication
    2. SSDP Discovery
    3. UPnP Device Host
  3. Go to Network and Sharing Center
  4. Click Change advanced sharing settings
  5. Select Turn on network discovery
  6. Click Save changes

You should now be able to select the server and share that you want for holding the PSTs in the Enterprise Vault Administration Console.


Event 5555 – No User Profile Application available to service the request

I was troubleshooting some problems with the User Profiles Service of SharePoint 2010 and I ran into event ID 5555. The error seems to be reoccurring every day around 6:11 AM.

Failure trying to synch web application e888f5cd-9e4b-4396-a693-2e81ba156b0b, ContentDB 33167fc6-5268-4acc-aac2-f4b2aaf789f7 Exception message was Microsoft.Office.Server.UserProfiles.UserProfileApplicationNotAvailableException: No User Profile Application available to service the request. Contact your farm administrator.
at Microsoft.Office.Server.Administration.UserProfileApplicationProxy.get_ApplicationProperties()
at Microsoft.Office.Server.Administration.UserProfileApplicationProxy.get_PerfmonInstanceHandle()
at Microsoft.Office.Server.UserProfiles.ContentDBSynchronizer..ctor(ELogType logType, SPContentDatabase cdb, SPJobState jobState)
at Microsoft.Office.Server.UserProfiles.WSSProfileSyncJob.Execute()

This error occurs as it's colliding with another job that's running at that time. The fix is quite easy, change the job time so it doesn't collide.

  1. Log into the SharePoint 2010 Central Administration
  2. Click Monitoring
  3. Click Review Job Definitions
  4. Go to the second page click on the Timer Service Recycle
  5. Change the start time and the no later than time to 6:30 PM
  6. Click OK

It's smart to check the event viewer the next day to make sure that the problem has been resolved.


Event 6398 – Microsoft.SharePoint.Administration.SPSqmTimerJobDefinition exception

Log Name: Application
Source: Microsoft-SharePoint Products-SharePoint Foundation
Event ID: 6398
Task Category: Timer
Level: Critical
User: domain.local\spfarm
Computer: server.domain.local
The Execute method of job definition Microsoft.SharePoint.Administration.SPSqmTimerJobDefinition (ID d470d42a-3a3e-46c2-8c54-98a33d11bec7) threw an exception. More information is included below.
Data is Null. This method or property cannot be called on Null values.

This error is obviously caused by the SharePoint Timer Service. This job doesn't run properly because the data is Null. To find the cause of the error you'll first have to find the Time Job that is causing it. In my case it was the CEIP Data Collection (Customer Experience Improvement Program).

  1. Go to the SharePoint Central Administration
  2. Click Monitoring
  3. Then click Review job definitions in the Timer Jobs section
  4. Find the Job that is causing the exception by hovering over the links and checking the GUID in there
  5. Click the job and click Disable

The error should now be gone!