Fix “Access Denied” on Registry and Filesystem

Fix “Access Denied” on Registry and Filesystem

Today I installed the May CU on a SharePoint 2013 farm hosted in Azure. After the Installation was done (with a PowerShell script that disables some services to speed up the process), there were Exceptions opening the User Profile Service (UPS) settings page.

So I investigated the logs and found many entries about “Access Denied”. Some directly pointed to the registry hive “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office Server\15.0” with the message Requested registry access is not allowed. or Getting Error Message for Exception System.Security.SecurityException: Requested registry access is not allowed., others about access to directories Access to the path ‘C:\Program Files\Microsoft Office Servers\15.0\Data\Office Server\CanonicalResources\ProjectionModels\EN_EN.mdl’ is denied.

Well, the short answer to fix the problem is: You need to execute the SharePoint Configuration Wizard on each server of the farm after installing an update.

Need users in your dev environment?

Often, you’ll need some users with data like picture and manager in your new development environment. Since you usually recycle your dev AD, this doesn’t happen frequently. But if you have to set up a new domain, you’ll want testusers with data.

I don’t want to search again, because I found a great resource for creating users here:

Have fun with PowerShell

Create the default groups via PowerShell

If your site is missing the three default groups “Visitors”, “Members” and “Owners”, you can create them easily with PowerShell or the Object Model.


Update to the SharePoint Solution Deployer

A new version is out. If brings some great new extensions (two of them are from me 🙂 )

v5.0.4.6440 (2015-04-04)

  • New: All extensions added: Blocked file extensions, content type hub, custom crawl connector, features, logging configuration, managed metadata, re-ghost, search schema, secure store, site structure, CSOM extensions for files and 2013 workflows
  • Updated: SharePointVersions.xml
  • Updated: Typos in comments fixed and some code clean-up
  • First release based on GitHub repository

Grab your version from

Speaker auf der ShareConf

Gute Nachrichten. Beide meine Sessions wurden angenommen. Ich werde also zwei Sessions auf der ShareConf halten.

Ab in die Cloud – Migrationserfahrungen

Wie migriere ich Dienste von einer On-Premise Installation in die Cloud. Wohin mit Mail, SharePoint Blogs, Team Foundation Server und Backups? Warum überhaupt in „die Cloud“ und was ist dabei zu beachten?

SharePoint-Performance aus der Sicht eines Entwicklers

Sie sind Entwickler, arbeiten mit SharePoint und möchten mehr über die Arbeitsweise von SharePoint wissen? Wie kann die Gesamtperformance verbessert werden? In der Session gehen wir auf die Themen Suche, Server OM, Clientscript, sowie Aggregation uvm ein.

Redirect browser to a sub directory with WordPress

My blog is running with WordPress in the sub directory blog of my domain. If you, as a visitor, forget to enter /blog, this little index.php file in my root directory will redirect your browser to the sub directory.

You’ll need a sitefunction.php file with this content as well. The status code can be adjusted to your needs.

Unfortunately I don’t remember where I got this idea from 🙁

The SharePoint Solution Deployer

Deploying Solutions can be a …. (fill in as you wish).

The SharePoint Solution Deployer offers a great opportunity to writing your own scripts. The existing functionality should match your needs to deploy SharePoint Solutions. If not, the “framework” can be extended with custom Extensions or simple PowerShell code.

I’ve written two Extensions, which let you enable and disable features upon deployments and reset files to their site definitions (aka ReGhost).

To be able to have different URLs for your dev-machine, staging and production farms, simply create additional XML-files and configure URLs there. The XML-file needs to be named with the hostname of the server, where you want start the deployment.


The example shows two files within the Environment subfolder.

Default XML Configuration file (Default.xml)


The script will look if there is any XML file with the name “hostname.xml”

That’s it.

You can start the deployment with e.g. “Redeploy.bat” from the Rootfolder, no matter which farm you are on.

Use a XML-file for configuration in PowerShell scripts

Time for some PowerShell!

