Friday, December 20, 2013

Why Microsoft should not turn off DMA on firewire in lock screen mode

There is a tool out there called Inception, which via a vulnerability in the way FireWire works, will let anyone log in as any user on your machine without a password on Windows (XP,Vista,7,8). You can read more about the vulnerability on the Inception site.

Pro Tip: If you’re not using firewire on your Windows laptop, remove the drivers! If not most machines can hotplug a firewire device and you have lost.

So why shouldn’t Microsoft do as Apple did with OSX for this issue? Because then I wouldn’t have won fame and liquid rewards.

The story goes; Once upon a time Mikael was hired by a consultancy to help out with a project. Next to his desk stood a laptop called HackMe, which invited employees of the company to hack in, retrieve a snippet of text from a file on the desktop, send this to the security manager, and claim fame.

image

imageMikael was told the machine had been left alone for a long time, all employees given up on this hard challenge a long time ago.

Never one to give up an opportunity to shine, let alone fame, glory, wine and champagne, Mikael decided to give it a go. The next day he brought with him an old laptop, a firewire cable, and Ubuntu on a USB stick with Inception. Mikael hooked up the gear, went to brew a cup of coffee, retrieved the password and won it all Smile

image

(Me on the left, security manager on the right – who was pleased someone hacked it, but not that it required an external SharePoint consultant Winking smile)

Thursday, December 19, 2013

Using ExcelREST to display charts (if you don’t have Enterprise license)

If you have the Enterprise version of SharePoint you may use the Excel Access Web Part to display charts on your pages. If you don’t have Enterprise license, but have Office Web Apps installed, you can use Excel REST. This should work both for SharePoint 2010, SharePoint 2013 and SharePoint On-line.

It all started with a customer who had SP Standard license but wanted charts on their pages, and I’m very clear to customers that I am not coding charts in ASP.NET or using JavaScript. They can most of the time create much better looking charts in Excel.

Research led me to creating a web part, much similar to the Excel Access Web Part, but also a bit improved. My next thought was to create this as an SharePoint App, but due to several factors of the App model, that project is now on ice and cannot be completed due to the lack of API’s.

Long story short, I’ve taken the code I have and made it into a sandboxed solution located at https://spexcelchart.codeplex.com/. It’s tested with 2013 on-premises and SPO, but should be easy to compile it for 2010 if you want.

Enjoy!

Wednesday, December 11, 2013

Issues with connecting to servers on the VPN network with Cisco AnyConnect v3.1 and Windows 8

I have no problem connecting to the VPN host with the newer versions of AnyConnect Secure Mobility Client, but traffic refused to route over the established VPN.

The solution was simple, yet hard to find.

Click the cogwheel to open settings.

image

Under preferences, uncheck “Block connections to untrusted servers”.

image

With this change I was able to access servers on the VPN network.

Duplicate Trimming in SharePoint 2013 is causing confusion

[Update - Verified with July 2014 CU]
You can now turn off security trimming via the Query Builder on your search web parts.

  • Edit web part
  • Click "Change query"
  • Click the "Settings" tab
  • Toggle "Don't remove duplicates'


[Original Post]
Duplicate trimming as a function in search is a good idea. The intent is to reduce noise by discarding duplicate or equal items in a search result. The issue with SharePoint 2013 is that trimming is implemented too coarse and a lot of good results are hidden for the user. Also, turning off duplicate trimming is not an edit web part task as the option is hidden in a JSON property on the web part.

My recommendation at the moment is to turn off duplicate trimming, and if users complain about real duplicates being show, tell them to clean up the data. Most of the time you really don’t want duplicates of items/documents stored anyways.

I’ll dig into and explain more about how duplicate trimming is performed in SharePoint 2013 in a later post.

If you are on-premises you may use the same procedure as I used in Make sure your People Search is fuzzified, where using PowerShell, you modify the internal JSON property. Using the same script change line 13 to read:

$dataProvider.TrimDuplicates = false

Being inspired by Chris O’Brian’s post on using CSOM with PowerShell I have modified my code to use PowerShell  and CSOM. By changing the credentials line, you may use the code against both SharePoint on-premises and SharePoint on-line.

# Author: Mikael Svenson - @mikaelsvenson
# Company: Puzzlepart
# Date: December, 2013
# Reference: http://www.sharepointnutsandbolts.com/2013/12/Using-CSOM-in-PowerShell-scripts-with-Office365.html

# replace these details (also consider using Get-Credential to enter password securely as script runs).. 
$username = "username@something.onmicrosoft.com" 
$password = "password" 
$url = "https://company.sharepoint.com/search"
# the path to the SharePoint Client dlls' 
$dllPath = "D:\SP2013-dll\ISAPI\"
 
$securePassword = ConvertTo-SecureString $Password -AsPlainText -Force 
 
Add-Type -Path "$($dllPath)Microsoft.SharePoint.Client.dll" 
Add-Type -Path "$($dllPath)Microsoft.SharePoint.Client.Runtime.dll" 
Add-Type -Path "$($dllPath)Microsoft.SharePoint.Client.Publishing.dll"
Add-Type -Path "$($dllPath)Microsoft.SharePoint.Client.Taxonomy.dll" 
 