Almost every PowerShell script need some configuration parameters. With this post I want to show one way, there are others ;-), to parse a config file in XML format and use the values later.

The solution I’m going to show to you contains three files. A PowerShell script, a XML configuration file and a helper PowerShell file that contains a function to parse the config file.

PowerShell XML config files

The config file contains

The helper function to parse the configuration file looks like this

And finally the main script, that will reference the helper function, call it and use the values.

Summary: Store configuration settings in a XML file and use the values in PowerShell script.

Getting the PageTitle

Getting the PageTitle of a page should be just a property away would you think. I would call Page.Title to get the title of the current page.

Unfortunately Page.Title contains “\r\n           ” and the title of the page is in a new line, like this:

The property will only return the first row, which is not very helpful 🙁

So what can we do? Since the title is set through a control within a ContentPlacehoder, my way was to get the control and take the value from it. And… it worked. An extension method will traverse all controls, to find the desired one.

Page.Title, I got you 😉

Treffen der SharePoint Usergroup OWL am 9.12.14

Am 9.12. ist es wieder soweit. Derzeit sind zwei Vorträge gesetzt:

  • SharePoint Hosting – Ist die Cloud schon geeignet dafür? von Daniel Lindemann (ITaCS GmbH)
  • Das Spannungsfeld Development-Operation im Umfeld von SharePoint Hosting von Andre Tomasiewicz (arvato Systems)

Wir treffen uns um 18h. Die Adresse lautet:

An der Autobahn 200
33333 Gütersloh,8.4429219/@51.8834721,8.4421559,17z?hl=de

Da der Raum sich auf dem Firmengelände befindet, ist eine namentliche Voranmeldung erforderlich.

Updating the title within a SPItemEventReceiver with AfterProperties

Recently I had a problem setting the title field of a Page within the pages library. My requirement was to set the title with the value from the PageTitle field of the current item.

An ItemEventReceiver, which is executed synchronously to prevent save conflict exception or problems with published items, was supposed to do exactly that. But when I set the title property of the item via AfterProperties, the value did not get stored. I tried other fields, and they got written to the item just fine. After some trial-and-error and consulting the MSDN I found a solution.

The ItemEventReceiver needs to update the vti_title field instead. This field exists on a SPFile. And since a Page is a SPFile, you’ll need to modify that field instead.

With this code, the title of my page was changed as supposed to.

.NET goes OpenSource!

Das sind doch mal hervorragende Neuigkeiten!

Microsoft hat im Rahmen seiner Online-Konferenz connect(); am Mittwoch bekannt gegeben, dass das komplette .NET Framework zukünftig als Open-Source-Software unter der MIT-Lizenz stehen wird.


Das freut mich als Entwickler natürlich sehr. Dann können meine PI’s bald noch mehr durch Mono 🙂

Bisher wird per USB/RS232 der Stromzähler über die Infrarot-Schnittstelle ausgelesen 😉

Why I prefer WebApplication deployments over GAC deployments

This article is written with scope on SharePoint 2013. With SP 2013 the default TrustLevel in the web.config is set to “FullTrust”. On previous version the value is “WSS_Minimal”.

When you develop Farm-Solutions for SharePoint, you can deploy assemblies to the Global Assembly Cache (GAC) or configure the solution for a “bin-Deployment”.

The bin-way puts assemblies into the bin folder of the WebApplication, where the solution is deployed to.

You can switch the target of the assemblies by modifying the properties of a SharePoint project. The default value is GlobalAssemblyCache.

What does the changed property do to your solution?

Changing the value to WebApplication will deploy the assembly to the bin-directory of your IIS directory, as mentioned earlier. Because of the narrowed scope of the assembly, only the associated application pools needs to be recycled.

The classes you implemented, will be available only to your Website, which is fine in most cases. Assemblies within the GAC are available for all processes on the server.

In the past (prior SharePoint 2013) assemblies did not have FullControl permissions if they were deployed to the bin-directory. Instead Partial Trust was granted with the “WSS_Minimal” policy. A custom Code Access Security (CAS) had to be configured.

An advantage was the least privileges approach, a disadvantage the overhead of creating this CAS.

This is a list with advantages and disadvantages for bin-deployments. Pick your items and weight them the way you prefer.

My result was to deploy to bin, if possible. The faster development and deployment together with minimal impact on productive servers was worth it.


  • Faster Deployment – With a GAC Deployment all application pools (incl. CentralAdministration) will be recycled
  • Less impact on other components


  • TimerJobs need assemblies within the GAC
  • Using Feature Receivers, you’ll need to recycle the CentralAdministration application pool as well. Otherwise activating a Feature through the UI, could load the old assembly
  • Only one version of an assembly

What do you think? Why do you deploy to bin or to GAC?

Custom field and UpdateFieldValueInItem()

Recently I was developing a custom field. To store modified values, the UpdateFieldValueInItem method has to be overwritten.

In a normal way of clicking the submit/save button, the method is called and I can adjust the value for the field within the current item. The changes are submitted to the database later.

But what if you want to modify items outside of the current item? Sure, you can do so would you think. But you’ll need to consider the scenario that the user does not click submit/save. The method is called on every postback. The PeoplePicker will cause a postback, when it validates its values. There might be other controls as well, which behave this way.

My problem was that I could not modify items, other then the current, without checking if submit/save was clicked. I ended up checking the form for the control, that triggered the postback. If this value is “SaveItem”, I am good.

So if you need to know if the item is currently being saved or if you are within a regular postback, look at your form 🙂

Creating a lookup field via elements.xml

This is another post to help me remember. And as a reference for all of you, who cannot remember how to create a SPFieldLookup via XML.

When you provision a SPField via features, do not forget to add Overwrite=”TRUE”! Otherwise you’ll get an exception like this:

<nativehr>0x8107058a</nativehr><nativestack></nativestack>Fehler beim Binden des Inhaltstyps ‘0x010200C7A18EB120BB4A00892E9E1EE9481C9B0067E475B6FDD54048B347370871443CAD’ an die Liste ‘/sites/rhtest/Lists/LookupList’ für ‘http://rhdevsp2013/sites/rhtest’. Ausnahme ‘<nativehr>0x80070057</nativehr><nativestack></nativestack>’.

Unfortunately the MSDN is not very specific about the Overwrite property:

Optional Boolean. Specifies whether the field definition for a new field that is activated on a site (SPWeb) overwrites the field definition for an existing field, in cases where the new field has the same field ID as the existing field. True if the new field overwrites the existing field with the same field ID; otherwise false. The default is false.

Note, however, that if the existing field is read-only, or if it is sealed, then it will not be overwritten by the field that is being activated, even if this attribute is set to true

Hopefully I’ll think about this the next time a lookup field needs to be provisioned…

What is Dependency Injection?

This post will help you understand what DI (Dependency Injection) is, and how easy you can adopt the design patterns to create flexible and testable code. For a definition take a look at this Wikipedia article.

From the three types of Dependency Injection

  • constructor injection
  • setter injection
  • interface injection

this post covers the interface type.

The example will deal with a SharePoint list. This list can either be the posts list of a blog, or the comments list. The distinction is necessary, as both lists have different fields, which might be used for querying data later.

It produces two lines on the console, with different GUIDs as list titles.

What is the problem with this code? Why are we talking about Dependency Injection?

Look at the code above again, and consider this new requirement to your code:

I need the categories list as well..

To fulfill this new requirement, you’ll need to extend the enum and the code within the switch statement. Wouldn’t it be better to just change the Main method instead?

This is an example of the solution with an interface and implementations for each list type:

As you can see, the main method now uses three lists. You could even use reflection to get all classes, that implement the interface “ISharePointList” to have even more dynamic within your code.

Of course each list needs its own implementation. But you would need to implement different logic anyway.