# connect/authenticate to SharePoint Online and get ClientContext object.. 
$clientContext = New-Object Microsoft.SharePoint.Client.ClientContext($url) 

#$credentials = New-Object System.Net.NetworkCredential($username, $securePassword) 
$credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($username, $securePassword) 
$clientContext.Credentials = $credentials 
 
if (!$clientContext.ServerObjectIsNull.Value) 
{ 
    Write-Host "Connected to SharePoint site: '$Url'" -ForegroundColor Green 
} 

$web = $clientContext.Web
$clientContext.Load($web.AllProperties)
$clientContext.ExecuteQuery()
# get guid of the default Pages library to cater for localization
$pagesGuid = $web.AllProperties.FieldValues["__PagesListId"]
$clientContext.ExecuteQuery()
$clientContext.Load($web.Lists)
$list = $web.Lists.GetById($pagesGuid)
$clientContext.Load($list)
$clientContext.Load($list.RootFolder)
$clientContext.ExecuteQuery()
# get localized server relative url
$url = $list.RootFolder.ServerRelativeUrl

$page = $web.GetFileByServerRelativeUrl($url +"/results.aspx");

try{
$page.CheckOut()
$clientContext.ExecuteQuery()
Write-Host "Checking out page" -ForegroundColor Green 
}
catch{ Write-Host "Page already checked out" -ForegroundColor Yellow}
$wpm = $page.GetLimitedWebPartManager([Microsoft.SharePoint.Client.WebParts.PersonalizationScope]::Shared) 
$clientContext.Load($wpm.WebParts)
$clientContext.ExecuteQuery()
for ($i=0; $i -lt $wpm.WebParts.Count; $i++)
{
    $item = $wpm.WebParts.Item($i)
    $clientContext.Load($item.WebPart)
    $clientContext.ExecuteQuery()
    if( $item.WebPart.Title -eq "Search Results" ) {
        Write-Host "Found result web part" -ForegroundColor Green 
        break;
    }
}

$clientContext.Load($item.WebPart.Properties)
$clientContext.ExecuteQuery()
Write-Host "Turning off trimming of duplicates" -ForegroundColor Green
# Read JSON properties and convert to an object
$dataProvider = ConvertFrom-Json $item.WebPart.Properties["DataProviderJSON"]
$dataProvider.TrimDuplicates = $false
# Convert the object back to a JSON string
$item.WebPart.Properties["DataProviderJSON"] = ConvertTo-Json $dataProvider -Compress
$item.SaveWebPartChanges()
$clientContext.ExecuteQuery()
Write-Host "Checking in and publishing page" -ForegroundColor Green 
$page.CheckIn("Modified Search Core Results web part", [Microsoft.SharePoint.Client.CheckinType]::MajorCheckIn)
$page.Publish("Modified Search Core Results web part")
$clientContext.ExecuteQuery()

Friday, December 6, 2013

Stockholm, Las Vegas and Barcelona–Here I come!

I’m not one to follow the full SharePoint speaker circuit, but 2014 is looking to be a fun, exciting and hectic year!

imageFirst off, I’ll be speaking at the very first SharePoint Saturday in Stockholm together with legends like Wictor Wilén and Christian Buckley. My session is titled Rock your Office 365 Search with 13 easy tune-ups and my aim is to share some tips and tricks which will improve search beyond what’s there out of the box. This will be a trial of the session before the European SharePoint Conference in May.

imageMy next step is SharePoint Conference 2014 in Las Vegas March 3-6. I’m really proud to be invited back, and this will be the second time I speak at SPC. I’ll be co-presenting Managing Search relevance in SharePoint 2013 with David Hollembaek who works with MSC in Münich, Germany, and we’re aiming for a crash course in relevance tuning and showing what’s possible.

The last stop is European SharePoint Conference in Barcelona 5-8th May. Here I will re-visit my session from SPS Stockholm, with whatever tweaks I’ve learned on the way.

Hope to see a lot of old and new faces at these events!

Tuesday, December 3, 2013

How to fix search schema import with query rules which use dictionary lookups

Note: This post propose a solution which will render your farm in an unsupported state, and should only be done under Microsoft Support approved guidance. A bug for the issue has been filed, and I expect a fix will be provided with a CU later on. Another fix is to re-create your Service Application and get a fresh database.

I’m doing a search project where we have a bunch of query rules defined. Some are promoted results and some change what is displayed and the sort order. For some of the rules we use trigger terms from a term store, which works just fine.

The solution is created on a dev farm and then the search configuration from the search site is exported and moved to the production farm. So far so good.

Importing the search configuration in production works just fine, but when you try to access the query rule page (http://intranet/sites/search/_layouts/15/listqueryrules.aspx?level=sitecol) you get the following error:

image