Dependency Injection is to pass objects, no matter what exactly they are. They are resolved to their actual type later. After they have been injected into something. In this example the “foreach (ISharePointList list in lists){}” will resolve the actual type.

By implementing the interface you can pass completely different objects, if you need them e.g. for testing purpose. Testing SharePoint is not easy, and it might help to pass a dummy which returns something if the basic logic is working.

Migrate SharePoint Blog to WordPress

As promised here, this is a follow-up post with the tool I developed for the SharePoint to WordPress migration.

First, a screenshot:

Migrate SharePoint ot WordPress Screenshot

What is it, that we have to cover with a migration? Copying the posts is not enough. So I came up with this features:


  • Copy posts
  • Copy comments
  • Copy resources like images and downloads
  • Create needed tags and categories
  • Modify links to local resource
  • deal with https, if links are absolute on the source blog and mixed with http
  • Using web services to connect to source and destination
  • URL rewriting (covered by a WordPress Plugin)
  • Delete all content from the destination blog (for migration testing)
  • Replace strings (with Regex)
  • a nice (WPF) GUI


Originally I’ve build a plain console application. Then I thought that a console application would possibly scare some users. And after some time I wanted to do some WPF again. So I created a WPF application, to wrap all the functionality into a GUI. This way it will be easier to use for the folks out there, who do not like black console applications 😉 Since I am using web services to connect to both blogging platforms, the tool can be executed on any client computer. No access to a server session is required.

To start, you obviously need URLs to the source and destination blog, as well as credentials to the destination blog. Since most blogs are anonymous, you’ll probably not need to fill in the source credentials. The migration starts by hitting the “Migrate Content” button. That should be it for using the tool. It will remember the last entries for the URLs and login names, in case you need to perform multiple runs, which was the case for me. The passwords will need to be reentered for security reasons.

It’ll show the progress of all steps in a progress bar and text at the bottom of the application and tell you when it’s finished. Existing categories are mapped to new categories and used as tag, too. I’ve tested the tool with three blogs, one being my own with installed CKS:EBE. There really isn’t much more to configure, to have your blog being migrated to WordPress with this tool.

Some data needs to be modified, before the blog can go live on the new destination. In case of URLs this is necessary to generate valid links within the destination. Fortunately there is a plugin available to do some fancy rewriting. Since WordPress is showing its own smilies, I wanted to get rid of some strings within the posts, that reference smilies as images and replace them with, well, smilies. A txt file within the same directory with the name “replacestrings.txt” will take lines with strings for replacement.

The sample will replace all my old smilie images with plain string before posts are created on the destination blog. The images that were used as smilies in the source, won’t be copied to the destination, because they are not referenced anymore. Otherwise I got many images with smilies. I like smilies 😀

You can stop reading here, if you are a user and would like to migrate your blog and download the tool. As a developer you might be interested on how the tool works…

Technical stuff

The tool gives me a good opportunity to explain some programming tasks, I used for the migration tool. I will explain some of them.

SharePoint offers web services (_vti_bin/lists.asmx), WordPress an XML RPC interface (I used CookComputing.XmlRpc to connect). Those two are used to connect to the blogs. Since the SharePoint web services need Displaynames to connect to the posts and comments list, I first queried them by list template.

Querying SharePoint for List Titles

Use the SharePoint lists web service, to get all lists of a site and search for specific lists like the posts and comments. The lists are identified by the used template. That way I do not have a localization issue.

With the list names retrieved, I can query the lists for data. The web services use display names to identify lists.

Get SharePoint items with paging via web service

The method to actually query the web service for listitems. Properties of the class SharePointListConfig for the list title, ListItemCollectionPosition and Pagesize are simple string properties. The fields are specified, to get only the data we need for the migration.

After all data has been read, local resources parsed and links replaced we move on to the destination side.

WordPress specific details

As stated above, I’ve use an existing library. There are plenty of samples out there, if you look for them. I’ve implemented the following methods.

I would like to tell you some issues I had, so you don’t get the same problems I had programming with the WordPress XML RPC interface.

Post deletion

Just call the wp.deletePost method? Almost. You’ll have to call it twice to first move it to the recycle bin and then again to have posts being deleted permanently.

Media deletion

There is no method to delete items from the media gallery 🙁 Fortunately items within the gallery behave like pages. So if you implement an call the deprecated wp.deletePage interface, you can achieve what you want (remember to delete twice).

Categories and Tags

Both can be managed with the interface for terms the string for the parameter “taxonomy” will decide what to do. It can be “category” or “post_tag”.

Other than that, the WordPress API is pretty straight-forward and easy to use.


The download contains an executable, which is the tool itself, and a folder with the complete sourcecode.

Migrate SharePoint To WordPress

ChangePassword Webpart – new version available

The ChangePassword WebPart on CodePlex has been downloaded over 20.000 times. The new version has a couple of new features:

  • Easy Installation
  • SharePoint 2010 and 2013 (Foundation and Server)
  • Password strength indicator
  • Plugin support to extend functionality by custom code1
  • Warning if an unsecured connection is used
  • Copyright hint can be removed1
  • Auditing of password changes (and attempts)
  • Logging into the SharePoint logs

This is how it might look on your SharePoint:
ITaCS Password Changer
Documentation and downloads are available here.

A new home for this blog

After many years of SharePoint as blogging platform, I decided to move to WordPress. There are several reasons for the decision.

One would be that I want to get rid of my server at home.

Another is SharePoint and its blogging capabilities. As you probably know, I’ve worked on the CKS:EBE (Community Kit for SharePoint – Enhanced Blog Edition) blogging extension for SharePoint blogs some years ago. It is awesome to see that the default blog can be extended to such an extend. I’ve even made it compatible with SharePoint 2013. WordPress offers far more functionality with so many Plugins and Themes available.

And I wanted to try something different 😉

The migration process needed to respect all posts, comments, attachments/linked files and links. There was no tool that matches the requirements. So I developed my own. I will post other articles and the sourcecode later. Here is a small teaser of the WPF GUI, I put over the former console application.

Migrate SharePoint Blog to WordPress

Since the URL changed from to, I had to think about redirection. Fortunately I am not the first person with the problem. The WordPress Plugin “Redirection” from John Godley does all that for me. The Regex “/blog/archive/(\d*)/(\d*)/(\d*)/(.*).aspx” matches old URLs and will redirect to “/blog/$1/$2/$3/$4”.

A couple of other plugins provide similar functionality.

So bye bye SharePoint for blogging and welcome WordPress. Btw: what do you think about the theme? It’s red now 🙂

TFS Migration from On-Premise to Visual Studio Online

Having a server at home that hosts a TFS is nice. But really necessary? Not really. So I decided to move all my sources to Visual Studio Online.

Visual Studio Online Basic is free for the first 5 users. That’s enough for me.

The migration process is straight forward easy with a tool that is installed on my computer. The process is described here. Another post can be found here.


During the pre migration steps a user mapping is performed, connections verified and a few other things. The process itself takes some time. I have 32MB in 4680 files and it took about half an hour. Another service on my server that isn’t needed anymore 🙂

Conclusion: Migration from On-Premise TFS (in my case 2012) to Visual Studio Online is very easy.

Using TLS with SmtpClient

A rather small change to your code can increase security by sending E-Mails via an encrypted connection.

Recently I stumbled across code, that send E-Mails with the System.Net.Mail.SmtpClient class. That piece of code did not try to communicated encrypted with the receiving SMTP server. So I changed that, to enable a TLS connection.

The change in my code was to enable TLS be default, and turn it off in case the receiving SMTP server does not support it. Everything else is untouched, which results in a small change in code to increase security.

I am catching the SmtpException that is thrown if TLS is unsupported. You can read more about the property and what it changes here:

Most of the time “old” code is worth a review with current knowledge. But I am sure you know that already 🙂


TLS with SharePoint